1 /* 2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 3 * Copyright (C) 1992 Eric Youngdale 4 * Simulate a host adapter with 2 disks attached. Do a lot of checking 5 * to make sure that we are not getting blocks mixed up, and PANIC if 6 * anything out of the ordinary is seen. 7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 8 * 9 * Copyright (C) 2001 - 2018 Douglas Gilbert 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License as published by 13 * the Free Software Foundation; either version 2, or (at your option) 14 * any later version. 15 * 16 * For documentation see http://sg.danny.cz/sg/sdebug26.html 17 * 18 */ 19 20 21 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__ 22 23 #include <linux/module.h> 24 25 #include <linux/kernel.h> 26 #include <linux/errno.h> 27 #include <linux/jiffies.h> 28 #include <linux/slab.h> 29 #include <linux/types.h> 30 #include <linux/string.h> 31 #include <linux/genhd.h> 32 #include <linux/fs.h> 33 #include <linux/init.h> 34 #include <linux/proc_fs.h> 35 #include <linux/vmalloc.h> 36 #include <linux/moduleparam.h> 37 #include <linux/scatterlist.h> 38 #include <linux/blkdev.h> 39 #include <linux/crc-t10dif.h> 40 #include <linux/spinlock.h> 41 #include <linux/interrupt.h> 42 #include <linux/atomic.h> 43 #include <linux/hrtimer.h> 44 #include <linux/uuid.h> 45 #include <linux/t10-pi.h> 46 47 #include <net/checksum.h> 48 49 #include <asm/unaligned.h> 50 51 #include <scsi/scsi.h> 52 #include <scsi/scsi_cmnd.h> 53 #include <scsi/scsi_device.h> 54 #include <scsi/scsi_host.h> 55 #include <scsi/scsicam.h> 56 #include <scsi/scsi_eh.h> 57 #include <scsi/scsi_tcq.h> 58 #include <scsi/scsi_dbg.h> 59 60 #include "sd.h" 61 #include "scsi_logging.h" 62 63 /* make sure inq_product_rev string corresponds to this version */ 64 #define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */ 65 static const char *sdebug_version_date = "20180128"; 66 67 #define MY_NAME "scsi_debug" 68 69 /* Additional Sense Code (ASC) */ 70 #define NO_ADDITIONAL_SENSE 0x0 71 #define LOGICAL_UNIT_NOT_READY 0x4 72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8 73 #define UNRECOVERED_READ_ERR 0x11 74 #define PARAMETER_LIST_LENGTH_ERR 0x1a 75 #define INVALID_OPCODE 0x20 76 #define LBA_OUT_OF_RANGE 0x21 77 #define INVALID_FIELD_IN_CDB 0x24 78 #define INVALID_FIELD_IN_PARAM_LIST 0x26 79 #define UA_RESET_ASC 0x29 80 #define UA_CHANGED_ASC 0x2a 81 #define TARGET_CHANGED_ASC 0x3f 82 #define LUNS_CHANGED_ASCQ 0x0e 83 #define INSUFF_RES_ASC 0x55 84 #define INSUFF_RES_ASCQ 0x3 85 #define POWER_ON_RESET_ASCQ 0x0 86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */ 87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */ 88 #define CAPACITY_CHANGED_ASCQ 0x9 89 #define SAVING_PARAMS_UNSUP 0x39 90 #define TRANSPORT_PROBLEM 0x4b 91 #define THRESHOLD_EXCEEDED 0x5d 92 #define LOW_POWER_COND_ON 0x5e 93 #define MISCOMPARE_VERIFY_ASC 0x1d 94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */ 95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16 96 #define WRITE_ERROR_ASC 0xc 97 98 /* Additional Sense Code Qualifier (ASCQ) */ 99 #define ACK_NAK_TO 0x3 100 101 /* Default values for driver parameters */ 102 #define DEF_NUM_HOST 1 103 #define DEF_NUM_TGTS 1 104 #define DEF_MAX_LUNS 1 105 /* With these defaults, this driver will make 1 host with 1 target 106 * (id 0) containing 1 logical unit (lun 0). That is 1 device. 107 */ 108 #define DEF_ATO 1 109 #define DEF_CDB_LEN 10 110 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */ 111 #define DEF_DEV_SIZE_MB 8 112 #define DEF_DIF 0 113 #define DEF_DIX 0 114 #define DEF_D_SENSE 0 115 #define DEF_EVERY_NTH 0 116 #define DEF_FAKE_RW 0 117 #define DEF_GUARD 0 118 #define DEF_HOST_LOCK 0 119 #define DEF_LBPU 0 120 #define DEF_LBPWS 0 121 #define DEF_LBPWS10 0 122 #define DEF_LBPRZ 1 123 #define DEF_LOWEST_ALIGNED 0 124 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */ 125 #define DEF_NO_LUN_0 0 126 #define DEF_NUM_PARTS 0 127 #define DEF_OPTS 0 128 #define DEF_OPT_BLKS 1024 129 #define DEF_PHYSBLK_EXP 0 130 #define DEF_OPT_XFERLEN_EXP 0 131 #define DEF_PTYPE TYPE_DISK 132 #define DEF_REMOVABLE false 133 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */ 134 #define DEF_SECTOR_SIZE 512 135 #define DEF_UNMAP_ALIGNMENT 0 136 #define DEF_UNMAP_GRANULARITY 1 137 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF 138 #define DEF_UNMAP_MAX_DESC 256 139 #define DEF_VIRTUAL_GB 0 140 #define DEF_VPD_USE_HOSTNO 1 141 #define DEF_WRITESAME_LENGTH 0xFFFF 142 #define DEF_STRICT 0 143 #define DEF_STATISTICS false 144 #define DEF_SUBMIT_QUEUES 1 145 #define DEF_UUID_CTL 0 146 #define JDELAY_OVERRIDDEN -9999 147 148 #define SDEBUG_LUN_0_VAL 0 149 150 /* bit mask values for sdebug_opts */ 151 #define SDEBUG_OPT_NOISE 1 152 #define SDEBUG_OPT_MEDIUM_ERR 2 153 #define SDEBUG_OPT_TIMEOUT 4 154 #define SDEBUG_OPT_RECOVERED_ERR 8 155 #define SDEBUG_OPT_TRANSPORT_ERR 16 156 #define SDEBUG_OPT_DIF_ERR 32 157 #define SDEBUG_OPT_DIX_ERR 64 158 #define SDEBUG_OPT_MAC_TIMEOUT 128 159 #define SDEBUG_OPT_SHORT_TRANSFER 0x100 160 #define SDEBUG_OPT_Q_NOISE 0x200 161 #define SDEBUG_OPT_ALL_TSF 0x400 162 #define SDEBUG_OPT_RARE_TSF 0x800 163 #define SDEBUG_OPT_N_WCE 0x1000 164 #define SDEBUG_OPT_RESET_NOISE 0x2000 165 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000 166 #define SDEBUG_OPT_HOST_BUSY 0x8000 167 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \ 168 SDEBUG_OPT_RESET_NOISE) 169 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \ 170 SDEBUG_OPT_TRANSPORT_ERR | \ 171 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \ 172 SDEBUG_OPT_SHORT_TRANSFER | \ 173 SDEBUG_OPT_HOST_BUSY) 174 /* When "every_nth" > 0 then modulo "every_nth" commands: 175 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set 176 * - a RECOVERED_ERROR is simulated on successful read and write 177 * commands if SDEBUG_OPT_RECOVERED_ERR is set. 178 * - a TRANSPORT_ERROR is simulated on successful read and write 179 * commands if SDEBUG_OPT_TRANSPORT_ERR is set. 180 * 181 * When "every_nth" < 0 then after "- every_nth" commands: 182 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set 183 * - a RECOVERED_ERROR is simulated on successful read and write 184 * commands if SDEBUG_OPT_RECOVERED_ERR is set. 185 * - a TRANSPORT_ERROR is simulated on successful read and write 186 * commands if _DEBUG_OPT_TRANSPORT_ERR is set. 187 * This will continue on every subsequent command until some other action 188 * occurs (e.g. the user * writing a new value (other than -1 or 1) to 189 * every_nth via sysfs). 190 */ 191 192 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in 193 * priority order. In the subset implemented here lower numbers have higher 194 * priority. The UA numbers should be a sequence starting from 0 with 195 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */ 196 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */ 197 #define SDEBUG_UA_BUS_RESET 1 198 #define SDEBUG_UA_MODE_CHANGED 2 199 #define SDEBUG_UA_CAPACITY_CHANGED 3 200 #define SDEBUG_UA_LUNS_CHANGED 4 201 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */ 202 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6 203 #define SDEBUG_NUM_UAS 7 204 205 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this 206 * sector on read commands: */ 207 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */ 208 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */ 209 210 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1) 211 * or "peripheral device" addressing (value 0) */ 212 #define SAM2_LUN_ADDRESS_METHOD 0 213 214 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued 215 * (for response) per submit queue at one time. Can be reduced by max_queue 216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The 217 * per-device DEF_CMD_PER_LUN can be changed via sysfs: 218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth 219 * but cannot exceed SDEBUG_CANQUEUE . 220 */ 221 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */ 222 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG) 223 #define DEF_CMD_PER_LUN 255 224 225 #define F_D_IN 1 226 #define F_D_OUT 2 227 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */ 228 #define F_D_UNKN 8 229 #define F_RL_WLUN_OK 0x10 230 #define F_SKIP_UA 0x20 231 #define F_DELAY_OVERR 0x40 232 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */ 233 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */ 234 #define F_INV_OP 0x200 235 #define F_FAKE_RW 0x400 236 #define F_M_ACCESS 0x800 /* media access */ 237 #define F_LONG_DELAY 0x1000 238 239 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR) 240 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW) 241 #define FF_SA (F_SA_HIGH | F_SA_LOW) 242 243 #define SDEBUG_MAX_PARTS 4 244 245 #define SDEBUG_MAX_CMD_LEN 32 246 247 248 struct sdebug_dev_info { 249 struct list_head dev_list; 250 unsigned int channel; 251 unsigned int target; 252 u64 lun; 253 uuid_t lu_name; 254 struct sdebug_host_info *sdbg_host; 255 unsigned long uas_bm[1]; 256 atomic_t num_in_q; 257 atomic_t stopped; 258 bool used; 259 }; 260 261 struct sdebug_host_info { 262 struct list_head host_list; 263 struct Scsi_Host *shost; 264 struct device dev; 265 struct list_head dev_info_list; 266 }; 267 268 #define to_sdebug_host(d) \ 269 container_of(d, struct sdebug_host_info, dev) 270 271 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1, 272 SDEB_DEFER_WQ = 2}; 273 274 struct sdebug_defer { 275 struct hrtimer hrt; 276 struct execute_work ew; 277 int sqa_idx; /* index of sdebug_queue array */ 278 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */ 279 int issuing_cpu; 280 bool init_hrt; 281 bool init_wq; 282 enum sdeb_defer_type defer_t; 283 }; 284 285 struct sdebug_queued_cmd { 286 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue 287 * instance indicates this slot is in use. 288 */ 289 struct sdebug_defer *sd_dp; 290 struct scsi_cmnd *a_cmnd; 291 unsigned int inj_recovered:1; 292 unsigned int inj_transport:1; 293 unsigned int inj_dif:1; 294 unsigned int inj_dix:1; 295 unsigned int inj_short:1; 296 unsigned int inj_host_busy:1; 297 }; 298 299 struct sdebug_queue { 300 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE]; 301 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS]; 302 spinlock_t qc_lock; 303 atomic_t blocked; /* to temporarily stop more being queued */ 304 }; 305 306 static atomic_t sdebug_cmnd_count; /* number of incoming commands */ 307 static atomic_t sdebug_completions; /* count of deferred completions */ 308 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */ 309 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */ 310 311 struct opcode_info_t { 312 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */ 313 /* for terminating element */ 314 u8 opcode; /* if num_attached > 0, preferred */ 315 u16 sa; /* service action */ 316 u32 flags; /* OR-ed set of SDEB_F_* */ 317 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 318 const struct opcode_info_t *arrp; /* num_attached elements or NULL */ 319 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */ 320 /* 1 to min(cdb_len, 15); ignore cdb[15...] */ 321 }; 322 323 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */ 324 enum sdeb_opcode_index { 325 SDEB_I_INVALID_OPCODE = 0, 326 SDEB_I_INQUIRY = 1, 327 SDEB_I_REPORT_LUNS = 2, 328 SDEB_I_REQUEST_SENSE = 3, 329 SDEB_I_TEST_UNIT_READY = 4, 330 SDEB_I_MODE_SENSE = 5, /* 6, 10 */ 331 SDEB_I_MODE_SELECT = 6, /* 6, 10 */ 332 SDEB_I_LOG_SENSE = 7, 333 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */ 334 SDEB_I_READ = 9, /* 6, 10, 12, 16 */ 335 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */ 336 SDEB_I_START_STOP = 11, 337 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */ 338 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */ 339 SDEB_I_MAINT_IN = 14, 340 SDEB_I_MAINT_OUT = 15, 341 SDEB_I_VERIFY = 16, /* 10 only */ 342 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */ 343 SDEB_I_RESERVE = 18, /* 6, 10 */ 344 SDEB_I_RELEASE = 19, /* 6, 10 */ 345 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */ 346 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */ 347 SDEB_I_ATA_PT = 22, /* 12, 16 */ 348 SDEB_I_SEND_DIAG = 23, 349 SDEB_I_UNMAP = 24, 350 SDEB_I_XDWRITEREAD = 25, /* 10 only */ 351 SDEB_I_WRITE_BUFFER = 26, 352 SDEB_I_WRITE_SAME = 27, /* 10, 16 */ 353 SDEB_I_SYNC_CACHE = 28, /* 10, 16 */ 354 SDEB_I_COMP_WRITE = 29, 355 SDEB_I_LAST_ELEMENT = 30, /* keep this last (previous + 1) */ 356 }; 357 358 359 static const unsigned char opcode_ind_arr[256] = { 360 /* 0x0; 0x0->0x1f: 6 byte cdbs */ 361 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE, 362 0, 0, 0, 0, 363 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0, 364 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 365 SDEB_I_RELEASE, 366 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG, 367 SDEB_I_ALLOW_REMOVAL, 0, 368 /* 0x20; 0x20->0x3f: 10 byte cdbs */ 369 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0, 370 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY, 371 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0, 372 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0, 373 /* 0x40; 0x40->0x5f: 10 byte cdbs */ 374 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0, 375 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0, 376 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 377 SDEB_I_RELEASE, 378 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0, 379 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */ 380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 381 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 382 0, SDEB_I_VARIABLE_LEN, 383 /* 0x80; 0x80->0x9f: 16 byte cdbs */ 384 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0, 385 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0, 386 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0, 387 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16, 388 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */ 389 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN, 390 SDEB_I_MAINT_OUT, 0, 0, 0, 391 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE, 392 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0, 393 0, 0, 0, 0, 0, 0, 0, 0, 394 0, 0, 0, 0, 0, 0, 0, 0, 395 /* 0xc0; 0xc0->0xff: vendor specific */ 396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 399 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 400 }; 401 402 /* 403 * The following "response" functions return the SCSI mid-level's 4 byte 404 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster 405 * command completion, they can mask their return value with 406 * SDEG_RES_IMMED_MASK . 407 */ 408 #define SDEG_RES_IMMED_MASK 0x40000000 409 410 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *); 411 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *); 412 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *); 413 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 414 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *); 415 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 416 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *); 417 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 418 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 419 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *); 420 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *); 421 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *); 422 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *); 423 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *); 424 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *); 425 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *); 426 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *); 427 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *); 428 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *); 429 static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *); 430 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *); 431 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *); 432 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *); 433 434 /* 435 * The following are overflow arrays for cdbs that "hit" the same index in 436 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb 437 * should be placed in opcode_info_arr[], the others should be placed here. 438 */ 439 static const struct opcode_info_t msense_iarr[] = { 440 {0, 0x1a, 0, F_D_IN, NULL, NULL, 441 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 442 }; 443 444 static const struct opcode_info_t mselect_iarr[] = { 445 {0, 0x15, 0, F_D_OUT, NULL, NULL, 446 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 447 }; 448 449 static const struct opcode_info_t read_iarr[] = { 450 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */ 451 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 452 0, 0, 0, 0} }, 453 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */ 454 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 455 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */ 456 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 457 0xc7, 0, 0, 0, 0} }, 458 }; 459 460 static const struct opcode_info_t write_iarr[] = { 461 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */ 462 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 463 0, 0, 0, 0, 0, 0} }, 464 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */ 465 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 466 0, 0, 0} }, 467 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */ 468 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 469 0xbf, 0xc7, 0, 0, 0, 0} }, 470 }; 471 472 static const struct opcode_info_t sa_in_16_iarr[] = { 473 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL, 474 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 475 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */ 476 }; 477 478 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */ 479 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0, 480 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa, 481 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */ 482 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 483 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8, 484 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */ 485 }; 486 487 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */ 488 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL, 489 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 490 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */ 491 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL, 492 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 493 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */ 494 }; 495 496 static const struct opcode_info_t write_same_iarr[] = { 497 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL, 498 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 499 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */ 500 }; 501 502 static const struct opcode_info_t reserve_iarr[] = { 503 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */ 504 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 505 }; 506 507 static const struct opcode_info_t release_iarr[] = { 508 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */ 509 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 510 }; 511 512 static const struct opcode_info_t sync_cache_iarr[] = { 513 {0, 0x91, 0, F_LONG_DELAY | F_M_ACCESS, resp_sync_cache, NULL, 514 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 515 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */ 516 }; 517 518 519 /* This array is accessed via SDEB_I_* values. Make sure all are mapped, 520 * plus the terminating elements for logic that scans this table such as 521 * REPORT SUPPORTED OPERATION CODES. */ 522 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = { 523 /* 0 */ 524 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */ 525 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 526 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */ 527 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 528 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL, 529 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 530 0, 0} }, /* REPORT LUNS */ 531 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL, 532 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 533 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */ 534 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 535 /* 5 */ 536 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */ 537 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0, 538 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 539 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */ 540 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 541 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 542 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */ 543 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 544 0, 0, 0} }, 545 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */ 546 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0, 547 0, 0} }, 548 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */ 549 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 550 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 551 /* 10 */ 552 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO, 553 resp_write_dt0, write_iarr, /* WRITE(16) */ 554 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 555 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 556 {0, 0x1b, 0, F_LONG_DELAY, resp_start_stop, NULL,/* START STOP UNIT */ 557 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 558 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN, 559 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */ 560 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 561 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} }, 562 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 563 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff, 564 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */ 565 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN, 566 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */ 567 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 568 0xff, 0, 0xc7, 0, 0, 0, 0} }, 569 /* 15 */ 570 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */ 571 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 572 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */ 573 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 574 0, 0, 0, 0, 0, 0} }, 575 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO, 576 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */ 577 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff, 578 0xff, 0xff} }, 579 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT, 580 NULL, reserve_iarr, /* RESERVE(10) <no response function> */ 581 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 582 0} }, 583 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT, 584 NULL, release_iarr, /* RELEASE(10) <no response function> */ 585 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 586 0} }, 587 /* 20 */ 588 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */ 589 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 590 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */ 591 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 592 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */ 593 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 594 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */ 595 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 596 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */ 597 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 598 /* 25 */ 599 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_MEDIA_IO, resp_xdwriteread_10, 600 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 601 0, 0, 0, 0, 0, 0} }, /* XDWRITEREAD(10) */ 602 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL, 603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 604 0, 0, 0, 0} }, /* WRITE_BUFFER */ 605 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, 606 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */ 607 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 608 0, 0, 0, 0, 0} }, 609 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_LONG_DELAY | F_M_ACCESS, 610 resp_sync_cache, sync_cache_iarr, 611 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 612 0, 0, 0, 0} }, /* SYNC_CACHE (10) */ 613 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL, 614 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0, 615 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */ 616 617 /* 30 */ 618 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */ 619 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 620 }; 621 622 static int sdebug_add_host = DEF_NUM_HOST; 623 static int sdebug_ato = DEF_ATO; 624 static int sdebug_cdb_len = DEF_CDB_LEN; 625 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */ 626 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB; 627 static int sdebug_dif = DEF_DIF; 628 static int sdebug_dix = DEF_DIX; 629 static int sdebug_dsense = DEF_D_SENSE; 630 static int sdebug_every_nth = DEF_EVERY_NTH; 631 static int sdebug_fake_rw = DEF_FAKE_RW; 632 static unsigned int sdebug_guard = DEF_GUARD; 633 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED; 634 static int sdebug_max_luns = DEF_MAX_LUNS; 635 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */ 636 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR; 637 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM; 638 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */ 639 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */ 640 static int sdebug_no_lun_0 = DEF_NO_LUN_0; 641 static int sdebug_no_uld; 642 static int sdebug_num_parts = DEF_NUM_PARTS; 643 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */ 644 static int sdebug_opt_blks = DEF_OPT_BLKS; 645 static int sdebug_opts = DEF_OPTS; 646 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP; 647 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP; 648 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */ 649 static int sdebug_scsi_level = DEF_SCSI_LEVEL; 650 static int sdebug_sector_size = DEF_SECTOR_SIZE; 651 static int sdebug_virtual_gb = DEF_VIRTUAL_GB; 652 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO; 653 static unsigned int sdebug_lbpu = DEF_LBPU; 654 static unsigned int sdebug_lbpws = DEF_LBPWS; 655 static unsigned int sdebug_lbpws10 = DEF_LBPWS10; 656 static unsigned int sdebug_lbprz = DEF_LBPRZ; 657 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT; 658 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY; 659 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS; 660 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC; 661 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH; 662 static int sdebug_uuid_ctl = DEF_UUID_CTL; 663 static bool sdebug_removable = DEF_REMOVABLE; 664 static bool sdebug_clustering; 665 static bool sdebug_host_lock = DEF_HOST_LOCK; 666 static bool sdebug_strict = DEF_STRICT; 667 static bool sdebug_any_injecting_opt; 668 static bool sdebug_verbose; 669 static bool have_dif_prot; 670 static bool sdebug_statistics = DEF_STATISTICS; 671 672 static unsigned int sdebug_store_sectors; 673 static sector_t sdebug_capacity; /* in sectors */ 674 675 /* old BIOS stuff, kernel may get rid of them but some mode sense pages 676 may still need them */ 677 static int sdebug_heads; /* heads per disk */ 678 static int sdebug_cylinders_per; /* cylinders per surface */ 679 static int sdebug_sectors_per; /* sectors per cylinder */ 680 681 static LIST_HEAD(sdebug_host_list); 682 static DEFINE_SPINLOCK(sdebug_host_list_lock); 683 684 static unsigned char *fake_storep; /* ramdisk storage */ 685 static struct t10_pi_tuple *dif_storep; /* protection info */ 686 static void *map_storep; /* provisioning map */ 687 688 static unsigned long map_size; 689 static int num_aborts; 690 static int num_dev_resets; 691 static int num_target_resets; 692 static int num_bus_resets; 693 static int num_host_resets; 694 static int dix_writes; 695 static int dix_reads; 696 static int dif_errors; 697 698 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */ 699 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */ 700 701 static DEFINE_RWLOCK(atomic_rw); 702 703 static char sdebug_proc_name[] = MY_NAME; 704 static const char *my_name = MY_NAME; 705 706 static struct bus_type pseudo_lld_bus; 707 708 static struct device_driver sdebug_driverfs_driver = { 709 .name = sdebug_proc_name, 710 .bus = &pseudo_lld_bus, 711 }; 712 713 static const int check_condition_result = 714 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 715 716 static const int illegal_condition_result = 717 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION; 718 719 static const int device_qfull_result = 720 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL; 721 722 723 /* Only do the extra work involved in logical block provisioning if one or 724 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing 725 * real reads and writes (i.e. not skipping them for speed). 726 */ 727 static inline bool scsi_debug_lbp(void) 728 { 729 return 0 == sdebug_fake_rw && 730 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10); 731 } 732 733 static void *fake_store(unsigned long long lba) 734 { 735 lba = do_div(lba, sdebug_store_sectors); 736 737 return fake_storep + lba * sdebug_sector_size; 738 } 739 740 static struct t10_pi_tuple *dif_store(sector_t sector) 741 { 742 sector = sector_div(sector, sdebug_store_sectors); 743 744 return dif_storep + sector; 745 } 746 747 static void sdebug_max_tgts_luns(void) 748 { 749 struct sdebug_host_info *sdbg_host; 750 struct Scsi_Host *hpnt; 751 752 spin_lock(&sdebug_host_list_lock); 753 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 754 hpnt = sdbg_host->shost; 755 if ((hpnt->this_id >= 0) && 756 (sdebug_num_tgts > hpnt->this_id)) 757 hpnt->max_id = sdebug_num_tgts + 1; 758 else 759 hpnt->max_id = sdebug_num_tgts; 760 /* sdebug_max_luns; */ 761 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 762 } 763 spin_unlock(&sdebug_host_list_lock); 764 } 765 766 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1}; 767 768 /* Set in_bit to -1 to indicate no bit position of invalid field */ 769 static void mk_sense_invalid_fld(struct scsi_cmnd *scp, 770 enum sdeb_cmd_data c_d, 771 int in_byte, int in_bit) 772 { 773 unsigned char *sbuff; 774 u8 sks[4]; 775 int sl, asc; 776 777 sbuff = scp->sense_buffer; 778 if (!sbuff) { 779 sdev_printk(KERN_ERR, scp->device, 780 "%s: sense_buffer is NULL\n", __func__); 781 return; 782 } 783 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST; 784 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 785 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0); 786 memset(sks, 0, sizeof(sks)); 787 sks[0] = 0x80; 788 if (c_d) 789 sks[0] |= 0x40; 790 if (in_bit >= 0) { 791 sks[0] |= 0x8; 792 sks[0] |= 0x7 & in_bit; 793 } 794 put_unaligned_be16(in_byte, sks + 1); 795 if (sdebug_dsense) { 796 sl = sbuff[7] + 8; 797 sbuff[7] = sl; 798 sbuff[sl] = 0x2; 799 sbuff[sl + 1] = 0x6; 800 memcpy(sbuff + sl + 4, sks, 3); 801 } else 802 memcpy(sbuff + 15, sks, 3); 803 if (sdebug_verbose) 804 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq" 805 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n", 806 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit); 807 } 808 809 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq) 810 { 811 unsigned char *sbuff; 812 813 sbuff = scp->sense_buffer; 814 if (!sbuff) { 815 sdev_printk(KERN_ERR, scp->device, 816 "%s: sense_buffer is NULL\n", __func__); 817 return; 818 } 819 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 820 821 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq); 822 823 if (sdebug_verbose) 824 sdev_printk(KERN_INFO, scp->device, 825 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n", 826 my_name, key, asc, asq); 827 } 828 829 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp) 830 { 831 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0); 832 } 833 834 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg) 835 { 836 if (sdebug_verbose) { 837 if (0x1261 == cmd) 838 sdev_printk(KERN_INFO, dev, 839 "%s: BLKFLSBUF [0x1261]\n", __func__); 840 else if (0x5331 == cmd) 841 sdev_printk(KERN_INFO, dev, 842 "%s: CDROM_GET_CAPABILITY [0x5331]\n", 843 __func__); 844 else 845 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n", 846 __func__, cmd); 847 } 848 return -EINVAL; 849 /* return -ENOTTY; // correct return but upsets fdisk */ 850 } 851 852 static void config_cdb_len(struct scsi_device *sdev) 853 { 854 switch (sdebug_cdb_len) { 855 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */ 856 sdev->use_10_for_rw = false; 857 sdev->use_16_for_rw = false; 858 sdev->use_10_for_ms = false; 859 break; 860 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */ 861 sdev->use_10_for_rw = true; 862 sdev->use_16_for_rw = false; 863 sdev->use_10_for_ms = false; 864 break; 865 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */ 866 sdev->use_10_for_rw = true; 867 sdev->use_16_for_rw = false; 868 sdev->use_10_for_ms = true; 869 break; 870 case 16: 871 sdev->use_10_for_rw = false; 872 sdev->use_16_for_rw = true; 873 sdev->use_10_for_ms = true; 874 break; 875 case 32: /* No knobs to suggest this so same as 16 for now */ 876 sdev->use_10_for_rw = false; 877 sdev->use_16_for_rw = true; 878 sdev->use_10_for_ms = true; 879 break; 880 default: 881 pr_warn("unexpected cdb_len=%d, force to 10\n", 882 sdebug_cdb_len); 883 sdev->use_10_for_rw = true; 884 sdev->use_16_for_rw = false; 885 sdev->use_10_for_ms = false; 886 sdebug_cdb_len = 10; 887 break; 888 } 889 } 890 891 static void all_config_cdb_len(void) 892 { 893 struct sdebug_host_info *sdbg_host; 894 struct Scsi_Host *shost; 895 struct scsi_device *sdev; 896 897 spin_lock(&sdebug_host_list_lock); 898 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 899 shost = sdbg_host->shost; 900 shost_for_each_device(sdev, shost) { 901 config_cdb_len(sdev); 902 } 903 } 904 spin_unlock(&sdebug_host_list_lock); 905 } 906 907 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip) 908 { 909 struct sdebug_host_info *sdhp; 910 struct sdebug_dev_info *dp; 911 912 spin_lock(&sdebug_host_list_lock); 913 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 914 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 915 if ((devip->sdbg_host == dp->sdbg_host) && 916 (devip->target == dp->target)) 917 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 918 } 919 } 920 spin_unlock(&sdebug_host_list_lock); 921 } 922 923 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 924 { 925 int k; 926 927 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS); 928 if (k != SDEBUG_NUM_UAS) { 929 const char *cp = NULL; 930 931 switch (k) { 932 case SDEBUG_UA_POR: 933 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 934 POWER_ON_RESET_ASCQ); 935 if (sdebug_verbose) 936 cp = "power on reset"; 937 break; 938 case SDEBUG_UA_BUS_RESET: 939 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 940 BUS_RESET_ASCQ); 941 if (sdebug_verbose) 942 cp = "bus reset"; 943 break; 944 case SDEBUG_UA_MODE_CHANGED: 945 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 946 MODE_CHANGED_ASCQ); 947 if (sdebug_verbose) 948 cp = "mode parameters changed"; 949 break; 950 case SDEBUG_UA_CAPACITY_CHANGED: 951 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 952 CAPACITY_CHANGED_ASCQ); 953 if (sdebug_verbose) 954 cp = "capacity data changed"; 955 break; 956 case SDEBUG_UA_MICROCODE_CHANGED: 957 mk_sense_buffer(scp, UNIT_ATTENTION, 958 TARGET_CHANGED_ASC, 959 MICROCODE_CHANGED_ASCQ); 960 if (sdebug_verbose) 961 cp = "microcode has been changed"; 962 break; 963 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET: 964 mk_sense_buffer(scp, UNIT_ATTENTION, 965 TARGET_CHANGED_ASC, 966 MICROCODE_CHANGED_WO_RESET_ASCQ); 967 if (sdebug_verbose) 968 cp = "microcode has been changed without reset"; 969 break; 970 case SDEBUG_UA_LUNS_CHANGED: 971 /* 972 * SPC-3 behavior is to report a UNIT ATTENTION with 973 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN 974 * on the target, until a REPORT LUNS command is 975 * received. SPC-4 behavior is to report it only once. 976 * NOTE: sdebug_scsi_level does not use the same 977 * values as struct scsi_device->scsi_level. 978 */ 979 if (sdebug_scsi_level >= 6) /* SPC-4 and above */ 980 clear_luns_changed_on_target(devip); 981 mk_sense_buffer(scp, UNIT_ATTENTION, 982 TARGET_CHANGED_ASC, 983 LUNS_CHANGED_ASCQ); 984 if (sdebug_verbose) 985 cp = "reported luns data has changed"; 986 break; 987 default: 988 pr_warn("unexpected unit attention code=%d\n", k); 989 if (sdebug_verbose) 990 cp = "unknown"; 991 break; 992 } 993 clear_bit(k, devip->uas_bm); 994 if (sdebug_verbose) 995 sdev_printk(KERN_INFO, scp->device, 996 "%s reports: Unit attention: %s\n", 997 my_name, cp); 998 return check_condition_result; 999 } 1000 return 0; 1001 } 1002 1003 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */ 1004 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1005 int arr_len) 1006 { 1007 int act_len; 1008 struct scsi_data_buffer *sdb = scsi_in(scp); 1009 1010 if (!sdb->length) 1011 return 0; 1012 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE)) 1013 return DID_ERROR << 16; 1014 1015 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents, 1016 arr, arr_len); 1017 sdb->resid = scsi_bufflen(scp) - act_len; 1018 1019 return 0; 1020 } 1021 1022 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else 1023 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple 1024 * calls, not required to write in ascending offset order. Assumes resid 1025 * set to scsi_bufflen() prior to any calls. 1026 */ 1027 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr, 1028 int arr_len, unsigned int off_dst) 1029 { 1030 int act_len, n; 1031 struct scsi_data_buffer *sdb = scsi_in(scp); 1032 off_t skip = off_dst; 1033 1034 if (sdb->length <= off_dst) 1035 return 0; 1036 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE)) 1037 return DID_ERROR << 16; 1038 1039 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents, 1040 arr, arr_len, skip); 1041 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n", 1042 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid); 1043 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len); 1044 sdb->resid = min(sdb->resid, n); 1045 return 0; 1046 } 1047 1048 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into 1049 * 'arr' or -1 if error. 1050 */ 1051 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1052 int arr_len) 1053 { 1054 if (!scsi_bufflen(scp)) 1055 return 0; 1056 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE)) 1057 return -1; 1058 1059 return scsi_sg_copy_to_buffer(scp, arr, arr_len); 1060 } 1061 1062 1063 static char sdebug_inq_vendor_id[9] = "Linux "; 1064 static char sdebug_inq_product_id[17] = "scsi_debug "; 1065 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION; 1066 /* Use some locally assigned NAAs for SAS addresses. */ 1067 static const u64 naa3_comp_a = 0x3222222000000000ULL; 1068 static const u64 naa3_comp_b = 0x3333333000000000ULL; 1069 static const u64 naa3_comp_c = 0x3111111000000000ULL; 1070 1071 /* Device identification VPD page. Returns number of bytes placed in arr */ 1072 static int inquiry_vpd_83(unsigned char *arr, int port_group_id, 1073 int target_dev_id, int dev_id_num, 1074 const char *dev_id_str, int dev_id_str_len, 1075 const uuid_t *lu_name) 1076 { 1077 int num, port_a; 1078 char b[32]; 1079 1080 port_a = target_dev_id + 1; 1081 /* T10 vendor identifier field format (faked) */ 1082 arr[0] = 0x2; /* ASCII */ 1083 arr[1] = 0x1; 1084 arr[2] = 0x0; 1085 memcpy(&arr[4], sdebug_inq_vendor_id, 8); 1086 memcpy(&arr[12], sdebug_inq_product_id, 16); 1087 memcpy(&arr[28], dev_id_str, dev_id_str_len); 1088 num = 8 + 16 + dev_id_str_len; 1089 arr[3] = num; 1090 num += 4; 1091 if (dev_id_num >= 0) { 1092 if (sdebug_uuid_ctl) { 1093 /* Locally assigned UUID */ 1094 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1095 arr[num++] = 0xa; /* PIV=0, lu, naa */ 1096 arr[num++] = 0x0; 1097 arr[num++] = 0x12; 1098 arr[num++] = 0x10; /* uuid type=1, locally assigned */ 1099 arr[num++] = 0x0; 1100 memcpy(arr + num, lu_name, 16); 1101 num += 16; 1102 } else { 1103 /* NAA-3, Logical unit identifier (binary) */ 1104 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1105 arr[num++] = 0x3; /* PIV=0, lu, naa */ 1106 arr[num++] = 0x0; 1107 arr[num++] = 0x8; 1108 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num); 1109 num += 8; 1110 } 1111 /* Target relative port number */ 1112 arr[num++] = 0x61; /* proto=sas, binary */ 1113 arr[num++] = 0x94; /* PIV=1, target port, rel port */ 1114 arr[num++] = 0x0; /* reserved */ 1115 arr[num++] = 0x4; /* length */ 1116 arr[num++] = 0x0; /* reserved */ 1117 arr[num++] = 0x0; /* reserved */ 1118 arr[num++] = 0x0; 1119 arr[num++] = 0x1; /* relative port A */ 1120 } 1121 /* NAA-3, Target port identifier */ 1122 arr[num++] = 0x61; /* proto=sas, binary */ 1123 arr[num++] = 0x93; /* piv=1, target port, naa */ 1124 arr[num++] = 0x0; 1125 arr[num++] = 0x8; 1126 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1127 num += 8; 1128 /* NAA-3, Target port group identifier */ 1129 arr[num++] = 0x61; /* proto=sas, binary */ 1130 arr[num++] = 0x95; /* piv=1, target port group id */ 1131 arr[num++] = 0x0; 1132 arr[num++] = 0x4; 1133 arr[num++] = 0; 1134 arr[num++] = 0; 1135 put_unaligned_be16(port_group_id, arr + num); 1136 num += 2; 1137 /* NAA-3, Target device identifier */ 1138 arr[num++] = 0x61; /* proto=sas, binary */ 1139 arr[num++] = 0xa3; /* piv=1, target device, naa */ 1140 arr[num++] = 0x0; 1141 arr[num++] = 0x8; 1142 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num); 1143 num += 8; 1144 /* SCSI name string: Target device identifier */ 1145 arr[num++] = 0x63; /* proto=sas, UTF-8 */ 1146 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */ 1147 arr[num++] = 0x0; 1148 arr[num++] = 24; 1149 memcpy(arr + num, "naa.32222220", 12); 1150 num += 12; 1151 snprintf(b, sizeof(b), "%08X", target_dev_id); 1152 memcpy(arr + num, b, 8); 1153 num += 8; 1154 memset(arr + num, 0, 4); 1155 num += 4; 1156 return num; 1157 } 1158 1159 static unsigned char vpd84_data[] = { 1160 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0, 1161 0x22,0x22,0x22,0x0,0xbb,0x1, 1162 0x22,0x22,0x22,0x0,0xbb,0x2, 1163 }; 1164 1165 /* Software interface identification VPD page */ 1166 static int inquiry_vpd_84(unsigned char *arr) 1167 { 1168 memcpy(arr, vpd84_data, sizeof(vpd84_data)); 1169 return sizeof(vpd84_data); 1170 } 1171 1172 /* Management network addresses VPD page */ 1173 static int inquiry_vpd_85(unsigned char *arr) 1174 { 1175 int num = 0; 1176 const char *na1 = "https://www.kernel.org/config"; 1177 const char *na2 = "http://www.kernel.org/log"; 1178 int plen, olen; 1179 1180 arr[num++] = 0x1; /* lu, storage config */ 1181 arr[num++] = 0x0; /* reserved */ 1182 arr[num++] = 0x0; 1183 olen = strlen(na1); 1184 plen = olen + 1; 1185 if (plen % 4) 1186 plen = ((plen / 4) + 1) * 4; 1187 arr[num++] = plen; /* length, null termianted, padded */ 1188 memcpy(arr + num, na1, olen); 1189 memset(arr + num + olen, 0, plen - olen); 1190 num += plen; 1191 1192 arr[num++] = 0x4; /* lu, logging */ 1193 arr[num++] = 0x0; /* reserved */ 1194 arr[num++] = 0x0; 1195 olen = strlen(na2); 1196 plen = olen + 1; 1197 if (plen % 4) 1198 plen = ((plen / 4) + 1) * 4; 1199 arr[num++] = plen; /* length, null terminated, padded */ 1200 memcpy(arr + num, na2, olen); 1201 memset(arr + num + olen, 0, plen - olen); 1202 num += plen; 1203 1204 return num; 1205 } 1206 1207 /* SCSI ports VPD page */ 1208 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id) 1209 { 1210 int num = 0; 1211 int port_a, port_b; 1212 1213 port_a = target_dev_id + 1; 1214 port_b = port_a + 1; 1215 arr[num++] = 0x0; /* reserved */ 1216 arr[num++] = 0x0; /* reserved */ 1217 arr[num++] = 0x0; 1218 arr[num++] = 0x1; /* relative port 1 (primary) */ 1219 memset(arr + num, 0, 6); 1220 num += 6; 1221 arr[num++] = 0x0; 1222 arr[num++] = 12; /* length tp descriptor */ 1223 /* naa-5 target port identifier (A) */ 1224 arr[num++] = 0x61; /* proto=sas, binary */ 1225 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1226 arr[num++] = 0x0; /* reserved */ 1227 arr[num++] = 0x8; /* length */ 1228 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1229 num += 8; 1230 arr[num++] = 0x0; /* reserved */ 1231 arr[num++] = 0x0; /* reserved */ 1232 arr[num++] = 0x0; 1233 arr[num++] = 0x2; /* relative port 2 (secondary) */ 1234 memset(arr + num, 0, 6); 1235 num += 6; 1236 arr[num++] = 0x0; 1237 arr[num++] = 12; /* length tp descriptor */ 1238 /* naa-5 target port identifier (B) */ 1239 arr[num++] = 0x61; /* proto=sas, binary */ 1240 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1241 arr[num++] = 0x0; /* reserved */ 1242 arr[num++] = 0x8; /* length */ 1243 put_unaligned_be64(naa3_comp_a + port_b, arr + num); 1244 num += 8; 1245 1246 return num; 1247 } 1248 1249 1250 static unsigned char vpd89_data[] = { 1251 /* from 4th byte */ 0,0,0,0, 1252 'l','i','n','u','x',' ',' ',' ', 1253 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ', 1254 '1','2','3','4', 1255 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0, 1256 0xec,0,0,0, 1257 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0, 1258 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20, 1259 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33, 1260 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31, 1261 0x53,0x41, 1262 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1263 0x20,0x20, 1264 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1265 0x10,0x80, 1266 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0, 1267 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0, 1268 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0, 1269 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0, 1270 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40, 1271 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0, 1272 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0, 1273 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1274 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1275 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1276 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42, 1277 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8, 1278 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe, 1279 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0, 1280 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1281 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1282 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1283 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1284 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1285 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1289 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1290 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1291 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51, 1292 }; 1293 1294 /* ATA Information VPD page */ 1295 static int inquiry_vpd_89(unsigned char *arr) 1296 { 1297 memcpy(arr, vpd89_data, sizeof(vpd89_data)); 1298 return sizeof(vpd89_data); 1299 } 1300 1301 1302 static unsigned char vpdb0_data[] = { 1303 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64, 1304 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1305 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1306 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1307 }; 1308 1309 /* Block limits VPD page (SBC-3) */ 1310 static int inquiry_vpd_b0(unsigned char *arr) 1311 { 1312 unsigned int gran; 1313 1314 memcpy(arr, vpdb0_data, sizeof(vpdb0_data)); 1315 1316 /* Optimal transfer length granularity */ 1317 if (sdebug_opt_xferlen_exp != 0 && 1318 sdebug_physblk_exp < sdebug_opt_xferlen_exp) 1319 gran = 1 << sdebug_opt_xferlen_exp; 1320 else 1321 gran = 1 << sdebug_physblk_exp; 1322 put_unaligned_be16(gran, arr + 2); 1323 1324 /* Maximum Transfer Length */ 1325 if (sdebug_store_sectors > 0x400) 1326 put_unaligned_be32(sdebug_store_sectors, arr + 4); 1327 1328 /* Optimal Transfer Length */ 1329 put_unaligned_be32(sdebug_opt_blks, &arr[8]); 1330 1331 if (sdebug_lbpu) { 1332 /* Maximum Unmap LBA Count */ 1333 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]); 1334 1335 /* Maximum Unmap Block Descriptor Count */ 1336 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]); 1337 } 1338 1339 /* Unmap Granularity Alignment */ 1340 if (sdebug_unmap_alignment) { 1341 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]); 1342 arr[28] |= 0x80; /* UGAVALID */ 1343 } 1344 1345 /* Optimal Unmap Granularity */ 1346 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]); 1347 1348 /* Maximum WRITE SAME Length */ 1349 put_unaligned_be64(sdebug_write_same_length, &arr[32]); 1350 1351 return 0x3c; /* Mandatory page length for Logical Block Provisioning */ 1352 1353 return sizeof(vpdb0_data); 1354 } 1355 1356 /* Block device characteristics VPD page (SBC-3) */ 1357 static int inquiry_vpd_b1(unsigned char *arr) 1358 { 1359 memset(arr, 0, 0x3c); 1360 arr[0] = 0; 1361 arr[1] = 1; /* non rotating medium (e.g. solid state) */ 1362 arr[2] = 0; 1363 arr[3] = 5; /* less than 1.8" */ 1364 1365 return 0x3c; 1366 } 1367 1368 /* Logical block provisioning VPD page (SBC-4) */ 1369 static int inquiry_vpd_b2(unsigned char *arr) 1370 { 1371 memset(arr, 0, 0x4); 1372 arr[0] = 0; /* threshold exponent */ 1373 if (sdebug_lbpu) 1374 arr[1] = 1 << 7; 1375 if (sdebug_lbpws) 1376 arr[1] |= 1 << 6; 1377 if (sdebug_lbpws10) 1378 arr[1] |= 1 << 5; 1379 if (sdebug_lbprz && scsi_debug_lbp()) 1380 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */ 1381 /* anc_sup=0; dp=0 (no provisioning group descriptor) */ 1382 /* minimum_percentage=0; provisioning_type=0 (unknown) */ 1383 /* threshold_percentage=0 */ 1384 return 0x4; 1385 } 1386 1387 #define SDEBUG_LONG_INQ_SZ 96 1388 #define SDEBUG_MAX_INQ_ARR_SZ 584 1389 1390 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1391 { 1392 unsigned char pq_pdt; 1393 unsigned char *arr; 1394 unsigned char *cmd = scp->cmnd; 1395 int alloc_len, n, ret; 1396 bool have_wlun, is_disk; 1397 1398 alloc_len = get_unaligned_be16(cmd + 3); 1399 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC); 1400 if (! arr) 1401 return DID_REQUEUE << 16; 1402 is_disk = (sdebug_ptype == TYPE_DISK); 1403 have_wlun = scsi_is_wlun(scp->device->lun); 1404 if (have_wlun) 1405 pq_pdt = TYPE_WLUN; /* present, wlun */ 1406 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL)) 1407 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */ 1408 else 1409 pq_pdt = (sdebug_ptype & 0x1f); 1410 arr[0] = pq_pdt; 1411 if (0x2 & cmd[1]) { /* CMDDT bit set */ 1412 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1); 1413 kfree(arr); 1414 return check_condition_result; 1415 } else if (0x1 & cmd[1]) { /* EVPD bit set */ 1416 int lu_id_num, port_group_id, target_dev_id, len; 1417 char lu_id_str[6]; 1418 int host_no = devip->sdbg_host->shost->host_no; 1419 1420 port_group_id = (((host_no + 1) & 0x7f) << 8) + 1421 (devip->channel & 0x7f); 1422 if (sdebug_vpd_use_hostno == 0) 1423 host_no = 0; 1424 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) + 1425 (devip->target * 1000) + devip->lun); 1426 target_dev_id = ((host_no + 1) * 2000) + 1427 (devip->target * 1000) - 3; 1428 len = scnprintf(lu_id_str, 6, "%d", lu_id_num); 1429 if (0 == cmd[2]) { /* supported vital product data pages */ 1430 arr[1] = cmd[2]; /*sanity */ 1431 n = 4; 1432 arr[n++] = 0x0; /* this page */ 1433 arr[n++] = 0x80; /* unit serial number */ 1434 arr[n++] = 0x83; /* device identification */ 1435 arr[n++] = 0x84; /* software interface ident. */ 1436 arr[n++] = 0x85; /* management network addresses */ 1437 arr[n++] = 0x86; /* extended inquiry */ 1438 arr[n++] = 0x87; /* mode page policy */ 1439 arr[n++] = 0x88; /* SCSI ports */ 1440 if (is_disk) { /* SBC only */ 1441 arr[n++] = 0x89; /* ATA information */ 1442 arr[n++] = 0xb0; /* Block limits */ 1443 arr[n++] = 0xb1; /* Block characteristics */ 1444 arr[n++] = 0xb2; /* Logical Block Prov */ 1445 } 1446 arr[3] = n - 4; /* number of supported VPD pages */ 1447 } else if (0x80 == cmd[2]) { /* unit serial number */ 1448 arr[1] = cmd[2]; /*sanity */ 1449 arr[3] = len; 1450 memcpy(&arr[4], lu_id_str, len); 1451 } else if (0x83 == cmd[2]) { /* device identification */ 1452 arr[1] = cmd[2]; /*sanity */ 1453 arr[3] = inquiry_vpd_83(&arr[4], port_group_id, 1454 target_dev_id, lu_id_num, 1455 lu_id_str, len, 1456 &devip->lu_name); 1457 } else if (0x84 == cmd[2]) { /* Software interface ident. */ 1458 arr[1] = cmd[2]; /*sanity */ 1459 arr[3] = inquiry_vpd_84(&arr[4]); 1460 } else if (0x85 == cmd[2]) { /* Management network addresses */ 1461 arr[1] = cmd[2]; /*sanity */ 1462 arr[3] = inquiry_vpd_85(&arr[4]); 1463 } else if (0x86 == cmd[2]) { /* extended inquiry */ 1464 arr[1] = cmd[2]; /*sanity */ 1465 arr[3] = 0x3c; /* number of following entries */ 1466 if (sdebug_dif == T10_PI_TYPE3_PROTECTION) 1467 arr[4] = 0x4; /* SPT: GRD_CHK:1 */ 1468 else if (have_dif_prot) 1469 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */ 1470 else 1471 arr[4] = 0x0; /* no protection stuff */ 1472 arr[5] = 0x7; /* head of q, ordered + simple q's */ 1473 } else if (0x87 == cmd[2]) { /* mode page policy */ 1474 arr[1] = cmd[2]; /*sanity */ 1475 arr[3] = 0x8; /* number of following entries */ 1476 arr[4] = 0x2; /* disconnect-reconnect mp */ 1477 arr[6] = 0x80; /* mlus, shared */ 1478 arr[8] = 0x18; /* protocol specific lu */ 1479 arr[10] = 0x82; /* mlus, per initiator port */ 1480 } else if (0x88 == cmd[2]) { /* SCSI Ports */ 1481 arr[1] = cmd[2]; /*sanity */ 1482 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id); 1483 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */ 1484 arr[1] = cmd[2]; /*sanity */ 1485 n = inquiry_vpd_89(&arr[4]); 1486 put_unaligned_be16(n, arr + 2); 1487 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */ 1488 arr[1] = cmd[2]; /*sanity */ 1489 arr[3] = inquiry_vpd_b0(&arr[4]); 1490 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */ 1491 arr[1] = cmd[2]; /*sanity */ 1492 arr[3] = inquiry_vpd_b1(&arr[4]); 1493 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */ 1494 arr[1] = cmd[2]; /*sanity */ 1495 arr[3] = inquiry_vpd_b2(&arr[4]); 1496 } else { 1497 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 1498 kfree(arr); 1499 return check_condition_result; 1500 } 1501 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len); 1502 ret = fill_from_dev_buffer(scp, arr, 1503 min(len, SDEBUG_MAX_INQ_ARR_SZ)); 1504 kfree(arr); 1505 return ret; 1506 } 1507 /* drops through here for a standard inquiry */ 1508 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */ 1509 arr[2] = sdebug_scsi_level; 1510 arr[3] = 2; /* response_data_format==2 */ 1511 arr[4] = SDEBUG_LONG_INQ_SZ - 5; 1512 arr[5] = (int)have_dif_prot; /* PROTECT bit */ 1513 if (sdebug_vpd_use_hostno == 0) 1514 arr[5] |= 0x10; /* claim: implicit TPGS */ 1515 arr[6] = 0x10; /* claim: MultiP */ 1516 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */ 1517 arr[7] = 0xa; /* claim: LINKED + CMDQUE */ 1518 memcpy(&arr[8], sdebug_inq_vendor_id, 8); 1519 memcpy(&arr[16], sdebug_inq_product_id, 16); 1520 memcpy(&arr[32], sdebug_inq_product_rev, 4); 1521 /* Use Vendor Specific area to place driver date in ASCII hex */ 1522 memcpy(&arr[36], sdebug_version_date, 8); 1523 /* version descriptors (2 bytes each) follow */ 1524 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */ 1525 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */ 1526 n = 62; 1527 if (is_disk) { /* SBC-4 no version claimed */ 1528 put_unaligned_be16(0x600, arr + n); 1529 n += 2; 1530 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */ 1531 put_unaligned_be16(0x525, arr + n); 1532 n += 2; 1533 } 1534 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */ 1535 ret = fill_from_dev_buffer(scp, arr, 1536 min(alloc_len, SDEBUG_LONG_INQ_SZ)); 1537 kfree(arr); 1538 return ret; 1539 } 1540 1541 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 1542 0, 0, 0x0, 0x0}; 1543 1544 static int resp_requests(struct scsi_cmnd *scp, 1545 struct sdebug_dev_info *devip) 1546 { 1547 unsigned char *sbuff; 1548 unsigned char *cmd = scp->cmnd; 1549 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; 1550 bool dsense; 1551 int len = 18; 1552 1553 memset(arr, 0, sizeof(arr)); 1554 dsense = !!(cmd[1] & 1); 1555 sbuff = scp->sense_buffer; 1556 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) { 1557 if (dsense) { 1558 arr[0] = 0x72; 1559 arr[1] = 0x0; /* NO_SENSE in sense_key */ 1560 arr[2] = THRESHOLD_EXCEEDED; 1561 arr[3] = 0xff; /* TEST set and MRIE==6 */ 1562 len = 8; 1563 } else { 1564 arr[0] = 0x70; 1565 arr[2] = 0x0; /* NO_SENSE in sense_key */ 1566 arr[7] = 0xa; /* 18 byte sense buffer */ 1567 arr[12] = THRESHOLD_EXCEEDED; 1568 arr[13] = 0xff; /* TEST set and MRIE==6 */ 1569 } 1570 } else { 1571 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE); 1572 if (arr[0] >= 0x70 && dsense == sdebug_dsense) 1573 ; /* have sense and formats match */ 1574 else if (arr[0] <= 0x70) { 1575 if (dsense) { 1576 memset(arr, 0, 8); 1577 arr[0] = 0x72; 1578 len = 8; 1579 } else { 1580 memset(arr, 0, 18); 1581 arr[0] = 0x70; 1582 arr[7] = 0xa; 1583 } 1584 } else if (dsense) { 1585 memset(arr, 0, 8); 1586 arr[0] = 0x72; 1587 arr[1] = sbuff[2]; /* sense key */ 1588 arr[2] = sbuff[12]; /* asc */ 1589 arr[3] = sbuff[13]; /* ascq */ 1590 len = 8; 1591 } else { 1592 memset(arr, 0, 18); 1593 arr[0] = 0x70; 1594 arr[2] = sbuff[1]; 1595 arr[7] = 0xa; 1596 arr[12] = sbuff[1]; 1597 arr[13] = sbuff[3]; 1598 } 1599 1600 } 1601 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0); 1602 return fill_from_dev_buffer(scp, arr, len); 1603 } 1604 1605 static int resp_start_stop(struct scsi_cmnd *scp, 1606 struct sdebug_dev_info *devip) 1607 { 1608 unsigned char *cmd = scp->cmnd; 1609 int power_cond, stop; 1610 1611 power_cond = (cmd[4] & 0xf0) >> 4; 1612 if (power_cond) { 1613 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7); 1614 return check_condition_result; 1615 } 1616 stop = !(cmd[4] & 1); 1617 atomic_xchg(&devip->stopped, stop); 1618 return (cmd[1] & 0x1) ? SDEG_RES_IMMED_MASK : 0; /* check IMMED bit */ 1619 } 1620 1621 static sector_t get_sdebug_capacity(void) 1622 { 1623 static const unsigned int gibibyte = 1073741824; 1624 1625 if (sdebug_virtual_gb > 0) 1626 return (sector_t)sdebug_virtual_gb * 1627 (gibibyte / sdebug_sector_size); 1628 else 1629 return sdebug_store_sectors; 1630 } 1631 1632 #define SDEBUG_READCAP_ARR_SZ 8 1633 static int resp_readcap(struct scsi_cmnd *scp, 1634 struct sdebug_dev_info *devip) 1635 { 1636 unsigned char arr[SDEBUG_READCAP_ARR_SZ]; 1637 unsigned int capac; 1638 1639 /* following just in case virtual_gb changed */ 1640 sdebug_capacity = get_sdebug_capacity(); 1641 memset(arr, 0, SDEBUG_READCAP_ARR_SZ); 1642 if (sdebug_capacity < 0xffffffff) { 1643 capac = (unsigned int)sdebug_capacity - 1; 1644 put_unaligned_be32(capac, arr + 0); 1645 } else 1646 put_unaligned_be32(0xffffffff, arr + 0); 1647 put_unaligned_be16(sdebug_sector_size, arr + 6); 1648 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ); 1649 } 1650 1651 #define SDEBUG_READCAP16_ARR_SZ 32 1652 static int resp_readcap16(struct scsi_cmnd *scp, 1653 struct sdebug_dev_info *devip) 1654 { 1655 unsigned char *cmd = scp->cmnd; 1656 unsigned char arr[SDEBUG_READCAP16_ARR_SZ]; 1657 int alloc_len; 1658 1659 alloc_len = get_unaligned_be32(cmd + 10); 1660 /* following just in case virtual_gb changed */ 1661 sdebug_capacity = get_sdebug_capacity(); 1662 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ); 1663 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0); 1664 put_unaligned_be32(sdebug_sector_size, arr + 8); 1665 arr[13] = sdebug_physblk_exp & 0xf; 1666 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f; 1667 1668 if (scsi_debug_lbp()) { 1669 arr[14] |= 0x80; /* LBPME */ 1670 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in 1671 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2 1672 * in the wider field maps to 0 in this field. 1673 */ 1674 if (sdebug_lbprz & 1) /* precisely what the draft requires */ 1675 arr[14] |= 0x40; 1676 } 1677 1678 arr[15] = sdebug_lowest_aligned & 0xff; 1679 1680 if (have_dif_prot) { 1681 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */ 1682 arr[12] |= 1; /* PROT_EN */ 1683 } 1684 1685 return fill_from_dev_buffer(scp, arr, 1686 min(alloc_len, SDEBUG_READCAP16_ARR_SZ)); 1687 } 1688 1689 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412 1690 1691 static int resp_report_tgtpgs(struct scsi_cmnd *scp, 1692 struct sdebug_dev_info *devip) 1693 { 1694 unsigned char *cmd = scp->cmnd; 1695 unsigned char *arr; 1696 int host_no = devip->sdbg_host->shost->host_no; 1697 int n, ret, alen, rlen; 1698 int port_group_a, port_group_b, port_a, port_b; 1699 1700 alen = get_unaligned_be32(cmd + 6); 1701 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC); 1702 if (! arr) 1703 return DID_REQUEUE << 16; 1704 /* 1705 * EVPD page 0x88 states we have two ports, one 1706 * real and a fake port with no device connected. 1707 * So we create two port groups with one port each 1708 * and set the group with port B to unavailable. 1709 */ 1710 port_a = 0x1; /* relative port A */ 1711 port_b = 0x2; /* relative port B */ 1712 port_group_a = (((host_no + 1) & 0x7f) << 8) + 1713 (devip->channel & 0x7f); 1714 port_group_b = (((host_no + 1) & 0x7f) << 8) + 1715 (devip->channel & 0x7f) + 0x80; 1716 1717 /* 1718 * The asymmetric access state is cycled according to the host_id. 1719 */ 1720 n = 4; 1721 if (sdebug_vpd_use_hostno == 0) { 1722 arr[n++] = host_no % 3; /* Asymm access state */ 1723 arr[n++] = 0x0F; /* claim: all states are supported */ 1724 } else { 1725 arr[n++] = 0x0; /* Active/Optimized path */ 1726 arr[n++] = 0x01; /* only support active/optimized paths */ 1727 } 1728 put_unaligned_be16(port_group_a, arr + n); 1729 n += 2; 1730 arr[n++] = 0; /* Reserved */ 1731 arr[n++] = 0; /* Status code */ 1732 arr[n++] = 0; /* Vendor unique */ 1733 arr[n++] = 0x1; /* One port per group */ 1734 arr[n++] = 0; /* Reserved */ 1735 arr[n++] = 0; /* Reserved */ 1736 put_unaligned_be16(port_a, arr + n); 1737 n += 2; 1738 arr[n++] = 3; /* Port unavailable */ 1739 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */ 1740 put_unaligned_be16(port_group_b, arr + n); 1741 n += 2; 1742 arr[n++] = 0; /* Reserved */ 1743 arr[n++] = 0; /* Status code */ 1744 arr[n++] = 0; /* Vendor unique */ 1745 arr[n++] = 0x1; /* One port per group */ 1746 arr[n++] = 0; /* Reserved */ 1747 arr[n++] = 0; /* Reserved */ 1748 put_unaligned_be16(port_b, arr + n); 1749 n += 2; 1750 1751 rlen = n - 4; 1752 put_unaligned_be32(rlen, arr + 0); 1753 1754 /* 1755 * Return the smallest value of either 1756 * - The allocated length 1757 * - The constructed command length 1758 * - The maximum array size 1759 */ 1760 rlen = min(alen,n); 1761 ret = fill_from_dev_buffer(scp, arr, 1762 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ)); 1763 kfree(arr); 1764 return ret; 1765 } 1766 1767 static int resp_rsup_opcodes(struct scsi_cmnd *scp, 1768 struct sdebug_dev_info *devip) 1769 { 1770 bool rctd; 1771 u8 reporting_opts, req_opcode, sdeb_i, supp; 1772 u16 req_sa, u; 1773 u32 alloc_len, a_len; 1774 int k, offset, len, errsts, count, bump, na; 1775 const struct opcode_info_t *oip; 1776 const struct opcode_info_t *r_oip; 1777 u8 *arr; 1778 u8 *cmd = scp->cmnd; 1779 1780 rctd = !!(cmd[2] & 0x80); 1781 reporting_opts = cmd[2] & 0x7; 1782 req_opcode = cmd[3]; 1783 req_sa = get_unaligned_be16(cmd + 4); 1784 alloc_len = get_unaligned_be32(cmd + 6); 1785 if (alloc_len < 4 || alloc_len > 0xffff) { 1786 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 1787 return check_condition_result; 1788 } 1789 if (alloc_len > 8192) 1790 a_len = 8192; 1791 else 1792 a_len = alloc_len; 1793 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC); 1794 if (NULL == arr) { 1795 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 1796 INSUFF_RES_ASCQ); 1797 return check_condition_result; 1798 } 1799 switch (reporting_opts) { 1800 case 0: /* all commands */ 1801 /* count number of commands */ 1802 for (count = 0, oip = opcode_info_arr; 1803 oip->num_attached != 0xff; ++oip) { 1804 if (F_INV_OP & oip->flags) 1805 continue; 1806 count += (oip->num_attached + 1); 1807 } 1808 bump = rctd ? 20 : 8; 1809 put_unaligned_be32(count * bump, arr); 1810 for (offset = 4, oip = opcode_info_arr; 1811 oip->num_attached != 0xff && offset < a_len; ++oip) { 1812 if (F_INV_OP & oip->flags) 1813 continue; 1814 na = oip->num_attached; 1815 arr[offset] = oip->opcode; 1816 put_unaligned_be16(oip->sa, arr + offset + 2); 1817 if (rctd) 1818 arr[offset + 5] |= 0x2; 1819 if (FF_SA & oip->flags) 1820 arr[offset + 5] |= 0x1; 1821 put_unaligned_be16(oip->len_mask[0], arr + offset + 6); 1822 if (rctd) 1823 put_unaligned_be16(0xa, arr + offset + 8); 1824 r_oip = oip; 1825 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) { 1826 if (F_INV_OP & oip->flags) 1827 continue; 1828 offset += bump; 1829 arr[offset] = oip->opcode; 1830 put_unaligned_be16(oip->sa, arr + offset + 2); 1831 if (rctd) 1832 arr[offset + 5] |= 0x2; 1833 if (FF_SA & oip->flags) 1834 arr[offset + 5] |= 0x1; 1835 put_unaligned_be16(oip->len_mask[0], 1836 arr + offset + 6); 1837 if (rctd) 1838 put_unaligned_be16(0xa, 1839 arr + offset + 8); 1840 } 1841 oip = r_oip; 1842 offset += bump; 1843 } 1844 break; 1845 case 1: /* one command: opcode only */ 1846 case 2: /* one command: opcode plus service action */ 1847 case 3: /* one command: if sa==0 then opcode only else opcode+sa */ 1848 sdeb_i = opcode_ind_arr[req_opcode]; 1849 oip = &opcode_info_arr[sdeb_i]; 1850 if (F_INV_OP & oip->flags) { 1851 supp = 1; 1852 offset = 4; 1853 } else { 1854 if (1 == reporting_opts) { 1855 if (FF_SA & oip->flags) { 1856 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1857 2, 2); 1858 kfree(arr); 1859 return check_condition_result; 1860 } 1861 req_sa = 0; 1862 } else if (2 == reporting_opts && 1863 0 == (FF_SA & oip->flags)) { 1864 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1); 1865 kfree(arr); /* point at requested sa */ 1866 return check_condition_result; 1867 } 1868 if (0 == (FF_SA & oip->flags) && 1869 req_opcode == oip->opcode) 1870 supp = 3; 1871 else if (0 == (FF_SA & oip->flags)) { 1872 na = oip->num_attached; 1873 for (k = 0, oip = oip->arrp; k < na; 1874 ++k, ++oip) { 1875 if (req_opcode == oip->opcode) 1876 break; 1877 } 1878 supp = (k >= na) ? 1 : 3; 1879 } else if (req_sa != oip->sa) { 1880 na = oip->num_attached; 1881 for (k = 0, oip = oip->arrp; k < na; 1882 ++k, ++oip) { 1883 if (req_sa == oip->sa) 1884 break; 1885 } 1886 supp = (k >= na) ? 1 : 3; 1887 } else 1888 supp = 3; 1889 if (3 == supp) { 1890 u = oip->len_mask[0]; 1891 put_unaligned_be16(u, arr + 2); 1892 arr[4] = oip->opcode; 1893 for (k = 1; k < u; ++k) 1894 arr[4 + k] = (k < 16) ? 1895 oip->len_mask[k] : 0xff; 1896 offset = 4 + u; 1897 } else 1898 offset = 4; 1899 } 1900 arr[1] = (rctd ? 0x80 : 0) | supp; 1901 if (rctd) { 1902 put_unaligned_be16(0xa, arr + offset); 1903 offset += 12; 1904 } 1905 break; 1906 default: 1907 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 1908 kfree(arr); 1909 return check_condition_result; 1910 } 1911 offset = (offset < a_len) ? offset : a_len; 1912 len = (offset < alloc_len) ? offset : alloc_len; 1913 errsts = fill_from_dev_buffer(scp, arr, len); 1914 kfree(arr); 1915 return errsts; 1916 } 1917 1918 static int resp_rsup_tmfs(struct scsi_cmnd *scp, 1919 struct sdebug_dev_info *devip) 1920 { 1921 bool repd; 1922 u32 alloc_len, len; 1923 u8 arr[16]; 1924 u8 *cmd = scp->cmnd; 1925 1926 memset(arr, 0, sizeof(arr)); 1927 repd = !!(cmd[2] & 0x80); 1928 alloc_len = get_unaligned_be32(cmd + 6); 1929 if (alloc_len < 4) { 1930 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 1931 return check_condition_result; 1932 } 1933 arr[0] = 0xc8; /* ATS | ATSS | LURS */ 1934 arr[1] = 0x1; /* ITNRS */ 1935 if (repd) { 1936 arr[3] = 0xc; 1937 len = 16; 1938 } else 1939 len = 4; 1940 1941 len = (len < alloc_len) ? len : alloc_len; 1942 return fill_from_dev_buffer(scp, arr, len); 1943 } 1944 1945 /* <<Following mode page info copied from ST318451LW>> */ 1946 1947 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target) 1948 { /* Read-Write Error Recovery page for mode_sense */ 1949 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0, 1950 5, 0, 0xff, 0xff}; 1951 1952 memcpy(p, err_recov_pg, sizeof(err_recov_pg)); 1953 if (1 == pcontrol) 1954 memset(p + 2, 0, sizeof(err_recov_pg) - 2); 1955 return sizeof(err_recov_pg); 1956 } 1957 1958 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target) 1959 { /* Disconnect-Reconnect page for mode_sense */ 1960 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0, 1961 0, 0, 0, 0, 0, 0, 0, 0}; 1962 1963 memcpy(p, disconnect_pg, sizeof(disconnect_pg)); 1964 if (1 == pcontrol) 1965 memset(p + 2, 0, sizeof(disconnect_pg) - 2); 1966 return sizeof(disconnect_pg); 1967 } 1968 1969 static int resp_format_pg(unsigned char *p, int pcontrol, int target) 1970 { /* Format device page for mode_sense */ 1971 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0, 1972 0, 0, 0, 0, 0, 0, 0, 0, 1973 0, 0, 0, 0, 0x40, 0, 0, 0}; 1974 1975 memcpy(p, format_pg, sizeof(format_pg)); 1976 put_unaligned_be16(sdebug_sectors_per, p + 10); 1977 put_unaligned_be16(sdebug_sector_size, p + 12); 1978 if (sdebug_removable) 1979 p[20] |= 0x20; /* should agree with INQUIRY */ 1980 if (1 == pcontrol) 1981 memset(p + 2, 0, sizeof(format_pg) - 2); 1982 return sizeof(format_pg); 1983 } 1984 1985 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 1986 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 1987 0, 0, 0, 0}; 1988 1989 static int resp_caching_pg(unsigned char *p, int pcontrol, int target) 1990 { /* Caching page for mode_sense */ 1991 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0, 1992 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; 1993 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 1994 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0}; 1995 1996 if (SDEBUG_OPT_N_WCE & sdebug_opts) 1997 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */ 1998 memcpy(p, caching_pg, sizeof(caching_pg)); 1999 if (1 == pcontrol) 2000 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg)); 2001 else if (2 == pcontrol) 2002 memcpy(p, d_caching_pg, sizeof(d_caching_pg)); 2003 return sizeof(caching_pg); 2004 } 2005 2006 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2007 0, 0, 0x2, 0x4b}; 2008 2009 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target) 2010 { /* Control mode page for mode_sense */ 2011 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0, 2012 0, 0, 0, 0}; 2013 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2014 0, 0, 0x2, 0x4b}; 2015 2016 if (sdebug_dsense) 2017 ctrl_m_pg[2] |= 0x4; 2018 else 2019 ctrl_m_pg[2] &= ~0x4; 2020 2021 if (sdebug_ato) 2022 ctrl_m_pg[5] |= 0x80; /* ATO=1 */ 2023 2024 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg)); 2025 if (1 == pcontrol) 2026 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg)); 2027 else if (2 == pcontrol) 2028 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg)); 2029 return sizeof(ctrl_m_pg); 2030 } 2031 2032 2033 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target) 2034 { /* Informational Exceptions control mode page for mode_sense */ 2035 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0, 2036 0, 0, 0x0, 0x0}; 2037 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 2038 0, 0, 0x0, 0x0}; 2039 2040 memcpy(p, iec_m_pg, sizeof(iec_m_pg)); 2041 if (1 == pcontrol) 2042 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg)); 2043 else if (2 == pcontrol) 2044 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg)); 2045 return sizeof(iec_m_pg); 2046 } 2047 2048 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target) 2049 { /* SAS SSP mode page - short format for mode_sense */ 2050 unsigned char sas_sf_m_pg[] = {0x19, 0x6, 2051 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0}; 2052 2053 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg)); 2054 if (1 == pcontrol) 2055 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2); 2056 return sizeof(sas_sf_m_pg); 2057 } 2058 2059 2060 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target, 2061 int target_dev_id) 2062 { /* SAS phy control and discover mode page for mode_sense */ 2063 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2, 2064 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0, 2065 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2066 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2067 0x2, 0, 0, 0, 0, 0, 0, 0, 2068 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2069 0, 0, 0, 0, 0, 0, 0, 0, 2070 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0, 2071 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2072 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2073 0x3, 0, 0, 0, 0, 0, 0, 0, 2074 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2075 0, 0, 0, 0, 0, 0, 0, 0, 2076 }; 2077 int port_a, port_b; 2078 2079 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16); 2080 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24); 2081 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64); 2082 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72); 2083 port_a = target_dev_id + 1; 2084 port_b = port_a + 1; 2085 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg)); 2086 put_unaligned_be32(port_a, p + 20); 2087 put_unaligned_be32(port_b, p + 48 + 20); 2088 if (1 == pcontrol) 2089 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4); 2090 return sizeof(sas_pcd_m_pg); 2091 } 2092 2093 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol) 2094 { /* SAS SSP shared protocol specific port mode subpage */ 2095 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0, 2096 0, 0, 0, 0, 0, 0, 0, 0, 2097 }; 2098 2099 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg)); 2100 if (1 == pcontrol) 2101 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4); 2102 return sizeof(sas_sha_m_pg); 2103 } 2104 2105 #define SDEBUG_MAX_MSENSE_SZ 256 2106 2107 static int resp_mode_sense(struct scsi_cmnd *scp, 2108 struct sdebug_dev_info *devip) 2109 { 2110 int pcontrol, pcode, subpcode, bd_len; 2111 unsigned char dev_spec; 2112 int alloc_len, offset, len, target_dev_id; 2113 int target = scp->device->id; 2114 unsigned char *ap; 2115 unsigned char arr[SDEBUG_MAX_MSENSE_SZ]; 2116 unsigned char *cmd = scp->cmnd; 2117 bool dbd, llbaa, msense_6, is_disk, bad_pcode; 2118 2119 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */ 2120 pcontrol = (cmd[2] & 0xc0) >> 6; 2121 pcode = cmd[2] & 0x3f; 2122 subpcode = cmd[3]; 2123 msense_6 = (MODE_SENSE == cmd[0]); 2124 llbaa = msense_6 ? false : !!(cmd[1] & 0x10); 2125 is_disk = (sdebug_ptype == TYPE_DISK); 2126 if (is_disk && !dbd) 2127 bd_len = llbaa ? 16 : 8; 2128 else 2129 bd_len = 0; 2130 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2131 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ); 2132 if (0x3 == pcontrol) { /* Saving values not supported */ 2133 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0); 2134 return check_condition_result; 2135 } 2136 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) + 2137 (devip->target * 1000) - 3; 2138 /* for disks set DPOFUA bit and clear write protect (WP) bit */ 2139 if (is_disk) 2140 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */ 2141 else 2142 dev_spec = 0x0; 2143 if (msense_6) { 2144 arr[2] = dev_spec; 2145 arr[3] = bd_len; 2146 offset = 4; 2147 } else { 2148 arr[3] = dev_spec; 2149 if (16 == bd_len) 2150 arr[4] = 0x1; /* set LONGLBA bit */ 2151 arr[7] = bd_len; /* assume 255 or less */ 2152 offset = 8; 2153 } 2154 ap = arr + offset; 2155 if ((bd_len > 0) && (!sdebug_capacity)) 2156 sdebug_capacity = get_sdebug_capacity(); 2157 2158 if (8 == bd_len) { 2159 if (sdebug_capacity > 0xfffffffe) 2160 put_unaligned_be32(0xffffffff, ap + 0); 2161 else 2162 put_unaligned_be32(sdebug_capacity, ap + 0); 2163 put_unaligned_be16(sdebug_sector_size, ap + 6); 2164 offset += bd_len; 2165 ap = arr + offset; 2166 } else if (16 == bd_len) { 2167 put_unaligned_be64((u64)sdebug_capacity, ap + 0); 2168 put_unaligned_be32(sdebug_sector_size, ap + 12); 2169 offset += bd_len; 2170 ap = arr + offset; 2171 } 2172 2173 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) { 2174 /* TODO: Control Extension page */ 2175 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2176 return check_condition_result; 2177 } 2178 bad_pcode = false; 2179 2180 switch (pcode) { 2181 case 0x1: /* Read-Write error recovery page, direct access */ 2182 len = resp_err_recov_pg(ap, pcontrol, target); 2183 offset += len; 2184 break; 2185 case 0x2: /* Disconnect-Reconnect page, all devices */ 2186 len = resp_disconnect_pg(ap, pcontrol, target); 2187 offset += len; 2188 break; 2189 case 0x3: /* Format device page, direct access */ 2190 if (is_disk) { 2191 len = resp_format_pg(ap, pcontrol, target); 2192 offset += len; 2193 } else 2194 bad_pcode = true; 2195 break; 2196 case 0x8: /* Caching page, direct access */ 2197 if (is_disk) { 2198 len = resp_caching_pg(ap, pcontrol, target); 2199 offset += len; 2200 } else 2201 bad_pcode = true; 2202 break; 2203 case 0xa: /* Control Mode page, all devices */ 2204 len = resp_ctrl_m_pg(ap, pcontrol, target); 2205 offset += len; 2206 break; 2207 case 0x19: /* if spc==1 then sas phy, control+discover */ 2208 if ((subpcode > 0x2) && (subpcode < 0xff)) { 2209 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2210 return check_condition_result; 2211 } 2212 len = 0; 2213 if ((0x0 == subpcode) || (0xff == subpcode)) 2214 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2215 if ((0x1 == subpcode) || (0xff == subpcode)) 2216 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target, 2217 target_dev_id); 2218 if ((0x2 == subpcode) || (0xff == subpcode)) 2219 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2220 offset += len; 2221 break; 2222 case 0x1c: /* Informational Exceptions Mode page, all devices */ 2223 len = resp_iec_m_pg(ap, pcontrol, target); 2224 offset += len; 2225 break; 2226 case 0x3f: /* Read all Mode pages */ 2227 if ((0 == subpcode) || (0xff == subpcode)) { 2228 len = resp_err_recov_pg(ap, pcontrol, target); 2229 len += resp_disconnect_pg(ap + len, pcontrol, target); 2230 if (is_disk) { 2231 len += resp_format_pg(ap + len, pcontrol, 2232 target); 2233 len += resp_caching_pg(ap + len, pcontrol, 2234 target); 2235 } 2236 len += resp_ctrl_m_pg(ap + len, pcontrol, target); 2237 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2238 if (0xff == subpcode) { 2239 len += resp_sas_pcd_m_spg(ap + len, pcontrol, 2240 target, target_dev_id); 2241 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2242 } 2243 len += resp_iec_m_pg(ap + len, pcontrol, target); 2244 offset += len; 2245 } else { 2246 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2247 return check_condition_result; 2248 } 2249 break; 2250 default: 2251 bad_pcode = true; 2252 break; 2253 } 2254 if (bad_pcode) { 2255 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2256 return check_condition_result; 2257 } 2258 if (msense_6) 2259 arr[0] = offset - 1; 2260 else 2261 put_unaligned_be16((offset - 2), arr + 0); 2262 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset)); 2263 } 2264 2265 #define SDEBUG_MAX_MSELECT_SZ 512 2266 2267 static int resp_mode_select(struct scsi_cmnd *scp, 2268 struct sdebug_dev_info *devip) 2269 { 2270 int pf, sp, ps, md_len, bd_len, off, spf, pg_len; 2271 int param_len, res, mpage; 2272 unsigned char arr[SDEBUG_MAX_MSELECT_SZ]; 2273 unsigned char *cmd = scp->cmnd; 2274 int mselect6 = (MODE_SELECT == cmd[0]); 2275 2276 memset(arr, 0, sizeof(arr)); 2277 pf = cmd[1] & 0x10; 2278 sp = cmd[1] & 0x1; 2279 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2280 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) { 2281 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1); 2282 return check_condition_result; 2283 } 2284 res = fetch_to_dev_buffer(scp, arr, param_len); 2285 if (-1 == res) 2286 return DID_ERROR << 16; 2287 else if (sdebug_verbose && (res < param_len)) 2288 sdev_printk(KERN_INFO, scp->device, 2289 "%s: cdb indicated=%d, IO sent=%d bytes\n", 2290 __func__, param_len, res); 2291 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2); 2292 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6); 2293 if (md_len > 2) { 2294 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1); 2295 return check_condition_result; 2296 } 2297 off = bd_len + (mselect6 ? 4 : 8); 2298 mpage = arr[off] & 0x3f; 2299 ps = !!(arr[off] & 0x80); 2300 if (ps) { 2301 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7); 2302 return check_condition_result; 2303 } 2304 spf = !!(arr[off] & 0x40); 2305 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) : 2306 (arr[off + 1] + 2); 2307 if ((pg_len + off) > param_len) { 2308 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2309 PARAMETER_LIST_LENGTH_ERR, 0); 2310 return check_condition_result; 2311 } 2312 switch (mpage) { 2313 case 0x8: /* Caching Mode page */ 2314 if (caching_pg[1] == arr[off + 1]) { 2315 memcpy(caching_pg + 2, arr + off + 2, 2316 sizeof(caching_pg) - 2); 2317 goto set_mode_changed_ua; 2318 } 2319 break; 2320 case 0xa: /* Control Mode page */ 2321 if (ctrl_m_pg[1] == arr[off + 1]) { 2322 memcpy(ctrl_m_pg + 2, arr + off + 2, 2323 sizeof(ctrl_m_pg) - 2); 2324 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4); 2325 goto set_mode_changed_ua; 2326 } 2327 break; 2328 case 0x1c: /* Informational Exceptions Mode page */ 2329 if (iec_m_pg[1] == arr[off + 1]) { 2330 memcpy(iec_m_pg + 2, arr + off + 2, 2331 sizeof(iec_m_pg) - 2); 2332 goto set_mode_changed_ua; 2333 } 2334 break; 2335 default: 2336 break; 2337 } 2338 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5); 2339 return check_condition_result; 2340 set_mode_changed_ua: 2341 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm); 2342 return 0; 2343 } 2344 2345 static int resp_temp_l_pg(unsigned char *arr) 2346 { 2347 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38, 2348 0x0, 0x1, 0x3, 0x2, 0x0, 65, 2349 }; 2350 2351 memcpy(arr, temp_l_pg, sizeof(temp_l_pg)); 2352 return sizeof(temp_l_pg); 2353 } 2354 2355 static int resp_ie_l_pg(unsigned char *arr) 2356 { 2357 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38, 2358 }; 2359 2360 memcpy(arr, ie_l_pg, sizeof(ie_l_pg)); 2361 if (iec_m_pg[2] & 0x4) { /* TEST bit set */ 2362 arr[4] = THRESHOLD_EXCEEDED; 2363 arr[5] = 0xff; 2364 } 2365 return sizeof(ie_l_pg); 2366 } 2367 2368 #define SDEBUG_MAX_LSENSE_SZ 512 2369 2370 static int resp_log_sense(struct scsi_cmnd *scp, 2371 struct sdebug_dev_info *devip) 2372 { 2373 int ppc, sp, pcode, subpcode, alloc_len, len, n; 2374 unsigned char arr[SDEBUG_MAX_LSENSE_SZ]; 2375 unsigned char *cmd = scp->cmnd; 2376 2377 memset(arr, 0, sizeof(arr)); 2378 ppc = cmd[1] & 0x2; 2379 sp = cmd[1] & 0x1; 2380 if (ppc || sp) { 2381 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0); 2382 return check_condition_result; 2383 } 2384 pcode = cmd[2] & 0x3f; 2385 subpcode = cmd[3] & 0xff; 2386 alloc_len = get_unaligned_be16(cmd + 7); 2387 arr[0] = pcode; 2388 if (0 == subpcode) { 2389 switch (pcode) { 2390 case 0x0: /* Supported log pages log page */ 2391 n = 4; 2392 arr[n++] = 0x0; /* this page */ 2393 arr[n++] = 0xd; /* Temperature */ 2394 arr[n++] = 0x2f; /* Informational exceptions */ 2395 arr[3] = n - 4; 2396 break; 2397 case 0xd: /* Temperature log page */ 2398 arr[3] = resp_temp_l_pg(arr + 4); 2399 break; 2400 case 0x2f: /* Informational exceptions log page */ 2401 arr[3] = resp_ie_l_pg(arr + 4); 2402 break; 2403 default: 2404 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2405 return check_condition_result; 2406 } 2407 } else if (0xff == subpcode) { 2408 arr[0] |= 0x40; 2409 arr[1] = subpcode; 2410 switch (pcode) { 2411 case 0x0: /* Supported log pages and subpages log page */ 2412 n = 4; 2413 arr[n++] = 0x0; 2414 arr[n++] = 0x0; /* 0,0 page */ 2415 arr[n++] = 0x0; 2416 arr[n++] = 0xff; /* this page */ 2417 arr[n++] = 0xd; 2418 arr[n++] = 0x0; /* Temperature */ 2419 arr[n++] = 0x2f; 2420 arr[n++] = 0x0; /* Informational exceptions */ 2421 arr[3] = n - 4; 2422 break; 2423 case 0xd: /* Temperature subpages */ 2424 n = 4; 2425 arr[n++] = 0xd; 2426 arr[n++] = 0x0; /* Temperature */ 2427 arr[3] = n - 4; 2428 break; 2429 case 0x2f: /* Informational exceptions subpages */ 2430 n = 4; 2431 arr[n++] = 0x2f; 2432 arr[n++] = 0x0; /* Informational exceptions */ 2433 arr[3] = n - 4; 2434 break; 2435 default: 2436 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2437 return check_condition_result; 2438 } 2439 } else { 2440 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2441 return check_condition_result; 2442 } 2443 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len); 2444 return fill_from_dev_buffer(scp, arr, 2445 min(len, SDEBUG_MAX_INQ_ARR_SZ)); 2446 } 2447 2448 static int check_device_access_params(struct scsi_cmnd *scp, 2449 unsigned long long lba, unsigned int num) 2450 { 2451 if (lba + num > sdebug_capacity) { 2452 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2453 return check_condition_result; 2454 } 2455 /* transfer length excessive (tie in to block limits VPD page) */ 2456 if (num > sdebug_store_sectors) { 2457 /* needs work to find which cdb byte 'num' comes from */ 2458 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2459 return check_condition_result; 2460 } 2461 return 0; 2462 } 2463 2464 /* Returns number of bytes copied or -1 if error. */ 2465 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba, 2466 u32 num, bool do_write) 2467 { 2468 int ret; 2469 u64 block, rest = 0; 2470 struct scsi_data_buffer *sdb; 2471 enum dma_data_direction dir; 2472 2473 if (do_write) { 2474 sdb = scsi_out(scmd); 2475 dir = DMA_TO_DEVICE; 2476 } else { 2477 sdb = scsi_in(scmd); 2478 dir = DMA_FROM_DEVICE; 2479 } 2480 2481 if (!sdb->length) 2482 return 0; 2483 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir)) 2484 return -1; 2485 2486 block = do_div(lba, sdebug_store_sectors); 2487 if (block + num > sdebug_store_sectors) 2488 rest = block + num - sdebug_store_sectors; 2489 2490 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 2491 fake_storep + (block * sdebug_sector_size), 2492 (num - rest) * sdebug_sector_size, sg_skip, do_write); 2493 if (ret != (num - rest) * sdebug_sector_size) 2494 return ret; 2495 2496 if (rest) { 2497 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 2498 fake_storep, rest * sdebug_sector_size, 2499 sg_skip + ((num - rest) * sdebug_sector_size), 2500 do_write); 2501 } 2502 2503 return ret; 2504 } 2505 2506 /* If fake_store(lba,num) compares equal to arr(num), then copy top half of 2507 * arr into fake_store(lba,num) and return true. If comparison fails then 2508 * return false. */ 2509 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr) 2510 { 2511 bool res; 2512 u64 block, rest = 0; 2513 u32 store_blks = sdebug_store_sectors; 2514 u32 lb_size = sdebug_sector_size; 2515 2516 block = do_div(lba, store_blks); 2517 if (block + num > store_blks) 2518 rest = block + num - store_blks; 2519 2520 res = !memcmp(fake_storep + (block * lb_size), arr, 2521 (num - rest) * lb_size); 2522 if (!res) 2523 return res; 2524 if (rest) 2525 res = memcmp(fake_storep, arr + ((num - rest) * lb_size), 2526 rest * lb_size); 2527 if (!res) 2528 return res; 2529 arr += num * lb_size; 2530 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size); 2531 if (rest) 2532 memcpy(fake_storep, arr + ((num - rest) * lb_size), 2533 rest * lb_size); 2534 return res; 2535 } 2536 2537 static __be16 dif_compute_csum(const void *buf, int len) 2538 { 2539 __be16 csum; 2540 2541 if (sdebug_guard) 2542 csum = (__force __be16)ip_compute_csum(buf, len); 2543 else 2544 csum = cpu_to_be16(crc_t10dif(buf, len)); 2545 2546 return csum; 2547 } 2548 2549 static int dif_verify(struct t10_pi_tuple *sdt, const void *data, 2550 sector_t sector, u32 ei_lba) 2551 { 2552 __be16 csum = dif_compute_csum(data, sdebug_sector_size); 2553 2554 if (sdt->guard_tag != csum) { 2555 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n", 2556 (unsigned long)sector, 2557 be16_to_cpu(sdt->guard_tag), 2558 be16_to_cpu(csum)); 2559 return 0x01; 2560 } 2561 if (sdebug_dif == T10_PI_TYPE1_PROTECTION && 2562 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) { 2563 pr_err("REF check failed on sector %lu\n", 2564 (unsigned long)sector); 2565 return 0x03; 2566 } 2567 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 2568 be32_to_cpu(sdt->ref_tag) != ei_lba) { 2569 pr_err("REF check failed on sector %lu\n", 2570 (unsigned long)sector); 2571 return 0x03; 2572 } 2573 return 0; 2574 } 2575 2576 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector, 2577 unsigned int sectors, bool read) 2578 { 2579 size_t resid; 2580 void *paddr; 2581 const void *dif_store_end = dif_storep + sdebug_store_sectors; 2582 struct sg_mapping_iter miter; 2583 2584 /* Bytes of protection data to copy into sgl */ 2585 resid = sectors * sizeof(*dif_storep); 2586 2587 sg_miter_start(&miter, scsi_prot_sglist(SCpnt), 2588 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC | 2589 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG)); 2590 2591 while (sg_miter_next(&miter) && resid > 0) { 2592 size_t len = min(miter.length, resid); 2593 void *start = dif_store(sector); 2594 size_t rest = 0; 2595 2596 if (dif_store_end < start + len) 2597 rest = start + len - dif_store_end; 2598 2599 paddr = miter.addr; 2600 2601 if (read) 2602 memcpy(paddr, start, len - rest); 2603 else 2604 memcpy(start, paddr, len - rest); 2605 2606 if (rest) { 2607 if (read) 2608 memcpy(paddr + len - rest, dif_storep, rest); 2609 else 2610 memcpy(dif_storep, paddr + len - rest, rest); 2611 } 2612 2613 sector += len / sizeof(*dif_storep); 2614 resid -= len; 2615 } 2616 sg_miter_stop(&miter); 2617 } 2618 2619 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec, 2620 unsigned int sectors, u32 ei_lba) 2621 { 2622 unsigned int i; 2623 struct t10_pi_tuple *sdt; 2624 sector_t sector; 2625 2626 for (i = 0; i < sectors; i++, ei_lba++) { 2627 int ret; 2628 2629 sector = start_sec + i; 2630 sdt = dif_store(sector); 2631 2632 if (sdt->app_tag == cpu_to_be16(0xffff)) 2633 continue; 2634 2635 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba); 2636 if (ret) { 2637 dif_errors++; 2638 return ret; 2639 } 2640 } 2641 2642 dif_copy_prot(SCpnt, start_sec, sectors, true); 2643 dix_reads++; 2644 2645 return 0; 2646 } 2647 2648 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 2649 { 2650 u8 *cmd = scp->cmnd; 2651 struct sdebug_queued_cmd *sqcp; 2652 u64 lba; 2653 u32 num; 2654 u32 ei_lba; 2655 unsigned long iflags; 2656 int ret; 2657 bool check_prot; 2658 2659 switch (cmd[0]) { 2660 case READ_16: 2661 ei_lba = 0; 2662 lba = get_unaligned_be64(cmd + 2); 2663 num = get_unaligned_be32(cmd + 10); 2664 check_prot = true; 2665 break; 2666 case READ_10: 2667 ei_lba = 0; 2668 lba = get_unaligned_be32(cmd + 2); 2669 num = get_unaligned_be16(cmd + 7); 2670 check_prot = true; 2671 break; 2672 case READ_6: 2673 ei_lba = 0; 2674 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 2675 (u32)(cmd[1] & 0x1f) << 16; 2676 num = (0 == cmd[4]) ? 256 : cmd[4]; 2677 check_prot = true; 2678 break; 2679 case READ_12: 2680 ei_lba = 0; 2681 lba = get_unaligned_be32(cmd + 2); 2682 num = get_unaligned_be32(cmd + 6); 2683 check_prot = true; 2684 break; 2685 case XDWRITEREAD_10: 2686 ei_lba = 0; 2687 lba = get_unaligned_be32(cmd + 2); 2688 num = get_unaligned_be16(cmd + 7); 2689 check_prot = false; 2690 break; 2691 default: /* assume READ(32) */ 2692 lba = get_unaligned_be64(cmd + 12); 2693 ei_lba = get_unaligned_be32(cmd + 20); 2694 num = get_unaligned_be32(cmd + 28); 2695 check_prot = false; 2696 break; 2697 } 2698 if (unlikely(have_dif_prot && check_prot)) { 2699 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 2700 (cmd[1] & 0xe0)) { 2701 mk_sense_invalid_opcode(scp); 2702 return check_condition_result; 2703 } 2704 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 2705 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 2706 (cmd[1] & 0xe0) == 0) 2707 sdev_printk(KERN_ERR, scp->device, "Unprotected RD " 2708 "to DIF device\n"); 2709 } 2710 if (unlikely(sdebug_any_injecting_opt)) { 2711 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble; 2712 2713 if (sqcp) { 2714 if (sqcp->inj_short) 2715 num /= 2; 2716 } 2717 } else 2718 sqcp = NULL; 2719 2720 /* inline check_device_access_params() */ 2721 if (unlikely(lba + num > sdebug_capacity)) { 2722 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2723 return check_condition_result; 2724 } 2725 /* transfer length excessive (tie in to block limits VPD page) */ 2726 if (unlikely(num > sdebug_store_sectors)) { 2727 /* needs work to find which cdb byte 'num' comes from */ 2728 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2729 return check_condition_result; 2730 } 2731 2732 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) && 2733 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) && 2734 ((lba + num) > sdebug_medium_error_start))) { 2735 /* claim unrecoverable read error */ 2736 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0); 2737 /* set info field and valid bit for fixed descriptor */ 2738 if (0x70 == (scp->sense_buffer[0] & 0x7f)) { 2739 scp->sense_buffer[0] |= 0x80; /* Valid bit */ 2740 ret = (lba < OPT_MEDIUM_ERR_ADDR) 2741 ? OPT_MEDIUM_ERR_ADDR : (int)lba; 2742 put_unaligned_be32(ret, scp->sense_buffer + 3); 2743 } 2744 scsi_set_resid(scp, scsi_bufflen(scp)); 2745 return check_condition_result; 2746 } 2747 2748 read_lock_irqsave(&atomic_rw, iflags); 2749 2750 /* DIX + T10 DIF */ 2751 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 2752 int prot_ret = prot_verify_read(scp, lba, num, ei_lba); 2753 2754 if (prot_ret) { 2755 read_unlock_irqrestore(&atomic_rw, iflags); 2756 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret); 2757 return illegal_condition_result; 2758 } 2759 } 2760 2761 ret = do_device_access(scp, 0, lba, num, false); 2762 read_unlock_irqrestore(&atomic_rw, iflags); 2763 if (unlikely(ret == -1)) 2764 return DID_ERROR << 16; 2765 2766 scsi_in(scp)->resid = scsi_bufflen(scp) - ret; 2767 2768 if (unlikely(sqcp)) { 2769 if (sqcp->inj_recovered) { 2770 mk_sense_buffer(scp, RECOVERED_ERROR, 2771 THRESHOLD_EXCEEDED, 0); 2772 return check_condition_result; 2773 } else if (sqcp->inj_transport) { 2774 mk_sense_buffer(scp, ABORTED_COMMAND, 2775 TRANSPORT_PROBLEM, ACK_NAK_TO); 2776 return check_condition_result; 2777 } else if (sqcp->inj_dif) { 2778 /* Logical block guard check failed */ 2779 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 2780 return illegal_condition_result; 2781 } else if (sqcp->inj_dix) { 2782 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 2783 return illegal_condition_result; 2784 } 2785 } 2786 return 0; 2787 } 2788 2789 static void dump_sector(unsigned char *buf, int len) 2790 { 2791 int i, j, n; 2792 2793 pr_err(">>> Sector Dump <<<\n"); 2794 for (i = 0 ; i < len ; i += 16) { 2795 char b[128]; 2796 2797 for (j = 0, n = 0; j < 16; j++) { 2798 unsigned char c = buf[i+j]; 2799 2800 if (c >= 0x20 && c < 0x7e) 2801 n += scnprintf(b + n, sizeof(b) - n, 2802 " %c ", buf[i+j]); 2803 else 2804 n += scnprintf(b + n, sizeof(b) - n, 2805 "%02x ", buf[i+j]); 2806 } 2807 pr_err("%04d: %s\n", i, b); 2808 } 2809 } 2810 2811 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec, 2812 unsigned int sectors, u32 ei_lba) 2813 { 2814 int ret; 2815 struct t10_pi_tuple *sdt; 2816 void *daddr; 2817 sector_t sector = start_sec; 2818 int ppage_offset; 2819 int dpage_offset; 2820 struct sg_mapping_iter diter; 2821 struct sg_mapping_iter piter; 2822 2823 BUG_ON(scsi_sg_count(SCpnt) == 0); 2824 BUG_ON(scsi_prot_sg_count(SCpnt) == 0); 2825 2826 sg_miter_start(&piter, scsi_prot_sglist(SCpnt), 2827 scsi_prot_sg_count(SCpnt), 2828 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 2829 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt), 2830 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 2831 2832 /* For each protection page */ 2833 while (sg_miter_next(&piter)) { 2834 dpage_offset = 0; 2835 if (WARN_ON(!sg_miter_next(&diter))) { 2836 ret = 0x01; 2837 goto out; 2838 } 2839 2840 for (ppage_offset = 0; ppage_offset < piter.length; 2841 ppage_offset += sizeof(struct t10_pi_tuple)) { 2842 /* If we're at the end of the current 2843 * data page advance to the next one 2844 */ 2845 if (dpage_offset >= diter.length) { 2846 if (WARN_ON(!sg_miter_next(&diter))) { 2847 ret = 0x01; 2848 goto out; 2849 } 2850 dpage_offset = 0; 2851 } 2852 2853 sdt = piter.addr + ppage_offset; 2854 daddr = diter.addr + dpage_offset; 2855 2856 ret = dif_verify(sdt, daddr, sector, ei_lba); 2857 if (ret) { 2858 dump_sector(daddr, sdebug_sector_size); 2859 goto out; 2860 } 2861 2862 sector++; 2863 ei_lba++; 2864 dpage_offset += sdebug_sector_size; 2865 } 2866 diter.consumed = dpage_offset; 2867 sg_miter_stop(&diter); 2868 } 2869 sg_miter_stop(&piter); 2870 2871 dif_copy_prot(SCpnt, start_sec, sectors, false); 2872 dix_writes++; 2873 2874 return 0; 2875 2876 out: 2877 dif_errors++; 2878 sg_miter_stop(&diter); 2879 sg_miter_stop(&piter); 2880 return ret; 2881 } 2882 2883 static unsigned long lba_to_map_index(sector_t lba) 2884 { 2885 if (sdebug_unmap_alignment) 2886 lba += sdebug_unmap_granularity - sdebug_unmap_alignment; 2887 sector_div(lba, sdebug_unmap_granularity); 2888 return lba; 2889 } 2890 2891 static sector_t map_index_to_lba(unsigned long index) 2892 { 2893 sector_t lba = index * sdebug_unmap_granularity; 2894 2895 if (sdebug_unmap_alignment) 2896 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment; 2897 return lba; 2898 } 2899 2900 static unsigned int map_state(sector_t lba, unsigned int *num) 2901 { 2902 sector_t end; 2903 unsigned int mapped; 2904 unsigned long index; 2905 unsigned long next; 2906 2907 index = lba_to_map_index(lba); 2908 mapped = test_bit(index, map_storep); 2909 2910 if (mapped) 2911 next = find_next_zero_bit(map_storep, map_size, index); 2912 else 2913 next = find_next_bit(map_storep, map_size, index); 2914 2915 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next)); 2916 *num = end - lba; 2917 return mapped; 2918 } 2919 2920 static void map_region(sector_t lba, unsigned int len) 2921 { 2922 sector_t end = lba + len; 2923 2924 while (lba < end) { 2925 unsigned long index = lba_to_map_index(lba); 2926 2927 if (index < map_size) 2928 set_bit(index, map_storep); 2929 2930 lba = map_index_to_lba(index + 1); 2931 } 2932 } 2933 2934 static void unmap_region(sector_t lba, unsigned int len) 2935 { 2936 sector_t end = lba + len; 2937 2938 while (lba < end) { 2939 unsigned long index = lba_to_map_index(lba); 2940 2941 if (lba == map_index_to_lba(index) && 2942 lba + sdebug_unmap_granularity <= end && 2943 index < map_size) { 2944 clear_bit(index, map_storep); 2945 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */ 2946 memset(fake_storep + 2947 lba * sdebug_sector_size, 2948 (sdebug_lbprz & 1) ? 0 : 0xff, 2949 sdebug_sector_size * 2950 sdebug_unmap_granularity); 2951 } 2952 if (dif_storep) { 2953 memset(dif_storep + lba, 0xff, 2954 sizeof(*dif_storep) * 2955 sdebug_unmap_granularity); 2956 } 2957 } 2958 lba = map_index_to_lba(index + 1); 2959 } 2960 } 2961 2962 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 2963 { 2964 u8 *cmd = scp->cmnd; 2965 u64 lba; 2966 u32 num; 2967 u32 ei_lba; 2968 unsigned long iflags; 2969 int ret; 2970 bool check_prot; 2971 2972 switch (cmd[0]) { 2973 case WRITE_16: 2974 ei_lba = 0; 2975 lba = get_unaligned_be64(cmd + 2); 2976 num = get_unaligned_be32(cmd + 10); 2977 check_prot = true; 2978 break; 2979 case WRITE_10: 2980 ei_lba = 0; 2981 lba = get_unaligned_be32(cmd + 2); 2982 num = get_unaligned_be16(cmd + 7); 2983 check_prot = true; 2984 break; 2985 case WRITE_6: 2986 ei_lba = 0; 2987 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 2988 (u32)(cmd[1] & 0x1f) << 16; 2989 num = (0 == cmd[4]) ? 256 : cmd[4]; 2990 check_prot = true; 2991 break; 2992 case WRITE_12: 2993 ei_lba = 0; 2994 lba = get_unaligned_be32(cmd + 2); 2995 num = get_unaligned_be32(cmd + 6); 2996 check_prot = true; 2997 break; 2998 case 0x53: /* XDWRITEREAD(10) */ 2999 ei_lba = 0; 3000 lba = get_unaligned_be32(cmd + 2); 3001 num = get_unaligned_be16(cmd + 7); 3002 check_prot = false; 3003 break; 3004 default: /* assume WRITE(32) */ 3005 lba = get_unaligned_be64(cmd + 12); 3006 ei_lba = get_unaligned_be32(cmd + 20); 3007 num = get_unaligned_be32(cmd + 28); 3008 check_prot = false; 3009 break; 3010 } 3011 if (unlikely(have_dif_prot && check_prot)) { 3012 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3013 (cmd[1] & 0xe0)) { 3014 mk_sense_invalid_opcode(scp); 3015 return check_condition_result; 3016 } 3017 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3018 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3019 (cmd[1] & 0xe0) == 0) 3020 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 3021 "to DIF device\n"); 3022 } 3023 3024 /* inline check_device_access_params() */ 3025 if (unlikely(lba + num > sdebug_capacity)) { 3026 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 3027 return check_condition_result; 3028 } 3029 /* transfer length excessive (tie in to block limits VPD page) */ 3030 if (unlikely(num > sdebug_store_sectors)) { 3031 /* needs work to find which cdb byte 'num' comes from */ 3032 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3033 return check_condition_result; 3034 } 3035 3036 write_lock_irqsave(&atomic_rw, iflags); 3037 3038 /* DIX + T10 DIF */ 3039 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3040 int prot_ret = prot_verify_write(scp, lba, num, ei_lba); 3041 3042 if (prot_ret) { 3043 write_unlock_irqrestore(&atomic_rw, iflags); 3044 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret); 3045 return illegal_condition_result; 3046 } 3047 } 3048 3049 ret = do_device_access(scp, 0, lba, num, true); 3050 if (unlikely(scsi_debug_lbp())) 3051 map_region(lba, num); 3052 write_unlock_irqrestore(&atomic_rw, iflags); 3053 if (unlikely(-1 == ret)) 3054 return DID_ERROR << 16; 3055 else if (unlikely(sdebug_verbose && 3056 (ret < (num * sdebug_sector_size)))) 3057 sdev_printk(KERN_INFO, scp->device, 3058 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 3059 my_name, num * sdebug_sector_size, ret); 3060 3061 if (unlikely(sdebug_any_injecting_opt)) { 3062 struct sdebug_queued_cmd *sqcp = 3063 (struct sdebug_queued_cmd *)scp->host_scribble; 3064 3065 if (sqcp) { 3066 if (sqcp->inj_recovered) { 3067 mk_sense_buffer(scp, RECOVERED_ERROR, 3068 THRESHOLD_EXCEEDED, 0); 3069 return check_condition_result; 3070 } else if (sqcp->inj_dif) { 3071 /* Logical block guard check failed */ 3072 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3073 return illegal_condition_result; 3074 } else if (sqcp->inj_dix) { 3075 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3076 return illegal_condition_result; 3077 } 3078 } 3079 } 3080 return 0; 3081 } 3082 3083 /* 3084 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32). 3085 * No READ GATHERED yet (requires bidi or long cdb holding gather list). 3086 */ 3087 static int resp_write_scat(struct scsi_cmnd *scp, 3088 struct sdebug_dev_info *devip) 3089 { 3090 u8 *cmd = scp->cmnd; 3091 u8 *lrdp = NULL; 3092 u8 *up; 3093 u8 wrprotect; 3094 u16 lbdof, num_lrd, k; 3095 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb; 3096 u32 lb_size = sdebug_sector_size; 3097 u32 ei_lba; 3098 u64 lba; 3099 unsigned long iflags; 3100 int ret, res; 3101 bool is_16; 3102 static const u32 lrd_size = 32; /* + parameter list header size */ 3103 3104 if (cmd[0] == VARIABLE_LENGTH_CMD) { 3105 is_16 = false; 3106 wrprotect = (cmd[10] >> 5) & 0x7; 3107 lbdof = get_unaligned_be16(cmd + 12); 3108 num_lrd = get_unaligned_be16(cmd + 16); 3109 bt_len = get_unaligned_be32(cmd + 28); 3110 } else { /* that leaves WRITE SCATTERED(16) */ 3111 is_16 = true; 3112 wrprotect = (cmd[2] >> 5) & 0x7; 3113 lbdof = get_unaligned_be16(cmd + 4); 3114 num_lrd = get_unaligned_be16(cmd + 8); 3115 bt_len = get_unaligned_be32(cmd + 10); 3116 if (unlikely(have_dif_prot)) { 3117 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3118 wrprotect) { 3119 mk_sense_invalid_opcode(scp); 3120 return illegal_condition_result; 3121 } 3122 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3123 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3124 wrprotect == 0) 3125 sdev_printk(KERN_ERR, scp->device, 3126 "Unprotected WR to DIF device\n"); 3127 } 3128 } 3129 if ((num_lrd == 0) || (bt_len == 0)) 3130 return 0; /* T10 says these do-nothings are not errors */ 3131 if (lbdof == 0) { 3132 if (sdebug_verbose) 3133 sdev_printk(KERN_INFO, scp->device, 3134 "%s: %s: LB Data Offset field bad\n", 3135 my_name, __func__); 3136 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3137 return illegal_condition_result; 3138 } 3139 lbdof_blen = lbdof * lb_size; 3140 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) { 3141 if (sdebug_verbose) 3142 sdev_printk(KERN_INFO, scp->device, 3143 "%s: %s: LBA range descriptors don't fit\n", 3144 my_name, __func__); 3145 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3146 return illegal_condition_result; 3147 } 3148 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC); 3149 if (lrdp == NULL) 3150 return SCSI_MLQUEUE_HOST_BUSY; 3151 if (sdebug_verbose) 3152 sdev_printk(KERN_INFO, scp->device, 3153 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n", 3154 my_name, __func__, lbdof_blen); 3155 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen); 3156 if (res == -1) { 3157 ret = DID_ERROR << 16; 3158 goto err_out; 3159 } 3160 3161 write_lock_irqsave(&atomic_rw, iflags); 3162 sg_off = lbdof_blen; 3163 /* Spec says Buffer xfer Length field in number of LBs in dout */ 3164 cum_lb = 0; 3165 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) { 3166 lba = get_unaligned_be64(up + 0); 3167 num = get_unaligned_be32(up + 8); 3168 if (sdebug_verbose) 3169 sdev_printk(KERN_INFO, scp->device, 3170 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n", 3171 my_name, __func__, k, lba, num, sg_off); 3172 if (num == 0) 3173 continue; 3174 ret = check_device_access_params(scp, lba, num); 3175 if (ret) 3176 goto err_out_unlock; 3177 num_by = num * lb_size; 3178 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12); 3179 3180 if ((cum_lb + num) > bt_len) { 3181 if (sdebug_verbose) 3182 sdev_printk(KERN_INFO, scp->device, 3183 "%s: %s: sum of blocks > data provided\n", 3184 my_name, __func__); 3185 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC, 3186 0); 3187 ret = illegal_condition_result; 3188 goto err_out_unlock; 3189 } 3190 3191 /* DIX + T10 DIF */ 3192 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3193 int prot_ret = prot_verify_write(scp, lba, num, 3194 ei_lba); 3195 3196 if (prot_ret) { 3197 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3198 prot_ret); 3199 ret = illegal_condition_result; 3200 goto err_out_unlock; 3201 } 3202 } 3203 3204 ret = do_device_access(scp, sg_off, lba, num, true); 3205 if (unlikely(scsi_debug_lbp())) 3206 map_region(lba, num); 3207 if (unlikely(-1 == ret)) { 3208 ret = DID_ERROR << 16; 3209 goto err_out_unlock; 3210 } else if (unlikely(sdebug_verbose && (ret < num_by))) 3211 sdev_printk(KERN_INFO, scp->device, 3212 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 3213 my_name, num_by, ret); 3214 3215 if (unlikely(sdebug_any_injecting_opt)) { 3216 struct sdebug_queued_cmd *sqcp = 3217 (struct sdebug_queued_cmd *)scp->host_scribble; 3218 3219 if (sqcp) { 3220 if (sqcp->inj_recovered) { 3221 mk_sense_buffer(scp, RECOVERED_ERROR, 3222 THRESHOLD_EXCEEDED, 0); 3223 ret = illegal_condition_result; 3224 goto err_out_unlock; 3225 } else if (sqcp->inj_dif) { 3226 /* Logical block guard check failed */ 3227 mk_sense_buffer(scp, ABORTED_COMMAND, 3228 0x10, 1); 3229 ret = illegal_condition_result; 3230 goto err_out_unlock; 3231 } else if (sqcp->inj_dix) { 3232 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3233 0x10, 1); 3234 ret = illegal_condition_result; 3235 goto err_out_unlock; 3236 } 3237 } 3238 } 3239 sg_off += num_by; 3240 cum_lb += num; 3241 } 3242 ret = 0; 3243 err_out_unlock: 3244 write_unlock_irqrestore(&atomic_rw, iflags); 3245 err_out: 3246 kfree(lrdp); 3247 return ret; 3248 } 3249 3250 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, 3251 u32 ei_lba, bool unmap, bool ndob) 3252 { 3253 unsigned long iflags; 3254 unsigned long long i; 3255 int ret; 3256 u64 lba_off; 3257 3258 ret = check_device_access_params(scp, lba, num); 3259 if (ret) 3260 return ret; 3261 3262 write_lock_irqsave(&atomic_rw, iflags); 3263 3264 if (unmap && scsi_debug_lbp()) { 3265 unmap_region(lba, num); 3266 goto out; 3267 } 3268 3269 lba_off = lba * sdebug_sector_size; 3270 /* if ndob then zero 1 logical block, else fetch 1 logical block */ 3271 if (ndob) { 3272 memset(fake_storep + lba_off, 0, sdebug_sector_size); 3273 ret = 0; 3274 } else 3275 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off, 3276 sdebug_sector_size); 3277 3278 if (-1 == ret) { 3279 write_unlock_irqrestore(&atomic_rw, iflags); 3280 return DID_ERROR << 16; 3281 } else if (sdebug_verbose && !ndob && (ret < sdebug_sector_size)) 3282 sdev_printk(KERN_INFO, scp->device, 3283 "%s: %s: lb size=%u, IO sent=%d bytes\n", 3284 my_name, "write same", 3285 sdebug_sector_size, ret); 3286 3287 /* Copy first sector to remaining blocks */ 3288 for (i = 1 ; i < num ; i++) 3289 memcpy(fake_storep + ((lba + i) * sdebug_sector_size), 3290 fake_storep + lba_off, 3291 sdebug_sector_size); 3292 3293 if (scsi_debug_lbp()) 3294 map_region(lba, num); 3295 out: 3296 write_unlock_irqrestore(&atomic_rw, iflags); 3297 3298 return 0; 3299 } 3300 3301 static int resp_write_same_10(struct scsi_cmnd *scp, 3302 struct sdebug_dev_info *devip) 3303 { 3304 u8 *cmd = scp->cmnd; 3305 u32 lba; 3306 u16 num; 3307 u32 ei_lba = 0; 3308 bool unmap = false; 3309 3310 if (cmd[1] & 0x8) { 3311 if (sdebug_lbpws10 == 0) { 3312 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3313 return check_condition_result; 3314 } else 3315 unmap = true; 3316 } 3317 lba = get_unaligned_be32(cmd + 2); 3318 num = get_unaligned_be16(cmd + 7); 3319 if (num > sdebug_write_same_length) { 3320 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 3321 return check_condition_result; 3322 } 3323 return resp_write_same(scp, lba, num, ei_lba, unmap, false); 3324 } 3325 3326 static int resp_write_same_16(struct scsi_cmnd *scp, 3327 struct sdebug_dev_info *devip) 3328 { 3329 u8 *cmd = scp->cmnd; 3330 u64 lba; 3331 u32 num; 3332 u32 ei_lba = 0; 3333 bool unmap = false; 3334 bool ndob = false; 3335 3336 if (cmd[1] & 0x8) { /* UNMAP */ 3337 if (sdebug_lbpws == 0) { 3338 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3339 return check_condition_result; 3340 } else 3341 unmap = true; 3342 } 3343 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */ 3344 ndob = true; 3345 lba = get_unaligned_be64(cmd + 2); 3346 num = get_unaligned_be32(cmd + 10); 3347 if (num > sdebug_write_same_length) { 3348 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1); 3349 return check_condition_result; 3350 } 3351 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob); 3352 } 3353 3354 /* Note the mode field is in the same position as the (lower) service action 3355 * field. For the Report supported operation codes command, SPC-4 suggests 3356 * each mode of this command should be reported separately; for future. */ 3357 static int resp_write_buffer(struct scsi_cmnd *scp, 3358 struct sdebug_dev_info *devip) 3359 { 3360 u8 *cmd = scp->cmnd; 3361 struct scsi_device *sdp = scp->device; 3362 struct sdebug_dev_info *dp; 3363 u8 mode; 3364 3365 mode = cmd[1] & 0x1f; 3366 switch (mode) { 3367 case 0x4: /* download microcode (MC) and activate (ACT) */ 3368 /* set UAs on this device only */ 3369 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 3370 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm); 3371 break; 3372 case 0x5: /* download MC, save and ACT */ 3373 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm); 3374 break; 3375 case 0x6: /* download MC with offsets and ACT */ 3376 /* set UAs on most devices (LUs) in this target */ 3377 list_for_each_entry(dp, 3378 &devip->sdbg_host->dev_info_list, 3379 dev_list) 3380 if (dp->target == sdp->id) { 3381 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm); 3382 if (devip != dp) 3383 set_bit(SDEBUG_UA_MICROCODE_CHANGED, 3384 dp->uas_bm); 3385 } 3386 break; 3387 case 0x7: /* download MC with offsets, save, and ACT */ 3388 /* set UA on all devices (LUs) in this target */ 3389 list_for_each_entry(dp, 3390 &devip->sdbg_host->dev_info_list, 3391 dev_list) 3392 if (dp->target == sdp->id) 3393 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, 3394 dp->uas_bm); 3395 break; 3396 default: 3397 /* do nothing for this command for other mode values */ 3398 break; 3399 } 3400 return 0; 3401 } 3402 3403 static int resp_comp_write(struct scsi_cmnd *scp, 3404 struct sdebug_dev_info *devip) 3405 { 3406 u8 *cmd = scp->cmnd; 3407 u8 *arr; 3408 u8 *fake_storep_hold; 3409 u64 lba; 3410 u32 dnum; 3411 u32 lb_size = sdebug_sector_size; 3412 u8 num; 3413 unsigned long iflags; 3414 int ret; 3415 int retval = 0; 3416 3417 lba = get_unaligned_be64(cmd + 2); 3418 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */ 3419 if (0 == num) 3420 return 0; /* degenerate case, not an error */ 3421 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3422 (cmd[1] & 0xe0)) { 3423 mk_sense_invalid_opcode(scp); 3424 return check_condition_result; 3425 } 3426 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3427 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3428 (cmd[1] & 0xe0) == 0) 3429 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 3430 "to DIF device\n"); 3431 3432 /* inline check_device_access_params() */ 3433 if (lba + num > sdebug_capacity) { 3434 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 3435 return check_condition_result; 3436 } 3437 /* transfer length excessive (tie in to block limits VPD page) */ 3438 if (num > sdebug_store_sectors) { 3439 /* needs work to find which cdb byte 'num' comes from */ 3440 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3441 return check_condition_result; 3442 } 3443 dnum = 2 * num; 3444 arr = kzalloc(dnum * lb_size, GFP_ATOMIC); 3445 if (NULL == arr) { 3446 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3447 INSUFF_RES_ASCQ); 3448 return check_condition_result; 3449 } 3450 3451 write_lock_irqsave(&atomic_rw, iflags); 3452 3453 /* trick do_device_access() to fetch both compare and write buffers 3454 * from data-in into arr. Safe (atomic) since write_lock held. */ 3455 fake_storep_hold = fake_storep; 3456 fake_storep = arr; 3457 ret = do_device_access(scp, 0, 0, dnum, true); 3458 fake_storep = fake_storep_hold; 3459 if (ret == -1) { 3460 retval = DID_ERROR << 16; 3461 goto cleanup; 3462 } else if (sdebug_verbose && (ret < (dnum * lb_size))) 3463 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb " 3464 "indicated=%u, IO sent=%d bytes\n", my_name, 3465 dnum * lb_size, ret); 3466 if (!comp_write_worker(lba, num, arr)) { 3467 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 3468 retval = check_condition_result; 3469 goto cleanup; 3470 } 3471 if (scsi_debug_lbp()) 3472 map_region(lba, num); 3473 cleanup: 3474 write_unlock_irqrestore(&atomic_rw, iflags); 3475 kfree(arr); 3476 return retval; 3477 } 3478 3479 struct unmap_block_desc { 3480 __be64 lba; 3481 __be32 blocks; 3482 __be32 __reserved; 3483 }; 3484 3485 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3486 { 3487 unsigned char *buf; 3488 struct unmap_block_desc *desc; 3489 unsigned int i, payload_len, descriptors; 3490 int ret; 3491 unsigned long iflags; 3492 3493 3494 if (!scsi_debug_lbp()) 3495 return 0; /* fib and say its done */ 3496 payload_len = get_unaligned_be16(scp->cmnd + 7); 3497 BUG_ON(scsi_bufflen(scp) != payload_len); 3498 3499 descriptors = (payload_len - 8) / 16; 3500 if (descriptors > sdebug_unmap_max_desc) { 3501 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 3502 return check_condition_result; 3503 } 3504 3505 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 3506 if (!buf) { 3507 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3508 INSUFF_RES_ASCQ); 3509 return check_condition_result; 3510 } 3511 3512 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 3513 3514 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2); 3515 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16); 3516 3517 desc = (void *)&buf[8]; 3518 3519 write_lock_irqsave(&atomic_rw, iflags); 3520 3521 for (i = 0 ; i < descriptors ; i++) { 3522 unsigned long long lba = get_unaligned_be64(&desc[i].lba); 3523 unsigned int num = get_unaligned_be32(&desc[i].blocks); 3524 3525 ret = check_device_access_params(scp, lba, num); 3526 if (ret) 3527 goto out; 3528 3529 unmap_region(lba, num); 3530 } 3531 3532 ret = 0; 3533 3534 out: 3535 write_unlock_irqrestore(&atomic_rw, iflags); 3536 kfree(buf); 3537 3538 return ret; 3539 } 3540 3541 #define SDEBUG_GET_LBA_STATUS_LEN 32 3542 3543 static int resp_get_lba_status(struct scsi_cmnd *scp, 3544 struct sdebug_dev_info *devip) 3545 { 3546 u8 *cmd = scp->cmnd; 3547 u64 lba; 3548 u32 alloc_len, mapped, num; 3549 u8 arr[SDEBUG_GET_LBA_STATUS_LEN]; 3550 int ret; 3551 3552 lba = get_unaligned_be64(cmd + 2); 3553 alloc_len = get_unaligned_be32(cmd + 10); 3554 3555 if (alloc_len < 24) 3556 return 0; 3557 3558 ret = check_device_access_params(scp, lba, 1); 3559 if (ret) 3560 return ret; 3561 3562 if (scsi_debug_lbp()) 3563 mapped = map_state(lba, &num); 3564 else { 3565 mapped = 1; 3566 /* following just in case virtual_gb changed */ 3567 sdebug_capacity = get_sdebug_capacity(); 3568 if (sdebug_capacity - lba <= 0xffffffff) 3569 num = sdebug_capacity - lba; 3570 else 3571 num = 0xffffffff; 3572 } 3573 3574 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN); 3575 put_unaligned_be32(20, arr); /* Parameter Data Length */ 3576 put_unaligned_be64(lba, arr + 8); /* LBA */ 3577 put_unaligned_be32(num, arr + 16); /* Number of blocks */ 3578 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */ 3579 3580 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN); 3581 } 3582 3583 static int resp_sync_cache(struct scsi_cmnd *scp, 3584 struct sdebug_dev_info *devip) 3585 { 3586 u64 lba; 3587 u32 num_blocks; 3588 u8 *cmd = scp->cmnd; 3589 3590 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */ 3591 lba = get_unaligned_be32(cmd + 2); 3592 num_blocks = get_unaligned_be16(cmd + 7); 3593 } else { /* SYNCHRONIZE_CACHE(16) */ 3594 lba = get_unaligned_be64(cmd + 2); 3595 num_blocks = get_unaligned_be32(cmd + 10); 3596 } 3597 if (lba + num_blocks > sdebug_capacity) { 3598 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 3599 return check_condition_result; 3600 } 3601 return (cmd[1] & 0x2) ? SDEG_RES_IMMED_MASK : 0; /* check IMMED bit */ 3602 } 3603 3604 #define RL_BUCKET_ELEMS 8 3605 3606 /* Even though each pseudo target has a REPORT LUNS "well known logical unit" 3607 * (W-LUN), the normal Linux scanning logic does not associate it with a 3608 * device (e.g. /dev/sg7). The following magic will make that association: 3609 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan" 3610 * where <n> is a host number. If there are multiple targets in a host then 3611 * the above will associate a W-LUN to each target. To only get a W-LUN 3612 * for target 2, then use "echo '- 2 49409' > scan" . 3613 */ 3614 static int resp_report_luns(struct scsi_cmnd *scp, 3615 struct sdebug_dev_info *devip) 3616 { 3617 unsigned char *cmd = scp->cmnd; 3618 unsigned int alloc_len; 3619 unsigned char select_report; 3620 u64 lun; 3621 struct scsi_lun *lun_p; 3622 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)]; 3623 unsigned int lun_cnt; /* normal LUN count (max: 256) */ 3624 unsigned int wlun_cnt; /* report luns W-LUN count */ 3625 unsigned int tlun_cnt; /* total LUN count */ 3626 unsigned int rlen; /* response length (in bytes) */ 3627 int k, j, n, res; 3628 unsigned int off_rsp = 0; 3629 const int sz_lun = sizeof(struct scsi_lun); 3630 3631 clear_luns_changed_on_target(devip); 3632 3633 select_report = cmd[2]; 3634 alloc_len = get_unaligned_be32(cmd + 6); 3635 3636 if (alloc_len < 4) { 3637 pr_err("alloc len too small %d\n", alloc_len); 3638 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 3639 return check_condition_result; 3640 } 3641 3642 switch (select_report) { 3643 case 0: /* all LUNs apart from W-LUNs */ 3644 lun_cnt = sdebug_max_luns; 3645 wlun_cnt = 0; 3646 break; 3647 case 1: /* only W-LUNs */ 3648 lun_cnt = 0; 3649 wlun_cnt = 1; 3650 break; 3651 case 2: /* all LUNs */ 3652 lun_cnt = sdebug_max_luns; 3653 wlun_cnt = 1; 3654 break; 3655 case 0x10: /* only administrative LUs */ 3656 case 0x11: /* see SPC-5 */ 3657 case 0x12: /* only subsiduary LUs owned by referenced LU */ 3658 default: 3659 pr_debug("select report invalid %d\n", select_report); 3660 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 3661 return check_condition_result; 3662 } 3663 3664 if (sdebug_no_lun_0 && (lun_cnt > 0)) 3665 --lun_cnt; 3666 3667 tlun_cnt = lun_cnt + wlun_cnt; 3668 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */ 3669 scsi_set_resid(scp, scsi_bufflen(scp)); 3670 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n", 3671 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0); 3672 3673 /* loops rely on sizeof response header same as sizeof lun (both 8) */ 3674 lun = sdebug_no_lun_0 ? 1 : 0; 3675 for (k = 0, j = 0, res = 0; true; ++k, j = 0) { 3676 memset(arr, 0, sizeof(arr)); 3677 lun_p = (struct scsi_lun *)&arr[0]; 3678 if (k == 0) { 3679 put_unaligned_be32(rlen, &arr[0]); 3680 ++lun_p; 3681 j = 1; 3682 } 3683 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) { 3684 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt) 3685 break; 3686 int_to_scsilun(lun++, lun_p); 3687 } 3688 if (j < RL_BUCKET_ELEMS) 3689 break; 3690 n = j * sz_lun; 3691 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp); 3692 if (res) 3693 return res; 3694 off_rsp += n; 3695 } 3696 if (wlun_cnt) { 3697 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p); 3698 ++j; 3699 } 3700 if (j > 0) 3701 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp); 3702 return res; 3703 } 3704 3705 static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba, 3706 unsigned int num, struct sdebug_dev_info *devip) 3707 { 3708 int j; 3709 unsigned char *kaddr, *buf; 3710 unsigned int offset; 3711 struct scsi_data_buffer *sdb = scsi_in(scp); 3712 struct sg_mapping_iter miter; 3713 3714 /* better not to use temporary buffer. */ 3715 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 3716 if (!buf) { 3717 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3718 INSUFF_RES_ASCQ); 3719 return check_condition_result; 3720 } 3721 3722 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 3723 3724 offset = 0; 3725 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents, 3726 SG_MITER_ATOMIC | SG_MITER_TO_SG); 3727 3728 while (sg_miter_next(&miter)) { 3729 kaddr = miter.addr; 3730 for (j = 0; j < miter.length; j++) 3731 *(kaddr + j) ^= *(buf + offset + j); 3732 3733 offset += miter.length; 3734 } 3735 sg_miter_stop(&miter); 3736 kfree(buf); 3737 3738 return 0; 3739 } 3740 3741 static int resp_xdwriteread_10(struct scsi_cmnd *scp, 3742 struct sdebug_dev_info *devip) 3743 { 3744 u8 *cmd = scp->cmnd; 3745 u64 lba; 3746 u32 num; 3747 int errsts; 3748 3749 if (!scsi_bidi_cmnd(scp)) { 3750 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3751 INSUFF_RES_ASCQ); 3752 return check_condition_result; 3753 } 3754 errsts = resp_read_dt0(scp, devip); 3755 if (errsts) 3756 return errsts; 3757 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */ 3758 errsts = resp_write_dt0(scp, devip); 3759 if (errsts) 3760 return errsts; 3761 } 3762 lba = get_unaligned_be32(cmd + 2); 3763 num = get_unaligned_be16(cmd + 7); 3764 return resp_xdwriteread(scp, lba, num, devip); 3765 } 3766 3767 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd) 3768 { 3769 u32 tag = blk_mq_unique_tag(cmnd->request); 3770 u16 hwq = blk_mq_unique_tag_to_hwq(tag); 3771 3772 pr_debug("tag=%#x, hwq=%d\n", tag, hwq); 3773 if (WARN_ON_ONCE(hwq >= submit_queues)) 3774 hwq = 0; 3775 return sdebug_q_arr + hwq; 3776 } 3777 3778 /* Queued (deferred) command completions converge here. */ 3779 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp) 3780 { 3781 int qc_idx; 3782 int retiring = 0; 3783 unsigned long iflags; 3784 struct sdebug_queue *sqp; 3785 struct sdebug_queued_cmd *sqcp; 3786 struct scsi_cmnd *scp; 3787 struct sdebug_dev_info *devip; 3788 3789 sd_dp->defer_t = SDEB_DEFER_NONE; 3790 qc_idx = sd_dp->qc_idx; 3791 sqp = sdebug_q_arr + sd_dp->sqa_idx; 3792 if (sdebug_statistics) { 3793 atomic_inc(&sdebug_completions); 3794 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 3795 atomic_inc(&sdebug_miss_cpus); 3796 } 3797 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) { 3798 pr_err("wild qc_idx=%d\n", qc_idx); 3799 return; 3800 } 3801 spin_lock_irqsave(&sqp->qc_lock, iflags); 3802 sqcp = &sqp->qc_arr[qc_idx]; 3803 scp = sqcp->a_cmnd; 3804 if (unlikely(scp == NULL)) { 3805 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3806 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n", 3807 sd_dp->sqa_idx, qc_idx); 3808 return; 3809 } 3810 devip = (struct sdebug_dev_info *)scp->device->hostdata; 3811 if (likely(devip)) 3812 atomic_dec(&devip->num_in_q); 3813 else 3814 pr_err("devip=NULL\n"); 3815 if (unlikely(atomic_read(&retired_max_queue) > 0)) 3816 retiring = 1; 3817 3818 sqcp->a_cmnd = NULL; 3819 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) { 3820 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3821 pr_err("Unexpected completion\n"); 3822 return; 3823 } 3824 3825 if (unlikely(retiring)) { /* user has reduced max_queue */ 3826 int k, retval; 3827 3828 retval = atomic_read(&retired_max_queue); 3829 if (qc_idx >= retval) { 3830 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3831 pr_err("index %d too large\n", retval); 3832 return; 3833 } 3834 k = find_last_bit(sqp->in_use_bm, retval); 3835 if ((k < sdebug_max_queue) || (k == retval)) 3836 atomic_set(&retired_max_queue, 0); 3837 else 3838 atomic_set(&retired_max_queue, k + 1); 3839 } 3840 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3841 scp->scsi_done(scp); /* callback to mid level */ 3842 } 3843 3844 /* When high resolution timer goes off this function is called. */ 3845 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer) 3846 { 3847 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer, 3848 hrt); 3849 sdebug_q_cmd_complete(sd_dp); 3850 return HRTIMER_NORESTART; 3851 } 3852 3853 /* When work queue schedules work, it calls this function. */ 3854 static void sdebug_q_cmd_wq_complete(struct work_struct *work) 3855 { 3856 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer, 3857 ew.work); 3858 sdebug_q_cmd_complete(sd_dp); 3859 } 3860 3861 static bool got_shared_uuid; 3862 static uuid_t shared_uuid; 3863 3864 static struct sdebug_dev_info *sdebug_device_create( 3865 struct sdebug_host_info *sdbg_host, gfp_t flags) 3866 { 3867 struct sdebug_dev_info *devip; 3868 3869 devip = kzalloc(sizeof(*devip), flags); 3870 if (devip) { 3871 if (sdebug_uuid_ctl == 1) 3872 uuid_gen(&devip->lu_name); 3873 else if (sdebug_uuid_ctl == 2) { 3874 if (got_shared_uuid) 3875 devip->lu_name = shared_uuid; 3876 else { 3877 uuid_gen(&shared_uuid); 3878 got_shared_uuid = true; 3879 devip->lu_name = shared_uuid; 3880 } 3881 } 3882 devip->sdbg_host = sdbg_host; 3883 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list); 3884 } 3885 return devip; 3886 } 3887 3888 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev) 3889 { 3890 struct sdebug_host_info *sdbg_host; 3891 struct sdebug_dev_info *open_devip = NULL; 3892 struct sdebug_dev_info *devip; 3893 3894 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host); 3895 if (!sdbg_host) { 3896 pr_err("Host info NULL\n"); 3897 return NULL; 3898 } 3899 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 3900 if ((devip->used) && (devip->channel == sdev->channel) && 3901 (devip->target == sdev->id) && 3902 (devip->lun == sdev->lun)) 3903 return devip; 3904 else { 3905 if ((!devip->used) && (!open_devip)) 3906 open_devip = devip; 3907 } 3908 } 3909 if (!open_devip) { /* try and make a new one */ 3910 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC); 3911 if (!open_devip) { 3912 pr_err("out of memory at line %d\n", __LINE__); 3913 return NULL; 3914 } 3915 } 3916 3917 open_devip->channel = sdev->channel; 3918 open_devip->target = sdev->id; 3919 open_devip->lun = sdev->lun; 3920 open_devip->sdbg_host = sdbg_host; 3921 atomic_set(&open_devip->num_in_q, 0); 3922 set_bit(SDEBUG_UA_POR, open_devip->uas_bm); 3923 open_devip->used = true; 3924 return open_devip; 3925 } 3926 3927 static int scsi_debug_slave_alloc(struct scsi_device *sdp) 3928 { 3929 if (sdebug_verbose) 3930 pr_info("slave_alloc <%u %u %u %llu>\n", 3931 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3932 blk_queue_flag_set(QUEUE_FLAG_BIDI, sdp->request_queue); 3933 return 0; 3934 } 3935 3936 static int scsi_debug_slave_configure(struct scsi_device *sdp) 3937 { 3938 struct sdebug_dev_info *devip = 3939 (struct sdebug_dev_info *)sdp->hostdata; 3940 3941 if (sdebug_verbose) 3942 pr_info("slave_configure <%u %u %u %llu>\n", 3943 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3944 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN) 3945 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN; 3946 if (devip == NULL) { 3947 devip = find_build_dev_info(sdp); 3948 if (devip == NULL) 3949 return 1; /* no resources, will be marked offline */ 3950 } 3951 sdp->hostdata = devip; 3952 blk_queue_max_segment_size(sdp->request_queue, -1U); 3953 if (sdebug_no_uld) 3954 sdp->no_uld_attach = 1; 3955 config_cdb_len(sdp); 3956 return 0; 3957 } 3958 3959 static void scsi_debug_slave_destroy(struct scsi_device *sdp) 3960 { 3961 struct sdebug_dev_info *devip = 3962 (struct sdebug_dev_info *)sdp->hostdata; 3963 3964 if (sdebug_verbose) 3965 pr_info("slave_destroy <%u %u %u %llu>\n", 3966 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3967 if (devip) { 3968 /* make this slot available for re-use */ 3969 devip->used = false; 3970 sdp->hostdata = NULL; 3971 } 3972 } 3973 3974 static void stop_qc_helper(struct sdebug_defer *sd_dp, 3975 enum sdeb_defer_type defer_t) 3976 { 3977 if (!sd_dp) 3978 return; 3979 if (defer_t == SDEB_DEFER_HRT) 3980 hrtimer_cancel(&sd_dp->hrt); 3981 else if (defer_t == SDEB_DEFER_WQ) 3982 cancel_work_sync(&sd_dp->ew.work); 3983 } 3984 3985 /* If @cmnd found deletes its timer or work queue and returns true; else 3986 returns false */ 3987 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd) 3988 { 3989 unsigned long iflags; 3990 int j, k, qmax, r_qmax; 3991 enum sdeb_defer_type l_defer_t; 3992 struct sdebug_queue *sqp; 3993 struct sdebug_queued_cmd *sqcp; 3994 struct sdebug_dev_info *devip; 3995 struct sdebug_defer *sd_dp; 3996 3997 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 3998 spin_lock_irqsave(&sqp->qc_lock, iflags); 3999 qmax = sdebug_max_queue; 4000 r_qmax = atomic_read(&retired_max_queue); 4001 if (r_qmax > qmax) 4002 qmax = r_qmax; 4003 for (k = 0; k < qmax; ++k) { 4004 if (test_bit(k, sqp->in_use_bm)) { 4005 sqcp = &sqp->qc_arr[k]; 4006 if (cmnd != sqcp->a_cmnd) 4007 continue; 4008 /* found */ 4009 devip = (struct sdebug_dev_info *) 4010 cmnd->device->hostdata; 4011 if (devip) 4012 atomic_dec(&devip->num_in_q); 4013 sqcp->a_cmnd = NULL; 4014 sd_dp = sqcp->sd_dp; 4015 if (sd_dp) { 4016 l_defer_t = sd_dp->defer_t; 4017 sd_dp->defer_t = SDEB_DEFER_NONE; 4018 } else 4019 l_defer_t = SDEB_DEFER_NONE; 4020 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4021 stop_qc_helper(sd_dp, l_defer_t); 4022 clear_bit(k, sqp->in_use_bm); 4023 return true; 4024 } 4025 } 4026 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4027 } 4028 return false; 4029 } 4030 4031 /* Deletes (stops) timers or work queues of all queued commands */ 4032 static void stop_all_queued(void) 4033 { 4034 unsigned long iflags; 4035 int j, k; 4036 enum sdeb_defer_type l_defer_t; 4037 struct sdebug_queue *sqp; 4038 struct sdebug_queued_cmd *sqcp; 4039 struct sdebug_dev_info *devip; 4040 struct sdebug_defer *sd_dp; 4041 4042 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 4043 spin_lock_irqsave(&sqp->qc_lock, iflags); 4044 for (k = 0; k < SDEBUG_CANQUEUE; ++k) { 4045 if (test_bit(k, sqp->in_use_bm)) { 4046 sqcp = &sqp->qc_arr[k]; 4047 if (sqcp->a_cmnd == NULL) 4048 continue; 4049 devip = (struct sdebug_dev_info *) 4050 sqcp->a_cmnd->device->hostdata; 4051 if (devip) 4052 atomic_dec(&devip->num_in_q); 4053 sqcp->a_cmnd = NULL; 4054 sd_dp = sqcp->sd_dp; 4055 if (sd_dp) { 4056 l_defer_t = sd_dp->defer_t; 4057 sd_dp->defer_t = SDEB_DEFER_NONE; 4058 } else 4059 l_defer_t = SDEB_DEFER_NONE; 4060 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4061 stop_qc_helper(sd_dp, l_defer_t); 4062 clear_bit(k, sqp->in_use_bm); 4063 spin_lock_irqsave(&sqp->qc_lock, iflags); 4064 } 4065 } 4066 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4067 } 4068 } 4069 4070 /* Free queued command memory on heap */ 4071 static void free_all_queued(void) 4072 { 4073 int j, k; 4074 struct sdebug_queue *sqp; 4075 struct sdebug_queued_cmd *sqcp; 4076 4077 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 4078 for (k = 0; k < SDEBUG_CANQUEUE; ++k) { 4079 sqcp = &sqp->qc_arr[k]; 4080 kfree(sqcp->sd_dp); 4081 sqcp->sd_dp = NULL; 4082 } 4083 } 4084 } 4085 4086 static int scsi_debug_abort(struct scsi_cmnd *SCpnt) 4087 { 4088 bool ok; 4089 4090 ++num_aborts; 4091 if (SCpnt) { 4092 ok = stop_queued_cmnd(SCpnt); 4093 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts)) 4094 sdev_printk(KERN_INFO, SCpnt->device, 4095 "%s: command%s found\n", __func__, 4096 ok ? "" : " not"); 4097 } 4098 return SUCCESS; 4099 } 4100 4101 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt) 4102 { 4103 ++num_dev_resets; 4104 if (SCpnt && SCpnt->device) { 4105 struct scsi_device *sdp = SCpnt->device; 4106 struct sdebug_dev_info *devip = 4107 (struct sdebug_dev_info *)sdp->hostdata; 4108 4109 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 4110 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 4111 if (devip) 4112 set_bit(SDEBUG_UA_POR, devip->uas_bm); 4113 } 4114 return SUCCESS; 4115 } 4116 4117 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt) 4118 { 4119 struct sdebug_host_info *sdbg_host; 4120 struct sdebug_dev_info *devip; 4121 struct scsi_device *sdp; 4122 struct Scsi_Host *hp; 4123 int k = 0; 4124 4125 ++num_target_resets; 4126 if (!SCpnt) 4127 goto lie; 4128 sdp = SCpnt->device; 4129 if (!sdp) 4130 goto lie; 4131 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 4132 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 4133 hp = sdp->host; 4134 if (!hp) 4135 goto lie; 4136 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp); 4137 if (sdbg_host) { 4138 list_for_each_entry(devip, 4139 &sdbg_host->dev_info_list, 4140 dev_list) 4141 if (devip->target == sdp->id) { 4142 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 4143 ++k; 4144 } 4145 } 4146 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 4147 sdev_printk(KERN_INFO, sdp, 4148 "%s: %d device(s) found in target\n", __func__, k); 4149 lie: 4150 return SUCCESS; 4151 } 4152 4153 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt) 4154 { 4155 struct sdebug_host_info *sdbg_host; 4156 struct sdebug_dev_info *devip; 4157 struct scsi_device *sdp; 4158 struct Scsi_Host *hp; 4159 int k = 0; 4160 4161 ++num_bus_resets; 4162 if (!(SCpnt && SCpnt->device)) 4163 goto lie; 4164 sdp = SCpnt->device; 4165 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 4166 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 4167 hp = sdp->host; 4168 if (hp) { 4169 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp); 4170 if (sdbg_host) { 4171 list_for_each_entry(devip, 4172 &sdbg_host->dev_info_list, 4173 dev_list) { 4174 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 4175 ++k; 4176 } 4177 } 4178 } 4179 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 4180 sdev_printk(KERN_INFO, sdp, 4181 "%s: %d device(s) found in host\n", __func__, k); 4182 lie: 4183 return SUCCESS; 4184 } 4185 4186 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt) 4187 { 4188 struct sdebug_host_info *sdbg_host; 4189 struct sdebug_dev_info *devip; 4190 int k = 0; 4191 4192 ++num_host_resets; 4193 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts)) 4194 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__); 4195 spin_lock(&sdebug_host_list_lock); 4196 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 4197 list_for_each_entry(devip, &sdbg_host->dev_info_list, 4198 dev_list) { 4199 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 4200 ++k; 4201 } 4202 } 4203 spin_unlock(&sdebug_host_list_lock); 4204 stop_all_queued(); 4205 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 4206 sdev_printk(KERN_INFO, SCpnt->device, 4207 "%s: %d device(s) found\n", __func__, k); 4208 return SUCCESS; 4209 } 4210 4211 static void __init sdebug_build_parts(unsigned char *ramp, 4212 unsigned long store_size) 4213 { 4214 struct partition *pp; 4215 int starts[SDEBUG_MAX_PARTS + 2]; 4216 int sectors_per_part, num_sectors, k; 4217 int heads_by_sects, start_sec, end_sec; 4218 4219 /* assume partition table already zeroed */ 4220 if ((sdebug_num_parts < 1) || (store_size < 1048576)) 4221 return; 4222 if (sdebug_num_parts > SDEBUG_MAX_PARTS) { 4223 sdebug_num_parts = SDEBUG_MAX_PARTS; 4224 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS); 4225 } 4226 num_sectors = (int)sdebug_store_sectors; 4227 sectors_per_part = (num_sectors - sdebug_sectors_per) 4228 / sdebug_num_parts; 4229 heads_by_sects = sdebug_heads * sdebug_sectors_per; 4230 starts[0] = sdebug_sectors_per; 4231 for (k = 1; k < sdebug_num_parts; ++k) 4232 starts[k] = ((k * sectors_per_part) / heads_by_sects) 4233 * heads_by_sects; 4234 starts[sdebug_num_parts] = num_sectors; 4235 starts[sdebug_num_parts + 1] = 0; 4236 4237 ramp[510] = 0x55; /* magic partition markings */ 4238 ramp[511] = 0xAA; 4239 pp = (struct partition *)(ramp + 0x1be); 4240 for (k = 0; starts[k + 1]; ++k, ++pp) { 4241 start_sec = starts[k]; 4242 end_sec = starts[k + 1] - 1; 4243 pp->boot_ind = 0; 4244 4245 pp->cyl = start_sec / heads_by_sects; 4246 pp->head = (start_sec - (pp->cyl * heads_by_sects)) 4247 / sdebug_sectors_per; 4248 pp->sector = (start_sec % sdebug_sectors_per) + 1; 4249 4250 pp->end_cyl = end_sec / heads_by_sects; 4251 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects)) 4252 / sdebug_sectors_per; 4253 pp->end_sector = (end_sec % sdebug_sectors_per) + 1; 4254 4255 pp->start_sect = cpu_to_le32(start_sec); 4256 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1); 4257 pp->sys_ind = 0x83; /* plain Linux partition */ 4258 } 4259 } 4260 4261 static void block_unblock_all_queues(bool block) 4262 { 4263 int j; 4264 struct sdebug_queue *sqp; 4265 4266 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) 4267 atomic_set(&sqp->blocked, (int)block); 4268 } 4269 4270 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1 4271 * commands will be processed normally before triggers occur. 4272 */ 4273 static void tweak_cmnd_count(void) 4274 { 4275 int count, modulo; 4276 4277 modulo = abs(sdebug_every_nth); 4278 if (modulo < 2) 4279 return; 4280 block_unblock_all_queues(true); 4281 count = atomic_read(&sdebug_cmnd_count); 4282 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo); 4283 block_unblock_all_queues(false); 4284 } 4285 4286 static void clear_queue_stats(void) 4287 { 4288 atomic_set(&sdebug_cmnd_count, 0); 4289 atomic_set(&sdebug_completions, 0); 4290 atomic_set(&sdebug_miss_cpus, 0); 4291 atomic_set(&sdebug_a_tsf, 0); 4292 } 4293 4294 static void setup_inject(struct sdebug_queue *sqp, 4295 struct sdebug_queued_cmd *sqcp) 4296 { 4297 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) { 4298 if (sdebug_every_nth > 0) 4299 sqcp->inj_recovered = sqcp->inj_transport 4300 = sqcp->inj_dif 4301 = sqcp->inj_dix = sqcp->inj_short = 0; 4302 return; 4303 } 4304 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts); 4305 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts); 4306 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts); 4307 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts); 4308 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts); 4309 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts); 4310 } 4311 4312 /* Complete the processing of the thread that queued a SCSI command to this 4313 * driver. It either completes the command by calling cmnd_done() or 4314 * schedules a hr timer or work queue then returns 0. Returns 4315 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources. 4316 */ 4317 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip, 4318 int scsi_result, 4319 int (*pfp)(struct scsi_cmnd *, 4320 struct sdebug_dev_info *), 4321 int delta_jiff, int ndelay) 4322 { 4323 unsigned long iflags; 4324 int k, num_in_q, qdepth, inject; 4325 struct sdebug_queue *sqp; 4326 struct sdebug_queued_cmd *sqcp; 4327 struct scsi_device *sdp; 4328 struct sdebug_defer *sd_dp; 4329 4330 if (unlikely(devip == NULL)) { 4331 if (scsi_result == 0) 4332 scsi_result = DID_NO_CONNECT << 16; 4333 goto respond_in_thread; 4334 } 4335 sdp = cmnd->device; 4336 4337 if (delta_jiff == 0) 4338 goto respond_in_thread; 4339 4340 /* schedule the response at a later time if resources permit */ 4341 sqp = get_queue(cmnd); 4342 spin_lock_irqsave(&sqp->qc_lock, iflags); 4343 if (unlikely(atomic_read(&sqp->blocked))) { 4344 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4345 return SCSI_MLQUEUE_HOST_BUSY; 4346 } 4347 num_in_q = atomic_read(&devip->num_in_q); 4348 qdepth = cmnd->device->queue_depth; 4349 inject = 0; 4350 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) { 4351 if (scsi_result) { 4352 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4353 goto respond_in_thread; 4354 } else 4355 scsi_result = device_qfull_result; 4356 } else if (unlikely(sdebug_every_nth && 4357 (SDEBUG_OPT_RARE_TSF & sdebug_opts) && 4358 (scsi_result == 0))) { 4359 if ((num_in_q == (qdepth - 1)) && 4360 (atomic_inc_return(&sdebug_a_tsf) >= 4361 abs(sdebug_every_nth))) { 4362 atomic_set(&sdebug_a_tsf, 0); 4363 inject = 1; 4364 scsi_result = device_qfull_result; 4365 } 4366 } 4367 4368 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue); 4369 if (unlikely(k >= sdebug_max_queue)) { 4370 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4371 if (scsi_result) 4372 goto respond_in_thread; 4373 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts) 4374 scsi_result = device_qfull_result; 4375 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) 4376 sdev_printk(KERN_INFO, sdp, 4377 "%s: max_queue=%d exceeded, %s\n", 4378 __func__, sdebug_max_queue, 4379 (scsi_result ? "status: TASK SET FULL" : 4380 "report: host busy")); 4381 if (scsi_result) 4382 goto respond_in_thread; 4383 else 4384 return SCSI_MLQUEUE_HOST_BUSY; 4385 } 4386 __set_bit(k, sqp->in_use_bm); 4387 atomic_inc(&devip->num_in_q); 4388 sqcp = &sqp->qc_arr[k]; 4389 sqcp->a_cmnd = cmnd; 4390 cmnd->host_scribble = (unsigned char *)sqcp; 4391 sd_dp = sqcp->sd_dp; 4392 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4393 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt)) 4394 setup_inject(sqp, sqcp); 4395 if (sd_dp == NULL) { 4396 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC); 4397 if (sd_dp == NULL) 4398 return SCSI_MLQUEUE_HOST_BUSY; 4399 } 4400 4401 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0; 4402 if (cmnd->result & SDEG_RES_IMMED_MASK) { 4403 /* 4404 * This is the F_DELAY_OVERR case. No delay. 4405 */ 4406 cmnd->result &= ~SDEG_RES_IMMED_MASK; 4407 delta_jiff = ndelay = 0; 4408 } 4409 if (cmnd->result == 0 && scsi_result != 0) 4410 cmnd->result = scsi_result; 4411 4412 if (unlikely(sdebug_verbose && cmnd->result)) 4413 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n", 4414 __func__, cmnd->result); 4415 4416 if (delta_jiff > 0 || ndelay > 0) { 4417 ktime_t kt; 4418 4419 if (delta_jiff > 0) { 4420 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ)); 4421 } else 4422 kt = ndelay; 4423 if (!sd_dp->init_hrt) { 4424 sd_dp->init_hrt = true; 4425 sqcp->sd_dp = sd_dp; 4426 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, 4427 HRTIMER_MODE_REL_PINNED); 4428 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete; 4429 sd_dp->sqa_idx = sqp - sdebug_q_arr; 4430 sd_dp->qc_idx = k; 4431 } 4432 if (sdebug_statistics) 4433 sd_dp->issuing_cpu = raw_smp_processor_id(); 4434 sd_dp->defer_t = SDEB_DEFER_HRT; 4435 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED); 4436 } else { /* jdelay < 0, use work queue */ 4437 if (!sd_dp->init_wq) { 4438 sd_dp->init_wq = true; 4439 sqcp->sd_dp = sd_dp; 4440 sd_dp->sqa_idx = sqp - sdebug_q_arr; 4441 sd_dp->qc_idx = k; 4442 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete); 4443 } 4444 if (sdebug_statistics) 4445 sd_dp->issuing_cpu = raw_smp_processor_id(); 4446 sd_dp->defer_t = SDEB_DEFER_WQ; 4447 schedule_work(&sd_dp->ew.work); 4448 } 4449 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && 4450 (scsi_result == device_qfull_result))) 4451 sdev_printk(KERN_INFO, sdp, 4452 "%s: num_in_q=%d +1, %s%s\n", __func__, 4453 num_in_q, (inject ? "<inject> " : ""), 4454 "status: TASK SET FULL"); 4455 return 0; 4456 4457 respond_in_thread: /* call back to mid-layer using invocation thread */ 4458 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0; 4459 cmnd->result &= ~SDEG_RES_IMMED_MASK; 4460 if (cmnd->result == 0 && scsi_result != 0) 4461 cmnd->result = scsi_result; 4462 cmnd->scsi_done(cmnd); 4463 return 0; 4464 } 4465 4466 /* Note: The following macros create attribute files in the 4467 /sys/module/scsi_debug/parameters directory. Unfortunately this 4468 driver is unaware of a change and cannot trigger auxiliary actions 4469 as it can when the corresponding attribute in the 4470 /sys/bus/pseudo/drivers/scsi_debug directory is changed. 4471 */ 4472 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR); 4473 module_param_named(ato, sdebug_ato, int, S_IRUGO); 4474 module_param_named(cdb_len, sdebug_cdb_len, int, 0644); 4475 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR); 4476 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR); 4477 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO); 4478 module_param_named(dif, sdebug_dif, int, S_IRUGO); 4479 module_param_named(dix, sdebug_dix, int, S_IRUGO); 4480 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR); 4481 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR); 4482 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR); 4483 module_param_named(guard, sdebug_guard, uint, S_IRUGO); 4484 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR); 4485 module_param_string(inq_vendor, sdebug_inq_vendor_id, 4486 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR); 4487 module_param_string(inq_product, sdebug_inq_product_id, 4488 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR); 4489 module_param_string(inq_rev, sdebug_inq_product_rev, 4490 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR); 4491 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO); 4492 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO); 4493 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO); 4494 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO); 4495 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO); 4496 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR); 4497 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR); 4498 module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR); 4499 module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR); 4500 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR); 4501 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR); 4502 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO); 4503 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO); 4504 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR); 4505 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO); 4506 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR); 4507 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO); 4508 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO); 4509 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR); 4510 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR); 4511 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO); 4512 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO); 4513 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR); 4514 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR); 4515 module_param_named(submit_queues, submit_queues, int, S_IRUGO); 4516 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO); 4517 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO); 4518 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO); 4519 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO); 4520 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR); 4521 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO); 4522 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int, 4523 S_IRUGO | S_IWUSR); 4524 module_param_named(write_same_length, sdebug_write_same_length, int, 4525 S_IRUGO | S_IWUSR); 4526 4527 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert"); 4528 MODULE_DESCRIPTION("SCSI debug adapter driver"); 4529 MODULE_LICENSE("GPL"); 4530 MODULE_VERSION(SDEBUG_VERSION); 4531 4532 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)"); 4533 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)"); 4534 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)"); 4535 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)"); 4536 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny"); 4537 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)"); 4538 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)"); 4539 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)"); 4540 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)"); 4541 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)"); 4542 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)"); 4543 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)"); 4544 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)"); 4545 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")"); 4546 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")"); 4547 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\"" 4548 SDEBUG_VERSION "\")"); 4549 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)"); 4550 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)"); 4551 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)"); 4552 MODULE_PARM_DESC(lbprz, 4553 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2"); 4554 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)"); 4555 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)"); 4556 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))"); 4557 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error"); 4558 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error"); 4559 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)"); 4560 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)"); 4561 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))"); 4562 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)"); 4563 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)"); 4564 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)"); 4565 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)"); 4566 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)"); 4567 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)"); 4568 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])"); 4569 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)"); 4570 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])"); 4571 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)"); 4572 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)"); 4573 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)"); 4574 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)"); 4575 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)"); 4576 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)"); 4577 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)"); 4578 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)"); 4579 MODULE_PARM_DESC(uuid_ctl, 4580 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)"); 4581 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)"); 4582 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)"); 4583 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)"); 4584 4585 #define SDEBUG_INFO_LEN 256 4586 static char sdebug_info[SDEBUG_INFO_LEN]; 4587 4588 static const char *scsi_debug_info(struct Scsi_Host *shp) 4589 { 4590 int k; 4591 4592 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n", 4593 my_name, SDEBUG_VERSION, sdebug_version_date); 4594 if (k >= (SDEBUG_INFO_LEN - 1)) 4595 return sdebug_info; 4596 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k, 4597 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d", 4598 sdebug_dev_size_mb, sdebug_opts, submit_queues, 4599 "statistics", (int)sdebug_statistics); 4600 return sdebug_info; 4601 } 4602 4603 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */ 4604 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, 4605 int length) 4606 { 4607 char arr[16]; 4608 int opts; 4609 int minLen = length > 15 ? 15 : length; 4610 4611 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 4612 return -EACCES; 4613 memcpy(arr, buffer, minLen); 4614 arr[minLen] = '\0'; 4615 if (1 != sscanf(arr, "%d", &opts)) 4616 return -EINVAL; 4617 sdebug_opts = opts; 4618 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 4619 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 4620 if (sdebug_every_nth != 0) 4621 tweak_cmnd_count(); 4622 return length; 4623 } 4624 4625 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the 4626 * same for each scsi_debug host (if more than one). Some of the counters 4627 * output are not atomics so might be inaccurate in a busy system. */ 4628 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host) 4629 { 4630 int f, j, l; 4631 struct sdebug_queue *sqp; 4632 4633 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n", 4634 SDEBUG_VERSION, sdebug_version_date); 4635 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n", 4636 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb, 4637 sdebug_opts, sdebug_every_nth); 4638 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n", 4639 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns, 4640 sdebug_sector_size, "bytes"); 4641 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n", 4642 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per, 4643 num_aborts); 4644 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n", 4645 num_dev_resets, num_target_resets, num_bus_resets, 4646 num_host_resets); 4647 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n", 4648 dix_reads, dix_writes, dif_errors); 4649 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000, 4650 sdebug_statistics); 4651 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n", 4652 atomic_read(&sdebug_cmnd_count), 4653 atomic_read(&sdebug_completions), 4654 "miss_cpus", atomic_read(&sdebug_miss_cpus), 4655 atomic_read(&sdebug_a_tsf)); 4656 4657 seq_printf(m, "submit_queues=%d\n", submit_queues); 4658 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 4659 seq_printf(m, " queue %d:\n", j); 4660 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue); 4661 if (f != sdebug_max_queue) { 4662 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue); 4663 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n", 4664 "first,last bits", f, l); 4665 } 4666 } 4667 return 0; 4668 } 4669 4670 static ssize_t delay_show(struct device_driver *ddp, char *buf) 4671 { 4672 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay); 4673 } 4674 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit 4675 * of delay is jiffies. 4676 */ 4677 static ssize_t delay_store(struct device_driver *ddp, const char *buf, 4678 size_t count) 4679 { 4680 int jdelay, res; 4681 4682 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) { 4683 res = count; 4684 if (sdebug_jdelay != jdelay) { 4685 int j, k; 4686 struct sdebug_queue *sqp; 4687 4688 block_unblock_all_queues(true); 4689 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4690 ++j, ++sqp) { 4691 k = find_first_bit(sqp->in_use_bm, 4692 sdebug_max_queue); 4693 if (k != sdebug_max_queue) { 4694 res = -EBUSY; /* queued commands */ 4695 break; 4696 } 4697 } 4698 if (res > 0) { 4699 sdebug_jdelay = jdelay; 4700 sdebug_ndelay = 0; 4701 } 4702 block_unblock_all_queues(false); 4703 } 4704 return res; 4705 } 4706 return -EINVAL; 4707 } 4708 static DRIVER_ATTR_RW(delay); 4709 4710 static ssize_t ndelay_show(struct device_driver *ddp, char *buf) 4711 { 4712 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay); 4713 } 4714 /* Returns -EBUSY if ndelay is being changed and commands are queued */ 4715 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */ 4716 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf, 4717 size_t count) 4718 { 4719 int ndelay, res; 4720 4721 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) && 4722 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) { 4723 res = count; 4724 if (sdebug_ndelay != ndelay) { 4725 int j, k; 4726 struct sdebug_queue *sqp; 4727 4728 block_unblock_all_queues(true); 4729 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4730 ++j, ++sqp) { 4731 k = find_first_bit(sqp->in_use_bm, 4732 sdebug_max_queue); 4733 if (k != sdebug_max_queue) { 4734 res = -EBUSY; /* queued commands */ 4735 break; 4736 } 4737 } 4738 if (res > 0) { 4739 sdebug_ndelay = ndelay; 4740 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN 4741 : DEF_JDELAY; 4742 } 4743 block_unblock_all_queues(false); 4744 } 4745 return res; 4746 } 4747 return -EINVAL; 4748 } 4749 static DRIVER_ATTR_RW(ndelay); 4750 4751 static ssize_t opts_show(struct device_driver *ddp, char *buf) 4752 { 4753 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts); 4754 } 4755 4756 static ssize_t opts_store(struct device_driver *ddp, const char *buf, 4757 size_t count) 4758 { 4759 int opts; 4760 char work[20]; 4761 4762 if (sscanf(buf, "%10s", work) == 1) { 4763 if (strncasecmp(work, "0x", 2) == 0) { 4764 if (kstrtoint(work + 2, 16, &opts) == 0) 4765 goto opts_done; 4766 } else { 4767 if (kstrtoint(work, 10, &opts) == 0) 4768 goto opts_done; 4769 } 4770 } 4771 return -EINVAL; 4772 opts_done: 4773 sdebug_opts = opts; 4774 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 4775 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 4776 tweak_cmnd_count(); 4777 return count; 4778 } 4779 static DRIVER_ATTR_RW(opts); 4780 4781 static ssize_t ptype_show(struct device_driver *ddp, char *buf) 4782 { 4783 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype); 4784 } 4785 static ssize_t ptype_store(struct device_driver *ddp, const char *buf, 4786 size_t count) 4787 { 4788 int n; 4789 4790 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4791 sdebug_ptype = n; 4792 return count; 4793 } 4794 return -EINVAL; 4795 } 4796 static DRIVER_ATTR_RW(ptype); 4797 4798 static ssize_t dsense_show(struct device_driver *ddp, char *buf) 4799 { 4800 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense); 4801 } 4802 static ssize_t dsense_store(struct device_driver *ddp, const char *buf, 4803 size_t count) 4804 { 4805 int n; 4806 4807 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4808 sdebug_dsense = n; 4809 return count; 4810 } 4811 return -EINVAL; 4812 } 4813 static DRIVER_ATTR_RW(dsense); 4814 4815 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf) 4816 { 4817 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw); 4818 } 4819 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf, 4820 size_t count) 4821 { 4822 int n; 4823 4824 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4825 n = (n > 0); 4826 sdebug_fake_rw = (sdebug_fake_rw > 0); 4827 if (sdebug_fake_rw != n) { 4828 if ((0 == n) && (NULL == fake_storep)) { 4829 unsigned long sz = 4830 (unsigned long)sdebug_dev_size_mb * 4831 1048576; 4832 4833 fake_storep = vmalloc(sz); 4834 if (NULL == fake_storep) { 4835 pr_err("out of memory, 9\n"); 4836 return -ENOMEM; 4837 } 4838 memset(fake_storep, 0, sz); 4839 } 4840 sdebug_fake_rw = n; 4841 } 4842 return count; 4843 } 4844 return -EINVAL; 4845 } 4846 static DRIVER_ATTR_RW(fake_rw); 4847 4848 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf) 4849 { 4850 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0); 4851 } 4852 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf, 4853 size_t count) 4854 { 4855 int n; 4856 4857 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4858 sdebug_no_lun_0 = n; 4859 return count; 4860 } 4861 return -EINVAL; 4862 } 4863 static DRIVER_ATTR_RW(no_lun_0); 4864 4865 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf) 4866 { 4867 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts); 4868 } 4869 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf, 4870 size_t count) 4871 { 4872 int n; 4873 4874 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4875 sdebug_num_tgts = n; 4876 sdebug_max_tgts_luns(); 4877 return count; 4878 } 4879 return -EINVAL; 4880 } 4881 static DRIVER_ATTR_RW(num_tgts); 4882 4883 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf) 4884 { 4885 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb); 4886 } 4887 static DRIVER_ATTR_RO(dev_size_mb); 4888 4889 static ssize_t num_parts_show(struct device_driver *ddp, char *buf) 4890 { 4891 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts); 4892 } 4893 static DRIVER_ATTR_RO(num_parts); 4894 4895 static ssize_t every_nth_show(struct device_driver *ddp, char *buf) 4896 { 4897 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth); 4898 } 4899 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf, 4900 size_t count) 4901 { 4902 int nth; 4903 4904 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) { 4905 sdebug_every_nth = nth; 4906 if (nth && !sdebug_statistics) { 4907 pr_info("every_nth needs statistics=1, set it\n"); 4908 sdebug_statistics = true; 4909 } 4910 tweak_cmnd_count(); 4911 return count; 4912 } 4913 return -EINVAL; 4914 } 4915 static DRIVER_ATTR_RW(every_nth); 4916 4917 static ssize_t max_luns_show(struct device_driver *ddp, char *buf) 4918 { 4919 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns); 4920 } 4921 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf, 4922 size_t count) 4923 { 4924 int n; 4925 bool changed; 4926 4927 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4928 if (n > 256) { 4929 pr_warn("max_luns can be no more than 256\n"); 4930 return -EINVAL; 4931 } 4932 changed = (sdebug_max_luns != n); 4933 sdebug_max_luns = n; 4934 sdebug_max_tgts_luns(); 4935 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */ 4936 struct sdebug_host_info *sdhp; 4937 struct sdebug_dev_info *dp; 4938 4939 spin_lock(&sdebug_host_list_lock); 4940 list_for_each_entry(sdhp, &sdebug_host_list, 4941 host_list) { 4942 list_for_each_entry(dp, &sdhp->dev_info_list, 4943 dev_list) { 4944 set_bit(SDEBUG_UA_LUNS_CHANGED, 4945 dp->uas_bm); 4946 } 4947 } 4948 spin_unlock(&sdebug_host_list_lock); 4949 } 4950 return count; 4951 } 4952 return -EINVAL; 4953 } 4954 static DRIVER_ATTR_RW(max_luns); 4955 4956 static ssize_t max_queue_show(struct device_driver *ddp, char *buf) 4957 { 4958 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue); 4959 } 4960 /* N.B. max_queue can be changed while there are queued commands. In flight 4961 * commands beyond the new max_queue will be completed. */ 4962 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf, 4963 size_t count) 4964 { 4965 int j, n, k, a; 4966 struct sdebug_queue *sqp; 4967 4968 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) && 4969 (n <= SDEBUG_CANQUEUE)) { 4970 block_unblock_all_queues(true); 4971 k = 0; 4972 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4973 ++j, ++sqp) { 4974 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE); 4975 if (a > k) 4976 k = a; 4977 } 4978 sdebug_max_queue = n; 4979 if (k == SDEBUG_CANQUEUE) 4980 atomic_set(&retired_max_queue, 0); 4981 else if (k >= n) 4982 atomic_set(&retired_max_queue, k + 1); 4983 else 4984 atomic_set(&retired_max_queue, 0); 4985 block_unblock_all_queues(false); 4986 return count; 4987 } 4988 return -EINVAL; 4989 } 4990 static DRIVER_ATTR_RW(max_queue); 4991 4992 static ssize_t no_uld_show(struct device_driver *ddp, char *buf) 4993 { 4994 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld); 4995 } 4996 static DRIVER_ATTR_RO(no_uld); 4997 4998 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf) 4999 { 5000 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level); 5001 } 5002 static DRIVER_ATTR_RO(scsi_level); 5003 5004 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf) 5005 { 5006 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb); 5007 } 5008 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf, 5009 size_t count) 5010 { 5011 int n; 5012 bool changed; 5013 5014 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 5015 changed = (sdebug_virtual_gb != n); 5016 sdebug_virtual_gb = n; 5017 sdebug_capacity = get_sdebug_capacity(); 5018 if (changed) { 5019 struct sdebug_host_info *sdhp; 5020 struct sdebug_dev_info *dp; 5021 5022 spin_lock(&sdebug_host_list_lock); 5023 list_for_each_entry(sdhp, &sdebug_host_list, 5024 host_list) { 5025 list_for_each_entry(dp, &sdhp->dev_info_list, 5026 dev_list) { 5027 set_bit(SDEBUG_UA_CAPACITY_CHANGED, 5028 dp->uas_bm); 5029 } 5030 } 5031 spin_unlock(&sdebug_host_list_lock); 5032 } 5033 return count; 5034 } 5035 return -EINVAL; 5036 } 5037 static DRIVER_ATTR_RW(virtual_gb); 5038 5039 static ssize_t add_host_show(struct device_driver *ddp, char *buf) 5040 { 5041 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host); 5042 } 5043 5044 static int sdebug_add_adapter(void); 5045 static void sdebug_remove_adapter(void); 5046 5047 static ssize_t add_host_store(struct device_driver *ddp, const char *buf, 5048 size_t count) 5049 { 5050 int delta_hosts; 5051 5052 if (sscanf(buf, "%d", &delta_hosts) != 1) 5053 return -EINVAL; 5054 if (delta_hosts > 0) { 5055 do { 5056 sdebug_add_adapter(); 5057 } while (--delta_hosts); 5058 } else if (delta_hosts < 0) { 5059 do { 5060 sdebug_remove_adapter(); 5061 } while (++delta_hosts); 5062 } 5063 return count; 5064 } 5065 static DRIVER_ATTR_RW(add_host); 5066 5067 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf) 5068 { 5069 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno); 5070 } 5071 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf, 5072 size_t count) 5073 { 5074 int n; 5075 5076 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 5077 sdebug_vpd_use_hostno = n; 5078 return count; 5079 } 5080 return -EINVAL; 5081 } 5082 static DRIVER_ATTR_RW(vpd_use_hostno); 5083 5084 static ssize_t statistics_show(struct device_driver *ddp, char *buf) 5085 { 5086 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics); 5087 } 5088 static ssize_t statistics_store(struct device_driver *ddp, const char *buf, 5089 size_t count) 5090 { 5091 int n; 5092 5093 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) { 5094 if (n > 0) 5095 sdebug_statistics = true; 5096 else { 5097 clear_queue_stats(); 5098 sdebug_statistics = false; 5099 } 5100 return count; 5101 } 5102 return -EINVAL; 5103 } 5104 static DRIVER_ATTR_RW(statistics); 5105 5106 static ssize_t sector_size_show(struct device_driver *ddp, char *buf) 5107 { 5108 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size); 5109 } 5110 static DRIVER_ATTR_RO(sector_size); 5111 5112 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf) 5113 { 5114 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues); 5115 } 5116 static DRIVER_ATTR_RO(submit_queues); 5117 5118 static ssize_t dix_show(struct device_driver *ddp, char *buf) 5119 { 5120 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix); 5121 } 5122 static DRIVER_ATTR_RO(dix); 5123 5124 static ssize_t dif_show(struct device_driver *ddp, char *buf) 5125 { 5126 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif); 5127 } 5128 static DRIVER_ATTR_RO(dif); 5129 5130 static ssize_t guard_show(struct device_driver *ddp, char *buf) 5131 { 5132 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard); 5133 } 5134 static DRIVER_ATTR_RO(guard); 5135 5136 static ssize_t ato_show(struct device_driver *ddp, char *buf) 5137 { 5138 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato); 5139 } 5140 static DRIVER_ATTR_RO(ato); 5141 5142 static ssize_t map_show(struct device_driver *ddp, char *buf) 5143 { 5144 ssize_t count; 5145 5146 if (!scsi_debug_lbp()) 5147 return scnprintf(buf, PAGE_SIZE, "0-%u\n", 5148 sdebug_store_sectors); 5149 5150 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl", 5151 (int)map_size, map_storep); 5152 buf[count++] = '\n'; 5153 buf[count] = '\0'; 5154 5155 return count; 5156 } 5157 static DRIVER_ATTR_RO(map); 5158 5159 static ssize_t removable_show(struct device_driver *ddp, char *buf) 5160 { 5161 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0); 5162 } 5163 static ssize_t removable_store(struct device_driver *ddp, const char *buf, 5164 size_t count) 5165 { 5166 int n; 5167 5168 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 5169 sdebug_removable = (n > 0); 5170 return count; 5171 } 5172 return -EINVAL; 5173 } 5174 static DRIVER_ATTR_RW(removable); 5175 5176 static ssize_t host_lock_show(struct device_driver *ddp, char *buf) 5177 { 5178 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock); 5179 } 5180 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */ 5181 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf, 5182 size_t count) 5183 { 5184 int n; 5185 5186 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 5187 sdebug_host_lock = (n > 0); 5188 return count; 5189 } 5190 return -EINVAL; 5191 } 5192 static DRIVER_ATTR_RW(host_lock); 5193 5194 static ssize_t strict_show(struct device_driver *ddp, char *buf) 5195 { 5196 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict); 5197 } 5198 static ssize_t strict_store(struct device_driver *ddp, const char *buf, 5199 size_t count) 5200 { 5201 int n; 5202 5203 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 5204 sdebug_strict = (n > 0); 5205 return count; 5206 } 5207 return -EINVAL; 5208 } 5209 static DRIVER_ATTR_RW(strict); 5210 5211 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf) 5212 { 5213 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl); 5214 } 5215 static DRIVER_ATTR_RO(uuid_ctl); 5216 5217 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf) 5218 { 5219 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len); 5220 } 5221 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf, 5222 size_t count) 5223 { 5224 int ret, n; 5225 5226 ret = kstrtoint(buf, 0, &n); 5227 if (ret) 5228 return ret; 5229 sdebug_cdb_len = n; 5230 all_config_cdb_len(); 5231 return count; 5232 } 5233 static DRIVER_ATTR_RW(cdb_len); 5234 5235 5236 /* Note: The following array creates attribute files in the 5237 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these 5238 files (over those found in the /sys/module/scsi_debug/parameters 5239 directory) is that auxiliary actions can be triggered when an attribute 5240 is changed. For example see: sdebug_add_host_store() above. 5241 */ 5242 5243 static struct attribute *sdebug_drv_attrs[] = { 5244 &driver_attr_delay.attr, 5245 &driver_attr_opts.attr, 5246 &driver_attr_ptype.attr, 5247 &driver_attr_dsense.attr, 5248 &driver_attr_fake_rw.attr, 5249 &driver_attr_no_lun_0.attr, 5250 &driver_attr_num_tgts.attr, 5251 &driver_attr_dev_size_mb.attr, 5252 &driver_attr_num_parts.attr, 5253 &driver_attr_every_nth.attr, 5254 &driver_attr_max_luns.attr, 5255 &driver_attr_max_queue.attr, 5256 &driver_attr_no_uld.attr, 5257 &driver_attr_scsi_level.attr, 5258 &driver_attr_virtual_gb.attr, 5259 &driver_attr_add_host.attr, 5260 &driver_attr_vpd_use_hostno.attr, 5261 &driver_attr_sector_size.attr, 5262 &driver_attr_statistics.attr, 5263 &driver_attr_submit_queues.attr, 5264 &driver_attr_dix.attr, 5265 &driver_attr_dif.attr, 5266 &driver_attr_guard.attr, 5267 &driver_attr_ato.attr, 5268 &driver_attr_map.attr, 5269 &driver_attr_removable.attr, 5270 &driver_attr_host_lock.attr, 5271 &driver_attr_ndelay.attr, 5272 &driver_attr_strict.attr, 5273 &driver_attr_uuid_ctl.attr, 5274 &driver_attr_cdb_len.attr, 5275 NULL, 5276 }; 5277 ATTRIBUTE_GROUPS(sdebug_drv); 5278 5279 static struct device *pseudo_primary; 5280 5281 static int __init scsi_debug_init(void) 5282 { 5283 unsigned long sz; 5284 int host_to_add; 5285 int k; 5286 int ret; 5287 5288 atomic_set(&retired_max_queue, 0); 5289 5290 if (sdebug_ndelay >= 1000 * 1000 * 1000) { 5291 pr_warn("ndelay must be less than 1 second, ignored\n"); 5292 sdebug_ndelay = 0; 5293 } else if (sdebug_ndelay > 0) 5294 sdebug_jdelay = JDELAY_OVERRIDDEN; 5295 5296 switch (sdebug_sector_size) { 5297 case 512: 5298 case 1024: 5299 case 2048: 5300 case 4096: 5301 break; 5302 default: 5303 pr_err("invalid sector_size %d\n", sdebug_sector_size); 5304 return -EINVAL; 5305 } 5306 5307 switch (sdebug_dif) { 5308 case T10_PI_TYPE0_PROTECTION: 5309 break; 5310 case T10_PI_TYPE1_PROTECTION: 5311 case T10_PI_TYPE2_PROTECTION: 5312 case T10_PI_TYPE3_PROTECTION: 5313 have_dif_prot = true; 5314 break; 5315 5316 default: 5317 pr_err("dif must be 0, 1, 2 or 3\n"); 5318 return -EINVAL; 5319 } 5320 5321 if (sdebug_guard > 1) { 5322 pr_err("guard must be 0 or 1\n"); 5323 return -EINVAL; 5324 } 5325 5326 if (sdebug_ato > 1) { 5327 pr_err("ato must be 0 or 1\n"); 5328 return -EINVAL; 5329 } 5330 5331 if (sdebug_physblk_exp > 15) { 5332 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp); 5333 return -EINVAL; 5334 } 5335 if (sdebug_max_luns > 256) { 5336 pr_warn("max_luns can be no more than 256, use default\n"); 5337 sdebug_max_luns = DEF_MAX_LUNS; 5338 } 5339 5340 if (sdebug_lowest_aligned > 0x3fff) { 5341 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned); 5342 return -EINVAL; 5343 } 5344 5345 if (submit_queues < 1) { 5346 pr_err("submit_queues must be 1 or more\n"); 5347 return -EINVAL; 5348 } 5349 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue), 5350 GFP_KERNEL); 5351 if (sdebug_q_arr == NULL) 5352 return -ENOMEM; 5353 for (k = 0; k < submit_queues; ++k) 5354 spin_lock_init(&sdebug_q_arr[k].qc_lock); 5355 5356 if (sdebug_dev_size_mb < 1) 5357 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */ 5358 sz = (unsigned long)sdebug_dev_size_mb * 1048576; 5359 sdebug_store_sectors = sz / sdebug_sector_size; 5360 sdebug_capacity = get_sdebug_capacity(); 5361 5362 /* play around with geometry, don't waste too much on track 0 */ 5363 sdebug_heads = 8; 5364 sdebug_sectors_per = 32; 5365 if (sdebug_dev_size_mb >= 256) 5366 sdebug_heads = 64; 5367 else if (sdebug_dev_size_mb >= 16) 5368 sdebug_heads = 32; 5369 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 5370 (sdebug_sectors_per * sdebug_heads); 5371 if (sdebug_cylinders_per >= 1024) { 5372 /* other LLDs do this; implies >= 1GB ram disk ... */ 5373 sdebug_heads = 255; 5374 sdebug_sectors_per = 63; 5375 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 5376 (sdebug_sectors_per * sdebug_heads); 5377 } 5378 5379 if (sdebug_fake_rw == 0) { 5380 fake_storep = vmalloc(sz); 5381 if (NULL == fake_storep) { 5382 pr_err("out of memory, 1\n"); 5383 ret = -ENOMEM; 5384 goto free_q_arr; 5385 } 5386 memset(fake_storep, 0, sz); 5387 if (sdebug_num_parts > 0) 5388 sdebug_build_parts(fake_storep, sz); 5389 } 5390 5391 if (sdebug_dix) { 5392 int dif_size; 5393 5394 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple); 5395 dif_storep = vmalloc(dif_size); 5396 5397 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep); 5398 5399 if (dif_storep == NULL) { 5400 pr_err("out of mem. (DIX)\n"); 5401 ret = -ENOMEM; 5402 goto free_vm; 5403 } 5404 5405 memset(dif_storep, 0xff, dif_size); 5406 } 5407 5408 /* Logical Block Provisioning */ 5409 if (scsi_debug_lbp()) { 5410 sdebug_unmap_max_blocks = 5411 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU); 5412 5413 sdebug_unmap_max_desc = 5414 clamp(sdebug_unmap_max_desc, 0U, 256U); 5415 5416 sdebug_unmap_granularity = 5417 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU); 5418 5419 if (sdebug_unmap_alignment && 5420 sdebug_unmap_granularity <= 5421 sdebug_unmap_alignment) { 5422 pr_err("ERR: unmap_granularity <= unmap_alignment\n"); 5423 ret = -EINVAL; 5424 goto free_vm; 5425 } 5426 5427 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1; 5428 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long)); 5429 5430 pr_info("%lu provisioning blocks\n", map_size); 5431 5432 if (map_storep == NULL) { 5433 pr_err("out of mem. (MAP)\n"); 5434 ret = -ENOMEM; 5435 goto free_vm; 5436 } 5437 5438 bitmap_zero(map_storep, map_size); 5439 5440 /* Map first 1KB for partition table */ 5441 if (sdebug_num_parts) 5442 map_region(0, 2); 5443 } 5444 5445 pseudo_primary = root_device_register("pseudo_0"); 5446 if (IS_ERR(pseudo_primary)) { 5447 pr_warn("root_device_register() error\n"); 5448 ret = PTR_ERR(pseudo_primary); 5449 goto free_vm; 5450 } 5451 ret = bus_register(&pseudo_lld_bus); 5452 if (ret < 0) { 5453 pr_warn("bus_register error: %d\n", ret); 5454 goto dev_unreg; 5455 } 5456 ret = driver_register(&sdebug_driverfs_driver); 5457 if (ret < 0) { 5458 pr_warn("driver_register error: %d\n", ret); 5459 goto bus_unreg; 5460 } 5461 5462 host_to_add = sdebug_add_host; 5463 sdebug_add_host = 0; 5464 5465 for (k = 0; k < host_to_add; k++) { 5466 if (sdebug_add_adapter()) { 5467 pr_err("sdebug_add_adapter failed k=%d\n", k); 5468 break; 5469 } 5470 } 5471 5472 if (sdebug_verbose) 5473 pr_info("built %d host(s)\n", sdebug_add_host); 5474 5475 return 0; 5476 5477 bus_unreg: 5478 bus_unregister(&pseudo_lld_bus); 5479 dev_unreg: 5480 root_device_unregister(pseudo_primary); 5481 free_vm: 5482 vfree(map_storep); 5483 vfree(dif_storep); 5484 vfree(fake_storep); 5485 free_q_arr: 5486 kfree(sdebug_q_arr); 5487 return ret; 5488 } 5489 5490 static void __exit scsi_debug_exit(void) 5491 { 5492 int k = sdebug_add_host; 5493 5494 stop_all_queued(); 5495 free_all_queued(); 5496 for (; k; k--) 5497 sdebug_remove_adapter(); 5498 driver_unregister(&sdebug_driverfs_driver); 5499 bus_unregister(&pseudo_lld_bus); 5500 root_device_unregister(pseudo_primary); 5501 5502 vfree(map_storep); 5503 vfree(dif_storep); 5504 vfree(fake_storep); 5505 kfree(sdebug_q_arr); 5506 } 5507 5508 device_initcall(scsi_debug_init); 5509 module_exit(scsi_debug_exit); 5510 5511 static void sdebug_release_adapter(struct device *dev) 5512 { 5513 struct sdebug_host_info *sdbg_host; 5514 5515 sdbg_host = to_sdebug_host(dev); 5516 kfree(sdbg_host); 5517 } 5518 5519 static int sdebug_add_adapter(void) 5520 { 5521 int k, devs_per_host; 5522 int error = 0; 5523 struct sdebug_host_info *sdbg_host; 5524 struct sdebug_dev_info *sdbg_devinfo, *tmp; 5525 5526 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL); 5527 if (sdbg_host == NULL) { 5528 pr_err("out of memory at line %d\n", __LINE__); 5529 return -ENOMEM; 5530 } 5531 5532 INIT_LIST_HEAD(&sdbg_host->dev_info_list); 5533 5534 devs_per_host = sdebug_num_tgts * sdebug_max_luns; 5535 for (k = 0; k < devs_per_host; k++) { 5536 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL); 5537 if (!sdbg_devinfo) { 5538 pr_err("out of memory at line %d\n", __LINE__); 5539 error = -ENOMEM; 5540 goto clean; 5541 } 5542 } 5543 5544 spin_lock(&sdebug_host_list_lock); 5545 list_add_tail(&sdbg_host->host_list, &sdebug_host_list); 5546 spin_unlock(&sdebug_host_list_lock); 5547 5548 sdbg_host->dev.bus = &pseudo_lld_bus; 5549 sdbg_host->dev.parent = pseudo_primary; 5550 sdbg_host->dev.release = &sdebug_release_adapter; 5551 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host); 5552 5553 error = device_register(&sdbg_host->dev); 5554 5555 if (error) 5556 goto clean; 5557 5558 ++sdebug_add_host; 5559 return error; 5560 5561 clean: 5562 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 5563 dev_list) { 5564 list_del(&sdbg_devinfo->dev_list); 5565 kfree(sdbg_devinfo); 5566 } 5567 5568 kfree(sdbg_host); 5569 return error; 5570 } 5571 5572 static void sdebug_remove_adapter(void) 5573 { 5574 struct sdebug_host_info *sdbg_host = NULL; 5575 5576 spin_lock(&sdebug_host_list_lock); 5577 if (!list_empty(&sdebug_host_list)) { 5578 sdbg_host = list_entry(sdebug_host_list.prev, 5579 struct sdebug_host_info, host_list); 5580 list_del(&sdbg_host->host_list); 5581 } 5582 spin_unlock(&sdebug_host_list_lock); 5583 5584 if (!sdbg_host) 5585 return; 5586 5587 device_unregister(&sdbg_host->dev); 5588 --sdebug_add_host; 5589 } 5590 5591 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth) 5592 { 5593 int num_in_q = 0; 5594 struct sdebug_dev_info *devip; 5595 5596 block_unblock_all_queues(true); 5597 devip = (struct sdebug_dev_info *)sdev->hostdata; 5598 if (NULL == devip) { 5599 block_unblock_all_queues(false); 5600 return -ENODEV; 5601 } 5602 num_in_q = atomic_read(&devip->num_in_q); 5603 5604 if (qdepth < 1) 5605 qdepth = 1; 5606 /* allow to exceed max host qc_arr elements for testing */ 5607 if (qdepth > SDEBUG_CANQUEUE + 10) 5608 qdepth = SDEBUG_CANQUEUE + 10; 5609 scsi_change_queue_depth(sdev, qdepth); 5610 5611 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) { 5612 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n", 5613 __func__, qdepth, num_in_q); 5614 } 5615 block_unblock_all_queues(false); 5616 return sdev->queue_depth; 5617 } 5618 5619 static bool fake_timeout(struct scsi_cmnd *scp) 5620 { 5621 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) { 5622 if (sdebug_every_nth < -1) 5623 sdebug_every_nth = -1; 5624 if (SDEBUG_OPT_TIMEOUT & sdebug_opts) 5625 return true; /* ignore command causing timeout */ 5626 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts && 5627 scsi_medium_access_command(scp)) 5628 return true; /* time out reads and writes */ 5629 } 5630 return false; 5631 } 5632 5633 static bool fake_host_busy(struct scsi_cmnd *scp) 5634 { 5635 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) && 5636 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0; 5637 } 5638 5639 static int scsi_debug_queuecommand(struct Scsi_Host *shost, 5640 struct scsi_cmnd *scp) 5641 { 5642 u8 sdeb_i; 5643 struct scsi_device *sdp = scp->device; 5644 const struct opcode_info_t *oip; 5645 const struct opcode_info_t *r_oip; 5646 struct sdebug_dev_info *devip; 5647 u8 *cmd = scp->cmnd; 5648 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 5649 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL; 5650 int k, na; 5651 int errsts = 0; 5652 u32 flags; 5653 u16 sa; 5654 u8 opcode = cmd[0]; 5655 bool has_wlun_rl; 5656 5657 scsi_set_resid(scp, 0); 5658 if (sdebug_statistics) 5659 atomic_inc(&sdebug_cmnd_count); 5660 if (unlikely(sdebug_verbose && 5661 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) { 5662 char b[120]; 5663 int n, len, sb; 5664 5665 len = scp->cmd_len; 5666 sb = (int)sizeof(b); 5667 if (len > 32) 5668 strcpy(b, "too long, over 32 bytes"); 5669 else { 5670 for (k = 0, n = 0; k < len && n < sb; ++k) 5671 n += scnprintf(b + n, sb - n, "%02x ", 5672 (u32)cmd[k]); 5673 } 5674 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name, 5675 blk_mq_unique_tag(scp->request), b); 5676 } 5677 if (fake_host_busy(scp)) 5678 return SCSI_MLQUEUE_HOST_BUSY; 5679 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS); 5680 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl)) 5681 goto err_out; 5682 5683 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */ 5684 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */ 5685 devip = (struct sdebug_dev_info *)sdp->hostdata; 5686 if (unlikely(!devip)) { 5687 devip = find_build_dev_info(sdp); 5688 if (NULL == devip) 5689 goto err_out; 5690 } 5691 na = oip->num_attached; 5692 r_pfp = oip->pfp; 5693 if (na) { /* multiple commands with this opcode */ 5694 r_oip = oip; 5695 if (FF_SA & r_oip->flags) { 5696 if (F_SA_LOW & oip->flags) 5697 sa = 0x1f & cmd[1]; 5698 else 5699 sa = get_unaligned_be16(cmd + 8); 5700 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 5701 if (opcode == oip->opcode && sa == oip->sa) 5702 break; 5703 } 5704 } else { /* since no service action only check opcode */ 5705 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 5706 if (opcode == oip->opcode) 5707 break; 5708 } 5709 } 5710 if (k > na) { 5711 if (F_SA_LOW & r_oip->flags) 5712 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4); 5713 else if (F_SA_HIGH & r_oip->flags) 5714 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7); 5715 else 5716 mk_sense_invalid_opcode(scp); 5717 goto check_cond; 5718 } 5719 } /* else (when na==0) we assume the oip is a match */ 5720 flags = oip->flags; 5721 if (unlikely(F_INV_OP & flags)) { 5722 mk_sense_invalid_opcode(scp); 5723 goto check_cond; 5724 } 5725 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) { 5726 if (sdebug_verbose) 5727 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n", 5728 my_name, opcode, " supported for wlun"); 5729 mk_sense_invalid_opcode(scp); 5730 goto check_cond; 5731 } 5732 if (unlikely(sdebug_strict)) { /* check cdb against mask */ 5733 u8 rem; 5734 int j; 5735 5736 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) { 5737 rem = ~oip->len_mask[k] & cmd[k]; 5738 if (rem) { 5739 for (j = 7; j >= 0; --j, rem <<= 1) { 5740 if (0x80 & rem) 5741 break; 5742 } 5743 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j); 5744 goto check_cond; 5745 } 5746 } 5747 } 5748 if (unlikely(!(F_SKIP_UA & flags) && 5749 find_first_bit(devip->uas_bm, 5750 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) { 5751 errsts = make_ua(scp, devip); 5752 if (errsts) 5753 goto check_cond; 5754 } 5755 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) { 5756 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2); 5757 if (sdebug_verbose) 5758 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: " 5759 "%s\n", my_name, "initializing command " 5760 "required"); 5761 errsts = check_condition_result; 5762 goto fini; 5763 } 5764 if (sdebug_fake_rw && (F_FAKE_RW & flags)) 5765 goto fini; 5766 if (unlikely(sdebug_every_nth)) { 5767 if (fake_timeout(scp)) 5768 return 0; /* ignore command: make trouble */ 5769 } 5770 if (likely(oip->pfp)) 5771 pfp = oip->pfp; /* calls a resp_* function */ 5772 else 5773 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */ 5774 5775 fini: 5776 if (F_DELAY_OVERR & flags) 5777 return schedule_resp(scp, devip, errsts, pfp, 0, 0); 5778 else if ((sdebug_jdelay || sdebug_ndelay) && (flags & F_LONG_DELAY)) { 5779 /* 5780 * If any delay is active, want F_LONG_DELAY to be at least 1 5781 * second and if sdebug_jdelay>0 want a long delay of that 5782 * many seconds. 5783 */ 5784 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay; 5785 5786 jdelay = mult_frac(USER_HZ * jdelay, HZ, USER_HZ); 5787 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0); 5788 } else 5789 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay, 5790 sdebug_ndelay); 5791 check_cond: 5792 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0); 5793 err_out: 5794 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0); 5795 } 5796 5797 static struct scsi_host_template sdebug_driver_template = { 5798 .show_info = scsi_debug_show_info, 5799 .write_info = scsi_debug_write_info, 5800 .proc_name = sdebug_proc_name, 5801 .name = "SCSI DEBUG", 5802 .info = scsi_debug_info, 5803 .slave_alloc = scsi_debug_slave_alloc, 5804 .slave_configure = scsi_debug_slave_configure, 5805 .slave_destroy = scsi_debug_slave_destroy, 5806 .ioctl = scsi_debug_ioctl, 5807 .queuecommand = scsi_debug_queuecommand, 5808 .change_queue_depth = sdebug_change_qdepth, 5809 .eh_abort_handler = scsi_debug_abort, 5810 .eh_device_reset_handler = scsi_debug_device_reset, 5811 .eh_target_reset_handler = scsi_debug_target_reset, 5812 .eh_bus_reset_handler = scsi_debug_bus_reset, 5813 .eh_host_reset_handler = scsi_debug_host_reset, 5814 .can_queue = SDEBUG_CANQUEUE, 5815 .this_id = 7, 5816 .sg_tablesize = SG_MAX_SEGMENTS, 5817 .cmd_per_lun = DEF_CMD_PER_LUN, 5818 .max_sectors = -1U, 5819 .use_clustering = DISABLE_CLUSTERING, 5820 .module = THIS_MODULE, 5821 .track_queue_depth = 1, 5822 }; 5823 5824 static int sdebug_driver_probe(struct device *dev) 5825 { 5826 int error = 0; 5827 struct sdebug_host_info *sdbg_host; 5828 struct Scsi_Host *hpnt; 5829 int hprot; 5830 5831 sdbg_host = to_sdebug_host(dev); 5832 5833 sdebug_driver_template.can_queue = sdebug_max_queue; 5834 if (sdebug_clustering) 5835 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING; 5836 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host)); 5837 if (NULL == hpnt) { 5838 pr_err("scsi_host_alloc failed\n"); 5839 error = -ENODEV; 5840 return error; 5841 } 5842 if (submit_queues > nr_cpu_ids) { 5843 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n", 5844 my_name, submit_queues, nr_cpu_ids); 5845 submit_queues = nr_cpu_ids; 5846 } 5847 /* Decide whether to tell scsi subsystem that we want mq */ 5848 /* Following should give the same answer for each host */ 5849 if (shost_use_blk_mq(hpnt)) 5850 hpnt->nr_hw_queues = submit_queues; 5851 5852 sdbg_host->shost = hpnt; 5853 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host; 5854 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id)) 5855 hpnt->max_id = sdebug_num_tgts + 1; 5856 else 5857 hpnt->max_id = sdebug_num_tgts; 5858 /* = sdebug_max_luns; */ 5859 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 5860 5861 hprot = 0; 5862 5863 switch (sdebug_dif) { 5864 5865 case T10_PI_TYPE1_PROTECTION: 5866 hprot = SHOST_DIF_TYPE1_PROTECTION; 5867 if (sdebug_dix) 5868 hprot |= SHOST_DIX_TYPE1_PROTECTION; 5869 break; 5870 5871 case T10_PI_TYPE2_PROTECTION: 5872 hprot = SHOST_DIF_TYPE2_PROTECTION; 5873 if (sdebug_dix) 5874 hprot |= SHOST_DIX_TYPE2_PROTECTION; 5875 break; 5876 5877 case T10_PI_TYPE3_PROTECTION: 5878 hprot = SHOST_DIF_TYPE3_PROTECTION; 5879 if (sdebug_dix) 5880 hprot |= SHOST_DIX_TYPE3_PROTECTION; 5881 break; 5882 5883 default: 5884 if (sdebug_dix) 5885 hprot |= SHOST_DIX_TYPE0_PROTECTION; 5886 break; 5887 } 5888 5889 scsi_host_set_prot(hpnt, hprot); 5890 5891 if (have_dif_prot || sdebug_dix) 5892 pr_info("host protection%s%s%s%s%s%s%s\n", 5893 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "", 5894 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "", 5895 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "", 5896 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "", 5897 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "", 5898 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "", 5899 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : ""); 5900 5901 if (sdebug_guard == 1) 5902 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP); 5903 else 5904 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC); 5905 5906 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts); 5907 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts); 5908 if (sdebug_every_nth) /* need stats counters for every_nth */ 5909 sdebug_statistics = true; 5910 error = scsi_add_host(hpnt, &sdbg_host->dev); 5911 if (error) { 5912 pr_err("scsi_add_host failed\n"); 5913 error = -ENODEV; 5914 scsi_host_put(hpnt); 5915 } else 5916 scsi_scan_host(hpnt); 5917 5918 return error; 5919 } 5920 5921 static int sdebug_driver_remove(struct device *dev) 5922 { 5923 struct sdebug_host_info *sdbg_host; 5924 struct sdebug_dev_info *sdbg_devinfo, *tmp; 5925 5926 sdbg_host = to_sdebug_host(dev); 5927 5928 if (!sdbg_host) { 5929 pr_err("Unable to locate host info\n"); 5930 return -ENODEV; 5931 } 5932 5933 scsi_remove_host(sdbg_host->shost); 5934 5935 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 5936 dev_list) { 5937 list_del(&sdbg_devinfo->dev_list); 5938 kfree(sdbg_devinfo); 5939 } 5940 5941 scsi_host_put(sdbg_host->shost); 5942 return 0; 5943 } 5944 5945 static int pseudo_lld_bus_match(struct device *dev, 5946 struct device_driver *dev_driver) 5947 { 5948 return 1; 5949 } 5950 5951 static struct bus_type pseudo_lld_bus = { 5952 .name = "pseudo", 5953 .match = pseudo_lld_bus_match, 5954 .probe = sdebug_driver_probe, 5955 .remove = sdebug_driver_remove, 5956 .drv_groups = sdebug_drv_groups, 5957 }; 5958