xref: /openbmc/linux/drivers/scsi/libfc/fc_exch.c (revision 4800cd83)
1 /*
2  * Copyright(c) 2007 Intel Corporation. All rights reserved.
3  * Copyright(c) 2008 Red Hat, Inc.  All rights reserved.
4  * Copyright(c) 2008 Mike Christie
5  *
6  * This program is free software; you can redistribute it and/or modify it
7  * under the terms and conditions of the GNU General Public License,
8  * version 2, as published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope it will be useful, but WITHOUT
11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
13  * more details.
14  *
15  * You should have received a copy of the GNU General Public License along with
16  * this program; if not, write to the Free Software Foundation, Inc.,
17  * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Maintained at www.Open-FCoE.org
20  */
21 
22 /*
23  * Fibre Channel exchange and sequence handling.
24  */
25 
26 #include <linux/timer.h>
27 #include <linux/slab.h>
28 #include <linux/err.h>
29 
30 #include <scsi/fc/fc_fc2.h>
31 
32 #include <scsi/libfc.h>
33 #include <scsi/fc_encode.h>
34 
35 #include "fc_libfc.h"
36 
37 u16	fc_cpu_mask;		/* cpu mask for possible cpus */
38 EXPORT_SYMBOL(fc_cpu_mask);
39 static u16	fc_cpu_order;	/* 2's power to represent total possible cpus */
40 static struct kmem_cache *fc_em_cachep;	       /* cache for exchanges */
41 struct workqueue_struct *fc_exch_workqueue;
42 
43 /*
44  * Structure and function definitions for managing Fibre Channel Exchanges
45  * and Sequences.
46  *
47  * The three primary structures used here are fc_exch_mgr, fc_exch, and fc_seq.
48  *
49  * fc_exch_mgr holds the exchange state for an N port
50  *
51  * fc_exch holds state for one exchange and links to its active sequence.
52  *
53  * fc_seq holds the state for an individual sequence.
54  */
55 
56 /**
57  * struct fc_exch_pool - Per cpu exchange pool
58  * @next_index:	  Next possible free exchange index
59  * @total_exches: Total allocated exchanges
60  * @lock:	  Exch pool lock
61  * @ex_list:	  List of exchanges
62  *
63  * This structure manages per cpu exchanges in array of exchange pointers.
64  * This array is allocated followed by struct fc_exch_pool memory for
65  * assigned range of exchanges to per cpu pool.
66  */
67 struct fc_exch_pool {
68 	u16		 next_index;
69 	u16		 total_exches;
70 
71 	/* two cache of free slot in exch array */
72 	u16		 left;
73 	u16		 right;
74 
75 	spinlock_t	 lock;
76 	struct list_head ex_list;
77 };
78 
79 /**
80  * struct fc_exch_mgr - The Exchange Manager (EM).
81  * @class:	    Default class for new sequences
82  * @kref:	    Reference counter
83  * @min_xid:	    Minimum exchange ID
84  * @max_xid:	    Maximum exchange ID
85  * @ep_pool:	    Reserved exchange pointers
86  * @pool_max_index: Max exch array index in exch pool
87  * @pool:	    Per cpu exch pool
88  * @stats:	    Statistics structure
89  *
90  * This structure is the center for creating exchanges and sequences.
91  * It manages the allocation of exchange IDs.
92  */
93 struct fc_exch_mgr {
94 	enum fc_class	class;
95 	struct kref	kref;
96 	u16		min_xid;
97 	u16		max_xid;
98 	mempool_t	*ep_pool;
99 	u16		pool_max_index;
100 	struct fc_exch_pool *pool;
101 
102 	/*
103 	 * currently exchange mgr stats are updated but not used.
104 	 * either stats can be expose via sysfs or remove them
105 	 * all together if not used XXX
106 	 */
107 	struct {
108 		atomic_t no_free_exch;
109 		atomic_t no_free_exch_xid;
110 		atomic_t xid_not_found;
111 		atomic_t xid_busy;
112 		atomic_t seq_not_found;
113 		atomic_t non_bls_resp;
114 	} stats;
115 };
116 
117 /**
118  * struct fc_exch_mgr_anchor - primary structure for list of EMs
119  * @ema_list: Exchange Manager Anchor list
120  * @mp:	      Exchange Manager associated with this anchor
121  * @match:    Routine to determine if this anchor's EM should be used
122  *
123  * When walking the list of anchors the match routine will be called
124  * for each anchor to determine if that EM should be used. The last
125  * anchor in the list will always match to handle any exchanges not
126  * handled by other EMs. The non-default EMs would be added to the
127  * anchor list by HW that provides FCoE offloads.
128  */
129 struct fc_exch_mgr_anchor {
130 	struct list_head ema_list;
131 	struct fc_exch_mgr *mp;
132 	bool (*match)(struct fc_frame *);
133 };
134 
135 static void fc_exch_rrq(struct fc_exch *);
136 static void fc_seq_ls_acc(struct fc_frame *);
137 static void fc_seq_ls_rjt(struct fc_frame *, enum fc_els_rjt_reason,
138 			  enum fc_els_rjt_explan);
139 static void fc_exch_els_rec(struct fc_frame *);
140 static void fc_exch_els_rrq(struct fc_frame *);
141 
142 /*
143  * Internal implementation notes.
144  *
145  * The exchange manager is one by default in libfc but LLD may choose
146  * to have one per CPU. The sequence manager is one per exchange manager
147  * and currently never separated.
148  *
149  * Section 9.8 in FC-FS-2 specifies:  "The SEQ_ID is a one-byte field
150  * assigned by the Sequence Initiator that shall be unique for a specific
151  * D_ID and S_ID pair while the Sequence is open."   Note that it isn't
152  * qualified by exchange ID, which one might think it would be.
153  * In practice this limits the number of open sequences and exchanges to 256
154  * per session.	 For most targets we could treat this limit as per exchange.
155  *
156  * The exchange and its sequence are freed when the last sequence is received.
157  * It's possible for the remote port to leave an exchange open without
158  * sending any sequences.
159  *
160  * Notes on reference counts:
161  *
162  * Exchanges are reference counted and exchange gets freed when the reference
163  * count becomes zero.
164  *
165  * Timeouts:
166  * Sequences are timed out for E_D_TOV and R_A_TOV.
167  *
168  * Sequence event handling:
169  *
170  * The following events may occur on initiator sequences:
171  *
172  *	Send.
173  *	    For now, the whole thing is sent.
174  *	Receive ACK
175  *	    This applies only to class F.
176  *	    The sequence is marked complete.
177  *	ULP completion.
178  *	    The upper layer calls fc_exch_done() when done
179  *	    with exchange and sequence tuple.
180  *	RX-inferred completion.
181  *	    When we receive the next sequence on the same exchange, we can
182  *	    retire the previous sequence ID.  (XXX not implemented).
183  *	Timeout.
184  *	    R_A_TOV frees the sequence ID.  If we're waiting for ACK,
185  *	    E_D_TOV causes abort and calls upper layer response handler
186  *	    with FC_EX_TIMEOUT error.
187  *	Receive RJT
188  *	    XXX defer.
189  *	Send ABTS
190  *	    On timeout.
191  *
192  * The following events may occur on recipient sequences:
193  *
194  *	Receive
195  *	    Allocate sequence for first frame received.
196  *	    Hold during receive handler.
197  *	    Release when final frame received.
198  *	    Keep status of last N of these for the ELS RES command.  XXX TBD.
199  *	Receive ABTS
200  *	    Deallocate sequence
201  *	Send RJT
202  *	    Deallocate
203  *
204  * For now, we neglect conditions where only part of a sequence was
205  * received or transmitted, or where out-of-order receipt is detected.
206  */
207 
208 /*
209  * Locking notes:
210  *
211  * The EM code run in a per-CPU worker thread.
212  *
213  * To protect against concurrency between a worker thread code and timers,
214  * sequence allocation and deallocation must be locked.
215  *  - exchange refcnt can be done atomicly without locks.
216  *  - sequence allocation must be locked by exch lock.
217  *  - If the EM pool lock and ex_lock must be taken at the same time, then the
218  *    EM pool lock must be taken before the ex_lock.
219  */
220 
221 /*
222  * opcode names for debugging.
223  */
224 static char *fc_exch_rctl_names[] = FC_RCTL_NAMES_INIT;
225 
226 /**
227  * fc_exch_name_lookup() - Lookup name by opcode
228  * @op:	       Opcode to be looked up
229  * @table:     Opcode/name table
230  * @max_index: Index not to be exceeded
231  *
232  * This routine is used to determine a human-readable string identifying
233  * a R_CTL opcode.
234  */
235 static inline const char *fc_exch_name_lookup(unsigned int op, char **table,
236 					      unsigned int max_index)
237 {
238 	const char *name = NULL;
239 
240 	if (op < max_index)
241 		name = table[op];
242 	if (!name)
243 		name = "unknown";
244 	return name;
245 }
246 
247 /**
248  * fc_exch_rctl_name() - Wrapper routine for fc_exch_name_lookup()
249  * @op: The opcode to be looked up
250  */
251 static const char *fc_exch_rctl_name(unsigned int op)
252 {
253 	return fc_exch_name_lookup(op, fc_exch_rctl_names,
254 				   ARRAY_SIZE(fc_exch_rctl_names));
255 }
256 
257 /**
258  * fc_exch_hold() - Increment an exchange's reference count
259  * @ep: Echange to be held
260  */
261 static inline void fc_exch_hold(struct fc_exch *ep)
262 {
263 	atomic_inc(&ep->ex_refcnt);
264 }
265 
266 /**
267  * fc_exch_setup_hdr() - Initialize a FC header by initializing some fields
268  *			 and determine SOF and EOF.
269  * @ep:	   The exchange to that will use the header
270  * @fp:	   The frame whose header is to be modified
271  * @f_ctl: F_CTL bits that will be used for the frame header
272  *
273  * The fields initialized by this routine are: fh_ox_id, fh_rx_id,
274  * fh_seq_id, fh_seq_cnt and the SOF and EOF.
275  */
276 static void fc_exch_setup_hdr(struct fc_exch *ep, struct fc_frame *fp,
277 			      u32 f_ctl)
278 {
279 	struct fc_frame_header *fh = fc_frame_header_get(fp);
280 	u16 fill;
281 
282 	fr_sof(fp) = ep->class;
283 	if (ep->seq.cnt)
284 		fr_sof(fp) = fc_sof_normal(ep->class);
285 
286 	if (f_ctl & FC_FC_END_SEQ) {
287 		fr_eof(fp) = FC_EOF_T;
288 		if (fc_sof_needs_ack(ep->class))
289 			fr_eof(fp) = FC_EOF_N;
290 		/*
291 		 * From F_CTL.
292 		 * The number of fill bytes to make the length a 4-byte
293 		 * multiple is the low order 2-bits of the f_ctl.
294 		 * The fill itself will have been cleared by the frame
295 		 * allocation.
296 		 * After this, the length will be even, as expected by
297 		 * the transport.
298 		 */
299 		fill = fr_len(fp) & 3;
300 		if (fill) {
301 			fill = 4 - fill;
302 			/* TODO, this may be a problem with fragmented skb */
303 			skb_put(fp_skb(fp), fill);
304 			hton24(fh->fh_f_ctl, f_ctl | fill);
305 		}
306 	} else {
307 		WARN_ON(fr_len(fp) % 4 != 0);	/* no pad to non last frame */
308 		fr_eof(fp) = FC_EOF_N;
309 	}
310 
311 	/*
312 	 * Initialize remainig fh fields
313 	 * from fc_fill_fc_hdr
314 	 */
315 	fh->fh_ox_id = htons(ep->oxid);
316 	fh->fh_rx_id = htons(ep->rxid);
317 	fh->fh_seq_id = ep->seq.id;
318 	fh->fh_seq_cnt = htons(ep->seq.cnt);
319 }
320 
321 /**
322  * fc_exch_release() - Decrement an exchange's reference count
323  * @ep: Exchange to be released
324  *
325  * If the reference count reaches zero and the exchange is complete,
326  * it is freed.
327  */
328 static void fc_exch_release(struct fc_exch *ep)
329 {
330 	struct fc_exch_mgr *mp;
331 
332 	if (atomic_dec_and_test(&ep->ex_refcnt)) {
333 		mp = ep->em;
334 		if (ep->destructor)
335 			ep->destructor(&ep->seq, ep->arg);
336 		WARN_ON(!(ep->esb_stat & ESB_ST_COMPLETE));
337 		mempool_free(ep, mp->ep_pool);
338 	}
339 }
340 
341 /**
342  * fc_exch_done_locked() - Complete an exchange with the exchange lock held
343  * @ep: The exchange that is complete
344  */
345 static int fc_exch_done_locked(struct fc_exch *ep)
346 {
347 	int rc = 1;
348 
349 	/*
350 	 * We must check for completion in case there are two threads
351 	 * tyring to complete this. But the rrq code will reuse the
352 	 * ep, and in that case we only clear the resp and set it as
353 	 * complete, so it can be reused by the timer to send the rrq.
354 	 */
355 	ep->resp = NULL;
356 	if (ep->state & FC_EX_DONE)
357 		return rc;
358 	ep->esb_stat |= ESB_ST_COMPLETE;
359 
360 	if (!(ep->esb_stat & ESB_ST_REC_QUAL)) {
361 		ep->state |= FC_EX_DONE;
362 		if (cancel_delayed_work(&ep->timeout_work))
363 			atomic_dec(&ep->ex_refcnt); /* drop hold for timer */
364 		rc = 0;
365 	}
366 	return rc;
367 }
368 
369 /**
370  * fc_exch_ptr_get() - Return an exchange from an exchange pool
371  * @pool:  Exchange Pool to get an exchange from
372  * @index: Index of the exchange within the pool
373  *
374  * Use the index to get an exchange from within an exchange pool. exches
375  * will point to an array of exchange pointers. The index will select
376  * the exchange within the array.
377  */
378 static inline struct fc_exch *fc_exch_ptr_get(struct fc_exch_pool *pool,
379 					      u16 index)
380 {
381 	struct fc_exch **exches = (struct fc_exch **)(pool + 1);
382 	return exches[index];
383 }
384 
385 /**
386  * fc_exch_ptr_set() - Assign an exchange to a slot in an exchange pool
387  * @pool:  The pool to assign the exchange to
388  * @index: The index in the pool where the exchange will be assigned
389  * @ep:	   The exchange to assign to the pool
390  */
391 static inline void fc_exch_ptr_set(struct fc_exch_pool *pool, u16 index,
392 				   struct fc_exch *ep)
393 {
394 	((struct fc_exch **)(pool + 1))[index] = ep;
395 }
396 
397 /**
398  * fc_exch_delete() - Delete an exchange
399  * @ep: The exchange to be deleted
400  */
401 static void fc_exch_delete(struct fc_exch *ep)
402 {
403 	struct fc_exch_pool *pool;
404 	u16 index;
405 
406 	pool = ep->pool;
407 	spin_lock_bh(&pool->lock);
408 	WARN_ON(pool->total_exches <= 0);
409 	pool->total_exches--;
410 
411 	/* update cache of free slot */
412 	index = (ep->xid - ep->em->min_xid) >> fc_cpu_order;
413 	if (pool->left == FC_XID_UNKNOWN)
414 		pool->left = index;
415 	else if (pool->right == FC_XID_UNKNOWN)
416 		pool->right = index;
417 	else
418 		pool->next_index = index;
419 
420 	fc_exch_ptr_set(pool, index, NULL);
421 	list_del(&ep->ex_list);
422 	spin_unlock_bh(&pool->lock);
423 	fc_exch_release(ep);	/* drop hold for exch in mp */
424 }
425 
426 /**
427  * fc_exch_timer_set_locked() - Start a timer for an exchange w/ the
428  *				the exchange lock held
429  * @ep:		The exchange whose timer will start
430  * @timer_msec: The timeout period
431  *
432  * Used for upper level protocols to time out the exchange.
433  * The timer is cancelled when it fires or when the exchange completes.
434  */
435 static inline void fc_exch_timer_set_locked(struct fc_exch *ep,
436 					    unsigned int timer_msec)
437 {
438 	if (ep->state & (FC_EX_RST_CLEANUP | FC_EX_DONE))
439 		return;
440 
441 	FC_EXCH_DBG(ep, "Exchange timer armed\n");
442 
443 	if (queue_delayed_work(fc_exch_workqueue, &ep->timeout_work,
444 			       msecs_to_jiffies(timer_msec)))
445 		fc_exch_hold(ep);		/* hold for timer */
446 }
447 
448 /**
449  * fc_exch_timer_set() - Lock the exchange and set the timer
450  * @ep:		The exchange whose timer will start
451  * @timer_msec: The timeout period
452  */
453 static void fc_exch_timer_set(struct fc_exch *ep, unsigned int timer_msec)
454 {
455 	spin_lock_bh(&ep->ex_lock);
456 	fc_exch_timer_set_locked(ep, timer_msec);
457 	spin_unlock_bh(&ep->ex_lock);
458 }
459 
460 /**
461  * fc_seq_send() - Send a frame using existing sequence/exchange pair
462  * @lport: The local port that the exchange will be sent on
463  * @sp:	   The sequence to be sent
464  * @fp:	   The frame to be sent on the exchange
465  */
466 static int fc_seq_send(struct fc_lport *lport, struct fc_seq *sp,
467 		       struct fc_frame *fp)
468 {
469 	struct fc_exch *ep;
470 	struct fc_frame_header *fh = fc_frame_header_get(fp);
471 	int error;
472 	u32 f_ctl;
473 
474 	ep = fc_seq_exch(sp);
475 	WARN_ON((ep->esb_stat & ESB_ST_SEQ_INIT) != ESB_ST_SEQ_INIT);
476 
477 	f_ctl = ntoh24(fh->fh_f_ctl);
478 	fc_exch_setup_hdr(ep, fp, f_ctl);
479 	fr_encaps(fp) = ep->encaps;
480 
481 	/*
482 	 * update sequence count if this frame is carrying
483 	 * multiple FC frames when sequence offload is enabled
484 	 * by LLD.
485 	 */
486 	if (fr_max_payload(fp))
487 		sp->cnt += DIV_ROUND_UP((fr_len(fp) - sizeof(*fh)),
488 					fr_max_payload(fp));
489 	else
490 		sp->cnt++;
491 
492 	/*
493 	 * Send the frame.
494 	 */
495 	error = lport->tt.frame_send(lport, fp);
496 
497 	/*
498 	 * Update the exchange and sequence flags,
499 	 * assuming all frames for the sequence have been sent.
500 	 * We can only be called to send once for each sequence.
501 	 */
502 	spin_lock_bh(&ep->ex_lock);
503 	ep->f_ctl = f_ctl & ~FC_FC_FIRST_SEQ;	/* not first seq */
504 	if (f_ctl & FC_FC_SEQ_INIT)
505 		ep->esb_stat &= ~ESB_ST_SEQ_INIT;
506 	spin_unlock_bh(&ep->ex_lock);
507 	return error;
508 }
509 
510 /**
511  * fc_seq_alloc() - Allocate a sequence for a given exchange
512  * @ep:	    The exchange to allocate a new sequence for
513  * @seq_id: The sequence ID to be used
514  *
515  * We don't support multiple originated sequences on the same exchange.
516  * By implication, any previously originated sequence on this exchange
517  * is complete, and we reallocate the same sequence.
518  */
519 static struct fc_seq *fc_seq_alloc(struct fc_exch *ep, u8 seq_id)
520 {
521 	struct fc_seq *sp;
522 
523 	sp = &ep->seq;
524 	sp->ssb_stat = 0;
525 	sp->cnt = 0;
526 	sp->id = seq_id;
527 	return sp;
528 }
529 
530 /**
531  * fc_seq_start_next_locked() - Allocate a new sequence on the same
532  *				exchange as the supplied sequence
533  * @sp: The sequence/exchange to get a new sequence for
534  */
535 static struct fc_seq *fc_seq_start_next_locked(struct fc_seq *sp)
536 {
537 	struct fc_exch *ep = fc_seq_exch(sp);
538 
539 	sp = fc_seq_alloc(ep, ep->seq_id++);
540 	FC_EXCH_DBG(ep, "f_ctl %6x seq %2x\n",
541 		    ep->f_ctl, sp->id);
542 	return sp;
543 }
544 
545 /**
546  * fc_seq_start_next() - Lock the exchange and get a new sequence
547  *			 for a given sequence/exchange pair
548  * @sp: The sequence/exchange to get a new exchange for
549  */
550 static struct fc_seq *fc_seq_start_next(struct fc_seq *sp)
551 {
552 	struct fc_exch *ep = fc_seq_exch(sp);
553 
554 	spin_lock_bh(&ep->ex_lock);
555 	sp = fc_seq_start_next_locked(sp);
556 	spin_unlock_bh(&ep->ex_lock);
557 
558 	return sp;
559 }
560 
561 /**
562  * fc_seq_exch_abort() - Abort an exchange and sequence
563  * @req_sp:	The sequence to be aborted
564  * @timer_msec: The period of time to wait before aborting
565  *
566  * Generally called because of a timeout or an abort from the upper layer.
567  */
568 static int fc_seq_exch_abort(const struct fc_seq *req_sp,
569 			     unsigned int timer_msec)
570 {
571 	struct fc_seq *sp;
572 	struct fc_exch *ep;
573 	struct fc_frame *fp;
574 	int error;
575 
576 	ep = fc_seq_exch(req_sp);
577 
578 	spin_lock_bh(&ep->ex_lock);
579 	if (ep->esb_stat & (ESB_ST_COMPLETE | ESB_ST_ABNORMAL) ||
580 	    ep->state & (FC_EX_DONE | FC_EX_RST_CLEANUP)) {
581 		spin_unlock_bh(&ep->ex_lock);
582 		return -ENXIO;
583 	}
584 
585 	/*
586 	 * Send the abort on a new sequence if possible.
587 	 */
588 	sp = fc_seq_start_next_locked(&ep->seq);
589 	if (!sp) {
590 		spin_unlock_bh(&ep->ex_lock);
591 		return -ENOMEM;
592 	}
593 
594 	ep->esb_stat |= ESB_ST_SEQ_INIT | ESB_ST_ABNORMAL;
595 	if (timer_msec)
596 		fc_exch_timer_set_locked(ep, timer_msec);
597 	spin_unlock_bh(&ep->ex_lock);
598 
599 	/*
600 	 * If not logged into the fabric, don't send ABTS but leave
601 	 * sequence active until next timeout.
602 	 */
603 	if (!ep->sid)
604 		return 0;
605 
606 	/*
607 	 * Send an abort for the sequence that timed out.
608 	 */
609 	fp = fc_frame_alloc(ep->lp, 0);
610 	if (fp) {
611 		fc_fill_fc_hdr(fp, FC_RCTL_BA_ABTS, ep->did, ep->sid,
612 			       FC_TYPE_BLS, FC_FC_END_SEQ | FC_FC_SEQ_INIT, 0);
613 		error = fc_seq_send(ep->lp, sp, fp);
614 	} else
615 		error = -ENOBUFS;
616 	return error;
617 }
618 
619 /**
620  * fc_exch_timeout() - Handle exchange timer expiration
621  * @work: The work_struct identifying the exchange that timed out
622  */
623 static void fc_exch_timeout(struct work_struct *work)
624 {
625 	struct fc_exch *ep = container_of(work, struct fc_exch,
626 					  timeout_work.work);
627 	struct fc_seq *sp = &ep->seq;
628 	void (*resp)(struct fc_seq *, struct fc_frame *fp, void *arg);
629 	void *arg;
630 	u32 e_stat;
631 	int rc = 1;
632 
633 	FC_EXCH_DBG(ep, "Exchange timed out\n");
634 
635 	spin_lock_bh(&ep->ex_lock);
636 	if (ep->state & (FC_EX_RST_CLEANUP | FC_EX_DONE))
637 		goto unlock;
638 
639 	e_stat = ep->esb_stat;
640 	if (e_stat & ESB_ST_COMPLETE) {
641 		ep->esb_stat = e_stat & ~ESB_ST_REC_QUAL;
642 		spin_unlock_bh(&ep->ex_lock);
643 		if (e_stat & ESB_ST_REC_QUAL)
644 			fc_exch_rrq(ep);
645 		goto done;
646 	} else {
647 		resp = ep->resp;
648 		arg = ep->arg;
649 		ep->resp = NULL;
650 		if (e_stat & ESB_ST_ABNORMAL)
651 			rc = fc_exch_done_locked(ep);
652 		spin_unlock_bh(&ep->ex_lock);
653 		if (resp)
654 			resp(sp, ERR_PTR(-FC_EX_TIMEOUT), arg);
655 		if (!rc) {
656 			/* delete the exchange if it's already being aborted */
657 			fc_exch_delete(ep);
658 			return;
659 		}
660 		fc_seq_exch_abort(sp, 2 * ep->r_a_tov);
661 		goto done;
662 	}
663 unlock:
664 	spin_unlock_bh(&ep->ex_lock);
665 done:
666 	/*
667 	 * This release matches the hold taken when the timer was set.
668 	 */
669 	fc_exch_release(ep);
670 }
671 
672 /**
673  * fc_exch_em_alloc() - Allocate an exchange from a specified EM.
674  * @lport: The local port that the exchange is for
675  * @mp:	   The exchange manager that will allocate the exchange
676  *
677  * Returns pointer to allocated fc_exch with exch lock held.
678  */
679 static struct fc_exch *fc_exch_em_alloc(struct fc_lport *lport,
680 					struct fc_exch_mgr *mp)
681 {
682 	struct fc_exch *ep;
683 	unsigned int cpu;
684 	u16 index;
685 	struct fc_exch_pool *pool;
686 
687 	/* allocate memory for exchange */
688 	ep = mempool_alloc(mp->ep_pool, GFP_ATOMIC);
689 	if (!ep) {
690 		atomic_inc(&mp->stats.no_free_exch);
691 		goto out;
692 	}
693 	memset(ep, 0, sizeof(*ep));
694 
695 	cpu = get_cpu();
696 	pool = per_cpu_ptr(mp->pool, cpu);
697 	spin_lock_bh(&pool->lock);
698 	put_cpu();
699 
700 	/* peek cache of free slot */
701 	if (pool->left != FC_XID_UNKNOWN) {
702 		index = pool->left;
703 		pool->left = FC_XID_UNKNOWN;
704 		goto hit;
705 	}
706 	if (pool->right != FC_XID_UNKNOWN) {
707 		index = pool->right;
708 		pool->right = FC_XID_UNKNOWN;
709 		goto hit;
710 	}
711 
712 	index = pool->next_index;
713 	/* allocate new exch from pool */
714 	while (fc_exch_ptr_get(pool, index)) {
715 		index = index == mp->pool_max_index ? 0 : index + 1;
716 		if (index == pool->next_index)
717 			goto err;
718 	}
719 	pool->next_index = index == mp->pool_max_index ? 0 : index + 1;
720 hit:
721 	fc_exch_hold(ep);	/* hold for exch in mp */
722 	spin_lock_init(&ep->ex_lock);
723 	/*
724 	 * Hold exch lock for caller to prevent fc_exch_reset()
725 	 * from releasing exch	while fc_exch_alloc() caller is
726 	 * still working on exch.
727 	 */
728 	spin_lock_bh(&ep->ex_lock);
729 
730 	fc_exch_ptr_set(pool, index, ep);
731 	list_add_tail(&ep->ex_list, &pool->ex_list);
732 	fc_seq_alloc(ep, ep->seq_id++);
733 	pool->total_exches++;
734 	spin_unlock_bh(&pool->lock);
735 
736 	/*
737 	 *  update exchange
738 	 */
739 	ep->oxid = ep->xid = (index << fc_cpu_order | cpu) + mp->min_xid;
740 	ep->em = mp;
741 	ep->pool = pool;
742 	ep->lp = lport;
743 	ep->f_ctl = FC_FC_FIRST_SEQ;	/* next seq is first seq */
744 	ep->rxid = FC_XID_UNKNOWN;
745 	ep->class = mp->class;
746 	INIT_DELAYED_WORK(&ep->timeout_work, fc_exch_timeout);
747 out:
748 	return ep;
749 err:
750 	spin_unlock_bh(&pool->lock);
751 	atomic_inc(&mp->stats.no_free_exch_xid);
752 	mempool_free(ep, mp->ep_pool);
753 	return NULL;
754 }
755 
756 /**
757  * fc_exch_alloc() - Allocate an exchange from an EM on a
758  *		     local port's list of EMs.
759  * @lport: The local port that will own the exchange
760  * @fp:	   The FC frame that the exchange will be for
761  *
762  * This function walks the list of exchange manager(EM)
763  * anchors to select an EM for a new exchange allocation. The
764  * EM is selected when a NULL match function pointer is encountered
765  * or when a call to a match function returns true.
766  */
767 static inline struct fc_exch *fc_exch_alloc(struct fc_lport *lport,
768 					    struct fc_frame *fp)
769 {
770 	struct fc_exch_mgr_anchor *ema;
771 
772 	list_for_each_entry(ema, &lport->ema_list, ema_list)
773 		if (!ema->match || ema->match(fp))
774 			return fc_exch_em_alloc(lport, ema->mp);
775 	return NULL;
776 }
777 
778 /**
779  * fc_exch_find() - Lookup and hold an exchange
780  * @mp:	 The exchange manager to lookup the exchange from
781  * @xid: The XID of the exchange to look up
782  */
783 static struct fc_exch *fc_exch_find(struct fc_exch_mgr *mp, u16 xid)
784 {
785 	struct fc_exch_pool *pool;
786 	struct fc_exch *ep = NULL;
787 
788 	if ((xid >= mp->min_xid) && (xid <= mp->max_xid)) {
789 		pool = per_cpu_ptr(mp->pool, xid & fc_cpu_mask);
790 		spin_lock_bh(&pool->lock);
791 		ep = fc_exch_ptr_get(pool, (xid - mp->min_xid) >> fc_cpu_order);
792 		if (ep) {
793 			fc_exch_hold(ep);
794 			WARN_ON(ep->xid != xid);
795 		}
796 		spin_unlock_bh(&pool->lock);
797 	}
798 	return ep;
799 }
800 
801 
802 /**
803  * fc_exch_done() - Indicate that an exchange/sequence tuple is complete and
804  *		    the memory allocated for the related objects may be freed.
805  * @sp: The sequence that has completed
806  */
807 static void fc_exch_done(struct fc_seq *sp)
808 {
809 	struct fc_exch *ep = fc_seq_exch(sp);
810 	int rc;
811 
812 	spin_lock_bh(&ep->ex_lock);
813 	rc = fc_exch_done_locked(ep);
814 	spin_unlock_bh(&ep->ex_lock);
815 	if (!rc)
816 		fc_exch_delete(ep);
817 }
818 
819 /**
820  * fc_exch_resp() - Allocate a new exchange for a response frame
821  * @lport: The local port that the exchange was for
822  * @mp:	   The exchange manager to allocate the exchange from
823  * @fp:	   The response frame
824  *
825  * Sets the responder ID in the frame header.
826  */
827 static struct fc_exch *fc_exch_resp(struct fc_lport *lport,
828 				    struct fc_exch_mgr *mp,
829 				    struct fc_frame *fp)
830 {
831 	struct fc_exch *ep;
832 	struct fc_frame_header *fh;
833 
834 	ep = fc_exch_alloc(lport, fp);
835 	if (ep) {
836 		ep->class = fc_frame_class(fp);
837 
838 		/*
839 		 * Set EX_CTX indicating we're responding on this exchange.
840 		 */
841 		ep->f_ctl |= FC_FC_EX_CTX;	/* we're responding */
842 		ep->f_ctl &= ~FC_FC_FIRST_SEQ;	/* not new */
843 		fh = fc_frame_header_get(fp);
844 		ep->sid = ntoh24(fh->fh_d_id);
845 		ep->did = ntoh24(fh->fh_s_id);
846 		ep->oid = ep->did;
847 
848 		/*
849 		 * Allocated exchange has placed the XID in the
850 		 * originator field. Move it to the responder field,
851 		 * and set the originator XID from the frame.
852 		 */
853 		ep->rxid = ep->xid;
854 		ep->oxid = ntohs(fh->fh_ox_id);
855 		ep->esb_stat |= ESB_ST_RESP | ESB_ST_SEQ_INIT;
856 		if ((ntoh24(fh->fh_f_ctl) & FC_FC_SEQ_INIT) == 0)
857 			ep->esb_stat &= ~ESB_ST_SEQ_INIT;
858 
859 		fc_exch_hold(ep);	/* hold for caller */
860 		spin_unlock_bh(&ep->ex_lock);	/* lock from fc_exch_alloc */
861 	}
862 	return ep;
863 }
864 
865 /**
866  * fc_seq_lookup_recip() - Find a sequence where the other end
867  *			   originated the sequence
868  * @lport: The local port that the frame was sent to
869  * @mp:	   The Exchange Manager to lookup the exchange from
870  * @fp:	   The frame associated with the sequence we're looking for
871  *
872  * If fc_pf_rjt_reason is FC_RJT_NONE then this function will have a hold
873  * on the ep that should be released by the caller.
874  */
875 static enum fc_pf_rjt_reason fc_seq_lookup_recip(struct fc_lport *lport,
876 						 struct fc_exch_mgr *mp,
877 						 struct fc_frame *fp)
878 {
879 	struct fc_frame_header *fh = fc_frame_header_get(fp);
880 	struct fc_exch *ep = NULL;
881 	struct fc_seq *sp = NULL;
882 	enum fc_pf_rjt_reason reject = FC_RJT_NONE;
883 	u32 f_ctl;
884 	u16 xid;
885 
886 	f_ctl = ntoh24(fh->fh_f_ctl);
887 	WARN_ON((f_ctl & FC_FC_SEQ_CTX) != 0);
888 
889 	/*
890 	 * Lookup or create the exchange if we will be creating the sequence.
891 	 */
892 	if (f_ctl & FC_FC_EX_CTX) {
893 		xid = ntohs(fh->fh_ox_id);	/* we originated exch */
894 		ep = fc_exch_find(mp, xid);
895 		if (!ep) {
896 			atomic_inc(&mp->stats.xid_not_found);
897 			reject = FC_RJT_OX_ID;
898 			goto out;
899 		}
900 		if (ep->rxid == FC_XID_UNKNOWN)
901 			ep->rxid = ntohs(fh->fh_rx_id);
902 		else if (ep->rxid != ntohs(fh->fh_rx_id)) {
903 			reject = FC_RJT_OX_ID;
904 			goto rel;
905 		}
906 	} else {
907 		xid = ntohs(fh->fh_rx_id);	/* we are the responder */
908 
909 		/*
910 		 * Special case for MDS issuing an ELS TEST with a
911 		 * bad rxid of 0.
912 		 * XXX take this out once we do the proper reject.
913 		 */
914 		if (xid == 0 && fh->fh_r_ctl == FC_RCTL_ELS_REQ &&
915 		    fc_frame_payload_op(fp) == ELS_TEST) {
916 			fh->fh_rx_id = htons(FC_XID_UNKNOWN);
917 			xid = FC_XID_UNKNOWN;
918 		}
919 
920 		/*
921 		 * new sequence - find the exchange
922 		 */
923 		ep = fc_exch_find(mp, xid);
924 		if ((f_ctl & FC_FC_FIRST_SEQ) && fc_sof_is_init(fr_sof(fp))) {
925 			if (ep) {
926 				atomic_inc(&mp->stats.xid_busy);
927 				reject = FC_RJT_RX_ID;
928 				goto rel;
929 			}
930 			ep = fc_exch_resp(lport, mp, fp);
931 			if (!ep) {
932 				reject = FC_RJT_EXCH_EST;	/* XXX */
933 				goto out;
934 			}
935 			xid = ep->xid;	/* get our XID */
936 		} else if (!ep) {
937 			atomic_inc(&mp->stats.xid_not_found);
938 			reject = FC_RJT_RX_ID;	/* XID not found */
939 			goto out;
940 		}
941 	}
942 
943 	/*
944 	 * At this point, we have the exchange held.
945 	 * Find or create the sequence.
946 	 */
947 	if (fc_sof_is_init(fr_sof(fp))) {
948 		sp = &ep->seq;
949 		sp->ssb_stat |= SSB_ST_RESP;
950 		sp->id = fh->fh_seq_id;
951 	} else {
952 		sp = &ep->seq;
953 		if (sp->id != fh->fh_seq_id) {
954 			atomic_inc(&mp->stats.seq_not_found);
955 			reject = FC_RJT_SEQ_ID;	/* sequence/exch should exist */
956 			goto rel;
957 		}
958 	}
959 	WARN_ON(ep != fc_seq_exch(sp));
960 
961 	if (f_ctl & FC_FC_SEQ_INIT)
962 		ep->esb_stat |= ESB_ST_SEQ_INIT;
963 
964 	fr_seq(fp) = sp;
965 out:
966 	return reject;
967 rel:
968 	fc_exch_done(&ep->seq);
969 	fc_exch_release(ep);	/* hold from fc_exch_find/fc_exch_resp */
970 	return reject;
971 }
972 
973 /**
974  * fc_seq_lookup_orig() - Find a sequence where this end
975  *			  originated the sequence
976  * @mp:	   The Exchange Manager to lookup the exchange from
977  * @fp:	   The frame associated with the sequence we're looking for
978  *
979  * Does not hold the sequence for the caller.
980  */
981 static struct fc_seq *fc_seq_lookup_orig(struct fc_exch_mgr *mp,
982 					 struct fc_frame *fp)
983 {
984 	struct fc_frame_header *fh = fc_frame_header_get(fp);
985 	struct fc_exch *ep;
986 	struct fc_seq *sp = NULL;
987 	u32 f_ctl;
988 	u16 xid;
989 
990 	f_ctl = ntoh24(fh->fh_f_ctl);
991 	WARN_ON((f_ctl & FC_FC_SEQ_CTX) != FC_FC_SEQ_CTX);
992 	xid = ntohs((f_ctl & FC_FC_EX_CTX) ? fh->fh_ox_id : fh->fh_rx_id);
993 	ep = fc_exch_find(mp, xid);
994 	if (!ep)
995 		return NULL;
996 	if (ep->seq.id == fh->fh_seq_id) {
997 		/*
998 		 * Save the RX_ID if we didn't previously know it.
999 		 */
1000 		sp = &ep->seq;
1001 		if ((f_ctl & FC_FC_EX_CTX) != 0 &&
1002 		    ep->rxid == FC_XID_UNKNOWN) {
1003 			ep->rxid = ntohs(fh->fh_rx_id);
1004 		}
1005 	}
1006 	fc_exch_release(ep);
1007 	return sp;
1008 }
1009 
1010 /**
1011  * fc_exch_set_addr() - Set the source and destination IDs for an exchange
1012  * @ep:	     The exchange to set the addresses for
1013  * @orig_id: The originator's ID
1014  * @resp_id: The responder's ID
1015  *
1016  * Note this must be done before the first sequence of the exchange is sent.
1017  */
1018 static void fc_exch_set_addr(struct fc_exch *ep,
1019 			     u32 orig_id, u32 resp_id)
1020 {
1021 	ep->oid = orig_id;
1022 	if (ep->esb_stat & ESB_ST_RESP) {
1023 		ep->sid = resp_id;
1024 		ep->did = orig_id;
1025 	} else {
1026 		ep->sid = orig_id;
1027 		ep->did = resp_id;
1028 	}
1029 }
1030 
1031 /**
1032  * fc_seq_els_rsp_send() - Send an ELS response using infomation from
1033  *			   the existing sequence/exchange.
1034  * @fp:	      The received frame
1035  * @els_cmd:  The ELS command to be sent
1036  * @els_data: The ELS data to be sent
1037  *
1038  * The received frame is not freed.
1039  */
1040 static void fc_seq_els_rsp_send(struct fc_frame *fp, enum fc_els_cmd els_cmd,
1041 				struct fc_seq_els_data *els_data)
1042 {
1043 	switch (els_cmd) {
1044 	case ELS_LS_RJT:
1045 		fc_seq_ls_rjt(fp, els_data->reason, els_data->explan);
1046 		break;
1047 	case ELS_LS_ACC:
1048 		fc_seq_ls_acc(fp);
1049 		break;
1050 	case ELS_RRQ:
1051 		fc_exch_els_rrq(fp);
1052 		break;
1053 	case ELS_REC:
1054 		fc_exch_els_rec(fp);
1055 		break;
1056 	default:
1057 		FC_LPORT_DBG(fr_dev(fp), "Invalid ELS CMD:%x\n", els_cmd);
1058 	}
1059 }
1060 
1061 /**
1062  * fc_seq_send_last() - Send a sequence that is the last in the exchange
1063  * @sp:	     The sequence that is to be sent
1064  * @fp:	     The frame that will be sent on the sequence
1065  * @rctl:    The R_CTL information to be sent
1066  * @fh_type: The frame header type
1067  */
1068 static void fc_seq_send_last(struct fc_seq *sp, struct fc_frame *fp,
1069 			     enum fc_rctl rctl, enum fc_fh_type fh_type)
1070 {
1071 	u32 f_ctl;
1072 	struct fc_exch *ep = fc_seq_exch(sp);
1073 
1074 	f_ctl = FC_FC_LAST_SEQ | FC_FC_END_SEQ | FC_FC_SEQ_INIT;
1075 	f_ctl |= ep->f_ctl;
1076 	fc_fill_fc_hdr(fp, rctl, ep->did, ep->sid, fh_type, f_ctl, 0);
1077 	fc_seq_send(ep->lp, sp, fp);
1078 }
1079 
1080 /**
1081  * fc_seq_send_ack() - Send an acknowledgement that we've received a frame
1082  * @sp:	   The sequence to send the ACK on
1083  * @rx_fp: The received frame that is being acknoledged
1084  *
1085  * Send ACK_1 (or equiv.) indicating we received something.
1086  */
1087 static void fc_seq_send_ack(struct fc_seq *sp, const struct fc_frame *rx_fp)
1088 {
1089 	struct fc_frame *fp;
1090 	struct fc_frame_header *rx_fh;
1091 	struct fc_frame_header *fh;
1092 	struct fc_exch *ep = fc_seq_exch(sp);
1093 	struct fc_lport *lport = ep->lp;
1094 	unsigned int f_ctl;
1095 
1096 	/*
1097 	 * Don't send ACKs for class 3.
1098 	 */
1099 	if (fc_sof_needs_ack(fr_sof(rx_fp))) {
1100 		fp = fc_frame_alloc(lport, 0);
1101 		if (!fp)
1102 			return;
1103 
1104 		fh = fc_frame_header_get(fp);
1105 		fh->fh_r_ctl = FC_RCTL_ACK_1;
1106 		fh->fh_type = FC_TYPE_BLS;
1107 
1108 		/*
1109 		 * Form f_ctl by inverting EX_CTX and SEQ_CTX (bits 23, 22).
1110 		 * Echo FIRST_SEQ, LAST_SEQ, END_SEQ, END_CONN, SEQ_INIT.
1111 		 * Bits 9-8 are meaningful (retransmitted or unidirectional).
1112 		 * Last ACK uses bits 7-6 (continue sequence),
1113 		 * bits 5-4 are meaningful (what kind of ACK to use).
1114 		 */
1115 		rx_fh = fc_frame_header_get(rx_fp);
1116 		f_ctl = ntoh24(rx_fh->fh_f_ctl);
1117 		f_ctl &= FC_FC_EX_CTX | FC_FC_SEQ_CTX |
1118 			FC_FC_FIRST_SEQ | FC_FC_LAST_SEQ |
1119 			FC_FC_END_SEQ | FC_FC_END_CONN | FC_FC_SEQ_INIT |
1120 			FC_FC_RETX_SEQ | FC_FC_UNI_TX;
1121 		f_ctl ^= FC_FC_EX_CTX | FC_FC_SEQ_CTX;
1122 		hton24(fh->fh_f_ctl, f_ctl);
1123 
1124 		fc_exch_setup_hdr(ep, fp, f_ctl);
1125 		fh->fh_seq_id = rx_fh->fh_seq_id;
1126 		fh->fh_seq_cnt = rx_fh->fh_seq_cnt;
1127 		fh->fh_parm_offset = htonl(1);	/* ack single frame */
1128 
1129 		fr_sof(fp) = fr_sof(rx_fp);
1130 		if (f_ctl & FC_FC_END_SEQ)
1131 			fr_eof(fp) = FC_EOF_T;
1132 		else
1133 			fr_eof(fp) = FC_EOF_N;
1134 
1135 		lport->tt.frame_send(lport, fp);
1136 	}
1137 }
1138 
1139 /**
1140  * fc_exch_send_ba_rjt() - Send BLS Reject
1141  * @rx_fp:  The frame being rejected
1142  * @reason: The reason the frame is being rejected
1143  * @explan: The explaination for the rejection
1144  *
1145  * This is for rejecting BA_ABTS only.
1146  */
1147 static void fc_exch_send_ba_rjt(struct fc_frame *rx_fp,
1148 				enum fc_ba_rjt_reason reason,
1149 				enum fc_ba_rjt_explan explan)
1150 {
1151 	struct fc_frame *fp;
1152 	struct fc_frame_header *rx_fh;
1153 	struct fc_frame_header *fh;
1154 	struct fc_ba_rjt *rp;
1155 	struct fc_lport *lport;
1156 	unsigned int f_ctl;
1157 
1158 	lport = fr_dev(rx_fp);
1159 	fp = fc_frame_alloc(lport, sizeof(*rp));
1160 	if (!fp)
1161 		return;
1162 	fh = fc_frame_header_get(fp);
1163 	rx_fh = fc_frame_header_get(rx_fp);
1164 
1165 	memset(fh, 0, sizeof(*fh) + sizeof(*rp));
1166 
1167 	rp = fc_frame_payload_get(fp, sizeof(*rp));
1168 	rp->br_reason = reason;
1169 	rp->br_explan = explan;
1170 
1171 	/*
1172 	 * seq_id, cs_ctl, df_ctl and param/offset are zero.
1173 	 */
1174 	memcpy(fh->fh_s_id, rx_fh->fh_d_id, 3);
1175 	memcpy(fh->fh_d_id, rx_fh->fh_s_id, 3);
1176 	fh->fh_ox_id = rx_fh->fh_ox_id;
1177 	fh->fh_rx_id = rx_fh->fh_rx_id;
1178 	fh->fh_seq_cnt = rx_fh->fh_seq_cnt;
1179 	fh->fh_r_ctl = FC_RCTL_BA_RJT;
1180 	fh->fh_type = FC_TYPE_BLS;
1181 
1182 	/*
1183 	 * Form f_ctl by inverting EX_CTX and SEQ_CTX (bits 23, 22).
1184 	 * Echo FIRST_SEQ, LAST_SEQ, END_SEQ, END_CONN, SEQ_INIT.
1185 	 * Bits 9-8 are meaningful (retransmitted or unidirectional).
1186 	 * Last ACK uses bits 7-6 (continue sequence),
1187 	 * bits 5-4 are meaningful (what kind of ACK to use).
1188 	 * Always set LAST_SEQ, END_SEQ.
1189 	 */
1190 	f_ctl = ntoh24(rx_fh->fh_f_ctl);
1191 	f_ctl &= FC_FC_EX_CTX | FC_FC_SEQ_CTX |
1192 		FC_FC_END_CONN | FC_FC_SEQ_INIT |
1193 		FC_FC_RETX_SEQ | FC_FC_UNI_TX;
1194 	f_ctl ^= FC_FC_EX_CTX | FC_FC_SEQ_CTX;
1195 	f_ctl |= FC_FC_LAST_SEQ | FC_FC_END_SEQ;
1196 	f_ctl &= ~FC_FC_FIRST_SEQ;
1197 	hton24(fh->fh_f_ctl, f_ctl);
1198 
1199 	fr_sof(fp) = fc_sof_class(fr_sof(rx_fp));
1200 	fr_eof(fp) = FC_EOF_T;
1201 	if (fc_sof_needs_ack(fr_sof(fp)))
1202 		fr_eof(fp) = FC_EOF_N;
1203 
1204 	lport->tt.frame_send(lport, fp);
1205 }
1206 
1207 /**
1208  * fc_exch_recv_abts() - Handle an incoming ABTS
1209  * @ep:	   The exchange the abort was on
1210  * @rx_fp: The ABTS frame
1211  *
1212  * This would be for target mode usually, but could be due to lost
1213  * FCP transfer ready, confirm or RRQ. We always handle this as an
1214  * exchange abort, ignoring the parameter.
1215  */
1216 static void fc_exch_recv_abts(struct fc_exch *ep, struct fc_frame *rx_fp)
1217 {
1218 	struct fc_frame *fp;
1219 	struct fc_ba_acc *ap;
1220 	struct fc_frame_header *fh;
1221 	struct fc_seq *sp;
1222 
1223 	if (!ep)
1224 		goto reject;
1225 	spin_lock_bh(&ep->ex_lock);
1226 	if (ep->esb_stat & ESB_ST_COMPLETE) {
1227 		spin_unlock_bh(&ep->ex_lock);
1228 		goto reject;
1229 	}
1230 	if (!(ep->esb_stat & ESB_ST_REC_QUAL))
1231 		fc_exch_hold(ep);		/* hold for REC_QUAL */
1232 	ep->esb_stat |= ESB_ST_ABNORMAL | ESB_ST_REC_QUAL;
1233 	fc_exch_timer_set_locked(ep, ep->r_a_tov);
1234 
1235 	fp = fc_frame_alloc(ep->lp, sizeof(*ap));
1236 	if (!fp) {
1237 		spin_unlock_bh(&ep->ex_lock);
1238 		goto free;
1239 	}
1240 	fh = fc_frame_header_get(fp);
1241 	ap = fc_frame_payload_get(fp, sizeof(*ap));
1242 	memset(ap, 0, sizeof(*ap));
1243 	sp = &ep->seq;
1244 	ap->ba_high_seq_cnt = htons(0xffff);
1245 	if (sp->ssb_stat & SSB_ST_RESP) {
1246 		ap->ba_seq_id = sp->id;
1247 		ap->ba_seq_id_val = FC_BA_SEQ_ID_VAL;
1248 		ap->ba_high_seq_cnt = fh->fh_seq_cnt;
1249 		ap->ba_low_seq_cnt = htons(sp->cnt);
1250 	}
1251 	sp = fc_seq_start_next_locked(sp);
1252 	spin_unlock_bh(&ep->ex_lock);
1253 	fc_seq_send_last(sp, fp, FC_RCTL_BA_ACC, FC_TYPE_BLS);
1254 	fc_frame_free(rx_fp);
1255 	return;
1256 
1257 reject:
1258 	fc_exch_send_ba_rjt(rx_fp, FC_BA_RJT_UNABLE, FC_BA_RJT_INV_XID);
1259 free:
1260 	fc_frame_free(rx_fp);
1261 }
1262 
1263 /**
1264  * fc_seq_assign() - Assign exchange and sequence for incoming request
1265  * @lport: The local port that received the request
1266  * @fp:    The request frame
1267  *
1268  * On success, the sequence pointer will be returned and also in fr_seq(@fp).
1269  */
1270 static struct fc_seq *fc_seq_assign(struct fc_lport *lport, struct fc_frame *fp)
1271 {
1272 	struct fc_exch_mgr_anchor *ema;
1273 
1274 	WARN_ON(lport != fr_dev(fp));
1275 	WARN_ON(fr_seq(fp));
1276 	fr_seq(fp) = NULL;
1277 
1278 	list_for_each_entry(ema, &lport->ema_list, ema_list)
1279 		if ((!ema->match || ema->match(fp)) &&
1280 		    fc_seq_lookup_recip(lport, ema->mp, fp) == FC_RJT_NONE)
1281 			break;
1282 	return fr_seq(fp);
1283 }
1284 
1285 /**
1286  * fc_exch_recv_req() - Handler for an incoming request
1287  * @lport: The local port that received the request
1288  * @mp:	   The EM that the exchange is on
1289  * @fp:	   The request frame
1290  *
1291  * This is used when the other end is originating the exchange
1292  * and the sequence.
1293  */
1294 static void fc_exch_recv_req(struct fc_lport *lport, struct fc_exch_mgr *mp,
1295 			     struct fc_frame *fp)
1296 {
1297 	struct fc_frame_header *fh = fc_frame_header_get(fp);
1298 	struct fc_seq *sp = NULL;
1299 	struct fc_exch *ep = NULL;
1300 	enum fc_pf_rjt_reason reject;
1301 
1302 	/* We can have the wrong fc_lport at this point with NPIV, which is a
1303 	 * problem now that we know a new exchange needs to be allocated
1304 	 */
1305 	lport = fc_vport_id_lookup(lport, ntoh24(fh->fh_d_id));
1306 	if (!lport) {
1307 		fc_frame_free(fp);
1308 		return;
1309 	}
1310 	fr_dev(fp) = lport;
1311 
1312 	BUG_ON(fr_seq(fp));		/* XXX remove later */
1313 
1314 	/*
1315 	 * If the RX_ID is 0xffff, don't allocate an exchange.
1316 	 * The upper-level protocol may request one later, if needed.
1317 	 */
1318 	if (fh->fh_rx_id == htons(FC_XID_UNKNOWN))
1319 		return lport->tt.lport_recv(lport, fp);
1320 
1321 	reject = fc_seq_lookup_recip(lport, mp, fp);
1322 	if (reject == FC_RJT_NONE) {
1323 		sp = fr_seq(fp);	/* sequence will be held */
1324 		ep = fc_seq_exch(sp);
1325 		fc_seq_send_ack(sp, fp);
1326 		ep->encaps = fr_encaps(fp);
1327 
1328 		/*
1329 		 * Call the receive function.
1330 		 *
1331 		 * The receive function may allocate a new sequence
1332 		 * over the old one, so we shouldn't change the
1333 		 * sequence after this.
1334 		 *
1335 		 * The frame will be freed by the receive function.
1336 		 * If new exch resp handler is valid then call that
1337 		 * first.
1338 		 */
1339 		if (ep->resp)
1340 			ep->resp(sp, fp, ep->arg);
1341 		else
1342 			lport->tt.lport_recv(lport, fp);
1343 		fc_exch_release(ep);	/* release from lookup */
1344 	} else {
1345 		FC_LPORT_DBG(lport, "exch/seq lookup failed: reject %x\n",
1346 			     reject);
1347 		fc_frame_free(fp);
1348 	}
1349 }
1350 
1351 /**
1352  * fc_exch_recv_seq_resp() - Handler for an incoming response where the other
1353  *			     end is the originator of the sequence that is a
1354  *			     response to our initial exchange
1355  * @mp: The EM that the exchange is on
1356  * @fp: The response frame
1357  */
1358 static void fc_exch_recv_seq_resp(struct fc_exch_mgr *mp, struct fc_frame *fp)
1359 {
1360 	struct fc_frame_header *fh = fc_frame_header_get(fp);
1361 	struct fc_seq *sp;
1362 	struct fc_exch *ep;
1363 	enum fc_sof sof;
1364 	u32 f_ctl;
1365 	void (*resp)(struct fc_seq *, struct fc_frame *fp, void *arg);
1366 	void *ex_resp_arg;
1367 	int rc;
1368 
1369 	ep = fc_exch_find(mp, ntohs(fh->fh_ox_id));
1370 	if (!ep) {
1371 		atomic_inc(&mp->stats.xid_not_found);
1372 		goto out;
1373 	}
1374 	if (ep->esb_stat & ESB_ST_COMPLETE) {
1375 		atomic_inc(&mp->stats.xid_not_found);
1376 		goto rel;
1377 	}
1378 	if (ep->rxid == FC_XID_UNKNOWN)
1379 		ep->rxid = ntohs(fh->fh_rx_id);
1380 	if (ep->sid != 0 && ep->sid != ntoh24(fh->fh_d_id)) {
1381 		atomic_inc(&mp->stats.xid_not_found);
1382 		goto rel;
1383 	}
1384 	if (ep->did != ntoh24(fh->fh_s_id) &&
1385 	    ep->did != FC_FID_FLOGI) {
1386 		atomic_inc(&mp->stats.xid_not_found);
1387 		goto rel;
1388 	}
1389 	sof = fr_sof(fp);
1390 	sp = &ep->seq;
1391 	if (fc_sof_is_init(sof)) {
1392 		sp->ssb_stat |= SSB_ST_RESP;
1393 		sp->id = fh->fh_seq_id;
1394 	} else if (sp->id != fh->fh_seq_id) {
1395 		atomic_inc(&mp->stats.seq_not_found);
1396 		goto rel;
1397 	}
1398 
1399 	f_ctl = ntoh24(fh->fh_f_ctl);
1400 	fr_seq(fp) = sp;
1401 	if (f_ctl & FC_FC_SEQ_INIT)
1402 		ep->esb_stat |= ESB_ST_SEQ_INIT;
1403 
1404 	if (fc_sof_needs_ack(sof))
1405 		fc_seq_send_ack(sp, fp);
1406 	resp = ep->resp;
1407 	ex_resp_arg = ep->arg;
1408 
1409 	if (fh->fh_type != FC_TYPE_FCP && fr_eof(fp) == FC_EOF_T &&
1410 	    (f_ctl & (FC_FC_LAST_SEQ | FC_FC_END_SEQ)) ==
1411 	    (FC_FC_LAST_SEQ | FC_FC_END_SEQ)) {
1412 		spin_lock_bh(&ep->ex_lock);
1413 		rc = fc_exch_done_locked(ep);
1414 		WARN_ON(fc_seq_exch(sp) != ep);
1415 		spin_unlock_bh(&ep->ex_lock);
1416 		if (!rc)
1417 			fc_exch_delete(ep);
1418 	}
1419 
1420 	/*
1421 	 * Call the receive function.
1422 	 * The sequence is held (has a refcnt) for us,
1423 	 * but not for the receive function.
1424 	 *
1425 	 * The receive function may allocate a new sequence
1426 	 * over the old one, so we shouldn't change the
1427 	 * sequence after this.
1428 	 *
1429 	 * The frame will be freed by the receive function.
1430 	 * If new exch resp handler is valid then call that
1431 	 * first.
1432 	 */
1433 	if (resp)
1434 		resp(sp, fp, ex_resp_arg);
1435 	else
1436 		fc_frame_free(fp);
1437 	fc_exch_release(ep);
1438 	return;
1439 rel:
1440 	fc_exch_release(ep);
1441 out:
1442 	fc_frame_free(fp);
1443 }
1444 
1445 /**
1446  * fc_exch_recv_resp() - Handler for a sequence where other end is
1447  *			 responding to our sequence
1448  * @mp: The EM that the exchange is on
1449  * @fp: The response frame
1450  */
1451 static void fc_exch_recv_resp(struct fc_exch_mgr *mp, struct fc_frame *fp)
1452 {
1453 	struct fc_seq *sp;
1454 
1455 	sp = fc_seq_lookup_orig(mp, fp);	/* doesn't hold sequence */
1456 
1457 	if (!sp)
1458 		atomic_inc(&mp->stats.xid_not_found);
1459 	else
1460 		atomic_inc(&mp->stats.non_bls_resp);
1461 
1462 	fc_frame_free(fp);
1463 }
1464 
1465 /**
1466  * fc_exch_abts_resp() - Handler for a response to an ABT
1467  * @ep: The exchange that the frame is on
1468  * @fp: The response frame
1469  *
1470  * This response would be to an ABTS cancelling an exchange or sequence.
1471  * The response can be either BA_ACC or BA_RJT
1472  */
1473 static void fc_exch_abts_resp(struct fc_exch *ep, struct fc_frame *fp)
1474 {
1475 	void (*resp)(struct fc_seq *, struct fc_frame *fp, void *arg);
1476 	void *ex_resp_arg;
1477 	struct fc_frame_header *fh;
1478 	struct fc_ba_acc *ap;
1479 	struct fc_seq *sp;
1480 	u16 low;
1481 	u16 high;
1482 	int rc = 1, has_rec = 0;
1483 
1484 	fh = fc_frame_header_get(fp);
1485 	FC_EXCH_DBG(ep, "exch: BLS rctl %x - %s\n", fh->fh_r_ctl,
1486 		    fc_exch_rctl_name(fh->fh_r_ctl));
1487 
1488 	if (cancel_delayed_work_sync(&ep->timeout_work))
1489 		fc_exch_release(ep);	/* release from pending timer hold */
1490 
1491 	spin_lock_bh(&ep->ex_lock);
1492 	switch (fh->fh_r_ctl) {
1493 	case FC_RCTL_BA_ACC:
1494 		ap = fc_frame_payload_get(fp, sizeof(*ap));
1495 		if (!ap)
1496 			break;
1497 
1498 		/*
1499 		 * Decide whether to establish a Recovery Qualifier.
1500 		 * We do this if there is a non-empty SEQ_CNT range and
1501 		 * SEQ_ID is the same as the one we aborted.
1502 		 */
1503 		low = ntohs(ap->ba_low_seq_cnt);
1504 		high = ntohs(ap->ba_high_seq_cnt);
1505 		if ((ep->esb_stat & ESB_ST_REC_QUAL) == 0 &&
1506 		    (ap->ba_seq_id_val != FC_BA_SEQ_ID_VAL ||
1507 		     ap->ba_seq_id == ep->seq_id) && low != high) {
1508 			ep->esb_stat |= ESB_ST_REC_QUAL;
1509 			fc_exch_hold(ep);  /* hold for recovery qualifier */
1510 			has_rec = 1;
1511 		}
1512 		break;
1513 	case FC_RCTL_BA_RJT:
1514 		break;
1515 	default:
1516 		break;
1517 	}
1518 
1519 	resp = ep->resp;
1520 	ex_resp_arg = ep->arg;
1521 
1522 	/* do we need to do some other checks here. Can we reuse more of
1523 	 * fc_exch_recv_seq_resp
1524 	 */
1525 	sp = &ep->seq;
1526 	/*
1527 	 * do we want to check END_SEQ as well as LAST_SEQ here?
1528 	 */
1529 	if (ep->fh_type != FC_TYPE_FCP &&
1530 	    ntoh24(fh->fh_f_ctl) & FC_FC_LAST_SEQ)
1531 		rc = fc_exch_done_locked(ep);
1532 	spin_unlock_bh(&ep->ex_lock);
1533 	if (!rc)
1534 		fc_exch_delete(ep);
1535 
1536 	if (resp)
1537 		resp(sp, fp, ex_resp_arg);
1538 	else
1539 		fc_frame_free(fp);
1540 
1541 	if (has_rec)
1542 		fc_exch_timer_set(ep, ep->r_a_tov);
1543 
1544 }
1545 
1546 /**
1547  * fc_exch_recv_bls() - Handler for a BLS sequence
1548  * @mp: The EM that the exchange is on
1549  * @fp: The request frame
1550  *
1551  * The BLS frame is always a sequence initiated by the remote side.
1552  * We may be either the originator or recipient of the exchange.
1553  */
1554 static void fc_exch_recv_bls(struct fc_exch_mgr *mp, struct fc_frame *fp)
1555 {
1556 	struct fc_frame_header *fh;
1557 	struct fc_exch *ep;
1558 	u32 f_ctl;
1559 
1560 	fh = fc_frame_header_get(fp);
1561 	f_ctl = ntoh24(fh->fh_f_ctl);
1562 	fr_seq(fp) = NULL;
1563 
1564 	ep = fc_exch_find(mp, (f_ctl & FC_FC_EX_CTX) ?
1565 			  ntohs(fh->fh_ox_id) : ntohs(fh->fh_rx_id));
1566 	if (ep && (f_ctl & FC_FC_SEQ_INIT)) {
1567 		spin_lock_bh(&ep->ex_lock);
1568 		ep->esb_stat |= ESB_ST_SEQ_INIT;
1569 		spin_unlock_bh(&ep->ex_lock);
1570 	}
1571 	if (f_ctl & FC_FC_SEQ_CTX) {
1572 		/*
1573 		 * A response to a sequence we initiated.
1574 		 * This should only be ACKs for class 2 or F.
1575 		 */
1576 		switch (fh->fh_r_ctl) {
1577 		case FC_RCTL_ACK_1:
1578 		case FC_RCTL_ACK_0:
1579 			break;
1580 		default:
1581 			FC_EXCH_DBG(ep, "BLS rctl %x - %s received",
1582 				    fh->fh_r_ctl,
1583 				    fc_exch_rctl_name(fh->fh_r_ctl));
1584 			break;
1585 		}
1586 		fc_frame_free(fp);
1587 	} else {
1588 		switch (fh->fh_r_ctl) {
1589 		case FC_RCTL_BA_RJT:
1590 		case FC_RCTL_BA_ACC:
1591 			if (ep)
1592 				fc_exch_abts_resp(ep, fp);
1593 			else
1594 				fc_frame_free(fp);
1595 			break;
1596 		case FC_RCTL_BA_ABTS:
1597 			fc_exch_recv_abts(ep, fp);
1598 			break;
1599 		default:			/* ignore junk */
1600 			fc_frame_free(fp);
1601 			break;
1602 		}
1603 	}
1604 	if (ep)
1605 		fc_exch_release(ep);	/* release hold taken by fc_exch_find */
1606 }
1607 
1608 /**
1609  * fc_seq_ls_acc() - Accept sequence with LS_ACC
1610  * @rx_fp: The received frame, not freed here.
1611  *
1612  * If this fails due to allocation or transmit congestion, assume the
1613  * originator will repeat the sequence.
1614  */
1615 static void fc_seq_ls_acc(struct fc_frame *rx_fp)
1616 {
1617 	struct fc_lport *lport;
1618 	struct fc_els_ls_acc *acc;
1619 	struct fc_frame *fp;
1620 
1621 	lport = fr_dev(rx_fp);
1622 	fp = fc_frame_alloc(lport, sizeof(*acc));
1623 	if (!fp)
1624 		return;
1625 	acc = fc_frame_payload_get(fp, sizeof(*acc));
1626 	memset(acc, 0, sizeof(*acc));
1627 	acc->la_cmd = ELS_LS_ACC;
1628 	fc_fill_reply_hdr(fp, rx_fp, FC_RCTL_ELS_REP, 0);
1629 	lport->tt.frame_send(lport, fp);
1630 }
1631 
1632 /**
1633  * fc_seq_ls_rjt() - Reject a sequence with ELS LS_RJT
1634  * @rx_fp: The received frame, not freed here.
1635  * @reason: The reason the sequence is being rejected
1636  * @explan: The explanation for the rejection
1637  *
1638  * If this fails due to allocation or transmit congestion, assume the
1639  * originator will repeat the sequence.
1640  */
1641 static void fc_seq_ls_rjt(struct fc_frame *rx_fp, enum fc_els_rjt_reason reason,
1642 			  enum fc_els_rjt_explan explan)
1643 {
1644 	struct fc_lport *lport;
1645 	struct fc_els_ls_rjt *rjt;
1646 	struct fc_frame *fp;
1647 
1648 	lport = fr_dev(rx_fp);
1649 	fp = fc_frame_alloc(lport, sizeof(*rjt));
1650 	if (!fp)
1651 		return;
1652 	rjt = fc_frame_payload_get(fp, sizeof(*rjt));
1653 	memset(rjt, 0, sizeof(*rjt));
1654 	rjt->er_cmd = ELS_LS_RJT;
1655 	rjt->er_reason = reason;
1656 	rjt->er_explan = explan;
1657 	fc_fill_reply_hdr(fp, rx_fp, FC_RCTL_ELS_REP, 0);
1658 	lport->tt.frame_send(lport, fp);
1659 }
1660 
1661 /**
1662  * fc_exch_reset() - Reset an exchange
1663  * @ep: The exchange to be reset
1664  */
1665 static void fc_exch_reset(struct fc_exch *ep)
1666 {
1667 	struct fc_seq *sp;
1668 	void (*resp)(struct fc_seq *, struct fc_frame *, void *);
1669 	void *arg;
1670 	int rc = 1;
1671 
1672 	spin_lock_bh(&ep->ex_lock);
1673 	ep->state |= FC_EX_RST_CLEANUP;
1674 	if (cancel_delayed_work(&ep->timeout_work))
1675 		atomic_dec(&ep->ex_refcnt);	/* drop hold for timer */
1676 	resp = ep->resp;
1677 	ep->resp = NULL;
1678 	if (ep->esb_stat & ESB_ST_REC_QUAL)
1679 		atomic_dec(&ep->ex_refcnt);	/* drop hold for rec_qual */
1680 	ep->esb_stat &= ~ESB_ST_REC_QUAL;
1681 	arg = ep->arg;
1682 	sp = &ep->seq;
1683 	rc = fc_exch_done_locked(ep);
1684 	spin_unlock_bh(&ep->ex_lock);
1685 	if (!rc)
1686 		fc_exch_delete(ep);
1687 
1688 	if (resp)
1689 		resp(sp, ERR_PTR(-FC_EX_CLOSED), arg);
1690 }
1691 
1692 /**
1693  * fc_exch_pool_reset() - Reset a per cpu exchange pool
1694  * @lport: The local port that the exchange pool is on
1695  * @pool:  The exchange pool to be reset
1696  * @sid:   The source ID
1697  * @did:   The destination ID
1698  *
1699  * Resets a per cpu exches pool, releasing all of its sequences
1700  * and exchanges. If sid is non-zero then reset only exchanges
1701  * we sourced from the local port's FID. If did is non-zero then
1702  * only reset exchanges destined for the local port's FID.
1703  */
1704 static void fc_exch_pool_reset(struct fc_lport *lport,
1705 			       struct fc_exch_pool *pool,
1706 			       u32 sid, u32 did)
1707 {
1708 	struct fc_exch *ep;
1709 	struct fc_exch *next;
1710 
1711 	spin_lock_bh(&pool->lock);
1712 restart:
1713 	list_for_each_entry_safe(ep, next, &pool->ex_list, ex_list) {
1714 		if ((lport == ep->lp) &&
1715 		    (sid == 0 || sid == ep->sid) &&
1716 		    (did == 0 || did == ep->did)) {
1717 			fc_exch_hold(ep);
1718 			spin_unlock_bh(&pool->lock);
1719 
1720 			fc_exch_reset(ep);
1721 
1722 			fc_exch_release(ep);
1723 			spin_lock_bh(&pool->lock);
1724 
1725 			/*
1726 			 * must restart loop incase while lock
1727 			 * was down multiple eps were released.
1728 			 */
1729 			goto restart;
1730 		}
1731 	}
1732 	spin_unlock_bh(&pool->lock);
1733 }
1734 
1735 /**
1736  * fc_exch_mgr_reset() - Reset all EMs of a local port
1737  * @lport: The local port whose EMs are to be reset
1738  * @sid:   The source ID
1739  * @did:   The destination ID
1740  *
1741  * Reset all EMs associated with a given local port. Release all
1742  * sequences and exchanges. If sid is non-zero then reset only the
1743  * exchanges sent from the local port's FID. If did is non-zero then
1744  * reset only exchanges destined for the local port's FID.
1745  */
1746 void fc_exch_mgr_reset(struct fc_lport *lport, u32 sid, u32 did)
1747 {
1748 	struct fc_exch_mgr_anchor *ema;
1749 	unsigned int cpu;
1750 
1751 	list_for_each_entry(ema, &lport->ema_list, ema_list) {
1752 		for_each_possible_cpu(cpu)
1753 			fc_exch_pool_reset(lport,
1754 					   per_cpu_ptr(ema->mp->pool, cpu),
1755 					   sid, did);
1756 	}
1757 }
1758 EXPORT_SYMBOL(fc_exch_mgr_reset);
1759 
1760 /**
1761  * fc_exch_lookup() - find an exchange
1762  * @lport: The local port
1763  * @xid: The exchange ID
1764  *
1765  * Returns exchange pointer with hold for caller, or NULL if not found.
1766  */
1767 static struct fc_exch *fc_exch_lookup(struct fc_lport *lport, u32 xid)
1768 {
1769 	struct fc_exch_mgr_anchor *ema;
1770 
1771 	list_for_each_entry(ema, &lport->ema_list, ema_list)
1772 		if (ema->mp->min_xid <= xid && xid <= ema->mp->max_xid)
1773 			return fc_exch_find(ema->mp, xid);
1774 	return NULL;
1775 }
1776 
1777 /**
1778  * fc_exch_els_rec() - Handler for ELS REC (Read Exchange Concise) requests
1779  * @rfp: The REC frame, not freed here.
1780  *
1781  * Note that the requesting port may be different than the S_ID in the request.
1782  */
1783 static void fc_exch_els_rec(struct fc_frame *rfp)
1784 {
1785 	struct fc_lport *lport;
1786 	struct fc_frame *fp;
1787 	struct fc_exch *ep;
1788 	struct fc_els_rec *rp;
1789 	struct fc_els_rec_acc *acc;
1790 	enum fc_els_rjt_reason reason = ELS_RJT_LOGIC;
1791 	enum fc_els_rjt_explan explan;
1792 	u32 sid;
1793 	u16 rxid;
1794 	u16 oxid;
1795 
1796 	lport = fr_dev(rfp);
1797 	rp = fc_frame_payload_get(rfp, sizeof(*rp));
1798 	explan = ELS_EXPL_INV_LEN;
1799 	if (!rp)
1800 		goto reject;
1801 	sid = ntoh24(rp->rec_s_id);
1802 	rxid = ntohs(rp->rec_rx_id);
1803 	oxid = ntohs(rp->rec_ox_id);
1804 
1805 	ep = fc_exch_lookup(lport,
1806 			    sid == fc_host_port_id(lport->host) ? oxid : rxid);
1807 	explan = ELS_EXPL_OXID_RXID;
1808 	if (!ep)
1809 		goto reject;
1810 	if (ep->oid != sid || oxid != ep->oxid)
1811 		goto rel;
1812 	if (rxid != FC_XID_UNKNOWN && rxid != ep->rxid)
1813 		goto rel;
1814 	fp = fc_frame_alloc(lport, sizeof(*acc));
1815 	if (!fp)
1816 		goto out;
1817 
1818 	acc = fc_frame_payload_get(fp, sizeof(*acc));
1819 	memset(acc, 0, sizeof(*acc));
1820 	acc->reca_cmd = ELS_LS_ACC;
1821 	acc->reca_ox_id = rp->rec_ox_id;
1822 	memcpy(acc->reca_ofid, rp->rec_s_id, 3);
1823 	acc->reca_rx_id = htons(ep->rxid);
1824 	if (ep->sid == ep->oid)
1825 		hton24(acc->reca_rfid, ep->did);
1826 	else
1827 		hton24(acc->reca_rfid, ep->sid);
1828 	acc->reca_fc4value = htonl(ep->seq.rec_data);
1829 	acc->reca_e_stat = htonl(ep->esb_stat & (ESB_ST_RESP |
1830 						 ESB_ST_SEQ_INIT |
1831 						 ESB_ST_COMPLETE));
1832 	fc_fill_reply_hdr(fp, rfp, FC_RCTL_ELS_REP, 0);
1833 	lport->tt.frame_send(lport, fp);
1834 out:
1835 	fc_exch_release(ep);
1836 	return;
1837 
1838 rel:
1839 	fc_exch_release(ep);
1840 reject:
1841 	fc_seq_ls_rjt(rfp, reason, explan);
1842 }
1843 
1844 /**
1845  * fc_exch_rrq_resp() - Handler for RRQ responses
1846  * @sp:	 The sequence that the RRQ is on
1847  * @fp:	 The RRQ frame
1848  * @arg: The exchange that the RRQ is on
1849  *
1850  * TODO: fix error handler.
1851  */
1852 static void fc_exch_rrq_resp(struct fc_seq *sp, struct fc_frame *fp, void *arg)
1853 {
1854 	struct fc_exch *aborted_ep = arg;
1855 	unsigned int op;
1856 
1857 	if (IS_ERR(fp)) {
1858 		int err = PTR_ERR(fp);
1859 
1860 		if (err == -FC_EX_CLOSED || err == -FC_EX_TIMEOUT)
1861 			goto cleanup;
1862 		FC_EXCH_DBG(aborted_ep, "Cannot process RRQ, "
1863 			    "frame error %d\n", err);
1864 		return;
1865 	}
1866 
1867 	op = fc_frame_payload_op(fp);
1868 	fc_frame_free(fp);
1869 
1870 	switch (op) {
1871 	case ELS_LS_RJT:
1872 		FC_EXCH_DBG(aborted_ep, "LS_RJT for RRQ");
1873 		/* fall through */
1874 	case ELS_LS_ACC:
1875 		goto cleanup;
1876 	default:
1877 		FC_EXCH_DBG(aborted_ep, "unexpected response op %x "
1878 			    "for RRQ", op);
1879 		return;
1880 	}
1881 
1882 cleanup:
1883 	fc_exch_done(&aborted_ep->seq);
1884 	/* drop hold for rec qual */
1885 	fc_exch_release(aborted_ep);
1886 }
1887 
1888 
1889 /**
1890  * fc_exch_seq_send() - Send a frame using a new exchange and sequence
1891  * @lport:	The local port to send the frame on
1892  * @fp:		The frame to be sent
1893  * @resp:	The response handler for this request
1894  * @destructor: The destructor for the exchange
1895  * @arg:	The argument to be passed to the response handler
1896  * @timer_msec: The timeout period for the exchange
1897  *
1898  * The frame pointer with some of the header's fields must be
1899  * filled before calling this routine, those fields are:
1900  *
1901  * - routing control
1902  * - FC port did
1903  * - FC port sid
1904  * - FC header type
1905  * - frame control
1906  * - parameter or relative offset
1907  */
1908 static struct fc_seq *fc_exch_seq_send(struct fc_lport *lport,
1909 				       struct fc_frame *fp,
1910 				       void (*resp)(struct fc_seq *,
1911 						    struct fc_frame *fp,
1912 						    void *arg),
1913 				       void (*destructor)(struct fc_seq *,
1914 							  void *),
1915 				       void *arg, u32 timer_msec)
1916 {
1917 	struct fc_exch *ep;
1918 	struct fc_seq *sp = NULL;
1919 	struct fc_frame_header *fh;
1920 	int rc = 1;
1921 
1922 	ep = fc_exch_alloc(lport, fp);
1923 	if (!ep) {
1924 		fc_frame_free(fp);
1925 		return NULL;
1926 	}
1927 	ep->esb_stat |= ESB_ST_SEQ_INIT;
1928 	fh = fc_frame_header_get(fp);
1929 	fc_exch_set_addr(ep, ntoh24(fh->fh_s_id), ntoh24(fh->fh_d_id));
1930 	ep->resp = resp;
1931 	ep->destructor = destructor;
1932 	ep->arg = arg;
1933 	ep->r_a_tov = FC_DEF_R_A_TOV;
1934 	ep->lp = lport;
1935 	sp = &ep->seq;
1936 
1937 	ep->fh_type = fh->fh_type; /* save for possbile timeout handling */
1938 	ep->f_ctl = ntoh24(fh->fh_f_ctl);
1939 	fc_exch_setup_hdr(ep, fp, ep->f_ctl);
1940 	sp->cnt++;
1941 
1942 	if (ep->xid <= lport->lro_xid && fh->fh_r_ctl == FC_RCTL_DD_UNSOL_CMD)
1943 		fc_fcp_ddp_setup(fr_fsp(fp), ep->xid);
1944 
1945 	if (unlikely(lport->tt.frame_send(lport, fp)))
1946 		goto err;
1947 
1948 	if (timer_msec)
1949 		fc_exch_timer_set_locked(ep, timer_msec);
1950 	ep->f_ctl &= ~FC_FC_FIRST_SEQ;	/* not first seq */
1951 
1952 	if (ep->f_ctl & FC_FC_SEQ_INIT)
1953 		ep->esb_stat &= ~ESB_ST_SEQ_INIT;
1954 	spin_unlock_bh(&ep->ex_lock);
1955 	return sp;
1956 err:
1957 	rc = fc_exch_done_locked(ep);
1958 	spin_unlock_bh(&ep->ex_lock);
1959 	if (!rc)
1960 		fc_exch_delete(ep);
1961 	return NULL;
1962 }
1963 
1964 /**
1965  * fc_exch_rrq() - Send an ELS RRQ (Reinstate Recovery Qualifier) command
1966  * @ep: The exchange to send the RRQ on
1967  *
1968  * This tells the remote port to stop blocking the use of
1969  * the exchange and the seq_cnt range.
1970  */
1971 static void fc_exch_rrq(struct fc_exch *ep)
1972 {
1973 	struct fc_lport *lport;
1974 	struct fc_els_rrq *rrq;
1975 	struct fc_frame *fp;
1976 	u32 did;
1977 
1978 	lport = ep->lp;
1979 
1980 	fp = fc_frame_alloc(lport, sizeof(*rrq));
1981 	if (!fp)
1982 		goto retry;
1983 
1984 	rrq = fc_frame_payload_get(fp, sizeof(*rrq));
1985 	memset(rrq, 0, sizeof(*rrq));
1986 	rrq->rrq_cmd = ELS_RRQ;
1987 	hton24(rrq->rrq_s_id, ep->sid);
1988 	rrq->rrq_ox_id = htons(ep->oxid);
1989 	rrq->rrq_rx_id = htons(ep->rxid);
1990 
1991 	did = ep->did;
1992 	if (ep->esb_stat & ESB_ST_RESP)
1993 		did = ep->sid;
1994 
1995 	fc_fill_fc_hdr(fp, FC_RCTL_ELS_REQ, did,
1996 		       lport->port_id, FC_TYPE_ELS,
1997 		       FC_FC_FIRST_SEQ | FC_FC_END_SEQ | FC_FC_SEQ_INIT, 0);
1998 
1999 	if (fc_exch_seq_send(lport, fp, fc_exch_rrq_resp, NULL, ep,
2000 			     lport->e_d_tov))
2001 		return;
2002 
2003 retry:
2004 	spin_lock_bh(&ep->ex_lock);
2005 	if (ep->state & (FC_EX_RST_CLEANUP | FC_EX_DONE)) {
2006 		spin_unlock_bh(&ep->ex_lock);
2007 		/* drop hold for rec qual */
2008 		fc_exch_release(ep);
2009 		return;
2010 	}
2011 	ep->esb_stat |= ESB_ST_REC_QUAL;
2012 	fc_exch_timer_set_locked(ep, ep->r_a_tov);
2013 	spin_unlock_bh(&ep->ex_lock);
2014 }
2015 
2016 /**
2017  * fc_exch_els_rrq() - Handler for ELS RRQ (Reset Recovery Qualifier) requests
2018  * @fp: The RRQ frame, not freed here.
2019  */
2020 static void fc_exch_els_rrq(struct fc_frame *fp)
2021 {
2022 	struct fc_lport *lport;
2023 	struct fc_exch *ep = NULL;	/* request or subject exchange */
2024 	struct fc_els_rrq *rp;
2025 	u32 sid;
2026 	u16 xid;
2027 	enum fc_els_rjt_explan explan;
2028 
2029 	lport = fr_dev(fp);
2030 	rp = fc_frame_payload_get(fp, sizeof(*rp));
2031 	explan = ELS_EXPL_INV_LEN;
2032 	if (!rp)
2033 		goto reject;
2034 
2035 	/*
2036 	 * lookup subject exchange.
2037 	 */
2038 	sid = ntoh24(rp->rrq_s_id);		/* subject source */
2039 	xid = fc_host_port_id(lport->host) == sid ?
2040 			ntohs(rp->rrq_ox_id) : ntohs(rp->rrq_rx_id);
2041 	ep = fc_exch_lookup(lport, xid);
2042 	explan = ELS_EXPL_OXID_RXID;
2043 	if (!ep)
2044 		goto reject;
2045 	spin_lock_bh(&ep->ex_lock);
2046 	if (ep->oxid != ntohs(rp->rrq_ox_id))
2047 		goto unlock_reject;
2048 	if (ep->rxid != ntohs(rp->rrq_rx_id) &&
2049 	    ep->rxid != FC_XID_UNKNOWN)
2050 		goto unlock_reject;
2051 	explan = ELS_EXPL_SID;
2052 	if (ep->sid != sid)
2053 		goto unlock_reject;
2054 
2055 	/*
2056 	 * Clear Recovery Qualifier state, and cancel timer if complete.
2057 	 */
2058 	if (ep->esb_stat & ESB_ST_REC_QUAL) {
2059 		ep->esb_stat &= ~ESB_ST_REC_QUAL;
2060 		atomic_dec(&ep->ex_refcnt);	/* drop hold for rec qual */
2061 	}
2062 	if (ep->esb_stat & ESB_ST_COMPLETE) {
2063 		if (cancel_delayed_work(&ep->timeout_work))
2064 			atomic_dec(&ep->ex_refcnt);	/* drop timer hold */
2065 	}
2066 
2067 	spin_unlock_bh(&ep->ex_lock);
2068 
2069 	/*
2070 	 * Send LS_ACC.
2071 	 */
2072 	fc_seq_ls_acc(fp);
2073 	goto out;
2074 
2075 unlock_reject:
2076 	spin_unlock_bh(&ep->ex_lock);
2077 reject:
2078 	fc_seq_ls_rjt(fp, ELS_RJT_LOGIC, explan);
2079 out:
2080 	if (ep)
2081 		fc_exch_release(ep);	/* drop hold from fc_exch_find */
2082 }
2083 
2084 /**
2085  * fc_exch_mgr_add() - Add an exchange manager to a local port's list of EMs
2086  * @lport: The local port to add the exchange manager to
2087  * @mp:	   The exchange manager to be added to the local port
2088  * @match: The match routine that indicates when this EM should be used
2089  */
2090 struct fc_exch_mgr_anchor *fc_exch_mgr_add(struct fc_lport *lport,
2091 					   struct fc_exch_mgr *mp,
2092 					   bool (*match)(struct fc_frame *))
2093 {
2094 	struct fc_exch_mgr_anchor *ema;
2095 
2096 	ema = kmalloc(sizeof(*ema), GFP_ATOMIC);
2097 	if (!ema)
2098 		return ema;
2099 
2100 	ema->mp = mp;
2101 	ema->match = match;
2102 	/* add EM anchor to EM anchors list */
2103 	list_add_tail(&ema->ema_list, &lport->ema_list);
2104 	kref_get(&mp->kref);
2105 	return ema;
2106 }
2107 EXPORT_SYMBOL(fc_exch_mgr_add);
2108 
2109 /**
2110  * fc_exch_mgr_destroy() - Destroy an exchange manager
2111  * @kref: The reference to the EM to be destroyed
2112  */
2113 static void fc_exch_mgr_destroy(struct kref *kref)
2114 {
2115 	struct fc_exch_mgr *mp = container_of(kref, struct fc_exch_mgr, kref);
2116 
2117 	mempool_destroy(mp->ep_pool);
2118 	free_percpu(mp->pool);
2119 	kfree(mp);
2120 }
2121 
2122 /**
2123  * fc_exch_mgr_del() - Delete an EM from a local port's list
2124  * @ema: The exchange manager anchor identifying the EM to be deleted
2125  */
2126 void fc_exch_mgr_del(struct fc_exch_mgr_anchor *ema)
2127 {
2128 	/* remove EM anchor from EM anchors list */
2129 	list_del(&ema->ema_list);
2130 	kref_put(&ema->mp->kref, fc_exch_mgr_destroy);
2131 	kfree(ema);
2132 }
2133 EXPORT_SYMBOL(fc_exch_mgr_del);
2134 
2135 /**
2136  * fc_exch_mgr_list_clone() - Share all exchange manager objects
2137  * @src: Source lport to clone exchange managers from
2138  * @dst: New lport that takes references to all the exchange managers
2139  */
2140 int fc_exch_mgr_list_clone(struct fc_lport *src, struct fc_lport *dst)
2141 {
2142 	struct fc_exch_mgr_anchor *ema, *tmp;
2143 
2144 	list_for_each_entry(ema, &src->ema_list, ema_list) {
2145 		if (!fc_exch_mgr_add(dst, ema->mp, ema->match))
2146 			goto err;
2147 	}
2148 	return 0;
2149 err:
2150 	list_for_each_entry_safe(ema, tmp, &dst->ema_list, ema_list)
2151 		fc_exch_mgr_del(ema);
2152 	return -ENOMEM;
2153 }
2154 
2155 /**
2156  * fc_exch_mgr_alloc() - Allocate an exchange manager
2157  * @lport:   The local port that the new EM will be associated with
2158  * @class:   The default FC class for new exchanges
2159  * @min_xid: The minimum XID for exchanges from the new EM
2160  * @max_xid: The maximum XID for exchanges from the new EM
2161  * @match:   The match routine for the new EM
2162  */
2163 struct fc_exch_mgr *fc_exch_mgr_alloc(struct fc_lport *lport,
2164 				      enum fc_class class,
2165 				      u16 min_xid, u16 max_xid,
2166 				      bool (*match)(struct fc_frame *))
2167 {
2168 	struct fc_exch_mgr *mp;
2169 	u16 pool_exch_range;
2170 	size_t pool_size;
2171 	unsigned int cpu;
2172 	struct fc_exch_pool *pool;
2173 
2174 	if (max_xid <= min_xid || max_xid == FC_XID_UNKNOWN ||
2175 	    (min_xid & fc_cpu_mask) != 0) {
2176 		FC_LPORT_DBG(lport, "Invalid min_xid 0x:%x and max_xid 0x:%x\n",
2177 			     min_xid, max_xid);
2178 		return NULL;
2179 	}
2180 
2181 	/*
2182 	 * allocate memory for EM
2183 	 */
2184 	mp = kzalloc(sizeof(struct fc_exch_mgr), GFP_ATOMIC);
2185 	if (!mp)
2186 		return NULL;
2187 
2188 	mp->class = class;
2189 	/* adjust em exch xid range for offload */
2190 	mp->min_xid = min_xid;
2191 	mp->max_xid = max_xid;
2192 
2193 	mp->ep_pool = mempool_create_slab_pool(2, fc_em_cachep);
2194 	if (!mp->ep_pool)
2195 		goto free_mp;
2196 
2197 	/*
2198 	 * Setup per cpu exch pool with entire exchange id range equally
2199 	 * divided across all cpus. The exch pointers array memory is
2200 	 * allocated for exch range per pool.
2201 	 */
2202 	pool_exch_range = (mp->max_xid - mp->min_xid + 1) / (fc_cpu_mask + 1);
2203 	mp->pool_max_index = pool_exch_range - 1;
2204 
2205 	/*
2206 	 * Allocate and initialize per cpu exch pool
2207 	 */
2208 	pool_size = sizeof(*pool) + pool_exch_range * sizeof(struct fc_exch *);
2209 	mp->pool = __alloc_percpu(pool_size, __alignof__(struct fc_exch_pool));
2210 	if (!mp->pool)
2211 		goto free_mempool;
2212 	for_each_possible_cpu(cpu) {
2213 		pool = per_cpu_ptr(mp->pool, cpu);
2214 		pool->left = FC_XID_UNKNOWN;
2215 		pool->right = FC_XID_UNKNOWN;
2216 		spin_lock_init(&pool->lock);
2217 		INIT_LIST_HEAD(&pool->ex_list);
2218 	}
2219 
2220 	kref_init(&mp->kref);
2221 	if (!fc_exch_mgr_add(lport, mp, match)) {
2222 		free_percpu(mp->pool);
2223 		goto free_mempool;
2224 	}
2225 
2226 	/*
2227 	 * Above kref_init() sets mp->kref to 1 and then
2228 	 * call to fc_exch_mgr_add incremented mp->kref again,
2229 	 * so adjust that extra increment.
2230 	 */
2231 	kref_put(&mp->kref, fc_exch_mgr_destroy);
2232 	return mp;
2233 
2234 free_mempool:
2235 	mempool_destroy(mp->ep_pool);
2236 free_mp:
2237 	kfree(mp);
2238 	return NULL;
2239 }
2240 EXPORT_SYMBOL(fc_exch_mgr_alloc);
2241 
2242 /**
2243  * fc_exch_mgr_free() - Free all exchange managers on a local port
2244  * @lport: The local port whose EMs are to be freed
2245  */
2246 void fc_exch_mgr_free(struct fc_lport *lport)
2247 {
2248 	struct fc_exch_mgr_anchor *ema, *next;
2249 
2250 	flush_workqueue(fc_exch_workqueue);
2251 	list_for_each_entry_safe(ema, next, &lport->ema_list, ema_list)
2252 		fc_exch_mgr_del(ema);
2253 }
2254 EXPORT_SYMBOL(fc_exch_mgr_free);
2255 
2256 /**
2257  * fc_exch_recv() - Handler for received frames
2258  * @lport: The local port the frame was received on
2259  * @fp:	   The received frame
2260  */
2261 void fc_exch_recv(struct fc_lport *lport, struct fc_frame *fp)
2262 {
2263 	struct fc_frame_header *fh = fc_frame_header_get(fp);
2264 	struct fc_exch_mgr_anchor *ema;
2265 	u32 f_ctl, found = 0;
2266 	u16 oxid;
2267 
2268 	/* lport lock ? */
2269 	if (!lport || lport->state == LPORT_ST_DISABLED) {
2270 		FC_LPORT_DBG(lport, "Receiving frames for an lport that "
2271 			     "has not been initialized correctly\n");
2272 		fc_frame_free(fp);
2273 		return;
2274 	}
2275 
2276 	f_ctl = ntoh24(fh->fh_f_ctl);
2277 	oxid = ntohs(fh->fh_ox_id);
2278 	if (f_ctl & FC_FC_EX_CTX) {
2279 		list_for_each_entry(ema, &lport->ema_list, ema_list) {
2280 			if ((oxid >= ema->mp->min_xid) &&
2281 			    (oxid <= ema->mp->max_xid)) {
2282 				found = 1;
2283 				break;
2284 			}
2285 		}
2286 
2287 		if (!found) {
2288 			FC_LPORT_DBG(lport, "Received response for out "
2289 				     "of range oxid:%hx\n", oxid);
2290 			fc_frame_free(fp);
2291 			return;
2292 		}
2293 	} else
2294 		ema = list_entry(lport->ema_list.prev, typeof(*ema), ema_list);
2295 
2296 	/*
2297 	 * If frame is marked invalid, just drop it.
2298 	 */
2299 	switch (fr_eof(fp)) {
2300 	case FC_EOF_T:
2301 		if (f_ctl & FC_FC_END_SEQ)
2302 			skb_trim(fp_skb(fp), fr_len(fp) - FC_FC_FILL(f_ctl));
2303 		/* fall through */
2304 	case FC_EOF_N:
2305 		if (fh->fh_type == FC_TYPE_BLS)
2306 			fc_exch_recv_bls(ema->mp, fp);
2307 		else if ((f_ctl & (FC_FC_EX_CTX | FC_FC_SEQ_CTX)) ==
2308 			 FC_FC_EX_CTX)
2309 			fc_exch_recv_seq_resp(ema->mp, fp);
2310 		else if (f_ctl & FC_FC_SEQ_CTX)
2311 			fc_exch_recv_resp(ema->mp, fp);
2312 		else	/* no EX_CTX and no SEQ_CTX */
2313 			fc_exch_recv_req(lport, ema->mp, fp);
2314 		break;
2315 	default:
2316 		FC_LPORT_DBG(lport, "dropping invalid frame (eof %x)",
2317 			     fr_eof(fp));
2318 		fc_frame_free(fp);
2319 	}
2320 }
2321 EXPORT_SYMBOL(fc_exch_recv);
2322 
2323 /**
2324  * fc_exch_init() - Initialize the exchange layer for a local port
2325  * @lport: The local port to initialize the exchange layer for
2326  */
2327 int fc_exch_init(struct fc_lport *lport)
2328 {
2329 	if (!lport->tt.seq_start_next)
2330 		lport->tt.seq_start_next = fc_seq_start_next;
2331 
2332 	if (!lport->tt.exch_seq_send)
2333 		lport->tt.exch_seq_send = fc_exch_seq_send;
2334 
2335 	if (!lport->tt.seq_send)
2336 		lport->tt.seq_send = fc_seq_send;
2337 
2338 	if (!lport->tt.seq_els_rsp_send)
2339 		lport->tt.seq_els_rsp_send = fc_seq_els_rsp_send;
2340 
2341 	if (!lport->tt.exch_done)
2342 		lport->tt.exch_done = fc_exch_done;
2343 
2344 	if (!lport->tt.exch_mgr_reset)
2345 		lport->tt.exch_mgr_reset = fc_exch_mgr_reset;
2346 
2347 	if (!lport->tt.seq_exch_abort)
2348 		lport->tt.seq_exch_abort = fc_seq_exch_abort;
2349 
2350 	if (!lport->tt.seq_assign)
2351 		lport->tt.seq_assign = fc_seq_assign;
2352 
2353 	return 0;
2354 }
2355 EXPORT_SYMBOL(fc_exch_init);
2356 
2357 /**
2358  * fc_setup_exch_mgr() - Setup an exchange manager
2359  */
2360 int fc_setup_exch_mgr()
2361 {
2362 	fc_em_cachep = kmem_cache_create("libfc_em", sizeof(struct fc_exch),
2363 					 0, SLAB_HWCACHE_ALIGN, NULL);
2364 	if (!fc_em_cachep)
2365 		return -ENOMEM;
2366 
2367 	/*
2368 	 * Initialize fc_cpu_mask and fc_cpu_order. The
2369 	 * fc_cpu_mask is set for nr_cpu_ids rounded up
2370 	 * to order of 2's * power and order is stored
2371 	 * in fc_cpu_order as this is later required in
2372 	 * mapping between an exch id and exch array index
2373 	 * in per cpu exch pool.
2374 	 *
2375 	 * This round up is required to align fc_cpu_mask
2376 	 * to exchange id's lower bits such that all incoming
2377 	 * frames of an exchange gets delivered to the same
2378 	 * cpu on which exchange originated by simple bitwise
2379 	 * AND operation between fc_cpu_mask and exchange id.
2380 	 */
2381 	fc_cpu_mask = 1;
2382 	fc_cpu_order = 0;
2383 	while (fc_cpu_mask < nr_cpu_ids) {
2384 		fc_cpu_mask <<= 1;
2385 		fc_cpu_order++;
2386 	}
2387 	fc_cpu_mask--;
2388 
2389 	fc_exch_workqueue = create_singlethread_workqueue("fc_exch_workqueue");
2390 	if (!fc_exch_workqueue)
2391 		return -ENOMEM;
2392 	return 0;
2393 }
2394 
2395 /**
2396  * fc_destroy_exch_mgr() - Destroy an exchange manager
2397  */
2398 void fc_destroy_exch_mgr()
2399 {
2400 	destroy_workqueue(fc_exch_workqueue);
2401 	kmem_cache_destroy(fc_em_cachep);
2402 }
2403