1 /* 2 * CXL Flash Device Driver 3 * 4 * Written by: Manoj N. Kumar <manoj@linux.vnet.ibm.com>, IBM Corporation 5 * Matthew R. Ochs <mrochs@linux.vnet.ibm.com>, IBM Corporation 6 * 7 * Copyright (C) 2015 IBM Corporation 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * as published by the Free Software Foundation; either version 12 * 2 of the License, or (at your option) any later version. 13 */ 14 15 #include <linux/delay.h> 16 #include <linux/file.h> 17 #include <linux/syscalls.h> 18 #include <misc/cxl.h> 19 #include <asm/unaligned.h> 20 21 #include <scsi/scsi.h> 22 #include <scsi/scsi_host.h> 23 #include <scsi/scsi_cmnd.h> 24 #include <scsi/scsi_eh.h> 25 #include <uapi/scsi/cxlflash_ioctl.h> 26 27 #include "sislite.h" 28 #include "common.h" 29 #include "vlun.h" 30 #include "superpipe.h" 31 32 struct cxlflash_global global; 33 34 /** 35 * marshal_rele_to_resize() - translate release to resize structure 36 * @rele: Source structure from which to translate/copy. 37 * @resize: Destination structure for the translate/copy. 38 */ 39 static void marshal_rele_to_resize(struct dk_cxlflash_release *release, 40 struct dk_cxlflash_resize *resize) 41 { 42 resize->hdr = release->hdr; 43 resize->context_id = release->context_id; 44 resize->rsrc_handle = release->rsrc_handle; 45 } 46 47 /** 48 * marshal_det_to_rele() - translate detach to release structure 49 * @detach: Destination structure for the translate/copy. 50 * @rele: Source structure from which to translate/copy. 51 */ 52 static void marshal_det_to_rele(struct dk_cxlflash_detach *detach, 53 struct dk_cxlflash_release *release) 54 { 55 release->hdr = detach->hdr; 56 release->context_id = detach->context_id; 57 } 58 59 /** 60 * marshal_udir_to_rele() - translate udirect to release structure 61 * @udirect: Source structure from which to translate/copy. 62 * @release: Destination structure for the translate/copy. 63 */ 64 static void marshal_udir_to_rele(struct dk_cxlflash_udirect *udirect, 65 struct dk_cxlflash_release *release) 66 { 67 release->hdr = udirect->hdr; 68 release->context_id = udirect->context_id; 69 release->rsrc_handle = udirect->rsrc_handle; 70 } 71 72 /** 73 * cxlflash_free_errpage() - frees resources associated with global error page 74 */ 75 void cxlflash_free_errpage(void) 76 { 77 78 mutex_lock(&global.mutex); 79 if (global.err_page) { 80 __free_page(global.err_page); 81 global.err_page = NULL; 82 } 83 mutex_unlock(&global.mutex); 84 } 85 86 /** 87 * cxlflash_stop_term_user_contexts() - stops/terminates known user contexts 88 * @cfg: Internal structure associated with the host. 89 * 90 * When the host needs to go down, all users must be quiesced and their 91 * memory freed. This is accomplished by putting the contexts in error 92 * state which will notify the user and let them 'drive' the tear down. 93 * Meanwhile, this routine camps until all user contexts have been removed. 94 * 95 * Note that the main loop in this routine will always execute at least once 96 * to flush the reset_waitq. 97 */ 98 void cxlflash_stop_term_user_contexts(struct cxlflash_cfg *cfg) 99 { 100 struct device *dev = &cfg->dev->dev; 101 int i, found = true; 102 103 cxlflash_mark_contexts_error(cfg); 104 105 while (true) { 106 for (i = 0; i < MAX_CONTEXT; i++) 107 if (cfg->ctx_tbl[i]) { 108 found = true; 109 break; 110 } 111 112 if (!found && list_empty(&cfg->ctx_err_recovery)) 113 return; 114 115 dev_dbg(dev, "%s: Wait for user contexts to quiesce...\n", 116 __func__); 117 wake_up_all(&cfg->reset_waitq); 118 ssleep(1); 119 found = false; 120 } 121 } 122 123 /** 124 * find_error_context() - locates a context by cookie on the error recovery list 125 * @cfg: Internal structure associated with the host. 126 * @rctxid: Desired context by id. 127 * @file: Desired context by file. 128 * 129 * Return: Found context on success, NULL on failure 130 */ 131 static struct ctx_info *find_error_context(struct cxlflash_cfg *cfg, u64 rctxid, 132 struct file *file) 133 { 134 struct ctx_info *ctxi; 135 136 list_for_each_entry(ctxi, &cfg->ctx_err_recovery, list) 137 if ((ctxi->ctxid == rctxid) || (ctxi->file == file)) 138 return ctxi; 139 140 return NULL; 141 } 142 143 /** 144 * get_context() - obtains a validated and locked context reference 145 * @cfg: Internal structure associated with the host. 146 * @rctxid: Desired context (raw, un-decoded format). 147 * @arg: LUN information or file associated with request. 148 * @ctx_ctrl: Control information to 'steer' desired lookup. 149 * 150 * NOTE: despite the name pid, in linux, current->pid actually refers 151 * to the lightweight process id (tid) and can change if the process is 152 * multi threaded. The tgid remains constant for the process and only changes 153 * when the process of fork. For all intents and purposes, think of tgid 154 * as a pid in the traditional sense. 155 * 156 * Return: Validated context on success, NULL on failure 157 */ 158 struct ctx_info *get_context(struct cxlflash_cfg *cfg, u64 rctxid, 159 void *arg, enum ctx_ctrl ctx_ctrl) 160 { 161 struct device *dev = &cfg->dev->dev; 162 struct ctx_info *ctxi = NULL; 163 struct lun_access *lun_access = NULL; 164 struct file *file = NULL; 165 struct llun_info *lli = arg; 166 u64 ctxid = DECODE_CTXID(rctxid); 167 int rc; 168 pid_t pid = task_tgid_nr(current), ctxpid = 0; 169 170 if (ctx_ctrl & CTX_CTRL_FILE) { 171 lli = NULL; 172 file = (struct file *)arg; 173 } 174 175 if (ctx_ctrl & CTX_CTRL_CLONE) 176 pid = task_ppid_nr(current); 177 178 if (likely(ctxid < MAX_CONTEXT)) { 179 while (true) { 180 mutex_lock(&cfg->ctx_tbl_list_mutex); 181 ctxi = cfg->ctx_tbl[ctxid]; 182 if (ctxi) 183 if ((file && (ctxi->file != file)) || 184 (!file && (ctxi->ctxid != rctxid))) 185 ctxi = NULL; 186 187 if ((ctx_ctrl & CTX_CTRL_ERR) || 188 (!ctxi && (ctx_ctrl & CTX_CTRL_ERR_FALLBACK))) 189 ctxi = find_error_context(cfg, rctxid, file); 190 if (!ctxi) { 191 mutex_unlock(&cfg->ctx_tbl_list_mutex); 192 goto out; 193 } 194 195 /* 196 * Need to acquire ownership of the context while still 197 * under the table/list lock to serialize with a remove 198 * thread. Use the 'try' to avoid stalling the 199 * table/list lock for a single context. 200 * 201 * Note that the lock order is: 202 * 203 * cfg->ctx_tbl_list_mutex -> ctxi->mutex 204 * 205 * Therefore release ctx_tbl_list_mutex before retrying. 206 */ 207 rc = mutex_trylock(&ctxi->mutex); 208 mutex_unlock(&cfg->ctx_tbl_list_mutex); 209 if (rc) 210 break; /* got the context's lock! */ 211 } 212 213 if (ctxi->unavail) 214 goto denied; 215 216 ctxpid = ctxi->pid; 217 if (likely(!(ctx_ctrl & CTX_CTRL_NOPID))) 218 if (pid != ctxpid) 219 goto denied; 220 221 if (lli) { 222 list_for_each_entry(lun_access, &ctxi->luns, list) 223 if (lun_access->lli == lli) 224 goto out; 225 goto denied; 226 } 227 } 228 229 out: 230 dev_dbg(dev, "%s: rctxid=%016llx ctxinfo=%p ctxpid=%u pid=%u " 231 "ctx_ctrl=%u\n", __func__, rctxid, ctxi, ctxpid, pid, 232 ctx_ctrl); 233 234 return ctxi; 235 236 denied: 237 mutex_unlock(&ctxi->mutex); 238 ctxi = NULL; 239 goto out; 240 } 241 242 /** 243 * put_context() - release a context that was retrieved from get_context() 244 * @ctxi: Context to release. 245 * 246 * For now, releasing the context equates to unlocking it's mutex. 247 */ 248 void put_context(struct ctx_info *ctxi) 249 { 250 mutex_unlock(&ctxi->mutex); 251 } 252 253 /** 254 * afu_attach() - attach a context to the AFU 255 * @cfg: Internal structure associated with the host. 256 * @ctxi: Context to attach. 257 * 258 * Upon setting the context capabilities, they must be confirmed with 259 * a read back operation as the context might have been closed since 260 * the mailbox was unlocked. When this occurs, registration is failed. 261 * 262 * Return: 0 on success, -errno on failure 263 */ 264 static int afu_attach(struct cxlflash_cfg *cfg, struct ctx_info *ctxi) 265 { 266 struct device *dev = &cfg->dev->dev; 267 struct afu *afu = cfg->afu; 268 struct sisl_ctrl_map __iomem *ctrl_map = ctxi->ctrl_map; 269 int rc = 0; 270 struct hwq *hwq = get_hwq(afu, PRIMARY_HWQ); 271 u64 val; 272 273 /* Unlock cap and restrict user to read/write cmds in translated mode */ 274 readq_be(&ctrl_map->mbox_r); 275 val = (SISL_CTX_CAP_READ_CMD | SISL_CTX_CAP_WRITE_CMD); 276 writeq_be(val, &ctrl_map->ctx_cap); 277 val = readq_be(&ctrl_map->ctx_cap); 278 if (val != (SISL_CTX_CAP_READ_CMD | SISL_CTX_CAP_WRITE_CMD)) { 279 dev_err(dev, "%s: ctx may be closed val=%016llx\n", 280 __func__, val); 281 rc = -EAGAIN; 282 goto out; 283 } 284 285 /* Set up MMIO registers pointing to the RHT */ 286 writeq_be((u64)ctxi->rht_start, &ctrl_map->rht_start); 287 val = SISL_RHT_CNT_ID((u64)MAX_RHT_PER_CONTEXT, (u64)(hwq->ctx_hndl)); 288 writeq_be(val, &ctrl_map->rht_cnt_id); 289 out: 290 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 291 return rc; 292 } 293 294 /** 295 * read_cap16() - issues a SCSI READ_CAP16 command 296 * @sdev: SCSI device associated with LUN. 297 * @lli: LUN destined for capacity request. 298 * 299 * The READ_CAP16 can take quite a while to complete. Should an EEH occur while 300 * in scsi_execute(), the EEH handler will attempt to recover. As part of the 301 * recovery, the handler drains all currently running ioctls, waiting until they 302 * have completed before proceeding with a reset. As this routine is used on the 303 * ioctl path, this can create a condition where the EEH handler becomes stuck, 304 * infinitely waiting for this ioctl thread. To avoid this behavior, temporarily 305 * unmark this thread as an ioctl thread by releasing the ioctl read semaphore. 306 * This will allow the EEH handler to proceed with a recovery while this thread 307 * is still running. Once the scsi_execute() returns, reacquire the ioctl read 308 * semaphore and check the adapter state in case it changed while inside of 309 * scsi_execute(). The state check will wait if the adapter is still being 310 * recovered or return a failure if the recovery failed. In the event that the 311 * adapter reset failed, simply return the failure as the ioctl would be unable 312 * to continue. 313 * 314 * Note that the above puts a requirement on this routine to only be called on 315 * an ioctl thread. 316 * 317 * Return: 0 on success, -errno on failure 318 */ 319 static int read_cap16(struct scsi_device *sdev, struct llun_info *lli) 320 { 321 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 322 struct device *dev = &cfg->dev->dev; 323 struct glun_info *gli = lli->parent; 324 struct scsi_sense_hdr sshdr; 325 u8 *cmd_buf = NULL; 326 u8 *scsi_cmd = NULL; 327 u8 *sense_buf = NULL; 328 int rc = 0; 329 int result = 0; 330 int retry_cnt = 0; 331 u32 to = CMD_TIMEOUT * HZ; 332 333 retry: 334 cmd_buf = kzalloc(CMD_BUFSIZE, GFP_KERNEL); 335 scsi_cmd = kzalloc(MAX_COMMAND_SIZE, GFP_KERNEL); 336 sense_buf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_KERNEL); 337 if (unlikely(!cmd_buf || !scsi_cmd || !sense_buf)) { 338 rc = -ENOMEM; 339 goto out; 340 } 341 342 scsi_cmd[0] = SERVICE_ACTION_IN_16; /* read cap(16) */ 343 scsi_cmd[1] = SAI_READ_CAPACITY_16; /* service action */ 344 put_unaligned_be32(CMD_BUFSIZE, &scsi_cmd[10]); 345 346 dev_dbg(dev, "%s: %ssending cmd(%02x)\n", __func__, 347 retry_cnt ? "re" : "", scsi_cmd[0]); 348 349 /* Drop the ioctl read semahpore across lengthy call */ 350 up_read(&cfg->ioctl_rwsem); 351 result = scsi_execute(sdev, scsi_cmd, DMA_FROM_DEVICE, cmd_buf, 352 CMD_BUFSIZE, sense_buf, &sshdr, to, CMD_RETRIES, 353 0, 0, NULL); 354 down_read(&cfg->ioctl_rwsem); 355 rc = check_state(cfg); 356 if (rc) { 357 dev_err(dev, "%s: Failed state result=%08x\n", 358 __func__, result); 359 rc = -ENODEV; 360 goto out; 361 } 362 363 if (driver_byte(result) == DRIVER_SENSE) { 364 result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 365 if (result & SAM_STAT_CHECK_CONDITION) { 366 switch (sshdr.sense_key) { 367 case NO_SENSE: 368 case RECOVERED_ERROR: 369 /* fall through */ 370 case NOT_READY: 371 result &= ~SAM_STAT_CHECK_CONDITION; 372 break; 373 case UNIT_ATTENTION: 374 switch (sshdr.asc) { 375 case 0x29: /* Power on Reset or Device Reset */ 376 /* fall through */ 377 case 0x2A: /* Device capacity changed */ 378 case 0x3F: /* Report LUNs changed */ 379 /* Retry the command once more */ 380 if (retry_cnt++ < 1) { 381 kfree(cmd_buf); 382 kfree(scsi_cmd); 383 kfree(sense_buf); 384 goto retry; 385 } 386 } 387 break; 388 default: 389 break; 390 } 391 } 392 } 393 394 if (result) { 395 dev_err(dev, "%s: command failed, result=%08x\n", 396 __func__, result); 397 rc = -EIO; 398 goto out; 399 } 400 401 /* 402 * Read cap was successful, grab values from the buffer; 403 * note that we don't need to worry about unaligned access 404 * as the buffer is allocated on an aligned boundary. 405 */ 406 mutex_lock(&gli->mutex); 407 gli->max_lba = be64_to_cpu(*((__be64 *)&cmd_buf[0])); 408 gli->blk_len = be32_to_cpu(*((__be32 *)&cmd_buf[8])); 409 mutex_unlock(&gli->mutex); 410 411 out: 412 kfree(cmd_buf); 413 kfree(scsi_cmd); 414 kfree(sense_buf); 415 416 dev_dbg(dev, "%s: maxlba=%lld blklen=%d rc=%d\n", 417 __func__, gli->max_lba, gli->blk_len, rc); 418 return rc; 419 } 420 421 /** 422 * get_rhte() - obtains validated resource handle table entry reference 423 * @ctxi: Context owning the resource handle. 424 * @rhndl: Resource handle associated with entry. 425 * @lli: LUN associated with request. 426 * 427 * Return: Validated RHTE on success, NULL on failure 428 */ 429 struct sisl_rht_entry *get_rhte(struct ctx_info *ctxi, res_hndl_t rhndl, 430 struct llun_info *lli) 431 { 432 struct cxlflash_cfg *cfg = ctxi->cfg; 433 struct device *dev = &cfg->dev->dev; 434 struct sisl_rht_entry *rhte = NULL; 435 436 if (unlikely(!ctxi->rht_start)) { 437 dev_dbg(dev, "%s: Context does not have allocated RHT\n", 438 __func__); 439 goto out; 440 } 441 442 if (unlikely(rhndl >= MAX_RHT_PER_CONTEXT)) { 443 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 444 __func__, rhndl); 445 goto out; 446 } 447 448 if (unlikely(ctxi->rht_lun[rhndl] != lli)) { 449 dev_dbg(dev, "%s: Bad resource handle LUN rhndl=%d\n", 450 __func__, rhndl); 451 goto out; 452 } 453 454 rhte = &ctxi->rht_start[rhndl]; 455 if (unlikely(rhte->nmask == 0)) { 456 dev_dbg(dev, "%s: Unopened resource handle rhndl=%d\n", 457 __func__, rhndl); 458 rhte = NULL; 459 goto out; 460 } 461 462 out: 463 return rhte; 464 } 465 466 /** 467 * rhte_checkout() - obtains free/empty resource handle table entry 468 * @ctxi: Context owning the resource handle. 469 * @lli: LUN associated with request. 470 * 471 * Return: Free RHTE on success, NULL on failure 472 */ 473 struct sisl_rht_entry *rhte_checkout(struct ctx_info *ctxi, 474 struct llun_info *lli) 475 { 476 struct cxlflash_cfg *cfg = ctxi->cfg; 477 struct device *dev = &cfg->dev->dev; 478 struct sisl_rht_entry *rhte = NULL; 479 int i; 480 481 /* Find a free RHT entry */ 482 for (i = 0; i < MAX_RHT_PER_CONTEXT; i++) 483 if (ctxi->rht_start[i].nmask == 0) { 484 rhte = &ctxi->rht_start[i]; 485 ctxi->rht_out++; 486 break; 487 } 488 489 if (likely(rhte)) 490 ctxi->rht_lun[i] = lli; 491 492 dev_dbg(dev, "%s: returning rhte=%p index=%d\n", __func__, rhte, i); 493 return rhte; 494 } 495 496 /** 497 * rhte_checkin() - releases a resource handle table entry 498 * @ctxi: Context owning the resource handle. 499 * @rhte: RHTE to release. 500 */ 501 void rhte_checkin(struct ctx_info *ctxi, 502 struct sisl_rht_entry *rhte) 503 { 504 u32 rsrc_handle = rhte - ctxi->rht_start; 505 506 rhte->nmask = 0; 507 rhte->fp = 0; 508 ctxi->rht_out--; 509 ctxi->rht_lun[rsrc_handle] = NULL; 510 ctxi->rht_needs_ws[rsrc_handle] = false; 511 } 512 513 /** 514 * rhte_format1() - populates a RHTE for format 1 515 * @rhte: RHTE to populate. 516 * @lun_id: LUN ID of LUN associated with RHTE. 517 * @perm: Desired permissions for RHTE. 518 * @port_sel: Port selection mask 519 */ 520 static void rht_format1(struct sisl_rht_entry *rhte, u64 lun_id, u32 perm, 521 u32 port_sel) 522 { 523 /* 524 * Populate the Format 1 RHT entry for direct access (physical 525 * LUN) using the synchronization sequence defined in the 526 * SISLite specification. 527 */ 528 struct sisl_rht_entry_f1 dummy = { 0 }; 529 struct sisl_rht_entry_f1 *rhte_f1 = (struct sisl_rht_entry_f1 *)rhte; 530 531 memset(rhte_f1, 0, sizeof(*rhte_f1)); 532 rhte_f1->fp = SISL_RHT_FP(1U, 0); 533 dma_wmb(); /* Make setting of format bit visible */ 534 535 rhte_f1->lun_id = lun_id; 536 dma_wmb(); /* Make setting of LUN id visible */ 537 538 /* 539 * Use a dummy RHT Format 1 entry to build the second dword 540 * of the entry that must be populated in a single write when 541 * enabled (valid bit set to TRUE). 542 */ 543 dummy.valid = 0x80; 544 dummy.fp = SISL_RHT_FP(1U, perm); 545 dummy.port_sel = port_sel; 546 rhte_f1->dw = dummy.dw; 547 548 dma_wmb(); /* Make remaining RHT entry fields visible */ 549 } 550 551 /** 552 * cxlflash_lun_attach() - attaches a user to a LUN and manages the LUN's mode 553 * @gli: LUN to attach. 554 * @mode: Desired mode of the LUN. 555 * @locked: Mutex status on current thread. 556 * 557 * Return: 0 on success, -errno on failure 558 */ 559 int cxlflash_lun_attach(struct glun_info *gli, enum lun_mode mode, bool locked) 560 { 561 int rc = 0; 562 563 if (!locked) 564 mutex_lock(&gli->mutex); 565 566 if (gli->mode == MODE_NONE) 567 gli->mode = mode; 568 else if (gli->mode != mode) { 569 pr_debug("%s: gli_mode=%d requested_mode=%d\n", 570 __func__, gli->mode, mode); 571 rc = -EINVAL; 572 goto out; 573 } 574 575 gli->users++; 576 WARN_ON(gli->users <= 0); 577 out: 578 pr_debug("%s: Returning rc=%d gli->mode=%u gli->users=%u\n", 579 __func__, rc, gli->mode, gli->users); 580 if (!locked) 581 mutex_unlock(&gli->mutex); 582 return rc; 583 } 584 585 /** 586 * cxlflash_lun_detach() - detaches a user from a LUN and resets the LUN's mode 587 * @gli: LUN to detach. 588 * 589 * When resetting the mode, terminate block allocation resources as they 590 * are no longer required (service is safe to call even when block allocation 591 * resources were not present - such as when transitioning from physical mode). 592 * These resources will be reallocated when needed (subsequent transition to 593 * virtual mode). 594 */ 595 void cxlflash_lun_detach(struct glun_info *gli) 596 { 597 mutex_lock(&gli->mutex); 598 WARN_ON(gli->mode == MODE_NONE); 599 if (--gli->users == 0) { 600 gli->mode = MODE_NONE; 601 cxlflash_ba_terminate(&gli->blka.ba_lun); 602 } 603 pr_debug("%s: gli->users=%u\n", __func__, gli->users); 604 WARN_ON(gli->users < 0); 605 mutex_unlock(&gli->mutex); 606 } 607 608 /** 609 * _cxlflash_disk_release() - releases the specified resource entry 610 * @sdev: SCSI device associated with LUN. 611 * @ctxi: Context owning resources. 612 * @release: Release ioctl data structure. 613 * 614 * For LUNs in virtual mode, the virtual LUN associated with the specified 615 * resource handle is resized to 0 prior to releasing the RHTE. Note that the 616 * AFU sync should _not_ be performed when the context is sitting on the error 617 * recovery list. A context on the error recovery list is not known to the AFU 618 * due to reset. When the context is recovered, it will be reattached and made 619 * known again to the AFU. 620 * 621 * Return: 0 on success, -errno on failure 622 */ 623 int _cxlflash_disk_release(struct scsi_device *sdev, 624 struct ctx_info *ctxi, 625 struct dk_cxlflash_release *release) 626 { 627 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 628 struct device *dev = &cfg->dev->dev; 629 struct llun_info *lli = sdev->hostdata; 630 struct glun_info *gli = lli->parent; 631 struct afu *afu = cfg->afu; 632 bool put_ctx = false; 633 634 struct dk_cxlflash_resize size; 635 res_hndl_t rhndl = release->rsrc_handle; 636 637 int rc = 0; 638 int rcr = 0; 639 u64 ctxid = DECODE_CTXID(release->context_id), 640 rctxid = release->context_id; 641 642 struct sisl_rht_entry *rhte; 643 struct sisl_rht_entry_f1 *rhte_f1; 644 645 dev_dbg(dev, "%s: ctxid=%llu rhndl=%llu gli->mode=%u gli->users=%u\n", 646 __func__, ctxid, release->rsrc_handle, gli->mode, gli->users); 647 648 if (!ctxi) { 649 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 650 if (unlikely(!ctxi)) { 651 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", 652 __func__, ctxid); 653 rc = -EINVAL; 654 goto out; 655 } 656 657 put_ctx = true; 658 } 659 660 rhte = get_rhte(ctxi, rhndl, lli); 661 if (unlikely(!rhte)) { 662 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 663 __func__, rhndl); 664 rc = -EINVAL; 665 goto out; 666 } 667 668 /* 669 * Resize to 0 for virtual LUNS by setting the size 670 * to 0. This will clear LXT_START and LXT_CNT fields 671 * in the RHT entry and properly sync with the AFU. 672 * 673 * Afterwards we clear the remaining fields. 674 */ 675 switch (gli->mode) { 676 case MODE_VIRTUAL: 677 marshal_rele_to_resize(release, &size); 678 size.req_size = 0; 679 rc = _cxlflash_vlun_resize(sdev, ctxi, &size); 680 if (rc) { 681 dev_dbg(dev, "%s: resize failed rc %d\n", __func__, rc); 682 goto out; 683 } 684 685 break; 686 case MODE_PHYSICAL: 687 /* 688 * Clear the Format 1 RHT entry for direct access 689 * (physical LUN) using the synchronization sequence 690 * defined in the SISLite specification. 691 */ 692 rhte_f1 = (struct sisl_rht_entry_f1 *)rhte; 693 694 rhte_f1->valid = 0; 695 dma_wmb(); /* Make revocation of RHT entry visible */ 696 697 rhte_f1->lun_id = 0; 698 dma_wmb(); /* Make clearing of LUN id visible */ 699 700 rhte_f1->dw = 0; 701 dma_wmb(); /* Make RHT entry bottom-half clearing visible */ 702 703 if (!ctxi->err_recovery_active) { 704 rcr = cxlflash_afu_sync(afu, ctxid, rhndl, AFU_HW_SYNC); 705 if (unlikely(rcr)) 706 dev_dbg(dev, "%s: AFU sync failed rc=%d\n", 707 __func__, rcr); 708 } 709 break; 710 default: 711 WARN(1, "Unsupported LUN mode!"); 712 goto out; 713 } 714 715 rhte_checkin(ctxi, rhte); 716 cxlflash_lun_detach(gli); 717 718 out: 719 if (put_ctx) 720 put_context(ctxi); 721 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 722 return rc; 723 } 724 725 int cxlflash_disk_release(struct scsi_device *sdev, 726 struct dk_cxlflash_release *release) 727 { 728 return _cxlflash_disk_release(sdev, NULL, release); 729 } 730 731 /** 732 * destroy_context() - releases a context 733 * @cfg: Internal structure associated with the host. 734 * @ctxi: Context to release. 735 * 736 * This routine is safe to be called with a a non-initialized context. 737 * Also note that the routine conditionally checks for the existence 738 * of the context control map before clearing the RHT registers and 739 * context capabilities because it is possible to destroy a context 740 * while the context is in the error state (previous mapping was 741 * removed [so there is no need to worry about clearing] and context 742 * is waiting for a new mapping). 743 */ 744 static void destroy_context(struct cxlflash_cfg *cfg, 745 struct ctx_info *ctxi) 746 { 747 struct afu *afu = cfg->afu; 748 749 if (ctxi->initialized) { 750 WARN_ON(!list_empty(&ctxi->luns)); 751 752 /* Clear RHT registers and drop all capabilities for context */ 753 if (afu->afu_map && ctxi->ctrl_map) { 754 writeq_be(0, &ctxi->ctrl_map->rht_start); 755 writeq_be(0, &ctxi->ctrl_map->rht_cnt_id); 756 writeq_be(0, &ctxi->ctrl_map->ctx_cap); 757 } 758 } 759 760 /* Free memory associated with context */ 761 free_page((ulong)ctxi->rht_start); 762 kfree(ctxi->rht_needs_ws); 763 kfree(ctxi->rht_lun); 764 kfree(ctxi); 765 } 766 767 /** 768 * create_context() - allocates and initializes a context 769 * @cfg: Internal structure associated with the host. 770 * 771 * Return: Allocated context on success, NULL on failure 772 */ 773 static struct ctx_info *create_context(struct cxlflash_cfg *cfg) 774 { 775 struct device *dev = &cfg->dev->dev; 776 struct ctx_info *ctxi = NULL; 777 struct llun_info **lli = NULL; 778 u8 *ws = NULL; 779 struct sisl_rht_entry *rhte; 780 781 ctxi = kzalloc(sizeof(*ctxi), GFP_KERNEL); 782 lli = kzalloc((MAX_RHT_PER_CONTEXT * sizeof(*lli)), GFP_KERNEL); 783 ws = kzalloc((MAX_RHT_PER_CONTEXT * sizeof(*ws)), GFP_KERNEL); 784 if (unlikely(!ctxi || !lli || !ws)) { 785 dev_err(dev, "%s: Unable to allocate context\n", __func__); 786 goto err; 787 } 788 789 rhte = (struct sisl_rht_entry *)get_zeroed_page(GFP_KERNEL); 790 if (unlikely(!rhte)) { 791 dev_err(dev, "%s: Unable to allocate RHT\n", __func__); 792 goto err; 793 } 794 795 ctxi->rht_lun = lli; 796 ctxi->rht_needs_ws = ws; 797 ctxi->rht_start = rhte; 798 out: 799 return ctxi; 800 801 err: 802 kfree(ws); 803 kfree(lli); 804 kfree(ctxi); 805 ctxi = NULL; 806 goto out; 807 } 808 809 /** 810 * init_context() - initializes a previously allocated context 811 * @ctxi: Previously allocated context 812 * @cfg: Internal structure associated with the host. 813 * @ctx: Previously obtained context cookie. 814 * @ctxid: Previously obtained process element associated with CXL context. 815 * @file: Previously obtained file associated with CXL context. 816 * @perms: User-specified permissions. 817 * @irqs: User-specified number of interrupts. 818 */ 819 static void init_context(struct ctx_info *ctxi, struct cxlflash_cfg *cfg, 820 void *ctx, int ctxid, struct file *file, u32 perms, 821 u64 irqs) 822 { 823 struct afu *afu = cfg->afu; 824 825 ctxi->rht_perms = perms; 826 ctxi->ctrl_map = &afu->afu_map->ctrls[ctxid].ctrl; 827 ctxi->ctxid = ENCODE_CTXID(ctxi, ctxid); 828 ctxi->irqs = irqs; 829 ctxi->pid = task_tgid_nr(current); /* tgid = pid */ 830 ctxi->ctx = ctx; 831 ctxi->cfg = cfg; 832 ctxi->file = file; 833 ctxi->initialized = true; 834 mutex_init(&ctxi->mutex); 835 kref_init(&ctxi->kref); 836 INIT_LIST_HEAD(&ctxi->luns); 837 INIT_LIST_HEAD(&ctxi->list); /* initialize for list_empty() */ 838 } 839 840 /** 841 * remove_context() - context kref release handler 842 * @kref: Kernel reference associated with context to be removed. 843 * 844 * When a context no longer has any references it can safely be removed 845 * from global access and destroyed. Note that it is assumed the thread 846 * relinquishing access to the context holds its mutex. 847 */ 848 static void remove_context(struct kref *kref) 849 { 850 struct ctx_info *ctxi = container_of(kref, struct ctx_info, kref); 851 struct cxlflash_cfg *cfg = ctxi->cfg; 852 u64 ctxid = DECODE_CTXID(ctxi->ctxid); 853 854 /* Remove context from table/error list */ 855 WARN_ON(!mutex_is_locked(&ctxi->mutex)); 856 ctxi->unavail = true; 857 mutex_unlock(&ctxi->mutex); 858 mutex_lock(&cfg->ctx_tbl_list_mutex); 859 mutex_lock(&ctxi->mutex); 860 861 if (!list_empty(&ctxi->list)) 862 list_del(&ctxi->list); 863 cfg->ctx_tbl[ctxid] = NULL; 864 mutex_unlock(&cfg->ctx_tbl_list_mutex); 865 mutex_unlock(&ctxi->mutex); 866 867 /* Context now completely uncoupled/unreachable */ 868 destroy_context(cfg, ctxi); 869 } 870 871 /** 872 * _cxlflash_disk_detach() - detaches a LUN from a context 873 * @sdev: SCSI device associated with LUN. 874 * @ctxi: Context owning resources. 875 * @detach: Detach ioctl data structure. 876 * 877 * As part of the detach, all per-context resources associated with the LUN 878 * are cleaned up. When detaching the last LUN for a context, the context 879 * itself is cleaned up and released. 880 * 881 * Return: 0 on success, -errno on failure 882 */ 883 static int _cxlflash_disk_detach(struct scsi_device *sdev, 884 struct ctx_info *ctxi, 885 struct dk_cxlflash_detach *detach) 886 { 887 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 888 struct device *dev = &cfg->dev->dev; 889 struct llun_info *lli = sdev->hostdata; 890 struct lun_access *lun_access, *t; 891 struct dk_cxlflash_release rel; 892 bool put_ctx = false; 893 894 int i; 895 int rc = 0; 896 u64 ctxid = DECODE_CTXID(detach->context_id), 897 rctxid = detach->context_id; 898 899 dev_dbg(dev, "%s: ctxid=%llu\n", __func__, ctxid); 900 901 if (!ctxi) { 902 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 903 if (unlikely(!ctxi)) { 904 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", 905 __func__, ctxid); 906 rc = -EINVAL; 907 goto out; 908 } 909 910 put_ctx = true; 911 } 912 913 /* Cleanup outstanding resources tied to this LUN */ 914 if (ctxi->rht_out) { 915 marshal_det_to_rele(detach, &rel); 916 for (i = 0; i < MAX_RHT_PER_CONTEXT; i++) { 917 if (ctxi->rht_lun[i] == lli) { 918 rel.rsrc_handle = i; 919 _cxlflash_disk_release(sdev, ctxi, &rel); 920 } 921 922 /* No need to loop further if we're done */ 923 if (ctxi->rht_out == 0) 924 break; 925 } 926 } 927 928 /* Take our LUN out of context, free the node */ 929 list_for_each_entry_safe(lun_access, t, &ctxi->luns, list) 930 if (lun_access->lli == lli) { 931 list_del(&lun_access->list); 932 kfree(lun_access); 933 lun_access = NULL; 934 break; 935 } 936 937 /* 938 * Release the context reference and the sdev reference that 939 * bound this LUN to the context. 940 */ 941 if (kref_put(&ctxi->kref, remove_context)) 942 put_ctx = false; 943 scsi_device_put(sdev); 944 out: 945 if (put_ctx) 946 put_context(ctxi); 947 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 948 return rc; 949 } 950 951 static int cxlflash_disk_detach(struct scsi_device *sdev, 952 struct dk_cxlflash_detach *detach) 953 { 954 return _cxlflash_disk_detach(sdev, NULL, detach); 955 } 956 957 /** 958 * cxlflash_cxl_release() - release handler for adapter file descriptor 959 * @inode: File-system inode associated with fd. 960 * @file: File installed with adapter file descriptor. 961 * 962 * This routine is the release handler for the fops registered with 963 * the CXL services on an initial attach for a context. It is called 964 * when a close (explicity by the user or as part of a process tear 965 * down) is performed on the adapter file descriptor returned to the 966 * user. The user should be aware that explicitly performing a close 967 * considered catastrophic and subsequent usage of the superpipe API 968 * with previously saved off tokens will fail. 969 * 970 * This routine derives the context reference and calls detach for 971 * each LUN associated with the context.The final detach operation 972 * causes the context itself to be freed. With exception to when the 973 * CXL process element (context id) lookup fails (a case that should 974 * theoretically never occur), every call into this routine results 975 * in a complete freeing of a context. 976 * 977 * Return: 0 on success 978 */ 979 static int cxlflash_cxl_release(struct inode *inode, struct file *file) 980 { 981 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 982 cxl_fops); 983 void *ctx = cfg->ops->fops_get_context(file); 984 struct device *dev = &cfg->dev->dev; 985 struct ctx_info *ctxi = NULL; 986 struct dk_cxlflash_detach detach = { { 0 }, 0 }; 987 struct lun_access *lun_access, *t; 988 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 989 int ctxid; 990 991 ctxid = cfg->ops->process_element(ctx); 992 if (unlikely(ctxid < 0)) { 993 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 994 __func__, ctx, ctxid); 995 goto out; 996 } 997 998 ctxi = get_context(cfg, ctxid, file, ctrl); 999 if (unlikely(!ctxi)) { 1000 ctxi = get_context(cfg, ctxid, file, ctrl | CTX_CTRL_CLONE); 1001 if (!ctxi) { 1002 dev_dbg(dev, "%s: ctxid=%d already free\n", 1003 __func__, ctxid); 1004 goto out_release; 1005 } 1006 1007 dev_dbg(dev, "%s: Another process owns ctxid=%d\n", 1008 __func__, ctxid); 1009 put_context(ctxi); 1010 goto out; 1011 } 1012 1013 dev_dbg(dev, "%s: close for ctxid=%d\n", __func__, ctxid); 1014 1015 detach.context_id = ctxi->ctxid; 1016 list_for_each_entry_safe(lun_access, t, &ctxi->luns, list) 1017 _cxlflash_disk_detach(lun_access->sdev, ctxi, &detach); 1018 out_release: 1019 cfg->ops->fd_release(inode, file); 1020 out: 1021 dev_dbg(dev, "%s: returning\n", __func__); 1022 return 0; 1023 } 1024 1025 /** 1026 * unmap_context() - clears a previously established mapping 1027 * @ctxi: Context owning the mapping. 1028 * 1029 * This routine is used to switch between the error notification page 1030 * (dummy page of all 1's) and the real mapping (established by the CXL 1031 * fault handler). 1032 */ 1033 static void unmap_context(struct ctx_info *ctxi) 1034 { 1035 unmap_mapping_range(ctxi->file->f_mapping, 0, 0, 1); 1036 } 1037 1038 /** 1039 * get_err_page() - obtains and allocates the error notification page 1040 * @cfg: Internal structure associated with the host. 1041 * 1042 * Return: error notification page on success, NULL on failure 1043 */ 1044 static struct page *get_err_page(struct cxlflash_cfg *cfg) 1045 { 1046 struct page *err_page = global.err_page; 1047 struct device *dev = &cfg->dev->dev; 1048 1049 if (unlikely(!err_page)) { 1050 err_page = alloc_page(GFP_KERNEL); 1051 if (unlikely(!err_page)) { 1052 dev_err(dev, "%s: Unable to allocate err_page\n", 1053 __func__); 1054 goto out; 1055 } 1056 1057 memset(page_address(err_page), -1, PAGE_SIZE); 1058 1059 /* Serialize update w/ other threads to avoid a leak */ 1060 mutex_lock(&global.mutex); 1061 if (likely(!global.err_page)) 1062 global.err_page = err_page; 1063 else { 1064 __free_page(err_page); 1065 err_page = global.err_page; 1066 } 1067 mutex_unlock(&global.mutex); 1068 } 1069 1070 out: 1071 dev_dbg(dev, "%s: returning err_page=%p\n", __func__, err_page); 1072 return err_page; 1073 } 1074 1075 /** 1076 * cxlflash_mmap_fault() - mmap fault handler for adapter file descriptor 1077 * @vmf: VM fault associated with current fault. 1078 * 1079 * To support error notification via MMIO, faults are 'caught' by this routine 1080 * that was inserted before passing back the adapter file descriptor on attach. 1081 * When a fault occurs, this routine evaluates if error recovery is active and 1082 * if so, installs the error page to 'notify' the user about the error state. 1083 * During normal operation, the fault is simply handled by the original fault 1084 * handler that was installed by CXL services as part of initializing the 1085 * adapter file descriptor. The VMA's page protection bits are toggled to 1086 * indicate cached/not-cached depending on the memory backing the fault. 1087 * 1088 * Return: 0 on success, VM_FAULT_SIGBUS on failure 1089 */ 1090 static int cxlflash_mmap_fault(struct vm_fault *vmf) 1091 { 1092 struct vm_area_struct *vma = vmf->vma; 1093 struct file *file = vma->vm_file; 1094 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 1095 cxl_fops); 1096 void *ctx = cfg->ops->fops_get_context(file); 1097 struct device *dev = &cfg->dev->dev; 1098 struct ctx_info *ctxi = NULL; 1099 struct page *err_page = NULL; 1100 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 1101 int rc = 0; 1102 int ctxid; 1103 1104 ctxid = cfg->ops->process_element(ctx); 1105 if (unlikely(ctxid < 0)) { 1106 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 1107 __func__, ctx, ctxid); 1108 goto err; 1109 } 1110 1111 ctxi = get_context(cfg, ctxid, file, ctrl); 1112 if (unlikely(!ctxi)) { 1113 dev_dbg(dev, "%s: Bad context ctxid=%d\n", __func__, ctxid); 1114 goto err; 1115 } 1116 1117 dev_dbg(dev, "%s: fault for context %d\n", __func__, ctxid); 1118 1119 if (likely(!ctxi->err_recovery_active)) { 1120 vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot); 1121 rc = ctxi->cxl_mmap_vmops->fault(vmf); 1122 } else { 1123 dev_dbg(dev, "%s: err recovery active, use err_page\n", 1124 __func__); 1125 1126 err_page = get_err_page(cfg); 1127 if (unlikely(!err_page)) { 1128 dev_err(dev, "%s: Could not get err_page\n", __func__); 1129 rc = VM_FAULT_RETRY; 1130 goto out; 1131 } 1132 1133 get_page(err_page); 1134 vmf->page = err_page; 1135 vma->vm_page_prot = pgprot_cached(vma->vm_page_prot); 1136 } 1137 1138 out: 1139 if (likely(ctxi)) 1140 put_context(ctxi); 1141 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 1142 return rc; 1143 1144 err: 1145 rc = VM_FAULT_SIGBUS; 1146 goto out; 1147 } 1148 1149 /* 1150 * Local MMAP vmops to 'catch' faults 1151 */ 1152 static const struct vm_operations_struct cxlflash_mmap_vmops = { 1153 .fault = cxlflash_mmap_fault, 1154 }; 1155 1156 /** 1157 * cxlflash_cxl_mmap() - mmap handler for adapter file descriptor 1158 * @file: File installed with adapter file descriptor. 1159 * @vma: VM area associated with mapping. 1160 * 1161 * Installs local mmap vmops to 'catch' faults for error notification support. 1162 * 1163 * Return: 0 on success, -errno on failure 1164 */ 1165 static int cxlflash_cxl_mmap(struct file *file, struct vm_area_struct *vma) 1166 { 1167 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 1168 cxl_fops); 1169 void *ctx = cfg->ops->fops_get_context(file); 1170 struct device *dev = &cfg->dev->dev; 1171 struct ctx_info *ctxi = NULL; 1172 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 1173 int ctxid; 1174 int rc = 0; 1175 1176 ctxid = cfg->ops->process_element(ctx); 1177 if (unlikely(ctxid < 0)) { 1178 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 1179 __func__, ctx, ctxid); 1180 rc = -EIO; 1181 goto out; 1182 } 1183 1184 ctxi = get_context(cfg, ctxid, file, ctrl); 1185 if (unlikely(!ctxi)) { 1186 dev_dbg(dev, "%s: Bad context ctxid=%d\n", __func__, ctxid); 1187 rc = -EIO; 1188 goto out; 1189 } 1190 1191 dev_dbg(dev, "%s: mmap for context %d\n", __func__, ctxid); 1192 1193 rc = cfg->ops->fd_mmap(file, vma); 1194 if (likely(!rc)) { 1195 /* Insert ourself in the mmap fault handler path */ 1196 ctxi->cxl_mmap_vmops = vma->vm_ops; 1197 vma->vm_ops = &cxlflash_mmap_vmops; 1198 } 1199 1200 out: 1201 if (likely(ctxi)) 1202 put_context(ctxi); 1203 return rc; 1204 } 1205 1206 const struct file_operations cxlflash_cxl_fops = { 1207 .owner = THIS_MODULE, 1208 .mmap = cxlflash_cxl_mmap, 1209 .release = cxlflash_cxl_release, 1210 }; 1211 1212 /** 1213 * cxlflash_mark_contexts_error() - move contexts to error state and list 1214 * @cfg: Internal structure associated with the host. 1215 * 1216 * A context is only moved over to the error list when there are no outstanding 1217 * references to it. This ensures that a running operation has completed. 1218 * 1219 * Return: 0 on success, -errno on failure 1220 */ 1221 int cxlflash_mark_contexts_error(struct cxlflash_cfg *cfg) 1222 { 1223 int i, rc = 0; 1224 struct ctx_info *ctxi = NULL; 1225 1226 mutex_lock(&cfg->ctx_tbl_list_mutex); 1227 1228 for (i = 0; i < MAX_CONTEXT; i++) { 1229 ctxi = cfg->ctx_tbl[i]; 1230 if (ctxi) { 1231 mutex_lock(&ctxi->mutex); 1232 cfg->ctx_tbl[i] = NULL; 1233 list_add(&ctxi->list, &cfg->ctx_err_recovery); 1234 ctxi->err_recovery_active = true; 1235 ctxi->ctrl_map = NULL; 1236 unmap_context(ctxi); 1237 mutex_unlock(&ctxi->mutex); 1238 } 1239 } 1240 1241 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1242 return rc; 1243 } 1244 1245 /* 1246 * Dummy NULL fops 1247 */ 1248 static const struct file_operations null_fops = { 1249 .owner = THIS_MODULE, 1250 }; 1251 1252 /** 1253 * check_state() - checks and responds to the current adapter state 1254 * @cfg: Internal structure associated with the host. 1255 * 1256 * This routine can block and should only be used on process context. 1257 * It assumes that the caller is an ioctl thread and holding the ioctl 1258 * read semaphore. This is temporarily let up across the wait to allow 1259 * for draining actively running ioctls. Also note that when waking up 1260 * from waiting in reset, the state is unknown and must be checked again 1261 * before proceeding. 1262 * 1263 * Return: 0 on success, -errno on failure 1264 */ 1265 int check_state(struct cxlflash_cfg *cfg) 1266 { 1267 struct device *dev = &cfg->dev->dev; 1268 int rc = 0; 1269 1270 retry: 1271 switch (cfg->state) { 1272 case STATE_RESET: 1273 dev_dbg(dev, "%s: Reset state, going to wait...\n", __func__); 1274 up_read(&cfg->ioctl_rwsem); 1275 rc = wait_event_interruptible(cfg->reset_waitq, 1276 cfg->state != STATE_RESET); 1277 down_read(&cfg->ioctl_rwsem); 1278 if (unlikely(rc)) 1279 break; 1280 goto retry; 1281 case STATE_FAILTERM: 1282 dev_dbg(dev, "%s: Failed/Terminating\n", __func__); 1283 rc = -ENODEV; 1284 break; 1285 default: 1286 break; 1287 } 1288 1289 return rc; 1290 } 1291 1292 /** 1293 * cxlflash_disk_attach() - attach a LUN to a context 1294 * @sdev: SCSI device associated with LUN. 1295 * @attach: Attach ioctl data structure. 1296 * 1297 * Creates a context and attaches LUN to it. A LUN can only be attached 1298 * one time to a context (subsequent attaches for the same context/LUN pair 1299 * are not supported). Additional LUNs can be attached to a context by 1300 * specifying the 'reuse' flag defined in the cxlflash_ioctl.h header. 1301 * 1302 * Return: 0 on success, -errno on failure 1303 */ 1304 static int cxlflash_disk_attach(struct scsi_device *sdev, 1305 struct dk_cxlflash_attach *attach) 1306 { 1307 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1308 struct device *dev = &cfg->dev->dev; 1309 struct afu *afu = cfg->afu; 1310 struct llun_info *lli = sdev->hostdata; 1311 struct glun_info *gli = lli->parent; 1312 struct ctx_info *ctxi = NULL; 1313 struct lun_access *lun_access = NULL; 1314 int rc = 0; 1315 u32 perms; 1316 int ctxid = -1; 1317 u64 irqs = attach->num_interrupts; 1318 u64 flags = 0UL; 1319 u64 rctxid = 0UL; 1320 struct file *file = NULL; 1321 1322 void *ctx = NULL; 1323 1324 int fd = -1; 1325 1326 if (irqs > 4) { 1327 dev_dbg(dev, "%s: Cannot support this many interrupts %llu\n", 1328 __func__, irqs); 1329 rc = -EINVAL; 1330 goto out; 1331 } 1332 1333 if (gli->max_lba == 0) { 1334 dev_dbg(dev, "%s: No capacity info for LUN=%016llx\n", 1335 __func__, lli->lun_id[sdev->channel]); 1336 rc = read_cap16(sdev, lli); 1337 if (rc) { 1338 dev_err(dev, "%s: Invalid device rc=%d\n", 1339 __func__, rc); 1340 rc = -ENODEV; 1341 goto out; 1342 } 1343 dev_dbg(dev, "%s: LBA = %016llx\n", __func__, gli->max_lba); 1344 dev_dbg(dev, "%s: BLK_LEN = %08x\n", __func__, gli->blk_len); 1345 } 1346 1347 if (attach->hdr.flags & DK_CXLFLASH_ATTACH_REUSE_CONTEXT) { 1348 rctxid = attach->context_id; 1349 ctxi = get_context(cfg, rctxid, NULL, 0); 1350 if (!ctxi) { 1351 dev_dbg(dev, "%s: Bad context rctxid=%016llx\n", 1352 __func__, rctxid); 1353 rc = -EINVAL; 1354 goto out; 1355 } 1356 1357 list_for_each_entry(lun_access, &ctxi->luns, list) 1358 if (lun_access->lli == lli) { 1359 dev_dbg(dev, "%s: Already attached\n", 1360 __func__); 1361 rc = -EINVAL; 1362 goto out; 1363 } 1364 } 1365 1366 rc = scsi_device_get(sdev); 1367 if (unlikely(rc)) { 1368 dev_err(dev, "%s: Unable to get sdev reference\n", __func__); 1369 goto out; 1370 } 1371 1372 lun_access = kzalloc(sizeof(*lun_access), GFP_KERNEL); 1373 if (unlikely(!lun_access)) { 1374 dev_err(dev, "%s: Unable to allocate lun_access\n", __func__); 1375 rc = -ENOMEM; 1376 goto err; 1377 } 1378 1379 lun_access->lli = lli; 1380 lun_access->sdev = sdev; 1381 1382 /* Non-NULL context indicates reuse (another context reference) */ 1383 if (ctxi) { 1384 dev_dbg(dev, "%s: Reusing context for LUN rctxid=%016llx\n", 1385 __func__, rctxid); 1386 kref_get(&ctxi->kref); 1387 list_add(&lun_access->list, &ctxi->luns); 1388 goto out_attach; 1389 } 1390 1391 ctxi = create_context(cfg); 1392 if (unlikely(!ctxi)) { 1393 dev_err(dev, "%s: Failed to create context ctxid=%d\n", 1394 __func__, ctxid); 1395 rc = -ENOMEM; 1396 goto err; 1397 } 1398 1399 ctx = cfg->ops->dev_context_init(cfg->dev, cfg->afu_cookie); 1400 if (IS_ERR_OR_NULL(ctx)) { 1401 dev_err(dev, "%s: Could not initialize context %p\n", 1402 __func__, ctx); 1403 rc = -ENODEV; 1404 goto err; 1405 } 1406 1407 rc = cfg->ops->start_work(ctx, irqs); 1408 if (unlikely(rc)) { 1409 dev_dbg(dev, "%s: Could not start context rc=%d\n", 1410 __func__, rc); 1411 goto err; 1412 } 1413 1414 ctxid = cfg->ops->process_element(ctx); 1415 if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { 1416 dev_err(dev, "%s: ctxid=%d invalid\n", __func__, ctxid); 1417 rc = -EPERM; 1418 goto err; 1419 } 1420 1421 file = cfg->ops->get_fd(ctx, &cfg->cxl_fops, &fd); 1422 if (unlikely(fd < 0)) { 1423 rc = -ENODEV; 1424 dev_err(dev, "%s: Could not get file descriptor\n", __func__); 1425 goto err; 1426 } 1427 1428 /* Translate read/write O_* flags from fcntl.h to AFU permission bits */ 1429 perms = SISL_RHT_PERM(attach->hdr.flags + 1); 1430 1431 /* Context mutex is locked upon return */ 1432 init_context(ctxi, cfg, ctx, ctxid, file, perms, irqs); 1433 1434 rc = afu_attach(cfg, ctxi); 1435 if (unlikely(rc)) { 1436 dev_err(dev, "%s: Could not attach AFU rc %d\n", __func__, rc); 1437 goto err; 1438 } 1439 1440 /* 1441 * No error paths after this point. Once the fd is installed it's 1442 * visible to user space and can't be undone safely on this thread. 1443 * There is no need to worry about a deadlock here because no one 1444 * knows about us yet; we can be the only one holding our mutex. 1445 */ 1446 list_add(&lun_access->list, &ctxi->luns); 1447 mutex_lock(&cfg->ctx_tbl_list_mutex); 1448 mutex_lock(&ctxi->mutex); 1449 cfg->ctx_tbl[ctxid] = ctxi; 1450 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1451 fd_install(fd, file); 1452 1453 out_attach: 1454 if (fd != -1) 1455 flags |= DK_CXLFLASH_APP_CLOSE_ADAP_FD; 1456 if (afu_is_sq_cmd_mode(afu)) 1457 flags |= DK_CXLFLASH_CONTEXT_SQ_CMD_MODE; 1458 1459 attach->hdr.return_flags = flags; 1460 attach->context_id = ctxi->ctxid; 1461 attach->block_size = gli->blk_len; 1462 attach->mmio_size = sizeof(afu->afu_map->hosts[0].harea); 1463 attach->last_lba = gli->max_lba; 1464 attach->max_xfer = sdev->host->max_sectors * MAX_SECTOR_UNIT; 1465 attach->max_xfer /= gli->blk_len; 1466 1467 out: 1468 attach->adap_fd = fd; 1469 1470 if (ctxi) 1471 put_context(ctxi); 1472 1473 dev_dbg(dev, "%s: returning ctxid=%d fd=%d bs=%lld rc=%d llba=%lld\n", 1474 __func__, ctxid, fd, attach->block_size, rc, attach->last_lba); 1475 return rc; 1476 1477 err: 1478 /* Cleanup CXL context; okay to 'stop' even if it was not started */ 1479 if (!IS_ERR_OR_NULL(ctx)) { 1480 cfg->ops->stop_context(ctx); 1481 cfg->ops->release_context(ctx); 1482 ctx = NULL; 1483 } 1484 1485 /* 1486 * Here, we're overriding the fops with a dummy all-NULL fops because 1487 * fput() calls the release fop, which will cause us to mistakenly 1488 * call into the CXL code. Rather than try to add yet more complexity 1489 * to that routine (cxlflash_cxl_release) we should try to fix the 1490 * issue here. 1491 */ 1492 if (fd > 0) { 1493 file->f_op = &null_fops; 1494 fput(file); 1495 put_unused_fd(fd); 1496 fd = -1; 1497 file = NULL; 1498 } 1499 1500 /* Cleanup our context */ 1501 if (ctxi) { 1502 destroy_context(cfg, ctxi); 1503 ctxi = NULL; 1504 } 1505 1506 kfree(lun_access); 1507 scsi_device_put(sdev); 1508 goto out; 1509 } 1510 1511 /** 1512 * recover_context() - recovers a context in error 1513 * @cfg: Internal structure associated with the host. 1514 * @ctxi: Context to release. 1515 * @adap_fd: Adapter file descriptor associated with new/recovered context. 1516 * 1517 * Restablishes the state for a context-in-error. 1518 * 1519 * Return: 0 on success, -errno on failure 1520 */ 1521 static int recover_context(struct cxlflash_cfg *cfg, 1522 struct ctx_info *ctxi, 1523 int *adap_fd) 1524 { 1525 struct device *dev = &cfg->dev->dev; 1526 int rc = 0; 1527 int fd = -1; 1528 int ctxid = -1; 1529 struct file *file; 1530 void *ctx; 1531 struct afu *afu = cfg->afu; 1532 1533 ctx = cfg->ops->dev_context_init(cfg->dev, cfg->afu_cookie); 1534 if (IS_ERR_OR_NULL(ctx)) { 1535 dev_err(dev, "%s: Could not initialize context %p\n", 1536 __func__, ctx); 1537 rc = -ENODEV; 1538 goto out; 1539 } 1540 1541 rc = cfg->ops->start_work(ctx, ctxi->irqs); 1542 if (unlikely(rc)) { 1543 dev_dbg(dev, "%s: Could not start context rc=%d\n", 1544 __func__, rc); 1545 goto err1; 1546 } 1547 1548 ctxid = cfg->ops->process_element(ctx); 1549 if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { 1550 dev_err(dev, "%s: ctxid=%d invalid\n", __func__, ctxid); 1551 rc = -EPERM; 1552 goto err2; 1553 } 1554 1555 file = cfg->ops->get_fd(ctx, &cfg->cxl_fops, &fd); 1556 if (unlikely(fd < 0)) { 1557 rc = -ENODEV; 1558 dev_err(dev, "%s: Could not get file descriptor\n", __func__); 1559 goto err2; 1560 } 1561 1562 /* Update with new MMIO area based on updated context id */ 1563 ctxi->ctrl_map = &afu->afu_map->ctrls[ctxid].ctrl; 1564 1565 rc = afu_attach(cfg, ctxi); 1566 if (rc) { 1567 dev_err(dev, "%s: Could not attach AFU rc %d\n", __func__, rc); 1568 goto err3; 1569 } 1570 1571 /* 1572 * No error paths after this point. Once the fd is installed it's 1573 * visible to user space and can't be undone safely on this thread. 1574 */ 1575 ctxi->ctxid = ENCODE_CTXID(ctxi, ctxid); 1576 ctxi->ctx = ctx; 1577 ctxi->file = file; 1578 1579 /* 1580 * Put context back in table (note the reinit of the context list); 1581 * we must first drop the context's mutex and then acquire it in 1582 * order with the table/list mutex to avoid a deadlock - safe to do 1583 * here because no one can find us at this moment in time. 1584 */ 1585 mutex_unlock(&ctxi->mutex); 1586 mutex_lock(&cfg->ctx_tbl_list_mutex); 1587 mutex_lock(&ctxi->mutex); 1588 list_del_init(&ctxi->list); 1589 cfg->ctx_tbl[ctxid] = ctxi; 1590 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1591 fd_install(fd, file); 1592 *adap_fd = fd; 1593 out: 1594 dev_dbg(dev, "%s: returning ctxid=%d fd=%d rc=%d\n", 1595 __func__, ctxid, fd, rc); 1596 return rc; 1597 1598 err3: 1599 fput(file); 1600 put_unused_fd(fd); 1601 err2: 1602 cfg->ops->stop_context(ctx); 1603 err1: 1604 cfg->ops->release_context(ctx); 1605 goto out; 1606 } 1607 1608 /** 1609 * cxlflash_afu_recover() - initiates AFU recovery 1610 * @sdev: SCSI device associated with LUN. 1611 * @recover: Recover ioctl data structure. 1612 * 1613 * Only a single recovery is allowed at a time to avoid exhausting CXL 1614 * resources (leading to recovery failure) in the event that we're up 1615 * against the maximum number of contexts limit. For similar reasons, 1616 * a context recovery is retried if there are multiple recoveries taking 1617 * place at the same time and the failure was due to CXL services being 1618 * unable to keep up. 1619 * 1620 * As this routine is called on ioctl context, it holds the ioctl r/w 1621 * semaphore that is used to drain ioctls in recovery scenarios. The 1622 * implementation to achieve the pacing described above (a local mutex) 1623 * requires that the ioctl r/w semaphore be dropped and reacquired to 1624 * avoid a 3-way deadlock when multiple process recoveries operate in 1625 * parallel. 1626 * 1627 * Because a user can detect an error condition before the kernel, it is 1628 * quite possible for this routine to act as the kernel's EEH detection 1629 * source (MMIO read of mbox_r). Because of this, there is a window of 1630 * time where an EEH might have been detected but not yet 'serviced' 1631 * (callback invoked, causing the device to enter reset state). To avoid 1632 * looping in this routine during that window, a 1 second sleep is in place 1633 * between the time the MMIO failure is detected and the time a wait on the 1634 * reset wait queue is attempted via check_state(). 1635 * 1636 * Return: 0 on success, -errno on failure 1637 */ 1638 static int cxlflash_afu_recover(struct scsi_device *sdev, 1639 struct dk_cxlflash_recover_afu *recover) 1640 { 1641 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1642 struct device *dev = &cfg->dev->dev; 1643 struct llun_info *lli = sdev->hostdata; 1644 struct afu *afu = cfg->afu; 1645 struct ctx_info *ctxi = NULL; 1646 struct mutex *mutex = &cfg->ctx_recovery_mutex; 1647 struct hwq *hwq = get_hwq(afu, PRIMARY_HWQ); 1648 u64 flags; 1649 u64 ctxid = DECODE_CTXID(recover->context_id), 1650 rctxid = recover->context_id; 1651 long reg; 1652 bool locked = true; 1653 int lretry = 20; /* up to 2 seconds */ 1654 int new_adap_fd = -1; 1655 int rc = 0; 1656 1657 atomic_inc(&cfg->recovery_threads); 1658 up_read(&cfg->ioctl_rwsem); 1659 rc = mutex_lock_interruptible(mutex); 1660 down_read(&cfg->ioctl_rwsem); 1661 if (rc) { 1662 locked = false; 1663 goto out; 1664 } 1665 1666 rc = check_state(cfg); 1667 if (rc) { 1668 dev_err(dev, "%s: Failed state rc=%d\n", __func__, rc); 1669 rc = -ENODEV; 1670 goto out; 1671 } 1672 1673 dev_dbg(dev, "%s: reason=%016llx rctxid=%016llx\n", 1674 __func__, recover->reason, rctxid); 1675 1676 retry: 1677 /* Ensure that this process is attached to the context */ 1678 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 1679 if (unlikely(!ctxi)) { 1680 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1681 rc = -EINVAL; 1682 goto out; 1683 } 1684 1685 if (ctxi->err_recovery_active) { 1686 retry_recover: 1687 rc = recover_context(cfg, ctxi, &new_adap_fd); 1688 if (unlikely(rc)) { 1689 dev_err(dev, "%s: Recovery failed ctxid=%llu rc=%d\n", 1690 __func__, ctxid, rc); 1691 if ((rc == -ENODEV) && 1692 ((atomic_read(&cfg->recovery_threads) > 1) || 1693 (lretry--))) { 1694 dev_dbg(dev, "%s: Going to try again\n", 1695 __func__); 1696 mutex_unlock(mutex); 1697 msleep(100); 1698 rc = mutex_lock_interruptible(mutex); 1699 if (rc) { 1700 locked = false; 1701 goto out; 1702 } 1703 goto retry_recover; 1704 } 1705 1706 goto out; 1707 } 1708 1709 ctxi->err_recovery_active = false; 1710 1711 flags = DK_CXLFLASH_APP_CLOSE_ADAP_FD | 1712 DK_CXLFLASH_RECOVER_AFU_CONTEXT_RESET; 1713 if (afu_is_sq_cmd_mode(afu)) 1714 flags |= DK_CXLFLASH_CONTEXT_SQ_CMD_MODE; 1715 1716 recover->hdr.return_flags = flags; 1717 recover->context_id = ctxi->ctxid; 1718 recover->adap_fd = new_adap_fd; 1719 recover->mmio_size = sizeof(afu->afu_map->hosts[0].harea); 1720 goto out; 1721 } 1722 1723 /* Test if in error state */ 1724 reg = readq_be(&hwq->ctrl_map->mbox_r); 1725 if (reg == -1) { 1726 dev_dbg(dev, "%s: MMIO fail, wait for recovery.\n", __func__); 1727 1728 /* 1729 * Before checking the state, put back the context obtained with 1730 * get_context() as it is no longer needed and sleep for a short 1731 * period of time (see prolog notes). 1732 */ 1733 put_context(ctxi); 1734 ctxi = NULL; 1735 ssleep(1); 1736 rc = check_state(cfg); 1737 if (unlikely(rc)) 1738 goto out; 1739 goto retry; 1740 } 1741 1742 dev_dbg(dev, "%s: MMIO working, no recovery required\n", __func__); 1743 out: 1744 if (likely(ctxi)) 1745 put_context(ctxi); 1746 if (locked) 1747 mutex_unlock(mutex); 1748 atomic_dec_if_positive(&cfg->recovery_threads); 1749 return rc; 1750 } 1751 1752 /** 1753 * process_sense() - evaluates and processes sense data 1754 * @sdev: SCSI device associated with LUN. 1755 * @verify: Verify ioctl data structure. 1756 * 1757 * Return: 0 on success, -errno on failure 1758 */ 1759 static int process_sense(struct scsi_device *sdev, 1760 struct dk_cxlflash_verify *verify) 1761 { 1762 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1763 struct device *dev = &cfg->dev->dev; 1764 struct llun_info *lli = sdev->hostdata; 1765 struct glun_info *gli = lli->parent; 1766 u64 prev_lba = gli->max_lba; 1767 struct scsi_sense_hdr sshdr = { 0 }; 1768 int rc = 0; 1769 1770 rc = scsi_normalize_sense((const u8 *)&verify->sense_data, 1771 DK_CXLFLASH_VERIFY_SENSE_LEN, &sshdr); 1772 if (!rc) { 1773 dev_err(dev, "%s: Failed to normalize sense data\n", __func__); 1774 rc = -EINVAL; 1775 goto out; 1776 } 1777 1778 switch (sshdr.sense_key) { 1779 case NO_SENSE: 1780 case RECOVERED_ERROR: 1781 /* fall through */ 1782 case NOT_READY: 1783 break; 1784 case UNIT_ATTENTION: 1785 switch (sshdr.asc) { 1786 case 0x29: /* Power on Reset or Device Reset */ 1787 /* fall through */ 1788 case 0x2A: /* Device settings/capacity changed */ 1789 rc = read_cap16(sdev, lli); 1790 if (rc) { 1791 rc = -ENODEV; 1792 break; 1793 } 1794 if (prev_lba != gli->max_lba) 1795 dev_dbg(dev, "%s: Capacity changed old=%lld " 1796 "new=%lld\n", __func__, prev_lba, 1797 gli->max_lba); 1798 break; 1799 case 0x3F: /* Report LUNs changed, Rescan. */ 1800 scsi_scan_host(cfg->host); 1801 break; 1802 default: 1803 rc = -EIO; 1804 break; 1805 } 1806 break; 1807 default: 1808 rc = -EIO; 1809 break; 1810 } 1811 out: 1812 dev_dbg(dev, "%s: sense_key %x asc %x ascq %x rc %d\n", __func__, 1813 sshdr.sense_key, sshdr.asc, sshdr.ascq, rc); 1814 return rc; 1815 } 1816 1817 /** 1818 * cxlflash_disk_verify() - verifies a LUN is the same and handle size changes 1819 * @sdev: SCSI device associated with LUN. 1820 * @verify: Verify ioctl data structure. 1821 * 1822 * Return: 0 on success, -errno on failure 1823 */ 1824 static int cxlflash_disk_verify(struct scsi_device *sdev, 1825 struct dk_cxlflash_verify *verify) 1826 { 1827 int rc = 0; 1828 struct ctx_info *ctxi = NULL; 1829 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1830 struct device *dev = &cfg->dev->dev; 1831 struct llun_info *lli = sdev->hostdata; 1832 struct glun_info *gli = lli->parent; 1833 struct sisl_rht_entry *rhte = NULL; 1834 res_hndl_t rhndl = verify->rsrc_handle; 1835 u64 ctxid = DECODE_CTXID(verify->context_id), 1836 rctxid = verify->context_id; 1837 u64 last_lba = 0; 1838 1839 dev_dbg(dev, "%s: ctxid=%llu rhndl=%016llx, hint=%016llx, " 1840 "flags=%016llx\n", __func__, ctxid, verify->rsrc_handle, 1841 verify->hint, verify->hdr.flags); 1842 1843 ctxi = get_context(cfg, rctxid, lli, 0); 1844 if (unlikely(!ctxi)) { 1845 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1846 rc = -EINVAL; 1847 goto out; 1848 } 1849 1850 rhte = get_rhte(ctxi, rhndl, lli); 1851 if (unlikely(!rhte)) { 1852 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 1853 __func__, rhndl); 1854 rc = -EINVAL; 1855 goto out; 1856 } 1857 1858 /* 1859 * Look at the hint/sense to see if it requires us to redrive 1860 * inquiry (i.e. the Unit attention is due to the WWN changing). 1861 */ 1862 if (verify->hint & DK_CXLFLASH_VERIFY_HINT_SENSE) { 1863 /* Can't hold mutex across process_sense/read_cap16, 1864 * since we could have an intervening EEH event. 1865 */ 1866 ctxi->unavail = true; 1867 mutex_unlock(&ctxi->mutex); 1868 rc = process_sense(sdev, verify); 1869 if (unlikely(rc)) { 1870 dev_err(dev, "%s: Failed to validate sense data (%d)\n", 1871 __func__, rc); 1872 mutex_lock(&ctxi->mutex); 1873 ctxi->unavail = false; 1874 goto out; 1875 } 1876 mutex_lock(&ctxi->mutex); 1877 ctxi->unavail = false; 1878 } 1879 1880 switch (gli->mode) { 1881 case MODE_PHYSICAL: 1882 last_lba = gli->max_lba; 1883 break; 1884 case MODE_VIRTUAL: 1885 /* Cast lxt_cnt to u64 for multiply to be treated as 64bit op */ 1886 last_lba = ((u64)rhte->lxt_cnt * MC_CHUNK_SIZE * gli->blk_len); 1887 last_lba /= CXLFLASH_BLOCK_SIZE; 1888 last_lba--; 1889 break; 1890 default: 1891 WARN(1, "Unsupported LUN mode!"); 1892 } 1893 1894 verify->last_lba = last_lba; 1895 1896 out: 1897 if (likely(ctxi)) 1898 put_context(ctxi); 1899 dev_dbg(dev, "%s: returning rc=%d llba=%llx\n", 1900 __func__, rc, verify->last_lba); 1901 return rc; 1902 } 1903 1904 /** 1905 * decode_ioctl() - translates an encoded ioctl to an easily identifiable string 1906 * @cmd: The ioctl command to decode. 1907 * 1908 * Return: A string identifying the decoded ioctl. 1909 */ 1910 static char *decode_ioctl(int cmd) 1911 { 1912 switch (cmd) { 1913 case DK_CXLFLASH_ATTACH: 1914 return __stringify_1(DK_CXLFLASH_ATTACH); 1915 case DK_CXLFLASH_USER_DIRECT: 1916 return __stringify_1(DK_CXLFLASH_USER_DIRECT); 1917 case DK_CXLFLASH_USER_VIRTUAL: 1918 return __stringify_1(DK_CXLFLASH_USER_VIRTUAL); 1919 case DK_CXLFLASH_VLUN_RESIZE: 1920 return __stringify_1(DK_CXLFLASH_VLUN_RESIZE); 1921 case DK_CXLFLASH_RELEASE: 1922 return __stringify_1(DK_CXLFLASH_RELEASE); 1923 case DK_CXLFLASH_DETACH: 1924 return __stringify_1(DK_CXLFLASH_DETACH); 1925 case DK_CXLFLASH_VERIFY: 1926 return __stringify_1(DK_CXLFLASH_VERIFY); 1927 case DK_CXLFLASH_VLUN_CLONE: 1928 return __stringify_1(DK_CXLFLASH_VLUN_CLONE); 1929 case DK_CXLFLASH_RECOVER_AFU: 1930 return __stringify_1(DK_CXLFLASH_RECOVER_AFU); 1931 case DK_CXLFLASH_MANAGE_LUN: 1932 return __stringify_1(DK_CXLFLASH_MANAGE_LUN); 1933 } 1934 1935 return "UNKNOWN"; 1936 } 1937 1938 /** 1939 * cxlflash_disk_direct_open() - opens a direct (physical) disk 1940 * @sdev: SCSI device associated with LUN. 1941 * @arg: UDirect ioctl data structure. 1942 * 1943 * On successful return, the user is informed of the resource handle 1944 * to be used to identify the direct lun and the size (in blocks) of 1945 * the direct lun in last LBA format. 1946 * 1947 * Return: 0 on success, -errno on failure 1948 */ 1949 static int cxlflash_disk_direct_open(struct scsi_device *sdev, void *arg) 1950 { 1951 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1952 struct device *dev = &cfg->dev->dev; 1953 struct afu *afu = cfg->afu; 1954 struct llun_info *lli = sdev->hostdata; 1955 struct glun_info *gli = lli->parent; 1956 struct dk_cxlflash_release rel = { { 0 }, 0 }; 1957 1958 struct dk_cxlflash_udirect *pphys = (struct dk_cxlflash_udirect *)arg; 1959 1960 u64 ctxid = DECODE_CTXID(pphys->context_id), 1961 rctxid = pphys->context_id; 1962 u64 lun_size = 0; 1963 u64 last_lba = 0; 1964 u64 rsrc_handle = -1; 1965 u32 port = CHAN2PORTMASK(sdev->channel); 1966 1967 int rc = 0; 1968 1969 struct ctx_info *ctxi = NULL; 1970 struct sisl_rht_entry *rhte = NULL; 1971 1972 dev_dbg(dev, "%s: ctxid=%llu ls=%llu\n", __func__, ctxid, lun_size); 1973 1974 rc = cxlflash_lun_attach(gli, MODE_PHYSICAL, false); 1975 if (unlikely(rc)) { 1976 dev_dbg(dev, "%s: Failed attach to LUN (PHYSICAL)\n", __func__); 1977 goto out; 1978 } 1979 1980 ctxi = get_context(cfg, rctxid, lli, 0); 1981 if (unlikely(!ctxi)) { 1982 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1983 rc = -EINVAL; 1984 goto err1; 1985 } 1986 1987 rhte = rhte_checkout(ctxi, lli); 1988 if (unlikely(!rhte)) { 1989 dev_dbg(dev, "%s: Too many opens ctxid=%lld\n", 1990 __func__, ctxid); 1991 rc = -EMFILE; /* too many opens */ 1992 goto err1; 1993 } 1994 1995 rsrc_handle = (rhte - ctxi->rht_start); 1996 1997 rht_format1(rhte, lli->lun_id[sdev->channel], ctxi->rht_perms, port); 1998 1999 last_lba = gli->max_lba; 2000 pphys->hdr.return_flags = 0; 2001 pphys->last_lba = last_lba; 2002 pphys->rsrc_handle = rsrc_handle; 2003 2004 rc = cxlflash_afu_sync(afu, ctxid, rsrc_handle, AFU_LW_SYNC); 2005 if (unlikely(rc)) { 2006 dev_dbg(dev, "%s: AFU sync failed rc=%d\n", __func__, rc); 2007 goto err2; 2008 } 2009 2010 out: 2011 if (likely(ctxi)) 2012 put_context(ctxi); 2013 dev_dbg(dev, "%s: returning handle=%llu rc=%d llba=%llu\n", 2014 __func__, rsrc_handle, rc, last_lba); 2015 return rc; 2016 2017 err2: 2018 marshal_udir_to_rele(pphys, &rel); 2019 _cxlflash_disk_release(sdev, ctxi, &rel); 2020 goto out; 2021 err1: 2022 cxlflash_lun_detach(gli); 2023 goto out; 2024 } 2025 2026 /** 2027 * ioctl_common() - common IOCTL handler for driver 2028 * @sdev: SCSI device associated with LUN. 2029 * @cmd: IOCTL command. 2030 * 2031 * Handles common fencing operations that are valid for multiple ioctls. Always 2032 * allow through ioctls that are cleanup oriented in nature, even when operating 2033 * in a failed/terminating state. 2034 * 2035 * Return: 0 on success, -errno on failure 2036 */ 2037 static int ioctl_common(struct scsi_device *sdev, int cmd) 2038 { 2039 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 2040 struct device *dev = &cfg->dev->dev; 2041 struct llun_info *lli = sdev->hostdata; 2042 int rc = 0; 2043 2044 if (unlikely(!lli)) { 2045 dev_dbg(dev, "%s: Unknown LUN\n", __func__); 2046 rc = -EINVAL; 2047 goto out; 2048 } 2049 2050 rc = check_state(cfg); 2051 if (unlikely(rc) && (cfg->state == STATE_FAILTERM)) { 2052 switch (cmd) { 2053 case DK_CXLFLASH_VLUN_RESIZE: 2054 case DK_CXLFLASH_RELEASE: 2055 case DK_CXLFLASH_DETACH: 2056 dev_dbg(dev, "%s: Command override rc=%d\n", 2057 __func__, rc); 2058 rc = 0; 2059 break; 2060 } 2061 } 2062 out: 2063 return rc; 2064 } 2065 2066 /** 2067 * cxlflash_ioctl() - IOCTL handler for driver 2068 * @sdev: SCSI device associated with LUN. 2069 * @cmd: IOCTL command. 2070 * @arg: Userspace ioctl data structure. 2071 * 2072 * A read/write semaphore is used to implement a 'drain' of currently 2073 * running ioctls. The read semaphore is taken at the beginning of each 2074 * ioctl thread and released upon concluding execution. Additionally the 2075 * semaphore should be released and then reacquired in any ioctl execution 2076 * path which will wait for an event to occur that is outside the scope of 2077 * the ioctl (i.e. an adapter reset). To drain the ioctls currently running, 2078 * a thread simply needs to acquire the write semaphore. 2079 * 2080 * Return: 0 on success, -errno on failure 2081 */ 2082 int cxlflash_ioctl(struct scsi_device *sdev, int cmd, void __user *arg) 2083 { 2084 typedef int (*sioctl) (struct scsi_device *, void *); 2085 2086 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 2087 struct device *dev = &cfg->dev->dev; 2088 struct afu *afu = cfg->afu; 2089 struct dk_cxlflash_hdr *hdr; 2090 char buf[sizeof(union cxlflash_ioctls)]; 2091 size_t size = 0; 2092 bool known_ioctl = false; 2093 int idx; 2094 int rc = 0; 2095 struct Scsi_Host *shost = sdev->host; 2096 sioctl do_ioctl = NULL; 2097 2098 static const struct { 2099 size_t size; 2100 sioctl ioctl; 2101 } ioctl_tbl[] = { /* NOTE: order matters here */ 2102 {sizeof(struct dk_cxlflash_attach), (sioctl)cxlflash_disk_attach}, 2103 {sizeof(struct dk_cxlflash_udirect), cxlflash_disk_direct_open}, 2104 {sizeof(struct dk_cxlflash_release), (sioctl)cxlflash_disk_release}, 2105 {sizeof(struct dk_cxlflash_detach), (sioctl)cxlflash_disk_detach}, 2106 {sizeof(struct dk_cxlflash_verify), (sioctl)cxlflash_disk_verify}, 2107 {sizeof(struct dk_cxlflash_recover_afu), (sioctl)cxlflash_afu_recover}, 2108 {sizeof(struct dk_cxlflash_manage_lun), (sioctl)cxlflash_manage_lun}, 2109 {sizeof(struct dk_cxlflash_uvirtual), cxlflash_disk_virtual_open}, 2110 {sizeof(struct dk_cxlflash_resize), (sioctl)cxlflash_vlun_resize}, 2111 {sizeof(struct dk_cxlflash_clone), (sioctl)cxlflash_disk_clone}, 2112 }; 2113 2114 /* Hold read semaphore so we can drain if needed */ 2115 down_read(&cfg->ioctl_rwsem); 2116 2117 /* Restrict command set to physical support only for internal LUN */ 2118 if (afu->internal_lun) 2119 switch (cmd) { 2120 case DK_CXLFLASH_RELEASE: 2121 case DK_CXLFLASH_USER_VIRTUAL: 2122 case DK_CXLFLASH_VLUN_RESIZE: 2123 case DK_CXLFLASH_VLUN_CLONE: 2124 dev_dbg(dev, "%s: %s not supported for lun_mode=%d\n", 2125 __func__, decode_ioctl(cmd), afu->internal_lun); 2126 rc = -EINVAL; 2127 goto cxlflash_ioctl_exit; 2128 } 2129 2130 switch (cmd) { 2131 case DK_CXLFLASH_ATTACH: 2132 case DK_CXLFLASH_USER_DIRECT: 2133 case DK_CXLFLASH_RELEASE: 2134 case DK_CXLFLASH_DETACH: 2135 case DK_CXLFLASH_VERIFY: 2136 case DK_CXLFLASH_RECOVER_AFU: 2137 case DK_CXLFLASH_USER_VIRTUAL: 2138 case DK_CXLFLASH_VLUN_RESIZE: 2139 case DK_CXLFLASH_VLUN_CLONE: 2140 dev_dbg(dev, "%s: %s (%08X) on dev(%d/%d/%d/%llu)\n", 2141 __func__, decode_ioctl(cmd), cmd, shost->host_no, 2142 sdev->channel, sdev->id, sdev->lun); 2143 rc = ioctl_common(sdev, cmd); 2144 if (unlikely(rc)) 2145 goto cxlflash_ioctl_exit; 2146 2147 /* fall through */ 2148 2149 case DK_CXLFLASH_MANAGE_LUN: 2150 known_ioctl = true; 2151 idx = _IOC_NR(cmd) - _IOC_NR(DK_CXLFLASH_ATTACH); 2152 size = ioctl_tbl[idx].size; 2153 do_ioctl = ioctl_tbl[idx].ioctl; 2154 2155 if (likely(do_ioctl)) 2156 break; 2157 2158 /* fall through */ 2159 default: 2160 rc = -EINVAL; 2161 goto cxlflash_ioctl_exit; 2162 } 2163 2164 if (unlikely(copy_from_user(&buf, arg, size))) { 2165 dev_err(dev, "%s: copy_from_user() fail " 2166 "size=%lu cmd=%d (%s) arg=%p\n", 2167 __func__, size, cmd, decode_ioctl(cmd), arg); 2168 rc = -EFAULT; 2169 goto cxlflash_ioctl_exit; 2170 } 2171 2172 hdr = (struct dk_cxlflash_hdr *)&buf; 2173 if (hdr->version != DK_CXLFLASH_VERSION_0) { 2174 dev_dbg(dev, "%s: Version %u not supported for %s\n", 2175 __func__, hdr->version, decode_ioctl(cmd)); 2176 rc = -EINVAL; 2177 goto cxlflash_ioctl_exit; 2178 } 2179 2180 if (hdr->rsvd[0] || hdr->rsvd[1] || hdr->rsvd[2] || hdr->return_flags) { 2181 dev_dbg(dev, "%s: Reserved/rflags populated\n", __func__); 2182 rc = -EINVAL; 2183 goto cxlflash_ioctl_exit; 2184 } 2185 2186 rc = do_ioctl(sdev, (void *)&buf); 2187 if (likely(!rc)) 2188 if (unlikely(copy_to_user(arg, &buf, size))) { 2189 dev_err(dev, "%s: copy_to_user() fail " 2190 "size=%lu cmd=%d (%s) arg=%p\n", 2191 __func__, size, cmd, decode_ioctl(cmd), arg); 2192 rc = -EFAULT; 2193 } 2194 2195 /* fall through to exit */ 2196 2197 cxlflash_ioctl_exit: 2198 up_read(&cfg->ioctl_rwsem); 2199 if (unlikely(rc && known_ioctl)) 2200 dev_err(dev, "%s: ioctl %s (%08X) on dev(%d/%d/%d/%llu) " 2201 "returned rc %d\n", __func__, 2202 decode_ioctl(cmd), cmd, shost->host_no, 2203 sdev->channel, sdev->id, sdev->lun, rc); 2204 else 2205 dev_dbg(dev, "%s: ioctl %s (%08X) on dev(%d/%d/%d/%llu) " 2206 "returned rc %d\n", __func__, decode_ioctl(cmd), 2207 cmd, shost->host_no, sdev->channel, sdev->id, 2208 sdev->lun, rc); 2209 return rc; 2210 } 2211