1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 4 * Copyright (C) 1992 Eric Youngdale 5 * Simulate a host adapter with 2 disks attached. Do a lot of checking 6 * to make sure that we are not getting blocks mixed up, and PANIC if 7 * anything out of the ordinary is seen. 8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 9 * 10 * Copyright (C) 2001 - 2021 Douglas Gilbert 11 * 12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html 13 */ 14 15 16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__ 17 18 #include <linux/module.h> 19 #include <linux/align.h> 20 #include <linux/kernel.h> 21 #include <linux/errno.h> 22 #include <linux/jiffies.h> 23 #include <linux/slab.h> 24 #include <linux/types.h> 25 #include <linux/string.h> 26 #include <linux/fs.h> 27 #include <linux/init.h> 28 #include <linux/proc_fs.h> 29 #include <linux/vmalloc.h> 30 #include <linux/moduleparam.h> 31 #include <linux/scatterlist.h> 32 #include <linux/blkdev.h> 33 #include <linux/crc-t10dif.h> 34 #include <linux/spinlock.h> 35 #include <linux/interrupt.h> 36 #include <linux/atomic.h> 37 #include <linux/hrtimer.h> 38 #include <linux/uuid.h> 39 #include <linux/t10-pi.h> 40 #include <linux/msdos_partition.h> 41 #include <linux/random.h> 42 #include <linux/xarray.h> 43 #include <linux/prefetch.h> 44 45 #include <net/checksum.h> 46 47 #include <asm/unaligned.h> 48 49 #include <scsi/scsi.h> 50 #include <scsi/scsi_cmnd.h> 51 #include <scsi/scsi_device.h> 52 #include <scsi/scsi_host.h> 53 #include <scsi/scsicam.h> 54 #include <scsi/scsi_eh.h> 55 #include <scsi/scsi_tcq.h> 56 #include <scsi/scsi_dbg.h> 57 58 #include "sd.h" 59 #include "scsi_logging.h" 60 61 /* make sure inq_product_rev string corresponds to this version */ 62 #define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */ 63 static const char *sdebug_version_date = "20210520"; 64 65 #define MY_NAME "scsi_debug" 66 67 /* Additional Sense Code (ASC) */ 68 #define NO_ADDITIONAL_SENSE 0x0 69 #define LOGICAL_UNIT_NOT_READY 0x4 70 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8 71 #define UNRECOVERED_READ_ERR 0x11 72 #define PARAMETER_LIST_LENGTH_ERR 0x1a 73 #define INVALID_OPCODE 0x20 74 #define LBA_OUT_OF_RANGE 0x21 75 #define INVALID_FIELD_IN_CDB 0x24 76 #define INVALID_FIELD_IN_PARAM_LIST 0x26 77 #define WRITE_PROTECTED 0x27 78 #define UA_RESET_ASC 0x29 79 #define UA_CHANGED_ASC 0x2a 80 #define TARGET_CHANGED_ASC 0x3f 81 #define LUNS_CHANGED_ASCQ 0x0e 82 #define INSUFF_RES_ASC 0x55 83 #define INSUFF_RES_ASCQ 0x3 84 #define POWER_ON_RESET_ASCQ 0x0 85 #define POWER_ON_OCCURRED_ASCQ 0x1 86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */ 87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */ 88 #define CAPACITY_CHANGED_ASCQ 0x9 89 #define SAVING_PARAMS_UNSUP 0x39 90 #define TRANSPORT_PROBLEM 0x4b 91 #define THRESHOLD_EXCEEDED 0x5d 92 #define LOW_POWER_COND_ON 0x5e 93 #define MISCOMPARE_VERIFY_ASC 0x1d 94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */ 95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16 96 #define WRITE_ERROR_ASC 0xc 97 #define UNALIGNED_WRITE_ASCQ 0x4 98 #define WRITE_BOUNDARY_ASCQ 0x5 99 #define READ_INVDATA_ASCQ 0x6 100 #define READ_BOUNDARY_ASCQ 0x7 101 #define ATTEMPT_ACCESS_GAP 0x9 102 #define INSUFF_ZONE_ASCQ 0xe 103 104 /* Additional Sense Code Qualifier (ASCQ) */ 105 #define ACK_NAK_TO 0x3 106 107 /* Default values for driver parameters */ 108 #define DEF_NUM_HOST 1 109 #define DEF_NUM_TGTS 1 110 #define DEF_MAX_LUNS 1 111 /* With these defaults, this driver will make 1 host with 1 target 112 * (id 0) containing 1 logical unit (lun 0). That is 1 device. 113 */ 114 #define DEF_ATO 1 115 #define DEF_CDB_LEN 10 116 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */ 117 #define DEF_DEV_SIZE_PRE_INIT 0 118 #define DEF_DEV_SIZE_MB 8 119 #define DEF_ZBC_DEV_SIZE_MB 128 120 #define DEF_DIF 0 121 #define DEF_DIX 0 122 #define DEF_PER_HOST_STORE false 123 #define DEF_D_SENSE 0 124 #define DEF_EVERY_NTH 0 125 #define DEF_FAKE_RW 0 126 #define DEF_GUARD 0 127 #define DEF_HOST_LOCK 0 128 #define DEF_LBPU 0 129 #define DEF_LBPWS 0 130 #define DEF_LBPWS10 0 131 #define DEF_LBPRZ 1 132 #define DEF_LOWEST_ALIGNED 0 133 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */ 134 #define DEF_NO_LUN_0 0 135 #define DEF_NUM_PARTS 0 136 #define DEF_OPTS 0 137 #define DEF_OPT_BLKS 1024 138 #define DEF_PHYSBLK_EXP 0 139 #define DEF_OPT_XFERLEN_EXP 0 140 #define DEF_PTYPE TYPE_DISK 141 #define DEF_RANDOM false 142 #define DEF_REMOVABLE false 143 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */ 144 #define DEF_SECTOR_SIZE 512 145 #define DEF_UNMAP_ALIGNMENT 0 146 #define DEF_UNMAP_GRANULARITY 1 147 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF 148 #define DEF_UNMAP_MAX_DESC 256 149 #define DEF_VIRTUAL_GB 0 150 #define DEF_VPD_USE_HOSTNO 1 151 #define DEF_WRITESAME_LENGTH 0xFFFF 152 #define DEF_STRICT 0 153 #define DEF_STATISTICS false 154 #define DEF_SUBMIT_QUEUES 1 155 #define DEF_TUR_MS_TO_READY 0 156 #define DEF_UUID_CTL 0 157 #define JDELAY_OVERRIDDEN -9999 158 159 /* Default parameters for ZBC drives */ 160 #define DEF_ZBC_ZONE_SIZE_MB 128 161 #define DEF_ZBC_MAX_OPEN_ZONES 8 162 #define DEF_ZBC_NR_CONV_ZONES 1 163 164 #define SDEBUG_LUN_0_VAL 0 165 166 /* bit mask values for sdebug_opts */ 167 #define SDEBUG_OPT_NOISE 1 168 #define SDEBUG_OPT_MEDIUM_ERR 2 169 #define SDEBUG_OPT_TIMEOUT 4 170 #define SDEBUG_OPT_RECOVERED_ERR 8 171 #define SDEBUG_OPT_TRANSPORT_ERR 16 172 #define SDEBUG_OPT_DIF_ERR 32 173 #define SDEBUG_OPT_DIX_ERR 64 174 #define SDEBUG_OPT_MAC_TIMEOUT 128 175 #define SDEBUG_OPT_SHORT_TRANSFER 0x100 176 #define SDEBUG_OPT_Q_NOISE 0x200 177 #define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */ 178 #define SDEBUG_OPT_RARE_TSF 0x800 179 #define SDEBUG_OPT_N_WCE 0x1000 180 #define SDEBUG_OPT_RESET_NOISE 0x2000 181 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000 182 #define SDEBUG_OPT_HOST_BUSY 0x8000 183 #define SDEBUG_OPT_CMD_ABORT 0x10000 184 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \ 185 SDEBUG_OPT_RESET_NOISE) 186 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \ 187 SDEBUG_OPT_TRANSPORT_ERR | \ 188 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \ 189 SDEBUG_OPT_SHORT_TRANSFER | \ 190 SDEBUG_OPT_HOST_BUSY | \ 191 SDEBUG_OPT_CMD_ABORT) 192 #define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \ 193 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR) 194 195 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in 196 * priority order. In the subset implemented here lower numbers have higher 197 * priority. The UA numbers should be a sequence starting from 0 with 198 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */ 199 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */ 200 #define SDEBUG_UA_POOCCUR 1 /* Power on occurred */ 201 #define SDEBUG_UA_BUS_RESET 2 202 #define SDEBUG_UA_MODE_CHANGED 3 203 #define SDEBUG_UA_CAPACITY_CHANGED 4 204 #define SDEBUG_UA_LUNS_CHANGED 5 205 #define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */ 206 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7 207 #define SDEBUG_NUM_UAS 8 208 209 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this 210 * sector on read commands: */ 211 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */ 212 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */ 213 214 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued 215 * (for response) per submit queue at one time. Can be reduced by max_queue 216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The 217 * per-device DEF_CMD_PER_LUN can be changed via sysfs: 218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth 219 * but cannot exceed SDEBUG_CANQUEUE . 220 */ 221 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */ 222 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG) 223 #define DEF_CMD_PER_LUN SDEBUG_CANQUEUE 224 225 /* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */ 226 #define F_D_IN 1 /* Data-in command (e.g. READ) */ 227 #define F_D_OUT 2 /* Data-out command (e.g. WRITE) */ 228 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */ 229 #define F_D_UNKN 8 230 #define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */ 231 #define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */ 232 #define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */ 233 #define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */ 234 #define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */ 235 #define F_INV_OP 0x200 /* invalid opcode (not supported) */ 236 #define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */ 237 #define F_M_ACCESS 0x800 /* media access, reacts to SSU state */ 238 #define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */ 239 #define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */ 240 241 /* Useful combinations of the above flags */ 242 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR) 243 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW) 244 #define FF_SA (F_SA_HIGH | F_SA_LOW) 245 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY) 246 247 #define SDEBUG_MAX_PARTS 4 248 249 #define SDEBUG_MAX_CMD_LEN 32 250 251 #define SDEB_XA_NOT_IN_USE XA_MARK_1 252 253 static struct kmem_cache *queued_cmd_cache; 254 255 #define TO_QUEUED_CMD(scmd) ((void *)(scmd)->host_scribble) 256 #define ASSIGN_QUEUED_CMD(scmnd, qc) { (scmnd)->host_scribble = (void *) qc; } 257 258 /* Zone types (zbcr05 table 25) */ 259 enum sdebug_z_type { 260 ZBC_ZTYPE_CNV = 0x1, 261 ZBC_ZTYPE_SWR = 0x2, 262 ZBC_ZTYPE_SWP = 0x3, 263 /* ZBC_ZTYPE_SOBR = 0x4, */ 264 ZBC_ZTYPE_GAP = 0x5, 265 }; 266 267 /* enumeration names taken from table 26, zbcr05 */ 268 enum sdebug_z_cond { 269 ZBC_NOT_WRITE_POINTER = 0x0, 270 ZC1_EMPTY = 0x1, 271 ZC2_IMPLICIT_OPEN = 0x2, 272 ZC3_EXPLICIT_OPEN = 0x3, 273 ZC4_CLOSED = 0x4, 274 ZC6_READ_ONLY = 0xd, 275 ZC5_FULL = 0xe, 276 ZC7_OFFLINE = 0xf, 277 }; 278 279 struct sdeb_zone_state { /* ZBC: per zone state */ 280 enum sdebug_z_type z_type; 281 enum sdebug_z_cond z_cond; 282 bool z_non_seq_resource; 283 unsigned int z_size; 284 sector_t z_start; 285 sector_t z_wp; 286 }; 287 288 struct sdebug_dev_info { 289 struct list_head dev_list; 290 unsigned int channel; 291 unsigned int target; 292 u64 lun; 293 uuid_t lu_name; 294 struct sdebug_host_info *sdbg_host; 295 unsigned long uas_bm[1]; 296 atomic_t stopped; /* 1: by SSU, 2: device start */ 297 bool used; 298 299 /* For ZBC devices */ 300 enum blk_zoned_model zmodel; 301 unsigned int zcap; 302 unsigned int zsize; 303 unsigned int zsize_shift; 304 unsigned int nr_zones; 305 unsigned int nr_conv_zones; 306 unsigned int nr_seq_zones; 307 unsigned int nr_imp_open; 308 unsigned int nr_exp_open; 309 unsigned int nr_closed; 310 unsigned int max_open; 311 ktime_t create_ts; /* time since bootup that this device was created */ 312 struct sdeb_zone_state *zstate; 313 }; 314 315 struct sdebug_host_info { 316 struct list_head host_list; 317 int si_idx; /* sdeb_store_info (per host) xarray index */ 318 struct Scsi_Host *shost; 319 struct device dev; 320 struct list_head dev_info_list; 321 }; 322 323 /* There is an xarray of pointers to this struct's objects, one per host */ 324 struct sdeb_store_info { 325 rwlock_t macc_lck; /* for atomic media access on this store */ 326 u8 *storep; /* user data storage (ram) */ 327 struct t10_pi_tuple *dif_storep; /* protection info */ 328 void *map_storep; /* provisioning map */ 329 }; 330 331 #define dev_to_sdebug_host(d) \ 332 container_of(d, struct sdebug_host_info, dev) 333 334 #define shost_to_sdebug_host(shost) \ 335 dev_to_sdebug_host(shost->dma_dev) 336 337 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1, 338 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3}; 339 340 struct sdebug_defer { 341 struct hrtimer hrt; 342 struct execute_work ew; 343 ktime_t cmpl_ts;/* time since boot to complete this cmd */ 344 int issuing_cpu; 345 bool aborted; /* true when blk_abort_request() already called */ 346 enum sdeb_defer_type defer_t; 347 }; 348 349 struct sdebug_queued_cmd { 350 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue 351 * instance indicates this slot is in use. 352 */ 353 struct sdebug_defer sd_dp; 354 struct scsi_cmnd *scmd; 355 }; 356 357 struct sdebug_scsi_cmd { 358 spinlock_t lock; 359 }; 360 361 static atomic_t sdebug_cmnd_count; /* number of incoming commands */ 362 static atomic_t sdebug_completions; /* count of deferred completions */ 363 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */ 364 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */ 365 static atomic_t sdeb_inject_pending; 366 static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */ 367 368 struct opcode_info_t { 369 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */ 370 /* for terminating element */ 371 u8 opcode; /* if num_attached > 0, preferred */ 372 u16 sa; /* service action */ 373 u32 flags; /* OR-ed set of SDEB_F_* */ 374 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 375 const struct opcode_info_t *arrp; /* num_attached elements or NULL */ 376 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */ 377 /* 1 to min(cdb_len, 15); ignore cdb[15...] */ 378 }; 379 380 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */ 381 enum sdeb_opcode_index { 382 SDEB_I_INVALID_OPCODE = 0, 383 SDEB_I_INQUIRY = 1, 384 SDEB_I_REPORT_LUNS = 2, 385 SDEB_I_REQUEST_SENSE = 3, 386 SDEB_I_TEST_UNIT_READY = 4, 387 SDEB_I_MODE_SENSE = 5, /* 6, 10 */ 388 SDEB_I_MODE_SELECT = 6, /* 6, 10 */ 389 SDEB_I_LOG_SENSE = 7, 390 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */ 391 SDEB_I_READ = 9, /* 6, 10, 12, 16 */ 392 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */ 393 SDEB_I_START_STOP = 11, 394 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */ 395 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */ 396 SDEB_I_MAINT_IN = 14, 397 SDEB_I_MAINT_OUT = 15, 398 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */ 399 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */ 400 SDEB_I_RESERVE = 18, /* 6, 10 */ 401 SDEB_I_RELEASE = 19, /* 6, 10 */ 402 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */ 403 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */ 404 SDEB_I_ATA_PT = 22, /* 12, 16 */ 405 SDEB_I_SEND_DIAG = 23, 406 SDEB_I_UNMAP = 24, 407 SDEB_I_WRITE_BUFFER = 25, 408 SDEB_I_WRITE_SAME = 26, /* 10, 16 */ 409 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */ 410 SDEB_I_COMP_WRITE = 28, 411 SDEB_I_PRE_FETCH = 29, /* 10, 16 */ 412 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */ 413 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */ 414 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */ 415 }; 416 417 418 static const unsigned char opcode_ind_arr[256] = { 419 /* 0x0; 0x0->0x1f: 6 byte cdbs */ 420 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE, 421 0, 0, 0, 0, 422 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0, 423 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 424 SDEB_I_RELEASE, 425 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG, 426 SDEB_I_ALLOW_REMOVAL, 0, 427 /* 0x20; 0x20->0x3f: 10 byte cdbs */ 428 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0, 429 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY, 430 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0, 431 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0, 432 /* 0x40; 0x40->0x5f: 10 byte cdbs */ 433 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0, 434 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0, 435 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 436 SDEB_I_RELEASE, 437 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0, 438 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */ 439 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 440 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 441 0, SDEB_I_VARIABLE_LEN, 442 /* 0x80; 0x80->0x9f: 16 byte cdbs */ 443 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0, 444 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 445 0, 0, 0, SDEB_I_VERIFY, 446 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 447 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0, 448 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16, 449 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */ 450 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN, 451 SDEB_I_MAINT_OUT, 0, 0, 0, 452 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE, 453 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0, 454 0, 0, 0, 0, 0, 0, 0, 0, 455 0, 0, 0, 0, 0, 0, 0, 0, 456 /* 0xc0; 0xc0->0xff: vendor specific */ 457 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 458 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 459 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 460 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 461 }; 462 463 /* 464 * The following "response" functions return the SCSI mid-level's 4 byte 465 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster 466 * command completion, they can mask their return value with 467 * SDEG_RES_IMMED_MASK . 468 */ 469 #define SDEG_RES_IMMED_MASK 0x40000000 470 471 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *); 472 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *); 473 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *); 474 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 475 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *); 476 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 477 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *); 478 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 479 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 480 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *); 481 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *); 482 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *); 483 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *); 484 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *); 485 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *); 486 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *); 487 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *); 488 static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *); 489 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *); 490 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *); 491 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *); 492 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *); 493 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *); 494 static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *); 495 static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *); 496 static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 497 static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 498 static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 499 static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 500 501 static int sdebug_do_add_host(bool mk_new_store); 502 static int sdebug_add_host_helper(int per_host_idx); 503 static void sdebug_do_remove_host(bool the_end); 504 static int sdebug_add_store(void); 505 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip); 506 static void sdebug_erase_all_stores(bool apart_from_first); 507 508 static void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp); 509 510 /* 511 * The following are overflow arrays for cdbs that "hit" the same index in 512 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb 513 * should be placed in opcode_info_arr[], the others should be placed here. 514 */ 515 static const struct opcode_info_t msense_iarr[] = { 516 {0, 0x1a, 0, F_D_IN, NULL, NULL, 517 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 518 }; 519 520 static const struct opcode_info_t mselect_iarr[] = { 521 {0, 0x15, 0, F_D_OUT, NULL, NULL, 522 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 523 }; 524 525 static const struct opcode_info_t read_iarr[] = { 526 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */ 527 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 528 0, 0, 0, 0} }, 529 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */ 530 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 531 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */ 532 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 533 0xc7, 0, 0, 0, 0} }, 534 }; 535 536 static const struct opcode_info_t write_iarr[] = { 537 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */ 538 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 539 0, 0, 0, 0, 0, 0} }, 540 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */ 541 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 542 0, 0, 0} }, 543 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */ 544 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 545 0xbf, 0xc7, 0, 0, 0, 0} }, 546 }; 547 548 static const struct opcode_info_t verify_iarr[] = { 549 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */ 550 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7, 551 0, 0, 0, 0, 0, 0} }, 552 }; 553 554 static const struct opcode_info_t sa_in_16_iarr[] = { 555 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL, 556 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 557 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */ 558 }; 559 560 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */ 561 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0, 562 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa, 563 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */ 564 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 565 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8, 566 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */ 567 }; 568 569 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */ 570 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL, 571 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 572 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */ 573 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL, 574 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 575 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */ 576 }; 577 578 static const struct opcode_info_t write_same_iarr[] = { 579 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL, 580 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 581 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */ 582 }; 583 584 static const struct opcode_info_t reserve_iarr[] = { 585 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */ 586 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 587 }; 588 589 static const struct opcode_info_t release_iarr[] = { 590 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */ 591 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 592 }; 593 594 static const struct opcode_info_t sync_cache_iarr[] = { 595 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL, 596 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 597 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */ 598 }; 599 600 static const struct opcode_info_t pre_fetch_iarr[] = { 601 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL, 602 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 603 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */ 604 }; 605 606 static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */ 607 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL, 608 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 609 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */ 610 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL, 611 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 612 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */ 613 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL, 614 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 615 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */ 616 }; 617 618 static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */ 619 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL, 620 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 621 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */ 622 }; 623 624 625 /* This array is accessed via SDEB_I_* values. Make sure all are mapped, 626 * plus the terminating elements for logic that scans this table such as 627 * REPORT SUPPORTED OPERATION CODES. */ 628 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = { 629 /* 0 */ 630 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */ 631 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 632 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */ 633 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 634 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL, 635 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 636 0, 0} }, /* REPORT LUNS */ 637 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL, 638 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 639 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */ 640 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 641 /* 5 */ 642 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */ 643 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0, 644 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 645 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */ 646 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 647 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 648 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */ 649 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 650 0, 0, 0} }, 651 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */ 652 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0, 653 0, 0} }, 654 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */ 655 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 656 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 657 /* 10 */ 658 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO, 659 resp_write_dt0, write_iarr, /* WRITE(16) */ 660 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 661 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 662 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */ 663 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 664 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN, 665 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */ 666 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 667 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} }, 668 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 669 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff, 670 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */ 671 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN, 672 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */ 673 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 674 0xff, 0, 0xc7, 0, 0, 0, 0} }, 675 /* 15 */ 676 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */ 677 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 678 {ARRAY_SIZE(verify_iarr), 0x8f, 0, 679 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */ 680 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 681 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, 682 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO, 683 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */ 684 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff, 685 0xff, 0xff} }, 686 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT, 687 NULL, reserve_iarr, /* RESERVE(10) <no response function> */ 688 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 689 0} }, 690 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT, 691 NULL, release_iarr, /* RELEASE(10) <no response function> */ 692 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 693 0} }, 694 /* 20 */ 695 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */ 696 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 697 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */ 698 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 699 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */ 700 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 701 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */ 702 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 703 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */ 704 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 705 /* 25 */ 706 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL, 707 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 708 0, 0, 0, 0} }, /* WRITE_BUFFER */ 709 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, 710 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */ 711 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 712 0, 0, 0, 0, 0} }, 713 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS, 714 resp_sync_cache, sync_cache_iarr, 715 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 716 0, 0, 0, 0} }, /* SYNC_CACHE (10) */ 717 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL, 718 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0, 719 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */ 720 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO, 721 resp_pre_fetch, pre_fetch_iarr, 722 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 723 0, 0, 0, 0} }, /* PRE-FETCH (10) */ 724 725 /* 30 */ 726 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS, 727 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */ 728 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 729 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} }, 730 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS, 731 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */ 732 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 733 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} }, 734 /* sentinel */ 735 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */ 736 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 737 }; 738 739 static int sdebug_num_hosts; 740 static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */ 741 static int sdebug_ato = DEF_ATO; 742 static int sdebug_cdb_len = DEF_CDB_LEN; 743 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */ 744 static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT; 745 static int sdebug_dif = DEF_DIF; 746 static int sdebug_dix = DEF_DIX; 747 static int sdebug_dsense = DEF_D_SENSE; 748 static int sdebug_every_nth = DEF_EVERY_NTH; 749 static int sdebug_fake_rw = DEF_FAKE_RW; 750 static unsigned int sdebug_guard = DEF_GUARD; 751 static int sdebug_host_max_queue; /* per host */ 752 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED; 753 static int sdebug_max_luns = DEF_MAX_LUNS; 754 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */ 755 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR; 756 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM; 757 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */ 758 static int sdebug_no_lun_0 = DEF_NO_LUN_0; 759 static int sdebug_no_uld; 760 static int sdebug_num_parts = DEF_NUM_PARTS; 761 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */ 762 static int sdebug_opt_blks = DEF_OPT_BLKS; 763 static int sdebug_opts = DEF_OPTS; 764 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP; 765 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP; 766 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */ 767 static int sdebug_scsi_level = DEF_SCSI_LEVEL; 768 static int sdebug_sector_size = DEF_SECTOR_SIZE; 769 static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY; 770 static int sdebug_virtual_gb = DEF_VIRTUAL_GB; 771 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO; 772 static unsigned int sdebug_lbpu = DEF_LBPU; 773 static unsigned int sdebug_lbpws = DEF_LBPWS; 774 static unsigned int sdebug_lbpws10 = DEF_LBPWS10; 775 static unsigned int sdebug_lbprz = DEF_LBPRZ; 776 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT; 777 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY; 778 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS; 779 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC; 780 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH; 781 static int sdebug_uuid_ctl = DEF_UUID_CTL; 782 static bool sdebug_random = DEF_RANDOM; 783 static bool sdebug_per_host_store = DEF_PER_HOST_STORE; 784 static bool sdebug_removable = DEF_REMOVABLE; 785 static bool sdebug_clustering; 786 static bool sdebug_host_lock = DEF_HOST_LOCK; 787 static bool sdebug_strict = DEF_STRICT; 788 static bool sdebug_any_injecting_opt; 789 static bool sdebug_no_rwlock; 790 static bool sdebug_verbose; 791 static bool have_dif_prot; 792 static bool write_since_sync; 793 static bool sdebug_statistics = DEF_STATISTICS; 794 static bool sdebug_wp; 795 /* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */ 796 static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE; 797 static char *sdeb_zbc_model_s; 798 799 enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0, 800 SAM_LUN_AM_FLAT = 0x1, 801 SAM_LUN_AM_LOGICAL_UNIT = 0x2, 802 SAM_LUN_AM_EXTENDED = 0x3}; 803 static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL; 804 static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL; 805 806 static unsigned int sdebug_store_sectors; 807 static sector_t sdebug_capacity; /* in sectors */ 808 809 /* old BIOS stuff, kernel may get rid of them but some mode sense pages 810 may still need them */ 811 static int sdebug_heads; /* heads per disk */ 812 static int sdebug_cylinders_per; /* cylinders per surface */ 813 static int sdebug_sectors_per; /* sectors per cylinder */ 814 815 static LIST_HEAD(sdebug_host_list); 816 static DEFINE_MUTEX(sdebug_host_list_mutex); 817 818 static struct xarray per_store_arr; 819 static struct xarray *per_store_ap = &per_store_arr; 820 static int sdeb_first_idx = -1; /* invalid index ==> none created */ 821 static int sdeb_most_recent_idx = -1; 822 static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */ 823 824 static unsigned long map_size; 825 static int num_aborts; 826 static int num_dev_resets; 827 static int num_target_resets; 828 static int num_bus_resets; 829 static int num_host_resets; 830 static int dix_writes; 831 static int dix_reads; 832 static int dif_errors; 833 834 /* ZBC global data */ 835 static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */ 836 static int sdeb_zbc_zone_cap_mb; 837 static int sdeb_zbc_zone_size_mb; 838 static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES; 839 static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES; 840 841 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */ 842 static int poll_queues; /* iouring iopoll interface.*/ 843 844 static DEFINE_RWLOCK(atomic_rw); 845 static DEFINE_RWLOCK(atomic_rw2); 846 847 static rwlock_t *ramdisk_lck_a[2]; 848 849 static char sdebug_proc_name[] = MY_NAME; 850 static const char *my_name = MY_NAME; 851 852 static struct bus_type pseudo_lld_bus; 853 854 static struct device_driver sdebug_driverfs_driver = { 855 .name = sdebug_proc_name, 856 .bus = &pseudo_lld_bus, 857 }; 858 859 static const int check_condition_result = 860 SAM_STAT_CHECK_CONDITION; 861 862 static const int illegal_condition_result = 863 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION; 864 865 static const int device_qfull_result = 866 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL; 867 868 static const int condition_met_result = SAM_STAT_CONDITION_MET; 869 870 871 /* Only do the extra work involved in logical block provisioning if one or 872 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing 873 * real reads and writes (i.e. not skipping them for speed). 874 */ 875 static inline bool scsi_debug_lbp(void) 876 { 877 return 0 == sdebug_fake_rw && 878 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10); 879 } 880 881 static void *lba2fake_store(struct sdeb_store_info *sip, 882 unsigned long long lba) 883 { 884 struct sdeb_store_info *lsip = sip; 885 886 lba = do_div(lba, sdebug_store_sectors); 887 if (!sip || !sip->storep) { 888 WARN_ON_ONCE(true); 889 lsip = xa_load(per_store_ap, 0); /* should never be NULL */ 890 } 891 return lsip->storep + lba * sdebug_sector_size; 892 } 893 894 static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip, 895 sector_t sector) 896 { 897 sector = sector_div(sector, sdebug_store_sectors); 898 899 return sip->dif_storep + sector; 900 } 901 902 static void sdebug_max_tgts_luns(void) 903 { 904 struct sdebug_host_info *sdbg_host; 905 struct Scsi_Host *hpnt; 906 907 mutex_lock(&sdebug_host_list_mutex); 908 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 909 hpnt = sdbg_host->shost; 910 if ((hpnt->this_id >= 0) && 911 (sdebug_num_tgts > hpnt->this_id)) 912 hpnt->max_id = sdebug_num_tgts + 1; 913 else 914 hpnt->max_id = sdebug_num_tgts; 915 /* sdebug_max_luns; */ 916 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 917 } 918 mutex_unlock(&sdebug_host_list_mutex); 919 } 920 921 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1}; 922 923 /* Set in_bit to -1 to indicate no bit position of invalid field */ 924 static void mk_sense_invalid_fld(struct scsi_cmnd *scp, 925 enum sdeb_cmd_data c_d, 926 int in_byte, int in_bit) 927 { 928 unsigned char *sbuff; 929 u8 sks[4]; 930 int sl, asc; 931 932 sbuff = scp->sense_buffer; 933 if (!sbuff) { 934 sdev_printk(KERN_ERR, scp->device, 935 "%s: sense_buffer is NULL\n", __func__); 936 return; 937 } 938 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST; 939 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 940 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0); 941 memset(sks, 0, sizeof(sks)); 942 sks[0] = 0x80; 943 if (c_d) 944 sks[0] |= 0x40; 945 if (in_bit >= 0) { 946 sks[0] |= 0x8; 947 sks[0] |= 0x7 & in_bit; 948 } 949 put_unaligned_be16(in_byte, sks + 1); 950 if (sdebug_dsense) { 951 sl = sbuff[7] + 8; 952 sbuff[7] = sl; 953 sbuff[sl] = 0x2; 954 sbuff[sl + 1] = 0x6; 955 memcpy(sbuff + sl + 4, sks, 3); 956 } else 957 memcpy(sbuff + 15, sks, 3); 958 if (sdebug_verbose) 959 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq" 960 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n", 961 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit); 962 } 963 964 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq) 965 { 966 if (!scp->sense_buffer) { 967 sdev_printk(KERN_ERR, scp->device, 968 "%s: sense_buffer is NULL\n", __func__); 969 return; 970 } 971 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE); 972 973 scsi_build_sense(scp, sdebug_dsense, key, asc, asq); 974 975 if (sdebug_verbose) 976 sdev_printk(KERN_INFO, scp->device, 977 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n", 978 my_name, key, asc, asq); 979 } 980 981 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp) 982 { 983 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0); 984 } 985 986 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd, 987 void __user *arg) 988 { 989 if (sdebug_verbose) { 990 if (0x1261 == cmd) 991 sdev_printk(KERN_INFO, dev, 992 "%s: BLKFLSBUF [0x1261]\n", __func__); 993 else if (0x5331 == cmd) 994 sdev_printk(KERN_INFO, dev, 995 "%s: CDROM_GET_CAPABILITY [0x5331]\n", 996 __func__); 997 else 998 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n", 999 __func__, cmd); 1000 } 1001 return -EINVAL; 1002 /* return -ENOTTY; // correct return but upsets fdisk */ 1003 } 1004 1005 static void config_cdb_len(struct scsi_device *sdev) 1006 { 1007 switch (sdebug_cdb_len) { 1008 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */ 1009 sdev->use_10_for_rw = false; 1010 sdev->use_16_for_rw = false; 1011 sdev->use_10_for_ms = false; 1012 break; 1013 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */ 1014 sdev->use_10_for_rw = true; 1015 sdev->use_16_for_rw = false; 1016 sdev->use_10_for_ms = false; 1017 break; 1018 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */ 1019 sdev->use_10_for_rw = true; 1020 sdev->use_16_for_rw = false; 1021 sdev->use_10_for_ms = true; 1022 break; 1023 case 16: 1024 sdev->use_10_for_rw = false; 1025 sdev->use_16_for_rw = true; 1026 sdev->use_10_for_ms = true; 1027 break; 1028 case 32: /* No knobs to suggest this so same as 16 for now */ 1029 sdev->use_10_for_rw = false; 1030 sdev->use_16_for_rw = true; 1031 sdev->use_10_for_ms = true; 1032 break; 1033 default: 1034 pr_warn("unexpected cdb_len=%d, force to 10\n", 1035 sdebug_cdb_len); 1036 sdev->use_10_for_rw = true; 1037 sdev->use_16_for_rw = false; 1038 sdev->use_10_for_ms = false; 1039 sdebug_cdb_len = 10; 1040 break; 1041 } 1042 } 1043 1044 static void all_config_cdb_len(void) 1045 { 1046 struct sdebug_host_info *sdbg_host; 1047 struct Scsi_Host *shost; 1048 struct scsi_device *sdev; 1049 1050 mutex_lock(&sdebug_host_list_mutex); 1051 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 1052 shost = sdbg_host->shost; 1053 shost_for_each_device(sdev, shost) { 1054 config_cdb_len(sdev); 1055 } 1056 } 1057 mutex_unlock(&sdebug_host_list_mutex); 1058 } 1059 1060 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip) 1061 { 1062 struct sdebug_host_info *sdhp = devip->sdbg_host; 1063 struct sdebug_dev_info *dp; 1064 1065 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 1066 if ((devip->sdbg_host == dp->sdbg_host) && 1067 (devip->target == dp->target)) { 1068 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 1069 } 1070 } 1071 } 1072 1073 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1074 { 1075 int k; 1076 1077 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS); 1078 if (k != SDEBUG_NUM_UAS) { 1079 const char *cp = NULL; 1080 1081 switch (k) { 1082 case SDEBUG_UA_POR: 1083 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1084 POWER_ON_RESET_ASCQ); 1085 if (sdebug_verbose) 1086 cp = "power on reset"; 1087 break; 1088 case SDEBUG_UA_POOCCUR: 1089 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1090 POWER_ON_OCCURRED_ASCQ); 1091 if (sdebug_verbose) 1092 cp = "power on occurred"; 1093 break; 1094 case SDEBUG_UA_BUS_RESET: 1095 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1096 BUS_RESET_ASCQ); 1097 if (sdebug_verbose) 1098 cp = "bus reset"; 1099 break; 1100 case SDEBUG_UA_MODE_CHANGED: 1101 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 1102 MODE_CHANGED_ASCQ); 1103 if (sdebug_verbose) 1104 cp = "mode parameters changed"; 1105 break; 1106 case SDEBUG_UA_CAPACITY_CHANGED: 1107 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 1108 CAPACITY_CHANGED_ASCQ); 1109 if (sdebug_verbose) 1110 cp = "capacity data changed"; 1111 break; 1112 case SDEBUG_UA_MICROCODE_CHANGED: 1113 mk_sense_buffer(scp, UNIT_ATTENTION, 1114 TARGET_CHANGED_ASC, 1115 MICROCODE_CHANGED_ASCQ); 1116 if (sdebug_verbose) 1117 cp = "microcode has been changed"; 1118 break; 1119 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET: 1120 mk_sense_buffer(scp, UNIT_ATTENTION, 1121 TARGET_CHANGED_ASC, 1122 MICROCODE_CHANGED_WO_RESET_ASCQ); 1123 if (sdebug_verbose) 1124 cp = "microcode has been changed without reset"; 1125 break; 1126 case SDEBUG_UA_LUNS_CHANGED: 1127 /* 1128 * SPC-3 behavior is to report a UNIT ATTENTION with 1129 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN 1130 * on the target, until a REPORT LUNS command is 1131 * received. SPC-4 behavior is to report it only once. 1132 * NOTE: sdebug_scsi_level does not use the same 1133 * values as struct scsi_device->scsi_level. 1134 */ 1135 if (sdebug_scsi_level >= 6) /* SPC-4 and above */ 1136 clear_luns_changed_on_target(devip); 1137 mk_sense_buffer(scp, UNIT_ATTENTION, 1138 TARGET_CHANGED_ASC, 1139 LUNS_CHANGED_ASCQ); 1140 if (sdebug_verbose) 1141 cp = "reported luns data has changed"; 1142 break; 1143 default: 1144 pr_warn("unexpected unit attention code=%d\n", k); 1145 if (sdebug_verbose) 1146 cp = "unknown"; 1147 break; 1148 } 1149 clear_bit(k, devip->uas_bm); 1150 if (sdebug_verbose) 1151 sdev_printk(KERN_INFO, scp->device, 1152 "%s reports: Unit attention: %s\n", 1153 my_name, cp); 1154 return check_condition_result; 1155 } 1156 return 0; 1157 } 1158 1159 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */ 1160 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1161 int arr_len) 1162 { 1163 int act_len; 1164 struct scsi_data_buffer *sdb = &scp->sdb; 1165 1166 if (!sdb->length) 1167 return 0; 1168 if (scp->sc_data_direction != DMA_FROM_DEVICE) 1169 return DID_ERROR << 16; 1170 1171 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents, 1172 arr, arr_len); 1173 scsi_set_resid(scp, scsi_bufflen(scp) - act_len); 1174 1175 return 0; 1176 } 1177 1178 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else 1179 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple 1180 * calls, not required to write in ascending offset order. Assumes resid 1181 * set to scsi_bufflen() prior to any calls. 1182 */ 1183 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr, 1184 int arr_len, unsigned int off_dst) 1185 { 1186 unsigned int act_len, n; 1187 struct scsi_data_buffer *sdb = &scp->sdb; 1188 off_t skip = off_dst; 1189 1190 if (sdb->length <= off_dst) 1191 return 0; 1192 if (scp->sc_data_direction != DMA_FROM_DEVICE) 1193 return DID_ERROR << 16; 1194 1195 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents, 1196 arr, arr_len, skip); 1197 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n", 1198 __func__, off_dst, scsi_bufflen(scp), act_len, 1199 scsi_get_resid(scp)); 1200 n = scsi_bufflen(scp) - (off_dst + act_len); 1201 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n)); 1202 return 0; 1203 } 1204 1205 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into 1206 * 'arr' or -1 if error. 1207 */ 1208 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1209 int arr_len) 1210 { 1211 if (!scsi_bufflen(scp)) 1212 return 0; 1213 if (scp->sc_data_direction != DMA_TO_DEVICE) 1214 return -1; 1215 1216 return scsi_sg_copy_to_buffer(scp, arr, arr_len); 1217 } 1218 1219 1220 static char sdebug_inq_vendor_id[9] = "Linux "; 1221 static char sdebug_inq_product_id[17] = "scsi_debug "; 1222 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION; 1223 /* Use some locally assigned NAAs for SAS addresses. */ 1224 static const u64 naa3_comp_a = 0x3222222000000000ULL; 1225 static const u64 naa3_comp_b = 0x3333333000000000ULL; 1226 static const u64 naa3_comp_c = 0x3111111000000000ULL; 1227 1228 /* Device identification VPD page. Returns number of bytes placed in arr */ 1229 static int inquiry_vpd_83(unsigned char *arr, int port_group_id, 1230 int target_dev_id, int dev_id_num, 1231 const char *dev_id_str, int dev_id_str_len, 1232 const uuid_t *lu_name) 1233 { 1234 int num, port_a; 1235 char b[32]; 1236 1237 port_a = target_dev_id + 1; 1238 /* T10 vendor identifier field format (faked) */ 1239 arr[0] = 0x2; /* ASCII */ 1240 arr[1] = 0x1; 1241 arr[2] = 0x0; 1242 memcpy(&arr[4], sdebug_inq_vendor_id, 8); 1243 memcpy(&arr[12], sdebug_inq_product_id, 16); 1244 memcpy(&arr[28], dev_id_str, dev_id_str_len); 1245 num = 8 + 16 + dev_id_str_len; 1246 arr[3] = num; 1247 num += 4; 1248 if (dev_id_num >= 0) { 1249 if (sdebug_uuid_ctl) { 1250 /* Locally assigned UUID */ 1251 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1252 arr[num++] = 0xa; /* PIV=0, lu, naa */ 1253 arr[num++] = 0x0; 1254 arr[num++] = 0x12; 1255 arr[num++] = 0x10; /* uuid type=1, locally assigned */ 1256 arr[num++] = 0x0; 1257 memcpy(arr + num, lu_name, 16); 1258 num += 16; 1259 } else { 1260 /* NAA-3, Logical unit identifier (binary) */ 1261 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1262 arr[num++] = 0x3; /* PIV=0, lu, naa */ 1263 arr[num++] = 0x0; 1264 arr[num++] = 0x8; 1265 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num); 1266 num += 8; 1267 } 1268 /* Target relative port number */ 1269 arr[num++] = 0x61; /* proto=sas, binary */ 1270 arr[num++] = 0x94; /* PIV=1, target port, rel port */ 1271 arr[num++] = 0x0; /* reserved */ 1272 arr[num++] = 0x4; /* length */ 1273 arr[num++] = 0x0; /* reserved */ 1274 arr[num++] = 0x0; /* reserved */ 1275 arr[num++] = 0x0; 1276 arr[num++] = 0x1; /* relative port A */ 1277 } 1278 /* NAA-3, Target port identifier */ 1279 arr[num++] = 0x61; /* proto=sas, binary */ 1280 arr[num++] = 0x93; /* piv=1, target port, naa */ 1281 arr[num++] = 0x0; 1282 arr[num++] = 0x8; 1283 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1284 num += 8; 1285 /* NAA-3, Target port group identifier */ 1286 arr[num++] = 0x61; /* proto=sas, binary */ 1287 arr[num++] = 0x95; /* piv=1, target port group id */ 1288 arr[num++] = 0x0; 1289 arr[num++] = 0x4; 1290 arr[num++] = 0; 1291 arr[num++] = 0; 1292 put_unaligned_be16(port_group_id, arr + num); 1293 num += 2; 1294 /* NAA-3, Target device identifier */ 1295 arr[num++] = 0x61; /* proto=sas, binary */ 1296 arr[num++] = 0xa3; /* piv=1, target device, naa */ 1297 arr[num++] = 0x0; 1298 arr[num++] = 0x8; 1299 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num); 1300 num += 8; 1301 /* SCSI name string: Target device identifier */ 1302 arr[num++] = 0x63; /* proto=sas, UTF-8 */ 1303 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */ 1304 arr[num++] = 0x0; 1305 arr[num++] = 24; 1306 memcpy(arr + num, "naa.32222220", 12); 1307 num += 12; 1308 snprintf(b, sizeof(b), "%08X", target_dev_id); 1309 memcpy(arr + num, b, 8); 1310 num += 8; 1311 memset(arr + num, 0, 4); 1312 num += 4; 1313 return num; 1314 } 1315 1316 static unsigned char vpd84_data[] = { 1317 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0, 1318 0x22,0x22,0x22,0x0,0xbb,0x1, 1319 0x22,0x22,0x22,0x0,0xbb,0x2, 1320 }; 1321 1322 /* Software interface identification VPD page */ 1323 static int inquiry_vpd_84(unsigned char *arr) 1324 { 1325 memcpy(arr, vpd84_data, sizeof(vpd84_data)); 1326 return sizeof(vpd84_data); 1327 } 1328 1329 /* Management network addresses VPD page */ 1330 static int inquiry_vpd_85(unsigned char *arr) 1331 { 1332 int num = 0; 1333 const char *na1 = "https://www.kernel.org/config"; 1334 const char *na2 = "http://www.kernel.org/log"; 1335 int plen, olen; 1336 1337 arr[num++] = 0x1; /* lu, storage config */ 1338 arr[num++] = 0x0; /* reserved */ 1339 arr[num++] = 0x0; 1340 olen = strlen(na1); 1341 plen = olen + 1; 1342 if (plen % 4) 1343 plen = ((plen / 4) + 1) * 4; 1344 arr[num++] = plen; /* length, null termianted, padded */ 1345 memcpy(arr + num, na1, olen); 1346 memset(arr + num + olen, 0, plen - olen); 1347 num += plen; 1348 1349 arr[num++] = 0x4; /* lu, logging */ 1350 arr[num++] = 0x0; /* reserved */ 1351 arr[num++] = 0x0; 1352 olen = strlen(na2); 1353 plen = olen + 1; 1354 if (plen % 4) 1355 plen = ((plen / 4) + 1) * 4; 1356 arr[num++] = plen; /* length, null terminated, padded */ 1357 memcpy(arr + num, na2, olen); 1358 memset(arr + num + olen, 0, plen - olen); 1359 num += plen; 1360 1361 return num; 1362 } 1363 1364 /* SCSI ports VPD page */ 1365 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id) 1366 { 1367 int num = 0; 1368 int port_a, port_b; 1369 1370 port_a = target_dev_id + 1; 1371 port_b = port_a + 1; 1372 arr[num++] = 0x0; /* reserved */ 1373 arr[num++] = 0x0; /* reserved */ 1374 arr[num++] = 0x0; 1375 arr[num++] = 0x1; /* relative port 1 (primary) */ 1376 memset(arr + num, 0, 6); 1377 num += 6; 1378 arr[num++] = 0x0; 1379 arr[num++] = 12; /* length tp descriptor */ 1380 /* naa-5 target port identifier (A) */ 1381 arr[num++] = 0x61; /* proto=sas, binary */ 1382 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1383 arr[num++] = 0x0; /* reserved */ 1384 arr[num++] = 0x8; /* length */ 1385 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1386 num += 8; 1387 arr[num++] = 0x0; /* reserved */ 1388 arr[num++] = 0x0; /* reserved */ 1389 arr[num++] = 0x0; 1390 arr[num++] = 0x2; /* relative port 2 (secondary) */ 1391 memset(arr + num, 0, 6); 1392 num += 6; 1393 arr[num++] = 0x0; 1394 arr[num++] = 12; /* length tp descriptor */ 1395 /* naa-5 target port identifier (B) */ 1396 arr[num++] = 0x61; /* proto=sas, binary */ 1397 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1398 arr[num++] = 0x0; /* reserved */ 1399 arr[num++] = 0x8; /* length */ 1400 put_unaligned_be64(naa3_comp_a + port_b, arr + num); 1401 num += 8; 1402 1403 return num; 1404 } 1405 1406 1407 static unsigned char vpd89_data[] = { 1408 /* from 4th byte */ 0,0,0,0, 1409 'l','i','n','u','x',' ',' ',' ', 1410 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ', 1411 '1','2','3','4', 1412 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0, 1413 0xec,0,0,0, 1414 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0, 1415 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20, 1416 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33, 1417 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31, 1418 0x53,0x41, 1419 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1420 0x20,0x20, 1421 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1422 0x10,0x80, 1423 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0, 1424 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0, 1425 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0, 1426 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0, 1427 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40, 1428 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0, 1429 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0, 1430 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1431 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1432 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1433 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42, 1434 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8, 1435 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe, 1436 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0, 1437 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1438 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1439 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1440 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1441 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1442 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1443 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1444 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1445 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1446 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1447 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1448 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51, 1449 }; 1450 1451 /* ATA Information VPD page */ 1452 static int inquiry_vpd_89(unsigned char *arr) 1453 { 1454 memcpy(arr, vpd89_data, sizeof(vpd89_data)); 1455 return sizeof(vpd89_data); 1456 } 1457 1458 1459 static unsigned char vpdb0_data[] = { 1460 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64, 1461 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1462 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1463 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1464 }; 1465 1466 /* Block limits VPD page (SBC-3) */ 1467 static int inquiry_vpd_b0(unsigned char *arr) 1468 { 1469 unsigned int gran; 1470 1471 memcpy(arr, vpdb0_data, sizeof(vpdb0_data)); 1472 1473 /* Optimal transfer length granularity */ 1474 if (sdebug_opt_xferlen_exp != 0 && 1475 sdebug_physblk_exp < sdebug_opt_xferlen_exp) 1476 gran = 1 << sdebug_opt_xferlen_exp; 1477 else 1478 gran = 1 << sdebug_physblk_exp; 1479 put_unaligned_be16(gran, arr + 2); 1480 1481 /* Maximum Transfer Length */ 1482 if (sdebug_store_sectors > 0x400) 1483 put_unaligned_be32(sdebug_store_sectors, arr + 4); 1484 1485 /* Optimal Transfer Length */ 1486 put_unaligned_be32(sdebug_opt_blks, &arr[8]); 1487 1488 if (sdebug_lbpu) { 1489 /* Maximum Unmap LBA Count */ 1490 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]); 1491 1492 /* Maximum Unmap Block Descriptor Count */ 1493 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]); 1494 } 1495 1496 /* Unmap Granularity Alignment */ 1497 if (sdebug_unmap_alignment) { 1498 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]); 1499 arr[28] |= 0x80; /* UGAVALID */ 1500 } 1501 1502 /* Optimal Unmap Granularity */ 1503 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]); 1504 1505 /* Maximum WRITE SAME Length */ 1506 put_unaligned_be64(sdebug_write_same_length, &arr[32]); 1507 1508 return 0x3c; /* Mandatory page length for Logical Block Provisioning */ 1509 } 1510 1511 /* Block device characteristics VPD page (SBC-3) */ 1512 static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr) 1513 { 1514 memset(arr, 0, 0x3c); 1515 arr[0] = 0; 1516 arr[1] = 1; /* non rotating medium (e.g. solid state) */ 1517 arr[2] = 0; 1518 arr[3] = 5; /* less than 1.8" */ 1519 if (devip->zmodel == BLK_ZONED_HA) 1520 arr[4] = 1 << 4; /* zoned field = 01b */ 1521 1522 return 0x3c; 1523 } 1524 1525 /* Logical block provisioning VPD page (SBC-4) */ 1526 static int inquiry_vpd_b2(unsigned char *arr) 1527 { 1528 memset(arr, 0, 0x4); 1529 arr[0] = 0; /* threshold exponent */ 1530 if (sdebug_lbpu) 1531 arr[1] = 1 << 7; 1532 if (sdebug_lbpws) 1533 arr[1] |= 1 << 6; 1534 if (sdebug_lbpws10) 1535 arr[1] |= 1 << 5; 1536 if (sdebug_lbprz && scsi_debug_lbp()) 1537 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */ 1538 /* anc_sup=0; dp=0 (no provisioning group descriptor) */ 1539 /* minimum_percentage=0; provisioning_type=0 (unknown) */ 1540 /* threshold_percentage=0 */ 1541 return 0x4; 1542 } 1543 1544 /* Zoned block device characteristics VPD page (ZBC mandatory) */ 1545 static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr) 1546 { 1547 memset(arr, 0, 0x3c); 1548 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */ 1549 /* 1550 * Set Optimal number of open sequential write preferred zones and 1551 * Optimal number of non-sequentially written sequential write 1552 * preferred zones fields to 'not reported' (0xffffffff). Leave other 1553 * fields set to zero, apart from Max. number of open swrz_s field. 1554 */ 1555 put_unaligned_be32(0xffffffff, &arr[4]); 1556 put_unaligned_be32(0xffffffff, &arr[8]); 1557 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open) 1558 put_unaligned_be32(devip->max_open, &arr[12]); 1559 else 1560 put_unaligned_be32(0xffffffff, &arr[12]); 1561 if (devip->zcap < devip->zsize) { 1562 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET; 1563 put_unaligned_be64(devip->zsize, &arr[20]); 1564 } else { 1565 arr[19] = 0; 1566 } 1567 return 0x3c; 1568 } 1569 1570 #define SDEBUG_LONG_INQ_SZ 96 1571 #define SDEBUG_MAX_INQ_ARR_SZ 584 1572 1573 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1574 { 1575 unsigned char pq_pdt; 1576 unsigned char *arr; 1577 unsigned char *cmd = scp->cmnd; 1578 u32 alloc_len, n; 1579 int ret; 1580 bool have_wlun, is_disk, is_zbc, is_disk_zbc; 1581 1582 alloc_len = get_unaligned_be16(cmd + 3); 1583 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC); 1584 if (! arr) 1585 return DID_REQUEUE << 16; 1586 is_disk = (sdebug_ptype == TYPE_DISK); 1587 is_zbc = (devip->zmodel != BLK_ZONED_NONE); 1588 is_disk_zbc = (is_disk || is_zbc); 1589 have_wlun = scsi_is_wlun(scp->device->lun); 1590 if (have_wlun) 1591 pq_pdt = TYPE_WLUN; /* present, wlun */ 1592 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL)) 1593 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */ 1594 else 1595 pq_pdt = (sdebug_ptype & 0x1f); 1596 arr[0] = pq_pdt; 1597 if (0x2 & cmd[1]) { /* CMDDT bit set */ 1598 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1); 1599 kfree(arr); 1600 return check_condition_result; 1601 } else if (0x1 & cmd[1]) { /* EVPD bit set */ 1602 int lu_id_num, port_group_id, target_dev_id; 1603 u32 len; 1604 char lu_id_str[6]; 1605 int host_no = devip->sdbg_host->shost->host_no; 1606 1607 port_group_id = (((host_no + 1) & 0x7f) << 8) + 1608 (devip->channel & 0x7f); 1609 if (sdebug_vpd_use_hostno == 0) 1610 host_no = 0; 1611 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) + 1612 (devip->target * 1000) + devip->lun); 1613 target_dev_id = ((host_no + 1) * 2000) + 1614 (devip->target * 1000) - 3; 1615 len = scnprintf(lu_id_str, 6, "%d", lu_id_num); 1616 if (0 == cmd[2]) { /* supported vital product data pages */ 1617 arr[1] = cmd[2]; /*sanity */ 1618 n = 4; 1619 arr[n++] = 0x0; /* this page */ 1620 arr[n++] = 0x80; /* unit serial number */ 1621 arr[n++] = 0x83; /* device identification */ 1622 arr[n++] = 0x84; /* software interface ident. */ 1623 arr[n++] = 0x85; /* management network addresses */ 1624 arr[n++] = 0x86; /* extended inquiry */ 1625 arr[n++] = 0x87; /* mode page policy */ 1626 arr[n++] = 0x88; /* SCSI ports */ 1627 if (is_disk_zbc) { /* SBC or ZBC */ 1628 arr[n++] = 0x89; /* ATA information */ 1629 arr[n++] = 0xb0; /* Block limits */ 1630 arr[n++] = 0xb1; /* Block characteristics */ 1631 if (is_disk) 1632 arr[n++] = 0xb2; /* LB Provisioning */ 1633 if (is_zbc) 1634 arr[n++] = 0xb6; /* ZB dev. char. */ 1635 } 1636 arr[3] = n - 4; /* number of supported VPD pages */ 1637 } else if (0x80 == cmd[2]) { /* unit serial number */ 1638 arr[1] = cmd[2]; /*sanity */ 1639 arr[3] = len; 1640 memcpy(&arr[4], lu_id_str, len); 1641 } else if (0x83 == cmd[2]) { /* device identification */ 1642 arr[1] = cmd[2]; /*sanity */ 1643 arr[3] = inquiry_vpd_83(&arr[4], port_group_id, 1644 target_dev_id, lu_id_num, 1645 lu_id_str, len, 1646 &devip->lu_name); 1647 } else if (0x84 == cmd[2]) { /* Software interface ident. */ 1648 arr[1] = cmd[2]; /*sanity */ 1649 arr[3] = inquiry_vpd_84(&arr[4]); 1650 } else if (0x85 == cmd[2]) { /* Management network addresses */ 1651 arr[1] = cmd[2]; /*sanity */ 1652 arr[3] = inquiry_vpd_85(&arr[4]); 1653 } else if (0x86 == cmd[2]) { /* extended inquiry */ 1654 arr[1] = cmd[2]; /*sanity */ 1655 arr[3] = 0x3c; /* number of following entries */ 1656 if (sdebug_dif == T10_PI_TYPE3_PROTECTION) 1657 arr[4] = 0x4; /* SPT: GRD_CHK:1 */ 1658 else if (have_dif_prot) 1659 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */ 1660 else 1661 arr[4] = 0x0; /* no protection stuff */ 1662 arr[5] = 0x7; /* head of q, ordered + simple q's */ 1663 } else if (0x87 == cmd[2]) { /* mode page policy */ 1664 arr[1] = cmd[2]; /*sanity */ 1665 arr[3] = 0x8; /* number of following entries */ 1666 arr[4] = 0x2; /* disconnect-reconnect mp */ 1667 arr[6] = 0x80; /* mlus, shared */ 1668 arr[8] = 0x18; /* protocol specific lu */ 1669 arr[10] = 0x82; /* mlus, per initiator port */ 1670 } else if (0x88 == cmd[2]) { /* SCSI Ports */ 1671 arr[1] = cmd[2]; /*sanity */ 1672 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id); 1673 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */ 1674 arr[1] = cmd[2]; /*sanity */ 1675 n = inquiry_vpd_89(&arr[4]); 1676 put_unaligned_be16(n, arr + 2); 1677 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */ 1678 arr[1] = cmd[2]; /*sanity */ 1679 arr[3] = inquiry_vpd_b0(&arr[4]); 1680 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */ 1681 arr[1] = cmd[2]; /*sanity */ 1682 arr[3] = inquiry_vpd_b1(devip, &arr[4]); 1683 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */ 1684 arr[1] = cmd[2]; /*sanity */ 1685 arr[3] = inquiry_vpd_b2(&arr[4]); 1686 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */ 1687 arr[1] = cmd[2]; /*sanity */ 1688 arr[3] = inquiry_vpd_b6(devip, &arr[4]); 1689 } else { 1690 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 1691 kfree(arr); 1692 return check_condition_result; 1693 } 1694 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len); 1695 ret = fill_from_dev_buffer(scp, arr, 1696 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ)); 1697 kfree(arr); 1698 return ret; 1699 } 1700 /* drops through here for a standard inquiry */ 1701 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */ 1702 arr[2] = sdebug_scsi_level; 1703 arr[3] = 2; /* response_data_format==2 */ 1704 arr[4] = SDEBUG_LONG_INQ_SZ - 5; 1705 arr[5] = (int)have_dif_prot; /* PROTECT bit */ 1706 if (sdebug_vpd_use_hostno == 0) 1707 arr[5] |= 0x10; /* claim: implicit TPGS */ 1708 arr[6] = 0x10; /* claim: MultiP */ 1709 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */ 1710 arr[7] = 0xa; /* claim: LINKED + CMDQUE */ 1711 memcpy(&arr[8], sdebug_inq_vendor_id, 8); 1712 memcpy(&arr[16], sdebug_inq_product_id, 16); 1713 memcpy(&arr[32], sdebug_inq_product_rev, 4); 1714 /* Use Vendor Specific area to place driver date in ASCII hex */ 1715 memcpy(&arr[36], sdebug_version_date, 8); 1716 /* version descriptors (2 bytes each) follow */ 1717 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */ 1718 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */ 1719 n = 62; 1720 if (is_disk) { /* SBC-4 no version claimed */ 1721 put_unaligned_be16(0x600, arr + n); 1722 n += 2; 1723 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */ 1724 put_unaligned_be16(0x525, arr + n); 1725 n += 2; 1726 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */ 1727 put_unaligned_be16(0x624, arr + n); 1728 n += 2; 1729 } 1730 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */ 1731 ret = fill_from_dev_buffer(scp, arr, 1732 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ)); 1733 kfree(arr); 1734 return ret; 1735 } 1736 1737 /* See resp_iec_m_pg() for how this data is manipulated */ 1738 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 1739 0, 0, 0x0, 0x0}; 1740 1741 static int resp_requests(struct scsi_cmnd *scp, 1742 struct sdebug_dev_info *devip) 1743 { 1744 unsigned char *cmd = scp->cmnd; 1745 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */ 1746 bool dsense = !!(cmd[1] & 1); 1747 u32 alloc_len = cmd[4]; 1748 u32 len = 18; 1749 int stopped_state = atomic_read(&devip->stopped); 1750 1751 memset(arr, 0, sizeof(arr)); 1752 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */ 1753 if (dsense) { 1754 arr[0] = 0x72; 1755 arr[1] = NOT_READY; 1756 arr[2] = LOGICAL_UNIT_NOT_READY; 1757 arr[3] = (stopped_state == 2) ? 0x1 : 0x2; 1758 len = 8; 1759 } else { 1760 arr[0] = 0x70; 1761 arr[2] = NOT_READY; /* NO_SENSE in sense_key */ 1762 arr[7] = 0xa; /* 18 byte sense buffer */ 1763 arr[12] = LOGICAL_UNIT_NOT_READY; 1764 arr[13] = (stopped_state == 2) ? 0x1 : 0x2; 1765 } 1766 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) { 1767 /* Information exceptions control mode page: TEST=1, MRIE=6 */ 1768 if (dsense) { 1769 arr[0] = 0x72; 1770 arr[1] = 0x0; /* NO_SENSE in sense_key */ 1771 arr[2] = THRESHOLD_EXCEEDED; 1772 arr[3] = 0xff; /* Failure prediction(false) */ 1773 len = 8; 1774 } else { 1775 arr[0] = 0x70; 1776 arr[2] = 0x0; /* NO_SENSE in sense_key */ 1777 arr[7] = 0xa; /* 18 byte sense buffer */ 1778 arr[12] = THRESHOLD_EXCEEDED; 1779 arr[13] = 0xff; /* Failure prediction(false) */ 1780 } 1781 } else { /* nothing to report */ 1782 if (dsense) { 1783 len = 8; 1784 memset(arr, 0, len); 1785 arr[0] = 0x72; 1786 } else { 1787 memset(arr, 0, len); 1788 arr[0] = 0x70; 1789 arr[7] = 0xa; 1790 } 1791 } 1792 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len)); 1793 } 1794 1795 static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1796 { 1797 unsigned char *cmd = scp->cmnd; 1798 int power_cond, want_stop, stopped_state; 1799 bool changing; 1800 1801 power_cond = (cmd[4] & 0xf0) >> 4; 1802 if (power_cond) { 1803 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7); 1804 return check_condition_result; 1805 } 1806 want_stop = !(cmd[4] & 1); 1807 stopped_state = atomic_read(&devip->stopped); 1808 if (stopped_state == 2) { 1809 ktime_t now_ts = ktime_get_boottime(); 1810 1811 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) { 1812 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts)); 1813 1814 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) { 1815 /* tur_ms_to_ready timer extinguished */ 1816 atomic_set(&devip->stopped, 0); 1817 stopped_state = 0; 1818 } 1819 } 1820 if (stopped_state == 2) { 1821 if (want_stop) { 1822 stopped_state = 1; /* dummy up success */ 1823 } else { /* Disallow tur_ms_to_ready delay to be overridden */ 1824 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */); 1825 return check_condition_result; 1826 } 1827 } 1828 } 1829 changing = (stopped_state != want_stop); 1830 if (changing) 1831 atomic_xchg(&devip->stopped, want_stop); 1832 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */ 1833 return SDEG_RES_IMMED_MASK; 1834 else 1835 return 0; 1836 } 1837 1838 static sector_t get_sdebug_capacity(void) 1839 { 1840 static const unsigned int gibibyte = 1073741824; 1841 1842 if (sdebug_virtual_gb > 0) 1843 return (sector_t)sdebug_virtual_gb * 1844 (gibibyte / sdebug_sector_size); 1845 else 1846 return sdebug_store_sectors; 1847 } 1848 1849 #define SDEBUG_READCAP_ARR_SZ 8 1850 static int resp_readcap(struct scsi_cmnd *scp, 1851 struct sdebug_dev_info *devip) 1852 { 1853 unsigned char arr[SDEBUG_READCAP_ARR_SZ]; 1854 unsigned int capac; 1855 1856 /* following just in case virtual_gb changed */ 1857 sdebug_capacity = get_sdebug_capacity(); 1858 memset(arr, 0, SDEBUG_READCAP_ARR_SZ); 1859 if (sdebug_capacity < 0xffffffff) { 1860 capac = (unsigned int)sdebug_capacity - 1; 1861 put_unaligned_be32(capac, arr + 0); 1862 } else 1863 put_unaligned_be32(0xffffffff, arr + 0); 1864 put_unaligned_be16(sdebug_sector_size, arr + 6); 1865 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ); 1866 } 1867 1868 #define SDEBUG_READCAP16_ARR_SZ 32 1869 static int resp_readcap16(struct scsi_cmnd *scp, 1870 struct sdebug_dev_info *devip) 1871 { 1872 unsigned char *cmd = scp->cmnd; 1873 unsigned char arr[SDEBUG_READCAP16_ARR_SZ]; 1874 u32 alloc_len; 1875 1876 alloc_len = get_unaligned_be32(cmd + 10); 1877 /* following just in case virtual_gb changed */ 1878 sdebug_capacity = get_sdebug_capacity(); 1879 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ); 1880 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0); 1881 put_unaligned_be32(sdebug_sector_size, arr + 8); 1882 arr[13] = sdebug_physblk_exp & 0xf; 1883 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f; 1884 1885 if (scsi_debug_lbp()) { 1886 arr[14] |= 0x80; /* LBPME */ 1887 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in 1888 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2 1889 * in the wider field maps to 0 in this field. 1890 */ 1891 if (sdebug_lbprz & 1) /* precisely what the draft requires */ 1892 arr[14] |= 0x40; 1893 } 1894 1895 /* 1896 * Since the scsi_debug READ CAPACITY implementation always reports the 1897 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices. 1898 */ 1899 if (devip->zmodel == BLK_ZONED_HM) 1900 arr[12] |= 1 << 4; 1901 1902 arr[15] = sdebug_lowest_aligned & 0xff; 1903 1904 if (have_dif_prot) { 1905 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */ 1906 arr[12] |= 1; /* PROT_EN */ 1907 } 1908 1909 return fill_from_dev_buffer(scp, arr, 1910 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ)); 1911 } 1912 1913 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412 1914 1915 static int resp_report_tgtpgs(struct scsi_cmnd *scp, 1916 struct sdebug_dev_info *devip) 1917 { 1918 unsigned char *cmd = scp->cmnd; 1919 unsigned char *arr; 1920 int host_no = devip->sdbg_host->shost->host_no; 1921 int port_group_a, port_group_b, port_a, port_b; 1922 u32 alen, n, rlen; 1923 int ret; 1924 1925 alen = get_unaligned_be32(cmd + 6); 1926 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC); 1927 if (! arr) 1928 return DID_REQUEUE << 16; 1929 /* 1930 * EVPD page 0x88 states we have two ports, one 1931 * real and a fake port with no device connected. 1932 * So we create two port groups with one port each 1933 * and set the group with port B to unavailable. 1934 */ 1935 port_a = 0x1; /* relative port A */ 1936 port_b = 0x2; /* relative port B */ 1937 port_group_a = (((host_no + 1) & 0x7f) << 8) + 1938 (devip->channel & 0x7f); 1939 port_group_b = (((host_no + 1) & 0x7f) << 8) + 1940 (devip->channel & 0x7f) + 0x80; 1941 1942 /* 1943 * The asymmetric access state is cycled according to the host_id. 1944 */ 1945 n = 4; 1946 if (sdebug_vpd_use_hostno == 0) { 1947 arr[n++] = host_no % 3; /* Asymm access state */ 1948 arr[n++] = 0x0F; /* claim: all states are supported */ 1949 } else { 1950 arr[n++] = 0x0; /* Active/Optimized path */ 1951 arr[n++] = 0x01; /* only support active/optimized paths */ 1952 } 1953 put_unaligned_be16(port_group_a, arr + n); 1954 n += 2; 1955 arr[n++] = 0; /* Reserved */ 1956 arr[n++] = 0; /* Status code */ 1957 arr[n++] = 0; /* Vendor unique */ 1958 arr[n++] = 0x1; /* One port per group */ 1959 arr[n++] = 0; /* Reserved */ 1960 arr[n++] = 0; /* Reserved */ 1961 put_unaligned_be16(port_a, arr + n); 1962 n += 2; 1963 arr[n++] = 3; /* Port unavailable */ 1964 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */ 1965 put_unaligned_be16(port_group_b, arr + n); 1966 n += 2; 1967 arr[n++] = 0; /* Reserved */ 1968 arr[n++] = 0; /* Status code */ 1969 arr[n++] = 0; /* Vendor unique */ 1970 arr[n++] = 0x1; /* One port per group */ 1971 arr[n++] = 0; /* Reserved */ 1972 arr[n++] = 0; /* Reserved */ 1973 put_unaligned_be16(port_b, arr + n); 1974 n += 2; 1975 1976 rlen = n - 4; 1977 put_unaligned_be32(rlen, arr + 0); 1978 1979 /* 1980 * Return the smallest value of either 1981 * - The allocated length 1982 * - The constructed command length 1983 * - The maximum array size 1984 */ 1985 rlen = min(alen, n); 1986 ret = fill_from_dev_buffer(scp, arr, 1987 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ)); 1988 kfree(arr); 1989 return ret; 1990 } 1991 1992 static int resp_rsup_opcodes(struct scsi_cmnd *scp, 1993 struct sdebug_dev_info *devip) 1994 { 1995 bool rctd; 1996 u8 reporting_opts, req_opcode, sdeb_i, supp; 1997 u16 req_sa, u; 1998 u32 alloc_len, a_len; 1999 int k, offset, len, errsts, count, bump, na; 2000 const struct opcode_info_t *oip; 2001 const struct opcode_info_t *r_oip; 2002 u8 *arr; 2003 u8 *cmd = scp->cmnd; 2004 2005 rctd = !!(cmd[2] & 0x80); 2006 reporting_opts = cmd[2] & 0x7; 2007 req_opcode = cmd[3]; 2008 req_sa = get_unaligned_be16(cmd + 4); 2009 alloc_len = get_unaligned_be32(cmd + 6); 2010 if (alloc_len < 4 || alloc_len > 0xffff) { 2011 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 2012 return check_condition_result; 2013 } 2014 if (alloc_len > 8192) 2015 a_len = 8192; 2016 else 2017 a_len = alloc_len; 2018 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC); 2019 if (NULL == arr) { 2020 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 2021 INSUFF_RES_ASCQ); 2022 return check_condition_result; 2023 } 2024 switch (reporting_opts) { 2025 case 0: /* all commands */ 2026 /* count number of commands */ 2027 for (count = 0, oip = opcode_info_arr; 2028 oip->num_attached != 0xff; ++oip) { 2029 if (F_INV_OP & oip->flags) 2030 continue; 2031 count += (oip->num_attached + 1); 2032 } 2033 bump = rctd ? 20 : 8; 2034 put_unaligned_be32(count * bump, arr); 2035 for (offset = 4, oip = opcode_info_arr; 2036 oip->num_attached != 0xff && offset < a_len; ++oip) { 2037 if (F_INV_OP & oip->flags) 2038 continue; 2039 na = oip->num_attached; 2040 arr[offset] = oip->opcode; 2041 put_unaligned_be16(oip->sa, arr + offset + 2); 2042 if (rctd) 2043 arr[offset + 5] |= 0x2; 2044 if (FF_SA & oip->flags) 2045 arr[offset + 5] |= 0x1; 2046 put_unaligned_be16(oip->len_mask[0], arr + offset + 6); 2047 if (rctd) 2048 put_unaligned_be16(0xa, arr + offset + 8); 2049 r_oip = oip; 2050 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) { 2051 if (F_INV_OP & oip->flags) 2052 continue; 2053 offset += bump; 2054 arr[offset] = oip->opcode; 2055 put_unaligned_be16(oip->sa, arr + offset + 2); 2056 if (rctd) 2057 arr[offset + 5] |= 0x2; 2058 if (FF_SA & oip->flags) 2059 arr[offset + 5] |= 0x1; 2060 put_unaligned_be16(oip->len_mask[0], 2061 arr + offset + 6); 2062 if (rctd) 2063 put_unaligned_be16(0xa, 2064 arr + offset + 8); 2065 } 2066 oip = r_oip; 2067 offset += bump; 2068 } 2069 break; 2070 case 1: /* one command: opcode only */ 2071 case 2: /* one command: opcode plus service action */ 2072 case 3: /* one command: if sa==0 then opcode only else opcode+sa */ 2073 sdeb_i = opcode_ind_arr[req_opcode]; 2074 oip = &opcode_info_arr[sdeb_i]; 2075 if (F_INV_OP & oip->flags) { 2076 supp = 1; 2077 offset = 4; 2078 } else { 2079 if (1 == reporting_opts) { 2080 if (FF_SA & oip->flags) { 2081 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2082 2, 2); 2083 kfree(arr); 2084 return check_condition_result; 2085 } 2086 req_sa = 0; 2087 } else if (2 == reporting_opts && 2088 0 == (FF_SA & oip->flags)) { 2089 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1); 2090 kfree(arr); /* point at requested sa */ 2091 return check_condition_result; 2092 } 2093 if (0 == (FF_SA & oip->flags) && 2094 req_opcode == oip->opcode) 2095 supp = 3; 2096 else if (0 == (FF_SA & oip->flags)) { 2097 na = oip->num_attached; 2098 for (k = 0, oip = oip->arrp; k < na; 2099 ++k, ++oip) { 2100 if (req_opcode == oip->opcode) 2101 break; 2102 } 2103 supp = (k >= na) ? 1 : 3; 2104 } else if (req_sa != oip->sa) { 2105 na = oip->num_attached; 2106 for (k = 0, oip = oip->arrp; k < na; 2107 ++k, ++oip) { 2108 if (req_sa == oip->sa) 2109 break; 2110 } 2111 supp = (k >= na) ? 1 : 3; 2112 } else 2113 supp = 3; 2114 if (3 == supp) { 2115 u = oip->len_mask[0]; 2116 put_unaligned_be16(u, arr + 2); 2117 arr[4] = oip->opcode; 2118 for (k = 1; k < u; ++k) 2119 arr[4 + k] = (k < 16) ? 2120 oip->len_mask[k] : 0xff; 2121 offset = 4 + u; 2122 } else 2123 offset = 4; 2124 } 2125 arr[1] = (rctd ? 0x80 : 0) | supp; 2126 if (rctd) { 2127 put_unaligned_be16(0xa, arr + offset); 2128 offset += 12; 2129 } 2130 break; 2131 default: 2132 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 2133 kfree(arr); 2134 return check_condition_result; 2135 } 2136 offset = (offset < a_len) ? offset : a_len; 2137 len = (offset < alloc_len) ? offset : alloc_len; 2138 errsts = fill_from_dev_buffer(scp, arr, len); 2139 kfree(arr); 2140 return errsts; 2141 } 2142 2143 static int resp_rsup_tmfs(struct scsi_cmnd *scp, 2144 struct sdebug_dev_info *devip) 2145 { 2146 bool repd; 2147 u32 alloc_len, len; 2148 u8 arr[16]; 2149 u8 *cmd = scp->cmnd; 2150 2151 memset(arr, 0, sizeof(arr)); 2152 repd = !!(cmd[2] & 0x80); 2153 alloc_len = get_unaligned_be32(cmd + 6); 2154 if (alloc_len < 4) { 2155 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 2156 return check_condition_result; 2157 } 2158 arr[0] = 0xc8; /* ATS | ATSS | LURS */ 2159 arr[1] = 0x1; /* ITNRS */ 2160 if (repd) { 2161 arr[3] = 0xc; 2162 len = 16; 2163 } else 2164 len = 4; 2165 2166 len = (len < alloc_len) ? len : alloc_len; 2167 return fill_from_dev_buffer(scp, arr, len); 2168 } 2169 2170 /* <<Following mode page info copied from ST318451LW>> */ 2171 2172 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target) 2173 { /* Read-Write Error Recovery page for mode_sense */ 2174 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0, 2175 5, 0, 0xff, 0xff}; 2176 2177 memcpy(p, err_recov_pg, sizeof(err_recov_pg)); 2178 if (1 == pcontrol) 2179 memset(p + 2, 0, sizeof(err_recov_pg) - 2); 2180 return sizeof(err_recov_pg); 2181 } 2182 2183 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target) 2184 { /* Disconnect-Reconnect page for mode_sense */ 2185 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0, 2186 0, 0, 0, 0, 0, 0, 0, 0}; 2187 2188 memcpy(p, disconnect_pg, sizeof(disconnect_pg)); 2189 if (1 == pcontrol) 2190 memset(p + 2, 0, sizeof(disconnect_pg) - 2); 2191 return sizeof(disconnect_pg); 2192 } 2193 2194 static int resp_format_pg(unsigned char *p, int pcontrol, int target) 2195 { /* Format device page for mode_sense */ 2196 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0, 2197 0, 0, 0, 0, 0, 0, 0, 0, 2198 0, 0, 0, 0, 0x40, 0, 0, 0}; 2199 2200 memcpy(p, format_pg, sizeof(format_pg)); 2201 put_unaligned_be16(sdebug_sectors_per, p + 10); 2202 put_unaligned_be16(sdebug_sector_size, p + 12); 2203 if (sdebug_removable) 2204 p[20] |= 0x20; /* should agree with INQUIRY */ 2205 if (1 == pcontrol) 2206 memset(p + 2, 0, sizeof(format_pg) - 2); 2207 return sizeof(format_pg); 2208 } 2209 2210 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 2211 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 2212 0, 0, 0, 0}; 2213 2214 static int resp_caching_pg(unsigned char *p, int pcontrol, int target) 2215 { /* Caching page for mode_sense */ 2216 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0, 2217 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; 2218 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 2219 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0}; 2220 2221 if (SDEBUG_OPT_N_WCE & sdebug_opts) 2222 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */ 2223 memcpy(p, caching_pg, sizeof(caching_pg)); 2224 if (1 == pcontrol) 2225 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg)); 2226 else if (2 == pcontrol) 2227 memcpy(p, d_caching_pg, sizeof(d_caching_pg)); 2228 return sizeof(caching_pg); 2229 } 2230 2231 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2232 0, 0, 0x2, 0x4b}; 2233 2234 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target) 2235 { /* Control mode page for mode_sense */ 2236 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0, 2237 0, 0, 0, 0}; 2238 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2239 0, 0, 0x2, 0x4b}; 2240 2241 if (sdebug_dsense) 2242 ctrl_m_pg[2] |= 0x4; 2243 else 2244 ctrl_m_pg[2] &= ~0x4; 2245 2246 if (sdebug_ato) 2247 ctrl_m_pg[5] |= 0x80; /* ATO=1 */ 2248 2249 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg)); 2250 if (1 == pcontrol) 2251 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg)); 2252 else if (2 == pcontrol) 2253 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg)); 2254 return sizeof(ctrl_m_pg); 2255 } 2256 2257 2258 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target) 2259 { /* Informational Exceptions control mode page for mode_sense */ 2260 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0, 2261 0, 0, 0x0, 0x0}; 2262 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 2263 0, 0, 0x0, 0x0}; 2264 2265 memcpy(p, iec_m_pg, sizeof(iec_m_pg)); 2266 if (1 == pcontrol) 2267 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg)); 2268 else if (2 == pcontrol) 2269 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg)); 2270 return sizeof(iec_m_pg); 2271 } 2272 2273 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target) 2274 { /* SAS SSP mode page - short format for mode_sense */ 2275 unsigned char sas_sf_m_pg[] = {0x19, 0x6, 2276 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0}; 2277 2278 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg)); 2279 if (1 == pcontrol) 2280 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2); 2281 return sizeof(sas_sf_m_pg); 2282 } 2283 2284 2285 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target, 2286 int target_dev_id) 2287 { /* SAS phy control and discover mode page for mode_sense */ 2288 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2, 2289 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0, 2290 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2291 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2292 0x2, 0, 0, 0, 0, 0, 0, 0, 2293 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2294 0, 0, 0, 0, 0, 0, 0, 0, 2295 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0, 2296 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2297 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2298 0x3, 0, 0, 0, 0, 0, 0, 0, 2299 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2300 0, 0, 0, 0, 0, 0, 0, 0, 2301 }; 2302 int port_a, port_b; 2303 2304 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16); 2305 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24); 2306 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64); 2307 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72); 2308 port_a = target_dev_id + 1; 2309 port_b = port_a + 1; 2310 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg)); 2311 put_unaligned_be32(port_a, p + 20); 2312 put_unaligned_be32(port_b, p + 48 + 20); 2313 if (1 == pcontrol) 2314 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4); 2315 return sizeof(sas_pcd_m_pg); 2316 } 2317 2318 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol) 2319 { /* SAS SSP shared protocol specific port mode subpage */ 2320 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0, 2321 0, 0, 0, 0, 0, 0, 0, 0, 2322 }; 2323 2324 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg)); 2325 if (1 == pcontrol) 2326 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4); 2327 return sizeof(sas_sha_m_pg); 2328 } 2329 2330 #define SDEBUG_MAX_MSENSE_SZ 256 2331 2332 static int resp_mode_sense(struct scsi_cmnd *scp, 2333 struct sdebug_dev_info *devip) 2334 { 2335 int pcontrol, pcode, subpcode, bd_len; 2336 unsigned char dev_spec; 2337 u32 alloc_len, offset, len; 2338 int target_dev_id; 2339 int target = scp->device->id; 2340 unsigned char *ap; 2341 unsigned char arr[SDEBUG_MAX_MSENSE_SZ]; 2342 unsigned char *cmd = scp->cmnd; 2343 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode; 2344 2345 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */ 2346 pcontrol = (cmd[2] & 0xc0) >> 6; 2347 pcode = cmd[2] & 0x3f; 2348 subpcode = cmd[3]; 2349 msense_6 = (MODE_SENSE == cmd[0]); 2350 llbaa = msense_6 ? false : !!(cmd[1] & 0x10); 2351 is_disk = (sdebug_ptype == TYPE_DISK); 2352 is_zbc = (devip->zmodel != BLK_ZONED_NONE); 2353 if ((is_disk || is_zbc) && !dbd) 2354 bd_len = llbaa ? 16 : 8; 2355 else 2356 bd_len = 0; 2357 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2358 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ); 2359 if (0x3 == pcontrol) { /* Saving values not supported */ 2360 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0); 2361 return check_condition_result; 2362 } 2363 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) + 2364 (devip->target * 1000) - 3; 2365 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */ 2366 if (is_disk || is_zbc) { 2367 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */ 2368 if (sdebug_wp) 2369 dev_spec |= 0x80; 2370 } else 2371 dev_spec = 0x0; 2372 if (msense_6) { 2373 arr[2] = dev_spec; 2374 arr[3] = bd_len; 2375 offset = 4; 2376 } else { 2377 arr[3] = dev_spec; 2378 if (16 == bd_len) 2379 arr[4] = 0x1; /* set LONGLBA bit */ 2380 arr[7] = bd_len; /* assume 255 or less */ 2381 offset = 8; 2382 } 2383 ap = arr + offset; 2384 if ((bd_len > 0) && (!sdebug_capacity)) 2385 sdebug_capacity = get_sdebug_capacity(); 2386 2387 if (8 == bd_len) { 2388 if (sdebug_capacity > 0xfffffffe) 2389 put_unaligned_be32(0xffffffff, ap + 0); 2390 else 2391 put_unaligned_be32(sdebug_capacity, ap + 0); 2392 put_unaligned_be16(sdebug_sector_size, ap + 6); 2393 offset += bd_len; 2394 ap = arr + offset; 2395 } else if (16 == bd_len) { 2396 put_unaligned_be64((u64)sdebug_capacity, ap + 0); 2397 put_unaligned_be32(sdebug_sector_size, ap + 12); 2398 offset += bd_len; 2399 ap = arr + offset; 2400 } 2401 2402 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) { 2403 /* TODO: Control Extension page */ 2404 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2405 return check_condition_result; 2406 } 2407 bad_pcode = false; 2408 2409 switch (pcode) { 2410 case 0x1: /* Read-Write error recovery page, direct access */ 2411 len = resp_err_recov_pg(ap, pcontrol, target); 2412 offset += len; 2413 break; 2414 case 0x2: /* Disconnect-Reconnect page, all devices */ 2415 len = resp_disconnect_pg(ap, pcontrol, target); 2416 offset += len; 2417 break; 2418 case 0x3: /* Format device page, direct access */ 2419 if (is_disk) { 2420 len = resp_format_pg(ap, pcontrol, target); 2421 offset += len; 2422 } else 2423 bad_pcode = true; 2424 break; 2425 case 0x8: /* Caching page, direct access */ 2426 if (is_disk || is_zbc) { 2427 len = resp_caching_pg(ap, pcontrol, target); 2428 offset += len; 2429 } else 2430 bad_pcode = true; 2431 break; 2432 case 0xa: /* Control Mode page, all devices */ 2433 len = resp_ctrl_m_pg(ap, pcontrol, target); 2434 offset += len; 2435 break; 2436 case 0x19: /* if spc==1 then sas phy, control+discover */ 2437 if ((subpcode > 0x2) && (subpcode < 0xff)) { 2438 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2439 return check_condition_result; 2440 } 2441 len = 0; 2442 if ((0x0 == subpcode) || (0xff == subpcode)) 2443 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2444 if ((0x1 == subpcode) || (0xff == subpcode)) 2445 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target, 2446 target_dev_id); 2447 if ((0x2 == subpcode) || (0xff == subpcode)) 2448 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2449 offset += len; 2450 break; 2451 case 0x1c: /* Informational Exceptions Mode page, all devices */ 2452 len = resp_iec_m_pg(ap, pcontrol, target); 2453 offset += len; 2454 break; 2455 case 0x3f: /* Read all Mode pages */ 2456 if ((0 == subpcode) || (0xff == subpcode)) { 2457 len = resp_err_recov_pg(ap, pcontrol, target); 2458 len += resp_disconnect_pg(ap + len, pcontrol, target); 2459 if (is_disk) { 2460 len += resp_format_pg(ap + len, pcontrol, 2461 target); 2462 len += resp_caching_pg(ap + len, pcontrol, 2463 target); 2464 } else if (is_zbc) { 2465 len += resp_caching_pg(ap + len, pcontrol, 2466 target); 2467 } 2468 len += resp_ctrl_m_pg(ap + len, pcontrol, target); 2469 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2470 if (0xff == subpcode) { 2471 len += resp_sas_pcd_m_spg(ap + len, pcontrol, 2472 target, target_dev_id); 2473 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2474 } 2475 len += resp_iec_m_pg(ap + len, pcontrol, target); 2476 offset += len; 2477 } else { 2478 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2479 return check_condition_result; 2480 } 2481 break; 2482 default: 2483 bad_pcode = true; 2484 break; 2485 } 2486 if (bad_pcode) { 2487 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2488 return check_condition_result; 2489 } 2490 if (msense_6) 2491 arr[0] = offset - 1; 2492 else 2493 put_unaligned_be16((offset - 2), arr + 0); 2494 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset)); 2495 } 2496 2497 #define SDEBUG_MAX_MSELECT_SZ 512 2498 2499 static int resp_mode_select(struct scsi_cmnd *scp, 2500 struct sdebug_dev_info *devip) 2501 { 2502 int pf, sp, ps, md_len, bd_len, off, spf, pg_len; 2503 int param_len, res, mpage; 2504 unsigned char arr[SDEBUG_MAX_MSELECT_SZ]; 2505 unsigned char *cmd = scp->cmnd; 2506 int mselect6 = (MODE_SELECT == cmd[0]); 2507 2508 memset(arr, 0, sizeof(arr)); 2509 pf = cmd[1] & 0x10; 2510 sp = cmd[1] & 0x1; 2511 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2512 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) { 2513 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1); 2514 return check_condition_result; 2515 } 2516 res = fetch_to_dev_buffer(scp, arr, param_len); 2517 if (-1 == res) 2518 return DID_ERROR << 16; 2519 else if (sdebug_verbose && (res < param_len)) 2520 sdev_printk(KERN_INFO, scp->device, 2521 "%s: cdb indicated=%d, IO sent=%d bytes\n", 2522 __func__, param_len, res); 2523 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2); 2524 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6); 2525 off = bd_len + (mselect6 ? 4 : 8); 2526 if (md_len > 2 || off >= res) { 2527 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1); 2528 return check_condition_result; 2529 } 2530 mpage = arr[off] & 0x3f; 2531 ps = !!(arr[off] & 0x80); 2532 if (ps) { 2533 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7); 2534 return check_condition_result; 2535 } 2536 spf = !!(arr[off] & 0x40); 2537 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) : 2538 (arr[off + 1] + 2); 2539 if ((pg_len + off) > param_len) { 2540 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2541 PARAMETER_LIST_LENGTH_ERR, 0); 2542 return check_condition_result; 2543 } 2544 switch (mpage) { 2545 case 0x8: /* Caching Mode page */ 2546 if (caching_pg[1] == arr[off + 1]) { 2547 memcpy(caching_pg + 2, arr + off + 2, 2548 sizeof(caching_pg) - 2); 2549 goto set_mode_changed_ua; 2550 } 2551 break; 2552 case 0xa: /* Control Mode page */ 2553 if (ctrl_m_pg[1] == arr[off + 1]) { 2554 memcpy(ctrl_m_pg + 2, arr + off + 2, 2555 sizeof(ctrl_m_pg) - 2); 2556 if (ctrl_m_pg[4] & 0x8) 2557 sdebug_wp = true; 2558 else 2559 sdebug_wp = false; 2560 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4); 2561 goto set_mode_changed_ua; 2562 } 2563 break; 2564 case 0x1c: /* Informational Exceptions Mode page */ 2565 if (iec_m_pg[1] == arr[off + 1]) { 2566 memcpy(iec_m_pg + 2, arr + off + 2, 2567 sizeof(iec_m_pg) - 2); 2568 goto set_mode_changed_ua; 2569 } 2570 break; 2571 default: 2572 break; 2573 } 2574 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5); 2575 return check_condition_result; 2576 set_mode_changed_ua: 2577 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm); 2578 return 0; 2579 } 2580 2581 static int resp_temp_l_pg(unsigned char *arr) 2582 { 2583 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38, 2584 0x0, 0x1, 0x3, 0x2, 0x0, 65, 2585 }; 2586 2587 memcpy(arr, temp_l_pg, sizeof(temp_l_pg)); 2588 return sizeof(temp_l_pg); 2589 } 2590 2591 static int resp_ie_l_pg(unsigned char *arr) 2592 { 2593 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38, 2594 }; 2595 2596 memcpy(arr, ie_l_pg, sizeof(ie_l_pg)); 2597 if (iec_m_pg[2] & 0x4) { /* TEST bit set */ 2598 arr[4] = THRESHOLD_EXCEEDED; 2599 arr[5] = 0xff; 2600 } 2601 return sizeof(ie_l_pg); 2602 } 2603 2604 static int resp_env_rep_l_spg(unsigned char *arr) 2605 { 2606 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8, 2607 0x0, 40, 72, 0xff, 45, 18, 0, 0, 2608 0x1, 0x0, 0x23, 0x8, 2609 0x0, 55, 72, 35, 55, 45, 0, 0, 2610 }; 2611 2612 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg)); 2613 return sizeof(env_rep_l_spg); 2614 } 2615 2616 #define SDEBUG_MAX_LSENSE_SZ 512 2617 2618 static int resp_log_sense(struct scsi_cmnd *scp, 2619 struct sdebug_dev_info *devip) 2620 { 2621 int ppc, sp, pcode, subpcode; 2622 u32 alloc_len, len, n; 2623 unsigned char arr[SDEBUG_MAX_LSENSE_SZ]; 2624 unsigned char *cmd = scp->cmnd; 2625 2626 memset(arr, 0, sizeof(arr)); 2627 ppc = cmd[1] & 0x2; 2628 sp = cmd[1] & 0x1; 2629 if (ppc || sp) { 2630 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0); 2631 return check_condition_result; 2632 } 2633 pcode = cmd[2] & 0x3f; 2634 subpcode = cmd[3] & 0xff; 2635 alloc_len = get_unaligned_be16(cmd + 7); 2636 arr[0] = pcode; 2637 if (0 == subpcode) { 2638 switch (pcode) { 2639 case 0x0: /* Supported log pages log page */ 2640 n = 4; 2641 arr[n++] = 0x0; /* this page */ 2642 arr[n++] = 0xd; /* Temperature */ 2643 arr[n++] = 0x2f; /* Informational exceptions */ 2644 arr[3] = n - 4; 2645 break; 2646 case 0xd: /* Temperature log page */ 2647 arr[3] = resp_temp_l_pg(arr + 4); 2648 break; 2649 case 0x2f: /* Informational exceptions log page */ 2650 arr[3] = resp_ie_l_pg(arr + 4); 2651 break; 2652 default: 2653 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2654 return check_condition_result; 2655 } 2656 } else if (0xff == subpcode) { 2657 arr[0] |= 0x40; 2658 arr[1] = subpcode; 2659 switch (pcode) { 2660 case 0x0: /* Supported log pages and subpages log page */ 2661 n = 4; 2662 arr[n++] = 0x0; 2663 arr[n++] = 0x0; /* 0,0 page */ 2664 arr[n++] = 0x0; 2665 arr[n++] = 0xff; /* this page */ 2666 arr[n++] = 0xd; 2667 arr[n++] = 0x0; /* Temperature */ 2668 arr[n++] = 0xd; 2669 arr[n++] = 0x1; /* Environment reporting */ 2670 arr[n++] = 0xd; 2671 arr[n++] = 0xff; /* all 0xd subpages */ 2672 arr[n++] = 0x2f; 2673 arr[n++] = 0x0; /* Informational exceptions */ 2674 arr[n++] = 0x2f; 2675 arr[n++] = 0xff; /* all 0x2f subpages */ 2676 arr[3] = n - 4; 2677 break; 2678 case 0xd: /* Temperature subpages */ 2679 n = 4; 2680 arr[n++] = 0xd; 2681 arr[n++] = 0x0; /* Temperature */ 2682 arr[n++] = 0xd; 2683 arr[n++] = 0x1; /* Environment reporting */ 2684 arr[n++] = 0xd; 2685 arr[n++] = 0xff; /* these subpages */ 2686 arr[3] = n - 4; 2687 break; 2688 case 0x2f: /* Informational exceptions subpages */ 2689 n = 4; 2690 arr[n++] = 0x2f; 2691 arr[n++] = 0x0; /* Informational exceptions */ 2692 arr[n++] = 0x2f; 2693 arr[n++] = 0xff; /* these subpages */ 2694 arr[3] = n - 4; 2695 break; 2696 default: 2697 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2698 return check_condition_result; 2699 } 2700 } else if (subpcode > 0) { 2701 arr[0] |= 0x40; 2702 arr[1] = subpcode; 2703 if (pcode == 0xd && subpcode == 1) 2704 arr[3] = resp_env_rep_l_spg(arr + 4); 2705 else { 2706 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2707 return check_condition_result; 2708 } 2709 } else { 2710 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2711 return check_condition_result; 2712 } 2713 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len); 2714 return fill_from_dev_buffer(scp, arr, 2715 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ)); 2716 } 2717 2718 static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip) 2719 { 2720 return devip->nr_zones != 0; 2721 } 2722 2723 static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip, 2724 unsigned long long lba) 2725 { 2726 u32 zno = lba >> devip->zsize_shift; 2727 struct sdeb_zone_state *zsp; 2728 2729 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones) 2730 return &devip->zstate[zno]; 2731 2732 /* 2733 * If the zone capacity is less than the zone size, adjust for gap 2734 * zones. 2735 */ 2736 zno = 2 * zno - devip->nr_conv_zones; 2737 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones); 2738 zsp = &devip->zstate[zno]; 2739 if (lba >= zsp->z_start + zsp->z_size) 2740 zsp++; 2741 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size); 2742 return zsp; 2743 } 2744 2745 static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp) 2746 { 2747 return zsp->z_type == ZBC_ZTYPE_CNV; 2748 } 2749 2750 static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp) 2751 { 2752 return zsp->z_type == ZBC_ZTYPE_GAP; 2753 } 2754 2755 static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp) 2756 { 2757 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp); 2758 } 2759 2760 static void zbc_close_zone(struct sdebug_dev_info *devip, 2761 struct sdeb_zone_state *zsp) 2762 { 2763 enum sdebug_z_cond zc; 2764 2765 if (!zbc_zone_is_seq(zsp)) 2766 return; 2767 2768 zc = zsp->z_cond; 2769 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)) 2770 return; 2771 2772 if (zc == ZC2_IMPLICIT_OPEN) 2773 devip->nr_imp_open--; 2774 else 2775 devip->nr_exp_open--; 2776 2777 if (zsp->z_wp == zsp->z_start) { 2778 zsp->z_cond = ZC1_EMPTY; 2779 } else { 2780 zsp->z_cond = ZC4_CLOSED; 2781 devip->nr_closed++; 2782 } 2783 } 2784 2785 static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip) 2786 { 2787 struct sdeb_zone_state *zsp = &devip->zstate[0]; 2788 unsigned int i; 2789 2790 for (i = 0; i < devip->nr_zones; i++, zsp++) { 2791 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) { 2792 zbc_close_zone(devip, zsp); 2793 return; 2794 } 2795 } 2796 } 2797 2798 static void zbc_open_zone(struct sdebug_dev_info *devip, 2799 struct sdeb_zone_state *zsp, bool explicit) 2800 { 2801 enum sdebug_z_cond zc; 2802 2803 if (!zbc_zone_is_seq(zsp)) 2804 return; 2805 2806 zc = zsp->z_cond; 2807 if ((explicit && zc == ZC3_EXPLICIT_OPEN) || 2808 (!explicit && zc == ZC2_IMPLICIT_OPEN)) 2809 return; 2810 2811 /* Close an implicit open zone if necessary */ 2812 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN) 2813 zbc_close_zone(devip, zsp); 2814 else if (devip->max_open && 2815 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open) 2816 zbc_close_imp_open_zone(devip); 2817 2818 if (zsp->z_cond == ZC4_CLOSED) 2819 devip->nr_closed--; 2820 if (explicit) { 2821 zsp->z_cond = ZC3_EXPLICIT_OPEN; 2822 devip->nr_exp_open++; 2823 } else { 2824 zsp->z_cond = ZC2_IMPLICIT_OPEN; 2825 devip->nr_imp_open++; 2826 } 2827 } 2828 2829 static inline void zbc_set_zone_full(struct sdebug_dev_info *devip, 2830 struct sdeb_zone_state *zsp) 2831 { 2832 switch (zsp->z_cond) { 2833 case ZC2_IMPLICIT_OPEN: 2834 devip->nr_imp_open--; 2835 break; 2836 case ZC3_EXPLICIT_OPEN: 2837 devip->nr_exp_open--; 2838 break; 2839 default: 2840 WARN_ONCE(true, "Invalid zone %llu condition %x\n", 2841 zsp->z_start, zsp->z_cond); 2842 break; 2843 } 2844 zsp->z_cond = ZC5_FULL; 2845 } 2846 2847 static void zbc_inc_wp(struct sdebug_dev_info *devip, 2848 unsigned long long lba, unsigned int num) 2849 { 2850 struct sdeb_zone_state *zsp = zbc_zone(devip, lba); 2851 unsigned long long n, end, zend = zsp->z_start + zsp->z_size; 2852 2853 if (!zbc_zone_is_seq(zsp)) 2854 return; 2855 2856 if (zsp->z_type == ZBC_ZTYPE_SWR) { 2857 zsp->z_wp += num; 2858 if (zsp->z_wp >= zend) 2859 zbc_set_zone_full(devip, zsp); 2860 return; 2861 } 2862 2863 while (num) { 2864 if (lba != zsp->z_wp) 2865 zsp->z_non_seq_resource = true; 2866 2867 end = lba + num; 2868 if (end >= zend) { 2869 n = zend - lba; 2870 zsp->z_wp = zend; 2871 } else if (end > zsp->z_wp) { 2872 n = num; 2873 zsp->z_wp = end; 2874 } else { 2875 n = num; 2876 } 2877 if (zsp->z_wp >= zend) 2878 zbc_set_zone_full(devip, zsp); 2879 2880 num -= n; 2881 lba += n; 2882 if (num) { 2883 zsp++; 2884 zend = zsp->z_start + zsp->z_size; 2885 } 2886 } 2887 } 2888 2889 static int check_zbc_access_params(struct scsi_cmnd *scp, 2890 unsigned long long lba, unsigned int num, bool write) 2891 { 2892 struct scsi_device *sdp = scp->device; 2893 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 2894 struct sdeb_zone_state *zsp = zbc_zone(devip, lba); 2895 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1); 2896 2897 if (!write) { 2898 if (devip->zmodel == BLK_ZONED_HA) 2899 return 0; 2900 /* For host-managed, reads cannot cross zone types boundaries */ 2901 if (zsp->z_type != zsp_end->z_type) { 2902 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2903 LBA_OUT_OF_RANGE, 2904 READ_INVDATA_ASCQ); 2905 return check_condition_result; 2906 } 2907 return 0; 2908 } 2909 2910 /* Writing into a gap zone is not allowed */ 2911 if (zbc_zone_is_gap(zsp)) { 2912 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 2913 ATTEMPT_ACCESS_GAP); 2914 return check_condition_result; 2915 } 2916 2917 /* No restrictions for writes within conventional zones */ 2918 if (zbc_zone_is_conv(zsp)) { 2919 if (!zbc_zone_is_conv(zsp_end)) { 2920 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2921 LBA_OUT_OF_RANGE, 2922 WRITE_BOUNDARY_ASCQ); 2923 return check_condition_result; 2924 } 2925 return 0; 2926 } 2927 2928 if (zsp->z_type == ZBC_ZTYPE_SWR) { 2929 /* Writes cannot cross sequential zone boundaries */ 2930 if (zsp_end != zsp) { 2931 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2932 LBA_OUT_OF_RANGE, 2933 WRITE_BOUNDARY_ASCQ); 2934 return check_condition_result; 2935 } 2936 /* Cannot write full zones */ 2937 if (zsp->z_cond == ZC5_FULL) { 2938 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2939 INVALID_FIELD_IN_CDB, 0); 2940 return check_condition_result; 2941 } 2942 /* Writes must be aligned to the zone WP */ 2943 if (lba != zsp->z_wp) { 2944 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2945 LBA_OUT_OF_RANGE, 2946 UNALIGNED_WRITE_ASCQ); 2947 return check_condition_result; 2948 } 2949 } 2950 2951 /* Handle implicit open of closed and empty zones */ 2952 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) { 2953 if (devip->max_open && 2954 devip->nr_exp_open >= devip->max_open) { 2955 mk_sense_buffer(scp, DATA_PROTECT, 2956 INSUFF_RES_ASC, 2957 INSUFF_ZONE_ASCQ); 2958 return check_condition_result; 2959 } 2960 zbc_open_zone(devip, zsp, false); 2961 } 2962 2963 return 0; 2964 } 2965 2966 static inline int check_device_access_params 2967 (struct scsi_cmnd *scp, unsigned long long lba, 2968 unsigned int num, bool write) 2969 { 2970 struct scsi_device *sdp = scp->device; 2971 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 2972 2973 if (lba + num > sdebug_capacity) { 2974 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2975 return check_condition_result; 2976 } 2977 /* transfer length excessive (tie in to block limits VPD page) */ 2978 if (num > sdebug_store_sectors) { 2979 /* needs work to find which cdb byte 'num' comes from */ 2980 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2981 return check_condition_result; 2982 } 2983 if (write && unlikely(sdebug_wp)) { 2984 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2); 2985 return check_condition_result; 2986 } 2987 if (sdebug_dev_is_zoned(devip)) 2988 return check_zbc_access_params(scp, lba, num, write); 2989 2990 return 0; 2991 } 2992 2993 /* 2994 * Note: if BUG_ON() fires it usually indicates a problem with the parser 2995 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions 2996 * that access any of the "stores" in struct sdeb_store_info should call this 2997 * function with bug_if_fake_rw set to true. 2998 */ 2999 static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip, 3000 bool bug_if_fake_rw) 3001 { 3002 if (sdebug_fake_rw) { 3003 BUG_ON(bug_if_fake_rw); /* See note above */ 3004 return NULL; 3005 } 3006 return xa_load(per_store_ap, devip->sdbg_host->si_idx); 3007 } 3008 3009 /* Returns number of bytes copied or -1 if error. */ 3010 static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp, 3011 u32 sg_skip, u64 lba, u32 num, bool do_write) 3012 { 3013 int ret; 3014 u64 block, rest = 0; 3015 enum dma_data_direction dir; 3016 struct scsi_data_buffer *sdb = &scp->sdb; 3017 u8 *fsp; 3018 3019 if (do_write) { 3020 dir = DMA_TO_DEVICE; 3021 write_since_sync = true; 3022 } else { 3023 dir = DMA_FROM_DEVICE; 3024 } 3025 3026 if (!sdb->length || !sip) 3027 return 0; 3028 if (scp->sc_data_direction != dir) 3029 return -1; 3030 fsp = sip->storep; 3031 3032 block = do_div(lba, sdebug_store_sectors); 3033 if (block + num > sdebug_store_sectors) 3034 rest = block + num - sdebug_store_sectors; 3035 3036 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 3037 fsp + (block * sdebug_sector_size), 3038 (num - rest) * sdebug_sector_size, sg_skip, do_write); 3039 if (ret != (num - rest) * sdebug_sector_size) 3040 return ret; 3041 3042 if (rest) { 3043 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 3044 fsp, rest * sdebug_sector_size, 3045 sg_skip + ((num - rest) * sdebug_sector_size), 3046 do_write); 3047 } 3048 3049 return ret; 3050 } 3051 3052 /* Returns number of bytes copied or -1 if error. */ 3053 static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp) 3054 { 3055 struct scsi_data_buffer *sdb = &scp->sdb; 3056 3057 if (!sdb->length) 3058 return 0; 3059 if (scp->sc_data_direction != DMA_TO_DEVICE) 3060 return -1; 3061 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp, 3062 num * sdebug_sector_size, 0, true); 3063 } 3064 3065 /* If sip->storep+lba compares equal to arr(num), then copy top half of 3066 * arr into sip->storep+lba and return true. If comparison fails then 3067 * return false. */ 3068 static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num, 3069 const u8 *arr, bool compare_only) 3070 { 3071 bool res; 3072 u64 block, rest = 0; 3073 u32 store_blks = sdebug_store_sectors; 3074 u32 lb_size = sdebug_sector_size; 3075 u8 *fsp = sip->storep; 3076 3077 block = do_div(lba, store_blks); 3078 if (block + num > store_blks) 3079 rest = block + num - store_blks; 3080 3081 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size); 3082 if (!res) 3083 return res; 3084 if (rest) 3085 res = memcmp(fsp, arr + ((num - rest) * lb_size), 3086 rest * lb_size); 3087 if (!res) 3088 return res; 3089 if (compare_only) 3090 return true; 3091 arr += num * lb_size; 3092 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size); 3093 if (rest) 3094 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size); 3095 return res; 3096 } 3097 3098 static __be16 dif_compute_csum(const void *buf, int len) 3099 { 3100 __be16 csum; 3101 3102 if (sdebug_guard) 3103 csum = (__force __be16)ip_compute_csum(buf, len); 3104 else 3105 csum = cpu_to_be16(crc_t10dif(buf, len)); 3106 3107 return csum; 3108 } 3109 3110 static int dif_verify(struct t10_pi_tuple *sdt, const void *data, 3111 sector_t sector, u32 ei_lba) 3112 { 3113 __be16 csum = dif_compute_csum(data, sdebug_sector_size); 3114 3115 if (sdt->guard_tag != csum) { 3116 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n", 3117 (unsigned long)sector, 3118 be16_to_cpu(sdt->guard_tag), 3119 be16_to_cpu(csum)); 3120 return 0x01; 3121 } 3122 if (sdebug_dif == T10_PI_TYPE1_PROTECTION && 3123 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) { 3124 pr_err("REF check failed on sector %lu\n", 3125 (unsigned long)sector); 3126 return 0x03; 3127 } 3128 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3129 be32_to_cpu(sdt->ref_tag) != ei_lba) { 3130 pr_err("REF check failed on sector %lu\n", 3131 (unsigned long)sector); 3132 return 0x03; 3133 } 3134 return 0; 3135 } 3136 3137 static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector, 3138 unsigned int sectors, bool read) 3139 { 3140 size_t resid; 3141 void *paddr; 3142 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 3143 scp->device->hostdata, true); 3144 struct t10_pi_tuple *dif_storep = sip->dif_storep; 3145 const void *dif_store_end = dif_storep + sdebug_store_sectors; 3146 struct sg_mapping_iter miter; 3147 3148 /* Bytes of protection data to copy into sgl */ 3149 resid = sectors * sizeof(*dif_storep); 3150 3151 sg_miter_start(&miter, scsi_prot_sglist(scp), 3152 scsi_prot_sg_count(scp), SG_MITER_ATOMIC | 3153 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG)); 3154 3155 while (sg_miter_next(&miter) && resid > 0) { 3156 size_t len = min_t(size_t, miter.length, resid); 3157 void *start = dif_store(sip, sector); 3158 size_t rest = 0; 3159 3160 if (dif_store_end < start + len) 3161 rest = start + len - dif_store_end; 3162 3163 paddr = miter.addr; 3164 3165 if (read) 3166 memcpy(paddr, start, len - rest); 3167 else 3168 memcpy(start, paddr, len - rest); 3169 3170 if (rest) { 3171 if (read) 3172 memcpy(paddr + len - rest, dif_storep, rest); 3173 else 3174 memcpy(dif_storep, paddr + len - rest, rest); 3175 } 3176 3177 sector += len / sizeof(*dif_storep); 3178 resid -= len; 3179 } 3180 sg_miter_stop(&miter); 3181 } 3182 3183 static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec, 3184 unsigned int sectors, u32 ei_lba) 3185 { 3186 int ret = 0; 3187 unsigned int i; 3188 sector_t sector; 3189 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 3190 scp->device->hostdata, true); 3191 struct t10_pi_tuple *sdt; 3192 3193 for (i = 0; i < sectors; i++, ei_lba++) { 3194 sector = start_sec + i; 3195 sdt = dif_store(sip, sector); 3196 3197 if (sdt->app_tag == cpu_to_be16(0xffff)) 3198 continue; 3199 3200 /* 3201 * Because scsi_debug acts as both initiator and 3202 * target we proceed to verify the PI even if 3203 * RDPROTECT=3. This is done so the "initiator" knows 3204 * which type of error to return. Otherwise we would 3205 * have to iterate over the PI twice. 3206 */ 3207 if (scp->cmnd[1] >> 5) { /* RDPROTECT */ 3208 ret = dif_verify(sdt, lba2fake_store(sip, sector), 3209 sector, ei_lba); 3210 if (ret) { 3211 dif_errors++; 3212 break; 3213 } 3214 } 3215 } 3216 3217 dif_copy_prot(scp, start_sec, sectors, true); 3218 dix_reads++; 3219 3220 return ret; 3221 } 3222 3223 static inline void 3224 sdeb_read_lock(struct sdeb_store_info *sip) 3225 { 3226 if (sdebug_no_rwlock) { 3227 if (sip) 3228 __acquire(&sip->macc_lck); 3229 else 3230 __acquire(&sdeb_fake_rw_lck); 3231 } else { 3232 if (sip) 3233 read_lock(&sip->macc_lck); 3234 else 3235 read_lock(&sdeb_fake_rw_lck); 3236 } 3237 } 3238 3239 static inline void 3240 sdeb_read_unlock(struct sdeb_store_info *sip) 3241 { 3242 if (sdebug_no_rwlock) { 3243 if (sip) 3244 __release(&sip->macc_lck); 3245 else 3246 __release(&sdeb_fake_rw_lck); 3247 } else { 3248 if (sip) 3249 read_unlock(&sip->macc_lck); 3250 else 3251 read_unlock(&sdeb_fake_rw_lck); 3252 } 3253 } 3254 3255 static inline void 3256 sdeb_write_lock(struct sdeb_store_info *sip) 3257 { 3258 if (sdebug_no_rwlock) { 3259 if (sip) 3260 __acquire(&sip->macc_lck); 3261 else 3262 __acquire(&sdeb_fake_rw_lck); 3263 } else { 3264 if (sip) 3265 write_lock(&sip->macc_lck); 3266 else 3267 write_lock(&sdeb_fake_rw_lck); 3268 } 3269 } 3270 3271 static inline void 3272 sdeb_write_unlock(struct sdeb_store_info *sip) 3273 { 3274 if (sdebug_no_rwlock) { 3275 if (sip) 3276 __release(&sip->macc_lck); 3277 else 3278 __release(&sdeb_fake_rw_lck); 3279 } else { 3280 if (sip) 3281 write_unlock(&sip->macc_lck); 3282 else 3283 write_unlock(&sdeb_fake_rw_lck); 3284 } 3285 } 3286 3287 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3288 { 3289 bool check_prot; 3290 u32 num; 3291 u32 ei_lba; 3292 int ret; 3293 u64 lba; 3294 struct sdeb_store_info *sip = devip2sip(devip, true); 3295 u8 *cmd = scp->cmnd; 3296 3297 switch (cmd[0]) { 3298 case READ_16: 3299 ei_lba = 0; 3300 lba = get_unaligned_be64(cmd + 2); 3301 num = get_unaligned_be32(cmd + 10); 3302 check_prot = true; 3303 break; 3304 case READ_10: 3305 ei_lba = 0; 3306 lba = get_unaligned_be32(cmd + 2); 3307 num = get_unaligned_be16(cmd + 7); 3308 check_prot = true; 3309 break; 3310 case READ_6: 3311 ei_lba = 0; 3312 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 3313 (u32)(cmd[1] & 0x1f) << 16; 3314 num = (0 == cmd[4]) ? 256 : cmd[4]; 3315 check_prot = true; 3316 break; 3317 case READ_12: 3318 ei_lba = 0; 3319 lba = get_unaligned_be32(cmd + 2); 3320 num = get_unaligned_be32(cmd + 6); 3321 check_prot = true; 3322 break; 3323 case XDWRITEREAD_10: 3324 ei_lba = 0; 3325 lba = get_unaligned_be32(cmd + 2); 3326 num = get_unaligned_be16(cmd + 7); 3327 check_prot = false; 3328 break; 3329 default: /* assume READ(32) */ 3330 lba = get_unaligned_be64(cmd + 12); 3331 ei_lba = get_unaligned_be32(cmd + 20); 3332 num = get_unaligned_be32(cmd + 28); 3333 check_prot = false; 3334 break; 3335 } 3336 if (unlikely(have_dif_prot && check_prot)) { 3337 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3338 (cmd[1] & 0xe0)) { 3339 mk_sense_invalid_opcode(scp); 3340 return check_condition_result; 3341 } 3342 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3343 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3344 (cmd[1] & 0xe0) == 0) 3345 sdev_printk(KERN_ERR, scp->device, "Unprotected RD " 3346 "to DIF device\n"); 3347 } 3348 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) && 3349 atomic_read(&sdeb_inject_pending))) { 3350 num /= 2; 3351 atomic_set(&sdeb_inject_pending, 0); 3352 } 3353 3354 ret = check_device_access_params(scp, lba, num, false); 3355 if (ret) 3356 return ret; 3357 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) && 3358 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) && 3359 ((lba + num) > sdebug_medium_error_start))) { 3360 /* claim unrecoverable read error */ 3361 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0); 3362 /* set info field and valid bit for fixed descriptor */ 3363 if (0x70 == (scp->sense_buffer[0] & 0x7f)) { 3364 scp->sense_buffer[0] |= 0x80; /* Valid bit */ 3365 ret = (lba < OPT_MEDIUM_ERR_ADDR) 3366 ? OPT_MEDIUM_ERR_ADDR : (int)lba; 3367 put_unaligned_be32(ret, scp->sense_buffer + 3); 3368 } 3369 scsi_set_resid(scp, scsi_bufflen(scp)); 3370 return check_condition_result; 3371 } 3372 3373 sdeb_read_lock(sip); 3374 3375 /* DIX + T10 DIF */ 3376 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3377 switch (prot_verify_read(scp, lba, num, ei_lba)) { 3378 case 1: /* Guard tag error */ 3379 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */ 3380 sdeb_read_unlock(sip); 3381 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3382 return check_condition_result; 3383 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) { 3384 sdeb_read_unlock(sip); 3385 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3386 return illegal_condition_result; 3387 } 3388 break; 3389 case 3: /* Reference tag error */ 3390 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */ 3391 sdeb_read_unlock(sip); 3392 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3); 3393 return check_condition_result; 3394 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) { 3395 sdeb_read_unlock(sip); 3396 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3); 3397 return illegal_condition_result; 3398 } 3399 break; 3400 } 3401 } 3402 3403 ret = do_device_access(sip, scp, 0, lba, num, false); 3404 sdeb_read_unlock(sip); 3405 if (unlikely(ret == -1)) 3406 return DID_ERROR << 16; 3407 3408 scsi_set_resid(scp, scsi_bufflen(scp) - ret); 3409 3410 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 3411 atomic_read(&sdeb_inject_pending))) { 3412 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 3413 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 3414 atomic_set(&sdeb_inject_pending, 0); 3415 return check_condition_result; 3416 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 3417 /* Logical block guard check failed */ 3418 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3419 atomic_set(&sdeb_inject_pending, 0); 3420 return illegal_condition_result; 3421 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) { 3422 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3423 atomic_set(&sdeb_inject_pending, 0); 3424 return illegal_condition_result; 3425 } 3426 } 3427 return 0; 3428 } 3429 3430 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec, 3431 unsigned int sectors, u32 ei_lba) 3432 { 3433 int ret; 3434 struct t10_pi_tuple *sdt; 3435 void *daddr; 3436 sector_t sector = start_sec; 3437 int ppage_offset; 3438 int dpage_offset; 3439 struct sg_mapping_iter diter; 3440 struct sg_mapping_iter piter; 3441 3442 BUG_ON(scsi_sg_count(SCpnt) == 0); 3443 BUG_ON(scsi_prot_sg_count(SCpnt) == 0); 3444 3445 sg_miter_start(&piter, scsi_prot_sglist(SCpnt), 3446 scsi_prot_sg_count(SCpnt), 3447 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 3448 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt), 3449 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 3450 3451 /* For each protection page */ 3452 while (sg_miter_next(&piter)) { 3453 dpage_offset = 0; 3454 if (WARN_ON(!sg_miter_next(&diter))) { 3455 ret = 0x01; 3456 goto out; 3457 } 3458 3459 for (ppage_offset = 0; ppage_offset < piter.length; 3460 ppage_offset += sizeof(struct t10_pi_tuple)) { 3461 /* If we're at the end of the current 3462 * data page advance to the next one 3463 */ 3464 if (dpage_offset >= diter.length) { 3465 if (WARN_ON(!sg_miter_next(&diter))) { 3466 ret = 0x01; 3467 goto out; 3468 } 3469 dpage_offset = 0; 3470 } 3471 3472 sdt = piter.addr + ppage_offset; 3473 daddr = diter.addr + dpage_offset; 3474 3475 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */ 3476 ret = dif_verify(sdt, daddr, sector, ei_lba); 3477 if (ret) 3478 goto out; 3479 } 3480 3481 sector++; 3482 ei_lba++; 3483 dpage_offset += sdebug_sector_size; 3484 } 3485 diter.consumed = dpage_offset; 3486 sg_miter_stop(&diter); 3487 } 3488 sg_miter_stop(&piter); 3489 3490 dif_copy_prot(SCpnt, start_sec, sectors, false); 3491 dix_writes++; 3492 3493 return 0; 3494 3495 out: 3496 dif_errors++; 3497 sg_miter_stop(&diter); 3498 sg_miter_stop(&piter); 3499 return ret; 3500 } 3501 3502 static unsigned long lba_to_map_index(sector_t lba) 3503 { 3504 if (sdebug_unmap_alignment) 3505 lba += sdebug_unmap_granularity - sdebug_unmap_alignment; 3506 sector_div(lba, sdebug_unmap_granularity); 3507 return lba; 3508 } 3509 3510 static sector_t map_index_to_lba(unsigned long index) 3511 { 3512 sector_t lba = index * sdebug_unmap_granularity; 3513 3514 if (sdebug_unmap_alignment) 3515 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment; 3516 return lba; 3517 } 3518 3519 static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba, 3520 unsigned int *num) 3521 { 3522 sector_t end; 3523 unsigned int mapped; 3524 unsigned long index; 3525 unsigned long next; 3526 3527 index = lba_to_map_index(lba); 3528 mapped = test_bit(index, sip->map_storep); 3529 3530 if (mapped) 3531 next = find_next_zero_bit(sip->map_storep, map_size, index); 3532 else 3533 next = find_next_bit(sip->map_storep, map_size, index); 3534 3535 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next)); 3536 *num = end - lba; 3537 return mapped; 3538 } 3539 3540 static void map_region(struct sdeb_store_info *sip, sector_t lba, 3541 unsigned int len) 3542 { 3543 sector_t end = lba + len; 3544 3545 while (lba < end) { 3546 unsigned long index = lba_to_map_index(lba); 3547 3548 if (index < map_size) 3549 set_bit(index, sip->map_storep); 3550 3551 lba = map_index_to_lba(index + 1); 3552 } 3553 } 3554 3555 static void unmap_region(struct sdeb_store_info *sip, sector_t lba, 3556 unsigned int len) 3557 { 3558 sector_t end = lba + len; 3559 u8 *fsp = sip->storep; 3560 3561 while (lba < end) { 3562 unsigned long index = lba_to_map_index(lba); 3563 3564 if (lba == map_index_to_lba(index) && 3565 lba + sdebug_unmap_granularity <= end && 3566 index < map_size) { 3567 clear_bit(index, sip->map_storep); 3568 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */ 3569 memset(fsp + lba * sdebug_sector_size, 3570 (sdebug_lbprz & 1) ? 0 : 0xff, 3571 sdebug_sector_size * 3572 sdebug_unmap_granularity); 3573 } 3574 if (sip->dif_storep) { 3575 memset(sip->dif_storep + lba, 0xff, 3576 sizeof(*sip->dif_storep) * 3577 sdebug_unmap_granularity); 3578 } 3579 } 3580 lba = map_index_to_lba(index + 1); 3581 } 3582 } 3583 3584 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3585 { 3586 bool check_prot; 3587 u32 num; 3588 u32 ei_lba; 3589 int ret; 3590 u64 lba; 3591 struct sdeb_store_info *sip = devip2sip(devip, true); 3592 u8 *cmd = scp->cmnd; 3593 3594 switch (cmd[0]) { 3595 case WRITE_16: 3596 ei_lba = 0; 3597 lba = get_unaligned_be64(cmd + 2); 3598 num = get_unaligned_be32(cmd + 10); 3599 check_prot = true; 3600 break; 3601 case WRITE_10: 3602 ei_lba = 0; 3603 lba = get_unaligned_be32(cmd + 2); 3604 num = get_unaligned_be16(cmd + 7); 3605 check_prot = true; 3606 break; 3607 case WRITE_6: 3608 ei_lba = 0; 3609 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 3610 (u32)(cmd[1] & 0x1f) << 16; 3611 num = (0 == cmd[4]) ? 256 : cmd[4]; 3612 check_prot = true; 3613 break; 3614 case WRITE_12: 3615 ei_lba = 0; 3616 lba = get_unaligned_be32(cmd + 2); 3617 num = get_unaligned_be32(cmd + 6); 3618 check_prot = true; 3619 break; 3620 case 0x53: /* XDWRITEREAD(10) */ 3621 ei_lba = 0; 3622 lba = get_unaligned_be32(cmd + 2); 3623 num = get_unaligned_be16(cmd + 7); 3624 check_prot = false; 3625 break; 3626 default: /* assume WRITE(32) */ 3627 lba = get_unaligned_be64(cmd + 12); 3628 ei_lba = get_unaligned_be32(cmd + 20); 3629 num = get_unaligned_be32(cmd + 28); 3630 check_prot = false; 3631 break; 3632 } 3633 if (unlikely(have_dif_prot && check_prot)) { 3634 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3635 (cmd[1] & 0xe0)) { 3636 mk_sense_invalid_opcode(scp); 3637 return check_condition_result; 3638 } 3639 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3640 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3641 (cmd[1] & 0xe0) == 0) 3642 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 3643 "to DIF device\n"); 3644 } 3645 3646 sdeb_write_lock(sip); 3647 ret = check_device_access_params(scp, lba, num, true); 3648 if (ret) { 3649 sdeb_write_unlock(sip); 3650 return ret; 3651 } 3652 3653 /* DIX + T10 DIF */ 3654 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3655 switch (prot_verify_write(scp, lba, num, ei_lba)) { 3656 case 1: /* Guard tag error */ 3657 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) { 3658 sdeb_write_unlock(sip); 3659 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3660 return illegal_condition_result; 3661 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */ 3662 sdeb_write_unlock(sip); 3663 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3664 return check_condition_result; 3665 } 3666 break; 3667 case 3: /* Reference tag error */ 3668 if (scp->prot_flags & SCSI_PROT_REF_CHECK) { 3669 sdeb_write_unlock(sip); 3670 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3); 3671 return illegal_condition_result; 3672 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */ 3673 sdeb_write_unlock(sip); 3674 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3); 3675 return check_condition_result; 3676 } 3677 break; 3678 } 3679 } 3680 3681 ret = do_device_access(sip, scp, 0, lba, num, true); 3682 if (unlikely(scsi_debug_lbp())) 3683 map_region(sip, lba, num); 3684 /* If ZBC zone then bump its write pointer */ 3685 if (sdebug_dev_is_zoned(devip)) 3686 zbc_inc_wp(devip, lba, num); 3687 sdeb_write_unlock(sip); 3688 if (unlikely(-1 == ret)) 3689 return DID_ERROR << 16; 3690 else if (unlikely(sdebug_verbose && 3691 (ret < (num * sdebug_sector_size)))) 3692 sdev_printk(KERN_INFO, scp->device, 3693 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 3694 my_name, num * sdebug_sector_size, ret); 3695 3696 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 3697 atomic_read(&sdeb_inject_pending))) { 3698 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 3699 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 3700 atomic_set(&sdeb_inject_pending, 0); 3701 return check_condition_result; 3702 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 3703 /* Logical block guard check failed */ 3704 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3705 atomic_set(&sdeb_inject_pending, 0); 3706 return illegal_condition_result; 3707 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) { 3708 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3709 atomic_set(&sdeb_inject_pending, 0); 3710 return illegal_condition_result; 3711 } 3712 } 3713 return 0; 3714 } 3715 3716 /* 3717 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32). 3718 * No READ GATHERED yet (requires bidi or long cdb holding gather list). 3719 */ 3720 static int resp_write_scat(struct scsi_cmnd *scp, 3721 struct sdebug_dev_info *devip) 3722 { 3723 u8 *cmd = scp->cmnd; 3724 u8 *lrdp = NULL; 3725 u8 *up; 3726 struct sdeb_store_info *sip = devip2sip(devip, true); 3727 u8 wrprotect; 3728 u16 lbdof, num_lrd, k; 3729 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb; 3730 u32 lb_size = sdebug_sector_size; 3731 u32 ei_lba; 3732 u64 lba; 3733 int ret, res; 3734 bool is_16; 3735 static const u32 lrd_size = 32; /* + parameter list header size */ 3736 3737 if (cmd[0] == VARIABLE_LENGTH_CMD) { 3738 is_16 = false; 3739 wrprotect = (cmd[10] >> 5) & 0x7; 3740 lbdof = get_unaligned_be16(cmd + 12); 3741 num_lrd = get_unaligned_be16(cmd + 16); 3742 bt_len = get_unaligned_be32(cmd + 28); 3743 } else { /* that leaves WRITE SCATTERED(16) */ 3744 is_16 = true; 3745 wrprotect = (cmd[2] >> 5) & 0x7; 3746 lbdof = get_unaligned_be16(cmd + 4); 3747 num_lrd = get_unaligned_be16(cmd + 8); 3748 bt_len = get_unaligned_be32(cmd + 10); 3749 if (unlikely(have_dif_prot)) { 3750 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3751 wrprotect) { 3752 mk_sense_invalid_opcode(scp); 3753 return illegal_condition_result; 3754 } 3755 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3756 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3757 wrprotect == 0) 3758 sdev_printk(KERN_ERR, scp->device, 3759 "Unprotected WR to DIF device\n"); 3760 } 3761 } 3762 if ((num_lrd == 0) || (bt_len == 0)) 3763 return 0; /* T10 says these do-nothings are not errors */ 3764 if (lbdof == 0) { 3765 if (sdebug_verbose) 3766 sdev_printk(KERN_INFO, scp->device, 3767 "%s: %s: LB Data Offset field bad\n", 3768 my_name, __func__); 3769 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3770 return illegal_condition_result; 3771 } 3772 lbdof_blen = lbdof * lb_size; 3773 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) { 3774 if (sdebug_verbose) 3775 sdev_printk(KERN_INFO, scp->device, 3776 "%s: %s: LBA range descriptors don't fit\n", 3777 my_name, __func__); 3778 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3779 return illegal_condition_result; 3780 } 3781 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN); 3782 if (lrdp == NULL) 3783 return SCSI_MLQUEUE_HOST_BUSY; 3784 if (sdebug_verbose) 3785 sdev_printk(KERN_INFO, scp->device, 3786 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n", 3787 my_name, __func__, lbdof_blen); 3788 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen); 3789 if (res == -1) { 3790 ret = DID_ERROR << 16; 3791 goto err_out; 3792 } 3793 3794 sdeb_write_lock(sip); 3795 sg_off = lbdof_blen; 3796 /* Spec says Buffer xfer Length field in number of LBs in dout */ 3797 cum_lb = 0; 3798 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) { 3799 lba = get_unaligned_be64(up + 0); 3800 num = get_unaligned_be32(up + 8); 3801 if (sdebug_verbose) 3802 sdev_printk(KERN_INFO, scp->device, 3803 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n", 3804 my_name, __func__, k, lba, num, sg_off); 3805 if (num == 0) 3806 continue; 3807 ret = check_device_access_params(scp, lba, num, true); 3808 if (ret) 3809 goto err_out_unlock; 3810 num_by = num * lb_size; 3811 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12); 3812 3813 if ((cum_lb + num) > bt_len) { 3814 if (sdebug_verbose) 3815 sdev_printk(KERN_INFO, scp->device, 3816 "%s: %s: sum of blocks > data provided\n", 3817 my_name, __func__); 3818 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC, 3819 0); 3820 ret = illegal_condition_result; 3821 goto err_out_unlock; 3822 } 3823 3824 /* DIX + T10 DIF */ 3825 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3826 int prot_ret = prot_verify_write(scp, lba, num, 3827 ei_lba); 3828 3829 if (prot_ret) { 3830 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3831 prot_ret); 3832 ret = illegal_condition_result; 3833 goto err_out_unlock; 3834 } 3835 } 3836 3837 ret = do_device_access(sip, scp, sg_off, lba, num, true); 3838 /* If ZBC zone then bump its write pointer */ 3839 if (sdebug_dev_is_zoned(devip)) 3840 zbc_inc_wp(devip, lba, num); 3841 if (unlikely(scsi_debug_lbp())) 3842 map_region(sip, lba, num); 3843 if (unlikely(-1 == ret)) { 3844 ret = DID_ERROR << 16; 3845 goto err_out_unlock; 3846 } else if (unlikely(sdebug_verbose && (ret < num_by))) 3847 sdev_printk(KERN_INFO, scp->device, 3848 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 3849 my_name, num_by, ret); 3850 3851 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 3852 atomic_read(&sdeb_inject_pending))) { 3853 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 3854 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 3855 atomic_set(&sdeb_inject_pending, 0); 3856 ret = check_condition_result; 3857 goto err_out_unlock; 3858 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 3859 /* Logical block guard check failed */ 3860 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3861 atomic_set(&sdeb_inject_pending, 0); 3862 ret = illegal_condition_result; 3863 goto err_out_unlock; 3864 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) { 3865 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3866 atomic_set(&sdeb_inject_pending, 0); 3867 ret = illegal_condition_result; 3868 goto err_out_unlock; 3869 } 3870 } 3871 sg_off += num_by; 3872 cum_lb += num; 3873 } 3874 ret = 0; 3875 err_out_unlock: 3876 sdeb_write_unlock(sip); 3877 err_out: 3878 kfree(lrdp); 3879 return ret; 3880 } 3881 3882 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, 3883 u32 ei_lba, bool unmap, bool ndob) 3884 { 3885 struct scsi_device *sdp = scp->device; 3886 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 3887 unsigned long long i; 3888 u64 block, lbaa; 3889 u32 lb_size = sdebug_sector_size; 3890 int ret; 3891 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 3892 scp->device->hostdata, true); 3893 u8 *fs1p; 3894 u8 *fsp; 3895 3896 sdeb_write_lock(sip); 3897 3898 ret = check_device_access_params(scp, lba, num, true); 3899 if (ret) { 3900 sdeb_write_unlock(sip); 3901 return ret; 3902 } 3903 3904 if (unmap && scsi_debug_lbp()) { 3905 unmap_region(sip, lba, num); 3906 goto out; 3907 } 3908 lbaa = lba; 3909 block = do_div(lbaa, sdebug_store_sectors); 3910 /* if ndob then zero 1 logical block, else fetch 1 logical block */ 3911 fsp = sip->storep; 3912 fs1p = fsp + (block * lb_size); 3913 if (ndob) { 3914 memset(fs1p, 0, lb_size); 3915 ret = 0; 3916 } else 3917 ret = fetch_to_dev_buffer(scp, fs1p, lb_size); 3918 3919 if (-1 == ret) { 3920 sdeb_write_unlock(sip); 3921 return DID_ERROR << 16; 3922 } else if (sdebug_verbose && !ndob && (ret < lb_size)) 3923 sdev_printk(KERN_INFO, scp->device, 3924 "%s: %s: lb size=%u, IO sent=%d bytes\n", 3925 my_name, "write same", lb_size, ret); 3926 3927 /* Copy first sector to remaining blocks */ 3928 for (i = 1 ; i < num ; i++) { 3929 lbaa = lba + i; 3930 block = do_div(lbaa, sdebug_store_sectors); 3931 memmove(fsp + (block * lb_size), fs1p, lb_size); 3932 } 3933 if (scsi_debug_lbp()) 3934 map_region(sip, lba, num); 3935 /* If ZBC zone then bump its write pointer */ 3936 if (sdebug_dev_is_zoned(devip)) 3937 zbc_inc_wp(devip, lba, num); 3938 out: 3939 sdeb_write_unlock(sip); 3940 3941 return 0; 3942 } 3943 3944 static int resp_write_same_10(struct scsi_cmnd *scp, 3945 struct sdebug_dev_info *devip) 3946 { 3947 u8 *cmd = scp->cmnd; 3948 u32 lba; 3949 u16 num; 3950 u32 ei_lba = 0; 3951 bool unmap = false; 3952 3953 if (cmd[1] & 0x8) { 3954 if (sdebug_lbpws10 == 0) { 3955 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3956 return check_condition_result; 3957 } else 3958 unmap = true; 3959 } 3960 lba = get_unaligned_be32(cmd + 2); 3961 num = get_unaligned_be16(cmd + 7); 3962 if (num > sdebug_write_same_length) { 3963 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 3964 return check_condition_result; 3965 } 3966 return resp_write_same(scp, lba, num, ei_lba, unmap, false); 3967 } 3968 3969 static int resp_write_same_16(struct scsi_cmnd *scp, 3970 struct sdebug_dev_info *devip) 3971 { 3972 u8 *cmd = scp->cmnd; 3973 u64 lba; 3974 u32 num; 3975 u32 ei_lba = 0; 3976 bool unmap = false; 3977 bool ndob = false; 3978 3979 if (cmd[1] & 0x8) { /* UNMAP */ 3980 if (sdebug_lbpws == 0) { 3981 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3982 return check_condition_result; 3983 } else 3984 unmap = true; 3985 } 3986 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */ 3987 ndob = true; 3988 lba = get_unaligned_be64(cmd + 2); 3989 num = get_unaligned_be32(cmd + 10); 3990 if (num > sdebug_write_same_length) { 3991 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1); 3992 return check_condition_result; 3993 } 3994 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob); 3995 } 3996 3997 /* Note the mode field is in the same position as the (lower) service action 3998 * field. For the Report supported operation codes command, SPC-4 suggests 3999 * each mode of this command should be reported separately; for future. */ 4000 static int resp_write_buffer(struct scsi_cmnd *scp, 4001 struct sdebug_dev_info *devip) 4002 { 4003 u8 *cmd = scp->cmnd; 4004 struct scsi_device *sdp = scp->device; 4005 struct sdebug_dev_info *dp; 4006 u8 mode; 4007 4008 mode = cmd[1] & 0x1f; 4009 switch (mode) { 4010 case 0x4: /* download microcode (MC) and activate (ACT) */ 4011 /* set UAs on this device only */ 4012 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 4013 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm); 4014 break; 4015 case 0x5: /* download MC, save and ACT */ 4016 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm); 4017 break; 4018 case 0x6: /* download MC with offsets and ACT */ 4019 /* set UAs on most devices (LUs) in this target */ 4020 list_for_each_entry(dp, 4021 &devip->sdbg_host->dev_info_list, 4022 dev_list) 4023 if (dp->target == sdp->id) { 4024 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm); 4025 if (devip != dp) 4026 set_bit(SDEBUG_UA_MICROCODE_CHANGED, 4027 dp->uas_bm); 4028 } 4029 break; 4030 case 0x7: /* download MC with offsets, save, and ACT */ 4031 /* set UA on all devices (LUs) in this target */ 4032 list_for_each_entry(dp, 4033 &devip->sdbg_host->dev_info_list, 4034 dev_list) 4035 if (dp->target == sdp->id) 4036 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, 4037 dp->uas_bm); 4038 break; 4039 default: 4040 /* do nothing for this command for other mode values */ 4041 break; 4042 } 4043 return 0; 4044 } 4045 4046 static int resp_comp_write(struct scsi_cmnd *scp, 4047 struct sdebug_dev_info *devip) 4048 { 4049 u8 *cmd = scp->cmnd; 4050 u8 *arr; 4051 struct sdeb_store_info *sip = devip2sip(devip, true); 4052 u64 lba; 4053 u32 dnum; 4054 u32 lb_size = sdebug_sector_size; 4055 u8 num; 4056 int ret; 4057 int retval = 0; 4058 4059 lba = get_unaligned_be64(cmd + 2); 4060 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */ 4061 if (0 == num) 4062 return 0; /* degenerate case, not an error */ 4063 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 4064 (cmd[1] & 0xe0)) { 4065 mk_sense_invalid_opcode(scp); 4066 return check_condition_result; 4067 } 4068 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 4069 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 4070 (cmd[1] & 0xe0) == 0) 4071 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 4072 "to DIF device\n"); 4073 ret = check_device_access_params(scp, lba, num, false); 4074 if (ret) 4075 return ret; 4076 dnum = 2 * num; 4077 arr = kcalloc(lb_size, dnum, GFP_ATOMIC); 4078 if (NULL == arr) { 4079 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4080 INSUFF_RES_ASCQ); 4081 return check_condition_result; 4082 } 4083 4084 sdeb_write_lock(sip); 4085 4086 ret = do_dout_fetch(scp, dnum, arr); 4087 if (ret == -1) { 4088 retval = DID_ERROR << 16; 4089 goto cleanup; 4090 } else if (sdebug_verbose && (ret < (dnum * lb_size))) 4091 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb " 4092 "indicated=%u, IO sent=%d bytes\n", my_name, 4093 dnum * lb_size, ret); 4094 if (!comp_write_worker(sip, lba, num, arr, false)) { 4095 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 4096 retval = check_condition_result; 4097 goto cleanup; 4098 } 4099 if (scsi_debug_lbp()) 4100 map_region(sip, lba, num); 4101 cleanup: 4102 sdeb_write_unlock(sip); 4103 kfree(arr); 4104 return retval; 4105 } 4106 4107 struct unmap_block_desc { 4108 __be64 lba; 4109 __be32 blocks; 4110 __be32 __reserved; 4111 }; 4112 4113 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4114 { 4115 unsigned char *buf; 4116 struct unmap_block_desc *desc; 4117 struct sdeb_store_info *sip = devip2sip(devip, true); 4118 unsigned int i, payload_len, descriptors; 4119 int ret; 4120 4121 if (!scsi_debug_lbp()) 4122 return 0; /* fib and say its done */ 4123 payload_len = get_unaligned_be16(scp->cmnd + 7); 4124 BUG_ON(scsi_bufflen(scp) != payload_len); 4125 4126 descriptors = (payload_len - 8) / 16; 4127 if (descriptors > sdebug_unmap_max_desc) { 4128 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 4129 return check_condition_result; 4130 } 4131 4132 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 4133 if (!buf) { 4134 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4135 INSUFF_RES_ASCQ); 4136 return check_condition_result; 4137 } 4138 4139 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 4140 4141 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2); 4142 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16); 4143 4144 desc = (void *)&buf[8]; 4145 4146 sdeb_write_lock(sip); 4147 4148 for (i = 0 ; i < descriptors ; i++) { 4149 unsigned long long lba = get_unaligned_be64(&desc[i].lba); 4150 unsigned int num = get_unaligned_be32(&desc[i].blocks); 4151 4152 ret = check_device_access_params(scp, lba, num, true); 4153 if (ret) 4154 goto out; 4155 4156 unmap_region(sip, lba, num); 4157 } 4158 4159 ret = 0; 4160 4161 out: 4162 sdeb_write_unlock(sip); 4163 kfree(buf); 4164 4165 return ret; 4166 } 4167 4168 #define SDEBUG_GET_LBA_STATUS_LEN 32 4169 4170 static int resp_get_lba_status(struct scsi_cmnd *scp, 4171 struct sdebug_dev_info *devip) 4172 { 4173 u8 *cmd = scp->cmnd; 4174 u64 lba; 4175 u32 alloc_len, mapped, num; 4176 int ret; 4177 u8 arr[SDEBUG_GET_LBA_STATUS_LEN]; 4178 4179 lba = get_unaligned_be64(cmd + 2); 4180 alloc_len = get_unaligned_be32(cmd + 10); 4181 4182 if (alloc_len < 24) 4183 return 0; 4184 4185 ret = check_device_access_params(scp, lba, 1, false); 4186 if (ret) 4187 return ret; 4188 4189 if (scsi_debug_lbp()) { 4190 struct sdeb_store_info *sip = devip2sip(devip, true); 4191 4192 mapped = map_state(sip, lba, &num); 4193 } else { 4194 mapped = 1; 4195 /* following just in case virtual_gb changed */ 4196 sdebug_capacity = get_sdebug_capacity(); 4197 if (sdebug_capacity - lba <= 0xffffffff) 4198 num = sdebug_capacity - lba; 4199 else 4200 num = 0xffffffff; 4201 } 4202 4203 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN); 4204 put_unaligned_be32(20, arr); /* Parameter Data Length */ 4205 put_unaligned_be64(lba, arr + 8); /* LBA */ 4206 put_unaligned_be32(num, arr + 16); /* Number of blocks */ 4207 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */ 4208 4209 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN); 4210 } 4211 4212 static int resp_sync_cache(struct scsi_cmnd *scp, 4213 struct sdebug_dev_info *devip) 4214 { 4215 int res = 0; 4216 u64 lba; 4217 u32 num_blocks; 4218 u8 *cmd = scp->cmnd; 4219 4220 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */ 4221 lba = get_unaligned_be32(cmd + 2); 4222 num_blocks = get_unaligned_be16(cmd + 7); 4223 } else { /* SYNCHRONIZE_CACHE(16) */ 4224 lba = get_unaligned_be64(cmd + 2); 4225 num_blocks = get_unaligned_be32(cmd + 10); 4226 } 4227 if (lba + num_blocks > sdebug_capacity) { 4228 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4229 return check_condition_result; 4230 } 4231 if (!write_since_sync || (cmd[1] & 0x2)) 4232 res = SDEG_RES_IMMED_MASK; 4233 else /* delay if write_since_sync and IMMED clear */ 4234 write_since_sync = false; 4235 return res; 4236 } 4237 4238 /* 4239 * Assuming the LBA+num_blocks is not out-of-range, this function will return 4240 * CONDITION MET if the specified blocks will/have fitted in the cache, and 4241 * a GOOD status otherwise. Model a disk with a big cache and yield 4242 * CONDITION MET. Actually tries to bring range in main memory into the 4243 * cache associated with the CPU(s). 4244 */ 4245 static int resp_pre_fetch(struct scsi_cmnd *scp, 4246 struct sdebug_dev_info *devip) 4247 { 4248 int res = 0; 4249 u64 lba; 4250 u64 block, rest = 0; 4251 u32 nblks; 4252 u8 *cmd = scp->cmnd; 4253 struct sdeb_store_info *sip = devip2sip(devip, true); 4254 u8 *fsp = sip->storep; 4255 4256 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */ 4257 lba = get_unaligned_be32(cmd + 2); 4258 nblks = get_unaligned_be16(cmd + 7); 4259 } else { /* PRE-FETCH(16) */ 4260 lba = get_unaligned_be64(cmd + 2); 4261 nblks = get_unaligned_be32(cmd + 10); 4262 } 4263 if (lba + nblks > sdebug_capacity) { 4264 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4265 return check_condition_result; 4266 } 4267 if (!fsp) 4268 goto fini; 4269 /* PRE-FETCH spec says nothing about LBP or PI so skip them */ 4270 block = do_div(lba, sdebug_store_sectors); 4271 if (block + nblks > sdebug_store_sectors) 4272 rest = block + nblks - sdebug_store_sectors; 4273 4274 /* Try to bring the PRE-FETCH range into CPU's cache */ 4275 sdeb_read_lock(sip); 4276 prefetch_range(fsp + (sdebug_sector_size * block), 4277 (nblks - rest) * sdebug_sector_size); 4278 if (rest) 4279 prefetch_range(fsp, rest * sdebug_sector_size); 4280 sdeb_read_unlock(sip); 4281 fini: 4282 if (cmd[1] & 0x2) 4283 res = SDEG_RES_IMMED_MASK; 4284 return res | condition_met_result; 4285 } 4286 4287 #define RL_BUCKET_ELEMS 8 4288 4289 /* Even though each pseudo target has a REPORT LUNS "well known logical unit" 4290 * (W-LUN), the normal Linux scanning logic does not associate it with a 4291 * device (e.g. /dev/sg7). The following magic will make that association: 4292 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan" 4293 * where <n> is a host number. If there are multiple targets in a host then 4294 * the above will associate a W-LUN to each target. To only get a W-LUN 4295 * for target 2, then use "echo '- 2 49409' > scan" . 4296 */ 4297 static int resp_report_luns(struct scsi_cmnd *scp, 4298 struct sdebug_dev_info *devip) 4299 { 4300 unsigned char *cmd = scp->cmnd; 4301 unsigned int alloc_len; 4302 unsigned char select_report; 4303 u64 lun; 4304 struct scsi_lun *lun_p; 4305 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)]; 4306 unsigned int lun_cnt; /* normal LUN count (max: 256) */ 4307 unsigned int wlun_cnt; /* report luns W-LUN count */ 4308 unsigned int tlun_cnt; /* total LUN count */ 4309 unsigned int rlen; /* response length (in bytes) */ 4310 int k, j, n, res; 4311 unsigned int off_rsp = 0; 4312 const int sz_lun = sizeof(struct scsi_lun); 4313 4314 clear_luns_changed_on_target(devip); 4315 4316 select_report = cmd[2]; 4317 alloc_len = get_unaligned_be32(cmd + 6); 4318 4319 if (alloc_len < 4) { 4320 pr_err("alloc len too small %d\n", alloc_len); 4321 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 4322 return check_condition_result; 4323 } 4324 4325 switch (select_report) { 4326 case 0: /* all LUNs apart from W-LUNs */ 4327 lun_cnt = sdebug_max_luns; 4328 wlun_cnt = 0; 4329 break; 4330 case 1: /* only W-LUNs */ 4331 lun_cnt = 0; 4332 wlun_cnt = 1; 4333 break; 4334 case 2: /* all LUNs */ 4335 lun_cnt = sdebug_max_luns; 4336 wlun_cnt = 1; 4337 break; 4338 case 0x10: /* only administrative LUs */ 4339 case 0x11: /* see SPC-5 */ 4340 case 0x12: /* only subsiduary LUs owned by referenced LU */ 4341 default: 4342 pr_debug("select report invalid %d\n", select_report); 4343 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 4344 return check_condition_result; 4345 } 4346 4347 if (sdebug_no_lun_0 && (lun_cnt > 0)) 4348 --lun_cnt; 4349 4350 tlun_cnt = lun_cnt + wlun_cnt; 4351 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */ 4352 scsi_set_resid(scp, scsi_bufflen(scp)); 4353 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n", 4354 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0); 4355 4356 /* loops rely on sizeof response header same as sizeof lun (both 8) */ 4357 lun = sdebug_no_lun_0 ? 1 : 0; 4358 for (k = 0, j = 0, res = 0; true; ++k, j = 0) { 4359 memset(arr, 0, sizeof(arr)); 4360 lun_p = (struct scsi_lun *)&arr[0]; 4361 if (k == 0) { 4362 put_unaligned_be32(rlen, &arr[0]); 4363 ++lun_p; 4364 j = 1; 4365 } 4366 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) { 4367 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt) 4368 break; 4369 int_to_scsilun(lun++, lun_p); 4370 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT) 4371 lun_p->scsi_lun[0] |= 0x40; 4372 } 4373 if (j < RL_BUCKET_ELEMS) 4374 break; 4375 n = j * sz_lun; 4376 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp); 4377 if (res) 4378 return res; 4379 off_rsp += n; 4380 } 4381 if (wlun_cnt) { 4382 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p); 4383 ++j; 4384 } 4385 if (j > 0) 4386 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp); 4387 return res; 4388 } 4389 4390 static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4391 { 4392 bool is_bytchk3 = false; 4393 u8 bytchk; 4394 int ret, j; 4395 u32 vnum, a_num, off; 4396 const u32 lb_size = sdebug_sector_size; 4397 u64 lba; 4398 u8 *arr; 4399 u8 *cmd = scp->cmnd; 4400 struct sdeb_store_info *sip = devip2sip(devip, true); 4401 4402 bytchk = (cmd[1] >> 1) & 0x3; 4403 if (bytchk == 0) { 4404 return 0; /* always claim internal verify okay */ 4405 } else if (bytchk == 2) { 4406 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 4407 return check_condition_result; 4408 } else if (bytchk == 3) { 4409 is_bytchk3 = true; /* 1 block sent, compared repeatedly */ 4410 } 4411 switch (cmd[0]) { 4412 case VERIFY_16: 4413 lba = get_unaligned_be64(cmd + 2); 4414 vnum = get_unaligned_be32(cmd + 10); 4415 break; 4416 case VERIFY: /* is VERIFY(10) */ 4417 lba = get_unaligned_be32(cmd + 2); 4418 vnum = get_unaligned_be16(cmd + 7); 4419 break; 4420 default: 4421 mk_sense_invalid_opcode(scp); 4422 return check_condition_result; 4423 } 4424 if (vnum == 0) 4425 return 0; /* not an error */ 4426 a_num = is_bytchk3 ? 1 : vnum; 4427 /* Treat following check like one for read (i.e. no write) access */ 4428 ret = check_device_access_params(scp, lba, a_num, false); 4429 if (ret) 4430 return ret; 4431 4432 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN); 4433 if (!arr) { 4434 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4435 INSUFF_RES_ASCQ); 4436 return check_condition_result; 4437 } 4438 /* Not changing store, so only need read access */ 4439 sdeb_read_lock(sip); 4440 4441 ret = do_dout_fetch(scp, a_num, arr); 4442 if (ret == -1) { 4443 ret = DID_ERROR << 16; 4444 goto cleanup; 4445 } else if (sdebug_verbose && (ret < (a_num * lb_size))) { 4446 sdev_printk(KERN_INFO, scp->device, 4447 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n", 4448 my_name, __func__, a_num * lb_size, ret); 4449 } 4450 if (is_bytchk3) { 4451 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size) 4452 memcpy(arr + off, arr, lb_size); 4453 } 4454 ret = 0; 4455 if (!comp_write_worker(sip, lba, vnum, arr, true)) { 4456 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 4457 ret = check_condition_result; 4458 goto cleanup; 4459 } 4460 cleanup: 4461 sdeb_read_unlock(sip); 4462 kfree(arr); 4463 return ret; 4464 } 4465 4466 #define RZONES_DESC_HD 64 4467 4468 /* Report zones depending on start LBA and reporting options */ 4469 static int resp_report_zones(struct scsi_cmnd *scp, 4470 struct sdebug_dev_info *devip) 4471 { 4472 unsigned int rep_max_zones, nrz = 0; 4473 int ret = 0; 4474 u32 alloc_len, rep_opts, rep_len; 4475 bool partial; 4476 u64 lba, zs_lba; 4477 u8 *arr = NULL, *desc; 4478 u8 *cmd = scp->cmnd; 4479 struct sdeb_zone_state *zsp = NULL; 4480 struct sdeb_store_info *sip = devip2sip(devip, false); 4481 4482 if (!sdebug_dev_is_zoned(devip)) { 4483 mk_sense_invalid_opcode(scp); 4484 return check_condition_result; 4485 } 4486 zs_lba = get_unaligned_be64(cmd + 2); 4487 alloc_len = get_unaligned_be32(cmd + 10); 4488 if (alloc_len == 0) 4489 return 0; /* not an error */ 4490 rep_opts = cmd[14] & 0x3f; 4491 partial = cmd[14] & 0x80; 4492 4493 if (zs_lba >= sdebug_capacity) { 4494 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4495 return check_condition_result; 4496 } 4497 4498 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD); 4499 4500 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN); 4501 if (!arr) { 4502 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4503 INSUFF_RES_ASCQ); 4504 return check_condition_result; 4505 } 4506 4507 sdeb_read_lock(sip); 4508 4509 desc = arr + 64; 4510 for (lba = zs_lba; lba < sdebug_capacity; 4511 lba = zsp->z_start + zsp->z_size) { 4512 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba)) 4513 break; 4514 zsp = zbc_zone(devip, lba); 4515 switch (rep_opts) { 4516 case 0x00: 4517 /* All zones */ 4518 break; 4519 case 0x01: 4520 /* Empty zones */ 4521 if (zsp->z_cond != ZC1_EMPTY) 4522 continue; 4523 break; 4524 case 0x02: 4525 /* Implicit open zones */ 4526 if (zsp->z_cond != ZC2_IMPLICIT_OPEN) 4527 continue; 4528 break; 4529 case 0x03: 4530 /* Explicit open zones */ 4531 if (zsp->z_cond != ZC3_EXPLICIT_OPEN) 4532 continue; 4533 break; 4534 case 0x04: 4535 /* Closed zones */ 4536 if (zsp->z_cond != ZC4_CLOSED) 4537 continue; 4538 break; 4539 case 0x05: 4540 /* Full zones */ 4541 if (zsp->z_cond != ZC5_FULL) 4542 continue; 4543 break; 4544 case 0x06: 4545 case 0x07: 4546 case 0x10: 4547 /* 4548 * Read-only, offline, reset WP recommended are 4549 * not emulated: no zones to report; 4550 */ 4551 continue; 4552 case 0x11: 4553 /* non-seq-resource set */ 4554 if (!zsp->z_non_seq_resource) 4555 continue; 4556 break; 4557 case 0x3e: 4558 /* All zones except gap zones. */ 4559 if (zbc_zone_is_gap(zsp)) 4560 continue; 4561 break; 4562 case 0x3f: 4563 /* Not write pointer (conventional) zones */ 4564 if (zbc_zone_is_seq(zsp)) 4565 continue; 4566 break; 4567 default: 4568 mk_sense_buffer(scp, ILLEGAL_REQUEST, 4569 INVALID_FIELD_IN_CDB, 0); 4570 ret = check_condition_result; 4571 goto fini; 4572 } 4573 4574 if (nrz < rep_max_zones) { 4575 /* Fill zone descriptor */ 4576 desc[0] = zsp->z_type; 4577 desc[1] = zsp->z_cond << 4; 4578 if (zsp->z_non_seq_resource) 4579 desc[1] |= 1 << 1; 4580 put_unaligned_be64((u64)zsp->z_size, desc + 8); 4581 put_unaligned_be64((u64)zsp->z_start, desc + 16); 4582 put_unaligned_be64((u64)zsp->z_wp, desc + 24); 4583 desc += 64; 4584 } 4585 4586 if (partial && nrz >= rep_max_zones) 4587 break; 4588 4589 nrz++; 4590 } 4591 4592 /* Report header */ 4593 /* Zone list length. */ 4594 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0); 4595 /* Maximum LBA */ 4596 put_unaligned_be64(sdebug_capacity - 1, arr + 8); 4597 /* Zone starting LBA granularity. */ 4598 if (devip->zcap < devip->zsize) 4599 put_unaligned_be64(devip->zsize, arr + 16); 4600 4601 rep_len = (unsigned long)desc - (unsigned long)arr; 4602 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len)); 4603 4604 fini: 4605 sdeb_read_unlock(sip); 4606 kfree(arr); 4607 return ret; 4608 } 4609 4610 /* Logic transplanted from tcmu-runner, file_zbc.c */ 4611 static void zbc_open_all(struct sdebug_dev_info *devip) 4612 { 4613 struct sdeb_zone_state *zsp = &devip->zstate[0]; 4614 unsigned int i; 4615 4616 for (i = 0; i < devip->nr_zones; i++, zsp++) { 4617 if (zsp->z_cond == ZC4_CLOSED) 4618 zbc_open_zone(devip, &devip->zstate[i], true); 4619 } 4620 } 4621 4622 static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4623 { 4624 int res = 0; 4625 u64 z_id; 4626 enum sdebug_z_cond zc; 4627 u8 *cmd = scp->cmnd; 4628 struct sdeb_zone_state *zsp; 4629 bool all = cmd[14] & 0x01; 4630 struct sdeb_store_info *sip = devip2sip(devip, false); 4631 4632 if (!sdebug_dev_is_zoned(devip)) { 4633 mk_sense_invalid_opcode(scp); 4634 return check_condition_result; 4635 } 4636 4637 sdeb_write_lock(sip); 4638 4639 if (all) { 4640 /* Check if all closed zones can be open */ 4641 if (devip->max_open && 4642 devip->nr_exp_open + devip->nr_closed > devip->max_open) { 4643 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC, 4644 INSUFF_ZONE_ASCQ); 4645 res = check_condition_result; 4646 goto fini; 4647 } 4648 /* Open all closed zones */ 4649 zbc_open_all(devip); 4650 goto fini; 4651 } 4652 4653 /* Open the specified zone */ 4654 z_id = get_unaligned_be64(cmd + 2); 4655 if (z_id >= sdebug_capacity) { 4656 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4657 res = check_condition_result; 4658 goto fini; 4659 } 4660 4661 zsp = zbc_zone(devip, z_id); 4662 if (z_id != zsp->z_start) { 4663 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4664 res = check_condition_result; 4665 goto fini; 4666 } 4667 if (zbc_zone_is_conv(zsp)) { 4668 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4669 res = check_condition_result; 4670 goto fini; 4671 } 4672 4673 zc = zsp->z_cond; 4674 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL) 4675 goto fini; 4676 4677 if (devip->max_open && devip->nr_exp_open >= devip->max_open) { 4678 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC, 4679 INSUFF_ZONE_ASCQ); 4680 res = check_condition_result; 4681 goto fini; 4682 } 4683 4684 zbc_open_zone(devip, zsp, true); 4685 fini: 4686 sdeb_write_unlock(sip); 4687 return res; 4688 } 4689 4690 static void zbc_close_all(struct sdebug_dev_info *devip) 4691 { 4692 unsigned int i; 4693 4694 for (i = 0; i < devip->nr_zones; i++) 4695 zbc_close_zone(devip, &devip->zstate[i]); 4696 } 4697 4698 static int resp_close_zone(struct scsi_cmnd *scp, 4699 struct sdebug_dev_info *devip) 4700 { 4701 int res = 0; 4702 u64 z_id; 4703 u8 *cmd = scp->cmnd; 4704 struct sdeb_zone_state *zsp; 4705 bool all = cmd[14] & 0x01; 4706 struct sdeb_store_info *sip = devip2sip(devip, false); 4707 4708 if (!sdebug_dev_is_zoned(devip)) { 4709 mk_sense_invalid_opcode(scp); 4710 return check_condition_result; 4711 } 4712 4713 sdeb_write_lock(sip); 4714 4715 if (all) { 4716 zbc_close_all(devip); 4717 goto fini; 4718 } 4719 4720 /* Close specified zone */ 4721 z_id = get_unaligned_be64(cmd + 2); 4722 if (z_id >= sdebug_capacity) { 4723 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4724 res = check_condition_result; 4725 goto fini; 4726 } 4727 4728 zsp = zbc_zone(devip, z_id); 4729 if (z_id != zsp->z_start) { 4730 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4731 res = check_condition_result; 4732 goto fini; 4733 } 4734 if (zbc_zone_is_conv(zsp)) { 4735 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4736 res = check_condition_result; 4737 goto fini; 4738 } 4739 4740 zbc_close_zone(devip, zsp); 4741 fini: 4742 sdeb_write_unlock(sip); 4743 return res; 4744 } 4745 4746 static void zbc_finish_zone(struct sdebug_dev_info *devip, 4747 struct sdeb_zone_state *zsp, bool empty) 4748 { 4749 enum sdebug_z_cond zc = zsp->z_cond; 4750 4751 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN || 4752 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) { 4753 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN) 4754 zbc_close_zone(devip, zsp); 4755 if (zsp->z_cond == ZC4_CLOSED) 4756 devip->nr_closed--; 4757 zsp->z_wp = zsp->z_start + zsp->z_size; 4758 zsp->z_cond = ZC5_FULL; 4759 } 4760 } 4761 4762 static void zbc_finish_all(struct sdebug_dev_info *devip) 4763 { 4764 unsigned int i; 4765 4766 for (i = 0; i < devip->nr_zones; i++) 4767 zbc_finish_zone(devip, &devip->zstate[i], false); 4768 } 4769 4770 static int resp_finish_zone(struct scsi_cmnd *scp, 4771 struct sdebug_dev_info *devip) 4772 { 4773 struct sdeb_zone_state *zsp; 4774 int res = 0; 4775 u64 z_id; 4776 u8 *cmd = scp->cmnd; 4777 bool all = cmd[14] & 0x01; 4778 struct sdeb_store_info *sip = devip2sip(devip, false); 4779 4780 if (!sdebug_dev_is_zoned(devip)) { 4781 mk_sense_invalid_opcode(scp); 4782 return check_condition_result; 4783 } 4784 4785 sdeb_write_lock(sip); 4786 4787 if (all) { 4788 zbc_finish_all(devip); 4789 goto fini; 4790 } 4791 4792 /* Finish the specified zone */ 4793 z_id = get_unaligned_be64(cmd + 2); 4794 if (z_id >= sdebug_capacity) { 4795 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4796 res = check_condition_result; 4797 goto fini; 4798 } 4799 4800 zsp = zbc_zone(devip, z_id); 4801 if (z_id != zsp->z_start) { 4802 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4803 res = check_condition_result; 4804 goto fini; 4805 } 4806 if (zbc_zone_is_conv(zsp)) { 4807 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4808 res = check_condition_result; 4809 goto fini; 4810 } 4811 4812 zbc_finish_zone(devip, zsp, true); 4813 fini: 4814 sdeb_write_unlock(sip); 4815 return res; 4816 } 4817 4818 static void zbc_rwp_zone(struct sdebug_dev_info *devip, 4819 struct sdeb_zone_state *zsp) 4820 { 4821 enum sdebug_z_cond zc; 4822 struct sdeb_store_info *sip = devip2sip(devip, false); 4823 4824 if (!zbc_zone_is_seq(zsp)) 4825 return; 4826 4827 zc = zsp->z_cond; 4828 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN) 4829 zbc_close_zone(devip, zsp); 4830 4831 if (zsp->z_cond == ZC4_CLOSED) 4832 devip->nr_closed--; 4833 4834 if (zsp->z_wp > zsp->z_start) 4835 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0, 4836 (zsp->z_wp - zsp->z_start) * sdebug_sector_size); 4837 4838 zsp->z_non_seq_resource = false; 4839 zsp->z_wp = zsp->z_start; 4840 zsp->z_cond = ZC1_EMPTY; 4841 } 4842 4843 static void zbc_rwp_all(struct sdebug_dev_info *devip) 4844 { 4845 unsigned int i; 4846 4847 for (i = 0; i < devip->nr_zones; i++) 4848 zbc_rwp_zone(devip, &devip->zstate[i]); 4849 } 4850 4851 static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4852 { 4853 struct sdeb_zone_state *zsp; 4854 int res = 0; 4855 u64 z_id; 4856 u8 *cmd = scp->cmnd; 4857 bool all = cmd[14] & 0x01; 4858 struct sdeb_store_info *sip = devip2sip(devip, false); 4859 4860 if (!sdebug_dev_is_zoned(devip)) { 4861 mk_sense_invalid_opcode(scp); 4862 return check_condition_result; 4863 } 4864 4865 sdeb_write_lock(sip); 4866 4867 if (all) { 4868 zbc_rwp_all(devip); 4869 goto fini; 4870 } 4871 4872 z_id = get_unaligned_be64(cmd + 2); 4873 if (z_id >= sdebug_capacity) { 4874 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4875 res = check_condition_result; 4876 goto fini; 4877 } 4878 4879 zsp = zbc_zone(devip, z_id); 4880 if (z_id != zsp->z_start) { 4881 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4882 res = check_condition_result; 4883 goto fini; 4884 } 4885 if (zbc_zone_is_conv(zsp)) { 4886 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4887 res = check_condition_result; 4888 goto fini; 4889 } 4890 4891 zbc_rwp_zone(devip, zsp); 4892 fini: 4893 sdeb_write_unlock(sip); 4894 return res; 4895 } 4896 4897 static u32 get_tag(struct scsi_cmnd *cmnd) 4898 { 4899 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd)); 4900 } 4901 4902 /* Queued (deferred) command completions converge here. */ 4903 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp) 4904 { 4905 struct sdebug_queued_cmd *sqcp = container_of(sd_dp, struct sdebug_queued_cmd, sd_dp); 4906 unsigned long flags; 4907 struct scsi_cmnd *scp = sqcp->scmd; 4908 struct sdebug_scsi_cmd *sdsc; 4909 bool aborted; 4910 4911 if (sdebug_statistics) { 4912 atomic_inc(&sdebug_completions); 4913 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 4914 atomic_inc(&sdebug_miss_cpus); 4915 } 4916 4917 if (!scp) { 4918 pr_err("scmd=NULL\n"); 4919 goto out; 4920 } 4921 4922 sdsc = scsi_cmd_priv(scp); 4923 spin_lock_irqsave(&sdsc->lock, flags); 4924 aborted = sd_dp->aborted; 4925 if (unlikely(aborted)) 4926 sd_dp->aborted = false; 4927 ASSIGN_QUEUED_CMD(scp, NULL); 4928 4929 spin_unlock_irqrestore(&sdsc->lock, flags); 4930 4931 if (aborted) { 4932 pr_info("bypassing scsi_done() due to aborted cmd, kicking-off EH\n"); 4933 blk_abort_request(scsi_cmd_to_rq(scp)); 4934 goto out; 4935 } 4936 4937 scsi_done(scp); /* callback to mid level */ 4938 out: 4939 sdebug_free_queued_cmd(sqcp); 4940 } 4941 4942 /* When high resolution timer goes off this function is called. */ 4943 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer) 4944 { 4945 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer, 4946 hrt); 4947 sdebug_q_cmd_complete(sd_dp); 4948 return HRTIMER_NORESTART; 4949 } 4950 4951 /* When work queue schedules work, it calls this function. */ 4952 static void sdebug_q_cmd_wq_complete(struct work_struct *work) 4953 { 4954 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer, 4955 ew.work); 4956 sdebug_q_cmd_complete(sd_dp); 4957 } 4958 4959 static bool got_shared_uuid; 4960 static uuid_t shared_uuid; 4961 4962 static int sdebug_device_create_zones(struct sdebug_dev_info *devip) 4963 { 4964 struct sdeb_zone_state *zsp; 4965 sector_t capacity = get_sdebug_capacity(); 4966 sector_t conv_capacity; 4967 sector_t zstart = 0; 4968 unsigned int i; 4969 4970 /* 4971 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out 4972 * a zone size allowing for at least 4 zones on the device. Otherwise, 4973 * use the specified zone size checking that at least 2 zones can be 4974 * created for the device. 4975 */ 4976 if (!sdeb_zbc_zone_size_mb) { 4977 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M) 4978 >> ilog2(sdebug_sector_size); 4979 while (capacity < devip->zsize << 2 && devip->zsize >= 2) 4980 devip->zsize >>= 1; 4981 if (devip->zsize < 2) { 4982 pr_err("Device capacity too small\n"); 4983 return -EINVAL; 4984 } 4985 } else { 4986 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) { 4987 pr_err("Zone size is not a power of 2\n"); 4988 return -EINVAL; 4989 } 4990 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M) 4991 >> ilog2(sdebug_sector_size); 4992 if (devip->zsize >= capacity) { 4993 pr_err("Zone size too large for device capacity\n"); 4994 return -EINVAL; 4995 } 4996 } 4997 4998 devip->zsize_shift = ilog2(devip->zsize); 4999 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift; 5000 5001 if (sdeb_zbc_zone_cap_mb == 0) { 5002 devip->zcap = devip->zsize; 5003 } else { 5004 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >> 5005 ilog2(sdebug_sector_size); 5006 if (devip->zcap > devip->zsize) { 5007 pr_err("Zone capacity too large\n"); 5008 return -EINVAL; 5009 } 5010 } 5011 5012 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift; 5013 if (conv_capacity >= capacity) { 5014 pr_err("Number of conventional zones too large\n"); 5015 return -EINVAL; 5016 } 5017 devip->nr_conv_zones = sdeb_zbc_nr_conv; 5018 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >> 5019 devip->zsize_shift; 5020 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones; 5021 5022 /* Add gap zones if zone capacity is smaller than the zone size */ 5023 if (devip->zcap < devip->zsize) 5024 devip->nr_zones += devip->nr_seq_zones; 5025 5026 if (devip->zmodel == BLK_ZONED_HM) { 5027 /* zbc_max_open_zones can be 0, meaning "not reported" */ 5028 if (sdeb_zbc_max_open >= devip->nr_zones - 1) 5029 devip->max_open = (devip->nr_zones - 1) / 2; 5030 else 5031 devip->max_open = sdeb_zbc_max_open; 5032 } 5033 5034 devip->zstate = kcalloc(devip->nr_zones, 5035 sizeof(struct sdeb_zone_state), GFP_KERNEL); 5036 if (!devip->zstate) 5037 return -ENOMEM; 5038 5039 for (i = 0; i < devip->nr_zones; i++) { 5040 zsp = &devip->zstate[i]; 5041 5042 zsp->z_start = zstart; 5043 5044 if (i < devip->nr_conv_zones) { 5045 zsp->z_type = ZBC_ZTYPE_CNV; 5046 zsp->z_cond = ZBC_NOT_WRITE_POINTER; 5047 zsp->z_wp = (sector_t)-1; 5048 zsp->z_size = 5049 min_t(u64, devip->zsize, capacity - zstart); 5050 } else if ((zstart & (devip->zsize - 1)) == 0) { 5051 if (devip->zmodel == BLK_ZONED_HM) 5052 zsp->z_type = ZBC_ZTYPE_SWR; 5053 else 5054 zsp->z_type = ZBC_ZTYPE_SWP; 5055 zsp->z_cond = ZC1_EMPTY; 5056 zsp->z_wp = zsp->z_start; 5057 zsp->z_size = 5058 min_t(u64, devip->zcap, capacity - zstart); 5059 } else { 5060 zsp->z_type = ZBC_ZTYPE_GAP; 5061 zsp->z_cond = ZBC_NOT_WRITE_POINTER; 5062 zsp->z_wp = (sector_t)-1; 5063 zsp->z_size = min_t(u64, devip->zsize - devip->zcap, 5064 capacity - zstart); 5065 } 5066 5067 WARN_ON_ONCE((int)zsp->z_size <= 0); 5068 zstart += zsp->z_size; 5069 } 5070 5071 return 0; 5072 } 5073 5074 static struct sdebug_dev_info *sdebug_device_create( 5075 struct sdebug_host_info *sdbg_host, gfp_t flags) 5076 { 5077 struct sdebug_dev_info *devip; 5078 5079 devip = kzalloc(sizeof(*devip), flags); 5080 if (devip) { 5081 if (sdebug_uuid_ctl == 1) 5082 uuid_gen(&devip->lu_name); 5083 else if (sdebug_uuid_ctl == 2) { 5084 if (got_shared_uuid) 5085 devip->lu_name = shared_uuid; 5086 else { 5087 uuid_gen(&shared_uuid); 5088 got_shared_uuid = true; 5089 devip->lu_name = shared_uuid; 5090 } 5091 } 5092 devip->sdbg_host = sdbg_host; 5093 if (sdeb_zbc_in_use) { 5094 devip->zmodel = sdeb_zbc_model; 5095 if (sdebug_device_create_zones(devip)) { 5096 kfree(devip); 5097 return NULL; 5098 } 5099 } else { 5100 devip->zmodel = BLK_ZONED_NONE; 5101 } 5102 devip->create_ts = ktime_get_boottime(); 5103 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0)); 5104 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list); 5105 } 5106 return devip; 5107 } 5108 5109 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev) 5110 { 5111 struct sdebug_host_info *sdbg_host; 5112 struct sdebug_dev_info *open_devip = NULL; 5113 struct sdebug_dev_info *devip; 5114 5115 sdbg_host = shost_to_sdebug_host(sdev->host); 5116 5117 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5118 if ((devip->used) && (devip->channel == sdev->channel) && 5119 (devip->target == sdev->id) && 5120 (devip->lun == sdev->lun)) 5121 return devip; 5122 else { 5123 if ((!devip->used) && (!open_devip)) 5124 open_devip = devip; 5125 } 5126 } 5127 if (!open_devip) { /* try and make a new one */ 5128 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC); 5129 if (!open_devip) { 5130 pr_err("out of memory at line %d\n", __LINE__); 5131 return NULL; 5132 } 5133 } 5134 5135 open_devip->channel = sdev->channel; 5136 open_devip->target = sdev->id; 5137 open_devip->lun = sdev->lun; 5138 open_devip->sdbg_host = sdbg_host; 5139 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm); 5140 open_devip->used = true; 5141 return open_devip; 5142 } 5143 5144 static int scsi_debug_slave_alloc(struct scsi_device *sdp) 5145 { 5146 if (sdebug_verbose) 5147 pr_info("slave_alloc <%u %u %u %llu>\n", 5148 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5149 return 0; 5150 } 5151 5152 static int scsi_debug_slave_configure(struct scsi_device *sdp) 5153 { 5154 struct sdebug_dev_info *devip = 5155 (struct sdebug_dev_info *)sdp->hostdata; 5156 5157 if (sdebug_verbose) 5158 pr_info("slave_configure <%u %u %u %llu>\n", 5159 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5160 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN) 5161 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN; 5162 if (devip == NULL) { 5163 devip = find_build_dev_info(sdp); 5164 if (devip == NULL) 5165 return 1; /* no resources, will be marked offline */ 5166 } 5167 sdp->hostdata = devip; 5168 if (sdebug_no_uld) 5169 sdp->no_uld_attach = 1; 5170 config_cdb_len(sdp); 5171 return 0; 5172 } 5173 5174 static void scsi_debug_slave_destroy(struct scsi_device *sdp) 5175 { 5176 struct sdebug_dev_info *devip = 5177 (struct sdebug_dev_info *)sdp->hostdata; 5178 5179 if (sdebug_verbose) 5180 pr_info("slave_destroy <%u %u %u %llu>\n", 5181 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5182 if (devip) { 5183 /* make this slot available for re-use */ 5184 devip->used = false; 5185 sdp->hostdata = NULL; 5186 } 5187 } 5188 5189 /* Returns true if we require the queued memory to be freed by the caller. */ 5190 static bool stop_qc_helper(struct sdebug_defer *sd_dp, 5191 enum sdeb_defer_type defer_t) 5192 { 5193 if (defer_t == SDEB_DEFER_HRT) { 5194 int res = hrtimer_try_to_cancel(&sd_dp->hrt); 5195 5196 switch (res) { 5197 case 0: /* Not active, it must have already run */ 5198 case -1: /* -1 It's executing the CB */ 5199 return false; 5200 case 1: /* Was active, we've now cancelled */ 5201 default: 5202 return true; 5203 } 5204 } else if (defer_t == SDEB_DEFER_WQ) { 5205 /* Cancel if pending */ 5206 if (cancel_work_sync(&sd_dp->ew.work)) 5207 return true; 5208 /* Was not pending, so it must have run */ 5209 return false; 5210 } else if (defer_t == SDEB_DEFER_POLL) { 5211 return true; 5212 } 5213 5214 return false; 5215 } 5216 5217 5218 static bool scsi_debug_stop_cmnd(struct scsi_cmnd *cmnd) 5219 { 5220 enum sdeb_defer_type l_defer_t; 5221 struct sdebug_defer *sd_dp; 5222 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5223 struct sdebug_queued_cmd *sqcp = TO_QUEUED_CMD(cmnd); 5224 5225 lockdep_assert_held(&sdsc->lock); 5226 5227 if (!sqcp) 5228 return false; 5229 sd_dp = &sqcp->sd_dp; 5230 l_defer_t = READ_ONCE(sd_dp->defer_t); 5231 ASSIGN_QUEUED_CMD(cmnd, NULL); 5232 5233 if (stop_qc_helper(sd_dp, l_defer_t)) 5234 sdebug_free_queued_cmd(sqcp); 5235 5236 return true; 5237 } 5238 5239 /* 5240 * Called from scsi_debug_abort() only, which is for timed-out cmd. 5241 */ 5242 static bool scsi_debug_abort_cmnd(struct scsi_cmnd *cmnd) 5243 { 5244 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5245 unsigned long flags; 5246 bool res; 5247 5248 spin_lock_irqsave(&sdsc->lock, flags); 5249 res = scsi_debug_stop_cmnd(cmnd); 5250 spin_unlock_irqrestore(&sdsc->lock, flags); 5251 5252 return res; 5253 } 5254 5255 /* 5256 * All we can do is set the cmnd as internally aborted and wait for it to 5257 * finish. We cannot call scsi_done() as normal completion path may do that. 5258 */ 5259 static bool sdebug_stop_cmnd(struct request *rq, void *data) 5260 { 5261 scsi_debug_abort_cmnd(blk_mq_rq_to_pdu(rq)); 5262 5263 return true; 5264 } 5265 5266 /* Deletes (stops) timers or work queues of all queued commands */ 5267 static void stop_all_queued(void) 5268 { 5269 struct sdebug_host_info *sdhp; 5270 5271 mutex_lock(&sdebug_host_list_mutex); 5272 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 5273 struct Scsi_Host *shost = sdhp->shost; 5274 5275 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_stop_cmnd, NULL); 5276 } 5277 mutex_unlock(&sdebug_host_list_mutex); 5278 } 5279 5280 static int scsi_debug_abort(struct scsi_cmnd *SCpnt) 5281 { 5282 bool ok = scsi_debug_abort_cmnd(SCpnt); 5283 5284 ++num_aborts; 5285 5286 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5287 sdev_printk(KERN_INFO, SCpnt->device, 5288 "%s: command%s found\n", __func__, 5289 ok ? "" : " not"); 5290 5291 return SUCCESS; 5292 } 5293 5294 static bool scsi_debug_stop_all_queued_iter(struct request *rq, void *data) 5295 { 5296 struct scsi_device *sdp = data; 5297 struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(rq); 5298 5299 if (scmd->device == sdp) 5300 scsi_debug_abort_cmnd(scmd); 5301 5302 return true; 5303 } 5304 5305 /* Deletes (stops) timers or work queues of all queued commands per sdev */ 5306 static void scsi_debug_stop_all_queued(struct scsi_device *sdp) 5307 { 5308 struct Scsi_Host *shost = sdp->host; 5309 5310 blk_mq_tagset_busy_iter(&shost->tag_set, 5311 scsi_debug_stop_all_queued_iter, sdp); 5312 } 5313 5314 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt) 5315 { 5316 struct scsi_device *sdp = SCpnt->device; 5317 struct sdebug_dev_info *devip = sdp->hostdata; 5318 5319 ++num_dev_resets; 5320 5321 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5322 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5323 5324 scsi_debug_stop_all_queued(sdp); 5325 if (devip) 5326 set_bit(SDEBUG_UA_POR, devip->uas_bm); 5327 5328 return SUCCESS; 5329 } 5330 5331 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt) 5332 { 5333 struct scsi_device *sdp = SCpnt->device; 5334 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host); 5335 struct sdebug_dev_info *devip; 5336 int k = 0; 5337 5338 ++num_target_resets; 5339 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5340 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5341 5342 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5343 if (devip->target == sdp->id) { 5344 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5345 ++k; 5346 } 5347 } 5348 5349 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5350 sdev_printk(KERN_INFO, sdp, 5351 "%s: %d device(s) found in target\n", __func__, k); 5352 5353 return SUCCESS; 5354 } 5355 5356 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt) 5357 { 5358 struct scsi_device *sdp = SCpnt->device; 5359 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host); 5360 struct sdebug_dev_info *devip; 5361 int k = 0; 5362 5363 ++num_bus_resets; 5364 5365 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5366 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5367 5368 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5369 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5370 ++k; 5371 } 5372 5373 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5374 sdev_printk(KERN_INFO, sdp, 5375 "%s: %d device(s) found in host\n", __func__, k); 5376 return SUCCESS; 5377 } 5378 5379 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt) 5380 { 5381 struct sdebug_host_info *sdbg_host; 5382 struct sdebug_dev_info *devip; 5383 int k = 0; 5384 5385 ++num_host_resets; 5386 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5387 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__); 5388 mutex_lock(&sdebug_host_list_mutex); 5389 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 5390 list_for_each_entry(devip, &sdbg_host->dev_info_list, 5391 dev_list) { 5392 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5393 ++k; 5394 } 5395 } 5396 mutex_unlock(&sdebug_host_list_mutex); 5397 stop_all_queued(); 5398 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5399 sdev_printk(KERN_INFO, SCpnt->device, 5400 "%s: %d device(s) found\n", __func__, k); 5401 return SUCCESS; 5402 } 5403 5404 static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size) 5405 { 5406 struct msdos_partition *pp; 5407 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs; 5408 int sectors_per_part, num_sectors, k; 5409 int heads_by_sects, start_sec, end_sec; 5410 5411 /* assume partition table already zeroed */ 5412 if ((sdebug_num_parts < 1) || (store_size < 1048576)) 5413 return; 5414 if (sdebug_num_parts > SDEBUG_MAX_PARTS) { 5415 sdebug_num_parts = SDEBUG_MAX_PARTS; 5416 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS); 5417 } 5418 num_sectors = (int)get_sdebug_capacity(); 5419 sectors_per_part = (num_sectors - sdebug_sectors_per) 5420 / sdebug_num_parts; 5421 heads_by_sects = sdebug_heads * sdebug_sectors_per; 5422 starts[0] = sdebug_sectors_per; 5423 max_part_secs = sectors_per_part; 5424 for (k = 1; k < sdebug_num_parts; ++k) { 5425 starts[k] = ((k * sectors_per_part) / heads_by_sects) 5426 * heads_by_sects; 5427 if (starts[k] - starts[k - 1] < max_part_secs) 5428 max_part_secs = starts[k] - starts[k - 1]; 5429 } 5430 starts[sdebug_num_parts] = num_sectors; 5431 starts[sdebug_num_parts + 1] = 0; 5432 5433 ramp[510] = 0x55; /* magic partition markings */ 5434 ramp[511] = 0xAA; 5435 pp = (struct msdos_partition *)(ramp + 0x1be); 5436 for (k = 0; starts[k + 1]; ++k, ++pp) { 5437 start_sec = starts[k]; 5438 end_sec = starts[k] + max_part_secs - 1; 5439 pp->boot_ind = 0; 5440 5441 pp->cyl = start_sec / heads_by_sects; 5442 pp->head = (start_sec - (pp->cyl * heads_by_sects)) 5443 / sdebug_sectors_per; 5444 pp->sector = (start_sec % sdebug_sectors_per) + 1; 5445 5446 pp->end_cyl = end_sec / heads_by_sects; 5447 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects)) 5448 / sdebug_sectors_per; 5449 pp->end_sector = (end_sec % sdebug_sectors_per) + 1; 5450 5451 pp->start_sect = cpu_to_le32(start_sec); 5452 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1); 5453 pp->sys_ind = 0x83; /* plain Linux partition */ 5454 } 5455 } 5456 5457 static void block_unblock_all_queues(bool block) 5458 { 5459 struct sdebug_host_info *sdhp; 5460 5461 lockdep_assert_held(&sdebug_host_list_mutex); 5462 5463 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 5464 struct Scsi_Host *shost = sdhp->shost; 5465 5466 if (block) 5467 scsi_block_requests(shost); 5468 else 5469 scsi_unblock_requests(shost); 5470 } 5471 } 5472 5473 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1 5474 * commands will be processed normally before triggers occur. 5475 */ 5476 static void tweak_cmnd_count(void) 5477 { 5478 int count, modulo; 5479 5480 modulo = abs(sdebug_every_nth); 5481 if (modulo < 2) 5482 return; 5483 5484 mutex_lock(&sdebug_host_list_mutex); 5485 block_unblock_all_queues(true); 5486 count = atomic_read(&sdebug_cmnd_count); 5487 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo); 5488 block_unblock_all_queues(false); 5489 mutex_unlock(&sdebug_host_list_mutex); 5490 } 5491 5492 static void clear_queue_stats(void) 5493 { 5494 atomic_set(&sdebug_cmnd_count, 0); 5495 atomic_set(&sdebug_completions, 0); 5496 atomic_set(&sdebug_miss_cpus, 0); 5497 atomic_set(&sdebug_a_tsf, 0); 5498 } 5499 5500 static bool inject_on_this_cmd(void) 5501 { 5502 if (sdebug_every_nth == 0) 5503 return false; 5504 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0; 5505 } 5506 5507 #define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */ 5508 5509 5510 void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp) 5511 { 5512 if (sqcp) 5513 kmem_cache_free(queued_cmd_cache, sqcp); 5514 } 5515 5516 static struct sdebug_queued_cmd *sdebug_alloc_queued_cmd(struct scsi_cmnd *scmd) 5517 { 5518 struct sdebug_queued_cmd *sqcp; 5519 struct sdebug_defer *sd_dp; 5520 5521 sqcp = kmem_cache_zalloc(queued_cmd_cache, GFP_ATOMIC); 5522 if (!sqcp) 5523 return NULL; 5524 5525 sd_dp = &sqcp->sd_dp; 5526 5527 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED); 5528 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete; 5529 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete); 5530 5531 sqcp->scmd = scmd; 5532 5533 return sqcp; 5534 } 5535 5536 /* Complete the processing of the thread that queued a SCSI command to this 5537 * driver. It either completes the command by calling cmnd_done() or 5538 * schedules a hr timer or work queue then returns 0. Returns 5539 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources. 5540 */ 5541 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip, 5542 int scsi_result, 5543 int (*pfp)(struct scsi_cmnd *, 5544 struct sdebug_dev_info *), 5545 int delta_jiff, int ndelay) 5546 { 5547 struct request *rq = scsi_cmd_to_rq(cmnd); 5548 bool polled = rq->cmd_flags & REQ_POLLED; 5549 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5550 unsigned long flags; 5551 u64 ns_from_boot = 0; 5552 struct sdebug_queued_cmd *sqcp; 5553 struct scsi_device *sdp; 5554 struct sdebug_defer *sd_dp; 5555 5556 if (unlikely(devip == NULL)) { 5557 if (scsi_result == 0) 5558 scsi_result = DID_NO_CONNECT << 16; 5559 goto respond_in_thread; 5560 } 5561 sdp = cmnd->device; 5562 5563 if (delta_jiff == 0) 5564 goto respond_in_thread; 5565 5566 5567 if (unlikely(sdebug_every_nth && (SDEBUG_OPT_RARE_TSF & sdebug_opts) && 5568 (scsi_result == 0))) { 5569 int num_in_q = scsi_device_busy(sdp); 5570 int qdepth = cmnd->device->queue_depth; 5571 5572 if ((num_in_q == qdepth) && 5573 (atomic_inc_return(&sdebug_a_tsf) >= 5574 abs(sdebug_every_nth))) { 5575 atomic_set(&sdebug_a_tsf, 0); 5576 scsi_result = device_qfull_result; 5577 5578 if (unlikely(SDEBUG_OPT_Q_NOISE & sdebug_opts)) 5579 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, <inject> status: TASK SET FULL\n", 5580 __func__, num_in_q); 5581 } 5582 } 5583 5584 sqcp = sdebug_alloc_queued_cmd(cmnd); 5585 if (!sqcp) { 5586 pr_err("%s no alloc\n", __func__); 5587 return SCSI_MLQUEUE_HOST_BUSY; 5588 } 5589 sd_dp = &sqcp->sd_dp; 5590 5591 if (polled) 5592 ns_from_boot = ktime_get_boottime_ns(); 5593 5594 /* one of the resp_*() response functions is called here */ 5595 cmnd->result = pfp ? pfp(cmnd, devip) : 0; 5596 if (cmnd->result & SDEG_RES_IMMED_MASK) { 5597 cmnd->result &= ~SDEG_RES_IMMED_MASK; 5598 delta_jiff = ndelay = 0; 5599 } 5600 if (cmnd->result == 0 && scsi_result != 0) 5601 cmnd->result = scsi_result; 5602 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) { 5603 if (atomic_read(&sdeb_inject_pending)) { 5604 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO); 5605 atomic_set(&sdeb_inject_pending, 0); 5606 cmnd->result = check_condition_result; 5607 } 5608 } 5609 5610 if (unlikely(sdebug_verbose && cmnd->result)) 5611 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n", 5612 __func__, cmnd->result); 5613 5614 if (delta_jiff > 0 || ndelay > 0) { 5615 ktime_t kt; 5616 5617 if (delta_jiff > 0) { 5618 u64 ns = jiffies_to_nsecs(delta_jiff); 5619 5620 if (sdebug_random && ns < U32_MAX) { 5621 ns = get_random_u32_below((u32)ns); 5622 } else if (sdebug_random) { 5623 ns >>= 12; /* scale to 4 usec precision */ 5624 if (ns < U32_MAX) /* over 4 hours max */ 5625 ns = get_random_u32_below((u32)ns); 5626 ns <<= 12; 5627 } 5628 kt = ns_to_ktime(ns); 5629 } else { /* ndelay has a 4.2 second max */ 5630 kt = sdebug_random ? get_random_u32_below((u32)ndelay) : 5631 (u32)ndelay; 5632 if (ndelay < INCLUSIVE_TIMING_MAX_NS) { 5633 u64 d = ktime_get_boottime_ns() - ns_from_boot; 5634 5635 if (kt <= d) { /* elapsed duration >= kt */ 5636 /* call scsi_done() from this thread */ 5637 sdebug_free_queued_cmd(sqcp); 5638 scsi_done(cmnd); 5639 return 0; 5640 } 5641 /* otherwise reduce kt by elapsed time */ 5642 kt -= d; 5643 } 5644 } 5645 if (sdebug_statistics) 5646 sd_dp->issuing_cpu = raw_smp_processor_id(); 5647 if (polled) { 5648 spin_lock_irqsave(&sdsc->lock, flags); 5649 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt); 5650 ASSIGN_QUEUED_CMD(cmnd, sqcp); 5651 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL); 5652 spin_unlock_irqrestore(&sdsc->lock, flags); 5653 } else { 5654 /* schedule the invocation of scsi_done() for a later time */ 5655 spin_lock_irqsave(&sdsc->lock, flags); 5656 ASSIGN_QUEUED_CMD(cmnd, sqcp); 5657 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT); 5658 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED); 5659 /* 5660 * The completion handler will try to grab sqcp->lock, 5661 * so there is no chance that the completion handler 5662 * will call scsi_done() until we release the lock 5663 * here (so ok to keep referencing sdsc). 5664 */ 5665 spin_unlock_irqrestore(&sdsc->lock, flags); 5666 } 5667 } else { /* jdelay < 0, use work queue */ 5668 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) && 5669 atomic_read(&sdeb_inject_pending))) { 5670 sd_dp->aborted = true; 5671 atomic_set(&sdeb_inject_pending, 0); 5672 sdev_printk(KERN_INFO, sdp, "abort request tag=%#x\n", 5673 blk_mq_unique_tag_to_tag(get_tag(cmnd))); 5674 } 5675 5676 if (sdebug_statistics) 5677 sd_dp->issuing_cpu = raw_smp_processor_id(); 5678 if (polled) { 5679 spin_lock_irqsave(&sdsc->lock, flags); 5680 ASSIGN_QUEUED_CMD(cmnd, sqcp); 5681 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot); 5682 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL); 5683 spin_unlock_irqrestore(&sdsc->lock, flags); 5684 } else { 5685 spin_lock_irqsave(&sdsc->lock, flags); 5686 ASSIGN_QUEUED_CMD(cmnd, sqcp); 5687 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ); 5688 schedule_work(&sd_dp->ew.work); 5689 spin_unlock_irqrestore(&sdsc->lock, flags); 5690 } 5691 } 5692 5693 return 0; 5694 5695 respond_in_thread: /* call back to mid-layer using invocation thread */ 5696 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0; 5697 cmnd->result &= ~SDEG_RES_IMMED_MASK; 5698 if (cmnd->result == 0 && scsi_result != 0) 5699 cmnd->result = scsi_result; 5700 scsi_done(cmnd); 5701 return 0; 5702 } 5703 5704 /* Note: The following macros create attribute files in the 5705 /sys/module/scsi_debug/parameters directory. Unfortunately this 5706 driver is unaware of a change and cannot trigger auxiliary actions 5707 as it can when the corresponding attribute in the 5708 /sys/bus/pseudo/drivers/scsi_debug directory is changed. 5709 */ 5710 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR); 5711 module_param_named(ato, sdebug_ato, int, S_IRUGO); 5712 module_param_named(cdb_len, sdebug_cdb_len, int, 0644); 5713 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR); 5714 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR); 5715 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO); 5716 module_param_named(dif, sdebug_dif, int, S_IRUGO); 5717 module_param_named(dix, sdebug_dix, int, S_IRUGO); 5718 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR); 5719 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR); 5720 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR); 5721 module_param_named(guard, sdebug_guard, uint, S_IRUGO); 5722 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR); 5723 module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO); 5724 module_param_string(inq_product, sdebug_inq_product_id, 5725 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR); 5726 module_param_string(inq_rev, sdebug_inq_product_rev, 5727 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR); 5728 module_param_string(inq_vendor, sdebug_inq_vendor_id, 5729 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR); 5730 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO); 5731 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO); 5732 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO); 5733 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO); 5734 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO); 5735 module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR); 5736 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR); 5737 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR); 5738 module_param_named(medium_error_count, sdebug_medium_error_count, int, 5739 S_IRUGO | S_IWUSR); 5740 module_param_named(medium_error_start, sdebug_medium_error_start, int, 5741 S_IRUGO | S_IWUSR); 5742 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR); 5743 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR); 5744 module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR); 5745 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO); 5746 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO); 5747 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR); 5748 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO); 5749 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO); 5750 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR); 5751 module_param_named(per_host_store, sdebug_per_host_store, bool, 5752 S_IRUGO | S_IWUSR); 5753 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO); 5754 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR); 5755 module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR); 5756 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR); 5757 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO); 5758 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO); 5759 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR); 5760 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR); 5761 module_param_named(submit_queues, submit_queues, int, S_IRUGO); 5762 module_param_named(poll_queues, poll_queues, int, S_IRUGO); 5763 module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO); 5764 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO); 5765 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO); 5766 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO); 5767 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO); 5768 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO); 5769 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR); 5770 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int, 5771 S_IRUGO | S_IWUSR); 5772 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR); 5773 module_param_named(write_same_length, sdebug_write_same_length, int, 5774 S_IRUGO | S_IWUSR); 5775 module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO); 5776 module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO); 5777 module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO); 5778 module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO); 5779 module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO); 5780 5781 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert"); 5782 MODULE_DESCRIPTION("SCSI debug adapter driver"); 5783 MODULE_LICENSE("GPL"); 5784 MODULE_VERSION(SDEBUG_VERSION); 5785 5786 MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)"); 5787 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)"); 5788 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)"); 5789 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)"); 5790 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny"); 5791 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)"); 5792 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)"); 5793 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)"); 5794 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)"); 5795 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)"); 5796 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)"); 5797 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)"); 5798 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)"); 5799 MODULE_PARM_DESC(host_max_queue, 5800 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])"); 5801 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")"); 5802 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\"" 5803 SDEBUG_VERSION "\")"); 5804 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")"); 5805 MODULE_PARM_DESC(lbprz, 5806 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2"); 5807 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)"); 5808 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)"); 5809 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)"); 5810 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)"); 5811 MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method"); 5812 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)"); 5813 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))"); 5814 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error"); 5815 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error"); 5816 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)"); 5817 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)"); 5818 MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)"); 5819 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))"); 5820 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)"); 5821 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)"); 5822 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)"); 5823 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)"); 5824 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)"); 5825 MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)"); 5826 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)"); 5827 MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))"); 5828 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])"); 5829 MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns"); 5830 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)"); 5831 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])"); 5832 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)"); 5833 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)"); 5834 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)"); 5835 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)"); 5836 MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)"); 5837 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)"); 5838 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)"); 5839 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)"); 5840 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)"); 5841 MODULE_PARM_DESC(uuid_ctl, 5842 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)"); 5843 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)"); 5844 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)"); 5845 MODULE_PARM_DESC(wp, "Write Protect (def=0)"); 5846 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)"); 5847 MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix"); 5848 MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)"); 5849 MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)"); 5850 MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)"); 5851 MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)"); 5852 5853 #define SDEBUG_INFO_LEN 256 5854 static char sdebug_info[SDEBUG_INFO_LEN]; 5855 5856 static const char *scsi_debug_info(struct Scsi_Host *shp) 5857 { 5858 int k; 5859 5860 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n", 5861 my_name, SDEBUG_VERSION, sdebug_version_date); 5862 if (k >= (SDEBUG_INFO_LEN - 1)) 5863 return sdebug_info; 5864 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k, 5865 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d", 5866 sdebug_dev_size_mb, sdebug_opts, submit_queues, 5867 "statistics", (int)sdebug_statistics); 5868 return sdebug_info; 5869 } 5870 5871 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */ 5872 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, 5873 int length) 5874 { 5875 char arr[16]; 5876 int opts; 5877 int minLen = length > 15 ? 15 : length; 5878 5879 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 5880 return -EACCES; 5881 memcpy(arr, buffer, minLen); 5882 arr[minLen] = '\0'; 5883 if (1 != sscanf(arr, "%d", &opts)) 5884 return -EINVAL; 5885 sdebug_opts = opts; 5886 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 5887 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 5888 if (sdebug_every_nth != 0) 5889 tweak_cmnd_count(); 5890 return length; 5891 } 5892 5893 struct sdebug_submit_queue_data { 5894 int *first; 5895 int *last; 5896 int queue_num; 5897 }; 5898 5899 static bool sdebug_submit_queue_iter(struct request *rq, void *opaque) 5900 { 5901 struct sdebug_submit_queue_data *data = opaque; 5902 u32 unique_tag = blk_mq_unique_tag(rq); 5903 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag); 5904 u16 tag = blk_mq_unique_tag_to_tag(unique_tag); 5905 int queue_num = data->queue_num; 5906 5907 if (hwq != queue_num) 5908 return true; 5909 5910 /* Rely on iter'ing in ascending tag order */ 5911 if (*data->first == -1) 5912 *data->first = *data->last = tag; 5913 else 5914 *data->last = tag; 5915 5916 return true; 5917 } 5918 5919 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the 5920 * same for each scsi_debug host (if more than one). Some of the counters 5921 * output are not atomics so might be inaccurate in a busy system. */ 5922 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host) 5923 { 5924 struct sdebug_host_info *sdhp; 5925 int j; 5926 5927 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n", 5928 SDEBUG_VERSION, sdebug_version_date); 5929 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n", 5930 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb, 5931 sdebug_opts, sdebug_every_nth); 5932 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n", 5933 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns, 5934 sdebug_sector_size, "bytes"); 5935 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n", 5936 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per, 5937 num_aborts); 5938 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n", 5939 num_dev_resets, num_target_resets, num_bus_resets, 5940 num_host_resets); 5941 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n", 5942 dix_reads, dix_writes, dif_errors); 5943 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000, 5944 sdebug_statistics); 5945 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n", 5946 atomic_read(&sdebug_cmnd_count), 5947 atomic_read(&sdebug_completions), 5948 "miss_cpus", atomic_read(&sdebug_miss_cpus), 5949 atomic_read(&sdebug_a_tsf), 5950 atomic_read(&sdeb_mq_poll_count)); 5951 5952 seq_printf(m, "submit_queues=%d\n", submit_queues); 5953 for (j = 0; j < submit_queues; ++j) { 5954 int f = -1, l = -1; 5955 struct sdebug_submit_queue_data data = { 5956 .queue_num = j, 5957 .first = &f, 5958 .last = &l, 5959 }; 5960 seq_printf(m, " queue %d:\n", j); 5961 blk_mq_tagset_busy_iter(&host->tag_set, sdebug_submit_queue_iter, 5962 &data); 5963 if (f >= 0) { 5964 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n", 5965 "first,last bits", f, l); 5966 } 5967 } 5968 5969 seq_printf(m, "this host_no=%d\n", host->host_no); 5970 if (!xa_empty(per_store_ap)) { 5971 bool niu; 5972 int idx; 5973 unsigned long l_idx; 5974 struct sdeb_store_info *sip; 5975 5976 seq_puts(m, "\nhost list:\n"); 5977 j = 0; 5978 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 5979 idx = sdhp->si_idx; 5980 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j, 5981 sdhp->shost->host_no, idx); 5982 ++j; 5983 } 5984 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n", 5985 sdeb_most_recent_idx); 5986 j = 0; 5987 xa_for_each(per_store_ap, l_idx, sip) { 5988 niu = xa_get_mark(per_store_ap, l_idx, 5989 SDEB_XA_NOT_IN_USE); 5990 idx = (int)l_idx; 5991 seq_printf(m, " %d: idx=%d%s\n", j, idx, 5992 (niu ? " not_in_use" : "")); 5993 ++j; 5994 } 5995 } 5996 return 0; 5997 } 5998 5999 static ssize_t delay_show(struct device_driver *ddp, char *buf) 6000 { 6001 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay); 6002 } 6003 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit 6004 * of delay is jiffies. 6005 */ 6006 static ssize_t delay_store(struct device_driver *ddp, const char *buf, 6007 size_t count) 6008 { 6009 int jdelay, res; 6010 6011 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) { 6012 res = count; 6013 if (sdebug_jdelay != jdelay) { 6014 struct sdebug_host_info *sdhp; 6015 6016 mutex_lock(&sdebug_host_list_mutex); 6017 block_unblock_all_queues(true); 6018 6019 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6020 struct Scsi_Host *shost = sdhp->shost; 6021 6022 if (scsi_host_busy(shost)) { 6023 res = -EBUSY; /* queued commands */ 6024 break; 6025 } 6026 } 6027 if (res > 0) { 6028 sdebug_jdelay = jdelay; 6029 sdebug_ndelay = 0; 6030 } 6031 block_unblock_all_queues(false); 6032 mutex_unlock(&sdebug_host_list_mutex); 6033 } 6034 return res; 6035 } 6036 return -EINVAL; 6037 } 6038 static DRIVER_ATTR_RW(delay); 6039 6040 static ssize_t ndelay_show(struct device_driver *ddp, char *buf) 6041 { 6042 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay); 6043 } 6044 /* Returns -EBUSY if ndelay is being changed and commands are queued */ 6045 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */ 6046 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf, 6047 size_t count) 6048 { 6049 int ndelay, res; 6050 6051 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) && 6052 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) { 6053 res = count; 6054 if (sdebug_ndelay != ndelay) { 6055 struct sdebug_host_info *sdhp; 6056 6057 mutex_lock(&sdebug_host_list_mutex); 6058 block_unblock_all_queues(true); 6059 6060 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6061 struct Scsi_Host *shost = sdhp->shost; 6062 6063 if (scsi_host_busy(shost)) { 6064 res = -EBUSY; /* queued commands */ 6065 break; 6066 } 6067 } 6068 6069 if (res > 0) { 6070 sdebug_ndelay = ndelay; 6071 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN 6072 : DEF_JDELAY; 6073 } 6074 block_unblock_all_queues(false); 6075 mutex_unlock(&sdebug_host_list_mutex); 6076 } 6077 return res; 6078 } 6079 return -EINVAL; 6080 } 6081 static DRIVER_ATTR_RW(ndelay); 6082 6083 static ssize_t opts_show(struct device_driver *ddp, char *buf) 6084 { 6085 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts); 6086 } 6087 6088 static ssize_t opts_store(struct device_driver *ddp, const char *buf, 6089 size_t count) 6090 { 6091 int opts; 6092 char work[20]; 6093 6094 if (sscanf(buf, "%10s", work) == 1) { 6095 if (strncasecmp(work, "0x", 2) == 0) { 6096 if (kstrtoint(work + 2, 16, &opts) == 0) 6097 goto opts_done; 6098 } else { 6099 if (kstrtoint(work, 10, &opts) == 0) 6100 goto opts_done; 6101 } 6102 } 6103 return -EINVAL; 6104 opts_done: 6105 sdebug_opts = opts; 6106 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 6107 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 6108 tweak_cmnd_count(); 6109 return count; 6110 } 6111 static DRIVER_ATTR_RW(opts); 6112 6113 static ssize_t ptype_show(struct device_driver *ddp, char *buf) 6114 { 6115 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype); 6116 } 6117 static ssize_t ptype_store(struct device_driver *ddp, const char *buf, 6118 size_t count) 6119 { 6120 int n; 6121 6122 /* Cannot change from or to TYPE_ZBC with sysfs */ 6123 if (sdebug_ptype == TYPE_ZBC) 6124 return -EINVAL; 6125 6126 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6127 if (n == TYPE_ZBC) 6128 return -EINVAL; 6129 sdebug_ptype = n; 6130 return count; 6131 } 6132 return -EINVAL; 6133 } 6134 static DRIVER_ATTR_RW(ptype); 6135 6136 static ssize_t dsense_show(struct device_driver *ddp, char *buf) 6137 { 6138 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense); 6139 } 6140 static ssize_t dsense_store(struct device_driver *ddp, const char *buf, 6141 size_t count) 6142 { 6143 int n; 6144 6145 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6146 sdebug_dsense = n; 6147 return count; 6148 } 6149 return -EINVAL; 6150 } 6151 static DRIVER_ATTR_RW(dsense); 6152 6153 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf) 6154 { 6155 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw); 6156 } 6157 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf, 6158 size_t count) 6159 { 6160 int n, idx; 6161 6162 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6163 bool want_store = (n == 0); 6164 struct sdebug_host_info *sdhp; 6165 6166 n = (n > 0); 6167 sdebug_fake_rw = (sdebug_fake_rw > 0); 6168 if (sdebug_fake_rw == n) 6169 return count; /* not transitioning so do nothing */ 6170 6171 if (want_store) { /* 1 --> 0 transition, set up store */ 6172 if (sdeb_first_idx < 0) { 6173 idx = sdebug_add_store(); 6174 if (idx < 0) 6175 return idx; 6176 } else { 6177 idx = sdeb_first_idx; 6178 xa_clear_mark(per_store_ap, idx, 6179 SDEB_XA_NOT_IN_USE); 6180 } 6181 /* make all hosts use same store */ 6182 list_for_each_entry(sdhp, &sdebug_host_list, 6183 host_list) { 6184 if (sdhp->si_idx != idx) { 6185 xa_set_mark(per_store_ap, sdhp->si_idx, 6186 SDEB_XA_NOT_IN_USE); 6187 sdhp->si_idx = idx; 6188 } 6189 } 6190 sdeb_most_recent_idx = idx; 6191 } else { /* 0 --> 1 transition is trigger for shrink */ 6192 sdebug_erase_all_stores(true /* apart from first */); 6193 } 6194 sdebug_fake_rw = n; 6195 return count; 6196 } 6197 return -EINVAL; 6198 } 6199 static DRIVER_ATTR_RW(fake_rw); 6200 6201 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf) 6202 { 6203 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0); 6204 } 6205 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf, 6206 size_t count) 6207 { 6208 int n; 6209 6210 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6211 sdebug_no_lun_0 = n; 6212 return count; 6213 } 6214 return -EINVAL; 6215 } 6216 static DRIVER_ATTR_RW(no_lun_0); 6217 6218 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf) 6219 { 6220 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts); 6221 } 6222 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf, 6223 size_t count) 6224 { 6225 int n; 6226 6227 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6228 sdebug_num_tgts = n; 6229 sdebug_max_tgts_luns(); 6230 return count; 6231 } 6232 return -EINVAL; 6233 } 6234 static DRIVER_ATTR_RW(num_tgts); 6235 6236 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf) 6237 { 6238 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb); 6239 } 6240 static DRIVER_ATTR_RO(dev_size_mb); 6241 6242 static ssize_t per_host_store_show(struct device_driver *ddp, char *buf) 6243 { 6244 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store); 6245 } 6246 6247 static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf, 6248 size_t count) 6249 { 6250 bool v; 6251 6252 if (kstrtobool(buf, &v)) 6253 return -EINVAL; 6254 6255 sdebug_per_host_store = v; 6256 return count; 6257 } 6258 static DRIVER_ATTR_RW(per_host_store); 6259 6260 static ssize_t num_parts_show(struct device_driver *ddp, char *buf) 6261 { 6262 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts); 6263 } 6264 static DRIVER_ATTR_RO(num_parts); 6265 6266 static ssize_t every_nth_show(struct device_driver *ddp, char *buf) 6267 { 6268 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth); 6269 } 6270 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf, 6271 size_t count) 6272 { 6273 int nth; 6274 char work[20]; 6275 6276 if (sscanf(buf, "%10s", work) == 1) { 6277 if (strncasecmp(work, "0x", 2) == 0) { 6278 if (kstrtoint(work + 2, 16, &nth) == 0) 6279 goto every_nth_done; 6280 } else { 6281 if (kstrtoint(work, 10, &nth) == 0) 6282 goto every_nth_done; 6283 } 6284 } 6285 return -EINVAL; 6286 6287 every_nth_done: 6288 sdebug_every_nth = nth; 6289 if (nth && !sdebug_statistics) { 6290 pr_info("every_nth needs statistics=1, set it\n"); 6291 sdebug_statistics = true; 6292 } 6293 tweak_cmnd_count(); 6294 return count; 6295 } 6296 static DRIVER_ATTR_RW(every_nth); 6297 6298 static ssize_t lun_format_show(struct device_driver *ddp, char *buf) 6299 { 6300 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am); 6301 } 6302 static ssize_t lun_format_store(struct device_driver *ddp, const char *buf, 6303 size_t count) 6304 { 6305 int n; 6306 bool changed; 6307 6308 if (kstrtoint(buf, 0, &n)) 6309 return -EINVAL; 6310 if (n >= 0) { 6311 if (n > (int)SAM_LUN_AM_FLAT) { 6312 pr_warn("only LUN address methods 0 and 1 are supported\n"); 6313 return -EINVAL; 6314 } 6315 changed = ((int)sdebug_lun_am != n); 6316 sdebug_lun_am = n; 6317 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */ 6318 struct sdebug_host_info *sdhp; 6319 struct sdebug_dev_info *dp; 6320 6321 mutex_lock(&sdebug_host_list_mutex); 6322 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6323 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 6324 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 6325 } 6326 } 6327 mutex_unlock(&sdebug_host_list_mutex); 6328 } 6329 return count; 6330 } 6331 return -EINVAL; 6332 } 6333 static DRIVER_ATTR_RW(lun_format); 6334 6335 static ssize_t max_luns_show(struct device_driver *ddp, char *buf) 6336 { 6337 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns); 6338 } 6339 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf, 6340 size_t count) 6341 { 6342 int n; 6343 bool changed; 6344 6345 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6346 if (n > 256) { 6347 pr_warn("max_luns can be no more than 256\n"); 6348 return -EINVAL; 6349 } 6350 changed = (sdebug_max_luns != n); 6351 sdebug_max_luns = n; 6352 sdebug_max_tgts_luns(); 6353 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */ 6354 struct sdebug_host_info *sdhp; 6355 struct sdebug_dev_info *dp; 6356 6357 mutex_lock(&sdebug_host_list_mutex); 6358 list_for_each_entry(sdhp, &sdebug_host_list, 6359 host_list) { 6360 list_for_each_entry(dp, &sdhp->dev_info_list, 6361 dev_list) { 6362 set_bit(SDEBUG_UA_LUNS_CHANGED, 6363 dp->uas_bm); 6364 } 6365 } 6366 mutex_unlock(&sdebug_host_list_mutex); 6367 } 6368 return count; 6369 } 6370 return -EINVAL; 6371 } 6372 static DRIVER_ATTR_RW(max_luns); 6373 6374 static ssize_t max_queue_show(struct device_driver *ddp, char *buf) 6375 { 6376 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue); 6377 } 6378 /* N.B. max_queue can be changed while there are queued commands. In flight 6379 * commands beyond the new max_queue will be completed. */ 6380 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf, 6381 size_t count) 6382 { 6383 int n; 6384 6385 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) && 6386 (n <= SDEBUG_CANQUEUE) && 6387 (sdebug_host_max_queue == 0)) { 6388 mutex_lock(&sdebug_host_list_mutex); 6389 6390 /* We may only change sdebug_max_queue when we have no shosts */ 6391 if (list_empty(&sdebug_host_list)) 6392 sdebug_max_queue = n; 6393 else 6394 count = -EBUSY; 6395 mutex_unlock(&sdebug_host_list_mutex); 6396 return count; 6397 } 6398 return -EINVAL; 6399 } 6400 static DRIVER_ATTR_RW(max_queue); 6401 6402 static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf) 6403 { 6404 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue); 6405 } 6406 6407 static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf) 6408 { 6409 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock); 6410 } 6411 6412 static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count) 6413 { 6414 bool v; 6415 6416 if (kstrtobool(buf, &v)) 6417 return -EINVAL; 6418 6419 sdebug_no_rwlock = v; 6420 return count; 6421 } 6422 static DRIVER_ATTR_RW(no_rwlock); 6423 6424 /* 6425 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap 6426 * in range [0, sdebug_host_max_queue), we can't change it. 6427 */ 6428 static DRIVER_ATTR_RO(host_max_queue); 6429 6430 static ssize_t no_uld_show(struct device_driver *ddp, char *buf) 6431 { 6432 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld); 6433 } 6434 static DRIVER_ATTR_RO(no_uld); 6435 6436 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf) 6437 { 6438 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level); 6439 } 6440 static DRIVER_ATTR_RO(scsi_level); 6441 6442 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf) 6443 { 6444 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb); 6445 } 6446 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf, 6447 size_t count) 6448 { 6449 int n; 6450 bool changed; 6451 6452 /* Ignore capacity change for ZBC drives for now */ 6453 if (sdeb_zbc_in_use) 6454 return -ENOTSUPP; 6455 6456 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6457 changed = (sdebug_virtual_gb != n); 6458 sdebug_virtual_gb = n; 6459 sdebug_capacity = get_sdebug_capacity(); 6460 if (changed) { 6461 struct sdebug_host_info *sdhp; 6462 struct sdebug_dev_info *dp; 6463 6464 mutex_lock(&sdebug_host_list_mutex); 6465 list_for_each_entry(sdhp, &sdebug_host_list, 6466 host_list) { 6467 list_for_each_entry(dp, &sdhp->dev_info_list, 6468 dev_list) { 6469 set_bit(SDEBUG_UA_CAPACITY_CHANGED, 6470 dp->uas_bm); 6471 } 6472 } 6473 mutex_unlock(&sdebug_host_list_mutex); 6474 } 6475 return count; 6476 } 6477 return -EINVAL; 6478 } 6479 static DRIVER_ATTR_RW(virtual_gb); 6480 6481 static ssize_t add_host_show(struct device_driver *ddp, char *buf) 6482 { 6483 /* absolute number of hosts currently active is what is shown */ 6484 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts); 6485 } 6486 6487 static ssize_t add_host_store(struct device_driver *ddp, const char *buf, 6488 size_t count) 6489 { 6490 bool found; 6491 unsigned long idx; 6492 struct sdeb_store_info *sip; 6493 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store; 6494 int delta_hosts; 6495 6496 if (sscanf(buf, "%d", &delta_hosts) != 1) 6497 return -EINVAL; 6498 if (delta_hosts > 0) { 6499 do { 6500 found = false; 6501 if (want_phs) { 6502 xa_for_each_marked(per_store_ap, idx, sip, 6503 SDEB_XA_NOT_IN_USE) { 6504 sdeb_most_recent_idx = (int)idx; 6505 found = true; 6506 break; 6507 } 6508 if (found) /* re-use case */ 6509 sdebug_add_host_helper((int)idx); 6510 else 6511 sdebug_do_add_host(true); 6512 } else { 6513 sdebug_do_add_host(false); 6514 } 6515 } while (--delta_hosts); 6516 } else if (delta_hosts < 0) { 6517 do { 6518 sdebug_do_remove_host(false); 6519 } while (++delta_hosts); 6520 } 6521 return count; 6522 } 6523 static DRIVER_ATTR_RW(add_host); 6524 6525 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf) 6526 { 6527 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno); 6528 } 6529 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf, 6530 size_t count) 6531 { 6532 int n; 6533 6534 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6535 sdebug_vpd_use_hostno = n; 6536 return count; 6537 } 6538 return -EINVAL; 6539 } 6540 static DRIVER_ATTR_RW(vpd_use_hostno); 6541 6542 static ssize_t statistics_show(struct device_driver *ddp, char *buf) 6543 { 6544 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics); 6545 } 6546 static ssize_t statistics_store(struct device_driver *ddp, const char *buf, 6547 size_t count) 6548 { 6549 int n; 6550 6551 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) { 6552 if (n > 0) 6553 sdebug_statistics = true; 6554 else { 6555 clear_queue_stats(); 6556 sdebug_statistics = false; 6557 } 6558 return count; 6559 } 6560 return -EINVAL; 6561 } 6562 static DRIVER_ATTR_RW(statistics); 6563 6564 static ssize_t sector_size_show(struct device_driver *ddp, char *buf) 6565 { 6566 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size); 6567 } 6568 static DRIVER_ATTR_RO(sector_size); 6569 6570 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf) 6571 { 6572 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues); 6573 } 6574 static DRIVER_ATTR_RO(submit_queues); 6575 6576 static ssize_t dix_show(struct device_driver *ddp, char *buf) 6577 { 6578 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix); 6579 } 6580 static DRIVER_ATTR_RO(dix); 6581 6582 static ssize_t dif_show(struct device_driver *ddp, char *buf) 6583 { 6584 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif); 6585 } 6586 static DRIVER_ATTR_RO(dif); 6587 6588 static ssize_t guard_show(struct device_driver *ddp, char *buf) 6589 { 6590 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard); 6591 } 6592 static DRIVER_ATTR_RO(guard); 6593 6594 static ssize_t ato_show(struct device_driver *ddp, char *buf) 6595 { 6596 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato); 6597 } 6598 static DRIVER_ATTR_RO(ato); 6599 6600 static ssize_t map_show(struct device_driver *ddp, char *buf) 6601 { 6602 ssize_t count = 0; 6603 6604 if (!scsi_debug_lbp()) 6605 return scnprintf(buf, PAGE_SIZE, "0-%u\n", 6606 sdebug_store_sectors); 6607 6608 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) { 6609 struct sdeb_store_info *sip = xa_load(per_store_ap, 0); 6610 6611 if (sip) 6612 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl", 6613 (int)map_size, sip->map_storep); 6614 } 6615 buf[count++] = '\n'; 6616 buf[count] = '\0'; 6617 6618 return count; 6619 } 6620 static DRIVER_ATTR_RO(map); 6621 6622 static ssize_t random_show(struct device_driver *ddp, char *buf) 6623 { 6624 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random); 6625 } 6626 6627 static ssize_t random_store(struct device_driver *ddp, const char *buf, 6628 size_t count) 6629 { 6630 bool v; 6631 6632 if (kstrtobool(buf, &v)) 6633 return -EINVAL; 6634 6635 sdebug_random = v; 6636 return count; 6637 } 6638 static DRIVER_ATTR_RW(random); 6639 6640 static ssize_t removable_show(struct device_driver *ddp, char *buf) 6641 { 6642 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0); 6643 } 6644 static ssize_t removable_store(struct device_driver *ddp, const char *buf, 6645 size_t count) 6646 { 6647 int n; 6648 6649 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6650 sdebug_removable = (n > 0); 6651 return count; 6652 } 6653 return -EINVAL; 6654 } 6655 static DRIVER_ATTR_RW(removable); 6656 6657 static ssize_t host_lock_show(struct device_driver *ddp, char *buf) 6658 { 6659 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock); 6660 } 6661 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */ 6662 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf, 6663 size_t count) 6664 { 6665 int n; 6666 6667 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6668 sdebug_host_lock = (n > 0); 6669 return count; 6670 } 6671 return -EINVAL; 6672 } 6673 static DRIVER_ATTR_RW(host_lock); 6674 6675 static ssize_t strict_show(struct device_driver *ddp, char *buf) 6676 { 6677 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict); 6678 } 6679 static ssize_t strict_store(struct device_driver *ddp, const char *buf, 6680 size_t count) 6681 { 6682 int n; 6683 6684 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6685 sdebug_strict = (n > 0); 6686 return count; 6687 } 6688 return -EINVAL; 6689 } 6690 static DRIVER_ATTR_RW(strict); 6691 6692 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf) 6693 { 6694 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl); 6695 } 6696 static DRIVER_ATTR_RO(uuid_ctl); 6697 6698 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf) 6699 { 6700 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len); 6701 } 6702 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf, 6703 size_t count) 6704 { 6705 int ret, n; 6706 6707 ret = kstrtoint(buf, 0, &n); 6708 if (ret) 6709 return ret; 6710 sdebug_cdb_len = n; 6711 all_config_cdb_len(); 6712 return count; 6713 } 6714 static DRIVER_ATTR_RW(cdb_len); 6715 6716 static const char * const zbc_model_strs_a[] = { 6717 [BLK_ZONED_NONE] = "none", 6718 [BLK_ZONED_HA] = "host-aware", 6719 [BLK_ZONED_HM] = "host-managed", 6720 }; 6721 6722 static const char * const zbc_model_strs_b[] = { 6723 [BLK_ZONED_NONE] = "no", 6724 [BLK_ZONED_HA] = "aware", 6725 [BLK_ZONED_HM] = "managed", 6726 }; 6727 6728 static const char * const zbc_model_strs_c[] = { 6729 [BLK_ZONED_NONE] = "0", 6730 [BLK_ZONED_HA] = "1", 6731 [BLK_ZONED_HM] = "2", 6732 }; 6733 6734 static int sdeb_zbc_model_str(const char *cp) 6735 { 6736 int res = sysfs_match_string(zbc_model_strs_a, cp); 6737 6738 if (res < 0) { 6739 res = sysfs_match_string(zbc_model_strs_b, cp); 6740 if (res < 0) { 6741 res = sysfs_match_string(zbc_model_strs_c, cp); 6742 if (res < 0) 6743 return -EINVAL; 6744 } 6745 } 6746 return res; 6747 } 6748 6749 static ssize_t zbc_show(struct device_driver *ddp, char *buf) 6750 { 6751 return scnprintf(buf, PAGE_SIZE, "%s\n", 6752 zbc_model_strs_a[sdeb_zbc_model]); 6753 } 6754 static DRIVER_ATTR_RO(zbc); 6755 6756 static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf) 6757 { 6758 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready); 6759 } 6760 static DRIVER_ATTR_RO(tur_ms_to_ready); 6761 6762 /* Note: The following array creates attribute files in the 6763 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these 6764 files (over those found in the /sys/module/scsi_debug/parameters 6765 directory) is that auxiliary actions can be triggered when an attribute 6766 is changed. For example see: add_host_store() above. 6767 */ 6768 6769 static struct attribute *sdebug_drv_attrs[] = { 6770 &driver_attr_delay.attr, 6771 &driver_attr_opts.attr, 6772 &driver_attr_ptype.attr, 6773 &driver_attr_dsense.attr, 6774 &driver_attr_fake_rw.attr, 6775 &driver_attr_host_max_queue.attr, 6776 &driver_attr_no_lun_0.attr, 6777 &driver_attr_num_tgts.attr, 6778 &driver_attr_dev_size_mb.attr, 6779 &driver_attr_num_parts.attr, 6780 &driver_attr_every_nth.attr, 6781 &driver_attr_lun_format.attr, 6782 &driver_attr_max_luns.attr, 6783 &driver_attr_max_queue.attr, 6784 &driver_attr_no_rwlock.attr, 6785 &driver_attr_no_uld.attr, 6786 &driver_attr_scsi_level.attr, 6787 &driver_attr_virtual_gb.attr, 6788 &driver_attr_add_host.attr, 6789 &driver_attr_per_host_store.attr, 6790 &driver_attr_vpd_use_hostno.attr, 6791 &driver_attr_sector_size.attr, 6792 &driver_attr_statistics.attr, 6793 &driver_attr_submit_queues.attr, 6794 &driver_attr_dix.attr, 6795 &driver_attr_dif.attr, 6796 &driver_attr_guard.attr, 6797 &driver_attr_ato.attr, 6798 &driver_attr_map.attr, 6799 &driver_attr_random.attr, 6800 &driver_attr_removable.attr, 6801 &driver_attr_host_lock.attr, 6802 &driver_attr_ndelay.attr, 6803 &driver_attr_strict.attr, 6804 &driver_attr_uuid_ctl.attr, 6805 &driver_attr_cdb_len.attr, 6806 &driver_attr_tur_ms_to_ready.attr, 6807 &driver_attr_zbc.attr, 6808 NULL, 6809 }; 6810 ATTRIBUTE_GROUPS(sdebug_drv); 6811 6812 static struct device *pseudo_primary; 6813 6814 static int __init scsi_debug_init(void) 6815 { 6816 bool want_store = (sdebug_fake_rw == 0); 6817 unsigned long sz; 6818 int k, ret, hosts_to_add; 6819 int idx = -1; 6820 6821 ramdisk_lck_a[0] = &atomic_rw; 6822 ramdisk_lck_a[1] = &atomic_rw2; 6823 6824 if (sdebug_ndelay >= 1000 * 1000 * 1000) { 6825 pr_warn("ndelay must be less than 1 second, ignored\n"); 6826 sdebug_ndelay = 0; 6827 } else if (sdebug_ndelay > 0) 6828 sdebug_jdelay = JDELAY_OVERRIDDEN; 6829 6830 switch (sdebug_sector_size) { 6831 case 512: 6832 case 1024: 6833 case 2048: 6834 case 4096: 6835 break; 6836 default: 6837 pr_err("invalid sector_size %d\n", sdebug_sector_size); 6838 return -EINVAL; 6839 } 6840 6841 switch (sdebug_dif) { 6842 case T10_PI_TYPE0_PROTECTION: 6843 break; 6844 case T10_PI_TYPE1_PROTECTION: 6845 case T10_PI_TYPE2_PROTECTION: 6846 case T10_PI_TYPE3_PROTECTION: 6847 have_dif_prot = true; 6848 break; 6849 6850 default: 6851 pr_err("dif must be 0, 1, 2 or 3\n"); 6852 return -EINVAL; 6853 } 6854 6855 if (sdebug_num_tgts < 0) { 6856 pr_err("num_tgts must be >= 0\n"); 6857 return -EINVAL; 6858 } 6859 6860 if (sdebug_guard > 1) { 6861 pr_err("guard must be 0 or 1\n"); 6862 return -EINVAL; 6863 } 6864 6865 if (sdebug_ato > 1) { 6866 pr_err("ato must be 0 or 1\n"); 6867 return -EINVAL; 6868 } 6869 6870 if (sdebug_physblk_exp > 15) { 6871 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp); 6872 return -EINVAL; 6873 } 6874 6875 sdebug_lun_am = sdebug_lun_am_i; 6876 if (sdebug_lun_am > SAM_LUN_AM_FLAT) { 6877 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am); 6878 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL; 6879 } 6880 6881 if (sdebug_max_luns > 256) { 6882 if (sdebug_max_luns > 16384) { 6883 pr_warn("max_luns can be no more than 16384, use default\n"); 6884 sdebug_max_luns = DEF_MAX_LUNS; 6885 } 6886 sdebug_lun_am = SAM_LUN_AM_FLAT; 6887 } 6888 6889 if (sdebug_lowest_aligned > 0x3fff) { 6890 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned); 6891 return -EINVAL; 6892 } 6893 6894 if (submit_queues < 1) { 6895 pr_err("submit_queues must be 1 or more\n"); 6896 return -EINVAL; 6897 } 6898 6899 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) { 6900 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE); 6901 return -EINVAL; 6902 } 6903 6904 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) || 6905 (sdebug_host_max_queue < 0)) { 6906 pr_err("host_max_queue must be in range [0 %d]\n", 6907 SDEBUG_CANQUEUE); 6908 return -EINVAL; 6909 } 6910 6911 if (sdebug_host_max_queue && 6912 (sdebug_max_queue != sdebug_host_max_queue)) { 6913 sdebug_max_queue = sdebug_host_max_queue; 6914 pr_warn("fixing max submit queue depth to host max queue depth, %d\n", 6915 sdebug_max_queue); 6916 } 6917 6918 /* 6919 * check for host managed zoned block device specified with 6920 * ptype=0x14 or zbc=XXX. 6921 */ 6922 if (sdebug_ptype == TYPE_ZBC) { 6923 sdeb_zbc_model = BLK_ZONED_HM; 6924 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) { 6925 k = sdeb_zbc_model_str(sdeb_zbc_model_s); 6926 if (k < 0) 6927 return k; 6928 sdeb_zbc_model = k; 6929 switch (sdeb_zbc_model) { 6930 case BLK_ZONED_NONE: 6931 case BLK_ZONED_HA: 6932 sdebug_ptype = TYPE_DISK; 6933 break; 6934 case BLK_ZONED_HM: 6935 sdebug_ptype = TYPE_ZBC; 6936 break; 6937 default: 6938 pr_err("Invalid ZBC model\n"); 6939 return -EINVAL; 6940 } 6941 } 6942 if (sdeb_zbc_model != BLK_ZONED_NONE) { 6943 sdeb_zbc_in_use = true; 6944 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT) 6945 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB; 6946 } 6947 6948 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT) 6949 sdebug_dev_size_mb = DEF_DEV_SIZE_MB; 6950 if (sdebug_dev_size_mb < 1) 6951 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */ 6952 sz = (unsigned long)sdebug_dev_size_mb * 1048576; 6953 sdebug_store_sectors = sz / sdebug_sector_size; 6954 sdebug_capacity = get_sdebug_capacity(); 6955 6956 /* play around with geometry, don't waste too much on track 0 */ 6957 sdebug_heads = 8; 6958 sdebug_sectors_per = 32; 6959 if (sdebug_dev_size_mb >= 256) 6960 sdebug_heads = 64; 6961 else if (sdebug_dev_size_mb >= 16) 6962 sdebug_heads = 32; 6963 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 6964 (sdebug_sectors_per * sdebug_heads); 6965 if (sdebug_cylinders_per >= 1024) { 6966 /* other LLDs do this; implies >= 1GB ram disk ... */ 6967 sdebug_heads = 255; 6968 sdebug_sectors_per = 63; 6969 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 6970 (sdebug_sectors_per * sdebug_heads); 6971 } 6972 if (scsi_debug_lbp()) { 6973 sdebug_unmap_max_blocks = 6974 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU); 6975 6976 sdebug_unmap_max_desc = 6977 clamp(sdebug_unmap_max_desc, 0U, 256U); 6978 6979 sdebug_unmap_granularity = 6980 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU); 6981 6982 if (sdebug_unmap_alignment && 6983 sdebug_unmap_granularity <= 6984 sdebug_unmap_alignment) { 6985 pr_err("ERR: unmap_granularity <= unmap_alignment\n"); 6986 return -EINVAL; 6987 } 6988 } 6989 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ); 6990 if (want_store) { 6991 idx = sdebug_add_store(); 6992 if (idx < 0) 6993 return idx; 6994 } 6995 6996 pseudo_primary = root_device_register("pseudo_0"); 6997 if (IS_ERR(pseudo_primary)) { 6998 pr_warn("root_device_register() error\n"); 6999 ret = PTR_ERR(pseudo_primary); 7000 goto free_vm; 7001 } 7002 ret = bus_register(&pseudo_lld_bus); 7003 if (ret < 0) { 7004 pr_warn("bus_register error: %d\n", ret); 7005 goto dev_unreg; 7006 } 7007 ret = driver_register(&sdebug_driverfs_driver); 7008 if (ret < 0) { 7009 pr_warn("driver_register error: %d\n", ret); 7010 goto bus_unreg; 7011 } 7012 7013 hosts_to_add = sdebug_add_host; 7014 sdebug_add_host = 0; 7015 7016 queued_cmd_cache = KMEM_CACHE(sdebug_queued_cmd, SLAB_HWCACHE_ALIGN); 7017 if (!queued_cmd_cache) { 7018 ret = -ENOMEM; 7019 goto driver_unreg; 7020 } 7021 7022 for (k = 0; k < hosts_to_add; k++) { 7023 if (want_store && k == 0) { 7024 ret = sdebug_add_host_helper(idx); 7025 if (ret < 0) { 7026 pr_err("add_host_helper k=%d, error=%d\n", 7027 k, -ret); 7028 break; 7029 } 7030 } else { 7031 ret = sdebug_do_add_host(want_store && 7032 sdebug_per_host_store); 7033 if (ret < 0) { 7034 pr_err("add_host k=%d error=%d\n", k, -ret); 7035 break; 7036 } 7037 } 7038 } 7039 if (sdebug_verbose) 7040 pr_info("built %d host(s)\n", sdebug_num_hosts); 7041 7042 return 0; 7043 7044 driver_unreg: 7045 driver_unregister(&sdebug_driverfs_driver); 7046 bus_unreg: 7047 bus_unregister(&pseudo_lld_bus); 7048 dev_unreg: 7049 root_device_unregister(pseudo_primary); 7050 free_vm: 7051 sdebug_erase_store(idx, NULL); 7052 return ret; 7053 } 7054 7055 static void __exit scsi_debug_exit(void) 7056 { 7057 int k = sdebug_num_hosts; 7058 7059 for (; k; k--) 7060 sdebug_do_remove_host(true); 7061 kmem_cache_destroy(queued_cmd_cache); 7062 driver_unregister(&sdebug_driverfs_driver); 7063 bus_unregister(&pseudo_lld_bus); 7064 root_device_unregister(pseudo_primary); 7065 7066 sdebug_erase_all_stores(false); 7067 xa_destroy(per_store_ap); 7068 } 7069 7070 device_initcall(scsi_debug_init); 7071 module_exit(scsi_debug_exit); 7072 7073 static void sdebug_release_adapter(struct device *dev) 7074 { 7075 struct sdebug_host_info *sdbg_host; 7076 7077 sdbg_host = dev_to_sdebug_host(dev); 7078 kfree(sdbg_host); 7079 } 7080 7081 /* idx must be valid, if sip is NULL then it will be obtained using idx */ 7082 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip) 7083 { 7084 if (idx < 0) 7085 return; 7086 if (!sip) { 7087 if (xa_empty(per_store_ap)) 7088 return; 7089 sip = xa_load(per_store_ap, idx); 7090 if (!sip) 7091 return; 7092 } 7093 vfree(sip->map_storep); 7094 vfree(sip->dif_storep); 7095 vfree(sip->storep); 7096 xa_erase(per_store_ap, idx); 7097 kfree(sip); 7098 } 7099 7100 /* Assume apart_from_first==false only in shutdown case. */ 7101 static void sdebug_erase_all_stores(bool apart_from_first) 7102 { 7103 unsigned long idx; 7104 struct sdeb_store_info *sip = NULL; 7105 7106 xa_for_each(per_store_ap, idx, sip) { 7107 if (apart_from_first) 7108 apart_from_first = false; 7109 else 7110 sdebug_erase_store(idx, sip); 7111 } 7112 if (apart_from_first) 7113 sdeb_most_recent_idx = sdeb_first_idx; 7114 } 7115 7116 /* 7117 * Returns store xarray new element index (idx) if >=0 else negated errno. 7118 * Limit the number of stores to 65536. 7119 */ 7120 static int sdebug_add_store(void) 7121 { 7122 int res; 7123 u32 n_idx; 7124 unsigned long iflags; 7125 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576; 7126 struct sdeb_store_info *sip = NULL; 7127 struct xa_limit xal = { .max = 1 << 16, .min = 0 }; 7128 7129 sip = kzalloc(sizeof(*sip), GFP_KERNEL); 7130 if (!sip) 7131 return -ENOMEM; 7132 7133 xa_lock_irqsave(per_store_ap, iflags); 7134 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC); 7135 if (unlikely(res < 0)) { 7136 xa_unlock_irqrestore(per_store_ap, iflags); 7137 kfree(sip); 7138 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res); 7139 return res; 7140 } 7141 sdeb_most_recent_idx = n_idx; 7142 if (sdeb_first_idx < 0) 7143 sdeb_first_idx = n_idx; 7144 xa_unlock_irqrestore(per_store_ap, iflags); 7145 7146 res = -ENOMEM; 7147 sip->storep = vzalloc(sz); 7148 if (!sip->storep) { 7149 pr_err("user data oom\n"); 7150 goto err; 7151 } 7152 if (sdebug_num_parts > 0) 7153 sdebug_build_parts(sip->storep, sz); 7154 7155 /* DIF/DIX: what T10 calls Protection Information (PI) */ 7156 if (sdebug_dix) { 7157 int dif_size; 7158 7159 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple); 7160 sip->dif_storep = vmalloc(dif_size); 7161 7162 pr_info("dif_storep %u bytes @ %pK\n", dif_size, 7163 sip->dif_storep); 7164 7165 if (!sip->dif_storep) { 7166 pr_err("DIX oom\n"); 7167 goto err; 7168 } 7169 memset(sip->dif_storep, 0xff, dif_size); 7170 } 7171 /* Logical Block Provisioning */ 7172 if (scsi_debug_lbp()) { 7173 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1; 7174 sip->map_storep = vmalloc(array_size(sizeof(long), 7175 BITS_TO_LONGS(map_size))); 7176 7177 pr_info("%lu provisioning blocks\n", map_size); 7178 7179 if (!sip->map_storep) { 7180 pr_err("LBP map oom\n"); 7181 goto err; 7182 } 7183 7184 bitmap_zero(sip->map_storep, map_size); 7185 7186 /* Map first 1KB for partition table */ 7187 if (sdebug_num_parts) 7188 map_region(sip, 0, 2); 7189 } 7190 7191 rwlock_init(&sip->macc_lck); 7192 return (int)n_idx; 7193 err: 7194 sdebug_erase_store((int)n_idx, sip); 7195 pr_warn("%s: failed, errno=%d\n", __func__, -res); 7196 return res; 7197 } 7198 7199 static int sdebug_add_host_helper(int per_host_idx) 7200 { 7201 int k, devs_per_host, idx; 7202 int error = -ENOMEM; 7203 struct sdebug_host_info *sdbg_host; 7204 struct sdebug_dev_info *sdbg_devinfo, *tmp; 7205 7206 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL); 7207 if (!sdbg_host) 7208 return -ENOMEM; 7209 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx; 7210 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE)) 7211 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE); 7212 sdbg_host->si_idx = idx; 7213 7214 INIT_LIST_HEAD(&sdbg_host->dev_info_list); 7215 7216 devs_per_host = sdebug_num_tgts * sdebug_max_luns; 7217 for (k = 0; k < devs_per_host; k++) { 7218 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL); 7219 if (!sdbg_devinfo) 7220 goto clean; 7221 } 7222 7223 mutex_lock(&sdebug_host_list_mutex); 7224 list_add_tail(&sdbg_host->host_list, &sdebug_host_list); 7225 mutex_unlock(&sdebug_host_list_mutex); 7226 7227 sdbg_host->dev.bus = &pseudo_lld_bus; 7228 sdbg_host->dev.parent = pseudo_primary; 7229 sdbg_host->dev.release = &sdebug_release_adapter; 7230 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts); 7231 7232 error = device_register(&sdbg_host->dev); 7233 if (error) { 7234 mutex_lock(&sdebug_host_list_mutex); 7235 list_del(&sdbg_host->host_list); 7236 mutex_unlock(&sdebug_host_list_mutex); 7237 goto clean; 7238 } 7239 7240 ++sdebug_num_hosts; 7241 return 0; 7242 7243 clean: 7244 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 7245 dev_list) { 7246 list_del(&sdbg_devinfo->dev_list); 7247 kfree(sdbg_devinfo->zstate); 7248 kfree(sdbg_devinfo); 7249 } 7250 if (sdbg_host->dev.release) 7251 put_device(&sdbg_host->dev); 7252 else 7253 kfree(sdbg_host); 7254 pr_warn("%s: failed, errno=%d\n", __func__, -error); 7255 return error; 7256 } 7257 7258 static int sdebug_do_add_host(bool mk_new_store) 7259 { 7260 int ph_idx = sdeb_most_recent_idx; 7261 7262 if (mk_new_store) { 7263 ph_idx = sdebug_add_store(); 7264 if (ph_idx < 0) 7265 return ph_idx; 7266 } 7267 return sdebug_add_host_helper(ph_idx); 7268 } 7269 7270 static void sdebug_do_remove_host(bool the_end) 7271 { 7272 int idx = -1; 7273 struct sdebug_host_info *sdbg_host = NULL; 7274 struct sdebug_host_info *sdbg_host2; 7275 7276 mutex_lock(&sdebug_host_list_mutex); 7277 if (!list_empty(&sdebug_host_list)) { 7278 sdbg_host = list_entry(sdebug_host_list.prev, 7279 struct sdebug_host_info, host_list); 7280 idx = sdbg_host->si_idx; 7281 } 7282 if (!the_end && idx >= 0) { 7283 bool unique = true; 7284 7285 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) { 7286 if (sdbg_host2 == sdbg_host) 7287 continue; 7288 if (idx == sdbg_host2->si_idx) { 7289 unique = false; 7290 break; 7291 } 7292 } 7293 if (unique) { 7294 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE); 7295 if (idx == sdeb_most_recent_idx) 7296 --sdeb_most_recent_idx; 7297 } 7298 } 7299 if (sdbg_host) 7300 list_del(&sdbg_host->host_list); 7301 mutex_unlock(&sdebug_host_list_mutex); 7302 7303 if (!sdbg_host) 7304 return; 7305 7306 device_unregister(&sdbg_host->dev); 7307 --sdebug_num_hosts; 7308 } 7309 7310 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth) 7311 { 7312 struct sdebug_dev_info *devip = sdev->hostdata; 7313 7314 if (!devip) 7315 return -ENODEV; 7316 7317 mutex_lock(&sdebug_host_list_mutex); 7318 block_unblock_all_queues(true); 7319 7320 if (qdepth > SDEBUG_CANQUEUE) { 7321 qdepth = SDEBUG_CANQUEUE; 7322 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__, 7323 qdepth, SDEBUG_CANQUEUE); 7324 } 7325 if (qdepth < 1) 7326 qdepth = 1; 7327 if (qdepth != sdev->queue_depth) 7328 scsi_change_queue_depth(sdev, qdepth); 7329 7330 block_unblock_all_queues(false); 7331 mutex_unlock(&sdebug_host_list_mutex); 7332 7333 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) 7334 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d\n", __func__, qdepth); 7335 7336 return sdev->queue_depth; 7337 } 7338 7339 static bool fake_timeout(struct scsi_cmnd *scp) 7340 { 7341 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) { 7342 if (sdebug_every_nth < -1) 7343 sdebug_every_nth = -1; 7344 if (SDEBUG_OPT_TIMEOUT & sdebug_opts) 7345 return true; /* ignore command causing timeout */ 7346 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts && 7347 scsi_medium_access_command(scp)) 7348 return true; /* time out reads and writes */ 7349 } 7350 return false; 7351 } 7352 7353 /* Response to TUR or media access command when device stopped */ 7354 static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 7355 { 7356 int stopped_state; 7357 u64 diff_ns = 0; 7358 ktime_t now_ts = ktime_get_boottime(); 7359 struct scsi_device *sdp = scp->device; 7360 7361 stopped_state = atomic_read(&devip->stopped); 7362 if (stopped_state == 2) { 7363 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) { 7364 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts)); 7365 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) { 7366 /* tur_ms_to_ready timer extinguished */ 7367 atomic_set(&devip->stopped, 0); 7368 return 0; 7369 } 7370 } 7371 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1); 7372 if (sdebug_verbose) 7373 sdev_printk(KERN_INFO, sdp, 7374 "%s: Not ready: in process of becoming ready\n", my_name); 7375 if (scp->cmnd[0] == TEST_UNIT_READY) { 7376 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000; 7377 7378 if (diff_ns <= tur_nanosecs_to_ready) 7379 diff_ns = tur_nanosecs_to_ready - diff_ns; 7380 else 7381 diff_ns = tur_nanosecs_to_ready; 7382 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */ 7383 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */ 7384 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE, 7385 diff_ns); 7386 return check_condition_result; 7387 } 7388 } 7389 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2); 7390 if (sdebug_verbose) 7391 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n", 7392 my_name); 7393 return check_condition_result; 7394 } 7395 7396 static void sdebug_map_queues(struct Scsi_Host *shost) 7397 { 7398 int i, qoff; 7399 7400 if (shost->nr_hw_queues == 1) 7401 return; 7402 7403 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) { 7404 struct blk_mq_queue_map *map = &shost->tag_set.map[i]; 7405 7406 map->nr_queues = 0; 7407 7408 if (i == HCTX_TYPE_DEFAULT) 7409 map->nr_queues = submit_queues - poll_queues; 7410 else if (i == HCTX_TYPE_POLL) 7411 map->nr_queues = poll_queues; 7412 7413 if (!map->nr_queues) { 7414 BUG_ON(i == HCTX_TYPE_DEFAULT); 7415 continue; 7416 } 7417 7418 map->queue_offset = qoff; 7419 blk_mq_map_queues(map); 7420 7421 qoff += map->nr_queues; 7422 } 7423 } 7424 7425 struct sdebug_blk_mq_poll_data { 7426 unsigned int queue_num; 7427 int *num_entries; 7428 }; 7429 7430 /* 7431 * We don't handle aborted commands here, but it does not seem possible to have 7432 * aborted polled commands from schedule_resp() 7433 */ 7434 static bool sdebug_blk_mq_poll_iter(struct request *rq, void *opaque) 7435 { 7436 struct sdebug_blk_mq_poll_data *data = opaque; 7437 struct scsi_cmnd *cmd = blk_mq_rq_to_pdu(rq); 7438 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd); 7439 struct sdebug_defer *sd_dp; 7440 u32 unique_tag = blk_mq_unique_tag(rq); 7441 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag); 7442 struct sdebug_queued_cmd *sqcp; 7443 unsigned long flags; 7444 int queue_num = data->queue_num; 7445 ktime_t time; 7446 7447 /* We're only interested in one queue for this iteration */ 7448 if (hwq != queue_num) 7449 return true; 7450 7451 /* Subsequent checks would fail if this failed, but check anyway */ 7452 if (!test_bit(SCMD_STATE_INFLIGHT, &cmd->state)) 7453 return true; 7454 7455 time = ktime_get_boottime(); 7456 7457 spin_lock_irqsave(&sdsc->lock, flags); 7458 sqcp = TO_QUEUED_CMD(cmd); 7459 if (!sqcp) { 7460 spin_unlock_irqrestore(&sdsc->lock, flags); 7461 return true; 7462 } 7463 7464 sd_dp = &sqcp->sd_dp; 7465 if (READ_ONCE(sd_dp->defer_t) != SDEB_DEFER_POLL) { 7466 spin_unlock_irqrestore(&sdsc->lock, flags); 7467 return true; 7468 } 7469 7470 if (time < sd_dp->cmpl_ts) { 7471 spin_unlock_irqrestore(&sdsc->lock, flags); 7472 return true; 7473 } 7474 7475 ASSIGN_QUEUED_CMD(cmd, NULL); 7476 spin_unlock_irqrestore(&sdsc->lock, flags); 7477 7478 if (sdebug_statistics) { 7479 atomic_inc(&sdebug_completions); 7480 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 7481 atomic_inc(&sdebug_miss_cpus); 7482 } 7483 7484 sdebug_free_queued_cmd(sqcp); 7485 7486 scsi_done(cmd); /* callback to mid level */ 7487 (*data->num_entries)++; 7488 return true; 7489 } 7490 7491 static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num) 7492 { 7493 int num_entries = 0; 7494 struct sdebug_blk_mq_poll_data data = { 7495 .queue_num = queue_num, 7496 .num_entries = &num_entries, 7497 }; 7498 7499 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_blk_mq_poll_iter, 7500 &data); 7501 7502 if (num_entries > 0) 7503 atomic_add(num_entries, &sdeb_mq_poll_count); 7504 return num_entries; 7505 } 7506 7507 static int scsi_debug_queuecommand(struct Scsi_Host *shost, 7508 struct scsi_cmnd *scp) 7509 { 7510 u8 sdeb_i; 7511 struct scsi_device *sdp = scp->device; 7512 const struct opcode_info_t *oip; 7513 const struct opcode_info_t *r_oip; 7514 struct sdebug_dev_info *devip; 7515 u8 *cmd = scp->cmnd; 7516 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 7517 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL; 7518 int k, na; 7519 int errsts = 0; 7520 u64 lun_index = sdp->lun & 0x3FFF; 7521 u32 flags; 7522 u16 sa; 7523 u8 opcode = cmd[0]; 7524 bool has_wlun_rl; 7525 bool inject_now; 7526 7527 scsi_set_resid(scp, 0); 7528 if (sdebug_statistics) { 7529 atomic_inc(&sdebug_cmnd_count); 7530 inject_now = inject_on_this_cmd(); 7531 } else { 7532 inject_now = false; 7533 } 7534 if (unlikely(sdebug_verbose && 7535 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) { 7536 char b[120]; 7537 int n, len, sb; 7538 7539 len = scp->cmd_len; 7540 sb = (int)sizeof(b); 7541 if (len > 32) 7542 strcpy(b, "too long, over 32 bytes"); 7543 else { 7544 for (k = 0, n = 0; k < len && n < sb; ++k) 7545 n += scnprintf(b + n, sb - n, "%02x ", 7546 (u32)cmd[k]); 7547 } 7548 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name, 7549 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b); 7550 } 7551 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY))) 7552 return SCSI_MLQUEUE_HOST_BUSY; 7553 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS); 7554 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl)) 7555 goto err_out; 7556 7557 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */ 7558 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */ 7559 devip = (struct sdebug_dev_info *)sdp->hostdata; 7560 if (unlikely(!devip)) { 7561 devip = find_build_dev_info(sdp); 7562 if (NULL == devip) 7563 goto err_out; 7564 } 7565 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending))) 7566 atomic_set(&sdeb_inject_pending, 1); 7567 7568 na = oip->num_attached; 7569 r_pfp = oip->pfp; 7570 if (na) { /* multiple commands with this opcode */ 7571 r_oip = oip; 7572 if (FF_SA & r_oip->flags) { 7573 if (F_SA_LOW & oip->flags) 7574 sa = 0x1f & cmd[1]; 7575 else 7576 sa = get_unaligned_be16(cmd + 8); 7577 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 7578 if (opcode == oip->opcode && sa == oip->sa) 7579 break; 7580 } 7581 } else { /* since no service action only check opcode */ 7582 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 7583 if (opcode == oip->opcode) 7584 break; 7585 } 7586 } 7587 if (k > na) { 7588 if (F_SA_LOW & r_oip->flags) 7589 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4); 7590 else if (F_SA_HIGH & r_oip->flags) 7591 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7); 7592 else 7593 mk_sense_invalid_opcode(scp); 7594 goto check_cond; 7595 } 7596 } /* else (when na==0) we assume the oip is a match */ 7597 flags = oip->flags; 7598 if (unlikely(F_INV_OP & flags)) { 7599 mk_sense_invalid_opcode(scp); 7600 goto check_cond; 7601 } 7602 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) { 7603 if (sdebug_verbose) 7604 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n", 7605 my_name, opcode, " supported for wlun"); 7606 mk_sense_invalid_opcode(scp); 7607 goto check_cond; 7608 } 7609 if (unlikely(sdebug_strict)) { /* check cdb against mask */ 7610 u8 rem; 7611 int j; 7612 7613 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) { 7614 rem = ~oip->len_mask[k] & cmd[k]; 7615 if (rem) { 7616 for (j = 7; j >= 0; --j, rem <<= 1) { 7617 if (0x80 & rem) 7618 break; 7619 } 7620 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j); 7621 goto check_cond; 7622 } 7623 } 7624 } 7625 if (unlikely(!(F_SKIP_UA & flags) && 7626 find_first_bit(devip->uas_bm, 7627 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) { 7628 errsts = make_ua(scp, devip); 7629 if (errsts) 7630 goto check_cond; 7631 } 7632 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) && 7633 atomic_read(&devip->stopped))) { 7634 errsts = resp_not_ready(scp, devip); 7635 if (errsts) 7636 goto fini; 7637 } 7638 if (sdebug_fake_rw && (F_FAKE_RW & flags)) 7639 goto fini; 7640 if (unlikely(sdebug_every_nth)) { 7641 if (fake_timeout(scp)) 7642 return 0; /* ignore command: make trouble */ 7643 } 7644 if (likely(oip->pfp)) 7645 pfp = oip->pfp; /* calls a resp_* function */ 7646 else 7647 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */ 7648 7649 fini: 7650 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */ 7651 return schedule_resp(scp, devip, errsts, pfp, 0, 0); 7652 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 || 7653 sdebug_ndelay > 10000)) { 7654 /* 7655 * Skip long delays if ndelay <= 10 microseconds. Otherwise 7656 * for Start Stop Unit (SSU) want at least 1 second delay and 7657 * if sdebug_jdelay>1 want a long delay of that many seconds. 7658 * For Synchronize Cache want 1/20 of SSU's delay. 7659 */ 7660 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay; 7661 int denom = (flags & F_SYNC_DELAY) ? 20 : 1; 7662 7663 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ); 7664 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0); 7665 } else 7666 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay, 7667 sdebug_ndelay); 7668 check_cond: 7669 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0); 7670 err_out: 7671 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0); 7672 } 7673 7674 static int sdebug_init_cmd_priv(struct Scsi_Host *shost, struct scsi_cmnd *cmd) 7675 { 7676 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd); 7677 7678 spin_lock_init(&sdsc->lock); 7679 7680 return 0; 7681 } 7682 7683 7684 static struct scsi_host_template sdebug_driver_template = { 7685 .show_info = scsi_debug_show_info, 7686 .write_info = scsi_debug_write_info, 7687 .proc_name = sdebug_proc_name, 7688 .name = "SCSI DEBUG", 7689 .info = scsi_debug_info, 7690 .slave_alloc = scsi_debug_slave_alloc, 7691 .slave_configure = scsi_debug_slave_configure, 7692 .slave_destroy = scsi_debug_slave_destroy, 7693 .ioctl = scsi_debug_ioctl, 7694 .queuecommand = scsi_debug_queuecommand, 7695 .change_queue_depth = sdebug_change_qdepth, 7696 .map_queues = sdebug_map_queues, 7697 .mq_poll = sdebug_blk_mq_poll, 7698 .eh_abort_handler = scsi_debug_abort, 7699 .eh_device_reset_handler = scsi_debug_device_reset, 7700 .eh_target_reset_handler = scsi_debug_target_reset, 7701 .eh_bus_reset_handler = scsi_debug_bus_reset, 7702 .eh_host_reset_handler = scsi_debug_host_reset, 7703 .can_queue = SDEBUG_CANQUEUE, 7704 .this_id = 7, 7705 .sg_tablesize = SG_MAX_SEGMENTS, 7706 .cmd_per_lun = DEF_CMD_PER_LUN, 7707 .max_sectors = -1U, 7708 .max_segment_size = -1U, 7709 .module = THIS_MODULE, 7710 .track_queue_depth = 1, 7711 .cmd_size = sizeof(struct sdebug_scsi_cmd), 7712 .init_cmd_priv = sdebug_init_cmd_priv, 7713 }; 7714 7715 static int sdebug_driver_probe(struct device *dev) 7716 { 7717 int error = 0; 7718 struct sdebug_host_info *sdbg_host; 7719 struct Scsi_Host *hpnt; 7720 int hprot; 7721 7722 sdbg_host = dev_to_sdebug_host(dev); 7723 7724 sdebug_driver_template.can_queue = sdebug_max_queue; 7725 sdebug_driver_template.cmd_per_lun = sdebug_max_queue; 7726 if (!sdebug_clustering) 7727 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1; 7728 7729 hpnt = scsi_host_alloc(&sdebug_driver_template, 0); 7730 if (NULL == hpnt) { 7731 pr_err("scsi_host_alloc failed\n"); 7732 error = -ENODEV; 7733 return error; 7734 } 7735 if (submit_queues > nr_cpu_ids) { 7736 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n", 7737 my_name, submit_queues, nr_cpu_ids); 7738 submit_queues = nr_cpu_ids; 7739 } 7740 /* 7741 * Decide whether to tell scsi subsystem that we want mq. The 7742 * following should give the same answer for each host. 7743 */ 7744 hpnt->nr_hw_queues = submit_queues; 7745 if (sdebug_host_max_queue) 7746 hpnt->host_tagset = 1; 7747 7748 /* poll queues are possible for nr_hw_queues > 1 */ 7749 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) { 7750 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n", 7751 my_name, poll_queues, hpnt->nr_hw_queues); 7752 poll_queues = 0; 7753 } 7754 7755 /* 7756 * Poll queues don't need interrupts, but we need at least one I/O queue 7757 * left over for non-polled I/O. 7758 * If condition not met, trim poll_queues to 1 (just for simplicity). 7759 */ 7760 if (poll_queues >= submit_queues) { 7761 if (submit_queues < 3) 7762 pr_warn("%s: trim poll_queues to 1\n", my_name); 7763 else 7764 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n", 7765 my_name, submit_queues - 1); 7766 poll_queues = 1; 7767 } 7768 if (poll_queues) 7769 hpnt->nr_maps = 3; 7770 7771 sdbg_host->shost = hpnt; 7772 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id)) 7773 hpnt->max_id = sdebug_num_tgts + 1; 7774 else 7775 hpnt->max_id = sdebug_num_tgts; 7776 /* = sdebug_max_luns; */ 7777 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 7778 7779 hprot = 0; 7780 7781 switch (sdebug_dif) { 7782 7783 case T10_PI_TYPE1_PROTECTION: 7784 hprot = SHOST_DIF_TYPE1_PROTECTION; 7785 if (sdebug_dix) 7786 hprot |= SHOST_DIX_TYPE1_PROTECTION; 7787 break; 7788 7789 case T10_PI_TYPE2_PROTECTION: 7790 hprot = SHOST_DIF_TYPE2_PROTECTION; 7791 if (sdebug_dix) 7792 hprot |= SHOST_DIX_TYPE2_PROTECTION; 7793 break; 7794 7795 case T10_PI_TYPE3_PROTECTION: 7796 hprot = SHOST_DIF_TYPE3_PROTECTION; 7797 if (sdebug_dix) 7798 hprot |= SHOST_DIX_TYPE3_PROTECTION; 7799 break; 7800 7801 default: 7802 if (sdebug_dix) 7803 hprot |= SHOST_DIX_TYPE0_PROTECTION; 7804 break; 7805 } 7806 7807 scsi_host_set_prot(hpnt, hprot); 7808 7809 if (have_dif_prot || sdebug_dix) 7810 pr_info("host protection%s%s%s%s%s%s%s\n", 7811 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "", 7812 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "", 7813 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "", 7814 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "", 7815 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "", 7816 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "", 7817 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : ""); 7818 7819 if (sdebug_guard == 1) 7820 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP); 7821 else 7822 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC); 7823 7824 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts); 7825 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts); 7826 if (sdebug_every_nth) /* need stats counters for every_nth */ 7827 sdebug_statistics = true; 7828 error = scsi_add_host(hpnt, &sdbg_host->dev); 7829 if (error) { 7830 pr_err("scsi_add_host failed\n"); 7831 error = -ENODEV; 7832 scsi_host_put(hpnt); 7833 } else { 7834 scsi_scan_host(hpnt); 7835 } 7836 7837 return error; 7838 } 7839 7840 static void sdebug_driver_remove(struct device *dev) 7841 { 7842 struct sdebug_host_info *sdbg_host; 7843 struct sdebug_dev_info *sdbg_devinfo, *tmp; 7844 7845 sdbg_host = dev_to_sdebug_host(dev); 7846 7847 scsi_remove_host(sdbg_host->shost); 7848 7849 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 7850 dev_list) { 7851 list_del(&sdbg_devinfo->dev_list); 7852 kfree(sdbg_devinfo->zstate); 7853 kfree(sdbg_devinfo); 7854 } 7855 7856 scsi_host_put(sdbg_host->shost); 7857 } 7858 7859 static struct bus_type pseudo_lld_bus = { 7860 .name = "pseudo", 7861 .probe = sdebug_driver_probe, 7862 .remove = sdebug_driver_remove, 7863 .drv_groups = sdebug_drv_groups, 7864 }; 7865