1 /* 2 * This file is provided under a dual BSD/GPLv2 license. When using or 3 * redistributing this file, you may do so under either license. 4 * 5 * GPL LICENSE SUMMARY 6 * 7 * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved. 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of version 2 of the GNU General Public License as 11 * published by the Free Software Foundation. 12 * 13 * This program is distributed in the hope that it will be useful, but 14 * WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. 21 * The full GNU General Public License is included in this distribution 22 * in the file called LICENSE.GPL. 23 * 24 * BSD LICENSE 25 * 26 * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved. 27 * All rights reserved. 28 * 29 * Redistribution and use in source and binary forms, with or without 30 * modification, are permitted provided that the following conditions 31 * are met: 32 * 33 * * Redistributions of source code must retain the above copyright 34 * notice, this list of conditions and the following disclaimer. 35 * * Redistributions in binary form must reproduce the above copyright 36 * notice, this list of conditions and the following disclaimer in 37 * the documentation and/or other materials provided with the 38 * distribution. 39 * * Neither the name of Intel Corporation nor the names of its 40 * contributors may be used to endorse or promote products derived 41 * from this software without specific prior written permission. 42 * 43 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 44 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 45 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 46 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 47 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 48 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 49 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 50 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 51 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 52 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 53 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 54 */ 55 56 #include <linux/completion.h> 57 #include <linux/irqflags.h> 58 #include "sas.h" 59 #include <scsi/libsas.h> 60 #include "remote_device.h" 61 #include "remote_node_context.h" 62 #include "isci.h" 63 #include "request.h" 64 #include "task.h" 65 #include "host.h" 66 67 /** 68 * isci_task_refuse() - complete the request to the upper layer driver in 69 * the case where an I/O needs to be completed back in the submit path. 70 * @ihost: host on which the the request was queued 71 * @task: request to complete 72 * @response: response code for the completed task. 73 * @status: status code for the completed task. 74 * 75 */ 76 static void isci_task_refuse(struct isci_host *ihost, struct sas_task *task, 77 enum service_response response, 78 enum exec_status status) 79 80 { 81 enum isci_completion_selection disposition; 82 83 disposition = isci_perform_normal_io_completion; 84 disposition = isci_task_set_completion_status(task, response, status, 85 disposition); 86 87 /* Tasks aborted specifically by a call to the lldd_abort_task 88 * function should not be completed to the host in the regular path. 89 */ 90 switch (disposition) { 91 case isci_perform_normal_io_completion: 92 /* Normal notification (task_done) */ 93 dev_dbg(&ihost->pdev->dev, 94 "%s: Normal - task = %p, response=%d, " 95 "status=%d\n", 96 __func__, task, response, status); 97 98 task->lldd_task = NULL; 99 100 isci_execpath_callback(ihost, task, task->task_done); 101 break; 102 103 case isci_perform_aborted_io_completion: 104 /* 105 * No notification because this request is already in the 106 * abort path. 107 */ 108 dev_dbg(&ihost->pdev->dev, 109 "%s: Aborted - task = %p, response=%d, " 110 "status=%d\n", 111 __func__, task, response, status); 112 break; 113 114 case isci_perform_error_io_completion: 115 /* Use sas_task_abort */ 116 dev_dbg(&ihost->pdev->dev, 117 "%s: Error - task = %p, response=%d, " 118 "status=%d\n", 119 __func__, task, response, status); 120 121 isci_execpath_callback(ihost, task, sas_task_abort); 122 break; 123 124 default: 125 dev_dbg(&ihost->pdev->dev, 126 "%s: isci task notification default case!", 127 __func__); 128 sas_task_abort(task); 129 break; 130 } 131 } 132 133 #define for_each_sas_task(num, task) \ 134 for (; num > 0; num--,\ 135 task = list_entry(task->list.next, struct sas_task, list)) 136 137 138 static inline int isci_device_io_ready(struct isci_remote_device *idev, 139 struct sas_task *task) 140 { 141 return idev ? test_bit(IDEV_IO_READY, &idev->flags) || 142 (test_bit(IDEV_IO_NCQERROR, &idev->flags) && 143 isci_task_is_ncq_recovery(task)) 144 : 0; 145 } 146 /** 147 * isci_task_execute_task() - This function is one of the SAS Domain Template 148 * functions. This function is called by libsas to send a task down to 149 * hardware. 150 * @task: This parameter specifies the SAS task to send. 151 * @num: This parameter specifies the number of tasks to queue. 152 * @gfp_flags: This parameter specifies the context of this call. 153 * 154 * status, zero indicates success. 155 */ 156 int isci_task_execute_task(struct sas_task *task, int num, gfp_t gfp_flags) 157 { 158 struct isci_host *ihost = dev_to_ihost(task->dev); 159 struct isci_remote_device *idev; 160 unsigned long flags; 161 bool io_ready; 162 u16 tag; 163 164 dev_dbg(&ihost->pdev->dev, "%s: num=%d\n", __func__, num); 165 166 for_each_sas_task(num, task) { 167 enum sci_status status = SCI_FAILURE; 168 169 spin_lock_irqsave(&ihost->scic_lock, flags); 170 idev = isci_lookup_device(task->dev); 171 io_ready = isci_device_io_ready(idev, task); 172 tag = isci_alloc_tag(ihost); 173 spin_unlock_irqrestore(&ihost->scic_lock, flags); 174 175 dev_dbg(&ihost->pdev->dev, 176 "task: %p, num: %d dev: %p idev: %p:%#lx cmd = %p\n", 177 task, num, task->dev, idev, idev ? idev->flags : 0, 178 task->uldd_task); 179 180 if (!idev) { 181 isci_task_refuse(ihost, task, SAS_TASK_UNDELIVERED, 182 SAS_DEVICE_UNKNOWN); 183 } else if (!io_ready || tag == SCI_CONTROLLER_INVALID_IO_TAG) { 184 /* Indicate QUEUE_FULL so that the scsi midlayer 185 * retries. 186 */ 187 isci_task_refuse(ihost, task, SAS_TASK_COMPLETE, 188 SAS_QUEUE_FULL); 189 } else { 190 /* There is a device and it's ready for I/O. */ 191 spin_lock_irqsave(&task->task_state_lock, flags); 192 193 if (task->task_state_flags & SAS_TASK_STATE_ABORTED) { 194 /* The I/O was aborted. */ 195 spin_unlock_irqrestore(&task->task_state_lock, 196 flags); 197 198 isci_task_refuse(ihost, task, 199 SAS_TASK_UNDELIVERED, 200 SAM_STAT_TASK_ABORTED); 201 } else { 202 task->task_state_flags |= SAS_TASK_AT_INITIATOR; 203 spin_unlock_irqrestore(&task->task_state_lock, flags); 204 205 /* build and send the request. */ 206 status = isci_request_execute(ihost, idev, task, tag); 207 208 if (status != SCI_SUCCESS) { 209 210 spin_lock_irqsave(&task->task_state_lock, flags); 211 /* Did not really start this command. */ 212 task->task_state_flags &= ~SAS_TASK_AT_INITIATOR; 213 spin_unlock_irqrestore(&task->task_state_lock, flags); 214 215 /* Indicate QUEUE_FULL so that the scsi 216 * midlayer retries. if the request 217 * failed for remote device reasons, 218 * it gets returned as 219 * SAS_TASK_UNDELIVERED next time 220 * through. 221 */ 222 isci_task_refuse(ihost, task, 223 SAS_TASK_COMPLETE, 224 SAS_QUEUE_FULL); 225 } 226 } 227 } 228 if (status != SCI_SUCCESS && tag != SCI_CONTROLLER_INVALID_IO_TAG) { 229 spin_lock_irqsave(&ihost->scic_lock, flags); 230 /* command never hit the device, so just free 231 * the tci and skip the sequence increment 232 */ 233 isci_tci_free(ihost, ISCI_TAG_TCI(tag)); 234 spin_unlock_irqrestore(&ihost->scic_lock, flags); 235 } 236 isci_put_device(idev); 237 } 238 return 0; 239 } 240 241 static enum sci_status isci_sata_management_task_request_build(struct isci_request *ireq) 242 { 243 struct isci_tmf *isci_tmf; 244 enum sci_status status; 245 246 if (tmf_task != ireq->ttype) 247 return SCI_FAILURE; 248 249 isci_tmf = isci_request_access_tmf(ireq); 250 251 switch (isci_tmf->tmf_code) { 252 253 case isci_tmf_sata_srst_high: 254 case isci_tmf_sata_srst_low: { 255 struct host_to_dev_fis *fis = &ireq->stp.cmd; 256 257 memset(fis, 0, sizeof(*fis)); 258 259 fis->fis_type = 0x27; 260 fis->flags &= ~0x80; 261 fis->flags &= 0xF0; 262 if (isci_tmf->tmf_code == isci_tmf_sata_srst_high) 263 fis->control |= ATA_SRST; 264 else 265 fis->control &= ~ATA_SRST; 266 break; 267 } 268 /* other management commnd go here... */ 269 default: 270 return SCI_FAILURE; 271 } 272 273 /* core builds the protocol specific request 274 * based on the h2d fis. 275 */ 276 status = sci_task_request_construct_sata(ireq); 277 278 return status; 279 } 280 281 static struct isci_request *isci_task_request_build(struct isci_host *ihost, 282 struct isci_remote_device *idev, 283 u16 tag, struct isci_tmf *isci_tmf) 284 { 285 enum sci_status status = SCI_FAILURE; 286 struct isci_request *ireq = NULL; 287 struct domain_device *dev; 288 289 dev_dbg(&ihost->pdev->dev, 290 "%s: isci_tmf = %p\n", __func__, isci_tmf); 291 292 dev = idev->domain_dev; 293 294 /* do common allocation and init of request object. */ 295 ireq = isci_tmf_request_from_tag(ihost, isci_tmf, tag); 296 if (!ireq) 297 return NULL; 298 299 /* let the core do it's construct. */ 300 status = sci_task_request_construct(ihost, idev, tag, 301 ireq); 302 303 if (status != SCI_SUCCESS) { 304 dev_warn(&ihost->pdev->dev, 305 "%s: sci_task_request_construct failed - " 306 "status = 0x%x\n", 307 __func__, 308 status); 309 return NULL; 310 } 311 312 /* XXX convert to get this from task->tproto like other drivers */ 313 if (dev->dev_type == SAS_END_DEV) { 314 isci_tmf->proto = SAS_PROTOCOL_SSP; 315 status = sci_task_request_construct_ssp(ireq); 316 if (status != SCI_SUCCESS) 317 return NULL; 318 } 319 320 if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP)) { 321 isci_tmf->proto = SAS_PROTOCOL_SATA; 322 status = isci_sata_management_task_request_build(ireq); 323 324 if (status != SCI_SUCCESS) 325 return NULL; 326 } 327 return ireq; 328 } 329 330 static int isci_task_execute_tmf(struct isci_host *ihost, 331 struct isci_remote_device *idev, 332 struct isci_tmf *tmf, unsigned long timeout_ms) 333 { 334 DECLARE_COMPLETION_ONSTACK(completion); 335 enum sci_task_status status = SCI_TASK_FAILURE; 336 struct isci_request *ireq; 337 int ret = TMF_RESP_FUNC_FAILED; 338 unsigned long flags; 339 unsigned long timeleft; 340 u16 tag; 341 342 spin_lock_irqsave(&ihost->scic_lock, flags); 343 tag = isci_alloc_tag(ihost); 344 spin_unlock_irqrestore(&ihost->scic_lock, flags); 345 346 if (tag == SCI_CONTROLLER_INVALID_IO_TAG) 347 return ret; 348 349 /* sanity check, return TMF_RESP_FUNC_FAILED 350 * if the device is not there and ready. 351 */ 352 if (!idev || 353 (!test_bit(IDEV_IO_READY, &idev->flags) && 354 !test_bit(IDEV_IO_NCQERROR, &idev->flags))) { 355 dev_dbg(&ihost->pdev->dev, 356 "%s: idev = %p not ready (%#lx)\n", 357 __func__, 358 idev, idev ? idev->flags : 0); 359 goto err_tci; 360 } else 361 dev_dbg(&ihost->pdev->dev, 362 "%s: idev = %p\n", 363 __func__, idev); 364 365 /* Assign the pointer to the TMF's completion kernel wait structure. */ 366 tmf->complete = &completion; 367 368 ireq = isci_task_request_build(ihost, idev, tag, tmf); 369 if (!ireq) 370 goto err_tci; 371 372 spin_lock_irqsave(&ihost->scic_lock, flags); 373 374 /* start the TMF io. */ 375 status = sci_controller_start_task(ihost, idev, ireq); 376 377 if (status != SCI_TASK_SUCCESS) { 378 dev_dbg(&ihost->pdev->dev, 379 "%s: start_io failed - status = 0x%x, request = %p\n", 380 __func__, 381 status, 382 ireq); 383 spin_unlock_irqrestore(&ihost->scic_lock, flags); 384 goto err_tci; 385 } 386 387 if (tmf->cb_state_func != NULL) 388 tmf->cb_state_func(isci_tmf_started, tmf, tmf->cb_data); 389 390 isci_request_change_state(ireq, started); 391 392 /* add the request to the remote device request list. */ 393 list_add(&ireq->dev_node, &idev->reqs_in_process); 394 395 spin_unlock_irqrestore(&ihost->scic_lock, flags); 396 397 /* Wait for the TMF to complete, or a timeout. */ 398 timeleft = wait_for_completion_timeout(&completion, 399 msecs_to_jiffies(timeout_ms)); 400 401 if (timeleft == 0) { 402 spin_lock_irqsave(&ihost->scic_lock, flags); 403 404 if (tmf->cb_state_func != NULL) 405 tmf->cb_state_func(isci_tmf_timed_out, tmf, tmf->cb_data); 406 407 sci_controller_terminate_request(ihost, 408 idev, 409 ireq); 410 411 spin_unlock_irqrestore(&ihost->scic_lock, flags); 412 413 wait_for_completion(tmf->complete); 414 } 415 416 isci_print_tmf(tmf); 417 418 if (tmf->status == SCI_SUCCESS) 419 ret = TMF_RESP_FUNC_COMPLETE; 420 else if (tmf->status == SCI_FAILURE_IO_RESPONSE_VALID) { 421 dev_dbg(&ihost->pdev->dev, 422 "%s: tmf.status == " 423 "SCI_FAILURE_IO_RESPONSE_VALID\n", 424 __func__); 425 ret = TMF_RESP_FUNC_COMPLETE; 426 } 427 /* Else - leave the default "failed" status alone. */ 428 429 dev_dbg(&ihost->pdev->dev, 430 "%s: completed request = %p\n", 431 __func__, 432 ireq); 433 434 return ret; 435 436 err_tci: 437 spin_lock_irqsave(&ihost->scic_lock, flags); 438 isci_tci_free(ihost, ISCI_TAG_TCI(tag)); 439 spin_unlock_irqrestore(&ihost->scic_lock, flags); 440 441 return ret; 442 } 443 444 static void isci_task_build_tmf(struct isci_tmf *tmf, 445 enum isci_tmf_function_codes code, 446 void (*tmf_sent_cb)(enum isci_tmf_cb_state, 447 struct isci_tmf *, 448 void *), 449 void *cb_data) 450 { 451 memset(tmf, 0, sizeof(*tmf)); 452 453 tmf->tmf_code = code; 454 tmf->cb_state_func = tmf_sent_cb; 455 tmf->cb_data = cb_data; 456 } 457 458 static void isci_task_build_abort_task_tmf(struct isci_tmf *tmf, 459 enum isci_tmf_function_codes code, 460 void (*tmf_sent_cb)(enum isci_tmf_cb_state, 461 struct isci_tmf *, 462 void *), 463 struct isci_request *old_request) 464 { 465 isci_task_build_tmf(tmf, code, tmf_sent_cb, old_request); 466 tmf->io_tag = old_request->io_tag; 467 } 468 469 /** 470 * isci_task_validate_request_to_abort() - This function checks the given I/O 471 * against the "started" state. If the request is still "started", it's 472 * state is changed to aborted. NOTE: isci_host->scic_lock MUST BE HELD 473 * BEFORE CALLING THIS FUNCTION. 474 * @isci_request: This parameter specifies the request object to control. 475 * @isci_host: This parameter specifies the ISCI host object 476 * @isci_device: This is the device to which the request is pending. 477 * @aborted_io_completion: This is a completion structure that will be added to 478 * the request in case it is changed to aborting; this completion is 479 * triggered when the request is fully completed. 480 * 481 * Either "started" on successful change of the task status to "aborted", or 482 * "unallocated" if the task cannot be controlled. 483 */ 484 static enum isci_request_status isci_task_validate_request_to_abort( 485 struct isci_request *isci_request, 486 struct isci_host *isci_host, 487 struct isci_remote_device *isci_device, 488 struct completion *aborted_io_completion) 489 { 490 enum isci_request_status old_state = unallocated; 491 492 /* Only abort the task if it's in the 493 * device's request_in_process list 494 */ 495 if (isci_request && !list_empty(&isci_request->dev_node)) { 496 old_state = isci_request_change_started_to_aborted( 497 isci_request, aborted_io_completion); 498 499 } 500 501 return old_state; 502 } 503 504 /** 505 * isci_request_cleanup_completed_loiterer() - This function will take care of 506 * the final cleanup on any request which has been explicitly terminated. 507 * @isci_host: This parameter specifies the ISCI host object 508 * @isci_device: This is the device to which the request is pending. 509 * @isci_request: This parameter specifies the terminated request object. 510 * @task: This parameter is the libsas I/O request. 511 */ 512 static void isci_request_cleanup_completed_loiterer( 513 struct isci_host *isci_host, 514 struct isci_remote_device *isci_device, 515 struct isci_request *isci_request, 516 struct sas_task *task) 517 { 518 unsigned long flags; 519 520 dev_dbg(&isci_host->pdev->dev, 521 "%s: isci_device=%p, request=%p, task=%p\n", 522 __func__, isci_device, isci_request, task); 523 524 if (task != NULL) { 525 526 spin_lock_irqsave(&task->task_state_lock, flags); 527 task->lldd_task = NULL; 528 529 task->task_state_flags &= ~SAS_TASK_NEED_DEV_RESET; 530 531 isci_set_task_doneflags(task); 532 533 /* If this task is not in the abort path, call task_done. */ 534 if (!(task->task_state_flags & SAS_TASK_STATE_ABORTED)) { 535 536 spin_unlock_irqrestore(&task->task_state_lock, flags); 537 task->task_done(task); 538 } else 539 spin_unlock_irqrestore(&task->task_state_lock, flags); 540 } 541 542 if (isci_request != NULL) { 543 spin_lock_irqsave(&isci_host->scic_lock, flags); 544 list_del_init(&isci_request->dev_node); 545 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 546 } 547 } 548 549 /** 550 * isci_terminate_request_core() - This function will terminate the given 551 * request, and wait for it to complete. This function must only be called 552 * from a thread that can wait. Note that the request is terminated and 553 * completed (back to the host, if started there). 554 * @ihost: This SCU. 555 * @idev: The target. 556 * @isci_request: The I/O request to be terminated. 557 * 558 */ 559 static void isci_terminate_request_core(struct isci_host *ihost, 560 struct isci_remote_device *idev, 561 struct isci_request *isci_request) 562 { 563 enum sci_status status = SCI_SUCCESS; 564 bool was_terminated = false; 565 bool needs_cleanup_handling = false; 566 enum isci_request_status request_status; 567 unsigned long flags; 568 unsigned long termination_completed = 1; 569 struct completion *io_request_completion; 570 struct sas_task *task; 571 572 dev_dbg(&ihost->pdev->dev, 573 "%s: device = %p; request = %p\n", 574 __func__, idev, isci_request); 575 576 spin_lock_irqsave(&ihost->scic_lock, flags); 577 578 io_request_completion = isci_request->io_request_completion; 579 580 task = (isci_request->ttype == io_task) 581 ? isci_request_access_task(isci_request) 582 : NULL; 583 584 /* Note that we are not going to control 585 * the target to abort the request. 586 */ 587 set_bit(IREQ_COMPLETE_IN_TARGET, &isci_request->flags); 588 589 /* Make sure the request wasn't just sitting around signalling 590 * device condition (if the request handle is NULL, then the 591 * request completed but needed additional handling here). 592 */ 593 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) { 594 was_terminated = true; 595 needs_cleanup_handling = true; 596 status = sci_controller_terminate_request(ihost, 597 idev, 598 isci_request); 599 } 600 spin_unlock_irqrestore(&ihost->scic_lock, flags); 601 602 /* 603 * The only time the request to terminate will 604 * fail is when the io request is completed and 605 * being aborted. 606 */ 607 if (status != SCI_SUCCESS) { 608 dev_dbg(&ihost->pdev->dev, 609 "%s: sci_controller_terminate_request" 610 " returned = 0x%x\n", 611 __func__, status); 612 613 isci_request->io_request_completion = NULL; 614 615 } else { 616 if (was_terminated) { 617 dev_dbg(&ihost->pdev->dev, 618 "%s: before completion wait (%p/%p)\n", 619 __func__, isci_request, io_request_completion); 620 621 /* Wait here for the request to complete. */ 622 #define TERMINATION_TIMEOUT_MSEC 500 623 termination_completed 624 = wait_for_completion_timeout( 625 io_request_completion, 626 msecs_to_jiffies(TERMINATION_TIMEOUT_MSEC)); 627 628 if (!termination_completed) { 629 630 /* The request to terminate has timed out. */ 631 spin_lock_irqsave(&ihost->scic_lock, 632 flags); 633 634 /* Check for state changes. */ 635 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) { 636 637 /* The best we can do is to have the 638 * request die a silent death if it 639 * ever really completes. 640 * 641 * Set the request state to "dead", 642 * and clear the task pointer so that 643 * an actual completion event callback 644 * doesn't do anything. 645 */ 646 isci_request->status = dead; 647 isci_request->io_request_completion 648 = NULL; 649 650 if (isci_request->ttype == io_task) { 651 652 /* Break links with the 653 * sas_task. 654 */ 655 isci_request->ttype_ptr.io_task_ptr 656 = NULL; 657 } 658 } else 659 termination_completed = 1; 660 661 spin_unlock_irqrestore(&ihost->scic_lock, 662 flags); 663 664 if (!termination_completed) { 665 666 dev_dbg(&ihost->pdev->dev, 667 "%s: *** Timeout waiting for " 668 "termination(%p/%p)\n", 669 __func__, io_request_completion, 670 isci_request); 671 672 /* The request can no longer be referenced 673 * safely since it may go away if the 674 * termination every really does complete. 675 */ 676 isci_request = NULL; 677 } 678 } 679 if (termination_completed) 680 dev_dbg(&ihost->pdev->dev, 681 "%s: after completion wait (%p/%p)\n", 682 __func__, isci_request, io_request_completion); 683 } 684 685 if (termination_completed) { 686 687 isci_request->io_request_completion = NULL; 688 689 /* Peek at the status of the request. This will tell 690 * us if there was special handling on the request such that it 691 * needs to be detached and freed here. 692 */ 693 spin_lock_irqsave(&isci_request->state_lock, flags); 694 request_status = isci_request->status; 695 696 if ((isci_request->ttype == io_task) /* TMFs are in their own thread */ 697 && ((request_status == aborted) 698 || (request_status == aborting) 699 || (request_status == terminating) 700 || (request_status == completed) 701 || (request_status == dead) 702 ) 703 ) { 704 705 /* The completion routine won't free a request in 706 * the aborted/aborting/etc. states, so we do 707 * it here. 708 */ 709 needs_cleanup_handling = true; 710 } 711 spin_unlock_irqrestore(&isci_request->state_lock, flags); 712 713 } 714 if (needs_cleanup_handling) 715 isci_request_cleanup_completed_loiterer( 716 ihost, idev, isci_request, task); 717 } 718 } 719 720 /** 721 * isci_terminate_pending_requests() - This function will change the all of the 722 * requests on the given device's state to "aborting", will terminate the 723 * requests, and wait for them to complete. This function must only be 724 * called from a thread that can wait. Note that the requests are all 725 * terminated and completed (back to the host, if started there). 726 * @isci_host: This parameter specifies SCU. 727 * @idev: This parameter specifies the target. 728 * 729 */ 730 void isci_terminate_pending_requests(struct isci_host *ihost, 731 struct isci_remote_device *idev) 732 { 733 struct completion request_completion; 734 enum isci_request_status old_state; 735 unsigned long flags; 736 LIST_HEAD(list); 737 738 spin_lock_irqsave(&ihost->scic_lock, flags); 739 list_splice_init(&idev->reqs_in_process, &list); 740 741 /* assumes that isci_terminate_request_core deletes from the list */ 742 while (!list_empty(&list)) { 743 struct isci_request *ireq = list_entry(list.next, typeof(*ireq), dev_node); 744 745 /* Change state to "terminating" if it is currently 746 * "started". 747 */ 748 old_state = isci_request_change_started_to_newstate(ireq, 749 &request_completion, 750 terminating); 751 switch (old_state) { 752 case started: 753 case completed: 754 case aborting: 755 break; 756 default: 757 /* termination in progress, or otherwise dispositioned. 758 * We know the request was on 'list' so should be safe 759 * to move it back to reqs_in_process 760 */ 761 list_move(&ireq->dev_node, &idev->reqs_in_process); 762 ireq = NULL; 763 break; 764 } 765 766 if (!ireq) 767 continue; 768 spin_unlock_irqrestore(&ihost->scic_lock, flags); 769 770 init_completion(&request_completion); 771 772 dev_dbg(&ihost->pdev->dev, 773 "%s: idev=%p request=%p; task=%p old_state=%d\n", 774 __func__, idev, ireq, 775 ireq->ttype == io_task ? isci_request_access_task(ireq) : NULL, 776 old_state); 777 778 /* If the old_state is started: 779 * This request was not already being aborted. If it had been, 780 * then the aborting I/O (ie. the TMF request) would not be in 781 * the aborting state, and thus would be terminated here. Note 782 * that since the TMF completion's call to the kernel function 783 * "complete()" does not happen until the pending I/O request 784 * terminate fully completes, we do not have to implement a 785 * special wait here for already aborting requests - the 786 * termination of the TMF request will force the request 787 * to finish it's already started terminate. 788 * 789 * If old_state == completed: 790 * This request completed from the SCU hardware perspective 791 * and now just needs cleaning up in terms of freeing the 792 * request and potentially calling up to libsas. 793 * 794 * If old_state == aborting: 795 * This request has already gone through a TMF timeout, but may 796 * not have been terminated; needs cleaning up at least. 797 */ 798 isci_terminate_request_core(ihost, idev, ireq); 799 spin_lock_irqsave(&ihost->scic_lock, flags); 800 } 801 spin_unlock_irqrestore(&ihost->scic_lock, flags); 802 } 803 804 /** 805 * isci_task_send_lu_reset_sas() - This function is called by of the SAS Domain 806 * Template functions. 807 * @lun: This parameter specifies the lun to be reset. 808 * 809 * status, zero indicates success. 810 */ 811 static int isci_task_send_lu_reset_sas( 812 struct isci_host *isci_host, 813 struct isci_remote_device *isci_device, 814 u8 *lun) 815 { 816 struct isci_tmf tmf; 817 int ret = TMF_RESP_FUNC_FAILED; 818 819 dev_dbg(&isci_host->pdev->dev, 820 "%s: isci_host = %p, isci_device = %p\n", 821 __func__, isci_host, isci_device); 822 /* Send the LUN reset to the target. By the time the call returns, 823 * the TMF has fully exected in the target (in which case the return 824 * value is "TMF_RESP_FUNC_COMPLETE", or the request timed-out (or 825 * was otherwise unable to be executed ("TMF_RESP_FUNC_FAILED"). 826 */ 827 isci_task_build_tmf(&tmf, isci_tmf_ssp_lun_reset, NULL, NULL); 828 829 #define ISCI_LU_RESET_TIMEOUT_MS 2000 /* 2 second timeout. */ 830 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, ISCI_LU_RESET_TIMEOUT_MS); 831 832 if (ret == TMF_RESP_FUNC_COMPLETE) 833 dev_dbg(&isci_host->pdev->dev, 834 "%s: %p: TMF_LU_RESET passed\n", 835 __func__, isci_device); 836 else 837 dev_dbg(&isci_host->pdev->dev, 838 "%s: %p: TMF_LU_RESET failed (%x)\n", 839 __func__, isci_device, ret); 840 841 return ret; 842 } 843 844 static int isci_task_send_lu_reset_sata(struct isci_host *ihost, 845 struct isci_remote_device *idev, u8 *lun) 846 { 847 int ret = TMF_RESP_FUNC_FAILED; 848 struct isci_tmf tmf; 849 850 /* Send the soft reset to the target */ 851 #define ISCI_SRST_TIMEOUT_MS 25000 /* 25 second timeout. */ 852 isci_task_build_tmf(&tmf, isci_tmf_sata_srst_high, NULL, NULL); 853 854 ret = isci_task_execute_tmf(ihost, idev, &tmf, ISCI_SRST_TIMEOUT_MS); 855 856 if (ret != TMF_RESP_FUNC_COMPLETE) { 857 dev_dbg(&ihost->pdev->dev, 858 "%s: Assert SRST failed (%p) = %x", 859 __func__, idev, ret); 860 861 /* Return the failure so that the LUN reset is escalated 862 * to a target reset. 863 */ 864 } 865 return ret; 866 } 867 868 /** 869 * isci_task_lu_reset() - This function is one of the SAS Domain Template 870 * functions. This is one of the Task Management functoins called by libsas, 871 * to reset the given lun. Note the assumption that while this call is 872 * executing, no I/O will be sent by the host to the device. 873 * @lun: This parameter specifies the lun to be reset. 874 * 875 * status, zero indicates success. 876 */ 877 int isci_task_lu_reset(struct domain_device *domain_device, u8 *lun) 878 { 879 struct isci_host *isci_host = dev_to_ihost(domain_device); 880 struct isci_remote_device *isci_device; 881 unsigned long flags; 882 int ret; 883 884 spin_lock_irqsave(&isci_host->scic_lock, flags); 885 isci_device = isci_lookup_device(domain_device); 886 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 887 888 dev_dbg(&isci_host->pdev->dev, 889 "%s: domain_device=%p, isci_host=%p; isci_device=%p\n", 890 __func__, domain_device, isci_host, isci_device); 891 892 if (isci_device) 893 set_bit(IDEV_EH, &isci_device->flags); 894 895 /* If there is a device reset pending on any request in the 896 * device's list, fail this LUN reset request in order to 897 * escalate to the device reset. 898 */ 899 if (!isci_device || 900 isci_device_is_reset_pending(isci_host, isci_device)) { 901 dev_dbg(&isci_host->pdev->dev, 902 "%s: No dev (%p), or " 903 "RESET PENDING: domain_device=%p\n", 904 __func__, isci_device, domain_device); 905 ret = TMF_RESP_FUNC_FAILED; 906 goto out; 907 } 908 909 /* Send the task management part of the reset. */ 910 if (sas_protocol_ata(domain_device->tproto)) { 911 ret = isci_task_send_lu_reset_sata(isci_host, isci_device, lun); 912 } else 913 ret = isci_task_send_lu_reset_sas(isci_host, isci_device, lun); 914 915 /* If the LUN reset worked, all the I/O can now be terminated. */ 916 if (ret == TMF_RESP_FUNC_COMPLETE) 917 /* Terminate all I/O now. */ 918 isci_terminate_pending_requests(isci_host, 919 isci_device); 920 921 out: 922 isci_put_device(isci_device); 923 return ret; 924 } 925 926 927 /* int (*lldd_clear_nexus_port)(struct asd_sas_port *); */ 928 int isci_task_clear_nexus_port(struct asd_sas_port *port) 929 { 930 return TMF_RESP_FUNC_FAILED; 931 } 932 933 934 935 int isci_task_clear_nexus_ha(struct sas_ha_struct *ha) 936 { 937 return TMF_RESP_FUNC_FAILED; 938 } 939 940 /* Task Management Functions. Must be called from process context. */ 941 942 /** 943 * isci_abort_task_process_cb() - This is a helper function for the abort task 944 * TMF command. It manages the request state with respect to the successful 945 * transmission / completion of the abort task request. 946 * @cb_state: This parameter specifies when this function was called - after 947 * the TMF request has been started and after it has timed-out. 948 * @tmf: This parameter specifies the TMF in progress. 949 * 950 * 951 */ 952 static void isci_abort_task_process_cb( 953 enum isci_tmf_cb_state cb_state, 954 struct isci_tmf *tmf, 955 void *cb_data) 956 { 957 struct isci_request *old_request; 958 959 old_request = (struct isci_request *)cb_data; 960 961 dev_dbg(&old_request->isci_host->pdev->dev, 962 "%s: tmf=%p, old_request=%p\n", 963 __func__, tmf, old_request); 964 965 switch (cb_state) { 966 967 case isci_tmf_started: 968 /* The TMF has been started. Nothing to do here, since the 969 * request state was already set to "aborted" by the abort 970 * task function. 971 */ 972 if ((old_request->status != aborted) 973 && (old_request->status != completed)) 974 dev_dbg(&old_request->isci_host->pdev->dev, 975 "%s: Bad request status (%d): tmf=%p, old_request=%p\n", 976 __func__, old_request->status, tmf, old_request); 977 break; 978 979 case isci_tmf_timed_out: 980 981 /* Set the task's state to "aborting", since the abort task 982 * function thread set it to "aborted" (above) in anticipation 983 * of the task management request working correctly. Since the 984 * timeout has now fired, the TMF request failed. We set the 985 * state such that the request completion will indicate the 986 * device is no longer present. 987 */ 988 isci_request_change_state(old_request, aborting); 989 break; 990 991 default: 992 dev_dbg(&old_request->isci_host->pdev->dev, 993 "%s: Bad cb_state (%d): tmf=%p, old_request=%p\n", 994 __func__, cb_state, tmf, old_request); 995 break; 996 } 997 } 998 999 /** 1000 * isci_task_abort_task() - This function is one of the SAS Domain Template 1001 * functions. This function is called by libsas to abort a specified task. 1002 * @task: This parameter specifies the SAS task to abort. 1003 * 1004 * status, zero indicates success. 1005 */ 1006 int isci_task_abort_task(struct sas_task *task) 1007 { 1008 struct isci_host *isci_host = dev_to_ihost(task->dev); 1009 DECLARE_COMPLETION_ONSTACK(aborted_io_completion); 1010 struct isci_request *old_request = NULL; 1011 enum isci_request_status old_state; 1012 struct isci_remote_device *isci_device = NULL; 1013 struct isci_tmf tmf; 1014 int ret = TMF_RESP_FUNC_FAILED; 1015 unsigned long flags; 1016 bool any_dev_reset = false; 1017 1018 /* Get the isci_request reference from the task. Note that 1019 * this check does not depend on the pending request list 1020 * in the device, because tasks driving resets may land here 1021 * after completion in the core. 1022 */ 1023 spin_lock_irqsave(&isci_host->scic_lock, flags); 1024 spin_lock(&task->task_state_lock); 1025 1026 old_request = task->lldd_task; 1027 1028 /* If task is already done, the request isn't valid */ 1029 if (!(task->task_state_flags & SAS_TASK_STATE_DONE) && 1030 (task->task_state_flags & SAS_TASK_AT_INITIATOR) && 1031 old_request) 1032 isci_device = isci_lookup_device(task->dev); 1033 1034 spin_unlock(&task->task_state_lock); 1035 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1036 1037 dev_dbg(&isci_host->pdev->dev, 1038 "%s: task = %p\n", __func__, task); 1039 1040 if (!isci_device || !old_request) 1041 goto out; 1042 1043 set_bit(IDEV_EH, &isci_device->flags); 1044 1045 /* This version of the driver will fail abort requests for 1046 * SATA/STP. Failing the abort request this way will cause the 1047 * SCSI error handler thread to escalate to LUN reset 1048 */ 1049 if (sas_protocol_ata(task->task_proto)) { 1050 dev_dbg(&isci_host->pdev->dev, 1051 " task %p is for a STP/SATA device;" 1052 " returning TMF_RESP_FUNC_FAILED\n" 1053 " to cause a LUN reset...\n", task); 1054 goto out; 1055 } 1056 1057 dev_dbg(&isci_host->pdev->dev, 1058 "%s: old_request == %p\n", __func__, old_request); 1059 1060 any_dev_reset = isci_device_is_reset_pending(isci_host, isci_device); 1061 1062 spin_lock_irqsave(&task->task_state_lock, flags); 1063 1064 any_dev_reset = any_dev_reset || (task->task_state_flags & SAS_TASK_NEED_DEV_RESET); 1065 1066 /* If the extraction of the request reference from the task 1067 * failed, then the request has been completed (or if there is a 1068 * pending reset then this abort request function must be failed 1069 * in order to escalate to the target reset). 1070 */ 1071 if ((old_request == NULL) || any_dev_reset) { 1072 1073 /* If the device reset task flag is set, fail the task 1074 * management request. Otherwise, the original request 1075 * has completed. 1076 */ 1077 if (any_dev_reset) { 1078 1079 /* Turn off the task's DONE to make sure this 1080 * task is escalated to a target reset. 1081 */ 1082 task->task_state_flags &= ~SAS_TASK_STATE_DONE; 1083 1084 /* Make the reset happen as soon as possible. */ 1085 task->task_state_flags |= SAS_TASK_NEED_DEV_RESET; 1086 1087 spin_unlock_irqrestore(&task->task_state_lock, flags); 1088 1089 /* Fail the task management request in order to 1090 * escalate to the target reset. 1091 */ 1092 ret = TMF_RESP_FUNC_FAILED; 1093 1094 dev_dbg(&isci_host->pdev->dev, 1095 "%s: Failing task abort in order to " 1096 "escalate to target reset because\n" 1097 "SAS_TASK_NEED_DEV_RESET is set for " 1098 "task %p on dev %p\n", 1099 __func__, task, isci_device); 1100 1101 1102 } else { 1103 /* The request has already completed and there 1104 * is nothing to do here other than to set the task 1105 * done bit, and indicate that the task abort function 1106 * was sucessful. 1107 */ 1108 isci_set_task_doneflags(task); 1109 1110 spin_unlock_irqrestore(&task->task_state_lock, flags); 1111 1112 ret = TMF_RESP_FUNC_COMPLETE; 1113 1114 dev_dbg(&isci_host->pdev->dev, 1115 "%s: abort task not needed for %p\n", 1116 __func__, task); 1117 } 1118 goto out; 1119 } else { 1120 spin_unlock_irqrestore(&task->task_state_lock, flags); 1121 } 1122 1123 spin_lock_irqsave(&isci_host->scic_lock, flags); 1124 1125 /* Check the request status and change to "aborted" if currently 1126 * "starting"; if true then set the I/O kernel completion 1127 * struct that will be triggered when the request completes. 1128 */ 1129 old_state = isci_task_validate_request_to_abort( 1130 old_request, isci_host, isci_device, 1131 &aborted_io_completion); 1132 if ((old_state != started) && 1133 (old_state != completed) && 1134 (old_state != aborting)) { 1135 1136 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1137 1138 /* The request was already being handled by someone else (because 1139 * they got to set the state away from started). 1140 */ 1141 dev_dbg(&isci_host->pdev->dev, 1142 "%s: device = %p; old_request %p already being aborted\n", 1143 __func__, 1144 isci_device, old_request); 1145 ret = TMF_RESP_FUNC_COMPLETE; 1146 goto out; 1147 } 1148 if (task->task_proto == SAS_PROTOCOL_SMP || 1149 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) { 1150 1151 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1152 1153 dev_dbg(&isci_host->pdev->dev, 1154 "%s: SMP request (%d)" 1155 " or complete_in_target (%d), thus no TMF\n", 1156 __func__, (task->task_proto == SAS_PROTOCOL_SMP), 1157 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)); 1158 1159 /* Set the state on the task. */ 1160 isci_task_all_done(task); 1161 1162 ret = TMF_RESP_FUNC_COMPLETE; 1163 1164 /* Stopping and SMP devices are not sent a TMF, and are not 1165 * reset, but the outstanding I/O request is terminated below. 1166 */ 1167 } else { 1168 /* Fill in the tmf stucture */ 1169 isci_task_build_abort_task_tmf(&tmf, isci_tmf_ssp_task_abort, 1170 isci_abort_task_process_cb, 1171 old_request); 1172 1173 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1174 1175 #define ISCI_ABORT_TASK_TIMEOUT_MS 500 /* half second timeout. */ 1176 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, 1177 ISCI_ABORT_TASK_TIMEOUT_MS); 1178 1179 if (ret != TMF_RESP_FUNC_COMPLETE) 1180 dev_dbg(&isci_host->pdev->dev, 1181 "%s: isci_task_send_tmf failed\n", 1182 __func__); 1183 } 1184 if (ret == TMF_RESP_FUNC_COMPLETE) { 1185 set_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags); 1186 1187 /* Clean up the request on our side, and wait for the aborted 1188 * I/O to complete. 1189 */ 1190 isci_terminate_request_core(isci_host, isci_device, old_request); 1191 } 1192 1193 /* Make sure we do not leave a reference to aborted_io_completion */ 1194 old_request->io_request_completion = NULL; 1195 out: 1196 isci_put_device(isci_device); 1197 return ret; 1198 } 1199 1200 /** 1201 * isci_task_abort_task_set() - This function is one of the SAS Domain Template 1202 * functions. This is one of the Task Management functoins called by libsas, 1203 * to abort all task for the given lun. 1204 * @d_device: This parameter specifies the domain device associated with this 1205 * request. 1206 * @lun: This parameter specifies the lun associated with this request. 1207 * 1208 * status, zero indicates success. 1209 */ 1210 int isci_task_abort_task_set( 1211 struct domain_device *d_device, 1212 u8 *lun) 1213 { 1214 return TMF_RESP_FUNC_FAILED; 1215 } 1216 1217 1218 /** 1219 * isci_task_clear_aca() - This function is one of the SAS Domain Template 1220 * functions. This is one of the Task Management functoins called by libsas. 1221 * @d_device: This parameter specifies the domain device associated with this 1222 * request. 1223 * @lun: This parameter specifies the lun associated with this request. 1224 * 1225 * status, zero indicates success. 1226 */ 1227 int isci_task_clear_aca( 1228 struct domain_device *d_device, 1229 u8 *lun) 1230 { 1231 return TMF_RESP_FUNC_FAILED; 1232 } 1233 1234 1235 1236 /** 1237 * isci_task_clear_task_set() - This function is one of the SAS Domain Template 1238 * functions. This is one of the Task Management functoins called by libsas. 1239 * @d_device: This parameter specifies the domain device associated with this 1240 * request. 1241 * @lun: This parameter specifies the lun associated with this request. 1242 * 1243 * status, zero indicates success. 1244 */ 1245 int isci_task_clear_task_set( 1246 struct domain_device *d_device, 1247 u8 *lun) 1248 { 1249 return TMF_RESP_FUNC_FAILED; 1250 } 1251 1252 1253 /** 1254 * isci_task_query_task() - This function is implemented to cause libsas to 1255 * correctly escalate the failed abort to a LUN or target reset (this is 1256 * because sas_scsi_find_task libsas function does not correctly interpret 1257 * all return codes from the abort task call). When TMF_RESP_FUNC_SUCC is 1258 * returned, libsas turns this into a LUN reset; when FUNC_FAILED is 1259 * returned, libsas will turn this into a target reset 1260 * @task: This parameter specifies the sas task being queried. 1261 * @lun: This parameter specifies the lun associated with this request. 1262 * 1263 * status, zero indicates success. 1264 */ 1265 int isci_task_query_task( 1266 struct sas_task *task) 1267 { 1268 /* See if there is a pending device reset for this device. */ 1269 if (task->task_state_flags & SAS_TASK_NEED_DEV_RESET) 1270 return TMF_RESP_FUNC_FAILED; 1271 else 1272 return TMF_RESP_FUNC_SUCC; 1273 } 1274 1275 /* 1276 * isci_task_request_complete() - This function is called by the sci core when 1277 * an task request completes. 1278 * @ihost: This parameter specifies the ISCI host object 1279 * @ireq: This parameter is the completed isci_request object. 1280 * @completion_status: This parameter specifies the completion status from the 1281 * sci core. 1282 * 1283 * none. 1284 */ 1285 void 1286 isci_task_request_complete(struct isci_host *ihost, 1287 struct isci_request *ireq, 1288 enum sci_task_status completion_status) 1289 { 1290 struct isci_tmf *tmf = isci_request_access_tmf(ireq); 1291 struct completion *tmf_complete; 1292 1293 dev_dbg(&ihost->pdev->dev, 1294 "%s: request = %p, status=%d\n", 1295 __func__, ireq, completion_status); 1296 1297 isci_request_change_state(ireq, completed); 1298 1299 tmf->status = completion_status; 1300 set_bit(IREQ_COMPLETE_IN_TARGET, &ireq->flags); 1301 1302 if (tmf->proto == SAS_PROTOCOL_SSP) { 1303 memcpy(&tmf->resp.resp_iu, 1304 &ireq->ssp.rsp, 1305 SSP_RESP_IU_MAX_SIZE); 1306 } else if (tmf->proto == SAS_PROTOCOL_SATA) { 1307 memcpy(&tmf->resp.d2h_fis, 1308 &ireq->stp.rsp, 1309 sizeof(struct dev_to_host_fis)); 1310 } 1311 1312 /* PRINT_TMF( ((struct isci_tmf *)request->task)); */ 1313 tmf_complete = tmf->complete; 1314 1315 sci_controller_complete_io(ihost, ireq->target_device, ireq); 1316 /* set the 'terminated' flag handle to make sure it cannot be terminated 1317 * or completed again. 1318 */ 1319 set_bit(IREQ_TERMINATED, &ireq->flags); 1320 1321 isci_request_change_state(ireq, unallocated); 1322 list_del_init(&ireq->dev_node); 1323 1324 /* The task management part completes last. */ 1325 complete(tmf_complete); 1326 } 1327 1328 static void isci_smp_task_timedout(unsigned long _task) 1329 { 1330 struct sas_task *task = (void *) _task; 1331 unsigned long flags; 1332 1333 spin_lock_irqsave(&task->task_state_lock, flags); 1334 if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) 1335 task->task_state_flags |= SAS_TASK_STATE_ABORTED; 1336 spin_unlock_irqrestore(&task->task_state_lock, flags); 1337 1338 complete(&task->completion); 1339 } 1340 1341 static void isci_smp_task_done(struct sas_task *task) 1342 { 1343 if (!del_timer(&task->timer)) 1344 return; 1345 complete(&task->completion); 1346 } 1347 1348 static struct sas_task *isci_alloc_task(void) 1349 { 1350 struct sas_task *task = kzalloc(sizeof(*task), GFP_KERNEL); 1351 1352 if (task) { 1353 INIT_LIST_HEAD(&task->list); 1354 spin_lock_init(&task->task_state_lock); 1355 task->task_state_flags = SAS_TASK_STATE_PENDING; 1356 init_timer(&task->timer); 1357 init_completion(&task->completion); 1358 } 1359 1360 return task; 1361 } 1362 1363 static void isci_free_task(struct isci_host *ihost, struct sas_task *task) 1364 { 1365 if (task) { 1366 BUG_ON(!list_empty(&task->list)); 1367 kfree(task); 1368 } 1369 } 1370 1371 static int isci_smp_execute_task(struct isci_host *ihost, 1372 struct domain_device *dev, void *req, 1373 int req_size, void *resp, int resp_size) 1374 { 1375 int res, retry; 1376 struct sas_task *task = NULL; 1377 1378 for (retry = 0; retry < 3; retry++) { 1379 task = isci_alloc_task(); 1380 if (!task) 1381 return -ENOMEM; 1382 1383 task->dev = dev; 1384 task->task_proto = dev->tproto; 1385 sg_init_one(&task->smp_task.smp_req, req, req_size); 1386 sg_init_one(&task->smp_task.smp_resp, resp, resp_size); 1387 1388 task->task_done = isci_smp_task_done; 1389 1390 task->timer.data = (unsigned long) task; 1391 task->timer.function = isci_smp_task_timedout; 1392 task->timer.expires = jiffies + 10*HZ; 1393 add_timer(&task->timer); 1394 1395 res = isci_task_execute_task(task, 1, GFP_KERNEL); 1396 1397 if (res) { 1398 del_timer(&task->timer); 1399 dev_dbg(&ihost->pdev->dev, 1400 "%s: executing SMP task failed:%d\n", 1401 __func__, res); 1402 goto ex_err; 1403 } 1404 1405 wait_for_completion(&task->completion); 1406 res = -ECOMM; 1407 if ((task->task_state_flags & SAS_TASK_STATE_ABORTED)) { 1408 dev_dbg(&ihost->pdev->dev, 1409 "%s: smp task timed out or aborted\n", 1410 __func__); 1411 isci_task_abort_task(task); 1412 if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) { 1413 dev_dbg(&ihost->pdev->dev, 1414 "%s: SMP task aborted and not done\n", 1415 __func__); 1416 goto ex_err; 1417 } 1418 } 1419 if (task->task_status.resp == SAS_TASK_COMPLETE && 1420 task->task_status.stat == SAM_STAT_GOOD) { 1421 res = 0; 1422 break; 1423 } 1424 if (task->task_status.resp == SAS_TASK_COMPLETE && 1425 task->task_status.stat == SAS_DATA_UNDERRUN) { 1426 /* no error, but return the number of bytes of 1427 * underrun */ 1428 res = task->task_status.residual; 1429 break; 1430 } 1431 if (task->task_status.resp == SAS_TASK_COMPLETE && 1432 task->task_status.stat == SAS_DATA_OVERRUN) { 1433 res = -EMSGSIZE; 1434 break; 1435 } else { 1436 dev_dbg(&ihost->pdev->dev, 1437 "%s: task to dev %016llx response: 0x%x " 1438 "status 0x%x\n", __func__, 1439 SAS_ADDR(dev->sas_addr), 1440 task->task_status.resp, 1441 task->task_status.stat); 1442 isci_free_task(ihost, task); 1443 task = NULL; 1444 } 1445 } 1446 ex_err: 1447 BUG_ON(retry == 3 && task != NULL); 1448 isci_free_task(ihost, task); 1449 return res; 1450 } 1451 1452 #define DISCOVER_REQ_SIZE 16 1453 #define DISCOVER_RESP_SIZE 56 1454 1455 int isci_smp_get_phy_attached_dev_type(struct isci_host *ihost, 1456 struct domain_device *dev, 1457 int phy_id, int *adt) 1458 { 1459 struct smp_resp *disc_resp; 1460 u8 *disc_req; 1461 int res; 1462 1463 disc_resp = kzalloc(DISCOVER_RESP_SIZE, GFP_KERNEL); 1464 if (!disc_resp) 1465 return -ENOMEM; 1466 1467 disc_req = kzalloc(DISCOVER_REQ_SIZE, GFP_KERNEL); 1468 if (disc_req) { 1469 disc_req[0] = SMP_REQUEST; 1470 disc_req[1] = SMP_DISCOVER; 1471 disc_req[9] = phy_id; 1472 } else { 1473 kfree(disc_resp); 1474 return -ENOMEM; 1475 } 1476 res = isci_smp_execute_task(ihost, dev, disc_req, DISCOVER_REQ_SIZE, 1477 disc_resp, DISCOVER_RESP_SIZE); 1478 if (!res) { 1479 if (disc_resp->result != SMP_RESP_FUNC_ACC) 1480 res = disc_resp->result; 1481 else 1482 *adt = disc_resp->disc.attached_dev_type; 1483 } 1484 kfree(disc_req); 1485 kfree(disc_resp); 1486 1487 return res; 1488 } 1489 1490 static void isci_wait_for_smp_phy_reset(struct isci_remote_device *idev, int phy_num) 1491 { 1492 struct domain_device *dev = idev->domain_dev; 1493 struct isci_port *iport = idev->isci_port; 1494 struct isci_host *ihost = iport->isci_host; 1495 int res, iteration = 0, attached_device_type; 1496 #define STP_WAIT_MSECS 25000 1497 unsigned long tmo = msecs_to_jiffies(STP_WAIT_MSECS); 1498 unsigned long deadline = jiffies + tmo; 1499 enum { 1500 SMP_PHYWAIT_PHYDOWN, 1501 SMP_PHYWAIT_PHYUP, 1502 SMP_PHYWAIT_DONE 1503 } phy_state = SMP_PHYWAIT_PHYDOWN; 1504 1505 /* While there is time, wait for the phy to go away and come back */ 1506 while (time_is_after_jiffies(deadline) && phy_state != SMP_PHYWAIT_DONE) { 1507 int event = atomic_read(&iport->event); 1508 1509 ++iteration; 1510 1511 tmo = wait_event_timeout(ihost->eventq, 1512 event != atomic_read(&iport->event) || 1513 !test_bit(IPORT_BCN_BLOCKED, &iport->flags), 1514 tmo); 1515 /* link down, stop polling */ 1516 if (!test_bit(IPORT_BCN_BLOCKED, &iport->flags)) 1517 break; 1518 1519 dev_dbg(&ihost->pdev->dev, 1520 "%s: iport %p, iteration %d," 1521 " phase %d: time_remaining %lu, bcns = %d\n", 1522 __func__, iport, iteration, phy_state, 1523 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags)); 1524 1525 res = isci_smp_get_phy_attached_dev_type(ihost, dev, phy_num, 1526 &attached_device_type); 1527 tmo = deadline - jiffies; 1528 1529 if (res) { 1530 dev_dbg(&ihost->pdev->dev, 1531 "%s: iteration %d, phase %d:" 1532 " SMP error=%d, time_remaining=%lu\n", 1533 __func__, iteration, phy_state, res, tmo); 1534 break; 1535 } 1536 dev_dbg(&ihost->pdev->dev, 1537 "%s: iport %p, iteration %d," 1538 " phase %d: time_remaining %lu, bcns = %d, " 1539 "attdevtype = %x\n", 1540 __func__, iport, iteration, phy_state, 1541 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags), 1542 attached_device_type); 1543 1544 switch (phy_state) { 1545 case SMP_PHYWAIT_PHYDOWN: 1546 /* Has the device gone away? */ 1547 if (!attached_device_type) 1548 phy_state = SMP_PHYWAIT_PHYUP; 1549 1550 break; 1551 1552 case SMP_PHYWAIT_PHYUP: 1553 /* Has the device come back? */ 1554 if (attached_device_type) 1555 phy_state = SMP_PHYWAIT_DONE; 1556 break; 1557 1558 case SMP_PHYWAIT_DONE: 1559 break; 1560 } 1561 1562 } 1563 dev_dbg(&ihost->pdev->dev, "%s: done\n", __func__); 1564 } 1565 1566 static int isci_reset_device(struct isci_host *ihost, 1567 struct isci_remote_device *idev) 1568 { 1569 struct sas_phy *phy = sas_find_local_phy(idev->domain_dev); 1570 struct isci_port *iport = idev->isci_port; 1571 enum sci_status status; 1572 unsigned long flags; 1573 int rc; 1574 1575 dev_dbg(&ihost->pdev->dev, "%s: idev %p\n", __func__, idev); 1576 1577 spin_lock_irqsave(&ihost->scic_lock, flags); 1578 status = sci_remote_device_reset(idev); 1579 if (status != SCI_SUCCESS) { 1580 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1581 1582 dev_dbg(&ihost->pdev->dev, 1583 "%s: sci_remote_device_reset(%p) returned %d!\n", 1584 __func__, idev, status); 1585 1586 return TMF_RESP_FUNC_FAILED; 1587 } 1588 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1589 1590 /* Make sure all pending requests are able to be fully terminated. */ 1591 isci_device_clear_reset_pending(ihost, idev); 1592 1593 /* If this is a device on an expander, disable BCN processing. */ 1594 if (!scsi_is_sas_phy_local(phy)) 1595 set_bit(IPORT_BCN_BLOCKED, &iport->flags); 1596 1597 rc = sas_phy_reset(phy, true); 1598 1599 /* Terminate in-progress I/O now. */ 1600 isci_remote_device_nuke_requests(ihost, idev); 1601 1602 /* Since all pending TCs have been cleaned, resume the RNC. */ 1603 spin_lock_irqsave(&ihost->scic_lock, flags); 1604 status = sci_remote_device_reset_complete(idev); 1605 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1606 1607 /* If this is a device on an expander, bring the phy back up. */ 1608 if (!scsi_is_sas_phy_local(phy)) { 1609 /* A phy reset will cause the device to go away then reappear. 1610 * Since libsas will take action on incoming BCNs (eg. remove 1611 * a device going through an SMP phy-control driven reset), 1612 * we need to wait until the phy comes back up before letting 1613 * discovery proceed in libsas. 1614 */ 1615 isci_wait_for_smp_phy_reset(idev, phy->number); 1616 1617 spin_lock_irqsave(&ihost->scic_lock, flags); 1618 isci_port_bcn_enable(ihost, idev->isci_port); 1619 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1620 } 1621 1622 if (status != SCI_SUCCESS) { 1623 dev_dbg(&ihost->pdev->dev, 1624 "%s: sci_remote_device_reset_complete(%p) " 1625 "returned %d!\n", __func__, idev, status); 1626 } 1627 1628 dev_dbg(&ihost->pdev->dev, "%s: idev %p complete.\n", __func__, idev); 1629 1630 return rc; 1631 } 1632 1633 int isci_task_I_T_nexus_reset(struct domain_device *dev) 1634 { 1635 struct isci_host *ihost = dev_to_ihost(dev); 1636 struct isci_remote_device *idev; 1637 unsigned long flags; 1638 int ret; 1639 1640 spin_lock_irqsave(&ihost->scic_lock, flags); 1641 idev = isci_lookup_device(dev); 1642 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1643 1644 if (!idev || !test_bit(IDEV_EH, &idev->flags)) { 1645 ret = TMF_RESP_FUNC_COMPLETE; 1646 goto out; 1647 } 1648 1649 ret = isci_reset_device(ihost, idev); 1650 out: 1651 isci_put_device(idev); 1652 return ret; 1653 } 1654 1655 int isci_bus_reset_handler(struct scsi_cmnd *cmd) 1656 { 1657 struct domain_device *dev = sdev_to_domain_dev(cmd->device); 1658 struct isci_host *ihost = dev_to_ihost(dev); 1659 struct isci_remote_device *idev; 1660 unsigned long flags; 1661 int ret; 1662 1663 spin_lock_irqsave(&ihost->scic_lock, flags); 1664 idev = isci_lookup_device(dev); 1665 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1666 1667 if (!idev) { 1668 ret = TMF_RESP_FUNC_COMPLETE; 1669 goto out; 1670 } 1671 1672 ret = isci_reset_device(ihost, idev); 1673 out: 1674 isci_put_device(idev); 1675 return ret; 1676 } 1677