1 /* 2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 3 * Copyright (C) 1992 Eric Youngdale 4 * Simulate a host adapter with 2 disks attached. Do a lot of checking 5 * to make sure that we are not getting blocks mixed up, and PANIC if 6 * anything out of the ordinary is seen. 7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 8 * 9 * Copyright (C) 2001 - 2016 Douglas Gilbert 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License as published by 13 * the Free Software Foundation; either version 2, or (at your option) 14 * any later version. 15 * 16 * For documentation see http://sg.danny.cz/sg/sdebug26.html 17 * 18 */ 19 20 21 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__ 22 23 #include <linux/module.h> 24 25 #include <linux/kernel.h> 26 #include <linux/errno.h> 27 #include <linux/jiffies.h> 28 #include <linux/slab.h> 29 #include <linux/types.h> 30 #include <linux/string.h> 31 #include <linux/genhd.h> 32 #include <linux/fs.h> 33 #include <linux/init.h> 34 #include <linux/proc_fs.h> 35 #include <linux/vmalloc.h> 36 #include <linux/moduleparam.h> 37 #include <linux/scatterlist.h> 38 #include <linux/blkdev.h> 39 #include <linux/crc-t10dif.h> 40 #include <linux/spinlock.h> 41 #include <linux/interrupt.h> 42 #include <linux/atomic.h> 43 #include <linux/hrtimer.h> 44 #include <linux/uuid.h> 45 #include <linux/t10-pi.h> 46 47 #include <net/checksum.h> 48 49 #include <asm/unaligned.h> 50 51 #include <scsi/scsi.h> 52 #include <scsi/scsi_cmnd.h> 53 #include <scsi/scsi_device.h> 54 #include <scsi/scsi_host.h> 55 #include <scsi/scsicam.h> 56 #include <scsi/scsi_eh.h> 57 #include <scsi/scsi_tcq.h> 58 #include <scsi/scsi_dbg.h> 59 60 #include "sd.h" 61 #include "scsi_logging.h" 62 63 /* make sure inq_product_rev string corresponds to this version */ 64 #define SDEBUG_VERSION "1.86" 65 static const char *sdebug_version_date = "20160430"; 66 67 #define MY_NAME "scsi_debug" 68 69 /* Additional Sense Code (ASC) */ 70 #define NO_ADDITIONAL_SENSE 0x0 71 #define LOGICAL_UNIT_NOT_READY 0x4 72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8 73 #define UNRECOVERED_READ_ERR 0x11 74 #define PARAMETER_LIST_LENGTH_ERR 0x1a 75 #define INVALID_OPCODE 0x20 76 #define LBA_OUT_OF_RANGE 0x21 77 #define INVALID_FIELD_IN_CDB 0x24 78 #define INVALID_FIELD_IN_PARAM_LIST 0x26 79 #define UA_RESET_ASC 0x29 80 #define UA_CHANGED_ASC 0x2a 81 #define TARGET_CHANGED_ASC 0x3f 82 #define LUNS_CHANGED_ASCQ 0x0e 83 #define INSUFF_RES_ASC 0x55 84 #define INSUFF_RES_ASCQ 0x3 85 #define POWER_ON_RESET_ASCQ 0x0 86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */ 87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */ 88 #define CAPACITY_CHANGED_ASCQ 0x9 89 #define SAVING_PARAMS_UNSUP 0x39 90 #define TRANSPORT_PROBLEM 0x4b 91 #define THRESHOLD_EXCEEDED 0x5d 92 #define LOW_POWER_COND_ON 0x5e 93 #define MISCOMPARE_VERIFY_ASC 0x1d 94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */ 95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16 96 97 /* Additional Sense Code Qualifier (ASCQ) */ 98 #define ACK_NAK_TO 0x3 99 100 /* Default values for driver parameters */ 101 #define DEF_NUM_HOST 1 102 #define DEF_NUM_TGTS 1 103 #define DEF_MAX_LUNS 1 104 /* With these defaults, this driver will make 1 host with 1 target 105 * (id 0) containing 1 logical unit (lun 0). That is 1 device. 106 */ 107 #define DEF_ATO 1 108 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */ 109 #define DEF_DEV_SIZE_MB 8 110 #define DEF_DIF 0 111 #define DEF_DIX 0 112 #define DEF_D_SENSE 0 113 #define DEF_EVERY_NTH 0 114 #define DEF_FAKE_RW 0 115 #define DEF_GUARD 0 116 #define DEF_HOST_LOCK 0 117 #define DEF_LBPU 0 118 #define DEF_LBPWS 0 119 #define DEF_LBPWS10 0 120 #define DEF_LBPRZ 1 121 #define DEF_LOWEST_ALIGNED 0 122 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */ 123 #define DEF_NO_LUN_0 0 124 #define DEF_NUM_PARTS 0 125 #define DEF_OPTS 0 126 #define DEF_OPT_BLKS 1024 127 #define DEF_PHYSBLK_EXP 0 128 #define DEF_OPT_XFERLEN_EXP 0 129 #define DEF_PTYPE TYPE_DISK 130 #define DEF_REMOVABLE false 131 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */ 132 #define DEF_SECTOR_SIZE 512 133 #define DEF_UNMAP_ALIGNMENT 0 134 #define DEF_UNMAP_GRANULARITY 1 135 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF 136 #define DEF_UNMAP_MAX_DESC 256 137 #define DEF_VIRTUAL_GB 0 138 #define DEF_VPD_USE_HOSTNO 1 139 #define DEF_WRITESAME_LENGTH 0xFFFF 140 #define DEF_STRICT 0 141 #define DEF_STATISTICS false 142 #define DEF_SUBMIT_QUEUES 1 143 #define DEF_UUID_CTL 0 144 #define JDELAY_OVERRIDDEN -9999 145 146 #define SDEBUG_LUN_0_VAL 0 147 148 /* bit mask values for sdebug_opts */ 149 #define SDEBUG_OPT_NOISE 1 150 #define SDEBUG_OPT_MEDIUM_ERR 2 151 #define SDEBUG_OPT_TIMEOUT 4 152 #define SDEBUG_OPT_RECOVERED_ERR 8 153 #define SDEBUG_OPT_TRANSPORT_ERR 16 154 #define SDEBUG_OPT_DIF_ERR 32 155 #define SDEBUG_OPT_DIX_ERR 64 156 #define SDEBUG_OPT_MAC_TIMEOUT 128 157 #define SDEBUG_OPT_SHORT_TRANSFER 0x100 158 #define SDEBUG_OPT_Q_NOISE 0x200 159 #define SDEBUG_OPT_ALL_TSF 0x400 160 #define SDEBUG_OPT_RARE_TSF 0x800 161 #define SDEBUG_OPT_N_WCE 0x1000 162 #define SDEBUG_OPT_RESET_NOISE 0x2000 163 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000 164 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \ 165 SDEBUG_OPT_RESET_NOISE) 166 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \ 167 SDEBUG_OPT_TRANSPORT_ERR | \ 168 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \ 169 SDEBUG_OPT_SHORT_TRANSFER) 170 /* When "every_nth" > 0 then modulo "every_nth" commands: 171 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set 172 * - a RECOVERED_ERROR is simulated on successful read and write 173 * commands if SDEBUG_OPT_RECOVERED_ERR is set. 174 * - a TRANSPORT_ERROR is simulated on successful read and write 175 * commands if SDEBUG_OPT_TRANSPORT_ERR is set. 176 * 177 * When "every_nth" < 0 then after "- every_nth" commands: 178 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set 179 * - a RECOVERED_ERROR is simulated on successful read and write 180 * commands if SDEBUG_OPT_RECOVERED_ERR is set. 181 * - a TRANSPORT_ERROR is simulated on successful read and write 182 * commands if _DEBUG_OPT_TRANSPORT_ERR is set. 183 * This will continue on every subsequent command until some other action 184 * occurs (e.g. the user * writing a new value (other than -1 or 1) to 185 * every_nth via sysfs). 186 */ 187 188 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in 189 * priority order. In the subset implemented here lower numbers have higher 190 * priority. The UA numbers should be a sequence starting from 0 with 191 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */ 192 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */ 193 #define SDEBUG_UA_BUS_RESET 1 194 #define SDEBUG_UA_MODE_CHANGED 2 195 #define SDEBUG_UA_CAPACITY_CHANGED 3 196 #define SDEBUG_UA_LUNS_CHANGED 4 197 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */ 198 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6 199 #define SDEBUG_NUM_UAS 7 200 201 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this 202 * sector on read commands: */ 203 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */ 204 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */ 205 206 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1) 207 * or "peripheral device" addressing (value 0) */ 208 #define SAM2_LUN_ADDRESS_METHOD 0 209 210 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued 211 * (for response) per submit queue at one time. Can be reduced by max_queue 212 * option. Command responses are not queued when jdelay=0 and ndelay=0. The 213 * per-device DEF_CMD_PER_LUN can be changed via sysfs: 214 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth 215 * but cannot exceed SDEBUG_CANQUEUE . 216 */ 217 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */ 218 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG) 219 #define DEF_CMD_PER_LUN 255 220 221 #define F_D_IN 1 222 #define F_D_OUT 2 223 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */ 224 #define F_D_UNKN 8 225 #define F_RL_WLUN_OK 0x10 226 #define F_SKIP_UA 0x20 227 #define F_DELAY_OVERR 0x40 228 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */ 229 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */ 230 #define F_INV_OP 0x200 231 #define F_FAKE_RW 0x400 232 #define F_M_ACCESS 0x800 /* media access */ 233 234 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR) 235 #define FF_DIRECT_IO (F_M_ACCESS | F_FAKE_RW) 236 #define FF_SA (F_SA_HIGH | F_SA_LOW) 237 238 #define SDEBUG_MAX_PARTS 4 239 240 #define SDEBUG_MAX_CMD_LEN 32 241 242 243 struct sdebug_dev_info { 244 struct list_head dev_list; 245 unsigned int channel; 246 unsigned int target; 247 u64 lun; 248 uuid_t lu_name; 249 struct sdebug_host_info *sdbg_host; 250 unsigned long uas_bm[1]; 251 atomic_t num_in_q; 252 atomic_t stopped; 253 bool used; 254 }; 255 256 struct sdebug_host_info { 257 struct list_head host_list; 258 struct Scsi_Host *shost; 259 struct device dev; 260 struct list_head dev_info_list; 261 }; 262 263 #define to_sdebug_host(d) \ 264 container_of(d, struct sdebug_host_info, dev) 265 266 struct sdebug_defer { 267 struct hrtimer hrt; 268 struct execute_work ew; 269 int sqa_idx; /* index of sdebug_queue array */ 270 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */ 271 int issuing_cpu; 272 }; 273 274 struct sdebug_queued_cmd { 275 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue 276 * instance indicates this slot is in use. 277 */ 278 struct sdebug_defer *sd_dp; 279 struct scsi_cmnd *a_cmnd; 280 unsigned int inj_recovered:1; 281 unsigned int inj_transport:1; 282 unsigned int inj_dif:1; 283 unsigned int inj_dix:1; 284 unsigned int inj_short:1; 285 }; 286 287 struct sdebug_queue { 288 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE]; 289 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS]; 290 spinlock_t qc_lock; 291 atomic_t blocked; /* to temporarily stop more being queued */ 292 }; 293 294 static atomic_t sdebug_cmnd_count; /* number of incoming commands */ 295 static atomic_t sdebug_completions; /* count of deferred completions */ 296 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */ 297 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */ 298 299 struct opcode_info_t { 300 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */ 301 /* for terminating element */ 302 u8 opcode; /* if num_attached > 0, preferred */ 303 u16 sa; /* service action */ 304 u32 flags; /* OR-ed set of SDEB_F_* */ 305 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 306 const struct opcode_info_t *arrp; /* num_attached elements or NULL */ 307 u8 len_mask[16]; /* len=len_mask[0], then mask for cdb[1]... */ 308 /* ignore cdb bytes after position 15 */ 309 }; 310 311 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */ 312 enum sdeb_opcode_index { 313 SDEB_I_INVALID_OPCODE = 0, 314 SDEB_I_INQUIRY = 1, 315 SDEB_I_REPORT_LUNS = 2, 316 SDEB_I_REQUEST_SENSE = 3, 317 SDEB_I_TEST_UNIT_READY = 4, 318 SDEB_I_MODE_SENSE = 5, /* 6, 10 */ 319 SDEB_I_MODE_SELECT = 6, /* 6, 10 */ 320 SDEB_I_LOG_SENSE = 7, 321 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */ 322 SDEB_I_READ = 9, /* 6, 10, 12, 16 */ 323 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */ 324 SDEB_I_START_STOP = 11, 325 SDEB_I_SERV_ACT_IN = 12, /* 12, 16 */ 326 SDEB_I_SERV_ACT_OUT = 13, /* 12, 16 */ 327 SDEB_I_MAINT_IN = 14, 328 SDEB_I_MAINT_OUT = 15, 329 SDEB_I_VERIFY = 16, /* 10 only */ 330 SDEB_I_VARIABLE_LEN = 17, 331 SDEB_I_RESERVE = 18, /* 6, 10 */ 332 SDEB_I_RELEASE = 19, /* 6, 10 */ 333 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */ 334 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */ 335 SDEB_I_ATA_PT = 22, /* 12, 16 */ 336 SDEB_I_SEND_DIAG = 23, 337 SDEB_I_UNMAP = 24, 338 SDEB_I_XDWRITEREAD = 25, /* 10 only */ 339 SDEB_I_WRITE_BUFFER = 26, 340 SDEB_I_WRITE_SAME = 27, /* 10, 16 */ 341 SDEB_I_SYNC_CACHE = 28, /* 10 only */ 342 SDEB_I_COMP_WRITE = 29, 343 SDEB_I_LAST_ELEMENT = 30, /* keep this last */ 344 }; 345 346 347 static const unsigned char opcode_ind_arr[256] = { 348 /* 0x0; 0x0->0x1f: 6 byte cdbs */ 349 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE, 350 0, 0, 0, 0, 351 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0, 352 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 353 SDEB_I_RELEASE, 354 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG, 355 SDEB_I_ALLOW_REMOVAL, 0, 356 /* 0x20; 0x20->0x3f: 10 byte cdbs */ 357 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0, 358 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY, 359 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0, 360 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0, 361 /* 0x40; 0x40->0x5f: 10 byte cdbs */ 362 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0, 363 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0, 364 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 365 SDEB_I_RELEASE, 366 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0, 367 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */ 368 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 369 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 370 0, SDEB_I_VARIABLE_LEN, 371 /* 0x80; 0x80->0x9f: 16 byte cdbs */ 372 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0, 373 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0, 374 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0, 375 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN, SDEB_I_SERV_ACT_OUT, 376 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */ 377 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN, 378 SDEB_I_MAINT_OUT, 0, 0, 0, 379 SDEB_I_READ, SDEB_I_SERV_ACT_OUT, SDEB_I_WRITE, SDEB_I_SERV_ACT_IN, 380 0, 0, 0, 0, 381 0, 0, 0, 0, 0, 0, 0, 0, 382 0, 0, 0, 0, 0, 0, 0, 0, 383 /* 0xc0; 0xc0->0xff: vendor specific */ 384 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 385 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 386 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 387 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 388 }; 389 390 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *); 391 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *); 392 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *); 393 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 394 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *); 395 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 396 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *); 397 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 398 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 399 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *); 400 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *); 401 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *); 402 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *); 403 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *); 404 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *); 405 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *); 406 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *); 407 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *); 408 static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *); 409 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *); 410 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *); 411 412 static const struct opcode_info_t msense_iarr[1] = { 413 {0, 0x1a, 0, F_D_IN, NULL, NULL, 414 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 415 }; 416 417 static const struct opcode_info_t mselect_iarr[1] = { 418 {0, 0x15, 0, F_D_OUT, NULL, NULL, 419 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 420 }; 421 422 static const struct opcode_info_t read_iarr[3] = { 423 {0, 0x28, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(10) */ 424 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 425 0, 0, 0, 0} }, 426 {0, 0x8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL, /* READ(6) */ 427 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 428 {0, 0xa8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(12) */ 429 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f, 430 0xc7, 0, 0, 0, 0} }, 431 }; 432 433 static const struct opcode_info_t write_iarr[3] = { 434 {0, 0x2a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 10 */ 435 {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 436 0, 0, 0, 0} }, 437 {0, 0xa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 6 */ 438 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 439 {0, 0xaa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 12 */ 440 {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f, 441 0xc7, 0, 0, 0, 0} }, 442 }; 443 444 static const struct opcode_info_t sa_in_iarr[1] = { 445 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL, 446 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 447 0xff, 0xff, 0xff, 0, 0xc7} }, 448 }; 449 450 static const struct opcode_info_t vl_iarr[1] = { /* VARIABLE LENGTH */ 451 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_DIRECT_IO, resp_write_dt0, 452 NULL, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0xb, 0xfa, 453 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */ 454 }; 455 456 static const struct opcode_info_t maint_in_iarr[2] = { 457 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL, 458 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 459 0xc7, 0, 0, 0, 0} }, 460 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL, 461 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 462 0, 0} }, 463 }; 464 465 static const struct opcode_info_t write_same_iarr[1] = { 466 {0, 0x93, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_16, NULL, 467 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 468 0xff, 0xff, 0xff, 0x1f, 0xc7} }, 469 }; 470 471 static const struct opcode_info_t reserve_iarr[1] = { 472 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */ 473 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 474 }; 475 476 static const struct opcode_info_t release_iarr[1] = { 477 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */ 478 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 479 }; 480 481 482 /* This array is accessed via SDEB_I_* values. Make sure all are mapped, 483 * plus the terminating elements for logic that scans this table such as 484 * REPORT SUPPORTED OPERATION CODES. */ 485 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = { 486 /* 0 */ 487 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, 488 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 489 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, 490 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 491 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL, 492 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 493 0, 0} }, 494 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL, 495 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 496 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */ 497 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 498 {1, 0x5a, 0, F_D_IN, resp_mode_sense, msense_iarr, 499 {10, 0xf8, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 500 0} }, 501 {1, 0x55, 0, F_D_OUT, resp_mode_select, mselect_iarr, 502 {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 503 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, 504 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 505 0, 0, 0} }, 506 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, 507 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0, 508 0, 0} }, 509 {3, 0x88, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, read_iarr, 510 {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 511 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* READ(16) */ 512 /* 10 */ 513 {3, 0x8a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, write_iarr, 514 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 515 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* WRITE(16) */ 516 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */ 517 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 518 {1, 0x9e, 0x10, F_SA_LOW | F_D_IN, resp_readcap16, sa_in_iarr, 519 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 520 0xff, 0xff, 0xff, 0x1, 0xc7} }, /* READ CAPACITY(16) */ 521 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* SA OUT */ 522 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 523 {2, 0xa3, 0xa, F_SA_LOW | F_D_IN, resp_report_tgtpgs, maint_in_iarr, 524 {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 0, 525 0} }, 526 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */ 527 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 528 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, NULL, NULL, /* VERIFY(10) */ 529 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 530 0, 0, 0, 0, 0, 0} }, 531 {1, 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_DIRECT_IO, resp_read_dt0, 532 vl_iarr, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0x9, 0xfe, 0, 533 0xff, 0xff, 0xff, 0xff} },/* VARIABLE LENGTH, READ(32) */ 534 {1, 0x56, 0, F_D_OUT, NULL, reserve_iarr, /* RESERVE(10) */ 535 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 536 0} }, 537 {1, 0x57, 0, F_D_OUT, NULL, release_iarr, /* RELEASE(10) */ 538 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 539 0} }, 540 /* 20 */ 541 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */ 542 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 543 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */ 544 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 545 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */ 546 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 547 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */ 548 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 549 {0, 0x42, 0, F_D_OUT | FF_DIRECT_IO, resp_unmap, NULL, /* UNMAP */ 550 {10, 0x1, 0, 0, 0, 0, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 551 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_DIRECT_IO, resp_xdwriteread_10, 552 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 553 0, 0, 0, 0, 0, 0} }, 554 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL, 555 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 556 0, 0, 0, 0} }, /* WRITE_BUFFER */ 557 {1, 0x41, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_10, 558 write_same_iarr, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 559 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 560 {0, 0x35, 0, F_DELAY_OVERR | FF_DIRECT_IO, NULL, NULL, /* SYNC_CACHE */ 561 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 562 0, 0, 0, 0} }, 563 {0, 0x89, 0, F_D_OUT | FF_DIRECT_IO, resp_comp_write, NULL, 564 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0, 565 0, 0xff, 0x1f, 0xc7} }, /* COMPARE AND WRITE */ 566 567 /* 30 */ 568 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */ 569 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 570 }; 571 572 static int sdebug_add_host = DEF_NUM_HOST; 573 static int sdebug_ato = DEF_ATO; 574 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */ 575 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB; 576 static int sdebug_dif = DEF_DIF; 577 static int sdebug_dix = DEF_DIX; 578 static int sdebug_dsense = DEF_D_SENSE; 579 static int sdebug_every_nth = DEF_EVERY_NTH; 580 static int sdebug_fake_rw = DEF_FAKE_RW; 581 static unsigned int sdebug_guard = DEF_GUARD; 582 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED; 583 static int sdebug_max_luns = DEF_MAX_LUNS; 584 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */ 585 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */ 586 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */ 587 static int sdebug_no_lun_0 = DEF_NO_LUN_0; 588 static int sdebug_no_uld; 589 static int sdebug_num_parts = DEF_NUM_PARTS; 590 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */ 591 static int sdebug_opt_blks = DEF_OPT_BLKS; 592 static int sdebug_opts = DEF_OPTS; 593 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP; 594 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP; 595 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */ 596 static int sdebug_scsi_level = DEF_SCSI_LEVEL; 597 static int sdebug_sector_size = DEF_SECTOR_SIZE; 598 static int sdebug_virtual_gb = DEF_VIRTUAL_GB; 599 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO; 600 static unsigned int sdebug_lbpu = DEF_LBPU; 601 static unsigned int sdebug_lbpws = DEF_LBPWS; 602 static unsigned int sdebug_lbpws10 = DEF_LBPWS10; 603 static unsigned int sdebug_lbprz = DEF_LBPRZ; 604 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT; 605 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY; 606 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS; 607 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC; 608 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH; 609 static int sdebug_uuid_ctl = DEF_UUID_CTL; 610 static bool sdebug_removable = DEF_REMOVABLE; 611 static bool sdebug_clustering; 612 static bool sdebug_host_lock = DEF_HOST_LOCK; 613 static bool sdebug_strict = DEF_STRICT; 614 static bool sdebug_any_injecting_opt; 615 static bool sdebug_verbose; 616 static bool have_dif_prot; 617 static bool sdebug_statistics = DEF_STATISTICS; 618 static bool sdebug_mq_active; 619 620 static unsigned int sdebug_store_sectors; 621 static sector_t sdebug_capacity; /* in sectors */ 622 623 /* old BIOS stuff, kernel may get rid of them but some mode sense pages 624 may still need them */ 625 static int sdebug_heads; /* heads per disk */ 626 static int sdebug_cylinders_per; /* cylinders per surface */ 627 static int sdebug_sectors_per; /* sectors per cylinder */ 628 629 static LIST_HEAD(sdebug_host_list); 630 static DEFINE_SPINLOCK(sdebug_host_list_lock); 631 632 static unsigned char *fake_storep; /* ramdisk storage */ 633 static struct t10_pi_tuple *dif_storep; /* protection info */ 634 static void *map_storep; /* provisioning map */ 635 636 static unsigned long map_size; 637 static int num_aborts; 638 static int num_dev_resets; 639 static int num_target_resets; 640 static int num_bus_resets; 641 static int num_host_resets; 642 static int dix_writes; 643 static int dix_reads; 644 static int dif_errors; 645 646 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */ 647 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */ 648 649 static DEFINE_RWLOCK(atomic_rw); 650 651 static char sdebug_proc_name[] = MY_NAME; 652 static const char *my_name = MY_NAME; 653 654 static struct bus_type pseudo_lld_bus; 655 656 static struct device_driver sdebug_driverfs_driver = { 657 .name = sdebug_proc_name, 658 .bus = &pseudo_lld_bus, 659 }; 660 661 static const int check_condition_result = 662 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 663 664 static const int illegal_condition_result = 665 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION; 666 667 static const int device_qfull_result = 668 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL; 669 670 671 /* Only do the extra work involved in logical block provisioning if one or 672 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing 673 * real reads and writes (i.e. not skipping them for speed). 674 */ 675 static inline bool scsi_debug_lbp(void) 676 { 677 return 0 == sdebug_fake_rw && 678 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10); 679 } 680 681 static void *fake_store(unsigned long long lba) 682 { 683 lba = do_div(lba, sdebug_store_sectors); 684 685 return fake_storep + lba * sdebug_sector_size; 686 } 687 688 static struct t10_pi_tuple *dif_store(sector_t sector) 689 { 690 sector = sector_div(sector, sdebug_store_sectors); 691 692 return dif_storep + sector; 693 } 694 695 static void sdebug_max_tgts_luns(void) 696 { 697 struct sdebug_host_info *sdbg_host; 698 struct Scsi_Host *hpnt; 699 700 spin_lock(&sdebug_host_list_lock); 701 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 702 hpnt = sdbg_host->shost; 703 if ((hpnt->this_id >= 0) && 704 (sdebug_num_tgts > hpnt->this_id)) 705 hpnt->max_id = sdebug_num_tgts + 1; 706 else 707 hpnt->max_id = sdebug_num_tgts; 708 /* sdebug_max_luns; */ 709 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 710 } 711 spin_unlock(&sdebug_host_list_lock); 712 } 713 714 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1}; 715 716 /* Set in_bit to -1 to indicate no bit position of invalid field */ 717 static void mk_sense_invalid_fld(struct scsi_cmnd *scp, 718 enum sdeb_cmd_data c_d, 719 int in_byte, int in_bit) 720 { 721 unsigned char *sbuff; 722 u8 sks[4]; 723 int sl, asc; 724 725 sbuff = scp->sense_buffer; 726 if (!sbuff) { 727 sdev_printk(KERN_ERR, scp->device, 728 "%s: sense_buffer is NULL\n", __func__); 729 return; 730 } 731 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST; 732 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 733 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0); 734 memset(sks, 0, sizeof(sks)); 735 sks[0] = 0x80; 736 if (c_d) 737 sks[0] |= 0x40; 738 if (in_bit >= 0) { 739 sks[0] |= 0x8; 740 sks[0] |= 0x7 & in_bit; 741 } 742 put_unaligned_be16(in_byte, sks + 1); 743 if (sdebug_dsense) { 744 sl = sbuff[7] + 8; 745 sbuff[7] = sl; 746 sbuff[sl] = 0x2; 747 sbuff[sl + 1] = 0x6; 748 memcpy(sbuff + sl + 4, sks, 3); 749 } else 750 memcpy(sbuff + 15, sks, 3); 751 if (sdebug_verbose) 752 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq" 753 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n", 754 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit); 755 } 756 757 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq) 758 { 759 unsigned char *sbuff; 760 761 sbuff = scp->sense_buffer; 762 if (!sbuff) { 763 sdev_printk(KERN_ERR, scp->device, 764 "%s: sense_buffer is NULL\n", __func__); 765 return; 766 } 767 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 768 769 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq); 770 771 if (sdebug_verbose) 772 sdev_printk(KERN_INFO, scp->device, 773 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n", 774 my_name, key, asc, asq); 775 } 776 777 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp) 778 { 779 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0); 780 } 781 782 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg) 783 { 784 if (sdebug_verbose) { 785 if (0x1261 == cmd) 786 sdev_printk(KERN_INFO, dev, 787 "%s: BLKFLSBUF [0x1261]\n", __func__); 788 else if (0x5331 == cmd) 789 sdev_printk(KERN_INFO, dev, 790 "%s: CDROM_GET_CAPABILITY [0x5331]\n", 791 __func__); 792 else 793 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n", 794 __func__, cmd); 795 } 796 return -EINVAL; 797 /* return -ENOTTY; // correct return but upsets fdisk */ 798 } 799 800 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip) 801 { 802 struct sdebug_host_info *sdhp; 803 struct sdebug_dev_info *dp; 804 805 spin_lock(&sdebug_host_list_lock); 806 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 807 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 808 if ((devip->sdbg_host == dp->sdbg_host) && 809 (devip->target == dp->target)) 810 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 811 } 812 } 813 spin_unlock(&sdebug_host_list_lock); 814 } 815 816 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 817 { 818 int k; 819 820 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS); 821 if (k != SDEBUG_NUM_UAS) { 822 const char *cp = NULL; 823 824 switch (k) { 825 case SDEBUG_UA_POR: 826 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 827 POWER_ON_RESET_ASCQ); 828 if (sdebug_verbose) 829 cp = "power on reset"; 830 break; 831 case SDEBUG_UA_BUS_RESET: 832 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 833 BUS_RESET_ASCQ); 834 if (sdebug_verbose) 835 cp = "bus reset"; 836 break; 837 case SDEBUG_UA_MODE_CHANGED: 838 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 839 MODE_CHANGED_ASCQ); 840 if (sdebug_verbose) 841 cp = "mode parameters changed"; 842 break; 843 case SDEBUG_UA_CAPACITY_CHANGED: 844 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 845 CAPACITY_CHANGED_ASCQ); 846 if (sdebug_verbose) 847 cp = "capacity data changed"; 848 break; 849 case SDEBUG_UA_MICROCODE_CHANGED: 850 mk_sense_buffer(scp, UNIT_ATTENTION, 851 TARGET_CHANGED_ASC, 852 MICROCODE_CHANGED_ASCQ); 853 if (sdebug_verbose) 854 cp = "microcode has been changed"; 855 break; 856 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET: 857 mk_sense_buffer(scp, UNIT_ATTENTION, 858 TARGET_CHANGED_ASC, 859 MICROCODE_CHANGED_WO_RESET_ASCQ); 860 if (sdebug_verbose) 861 cp = "microcode has been changed without reset"; 862 break; 863 case SDEBUG_UA_LUNS_CHANGED: 864 /* 865 * SPC-3 behavior is to report a UNIT ATTENTION with 866 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN 867 * on the target, until a REPORT LUNS command is 868 * received. SPC-4 behavior is to report it only once. 869 * NOTE: sdebug_scsi_level does not use the same 870 * values as struct scsi_device->scsi_level. 871 */ 872 if (sdebug_scsi_level >= 6) /* SPC-4 and above */ 873 clear_luns_changed_on_target(devip); 874 mk_sense_buffer(scp, UNIT_ATTENTION, 875 TARGET_CHANGED_ASC, 876 LUNS_CHANGED_ASCQ); 877 if (sdebug_verbose) 878 cp = "reported luns data has changed"; 879 break; 880 default: 881 pr_warn("unexpected unit attention code=%d\n", k); 882 if (sdebug_verbose) 883 cp = "unknown"; 884 break; 885 } 886 clear_bit(k, devip->uas_bm); 887 if (sdebug_verbose) 888 sdev_printk(KERN_INFO, scp->device, 889 "%s reports: Unit attention: %s\n", 890 my_name, cp); 891 return check_condition_result; 892 } 893 return 0; 894 } 895 896 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */ 897 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 898 int arr_len) 899 { 900 int act_len; 901 struct scsi_data_buffer *sdb = scsi_in(scp); 902 903 if (!sdb->length) 904 return 0; 905 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE)) 906 return DID_ERROR << 16; 907 908 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents, 909 arr, arr_len); 910 sdb->resid = scsi_bufflen(scp) - act_len; 911 912 return 0; 913 } 914 915 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else 916 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple 917 * calls, not required to write in ascending offset order. Assumes resid 918 * set to scsi_bufflen() prior to any calls. 919 */ 920 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr, 921 int arr_len, unsigned int off_dst) 922 { 923 int act_len, n; 924 struct scsi_data_buffer *sdb = scsi_in(scp); 925 off_t skip = off_dst; 926 927 if (sdb->length <= off_dst) 928 return 0; 929 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE)) 930 return DID_ERROR << 16; 931 932 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents, 933 arr, arr_len, skip); 934 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n", 935 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid); 936 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len); 937 sdb->resid = min(sdb->resid, n); 938 return 0; 939 } 940 941 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into 942 * 'arr' or -1 if error. 943 */ 944 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 945 int arr_len) 946 { 947 if (!scsi_bufflen(scp)) 948 return 0; 949 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE)) 950 return -1; 951 952 return scsi_sg_copy_to_buffer(scp, arr, arr_len); 953 } 954 955 956 static char sdebug_inq_vendor_id[9] = "Linux "; 957 static char sdebug_inq_product_id[17] = "scsi_debug "; 958 static char sdebug_inq_product_rev[5] = "0186"; /* version less '.' */ 959 /* Use some locally assigned NAAs for SAS addresses. */ 960 static const u64 naa3_comp_a = 0x3222222000000000ULL; 961 static const u64 naa3_comp_b = 0x3333333000000000ULL; 962 static const u64 naa3_comp_c = 0x3111111000000000ULL; 963 964 /* Device identification VPD page. Returns number of bytes placed in arr */ 965 static int inquiry_vpd_83(unsigned char *arr, int port_group_id, 966 int target_dev_id, int dev_id_num, 967 const char *dev_id_str, int dev_id_str_len, 968 const uuid_t *lu_name) 969 { 970 int num, port_a; 971 char b[32]; 972 973 port_a = target_dev_id + 1; 974 /* T10 vendor identifier field format (faked) */ 975 arr[0] = 0x2; /* ASCII */ 976 arr[1] = 0x1; 977 arr[2] = 0x0; 978 memcpy(&arr[4], sdebug_inq_vendor_id, 8); 979 memcpy(&arr[12], sdebug_inq_product_id, 16); 980 memcpy(&arr[28], dev_id_str, dev_id_str_len); 981 num = 8 + 16 + dev_id_str_len; 982 arr[3] = num; 983 num += 4; 984 if (dev_id_num >= 0) { 985 if (sdebug_uuid_ctl) { 986 /* Locally assigned UUID */ 987 arr[num++] = 0x1; /* binary (not necessarily sas) */ 988 arr[num++] = 0xa; /* PIV=0, lu, naa */ 989 arr[num++] = 0x0; 990 arr[num++] = 0x12; 991 arr[num++] = 0x10; /* uuid type=1, locally assigned */ 992 arr[num++] = 0x0; 993 memcpy(arr + num, lu_name, 16); 994 num += 16; 995 } else { 996 /* NAA-3, Logical unit identifier (binary) */ 997 arr[num++] = 0x1; /* binary (not necessarily sas) */ 998 arr[num++] = 0x3; /* PIV=0, lu, naa */ 999 arr[num++] = 0x0; 1000 arr[num++] = 0x8; 1001 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num); 1002 num += 8; 1003 } 1004 /* Target relative port number */ 1005 arr[num++] = 0x61; /* proto=sas, binary */ 1006 arr[num++] = 0x94; /* PIV=1, target port, rel port */ 1007 arr[num++] = 0x0; /* reserved */ 1008 arr[num++] = 0x4; /* length */ 1009 arr[num++] = 0x0; /* reserved */ 1010 arr[num++] = 0x0; /* reserved */ 1011 arr[num++] = 0x0; 1012 arr[num++] = 0x1; /* relative port A */ 1013 } 1014 /* NAA-3, Target port identifier */ 1015 arr[num++] = 0x61; /* proto=sas, binary */ 1016 arr[num++] = 0x93; /* piv=1, target port, naa */ 1017 arr[num++] = 0x0; 1018 arr[num++] = 0x8; 1019 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1020 num += 8; 1021 /* NAA-3, Target port group identifier */ 1022 arr[num++] = 0x61; /* proto=sas, binary */ 1023 arr[num++] = 0x95; /* piv=1, target port group id */ 1024 arr[num++] = 0x0; 1025 arr[num++] = 0x4; 1026 arr[num++] = 0; 1027 arr[num++] = 0; 1028 put_unaligned_be16(port_group_id, arr + num); 1029 num += 2; 1030 /* NAA-3, Target device identifier */ 1031 arr[num++] = 0x61; /* proto=sas, binary */ 1032 arr[num++] = 0xa3; /* piv=1, target device, naa */ 1033 arr[num++] = 0x0; 1034 arr[num++] = 0x8; 1035 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num); 1036 num += 8; 1037 /* SCSI name string: Target device identifier */ 1038 arr[num++] = 0x63; /* proto=sas, UTF-8 */ 1039 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */ 1040 arr[num++] = 0x0; 1041 arr[num++] = 24; 1042 memcpy(arr + num, "naa.32222220", 12); 1043 num += 12; 1044 snprintf(b, sizeof(b), "%08X", target_dev_id); 1045 memcpy(arr + num, b, 8); 1046 num += 8; 1047 memset(arr + num, 0, 4); 1048 num += 4; 1049 return num; 1050 } 1051 1052 static unsigned char vpd84_data[] = { 1053 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0, 1054 0x22,0x22,0x22,0x0,0xbb,0x1, 1055 0x22,0x22,0x22,0x0,0xbb,0x2, 1056 }; 1057 1058 /* Software interface identification VPD page */ 1059 static int inquiry_vpd_84(unsigned char *arr) 1060 { 1061 memcpy(arr, vpd84_data, sizeof(vpd84_data)); 1062 return sizeof(vpd84_data); 1063 } 1064 1065 /* Management network addresses VPD page */ 1066 static int inquiry_vpd_85(unsigned char *arr) 1067 { 1068 int num = 0; 1069 const char * na1 = "https://www.kernel.org/config"; 1070 const char * na2 = "http://www.kernel.org/log"; 1071 int plen, olen; 1072 1073 arr[num++] = 0x1; /* lu, storage config */ 1074 arr[num++] = 0x0; /* reserved */ 1075 arr[num++] = 0x0; 1076 olen = strlen(na1); 1077 plen = olen + 1; 1078 if (plen % 4) 1079 plen = ((plen / 4) + 1) * 4; 1080 arr[num++] = plen; /* length, null termianted, padded */ 1081 memcpy(arr + num, na1, olen); 1082 memset(arr + num + olen, 0, plen - olen); 1083 num += plen; 1084 1085 arr[num++] = 0x4; /* lu, logging */ 1086 arr[num++] = 0x0; /* reserved */ 1087 arr[num++] = 0x0; 1088 olen = strlen(na2); 1089 plen = olen + 1; 1090 if (plen % 4) 1091 plen = ((plen / 4) + 1) * 4; 1092 arr[num++] = plen; /* length, null terminated, padded */ 1093 memcpy(arr + num, na2, olen); 1094 memset(arr + num + olen, 0, plen - olen); 1095 num += plen; 1096 1097 return num; 1098 } 1099 1100 /* SCSI ports VPD page */ 1101 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id) 1102 { 1103 int num = 0; 1104 int port_a, port_b; 1105 1106 port_a = target_dev_id + 1; 1107 port_b = port_a + 1; 1108 arr[num++] = 0x0; /* reserved */ 1109 arr[num++] = 0x0; /* reserved */ 1110 arr[num++] = 0x0; 1111 arr[num++] = 0x1; /* relative port 1 (primary) */ 1112 memset(arr + num, 0, 6); 1113 num += 6; 1114 arr[num++] = 0x0; 1115 arr[num++] = 12; /* length tp descriptor */ 1116 /* naa-5 target port identifier (A) */ 1117 arr[num++] = 0x61; /* proto=sas, binary */ 1118 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1119 arr[num++] = 0x0; /* reserved */ 1120 arr[num++] = 0x8; /* length */ 1121 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1122 num += 8; 1123 arr[num++] = 0x0; /* reserved */ 1124 arr[num++] = 0x0; /* reserved */ 1125 arr[num++] = 0x0; 1126 arr[num++] = 0x2; /* relative port 2 (secondary) */ 1127 memset(arr + num, 0, 6); 1128 num += 6; 1129 arr[num++] = 0x0; 1130 arr[num++] = 12; /* length tp descriptor */ 1131 /* naa-5 target port identifier (B) */ 1132 arr[num++] = 0x61; /* proto=sas, binary */ 1133 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1134 arr[num++] = 0x0; /* reserved */ 1135 arr[num++] = 0x8; /* length */ 1136 put_unaligned_be64(naa3_comp_a + port_b, arr + num); 1137 num += 8; 1138 1139 return num; 1140 } 1141 1142 1143 static unsigned char vpd89_data[] = { 1144 /* from 4th byte */ 0,0,0,0, 1145 'l','i','n','u','x',' ',' ',' ', 1146 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ', 1147 '1','2','3','4', 1148 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0, 1149 0xec,0,0,0, 1150 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0, 1151 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20, 1152 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33, 1153 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31, 1154 0x53,0x41, 1155 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1156 0x20,0x20, 1157 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1158 0x10,0x80, 1159 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0, 1160 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0, 1161 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0, 1162 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0, 1163 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40, 1164 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0, 1165 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0, 1166 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1167 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1168 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1169 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42, 1170 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8, 1171 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe, 1172 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0, 1173 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1174 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1175 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1176 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1177 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1178 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1179 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1180 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1181 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1182 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1183 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1184 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51, 1185 }; 1186 1187 /* ATA Information VPD page */ 1188 static int inquiry_vpd_89(unsigned char *arr) 1189 { 1190 memcpy(arr, vpd89_data, sizeof(vpd89_data)); 1191 return sizeof(vpd89_data); 1192 } 1193 1194 1195 static unsigned char vpdb0_data[] = { 1196 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64, 1197 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1198 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1199 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1200 }; 1201 1202 /* Block limits VPD page (SBC-3) */ 1203 static int inquiry_vpd_b0(unsigned char *arr) 1204 { 1205 unsigned int gran; 1206 1207 memcpy(arr, vpdb0_data, sizeof(vpdb0_data)); 1208 1209 /* Optimal transfer length granularity */ 1210 if (sdebug_opt_xferlen_exp != 0 && 1211 sdebug_physblk_exp < sdebug_opt_xferlen_exp) 1212 gran = 1 << sdebug_opt_xferlen_exp; 1213 else 1214 gran = 1 << sdebug_physblk_exp; 1215 put_unaligned_be16(gran, arr + 2); 1216 1217 /* Maximum Transfer Length */ 1218 if (sdebug_store_sectors > 0x400) 1219 put_unaligned_be32(sdebug_store_sectors, arr + 4); 1220 1221 /* Optimal Transfer Length */ 1222 put_unaligned_be32(sdebug_opt_blks, &arr[8]); 1223 1224 if (sdebug_lbpu) { 1225 /* Maximum Unmap LBA Count */ 1226 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]); 1227 1228 /* Maximum Unmap Block Descriptor Count */ 1229 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]); 1230 } 1231 1232 /* Unmap Granularity Alignment */ 1233 if (sdebug_unmap_alignment) { 1234 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]); 1235 arr[28] |= 0x80; /* UGAVALID */ 1236 } 1237 1238 /* Optimal Unmap Granularity */ 1239 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]); 1240 1241 /* Maximum WRITE SAME Length */ 1242 put_unaligned_be64(sdebug_write_same_length, &arr[32]); 1243 1244 return 0x3c; /* Mandatory page length for Logical Block Provisioning */ 1245 1246 return sizeof(vpdb0_data); 1247 } 1248 1249 /* Block device characteristics VPD page (SBC-3) */ 1250 static int inquiry_vpd_b1(unsigned char *arr) 1251 { 1252 memset(arr, 0, 0x3c); 1253 arr[0] = 0; 1254 arr[1] = 1; /* non rotating medium (e.g. solid state) */ 1255 arr[2] = 0; 1256 arr[3] = 5; /* less than 1.8" */ 1257 1258 return 0x3c; 1259 } 1260 1261 /* Logical block provisioning VPD page (SBC-4) */ 1262 static int inquiry_vpd_b2(unsigned char *arr) 1263 { 1264 memset(arr, 0, 0x4); 1265 arr[0] = 0; /* threshold exponent */ 1266 if (sdebug_lbpu) 1267 arr[1] = 1 << 7; 1268 if (sdebug_lbpws) 1269 arr[1] |= 1 << 6; 1270 if (sdebug_lbpws10) 1271 arr[1] |= 1 << 5; 1272 if (sdebug_lbprz && scsi_debug_lbp()) 1273 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */ 1274 /* anc_sup=0; dp=0 (no provisioning group descriptor) */ 1275 /* minimum_percentage=0; provisioning_type=0 (unknown) */ 1276 /* threshold_percentage=0 */ 1277 return 0x4; 1278 } 1279 1280 #define SDEBUG_LONG_INQ_SZ 96 1281 #define SDEBUG_MAX_INQ_ARR_SZ 584 1282 1283 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1284 { 1285 unsigned char pq_pdt; 1286 unsigned char * arr; 1287 unsigned char *cmd = scp->cmnd; 1288 int alloc_len, n, ret; 1289 bool have_wlun, is_disk; 1290 1291 alloc_len = get_unaligned_be16(cmd + 3); 1292 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC); 1293 if (! arr) 1294 return DID_REQUEUE << 16; 1295 is_disk = (sdebug_ptype == TYPE_DISK); 1296 have_wlun = scsi_is_wlun(scp->device->lun); 1297 if (have_wlun) 1298 pq_pdt = TYPE_WLUN; /* present, wlun */ 1299 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL)) 1300 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */ 1301 else 1302 pq_pdt = (sdebug_ptype & 0x1f); 1303 arr[0] = pq_pdt; 1304 if (0x2 & cmd[1]) { /* CMDDT bit set */ 1305 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1); 1306 kfree(arr); 1307 return check_condition_result; 1308 } else if (0x1 & cmd[1]) { /* EVPD bit set */ 1309 int lu_id_num, port_group_id, target_dev_id, len; 1310 char lu_id_str[6]; 1311 int host_no = devip->sdbg_host->shost->host_no; 1312 1313 port_group_id = (((host_no + 1) & 0x7f) << 8) + 1314 (devip->channel & 0x7f); 1315 if (sdebug_vpd_use_hostno == 0) 1316 host_no = 0; 1317 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) + 1318 (devip->target * 1000) + devip->lun); 1319 target_dev_id = ((host_no + 1) * 2000) + 1320 (devip->target * 1000) - 3; 1321 len = scnprintf(lu_id_str, 6, "%d", lu_id_num); 1322 if (0 == cmd[2]) { /* supported vital product data pages */ 1323 arr[1] = cmd[2]; /*sanity */ 1324 n = 4; 1325 arr[n++] = 0x0; /* this page */ 1326 arr[n++] = 0x80; /* unit serial number */ 1327 arr[n++] = 0x83; /* device identification */ 1328 arr[n++] = 0x84; /* software interface ident. */ 1329 arr[n++] = 0x85; /* management network addresses */ 1330 arr[n++] = 0x86; /* extended inquiry */ 1331 arr[n++] = 0x87; /* mode page policy */ 1332 arr[n++] = 0x88; /* SCSI ports */ 1333 if (is_disk) { /* SBC only */ 1334 arr[n++] = 0x89; /* ATA information */ 1335 arr[n++] = 0xb0; /* Block limits */ 1336 arr[n++] = 0xb1; /* Block characteristics */ 1337 arr[n++] = 0xb2; /* Logical Block Prov */ 1338 } 1339 arr[3] = n - 4; /* number of supported VPD pages */ 1340 } else if (0x80 == cmd[2]) { /* unit serial number */ 1341 arr[1] = cmd[2]; /*sanity */ 1342 arr[3] = len; 1343 memcpy(&arr[4], lu_id_str, len); 1344 } else if (0x83 == cmd[2]) { /* device identification */ 1345 arr[1] = cmd[2]; /*sanity */ 1346 arr[3] = inquiry_vpd_83(&arr[4], port_group_id, 1347 target_dev_id, lu_id_num, 1348 lu_id_str, len, 1349 &devip->lu_name); 1350 } else if (0x84 == cmd[2]) { /* Software interface ident. */ 1351 arr[1] = cmd[2]; /*sanity */ 1352 arr[3] = inquiry_vpd_84(&arr[4]); 1353 } else if (0x85 == cmd[2]) { /* Management network addresses */ 1354 arr[1] = cmd[2]; /*sanity */ 1355 arr[3] = inquiry_vpd_85(&arr[4]); 1356 } else if (0x86 == cmd[2]) { /* extended inquiry */ 1357 arr[1] = cmd[2]; /*sanity */ 1358 arr[3] = 0x3c; /* number of following entries */ 1359 if (sdebug_dif == T10_PI_TYPE3_PROTECTION) 1360 arr[4] = 0x4; /* SPT: GRD_CHK:1 */ 1361 else if (have_dif_prot) 1362 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */ 1363 else 1364 arr[4] = 0x0; /* no protection stuff */ 1365 arr[5] = 0x7; /* head of q, ordered + simple q's */ 1366 } else if (0x87 == cmd[2]) { /* mode page policy */ 1367 arr[1] = cmd[2]; /*sanity */ 1368 arr[3] = 0x8; /* number of following entries */ 1369 arr[4] = 0x2; /* disconnect-reconnect mp */ 1370 arr[6] = 0x80; /* mlus, shared */ 1371 arr[8] = 0x18; /* protocol specific lu */ 1372 arr[10] = 0x82; /* mlus, per initiator port */ 1373 } else if (0x88 == cmd[2]) { /* SCSI Ports */ 1374 arr[1] = cmd[2]; /*sanity */ 1375 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id); 1376 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */ 1377 arr[1] = cmd[2]; /*sanity */ 1378 n = inquiry_vpd_89(&arr[4]); 1379 put_unaligned_be16(n, arr + 2); 1380 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */ 1381 arr[1] = cmd[2]; /*sanity */ 1382 arr[3] = inquiry_vpd_b0(&arr[4]); 1383 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */ 1384 arr[1] = cmd[2]; /*sanity */ 1385 arr[3] = inquiry_vpd_b1(&arr[4]); 1386 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */ 1387 arr[1] = cmd[2]; /*sanity */ 1388 arr[3] = inquiry_vpd_b2(&arr[4]); 1389 } else { 1390 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 1391 kfree(arr); 1392 return check_condition_result; 1393 } 1394 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len); 1395 ret = fill_from_dev_buffer(scp, arr, 1396 min(len, SDEBUG_MAX_INQ_ARR_SZ)); 1397 kfree(arr); 1398 return ret; 1399 } 1400 /* drops through here for a standard inquiry */ 1401 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */ 1402 arr[2] = sdebug_scsi_level; 1403 arr[3] = 2; /* response_data_format==2 */ 1404 arr[4] = SDEBUG_LONG_INQ_SZ - 5; 1405 arr[5] = (int)have_dif_prot; /* PROTECT bit */ 1406 if (sdebug_vpd_use_hostno == 0) 1407 arr[5] |= 0x10; /* claim: implicit TPGS */ 1408 arr[6] = 0x10; /* claim: MultiP */ 1409 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */ 1410 arr[7] = 0xa; /* claim: LINKED + CMDQUE */ 1411 memcpy(&arr[8], sdebug_inq_vendor_id, 8); 1412 memcpy(&arr[16], sdebug_inq_product_id, 16); 1413 memcpy(&arr[32], sdebug_inq_product_rev, 4); 1414 /* version descriptors (2 bytes each) follow */ 1415 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */ 1416 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */ 1417 n = 62; 1418 if (is_disk) { /* SBC-4 no version claimed */ 1419 put_unaligned_be16(0x600, arr + n); 1420 n += 2; 1421 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */ 1422 put_unaligned_be16(0x525, arr + n); 1423 n += 2; 1424 } 1425 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */ 1426 ret = fill_from_dev_buffer(scp, arr, 1427 min(alloc_len, SDEBUG_LONG_INQ_SZ)); 1428 kfree(arr); 1429 return ret; 1430 } 1431 1432 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 1433 0, 0, 0x0, 0x0}; 1434 1435 static int resp_requests(struct scsi_cmnd * scp, 1436 struct sdebug_dev_info * devip) 1437 { 1438 unsigned char * sbuff; 1439 unsigned char *cmd = scp->cmnd; 1440 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; 1441 bool dsense; 1442 int len = 18; 1443 1444 memset(arr, 0, sizeof(arr)); 1445 dsense = !!(cmd[1] & 1); 1446 sbuff = scp->sense_buffer; 1447 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) { 1448 if (dsense) { 1449 arr[0] = 0x72; 1450 arr[1] = 0x0; /* NO_SENSE in sense_key */ 1451 arr[2] = THRESHOLD_EXCEEDED; 1452 arr[3] = 0xff; /* TEST set and MRIE==6 */ 1453 len = 8; 1454 } else { 1455 arr[0] = 0x70; 1456 arr[2] = 0x0; /* NO_SENSE in sense_key */ 1457 arr[7] = 0xa; /* 18 byte sense buffer */ 1458 arr[12] = THRESHOLD_EXCEEDED; 1459 arr[13] = 0xff; /* TEST set and MRIE==6 */ 1460 } 1461 } else { 1462 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE); 1463 if (arr[0] >= 0x70 && dsense == sdebug_dsense) 1464 ; /* have sense and formats match */ 1465 else if (arr[0] <= 0x70) { 1466 if (dsense) { 1467 memset(arr, 0, 8); 1468 arr[0] = 0x72; 1469 len = 8; 1470 } else { 1471 memset(arr, 0, 18); 1472 arr[0] = 0x70; 1473 arr[7] = 0xa; 1474 } 1475 } else if (dsense) { 1476 memset(arr, 0, 8); 1477 arr[0] = 0x72; 1478 arr[1] = sbuff[2]; /* sense key */ 1479 arr[2] = sbuff[12]; /* asc */ 1480 arr[3] = sbuff[13]; /* ascq */ 1481 len = 8; 1482 } else { 1483 memset(arr, 0, 18); 1484 arr[0] = 0x70; 1485 arr[2] = sbuff[1]; 1486 arr[7] = 0xa; 1487 arr[12] = sbuff[1]; 1488 arr[13] = sbuff[3]; 1489 } 1490 1491 } 1492 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0); 1493 return fill_from_dev_buffer(scp, arr, len); 1494 } 1495 1496 static int resp_start_stop(struct scsi_cmnd * scp, 1497 struct sdebug_dev_info * devip) 1498 { 1499 unsigned char *cmd = scp->cmnd; 1500 int power_cond, stop; 1501 1502 power_cond = (cmd[4] & 0xf0) >> 4; 1503 if (power_cond) { 1504 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7); 1505 return check_condition_result; 1506 } 1507 stop = !(cmd[4] & 1); 1508 atomic_xchg(&devip->stopped, stop); 1509 return 0; 1510 } 1511 1512 static sector_t get_sdebug_capacity(void) 1513 { 1514 static const unsigned int gibibyte = 1073741824; 1515 1516 if (sdebug_virtual_gb > 0) 1517 return (sector_t)sdebug_virtual_gb * 1518 (gibibyte / sdebug_sector_size); 1519 else 1520 return sdebug_store_sectors; 1521 } 1522 1523 #define SDEBUG_READCAP_ARR_SZ 8 1524 static int resp_readcap(struct scsi_cmnd * scp, 1525 struct sdebug_dev_info * devip) 1526 { 1527 unsigned char arr[SDEBUG_READCAP_ARR_SZ]; 1528 unsigned int capac; 1529 1530 /* following just in case virtual_gb changed */ 1531 sdebug_capacity = get_sdebug_capacity(); 1532 memset(arr, 0, SDEBUG_READCAP_ARR_SZ); 1533 if (sdebug_capacity < 0xffffffff) { 1534 capac = (unsigned int)sdebug_capacity - 1; 1535 put_unaligned_be32(capac, arr + 0); 1536 } else 1537 put_unaligned_be32(0xffffffff, arr + 0); 1538 put_unaligned_be16(sdebug_sector_size, arr + 6); 1539 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ); 1540 } 1541 1542 #define SDEBUG_READCAP16_ARR_SZ 32 1543 static int resp_readcap16(struct scsi_cmnd * scp, 1544 struct sdebug_dev_info * devip) 1545 { 1546 unsigned char *cmd = scp->cmnd; 1547 unsigned char arr[SDEBUG_READCAP16_ARR_SZ]; 1548 int alloc_len; 1549 1550 alloc_len = get_unaligned_be32(cmd + 10); 1551 /* following just in case virtual_gb changed */ 1552 sdebug_capacity = get_sdebug_capacity(); 1553 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ); 1554 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0); 1555 put_unaligned_be32(sdebug_sector_size, arr + 8); 1556 arr[13] = sdebug_physblk_exp & 0xf; 1557 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f; 1558 1559 if (scsi_debug_lbp()) { 1560 arr[14] |= 0x80; /* LBPME */ 1561 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in 1562 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2 1563 * in the wider field maps to 0 in this field. 1564 */ 1565 if (sdebug_lbprz & 1) /* precisely what the draft requires */ 1566 arr[14] |= 0x40; 1567 } 1568 1569 arr[15] = sdebug_lowest_aligned & 0xff; 1570 1571 if (have_dif_prot) { 1572 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */ 1573 arr[12] |= 1; /* PROT_EN */ 1574 } 1575 1576 return fill_from_dev_buffer(scp, arr, 1577 min(alloc_len, SDEBUG_READCAP16_ARR_SZ)); 1578 } 1579 1580 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412 1581 1582 static int resp_report_tgtpgs(struct scsi_cmnd * scp, 1583 struct sdebug_dev_info * devip) 1584 { 1585 unsigned char *cmd = scp->cmnd; 1586 unsigned char * arr; 1587 int host_no = devip->sdbg_host->shost->host_no; 1588 int n, ret, alen, rlen; 1589 int port_group_a, port_group_b, port_a, port_b; 1590 1591 alen = get_unaligned_be32(cmd + 6); 1592 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC); 1593 if (! arr) 1594 return DID_REQUEUE << 16; 1595 /* 1596 * EVPD page 0x88 states we have two ports, one 1597 * real and a fake port with no device connected. 1598 * So we create two port groups with one port each 1599 * and set the group with port B to unavailable. 1600 */ 1601 port_a = 0x1; /* relative port A */ 1602 port_b = 0x2; /* relative port B */ 1603 port_group_a = (((host_no + 1) & 0x7f) << 8) + 1604 (devip->channel & 0x7f); 1605 port_group_b = (((host_no + 1) & 0x7f) << 8) + 1606 (devip->channel & 0x7f) + 0x80; 1607 1608 /* 1609 * The asymmetric access state is cycled according to the host_id. 1610 */ 1611 n = 4; 1612 if (sdebug_vpd_use_hostno == 0) { 1613 arr[n++] = host_no % 3; /* Asymm access state */ 1614 arr[n++] = 0x0F; /* claim: all states are supported */ 1615 } else { 1616 arr[n++] = 0x0; /* Active/Optimized path */ 1617 arr[n++] = 0x01; /* only support active/optimized paths */ 1618 } 1619 put_unaligned_be16(port_group_a, arr + n); 1620 n += 2; 1621 arr[n++] = 0; /* Reserved */ 1622 arr[n++] = 0; /* Status code */ 1623 arr[n++] = 0; /* Vendor unique */ 1624 arr[n++] = 0x1; /* One port per group */ 1625 arr[n++] = 0; /* Reserved */ 1626 arr[n++] = 0; /* Reserved */ 1627 put_unaligned_be16(port_a, arr + n); 1628 n += 2; 1629 arr[n++] = 3; /* Port unavailable */ 1630 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */ 1631 put_unaligned_be16(port_group_b, arr + n); 1632 n += 2; 1633 arr[n++] = 0; /* Reserved */ 1634 arr[n++] = 0; /* Status code */ 1635 arr[n++] = 0; /* Vendor unique */ 1636 arr[n++] = 0x1; /* One port per group */ 1637 arr[n++] = 0; /* Reserved */ 1638 arr[n++] = 0; /* Reserved */ 1639 put_unaligned_be16(port_b, arr + n); 1640 n += 2; 1641 1642 rlen = n - 4; 1643 put_unaligned_be32(rlen, arr + 0); 1644 1645 /* 1646 * Return the smallest value of either 1647 * - The allocated length 1648 * - The constructed command length 1649 * - The maximum array size 1650 */ 1651 rlen = min(alen,n); 1652 ret = fill_from_dev_buffer(scp, arr, 1653 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ)); 1654 kfree(arr); 1655 return ret; 1656 } 1657 1658 static int resp_rsup_opcodes(struct scsi_cmnd *scp, 1659 struct sdebug_dev_info *devip) 1660 { 1661 bool rctd; 1662 u8 reporting_opts, req_opcode, sdeb_i, supp; 1663 u16 req_sa, u; 1664 u32 alloc_len, a_len; 1665 int k, offset, len, errsts, count, bump, na; 1666 const struct opcode_info_t *oip; 1667 const struct opcode_info_t *r_oip; 1668 u8 *arr; 1669 u8 *cmd = scp->cmnd; 1670 1671 rctd = !!(cmd[2] & 0x80); 1672 reporting_opts = cmd[2] & 0x7; 1673 req_opcode = cmd[3]; 1674 req_sa = get_unaligned_be16(cmd + 4); 1675 alloc_len = get_unaligned_be32(cmd + 6); 1676 if (alloc_len < 4 || alloc_len > 0xffff) { 1677 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 1678 return check_condition_result; 1679 } 1680 if (alloc_len > 8192) 1681 a_len = 8192; 1682 else 1683 a_len = alloc_len; 1684 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC); 1685 if (NULL == arr) { 1686 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 1687 INSUFF_RES_ASCQ); 1688 return check_condition_result; 1689 } 1690 switch (reporting_opts) { 1691 case 0: /* all commands */ 1692 /* count number of commands */ 1693 for (count = 0, oip = opcode_info_arr; 1694 oip->num_attached != 0xff; ++oip) { 1695 if (F_INV_OP & oip->flags) 1696 continue; 1697 count += (oip->num_attached + 1); 1698 } 1699 bump = rctd ? 20 : 8; 1700 put_unaligned_be32(count * bump, arr); 1701 for (offset = 4, oip = opcode_info_arr; 1702 oip->num_attached != 0xff && offset < a_len; ++oip) { 1703 if (F_INV_OP & oip->flags) 1704 continue; 1705 na = oip->num_attached; 1706 arr[offset] = oip->opcode; 1707 put_unaligned_be16(oip->sa, arr + offset + 2); 1708 if (rctd) 1709 arr[offset + 5] |= 0x2; 1710 if (FF_SA & oip->flags) 1711 arr[offset + 5] |= 0x1; 1712 put_unaligned_be16(oip->len_mask[0], arr + offset + 6); 1713 if (rctd) 1714 put_unaligned_be16(0xa, arr + offset + 8); 1715 r_oip = oip; 1716 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) { 1717 if (F_INV_OP & oip->flags) 1718 continue; 1719 offset += bump; 1720 arr[offset] = oip->opcode; 1721 put_unaligned_be16(oip->sa, arr + offset + 2); 1722 if (rctd) 1723 arr[offset + 5] |= 0x2; 1724 if (FF_SA & oip->flags) 1725 arr[offset + 5] |= 0x1; 1726 put_unaligned_be16(oip->len_mask[0], 1727 arr + offset + 6); 1728 if (rctd) 1729 put_unaligned_be16(0xa, 1730 arr + offset + 8); 1731 } 1732 oip = r_oip; 1733 offset += bump; 1734 } 1735 break; 1736 case 1: /* one command: opcode only */ 1737 case 2: /* one command: opcode plus service action */ 1738 case 3: /* one command: if sa==0 then opcode only else opcode+sa */ 1739 sdeb_i = opcode_ind_arr[req_opcode]; 1740 oip = &opcode_info_arr[sdeb_i]; 1741 if (F_INV_OP & oip->flags) { 1742 supp = 1; 1743 offset = 4; 1744 } else { 1745 if (1 == reporting_opts) { 1746 if (FF_SA & oip->flags) { 1747 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1748 2, 2); 1749 kfree(arr); 1750 return check_condition_result; 1751 } 1752 req_sa = 0; 1753 } else if (2 == reporting_opts && 1754 0 == (FF_SA & oip->flags)) { 1755 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1); 1756 kfree(arr); /* point at requested sa */ 1757 return check_condition_result; 1758 } 1759 if (0 == (FF_SA & oip->flags) && 1760 req_opcode == oip->opcode) 1761 supp = 3; 1762 else if (0 == (FF_SA & oip->flags)) { 1763 na = oip->num_attached; 1764 for (k = 0, oip = oip->arrp; k < na; 1765 ++k, ++oip) { 1766 if (req_opcode == oip->opcode) 1767 break; 1768 } 1769 supp = (k >= na) ? 1 : 3; 1770 } else if (req_sa != oip->sa) { 1771 na = oip->num_attached; 1772 for (k = 0, oip = oip->arrp; k < na; 1773 ++k, ++oip) { 1774 if (req_sa == oip->sa) 1775 break; 1776 } 1777 supp = (k >= na) ? 1 : 3; 1778 } else 1779 supp = 3; 1780 if (3 == supp) { 1781 u = oip->len_mask[0]; 1782 put_unaligned_be16(u, arr + 2); 1783 arr[4] = oip->opcode; 1784 for (k = 1; k < u; ++k) 1785 arr[4 + k] = (k < 16) ? 1786 oip->len_mask[k] : 0xff; 1787 offset = 4 + u; 1788 } else 1789 offset = 4; 1790 } 1791 arr[1] = (rctd ? 0x80 : 0) | supp; 1792 if (rctd) { 1793 put_unaligned_be16(0xa, arr + offset); 1794 offset += 12; 1795 } 1796 break; 1797 default: 1798 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 1799 kfree(arr); 1800 return check_condition_result; 1801 } 1802 offset = (offset < a_len) ? offset : a_len; 1803 len = (offset < alloc_len) ? offset : alloc_len; 1804 errsts = fill_from_dev_buffer(scp, arr, len); 1805 kfree(arr); 1806 return errsts; 1807 } 1808 1809 static int resp_rsup_tmfs(struct scsi_cmnd *scp, 1810 struct sdebug_dev_info *devip) 1811 { 1812 bool repd; 1813 u32 alloc_len, len; 1814 u8 arr[16]; 1815 u8 *cmd = scp->cmnd; 1816 1817 memset(arr, 0, sizeof(arr)); 1818 repd = !!(cmd[2] & 0x80); 1819 alloc_len = get_unaligned_be32(cmd + 6); 1820 if (alloc_len < 4) { 1821 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 1822 return check_condition_result; 1823 } 1824 arr[0] = 0xc8; /* ATS | ATSS | LURS */ 1825 arr[1] = 0x1; /* ITNRS */ 1826 if (repd) { 1827 arr[3] = 0xc; 1828 len = 16; 1829 } else 1830 len = 4; 1831 1832 len = (len < alloc_len) ? len : alloc_len; 1833 return fill_from_dev_buffer(scp, arr, len); 1834 } 1835 1836 /* <<Following mode page info copied from ST318451LW>> */ 1837 1838 static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target) 1839 { /* Read-Write Error Recovery page for mode_sense */ 1840 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0, 1841 5, 0, 0xff, 0xff}; 1842 1843 memcpy(p, err_recov_pg, sizeof(err_recov_pg)); 1844 if (1 == pcontrol) 1845 memset(p + 2, 0, sizeof(err_recov_pg) - 2); 1846 return sizeof(err_recov_pg); 1847 } 1848 1849 static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target) 1850 { /* Disconnect-Reconnect page for mode_sense */ 1851 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0, 1852 0, 0, 0, 0, 0, 0, 0, 0}; 1853 1854 memcpy(p, disconnect_pg, sizeof(disconnect_pg)); 1855 if (1 == pcontrol) 1856 memset(p + 2, 0, sizeof(disconnect_pg) - 2); 1857 return sizeof(disconnect_pg); 1858 } 1859 1860 static int resp_format_pg(unsigned char * p, int pcontrol, int target) 1861 { /* Format device page for mode_sense */ 1862 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0, 1863 0, 0, 0, 0, 0, 0, 0, 0, 1864 0, 0, 0, 0, 0x40, 0, 0, 0}; 1865 1866 memcpy(p, format_pg, sizeof(format_pg)); 1867 put_unaligned_be16(sdebug_sectors_per, p + 10); 1868 put_unaligned_be16(sdebug_sector_size, p + 12); 1869 if (sdebug_removable) 1870 p[20] |= 0x20; /* should agree with INQUIRY */ 1871 if (1 == pcontrol) 1872 memset(p + 2, 0, sizeof(format_pg) - 2); 1873 return sizeof(format_pg); 1874 } 1875 1876 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 1877 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 1878 0, 0, 0, 0}; 1879 1880 static int resp_caching_pg(unsigned char * p, int pcontrol, int target) 1881 { /* Caching page for mode_sense */ 1882 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0, 1883 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; 1884 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 1885 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0}; 1886 1887 if (SDEBUG_OPT_N_WCE & sdebug_opts) 1888 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */ 1889 memcpy(p, caching_pg, sizeof(caching_pg)); 1890 if (1 == pcontrol) 1891 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg)); 1892 else if (2 == pcontrol) 1893 memcpy(p, d_caching_pg, sizeof(d_caching_pg)); 1894 return sizeof(caching_pg); 1895 } 1896 1897 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 1898 0, 0, 0x2, 0x4b}; 1899 1900 static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target) 1901 { /* Control mode page for mode_sense */ 1902 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0, 1903 0, 0, 0, 0}; 1904 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 1905 0, 0, 0x2, 0x4b}; 1906 1907 if (sdebug_dsense) 1908 ctrl_m_pg[2] |= 0x4; 1909 else 1910 ctrl_m_pg[2] &= ~0x4; 1911 1912 if (sdebug_ato) 1913 ctrl_m_pg[5] |= 0x80; /* ATO=1 */ 1914 1915 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg)); 1916 if (1 == pcontrol) 1917 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg)); 1918 else if (2 == pcontrol) 1919 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg)); 1920 return sizeof(ctrl_m_pg); 1921 } 1922 1923 1924 static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target) 1925 { /* Informational Exceptions control mode page for mode_sense */ 1926 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0, 1927 0, 0, 0x0, 0x0}; 1928 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 1929 0, 0, 0x0, 0x0}; 1930 1931 memcpy(p, iec_m_pg, sizeof(iec_m_pg)); 1932 if (1 == pcontrol) 1933 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg)); 1934 else if (2 == pcontrol) 1935 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg)); 1936 return sizeof(iec_m_pg); 1937 } 1938 1939 static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target) 1940 { /* SAS SSP mode page - short format for mode_sense */ 1941 unsigned char sas_sf_m_pg[] = {0x19, 0x6, 1942 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0}; 1943 1944 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg)); 1945 if (1 == pcontrol) 1946 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2); 1947 return sizeof(sas_sf_m_pg); 1948 } 1949 1950 1951 static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target, 1952 int target_dev_id) 1953 { /* SAS phy control and discover mode page for mode_sense */ 1954 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2, 1955 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0, 1956 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 1957 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 1958 0x2, 0, 0, 0, 0, 0, 0, 0, 1959 0x88, 0x99, 0, 0, 0, 0, 0, 0, 1960 0, 0, 0, 0, 0, 0, 0, 0, 1961 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0, 1962 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 1963 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 1964 0x3, 0, 0, 0, 0, 0, 0, 0, 1965 0x88, 0x99, 0, 0, 0, 0, 0, 0, 1966 0, 0, 0, 0, 0, 0, 0, 0, 1967 }; 1968 int port_a, port_b; 1969 1970 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16); 1971 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24); 1972 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64); 1973 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72); 1974 port_a = target_dev_id + 1; 1975 port_b = port_a + 1; 1976 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg)); 1977 put_unaligned_be32(port_a, p + 20); 1978 put_unaligned_be32(port_b, p + 48 + 20); 1979 if (1 == pcontrol) 1980 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4); 1981 return sizeof(sas_pcd_m_pg); 1982 } 1983 1984 static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol) 1985 { /* SAS SSP shared protocol specific port mode subpage */ 1986 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0, 1987 0, 0, 0, 0, 0, 0, 0, 0, 1988 }; 1989 1990 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg)); 1991 if (1 == pcontrol) 1992 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4); 1993 return sizeof(sas_sha_m_pg); 1994 } 1995 1996 #define SDEBUG_MAX_MSENSE_SZ 256 1997 1998 static int resp_mode_sense(struct scsi_cmnd *scp, 1999 struct sdebug_dev_info *devip) 2000 { 2001 int pcontrol, pcode, subpcode, bd_len; 2002 unsigned char dev_spec; 2003 int alloc_len, offset, len, target_dev_id; 2004 int target = scp->device->id; 2005 unsigned char * ap; 2006 unsigned char arr[SDEBUG_MAX_MSENSE_SZ]; 2007 unsigned char *cmd = scp->cmnd; 2008 bool dbd, llbaa, msense_6, is_disk, bad_pcode; 2009 2010 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */ 2011 pcontrol = (cmd[2] & 0xc0) >> 6; 2012 pcode = cmd[2] & 0x3f; 2013 subpcode = cmd[3]; 2014 msense_6 = (MODE_SENSE == cmd[0]); 2015 llbaa = msense_6 ? false : !!(cmd[1] & 0x10); 2016 is_disk = (sdebug_ptype == TYPE_DISK); 2017 if (is_disk && !dbd) 2018 bd_len = llbaa ? 16 : 8; 2019 else 2020 bd_len = 0; 2021 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2022 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ); 2023 if (0x3 == pcontrol) { /* Saving values not supported */ 2024 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0); 2025 return check_condition_result; 2026 } 2027 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) + 2028 (devip->target * 1000) - 3; 2029 /* for disks set DPOFUA bit and clear write protect (WP) bit */ 2030 if (is_disk) 2031 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */ 2032 else 2033 dev_spec = 0x0; 2034 if (msense_6) { 2035 arr[2] = dev_spec; 2036 arr[3] = bd_len; 2037 offset = 4; 2038 } else { 2039 arr[3] = dev_spec; 2040 if (16 == bd_len) 2041 arr[4] = 0x1; /* set LONGLBA bit */ 2042 arr[7] = bd_len; /* assume 255 or less */ 2043 offset = 8; 2044 } 2045 ap = arr + offset; 2046 if ((bd_len > 0) && (!sdebug_capacity)) 2047 sdebug_capacity = get_sdebug_capacity(); 2048 2049 if (8 == bd_len) { 2050 if (sdebug_capacity > 0xfffffffe) 2051 put_unaligned_be32(0xffffffff, ap + 0); 2052 else 2053 put_unaligned_be32(sdebug_capacity, ap + 0); 2054 put_unaligned_be16(sdebug_sector_size, ap + 6); 2055 offset += bd_len; 2056 ap = arr + offset; 2057 } else if (16 == bd_len) { 2058 put_unaligned_be64((u64)sdebug_capacity, ap + 0); 2059 put_unaligned_be32(sdebug_sector_size, ap + 12); 2060 offset += bd_len; 2061 ap = arr + offset; 2062 } 2063 2064 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) { 2065 /* TODO: Control Extension page */ 2066 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2067 return check_condition_result; 2068 } 2069 bad_pcode = false; 2070 2071 switch (pcode) { 2072 case 0x1: /* Read-Write error recovery page, direct access */ 2073 len = resp_err_recov_pg(ap, pcontrol, target); 2074 offset += len; 2075 break; 2076 case 0x2: /* Disconnect-Reconnect page, all devices */ 2077 len = resp_disconnect_pg(ap, pcontrol, target); 2078 offset += len; 2079 break; 2080 case 0x3: /* Format device page, direct access */ 2081 if (is_disk) { 2082 len = resp_format_pg(ap, pcontrol, target); 2083 offset += len; 2084 } else 2085 bad_pcode = true; 2086 break; 2087 case 0x8: /* Caching page, direct access */ 2088 if (is_disk) { 2089 len = resp_caching_pg(ap, pcontrol, target); 2090 offset += len; 2091 } else 2092 bad_pcode = true; 2093 break; 2094 case 0xa: /* Control Mode page, all devices */ 2095 len = resp_ctrl_m_pg(ap, pcontrol, target); 2096 offset += len; 2097 break; 2098 case 0x19: /* if spc==1 then sas phy, control+discover */ 2099 if ((subpcode > 0x2) && (subpcode < 0xff)) { 2100 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2101 return check_condition_result; 2102 } 2103 len = 0; 2104 if ((0x0 == subpcode) || (0xff == subpcode)) 2105 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2106 if ((0x1 == subpcode) || (0xff == subpcode)) 2107 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target, 2108 target_dev_id); 2109 if ((0x2 == subpcode) || (0xff == subpcode)) 2110 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2111 offset += len; 2112 break; 2113 case 0x1c: /* Informational Exceptions Mode page, all devices */ 2114 len = resp_iec_m_pg(ap, pcontrol, target); 2115 offset += len; 2116 break; 2117 case 0x3f: /* Read all Mode pages */ 2118 if ((0 == subpcode) || (0xff == subpcode)) { 2119 len = resp_err_recov_pg(ap, pcontrol, target); 2120 len += resp_disconnect_pg(ap + len, pcontrol, target); 2121 if (is_disk) { 2122 len += resp_format_pg(ap + len, pcontrol, 2123 target); 2124 len += resp_caching_pg(ap + len, pcontrol, 2125 target); 2126 } 2127 len += resp_ctrl_m_pg(ap + len, pcontrol, target); 2128 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2129 if (0xff == subpcode) { 2130 len += resp_sas_pcd_m_spg(ap + len, pcontrol, 2131 target, target_dev_id); 2132 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2133 } 2134 len += resp_iec_m_pg(ap + len, pcontrol, target); 2135 offset += len; 2136 } else { 2137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2138 return check_condition_result; 2139 } 2140 break; 2141 default: 2142 bad_pcode = true; 2143 break; 2144 } 2145 if (bad_pcode) { 2146 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2147 return check_condition_result; 2148 } 2149 if (msense_6) 2150 arr[0] = offset - 1; 2151 else 2152 put_unaligned_be16((offset - 2), arr + 0); 2153 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset)); 2154 } 2155 2156 #define SDEBUG_MAX_MSELECT_SZ 512 2157 2158 static int resp_mode_select(struct scsi_cmnd *scp, 2159 struct sdebug_dev_info *devip) 2160 { 2161 int pf, sp, ps, md_len, bd_len, off, spf, pg_len; 2162 int param_len, res, mpage; 2163 unsigned char arr[SDEBUG_MAX_MSELECT_SZ]; 2164 unsigned char *cmd = scp->cmnd; 2165 int mselect6 = (MODE_SELECT == cmd[0]); 2166 2167 memset(arr, 0, sizeof(arr)); 2168 pf = cmd[1] & 0x10; 2169 sp = cmd[1] & 0x1; 2170 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2171 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) { 2172 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1); 2173 return check_condition_result; 2174 } 2175 res = fetch_to_dev_buffer(scp, arr, param_len); 2176 if (-1 == res) 2177 return DID_ERROR << 16; 2178 else if (sdebug_verbose && (res < param_len)) 2179 sdev_printk(KERN_INFO, scp->device, 2180 "%s: cdb indicated=%d, IO sent=%d bytes\n", 2181 __func__, param_len, res); 2182 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2); 2183 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6); 2184 if (md_len > 2) { 2185 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1); 2186 return check_condition_result; 2187 } 2188 off = bd_len + (mselect6 ? 4 : 8); 2189 mpage = arr[off] & 0x3f; 2190 ps = !!(arr[off] & 0x80); 2191 if (ps) { 2192 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7); 2193 return check_condition_result; 2194 } 2195 spf = !!(arr[off] & 0x40); 2196 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) : 2197 (arr[off + 1] + 2); 2198 if ((pg_len + off) > param_len) { 2199 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2200 PARAMETER_LIST_LENGTH_ERR, 0); 2201 return check_condition_result; 2202 } 2203 switch (mpage) { 2204 case 0x8: /* Caching Mode page */ 2205 if (caching_pg[1] == arr[off + 1]) { 2206 memcpy(caching_pg + 2, arr + off + 2, 2207 sizeof(caching_pg) - 2); 2208 goto set_mode_changed_ua; 2209 } 2210 break; 2211 case 0xa: /* Control Mode page */ 2212 if (ctrl_m_pg[1] == arr[off + 1]) { 2213 memcpy(ctrl_m_pg + 2, arr + off + 2, 2214 sizeof(ctrl_m_pg) - 2); 2215 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4); 2216 goto set_mode_changed_ua; 2217 } 2218 break; 2219 case 0x1c: /* Informational Exceptions Mode page */ 2220 if (iec_m_pg[1] == arr[off + 1]) { 2221 memcpy(iec_m_pg + 2, arr + off + 2, 2222 sizeof(iec_m_pg) - 2); 2223 goto set_mode_changed_ua; 2224 } 2225 break; 2226 default: 2227 break; 2228 } 2229 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5); 2230 return check_condition_result; 2231 set_mode_changed_ua: 2232 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm); 2233 return 0; 2234 } 2235 2236 static int resp_temp_l_pg(unsigned char * arr) 2237 { 2238 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38, 2239 0x0, 0x1, 0x3, 0x2, 0x0, 65, 2240 }; 2241 2242 memcpy(arr, temp_l_pg, sizeof(temp_l_pg)); 2243 return sizeof(temp_l_pg); 2244 } 2245 2246 static int resp_ie_l_pg(unsigned char * arr) 2247 { 2248 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38, 2249 }; 2250 2251 memcpy(arr, ie_l_pg, sizeof(ie_l_pg)); 2252 if (iec_m_pg[2] & 0x4) { /* TEST bit set */ 2253 arr[4] = THRESHOLD_EXCEEDED; 2254 arr[5] = 0xff; 2255 } 2256 return sizeof(ie_l_pg); 2257 } 2258 2259 #define SDEBUG_MAX_LSENSE_SZ 512 2260 2261 static int resp_log_sense(struct scsi_cmnd * scp, 2262 struct sdebug_dev_info * devip) 2263 { 2264 int ppc, sp, pcode, subpcode, alloc_len, len, n; 2265 unsigned char arr[SDEBUG_MAX_LSENSE_SZ]; 2266 unsigned char *cmd = scp->cmnd; 2267 2268 memset(arr, 0, sizeof(arr)); 2269 ppc = cmd[1] & 0x2; 2270 sp = cmd[1] & 0x1; 2271 if (ppc || sp) { 2272 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0); 2273 return check_condition_result; 2274 } 2275 pcode = cmd[2] & 0x3f; 2276 subpcode = cmd[3] & 0xff; 2277 alloc_len = get_unaligned_be16(cmd + 7); 2278 arr[0] = pcode; 2279 if (0 == subpcode) { 2280 switch (pcode) { 2281 case 0x0: /* Supported log pages log page */ 2282 n = 4; 2283 arr[n++] = 0x0; /* this page */ 2284 arr[n++] = 0xd; /* Temperature */ 2285 arr[n++] = 0x2f; /* Informational exceptions */ 2286 arr[3] = n - 4; 2287 break; 2288 case 0xd: /* Temperature log page */ 2289 arr[3] = resp_temp_l_pg(arr + 4); 2290 break; 2291 case 0x2f: /* Informational exceptions log page */ 2292 arr[3] = resp_ie_l_pg(arr + 4); 2293 break; 2294 default: 2295 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2296 return check_condition_result; 2297 } 2298 } else if (0xff == subpcode) { 2299 arr[0] |= 0x40; 2300 arr[1] = subpcode; 2301 switch (pcode) { 2302 case 0x0: /* Supported log pages and subpages log page */ 2303 n = 4; 2304 arr[n++] = 0x0; 2305 arr[n++] = 0x0; /* 0,0 page */ 2306 arr[n++] = 0x0; 2307 arr[n++] = 0xff; /* this page */ 2308 arr[n++] = 0xd; 2309 arr[n++] = 0x0; /* Temperature */ 2310 arr[n++] = 0x2f; 2311 arr[n++] = 0x0; /* Informational exceptions */ 2312 arr[3] = n - 4; 2313 break; 2314 case 0xd: /* Temperature subpages */ 2315 n = 4; 2316 arr[n++] = 0xd; 2317 arr[n++] = 0x0; /* Temperature */ 2318 arr[3] = n - 4; 2319 break; 2320 case 0x2f: /* Informational exceptions subpages */ 2321 n = 4; 2322 arr[n++] = 0x2f; 2323 arr[n++] = 0x0; /* Informational exceptions */ 2324 arr[3] = n - 4; 2325 break; 2326 default: 2327 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2328 return check_condition_result; 2329 } 2330 } else { 2331 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2332 return check_condition_result; 2333 } 2334 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len); 2335 return fill_from_dev_buffer(scp, arr, 2336 min(len, SDEBUG_MAX_INQ_ARR_SZ)); 2337 } 2338 2339 static int check_device_access_params(struct scsi_cmnd *scp, 2340 unsigned long long lba, unsigned int num) 2341 { 2342 if (lba + num > sdebug_capacity) { 2343 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2344 return check_condition_result; 2345 } 2346 /* transfer length excessive (tie in to block limits VPD page) */ 2347 if (num > sdebug_store_sectors) { 2348 /* needs work to find which cdb byte 'num' comes from */ 2349 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2350 return check_condition_result; 2351 } 2352 return 0; 2353 } 2354 2355 /* Returns number of bytes copied or -1 if error. */ 2356 static int do_device_access(struct scsi_cmnd *scmd, u64 lba, u32 num, 2357 bool do_write) 2358 { 2359 int ret; 2360 u64 block, rest = 0; 2361 struct scsi_data_buffer *sdb; 2362 enum dma_data_direction dir; 2363 2364 if (do_write) { 2365 sdb = scsi_out(scmd); 2366 dir = DMA_TO_DEVICE; 2367 } else { 2368 sdb = scsi_in(scmd); 2369 dir = DMA_FROM_DEVICE; 2370 } 2371 2372 if (!sdb->length) 2373 return 0; 2374 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir)) 2375 return -1; 2376 2377 block = do_div(lba, sdebug_store_sectors); 2378 if (block + num > sdebug_store_sectors) 2379 rest = block + num - sdebug_store_sectors; 2380 2381 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 2382 fake_storep + (block * sdebug_sector_size), 2383 (num - rest) * sdebug_sector_size, 0, do_write); 2384 if (ret != (num - rest) * sdebug_sector_size) 2385 return ret; 2386 2387 if (rest) { 2388 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 2389 fake_storep, rest * sdebug_sector_size, 2390 (num - rest) * sdebug_sector_size, do_write); 2391 } 2392 2393 return ret; 2394 } 2395 2396 /* If fake_store(lba,num) compares equal to arr(num), then copy top half of 2397 * arr into fake_store(lba,num) and return true. If comparison fails then 2398 * return false. */ 2399 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr) 2400 { 2401 bool res; 2402 u64 block, rest = 0; 2403 u32 store_blks = sdebug_store_sectors; 2404 u32 lb_size = sdebug_sector_size; 2405 2406 block = do_div(lba, store_blks); 2407 if (block + num > store_blks) 2408 rest = block + num - store_blks; 2409 2410 res = !memcmp(fake_storep + (block * lb_size), arr, 2411 (num - rest) * lb_size); 2412 if (!res) 2413 return res; 2414 if (rest) 2415 res = memcmp(fake_storep, arr + ((num - rest) * lb_size), 2416 rest * lb_size); 2417 if (!res) 2418 return res; 2419 arr += num * lb_size; 2420 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size); 2421 if (rest) 2422 memcpy(fake_storep, arr + ((num - rest) * lb_size), 2423 rest * lb_size); 2424 return res; 2425 } 2426 2427 static __be16 dif_compute_csum(const void *buf, int len) 2428 { 2429 __be16 csum; 2430 2431 if (sdebug_guard) 2432 csum = (__force __be16)ip_compute_csum(buf, len); 2433 else 2434 csum = cpu_to_be16(crc_t10dif(buf, len)); 2435 2436 return csum; 2437 } 2438 2439 static int dif_verify(struct t10_pi_tuple *sdt, const void *data, 2440 sector_t sector, u32 ei_lba) 2441 { 2442 __be16 csum = dif_compute_csum(data, sdebug_sector_size); 2443 2444 if (sdt->guard_tag != csum) { 2445 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n", 2446 (unsigned long)sector, 2447 be16_to_cpu(sdt->guard_tag), 2448 be16_to_cpu(csum)); 2449 return 0x01; 2450 } 2451 if (sdebug_dif == T10_PI_TYPE1_PROTECTION && 2452 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) { 2453 pr_err("REF check failed on sector %lu\n", 2454 (unsigned long)sector); 2455 return 0x03; 2456 } 2457 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 2458 be32_to_cpu(sdt->ref_tag) != ei_lba) { 2459 pr_err("REF check failed on sector %lu\n", 2460 (unsigned long)sector); 2461 return 0x03; 2462 } 2463 return 0; 2464 } 2465 2466 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector, 2467 unsigned int sectors, bool read) 2468 { 2469 size_t resid; 2470 void *paddr; 2471 const void *dif_store_end = dif_storep + sdebug_store_sectors; 2472 struct sg_mapping_iter miter; 2473 2474 /* Bytes of protection data to copy into sgl */ 2475 resid = sectors * sizeof(*dif_storep); 2476 2477 sg_miter_start(&miter, scsi_prot_sglist(SCpnt), 2478 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC | 2479 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG)); 2480 2481 while (sg_miter_next(&miter) && resid > 0) { 2482 size_t len = min(miter.length, resid); 2483 void *start = dif_store(sector); 2484 size_t rest = 0; 2485 2486 if (dif_store_end < start + len) 2487 rest = start + len - dif_store_end; 2488 2489 paddr = miter.addr; 2490 2491 if (read) 2492 memcpy(paddr, start, len - rest); 2493 else 2494 memcpy(start, paddr, len - rest); 2495 2496 if (rest) { 2497 if (read) 2498 memcpy(paddr + len - rest, dif_storep, rest); 2499 else 2500 memcpy(dif_storep, paddr + len - rest, rest); 2501 } 2502 2503 sector += len / sizeof(*dif_storep); 2504 resid -= len; 2505 } 2506 sg_miter_stop(&miter); 2507 } 2508 2509 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec, 2510 unsigned int sectors, u32 ei_lba) 2511 { 2512 unsigned int i; 2513 struct t10_pi_tuple *sdt; 2514 sector_t sector; 2515 2516 for (i = 0; i < sectors; i++, ei_lba++) { 2517 int ret; 2518 2519 sector = start_sec + i; 2520 sdt = dif_store(sector); 2521 2522 if (sdt->app_tag == cpu_to_be16(0xffff)) 2523 continue; 2524 2525 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba); 2526 if (ret) { 2527 dif_errors++; 2528 return ret; 2529 } 2530 } 2531 2532 dif_copy_prot(SCpnt, start_sec, sectors, true); 2533 dix_reads++; 2534 2535 return 0; 2536 } 2537 2538 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 2539 { 2540 u8 *cmd = scp->cmnd; 2541 struct sdebug_queued_cmd *sqcp; 2542 u64 lba; 2543 u32 num; 2544 u32 ei_lba; 2545 unsigned long iflags; 2546 int ret; 2547 bool check_prot; 2548 2549 switch (cmd[0]) { 2550 case READ_16: 2551 ei_lba = 0; 2552 lba = get_unaligned_be64(cmd + 2); 2553 num = get_unaligned_be32(cmd + 10); 2554 check_prot = true; 2555 break; 2556 case READ_10: 2557 ei_lba = 0; 2558 lba = get_unaligned_be32(cmd + 2); 2559 num = get_unaligned_be16(cmd + 7); 2560 check_prot = true; 2561 break; 2562 case READ_6: 2563 ei_lba = 0; 2564 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 2565 (u32)(cmd[1] & 0x1f) << 16; 2566 num = (0 == cmd[4]) ? 256 : cmd[4]; 2567 check_prot = true; 2568 break; 2569 case READ_12: 2570 ei_lba = 0; 2571 lba = get_unaligned_be32(cmd + 2); 2572 num = get_unaligned_be32(cmd + 6); 2573 check_prot = true; 2574 break; 2575 case XDWRITEREAD_10: 2576 ei_lba = 0; 2577 lba = get_unaligned_be32(cmd + 2); 2578 num = get_unaligned_be16(cmd + 7); 2579 check_prot = false; 2580 break; 2581 default: /* assume READ(32) */ 2582 lba = get_unaligned_be64(cmd + 12); 2583 ei_lba = get_unaligned_be32(cmd + 20); 2584 num = get_unaligned_be32(cmd + 28); 2585 check_prot = false; 2586 break; 2587 } 2588 if (unlikely(have_dif_prot && check_prot)) { 2589 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 2590 (cmd[1] & 0xe0)) { 2591 mk_sense_invalid_opcode(scp); 2592 return check_condition_result; 2593 } 2594 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 2595 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 2596 (cmd[1] & 0xe0) == 0) 2597 sdev_printk(KERN_ERR, scp->device, "Unprotected RD " 2598 "to DIF device\n"); 2599 } 2600 if (unlikely(sdebug_any_injecting_opt)) { 2601 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble; 2602 2603 if (sqcp) { 2604 if (sqcp->inj_short) 2605 num /= 2; 2606 } 2607 } else 2608 sqcp = NULL; 2609 2610 /* inline check_device_access_params() */ 2611 if (unlikely(lba + num > sdebug_capacity)) { 2612 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2613 return check_condition_result; 2614 } 2615 /* transfer length excessive (tie in to block limits VPD page) */ 2616 if (unlikely(num > sdebug_store_sectors)) { 2617 /* needs work to find which cdb byte 'num' comes from */ 2618 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2619 return check_condition_result; 2620 } 2621 2622 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) && 2623 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) && 2624 ((lba + num) > OPT_MEDIUM_ERR_ADDR))) { 2625 /* claim unrecoverable read error */ 2626 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0); 2627 /* set info field and valid bit for fixed descriptor */ 2628 if (0x70 == (scp->sense_buffer[0] & 0x7f)) { 2629 scp->sense_buffer[0] |= 0x80; /* Valid bit */ 2630 ret = (lba < OPT_MEDIUM_ERR_ADDR) 2631 ? OPT_MEDIUM_ERR_ADDR : (int)lba; 2632 put_unaligned_be32(ret, scp->sense_buffer + 3); 2633 } 2634 scsi_set_resid(scp, scsi_bufflen(scp)); 2635 return check_condition_result; 2636 } 2637 2638 read_lock_irqsave(&atomic_rw, iflags); 2639 2640 /* DIX + T10 DIF */ 2641 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 2642 int prot_ret = prot_verify_read(scp, lba, num, ei_lba); 2643 2644 if (prot_ret) { 2645 read_unlock_irqrestore(&atomic_rw, iflags); 2646 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret); 2647 return illegal_condition_result; 2648 } 2649 } 2650 2651 ret = do_device_access(scp, lba, num, false); 2652 read_unlock_irqrestore(&atomic_rw, iflags); 2653 if (unlikely(ret == -1)) 2654 return DID_ERROR << 16; 2655 2656 scsi_in(scp)->resid = scsi_bufflen(scp) - ret; 2657 2658 if (unlikely(sqcp)) { 2659 if (sqcp->inj_recovered) { 2660 mk_sense_buffer(scp, RECOVERED_ERROR, 2661 THRESHOLD_EXCEEDED, 0); 2662 return check_condition_result; 2663 } else if (sqcp->inj_transport) { 2664 mk_sense_buffer(scp, ABORTED_COMMAND, 2665 TRANSPORT_PROBLEM, ACK_NAK_TO); 2666 return check_condition_result; 2667 } else if (sqcp->inj_dif) { 2668 /* Logical block guard check failed */ 2669 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 2670 return illegal_condition_result; 2671 } else if (sqcp->inj_dix) { 2672 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 2673 return illegal_condition_result; 2674 } 2675 } 2676 return 0; 2677 } 2678 2679 static void dump_sector(unsigned char *buf, int len) 2680 { 2681 int i, j, n; 2682 2683 pr_err(">>> Sector Dump <<<\n"); 2684 for (i = 0 ; i < len ; i += 16) { 2685 char b[128]; 2686 2687 for (j = 0, n = 0; j < 16; j++) { 2688 unsigned char c = buf[i+j]; 2689 2690 if (c >= 0x20 && c < 0x7e) 2691 n += scnprintf(b + n, sizeof(b) - n, 2692 " %c ", buf[i+j]); 2693 else 2694 n += scnprintf(b + n, sizeof(b) - n, 2695 "%02x ", buf[i+j]); 2696 } 2697 pr_err("%04d: %s\n", i, b); 2698 } 2699 } 2700 2701 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec, 2702 unsigned int sectors, u32 ei_lba) 2703 { 2704 int ret; 2705 struct t10_pi_tuple *sdt; 2706 void *daddr; 2707 sector_t sector = start_sec; 2708 int ppage_offset; 2709 int dpage_offset; 2710 struct sg_mapping_iter diter; 2711 struct sg_mapping_iter piter; 2712 2713 BUG_ON(scsi_sg_count(SCpnt) == 0); 2714 BUG_ON(scsi_prot_sg_count(SCpnt) == 0); 2715 2716 sg_miter_start(&piter, scsi_prot_sglist(SCpnt), 2717 scsi_prot_sg_count(SCpnt), 2718 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 2719 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt), 2720 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 2721 2722 /* For each protection page */ 2723 while (sg_miter_next(&piter)) { 2724 dpage_offset = 0; 2725 if (WARN_ON(!sg_miter_next(&diter))) { 2726 ret = 0x01; 2727 goto out; 2728 } 2729 2730 for (ppage_offset = 0; ppage_offset < piter.length; 2731 ppage_offset += sizeof(struct t10_pi_tuple)) { 2732 /* If we're at the end of the current 2733 * data page advance to the next one 2734 */ 2735 if (dpage_offset >= diter.length) { 2736 if (WARN_ON(!sg_miter_next(&diter))) { 2737 ret = 0x01; 2738 goto out; 2739 } 2740 dpage_offset = 0; 2741 } 2742 2743 sdt = piter.addr + ppage_offset; 2744 daddr = diter.addr + dpage_offset; 2745 2746 ret = dif_verify(sdt, daddr, sector, ei_lba); 2747 if (ret) { 2748 dump_sector(daddr, sdebug_sector_size); 2749 goto out; 2750 } 2751 2752 sector++; 2753 ei_lba++; 2754 dpage_offset += sdebug_sector_size; 2755 } 2756 diter.consumed = dpage_offset; 2757 sg_miter_stop(&diter); 2758 } 2759 sg_miter_stop(&piter); 2760 2761 dif_copy_prot(SCpnt, start_sec, sectors, false); 2762 dix_writes++; 2763 2764 return 0; 2765 2766 out: 2767 dif_errors++; 2768 sg_miter_stop(&diter); 2769 sg_miter_stop(&piter); 2770 return ret; 2771 } 2772 2773 static unsigned long lba_to_map_index(sector_t lba) 2774 { 2775 if (sdebug_unmap_alignment) 2776 lba += sdebug_unmap_granularity - sdebug_unmap_alignment; 2777 sector_div(lba, sdebug_unmap_granularity); 2778 return lba; 2779 } 2780 2781 static sector_t map_index_to_lba(unsigned long index) 2782 { 2783 sector_t lba = index * sdebug_unmap_granularity; 2784 2785 if (sdebug_unmap_alignment) 2786 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment; 2787 return lba; 2788 } 2789 2790 static unsigned int map_state(sector_t lba, unsigned int *num) 2791 { 2792 sector_t end; 2793 unsigned int mapped; 2794 unsigned long index; 2795 unsigned long next; 2796 2797 index = lba_to_map_index(lba); 2798 mapped = test_bit(index, map_storep); 2799 2800 if (mapped) 2801 next = find_next_zero_bit(map_storep, map_size, index); 2802 else 2803 next = find_next_bit(map_storep, map_size, index); 2804 2805 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next)); 2806 *num = end - lba; 2807 return mapped; 2808 } 2809 2810 static void map_region(sector_t lba, unsigned int len) 2811 { 2812 sector_t end = lba + len; 2813 2814 while (lba < end) { 2815 unsigned long index = lba_to_map_index(lba); 2816 2817 if (index < map_size) 2818 set_bit(index, map_storep); 2819 2820 lba = map_index_to_lba(index + 1); 2821 } 2822 } 2823 2824 static void unmap_region(sector_t lba, unsigned int len) 2825 { 2826 sector_t end = lba + len; 2827 2828 while (lba < end) { 2829 unsigned long index = lba_to_map_index(lba); 2830 2831 if (lba == map_index_to_lba(index) && 2832 lba + sdebug_unmap_granularity <= end && 2833 index < map_size) { 2834 clear_bit(index, map_storep); 2835 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */ 2836 memset(fake_storep + 2837 lba * sdebug_sector_size, 2838 (sdebug_lbprz & 1) ? 0 : 0xff, 2839 sdebug_sector_size * 2840 sdebug_unmap_granularity); 2841 } 2842 if (dif_storep) { 2843 memset(dif_storep + lba, 0xff, 2844 sizeof(*dif_storep) * 2845 sdebug_unmap_granularity); 2846 } 2847 } 2848 lba = map_index_to_lba(index + 1); 2849 } 2850 } 2851 2852 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 2853 { 2854 u8 *cmd = scp->cmnd; 2855 u64 lba; 2856 u32 num; 2857 u32 ei_lba; 2858 unsigned long iflags; 2859 int ret; 2860 bool check_prot; 2861 2862 switch (cmd[0]) { 2863 case WRITE_16: 2864 ei_lba = 0; 2865 lba = get_unaligned_be64(cmd + 2); 2866 num = get_unaligned_be32(cmd + 10); 2867 check_prot = true; 2868 break; 2869 case WRITE_10: 2870 ei_lba = 0; 2871 lba = get_unaligned_be32(cmd + 2); 2872 num = get_unaligned_be16(cmd + 7); 2873 check_prot = true; 2874 break; 2875 case WRITE_6: 2876 ei_lba = 0; 2877 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 2878 (u32)(cmd[1] & 0x1f) << 16; 2879 num = (0 == cmd[4]) ? 256 : cmd[4]; 2880 check_prot = true; 2881 break; 2882 case WRITE_12: 2883 ei_lba = 0; 2884 lba = get_unaligned_be32(cmd + 2); 2885 num = get_unaligned_be32(cmd + 6); 2886 check_prot = true; 2887 break; 2888 case 0x53: /* XDWRITEREAD(10) */ 2889 ei_lba = 0; 2890 lba = get_unaligned_be32(cmd + 2); 2891 num = get_unaligned_be16(cmd + 7); 2892 check_prot = false; 2893 break; 2894 default: /* assume WRITE(32) */ 2895 lba = get_unaligned_be64(cmd + 12); 2896 ei_lba = get_unaligned_be32(cmd + 20); 2897 num = get_unaligned_be32(cmd + 28); 2898 check_prot = false; 2899 break; 2900 } 2901 if (unlikely(have_dif_prot && check_prot)) { 2902 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 2903 (cmd[1] & 0xe0)) { 2904 mk_sense_invalid_opcode(scp); 2905 return check_condition_result; 2906 } 2907 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 2908 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 2909 (cmd[1] & 0xe0) == 0) 2910 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 2911 "to DIF device\n"); 2912 } 2913 2914 /* inline check_device_access_params() */ 2915 if (unlikely(lba + num > sdebug_capacity)) { 2916 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 2917 return check_condition_result; 2918 } 2919 /* transfer length excessive (tie in to block limits VPD page) */ 2920 if (unlikely(num > sdebug_store_sectors)) { 2921 /* needs work to find which cdb byte 'num' comes from */ 2922 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 2923 return check_condition_result; 2924 } 2925 2926 write_lock_irqsave(&atomic_rw, iflags); 2927 2928 /* DIX + T10 DIF */ 2929 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 2930 int prot_ret = prot_verify_write(scp, lba, num, ei_lba); 2931 2932 if (prot_ret) { 2933 write_unlock_irqrestore(&atomic_rw, iflags); 2934 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret); 2935 return illegal_condition_result; 2936 } 2937 } 2938 2939 ret = do_device_access(scp, lba, num, true); 2940 if (unlikely(scsi_debug_lbp())) 2941 map_region(lba, num); 2942 write_unlock_irqrestore(&atomic_rw, iflags); 2943 if (unlikely(-1 == ret)) 2944 return DID_ERROR << 16; 2945 else if (unlikely(sdebug_verbose && 2946 (ret < (num * sdebug_sector_size)))) 2947 sdev_printk(KERN_INFO, scp->device, 2948 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 2949 my_name, num * sdebug_sector_size, ret); 2950 2951 if (unlikely(sdebug_any_injecting_opt)) { 2952 struct sdebug_queued_cmd *sqcp = 2953 (struct sdebug_queued_cmd *)scp->host_scribble; 2954 2955 if (sqcp) { 2956 if (sqcp->inj_recovered) { 2957 mk_sense_buffer(scp, RECOVERED_ERROR, 2958 THRESHOLD_EXCEEDED, 0); 2959 return check_condition_result; 2960 } else if (sqcp->inj_dif) { 2961 /* Logical block guard check failed */ 2962 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 2963 return illegal_condition_result; 2964 } else if (sqcp->inj_dix) { 2965 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 2966 return illegal_condition_result; 2967 } 2968 } 2969 } 2970 return 0; 2971 } 2972 2973 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, 2974 u32 ei_lba, bool unmap, bool ndob) 2975 { 2976 unsigned long iflags; 2977 unsigned long long i; 2978 int ret; 2979 u64 lba_off; 2980 2981 ret = check_device_access_params(scp, lba, num); 2982 if (ret) 2983 return ret; 2984 2985 write_lock_irqsave(&atomic_rw, iflags); 2986 2987 if (unmap && scsi_debug_lbp()) { 2988 unmap_region(lba, num); 2989 goto out; 2990 } 2991 2992 lba_off = lba * sdebug_sector_size; 2993 /* if ndob then zero 1 logical block, else fetch 1 logical block */ 2994 if (ndob) { 2995 memset(fake_storep + lba_off, 0, sdebug_sector_size); 2996 ret = 0; 2997 } else 2998 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off, 2999 sdebug_sector_size); 3000 3001 if (-1 == ret) { 3002 write_unlock_irqrestore(&atomic_rw, iflags); 3003 return DID_ERROR << 16; 3004 } else if (sdebug_verbose && (ret < (num * sdebug_sector_size))) 3005 sdev_printk(KERN_INFO, scp->device, 3006 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n", 3007 my_name, "write same", 3008 num * sdebug_sector_size, ret); 3009 3010 /* Copy first sector to remaining blocks */ 3011 for (i = 1 ; i < num ; i++) 3012 memcpy(fake_storep + ((lba + i) * sdebug_sector_size), 3013 fake_storep + lba_off, 3014 sdebug_sector_size); 3015 3016 if (scsi_debug_lbp()) 3017 map_region(lba, num); 3018 out: 3019 write_unlock_irqrestore(&atomic_rw, iflags); 3020 3021 return 0; 3022 } 3023 3024 static int resp_write_same_10(struct scsi_cmnd *scp, 3025 struct sdebug_dev_info *devip) 3026 { 3027 u8 *cmd = scp->cmnd; 3028 u32 lba; 3029 u16 num; 3030 u32 ei_lba = 0; 3031 bool unmap = false; 3032 3033 if (cmd[1] & 0x8) { 3034 if (sdebug_lbpws10 == 0) { 3035 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3036 return check_condition_result; 3037 } else 3038 unmap = true; 3039 } 3040 lba = get_unaligned_be32(cmd + 2); 3041 num = get_unaligned_be16(cmd + 7); 3042 if (num > sdebug_write_same_length) { 3043 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 3044 return check_condition_result; 3045 } 3046 return resp_write_same(scp, lba, num, ei_lba, unmap, false); 3047 } 3048 3049 static int resp_write_same_16(struct scsi_cmnd *scp, 3050 struct sdebug_dev_info *devip) 3051 { 3052 u8 *cmd = scp->cmnd; 3053 u64 lba; 3054 u32 num; 3055 u32 ei_lba = 0; 3056 bool unmap = false; 3057 bool ndob = false; 3058 3059 if (cmd[1] & 0x8) { /* UNMAP */ 3060 if (sdebug_lbpws == 0) { 3061 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 3062 return check_condition_result; 3063 } else 3064 unmap = true; 3065 } 3066 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */ 3067 ndob = true; 3068 lba = get_unaligned_be64(cmd + 2); 3069 num = get_unaligned_be32(cmd + 10); 3070 if (num > sdebug_write_same_length) { 3071 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1); 3072 return check_condition_result; 3073 } 3074 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob); 3075 } 3076 3077 /* Note the mode field is in the same position as the (lower) service action 3078 * field. For the Report supported operation codes command, SPC-4 suggests 3079 * each mode of this command should be reported separately; for future. */ 3080 static int resp_write_buffer(struct scsi_cmnd *scp, 3081 struct sdebug_dev_info *devip) 3082 { 3083 u8 *cmd = scp->cmnd; 3084 struct scsi_device *sdp = scp->device; 3085 struct sdebug_dev_info *dp; 3086 u8 mode; 3087 3088 mode = cmd[1] & 0x1f; 3089 switch (mode) { 3090 case 0x4: /* download microcode (MC) and activate (ACT) */ 3091 /* set UAs on this device only */ 3092 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 3093 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm); 3094 break; 3095 case 0x5: /* download MC, save and ACT */ 3096 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm); 3097 break; 3098 case 0x6: /* download MC with offsets and ACT */ 3099 /* set UAs on most devices (LUs) in this target */ 3100 list_for_each_entry(dp, 3101 &devip->sdbg_host->dev_info_list, 3102 dev_list) 3103 if (dp->target == sdp->id) { 3104 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm); 3105 if (devip != dp) 3106 set_bit(SDEBUG_UA_MICROCODE_CHANGED, 3107 dp->uas_bm); 3108 } 3109 break; 3110 case 0x7: /* download MC with offsets, save, and ACT */ 3111 /* set UA on all devices (LUs) in this target */ 3112 list_for_each_entry(dp, 3113 &devip->sdbg_host->dev_info_list, 3114 dev_list) 3115 if (dp->target == sdp->id) 3116 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, 3117 dp->uas_bm); 3118 break; 3119 default: 3120 /* do nothing for this command for other mode values */ 3121 break; 3122 } 3123 return 0; 3124 } 3125 3126 static int resp_comp_write(struct scsi_cmnd *scp, 3127 struct sdebug_dev_info *devip) 3128 { 3129 u8 *cmd = scp->cmnd; 3130 u8 *arr; 3131 u8 *fake_storep_hold; 3132 u64 lba; 3133 u32 dnum; 3134 u32 lb_size = sdebug_sector_size; 3135 u8 num; 3136 unsigned long iflags; 3137 int ret; 3138 int retval = 0; 3139 3140 lba = get_unaligned_be64(cmd + 2); 3141 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */ 3142 if (0 == num) 3143 return 0; /* degenerate case, not an error */ 3144 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3145 (cmd[1] & 0xe0)) { 3146 mk_sense_invalid_opcode(scp); 3147 return check_condition_result; 3148 } 3149 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3150 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3151 (cmd[1] & 0xe0) == 0) 3152 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 3153 "to DIF device\n"); 3154 3155 /* inline check_device_access_params() */ 3156 if (lba + num > sdebug_capacity) { 3157 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 3158 return check_condition_result; 3159 } 3160 /* transfer length excessive (tie in to block limits VPD page) */ 3161 if (num > sdebug_store_sectors) { 3162 /* needs work to find which cdb byte 'num' comes from */ 3163 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3164 return check_condition_result; 3165 } 3166 dnum = 2 * num; 3167 arr = kzalloc(dnum * lb_size, GFP_ATOMIC); 3168 if (NULL == arr) { 3169 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3170 INSUFF_RES_ASCQ); 3171 return check_condition_result; 3172 } 3173 3174 write_lock_irqsave(&atomic_rw, iflags); 3175 3176 /* trick do_device_access() to fetch both compare and write buffers 3177 * from data-in into arr. Safe (atomic) since write_lock held. */ 3178 fake_storep_hold = fake_storep; 3179 fake_storep = arr; 3180 ret = do_device_access(scp, 0, dnum, true); 3181 fake_storep = fake_storep_hold; 3182 if (ret == -1) { 3183 retval = DID_ERROR << 16; 3184 goto cleanup; 3185 } else if (sdebug_verbose && (ret < (dnum * lb_size))) 3186 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb " 3187 "indicated=%u, IO sent=%d bytes\n", my_name, 3188 dnum * lb_size, ret); 3189 if (!comp_write_worker(lba, num, arr)) { 3190 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 3191 retval = check_condition_result; 3192 goto cleanup; 3193 } 3194 if (scsi_debug_lbp()) 3195 map_region(lba, num); 3196 cleanup: 3197 write_unlock_irqrestore(&atomic_rw, iflags); 3198 kfree(arr); 3199 return retval; 3200 } 3201 3202 struct unmap_block_desc { 3203 __be64 lba; 3204 __be32 blocks; 3205 __be32 __reserved; 3206 }; 3207 3208 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3209 { 3210 unsigned char *buf; 3211 struct unmap_block_desc *desc; 3212 unsigned int i, payload_len, descriptors; 3213 int ret; 3214 unsigned long iflags; 3215 3216 3217 if (!scsi_debug_lbp()) 3218 return 0; /* fib and say its done */ 3219 payload_len = get_unaligned_be16(scp->cmnd + 7); 3220 BUG_ON(scsi_bufflen(scp) != payload_len); 3221 3222 descriptors = (payload_len - 8) / 16; 3223 if (descriptors > sdebug_unmap_max_desc) { 3224 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 3225 return check_condition_result; 3226 } 3227 3228 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 3229 if (!buf) { 3230 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3231 INSUFF_RES_ASCQ); 3232 return check_condition_result; 3233 } 3234 3235 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 3236 3237 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2); 3238 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16); 3239 3240 desc = (void *)&buf[8]; 3241 3242 write_lock_irqsave(&atomic_rw, iflags); 3243 3244 for (i = 0 ; i < descriptors ; i++) { 3245 unsigned long long lba = get_unaligned_be64(&desc[i].lba); 3246 unsigned int num = get_unaligned_be32(&desc[i].blocks); 3247 3248 ret = check_device_access_params(scp, lba, num); 3249 if (ret) 3250 goto out; 3251 3252 unmap_region(lba, num); 3253 } 3254 3255 ret = 0; 3256 3257 out: 3258 write_unlock_irqrestore(&atomic_rw, iflags); 3259 kfree(buf); 3260 3261 return ret; 3262 } 3263 3264 #define SDEBUG_GET_LBA_STATUS_LEN 32 3265 3266 static int resp_get_lba_status(struct scsi_cmnd *scp, 3267 struct sdebug_dev_info *devip) 3268 { 3269 u8 *cmd = scp->cmnd; 3270 u64 lba; 3271 u32 alloc_len, mapped, num; 3272 u8 arr[SDEBUG_GET_LBA_STATUS_LEN]; 3273 int ret; 3274 3275 lba = get_unaligned_be64(cmd + 2); 3276 alloc_len = get_unaligned_be32(cmd + 10); 3277 3278 if (alloc_len < 24) 3279 return 0; 3280 3281 ret = check_device_access_params(scp, lba, 1); 3282 if (ret) 3283 return ret; 3284 3285 if (scsi_debug_lbp()) 3286 mapped = map_state(lba, &num); 3287 else { 3288 mapped = 1; 3289 /* following just in case virtual_gb changed */ 3290 sdebug_capacity = get_sdebug_capacity(); 3291 if (sdebug_capacity - lba <= 0xffffffff) 3292 num = sdebug_capacity - lba; 3293 else 3294 num = 0xffffffff; 3295 } 3296 3297 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN); 3298 put_unaligned_be32(20, arr); /* Parameter Data Length */ 3299 put_unaligned_be64(lba, arr + 8); /* LBA */ 3300 put_unaligned_be32(num, arr + 16); /* Number of blocks */ 3301 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */ 3302 3303 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN); 3304 } 3305 3306 #define RL_BUCKET_ELEMS 8 3307 3308 /* Even though each pseudo target has a REPORT LUNS "well known logical unit" 3309 * (W-LUN), the normal Linux scanning logic does not associate it with a 3310 * device (e.g. /dev/sg7). The following magic will make that association: 3311 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan" 3312 * where <n> is a host number. If there are multiple targets in a host then 3313 * the above will associate a W-LUN to each target. To only get a W-LUN 3314 * for target 2, then use "echo '- 2 49409' > scan" . 3315 */ 3316 static int resp_report_luns(struct scsi_cmnd *scp, 3317 struct sdebug_dev_info *devip) 3318 { 3319 unsigned char *cmd = scp->cmnd; 3320 unsigned int alloc_len; 3321 unsigned char select_report; 3322 u64 lun; 3323 struct scsi_lun *lun_p; 3324 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)]; 3325 unsigned int lun_cnt; /* normal LUN count (max: 256) */ 3326 unsigned int wlun_cnt; /* report luns W-LUN count */ 3327 unsigned int tlun_cnt; /* total LUN count */ 3328 unsigned int rlen; /* response length (in bytes) */ 3329 int k, j, n, res; 3330 unsigned int off_rsp = 0; 3331 const int sz_lun = sizeof(struct scsi_lun); 3332 3333 clear_luns_changed_on_target(devip); 3334 3335 select_report = cmd[2]; 3336 alloc_len = get_unaligned_be32(cmd + 6); 3337 3338 if (alloc_len < 4) { 3339 pr_err("alloc len too small %d\n", alloc_len); 3340 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 3341 return check_condition_result; 3342 } 3343 3344 switch (select_report) { 3345 case 0: /* all LUNs apart from W-LUNs */ 3346 lun_cnt = sdebug_max_luns; 3347 wlun_cnt = 0; 3348 break; 3349 case 1: /* only W-LUNs */ 3350 lun_cnt = 0; 3351 wlun_cnt = 1; 3352 break; 3353 case 2: /* all LUNs */ 3354 lun_cnt = sdebug_max_luns; 3355 wlun_cnt = 1; 3356 break; 3357 case 0x10: /* only administrative LUs */ 3358 case 0x11: /* see SPC-5 */ 3359 case 0x12: /* only subsiduary LUs owned by referenced LU */ 3360 default: 3361 pr_debug("select report invalid %d\n", select_report); 3362 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 3363 return check_condition_result; 3364 } 3365 3366 if (sdebug_no_lun_0 && (lun_cnt > 0)) 3367 --lun_cnt; 3368 3369 tlun_cnt = lun_cnt + wlun_cnt; 3370 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */ 3371 scsi_set_resid(scp, scsi_bufflen(scp)); 3372 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n", 3373 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0); 3374 3375 /* loops rely on sizeof response header same as sizeof lun (both 8) */ 3376 lun = sdebug_no_lun_0 ? 1 : 0; 3377 for (k = 0, j = 0, res = 0; true; ++k, j = 0) { 3378 memset(arr, 0, sizeof(arr)); 3379 lun_p = (struct scsi_lun *)&arr[0]; 3380 if (k == 0) { 3381 put_unaligned_be32(rlen, &arr[0]); 3382 ++lun_p; 3383 j = 1; 3384 } 3385 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) { 3386 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt) 3387 break; 3388 int_to_scsilun(lun++, lun_p); 3389 } 3390 if (j < RL_BUCKET_ELEMS) 3391 break; 3392 n = j * sz_lun; 3393 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp); 3394 if (res) 3395 return res; 3396 off_rsp += n; 3397 } 3398 if (wlun_cnt) { 3399 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p); 3400 ++j; 3401 } 3402 if (j > 0) 3403 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp); 3404 return res; 3405 } 3406 3407 static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba, 3408 unsigned int num, struct sdebug_dev_info *devip) 3409 { 3410 int j; 3411 unsigned char *kaddr, *buf; 3412 unsigned int offset; 3413 struct scsi_data_buffer *sdb = scsi_in(scp); 3414 struct sg_mapping_iter miter; 3415 3416 /* better not to use temporary buffer. */ 3417 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 3418 if (!buf) { 3419 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3420 INSUFF_RES_ASCQ); 3421 return check_condition_result; 3422 } 3423 3424 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 3425 3426 offset = 0; 3427 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents, 3428 SG_MITER_ATOMIC | SG_MITER_TO_SG); 3429 3430 while (sg_miter_next(&miter)) { 3431 kaddr = miter.addr; 3432 for (j = 0; j < miter.length; j++) 3433 *(kaddr + j) ^= *(buf + offset + j); 3434 3435 offset += miter.length; 3436 } 3437 sg_miter_stop(&miter); 3438 kfree(buf); 3439 3440 return 0; 3441 } 3442 3443 static int resp_xdwriteread_10(struct scsi_cmnd *scp, 3444 struct sdebug_dev_info *devip) 3445 { 3446 u8 *cmd = scp->cmnd; 3447 u64 lba; 3448 u32 num; 3449 int errsts; 3450 3451 if (!scsi_bidi_cmnd(scp)) { 3452 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 3453 INSUFF_RES_ASCQ); 3454 return check_condition_result; 3455 } 3456 errsts = resp_read_dt0(scp, devip); 3457 if (errsts) 3458 return errsts; 3459 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */ 3460 errsts = resp_write_dt0(scp, devip); 3461 if (errsts) 3462 return errsts; 3463 } 3464 lba = get_unaligned_be32(cmd + 2); 3465 num = get_unaligned_be16(cmd + 7); 3466 return resp_xdwriteread(scp, lba, num, devip); 3467 } 3468 3469 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd) 3470 { 3471 struct sdebug_queue *sqp = sdebug_q_arr; 3472 3473 if (sdebug_mq_active) { 3474 u32 tag = blk_mq_unique_tag(cmnd->request); 3475 u16 hwq = blk_mq_unique_tag_to_hwq(tag); 3476 3477 if (unlikely(hwq >= submit_queues)) { 3478 pr_warn("Unexpected hwq=%d, apply modulo\n", hwq); 3479 hwq %= submit_queues; 3480 } 3481 pr_debug("tag=%u, hwq=%d\n", tag, hwq); 3482 return sqp + hwq; 3483 } else 3484 return sqp; 3485 } 3486 3487 /* Queued (deferred) command completions converge here. */ 3488 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp) 3489 { 3490 int qc_idx; 3491 int retiring = 0; 3492 unsigned long iflags; 3493 struct sdebug_queue *sqp; 3494 struct sdebug_queued_cmd *sqcp; 3495 struct scsi_cmnd *scp; 3496 struct sdebug_dev_info *devip; 3497 3498 qc_idx = sd_dp->qc_idx; 3499 sqp = sdebug_q_arr + sd_dp->sqa_idx; 3500 if (sdebug_statistics) { 3501 atomic_inc(&sdebug_completions); 3502 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 3503 atomic_inc(&sdebug_miss_cpus); 3504 } 3505 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) { 3506 pr_err("wild qc_idx=%d\n", qc_idx); 3507 return; 3508 } 3509 spin_lock_irqsave(&sqp->qc_lock, iflags); 3510 sqcp = &sqp->qc_arr[qc_idx]; 3511 scp = sqcp->a_cmnd; 3512 if (unlikely(scp == NULL)) { 3513 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3514 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n", 3515 sd_dp->sqa_idx, qc_idx); 3516 return; 3517 } 3518 devip = (struct sdebug_dev_info *)scp->device->hostdata; 3519 if (likely(devip)) 3520 atomic_dec(&devip->num_in_q); 3521 else 3522 pr_err("devip=NULL\n"); 3523 if (unlikely(atomic_read(&retired_max_queue) > 0)) 3524 retiring = 1; 3525 3526 sqcp->a_cmnd = NULL; 3527 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) { 3528 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3529 pr_err("Unexpected completion\n"); 3530 return; 3531 } 3532 3533 if (unlikely(retiring)) { /* user has reduced max_queue */ 3534 int k, retval; 3535 3536 retval = atomic_read(&retired_max_queue); 3537 if (qc_idx >= retval) { 3538 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3539 pr_err("index %d too large\n", retval); 3540 return; 3541 } 3542 k = find_last_bit(sqp->in_use_bm, retval); 3543 if ((k < sdebug_max_queue) || (k == retval)) 3544 atomic_set(&retired_max_queue, 0); 3545 else 3546 atomic_set(&retired_max_queue, k + 1); 3547 } 3548 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3549 scp->scsi_done(scp); /* callback to mid level */ 3550 } 3551 3552 /* When high resolution timer goes off this function is called. */ 3553 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer) 3554 { 3555 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer, 3556 hrt); 3557 sdebug_q_cmd_complete(sd_dp); 3558 return HRTIMER_NORESTART; 3559 } 3560 3561 /* When work queue schedules work, it calls this function. */ 3562 static void sdebug_q_cmd_wq_complete(struct work_struct *work) 3563 { 3564 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer, 3565 ew.work); 3566 sdebug_q_cmd_complete(sd_dp); 3567 } 3568 3569 static bool got_shared_uuid; 3570 static uuid_t shared_uuid; 3571 3572 static struct sdebug_dev_info *sdebug_device_create( 3573 struct sdebug_host_info *sdbg_host, gfp_t flags) 3574 { 3575 struct sdebug_dev_info *devip; 3576 3577 devip = kzalloc(sizeof(*devip), flags); 3578 if (devip) { 3579 if (sdebug_uuid_ctl == 1) 3580 uuid_gen(&devip->lu_name); 3581 else if (sdebug_uuid_ctl == 2) { 3582 if (got_shared_uuid) 3583 devip->lu_name = shared_uuid; 3584 else { 3585 uuid_gen(&shared_uuid); 3586 got_shared_uuid = true; 3587 devip->lu_name = shared_uuid; 3588 } 3589 } 3590 devip->sdbg_host = sdbg_host; 3591 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list); 3592 } 3593 return devip; 3594 } 3595 3596 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev) 3597 { 3598 struct sdebug_host_info *sdbg_host; 3599 struct sdebug_dev_info *open_devip = NULL; 3600 struct sdebug_dev_info *devip; 3601 3602 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host); 3603 if (!sdbg_host) { 3604 pr_err("Host info NULL\n"); 3605 return NULL; 3606 } 3607 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 3608 if ((devip->used) && (devip->channel == sdev->channel) && 3609 (devip->target == sdev->id) && 3610 (devip->lun == sdev->lun)) 3611 return devip; 3612 else { 3613 if ((!devip->used) && (!open_devip)) 3614 open_devip = devip; 3615 } 3616 } 3617 if (!open_devip) { /* try and make a new one */ 3618 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC); 3619 if (!open_devip) { 3620 pr_err("out of memory at line %d\n", __LINE__); 3621 return NULL; 3622 } 3623 } 3624 3625 open_devip->channel = sdev->channel; 3626 open_devip->target = sdev->id; 3627 open_devip->lun = sdev->lun; 3628 open_devip->sdbg_host = sdbg_host; 3629 atomic_set(&open_devip->num_in_q, 0); 3630 set_bit(SDEBUG_UA_POR, open_devip->uas_bm); 3631 open_devip->used = true; 3632 return open_devip; 3633 } 3634 3635 static int scsi_debug_slave_alloc(struct scsi_device *sdp) 3636 { 3637 if (sdebug_verbose) 3638 pr_info("slave_alloc <%u %u %u %llu>\n", 3639 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3640 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue); 3641 return 0; 3642 } 3643 3644 static int scsi_debug_slave_configure(struct scsi_device *sdp) 3645 { 3646 struct sdebug_dev_info *devip = 3647 (struct sdebug_dev_info *)sdp->hostdata; 3648 3649 if (sdebug_verbose) 3650 pr_info("slave_configure <%u %u %u %llu>\n", 3651 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3652 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN) 3653 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN; 3654 if (devip == NULL) { 3655 devip = find_build_dev_info(sdp); 3656 if (devip == NULL) 3657 return 1; /* no resources, will be marked offline */ 3658 } 3659 sdp->hostdata = devip; 3660 blk_queue_max_segment_size(sdp->request_queue, -1U); 3661 if (sdebug_no_uld) 3662 sdp->no_uld_attach = 1; 3663 return 0; 3664 } 3665 3666 static void scsi_debug_slave_destroy(struct scsi_device *sdp) 3667 { 3668 struct sdebug_dev_info *devip = 3669 (struct sdebug_dev_info *)sdp->hostdata; 3670 3671 if (sdebug_verbose) 3672 pr_info("slave_destroy <%u %u %u %llu>\n", 3673 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 3674 if (devip) { 3675 /* make this slot available for re-use */ 3676 devip->used = false; 3677 sdp->hostdata = NULL; 3678 } 3679 } 3680 3681 static void stop_qc_helper(struct sdebug_defer *sd_dp) 3682 { 3683 if (!sd_dp) 3684 return; 3685 if ((sdebug_jdelay > 0) || (sdebug_ndelay > 0)) 3686 hrtimer_cancel(&sd_dp->hrt); 3687 else if (sdebug_jdelay < 0) 3688 cancel_work_sync(&sd_dp->ew.work); 3689 } 3690 3691 /* If @cmnd found deletes its timer or work queue and returns true; else 3692 returns false */ 3693 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd) 3694 { 3695 unsigned long iflags; 3696 int j, k, qmax, r_qmax; 3697 struct sdebug_queue *sqp; 3698 struct sdebug_queued_cmd *sqcp; 3699 struct sdebug_dev_info *devip; 3700 struct sdebug_defer *sd_dp; 3701 3702 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 3703 spin_lock_irqsave(&sqp->qc_lock, iflags); 3704 qmax = sdebug_max_queue; 3705 r_qmax = atomic_read(&retired_max_queue); 3706 if (r_qmax > qmax) 3707 qmax = r_qmax; 3708 for (k = 0; k < qmax; ++k) { 3709 if (test_bit(k, sqp->in_use_bm)) { 3710 sqcp = &sqp->qc_arr[k]; 3711 if (cmnd != sqcp->a_cmnd) 3712 continue; 3713 /* found */ 3714 devip = (struct sdebug_dev_info *) 3715 cmnd->device->hostdata; 3716 if (devip) 3717 atomic_dec(&devip->num_in_q); 3718 sqcp->a_cmnd = NULL; 3719 sd_dp = sqcp->sd_dp; 3720 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3721 stop_qc_helper(sd_dp); 3722 clear_bit(k, sqp->in_use_bm); 3723 return true; 3724 } 3725 } 3726 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3727 } 3728 return false; 3729 } 3730 3731 /* Deletes (stops) timers or work queues of all queued commands */ 3732 static void stop_all_queued(void) 3733 { 3734 unsigned long iflags; 3735 int j, k; 3736 struct sdebug_queue *sqp; 3737 struct sdebug_queued_cmd *sqcp; 3738 struct sdebug_dev_info *devip; 3739 struct sdebug_defer *sd_dp; 3740 3741 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 3742 spin_lock_irqsave(&sqp->qc_lock, iflags); 3743 for (k = 0; k < SDEBUG_CANQUEUE; ++k) { 3744 if (test_bit(k, sqp->in_use_bm)) { 3745 sqcp = &sqp->qc_arr[k]; 3746 if (sqcp->a_cmnd == NULL) 3747 continue; 3748 devip = (struct sdebug_dev_info *) 3749 sqcp->a_cmnd->device->hostdata; 3750 if (devip) 3751 atomic_dec(&devip->num_in_q); 3752 sqcp->a_cmnd = NULL; 3753 sd_dp = sqcp->sd_dp; 3754 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3755 stop_qc_helper(sd_dp); 3756 clear_bit(k, sqp->in_use_bm); 3757 spin_lock_irqsave(&sqp->qc_lock, iflags); 3758 } 3759 } 3760 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 3761 } 3762 } 3763 3764 /* Free queued command memory on heap */ 3765 static void free_all_queued(void) 3766 { 3767 int j, k; 3768 struct sdebug_queue *sqp; 3769 struct sdebug_queued_cmd *sqcp; 3770 3771 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 3772 for (k = 0; k < SDEBUG_CANQUEUE; ++k) { 3773 sqcp = &sqp->qc_arr[k]; 3774 kfree(sqcp->sd_dp); 3775 sqcp->sd_dp = NULL; 3776 } 3777 } 3778 } 3779 3780 static int scsi_debug_abort(struct scsi_cmnd *SCpnt) 3781 { 3782 bool ok; 3783 3784 ++num_aborts; 3785 if (SCpnt) { 3786 ok = stop_queued_cmnd(SCpnt); 3787 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts)) 3788 sdev_printk(KERN_INFO, SCpnt->device, 3789 "%s: command%s found\n", __func__, 3790 ok ? "" : " not"); 3791 } 3792 return SUCCESS; 3793 } 3794 3795 static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt) 3796 { 3797 ++num_dev_resets; 3798 if (SCpnt && SCpnt->device) { 3799 struct scsi_device *sdp = SCpnt->device; 3800 struct sdebug_dev_info *devip = 3801 (struct sdebug_dev_info *)sdp->hostdata; 3802 3803 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 3804 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 3805 if (devip) 3806 set_bit(SDEBUG_UA_POR, devip->uas_bm); 3807 } 3808 return SUCCESS; 3809 } 3810 3811 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt) 3812 { 3813 struct sdebug_host_info *sdbg_host; 3814 struct sdebug_dev_info *devip; 3815 struct scsi_device *sdp; 3816 struct Scsi_Host *hp; 3817 int k = 0; 3818 3819 ++num_target_resets; 3820 if (!SCpnt) 3821 goto lie; 3822 sdp = SCpnt->device; 3823 if (!sdp) 3824 goto lie; 3825 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 3826 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 3827 hp = sdp->host; 3828 if (!hp) 3829 goto lie; 3830 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp); 3831 if (sdbg_host) { 3832 list_for_each_entry(devip, 3833 &sdbg_host->dev_info_list, 3834 dev_list) 3835 if (devip->target == sdp->id) { 3836 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 3837 ++k; 3838 } 3839 } 3840 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 3841 sdev_printk(KERN_INFO, sdp, 3842 "%s: %d device(s) found in target\n", __func__, k); 3843 lie: 3844 return SUCCESS; 3845 } 3846 3847 static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt) 3848 { 3849 struct sdebug_host_info *sdbg_host; 3850 struct sdebug_dev_info *devip; 3851 struct scsi_device * sdp; 3852 struct Scsi_Host * hp; 3853 int k = 0; 3854 3855 ++num_bus_resets; 3856 if (!(SCpnt && SCpnt->device)) 3857 goto lie; 3858 sdp = SCpnt->device; 3859 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 3860 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 3861 hp = sdp->host; 3862 if (hp) { 3863 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp); 3864 if (sdbg_host) { 3865 list_for_each_entry(devip, 3866 &sdbg_host->dev_info_list, 3867 dev_list) { 3868 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 3869 ++k; 3870 } 3871 } 3872 } 3873 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 3874 sdev_printk(KERN_INFO, sdp, 3875 "%s: %d device(s) found in host\n", __func__, k); 3876 lie: 3877 return SUCCESS; 3878 } 3879 3880 static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt) 3881 { 3882 struct sdebug_host_info * sdbg_host; 3883 struct sdebug_dev_info *devip; 3884 int k = 0; 3885 3886 ++num_host_resets; 3887 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts)) 3888 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__); 3889 spin_lock(&sdebug_host_list_lock); 3890 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 3891 list_for_each_entry(devip, &sdbg_host->dev_info_list, 3892 dev_list) { 3893 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 3894 ++k; 3895 } 3896 } 3897 spin_unlock(&sdebug_host_list_lock); 3898 stop_all_queued(); 3899 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 3900 sdev_printk(KERN_INFO, SCpnt->device, 3901 "%s: %d device(s) found\n", __func__, k); 3902 return SUCCESS; 3903 } 3904 3905 static void __init sdebug_build_parts(unsigned char *ramp, 3906 unsigned long store_size) 3907 { 3908 struct partition * pp; 3909 int starts[SDEBUG_MAX_PARTS + 2]; 3910 int sectors_per_part, num_sectors, k; 3911 int heads_by_sects, start_sec, end_sec; 3912 3913 /* assume partition table already zeroed */ 3914 if ((sdebug_num_parts < 1) || (store_size < 1048576)) 3915 return; 3916 if (sdebug_num_parts > SDEBUG_MAX_PARTS) { 3917 sdebug_num_parts = SDEBUG_MAX_PARTS; 3918 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS); 3919 } 3920 num_sectors = (int)sdebug_store_sectors; 3921 sectors_per_part = (num_sectors - sdebug_sectors_per) 3922 / sdebug_num_parts; 3923 heads_by_sects = sdebug_heads * sdebug_sectors_per; 3924 starts[0] = sdebug_sectors_per; 3925 for (k = 1; k < sdebug_num_parts; ++k) 3926 starts[k] = ((k * sectors_per_part) / heads_by_sects) 3927 * heads_by_sects; 3928 starts[sdebug_num_parts] = num_sectors; 3929 starts[sdebug_num_parts + 1] = 0; 3930 3931 ramp[510] = 0x55; /* magic partition markings */ 3932 ramp[511] = 0xAA; 3933 pp = (struct partition *)(ramp + 0x1be); 3934 for (k = 0; starts[k + 1]; ++k, ++pp) { 3935 start_sec = starts[k]; 3936 end_sec = starts[k + 1] - 1; 3937 pp->boot_ind = 0; 3938 3939 pp->cyl = start_sec / heads_by_sects; 3940 pp->head = (start_sec - (pp->cyl * heads_by_sects)) 3941 / sdebug_sectors_per; 3942 pp->sector = (start_sec % sdebug_sectors_per) + 1; 3943 3944 pp->end_cyl = end_sec / heads_by_sects; 3945 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects)) 3946 / sdebug_sectors_per; 3947 pp->end_sector = (end_sec % sdebug_sectors_per) + 1; 3948 3949 pp->start_sect = cpu_to_le32(start_sec); 3950 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1); 3951 pp->sys_ind = 0x83; /* plain Linux partition */ 3952 } 3953 } 3954 3955 static void block_unblock_all_queues(bool block) 3956 { 3957 int j; 3958 struct sdebug_queue *sqp; 3959 3960 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) 3961 atomic_set(&sqp->blocked, (int)block); 3962 } 3963 3964 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1 3965 * commands will be processed normally before triggers occur. 3966 */ 3967 static void tweak_cmnd_count(void) 3968 { 3969 int count, modulo; 3970 3971 modulo = abs(sdebug_every_nth); 3972 if (modulo < 2) 3973 return; 3974 block_unblock_all_queues(true); 3975 count = atomic_read(&sdebug_cmnd_count); 3976 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo); 3977 block_unblock_all_queues(false); 3978 } 3979 3980 static void clear_queue_stats(void) 3981 { 3982 atomic_set(&sdebug_cmnd_count, 0); 3983 atomic_set(&sdebug_completions, 0); 3984 atomic_set(&sdebug_miss_cpus, 0); 3985 atomic_set(&sdebug_a_tsf, 0); 3986 } 3987 3988 static void setup_inject(struct sdebug_queue *sqp, 3989 struct sdebug_queued_cmd *sqcp) 3990 { 3991 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) 3992 return; 3993 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts); 3994 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts); 3995 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts); 3996 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts); 3997 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts); 3998 } 3999 4000 /* Complete the processing of the thread that queued a SCSI command to this 4001 * driver. It either completes the command by calling cmnd_done() or 4002 * schedules a hr timer or work queue then returns 0. Returns 4003 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources. 4004 */ 4005 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip, 4006 int scsi_result, int delta_jiff) 4007 { 4008 unsigned long iflags; 4009 int k, num_in_q, qdepth, inject; 4010 struct sdebug_queue *sqp; 4011 struct sdebug_queued_cmd *sqcp; 4012 struct scsi_device *sdp; 4013 struct sdebug_defer *sd_dp; 4014 4015 if (unlikely(devip == NULL)) { 4016 if (scsi_result == 0) 4017 scsi_result = DID_NO_CONNECT << 16; 4018 goto respond_in_thread; 4019 } 4020 sdp = cmnd->device; 4021 4022 if (unlikely(sdebug_verbose && scsi_result)) 4023 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n", 4024 __func__, scsi_result); 4025 if (delta_jiff == 0) 4026 goto respond_in_thread; 4027 4028 /* schedule the response at a later time if resources permit */ 4029 sqp = get_queue(cmnd); 4030 spin_lock_irqsave(&sqp->qc_lock, iflags); 4031 if (unlikely(atomic_read(&sqp->blocked))) { 4032 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4033 return SCSI_MLQUEUE_HOST_BUSY; 4034 } 4035 num_in_q = atomic_read(&devip->num_in_q); 4036 qdepth = cmnd->device->queue_depth; 4037 inject = 0; 4038 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) { 4039 if (scsi_result) { 4040 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4041 goto respond_in_thread; 4042 } else 4043 scsi_result = device_qfull_result; 4044 } else if (unlikely(sdebug_every_nth && 4045 (SDEBUG_OPT_RARE_TSF & sdebug_opts) && 4046 (scsi_result == 0))) { 4047 if ((num_in_q == (qdepth - 1)) && 4048 (atomic_inc_return(&sdebug_a_tsf) >= 4049 abs(sdebug_every_nth))) { 4050 atomic_set(&sdebug_a_tsf, 0); 4051 inject = 1; 4052 scsi_result = device_qfull_result; 4053 } 4054 } 4055 4056 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue); 4057 if (unlikely(k >= sdebug_max_queue)) { 4058 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4059 if (scsi_result) 4060 goto respond_in_thread; 4061 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts) 4062 scsi_result = device_qfull_result; 4063 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) 4064 sdev_printk(KERN_INFO, sdp, 4065 "%s: max_queue=%d exceeded, %s\n", 4066 __func__, sdebug_max_queue, 4067 (scsi_result ? "status: TASK SET FULL" : 4068 "report: host busy")); 4069 if (scsi_result) 4070 goto respond_in_thread; 4071 else 4072 return SCSI_MLQUEUE_HOST_BUSY; 4073 } 4074 __set_bit(k, sqp->in_use_bm); 4075 atomic_inc(&devip->num_in_q); 4076 sqcp = &sqp->qc_arr[k]; 4077 sqcp->a_cmnd = cmnd; 4078 cmnd->host_scribble = (unsigned char *)sqcp; 4079 cmnd->result = scsi_result; 4080 sd_dp = sqcp->sd_dp; 4081 spin_unlock_irqrestore(&sqp->qc_lock, iflags); 4082 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt)) 4083 setup_inject(sqp, sqcp); 4084 if (delta_jiff > 0 || sdebug_ndelay > 0) { 4085 ktime_t kt; 4086 4087 if (delta_jiff > 0) { 4088 struct timespec ts; 4089 4090 jiffies_to_timespec(delta_jiff, &ts); 4091 kt = ktime_set(ts.tv_sec, ts.tv_nsec); 4092 } else 4093 kt = sdebug_ndelay; 4094 if (NULL == sd_dp) { 4095 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC); 4096 if (NULL == sd_dp) 4097 return SCSI_MLQUEUE_HOST_BUSY; 4098 sqcp->sd_dp = sd_dp; 4099 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, 4100 HRTIMER_MODE_REL_PINNED); 4101 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete; 4102 sd_dp->sqa_idx = sqp - sdebug_q_arr; 4103 sd_dp->qc_idx = k; 4104 } 4105 if (sdebug_statistics) 4106 sd_dp->issuing_cpu = raw_smp_processor_id(); 4107 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED); 4108 } else { /* jdelay < 0, use work queue */ 4109 if (NULL == sd_dp) { 4110 sd_dp = kzalloc(sizeof(*sqcp->sd_dp), GFP_ATOMIC); 4111 if (NULL == sd_dp) 4112 return SCSI_MLQUEUE_HOST_BUSY; 4113 sqcp->sd_dp = sd_dp; 4114 sd_dp->sqa_idx = sqp - sdebug_q_arr; 4115 sd_dp->qc_idx = k; 4116 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete); 4117 } 4118 if (sdebug_statistics) 4119 sd_dp->issuing_cpu = raw_smp_processor_id(); 4120 schedule_work(&sd_dp->ew.work); 4121 } 4122 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && 4123 (scsi_result == device_qfull_result))) 4124 sdev_printk(KERN_INFO, sdp, 4125 "%s: num_in_q=%d +1, %s%s\n", __func__, 4126 num_in_q, (inject ? "<inject> " : ""), 4127 "status: TASK SET FULL"); 4128 return 0; 4129 4130 respond_in_thread: /* call back to mid-layer using invocation thread */ 4131 cmnd->result = scsi_result; 4132 cmnd->scsi_done(cmnd); 4133 return 0; 4134 } 4135 4136 /* Note: The following macros create attribute files in the 4137 /sys/module/scsi_debug/parameters directory. Unfortunately this 4138 driver is unaware of a change and cannot trigger auxiliary actions 4139 as it can when the corresponding attribute in the 4140 /sys/bus/pseudo/drivers/scsi_debug directory is changed. 4141 */ 4142 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR); 4143 module_param_named(ato, sdebug_ato, int, S_IRUGO); 4144 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR); 4145 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR); 4146 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO); 4147 module_param_named(dif, sdebug_dif, int, S_IRUGO); 4148 module_param_named(dix, sdebug_dix, int, S_IRUGO); 4149 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR); 4150 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR); 4151 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR); 4152 module_param_named(guard, sdebug_guard, uint, S_IRUGO); 4153 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR); 4154 module_param_string(inq_vendor, sdebug_inq_vendor_id, 4155 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR); 4156 module_param_string(inq_product, sdebug_inq_product_id, 4157 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR); 4158 module_param_string(inq_rev, sdebug_inq_product_rev, 4159 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR); 4160 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO); 4161 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO); 4162 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO); 4163 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO); 4164 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO); 4165 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR); 4166 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR); 4167 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR); 4168 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR); 4169 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO); 4170 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO); 4171 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR); 4172 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO); 4173 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR); 4174 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO); 4175 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO); 4176 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR); 4177 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR); 4178 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO); 4179 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO); 4180 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR); 4181 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR); 4182 module_param_named(submit_queues, submit_queues, int, S_IRUGO); 4183 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO); 4184 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO); 4185 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO); 4186 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO); 4187 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR); 4188 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO); 4189 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int, 4190 S_IRUGO | S_IWUSR); 4191 module_param_named(write_same_length, sdebug_write_same_length, int, 4192 S_IRUGO | S_IWUSR); 4193 4194 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert"); 4195 MODULE_DESCRIPTION("SCSI debug adapter driver"); 4196 MODULE_LICENSE("GPL"); 4197 MODULE_VERSION(SDEBUG_VERSION); 4198 4199 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)"); 4200 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)"); 4201 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)"); 4202 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny"); 4203 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)"); 4204 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)"); 4205 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)"); 4206 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)"); 4207 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)"); 4208 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)"); 4209 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)"); 4210 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)"); 4211 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")"); 4212 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")"); 4213 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\"0186\")"); 4214 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)"); 4215 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)"); 4216 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)"); 4217 MODULE_PARM_DESC(lbprz, 4218 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2"); 4219 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)"); 4220 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)"); 4221 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))"); 4222 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)"); 4223 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)"); 4224 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))"); 4225 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)"); 4226 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)"); 4227 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)"); 4228 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)"); 4229 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)"); 4230 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)"); 4231 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])"); 4232 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)"); 4233 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])"); 4234 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)"); 4235 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)"); 4236 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)"); 4237 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)"); 4238 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)"); 4239 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)"); 4240 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)"); 4241 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)"); 4242 MODULE_PARM_DESC(uuid_ctl, 4243 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)"); 4244 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)"); 4245 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)"); 4246 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)"); 4247 4248 #define SDEBUG_INFO_LEN 256 4249 static char sdebug_info[SDEBUG_INFO_LEN]; 4250 4251 static const char * scsi_debug_info(struct Scsi_Host * shp) 4252 { 4253 int k; 4254 4255 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n", 4256 my_name, SDEBUG_VERSION, sdebug_version_date); 4257 if (k >= (SDEBUG_INFO_LEN - 1)) 4258 return sdebug_info; 4259 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k, 4260 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d", 4261 sdebug_dev_size_mb, sdebug_opts, submit_queues, 4262 "statistics", (int)sdebug_statistics); 4263 return sdebug_info; 4264 } 4265 4266 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */ 4267 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, 4268 int length) 4269 { 4270 char arr[16]; 4271 int opts; 4272 int minLen = length > 15 ? 15 : length; 4273 4274 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 4275 return -EACCES; 4276 memcpy(arr, buffer, minLen); 4277 arr[minLen] = '\0'; 4278 if (1 != sscanf(arr, "%d", &opts)) 4279 return -EINVAL; 4280 sdebug_opts = opts; 4281 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 4282 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 4283 if (sdebug_every_nth != 0) 4284 tweak_cmnd_count(); 4285 return length; 4286 } 4287 4288 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the 4289 * same for each scsi_debug host (if more than one). Some of the counters 4290 * output are not atomics so might be inaccurate in a busy system. */ 4291 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host) 4292 { 4293 int f, j, l; 4294 struct sdebug_queue *sqp; 4295 4296 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n", 4297 SDEBUG_VERSION, sdebug_version_date); 4298 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n", 4299 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb, 4300 sdebug_opts, sdebug_every_nth); 4301 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n", 4302 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns, 4303 sdebug_sector_size, "bytes"); 4304 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n", 4305 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per, 4306 num_aborts); 4307 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n", 4308 num_dev_resets, num_target_resets, num_bus_resets, 4309 num_host_resets); 4310 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n", 4311 dix_reads, dix_writes, dif_errors); 4312 seq_printf(m, "usec_in_jiffy=%lu, %s=%d, mq_active=%d\n", 4313 TICK_NSEC / 1000, "statistics", sdebug_statistics, 4314 sdebug_mq_active); 4315 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n", 4316 atomic_read(&sdebug_cmnd_count), 4317 atomic_read(&sdebug_completions), 4318 "miss_cpus", atomic_read(&sdebug_miss_cpus), 4319 atomic_read(&sdebug_a_tsf)); 4320 4321 seq_printf(m, "submit_queues=%d\n", submit_queues); 4322 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) { 4323 seq_printf(m, " queue %d:\n", j); 4324 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue); 4325 if (f != sdebug_max_queue) { 4326 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue); 4327 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n", 4328 "first,last bits", f, l); 4329 } 4330 } 4331 return 0; 4332 } 4333 4334 static ssize_t delay_show(struct device_driver *ddp, char *buf) 4335 { 4336 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay); 4337 } 4338 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit 4339 * of delay is jiffies. 4340 */ 4341 static ssize_t delay_store(struct device_driver *ddp, const char *buf, 4342 size_t count) 4343 { 4344 int jdelay, res; 4345 4346 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) { 4347 res = count; 4348 if (sdebug_jdelay != jdelay) { 4349 int j, k; 4350 struct sdebug_queue *sqp; 4351 4352 block_unblock_all_queues(true); 4353 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4354 ++j, ++sqp) { 4355 k = find_first_bit(sqp->in_use_bm, 4356 sdebug_max_queue); 4357 if (k != sdebug_max_queue) { 4358 res = -EBUSY; /* queued commands */ 4359 break; 4360 } 4361 } 4362 if (res > 0) { 4363 /* make sure sdebug_defer instances get 4364 * re-allocated for new delay variant */ 4365 free_all_queued(); 4366 sdebug_jdelay = jdelay; 4367 sdebug_ndelay = 0; 4368 } 4369 block_unblock_all_queues(false); 4370 } 4371 return res; 4372 } 4373 return -EINVAL; 4374 } 4375 static DRIVER_ATTR_RW(delay); 4376 4377 static ssize_t ndelay_show(struct device_driver *ddp, char *buf) 4378 { 4379 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay); 4380 } 4381 /* Returns -EBUSY if ndelay is being changed and commands are queued */ 4382 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */ 4383 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf, 4384 size_t count) 4385 { 4386 int ndelay, res; 4387 4388 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) && 4389 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) { 4390 res = count; 4391 if (sdebug_ndelay != ndelay) { 4392 int j, k; 4393 struct sdebug_queue *sqp; 4394 4395 block_unblock_all_queues(true); 4396 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4397 ++j, ++sqp) { 4398 k = find_first_bit(sqp->in_use_bm, 4399 sdebug_max_queue); 4400 if (k != sdebug_max_queue) { 4401 res = -EBUSY; /* queued commands */ 4402 break; 4403 } 4404 } 4405 if (res > 0) { 4406 /* make sure sdebug_defer instances get 4407 * re-allocated for new delay variant */ 4408 free_all_queued(); 4409 sdebug_ndelay = ndelay; 4410 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN 4411 : DEF_JDELAY; 4412 } 4413 block_unblock_all_queues(false); 4414 } 4415 return res; 4416 } 4417 return -EINVAL; 4418 } 4419 static DRIVER_ATTR_RW(ndelay); 4420 4421 static ssize_t opts_show(struct device_driver *ddp, char *buf) 4422 { 4423 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts); 4424 } 4425 4426 static ssize_t opts_store(struct device_driver *ddp, const char *buf, 4427 size_t count) 4428 { 4429 int opts; 4430 char work[20]; 4431 4432 if (1 == sscanf(buf, "%10s", work)) { 4433 if (0 == strncasecmp(work,"0x", 2)) { 4434 if (1 == sscanf(&work[2], "%x", &opts)) 4435 goto opts_done; 4436 } else { 4437 if (1 == sscanf(work, "%d", &opts)) 4438 goto opts_done; 4439 } 4440 } 4441 return -EINVAL; 4442 opts_done: 4443 sdebug_opts = opts; 4444 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 4445 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 4446 tweak_cmnd_count(); 4447 return count; 4448 } 4449 static DRIVER_ATTR_RW(opts); 4450 4451 static ssize_t ptype_show(struct device_driver *ddp, char *buf) 4452 { 4453 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype); 4454 } 4455 static ssize_t ptype_store(struct device_driver *ddp, const char *buf, 4456 size_t count) 4457 { 4458 int n; 4459 4460 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4461 sdebug_ptype = n; 4462 return count; 4463 } 4464 return -EINVAL; 4465 } 4466 static DRIVER_ATTR_RW(ptype); 4467 4468 static ssize_t dsense_show(struct device_driver *ddp, char *buf) 4469 { 4470 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense); 4471 } 4472 static ssize_t dsense_store(struct device_driver *ddp, const char *buf, 4473 size_t count) 4474 { 4475 int n; 4476 4477 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4478 sdebug_dsense = n; 4479 return count; 4480 } 4481 return -EINVAL; 4482 } 4483 static DRIVER_ATTR_RW(dsense); 4484 4485 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf) 4486 { 4487 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw); 4488 } 4489 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf, 4490 size_t count) 4491 { 4492 int n; 4493 4494 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4495 n = (n > 0); 4496 sdebug_fake_rw = (sdebug_fake_rw > 0); 4497 if (sdebug_fake_rw != n) { 4498 if ((0 == n) && (NULL == fake_storep)) { 4499 unsigned long sz = 4500 (unsigned long)sdebug_dev_size_mb * 4501 1048576; 4502 4503 fake_storep = vmalloc(sz); 4504 if (NULL == fake_storep) { 4505 pr_err("out of memory, 9\n"); 4506 return -ENOMEM; 4507 } 4508 memset(fake_storep, 0, sz); 4509 } 4510 sdebug_fake_rw = n; 4511 } 4512 return count; 4513 } 4514 return -EINVAL; 4515 } 4516 static DRIVER_ATTR_RW(fake_rw); 4517 4518 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf) 4519 { 4520 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0); 4521 } 4522 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf, 4523 size_t count) 4524 { 4525 int n; 4526 4527 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4528 sdebug_no_lun_0 = n; 4529 return count; 4530 } 4531 return -EINVAL; 4532 } 4533 static DRIVER_ATTR_RW(no_lun_0); 4534 4535 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf) 4536 { 4537 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts); 4538 } 4539 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf, 4540 size_t count) 4541 { 4542 int n; 4543 4544 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4545 sdebug_num_tgts = n; 4546 sdebug_max_tgts_luns(); 4547 return count; 4548 } 4549 return -EINVAL; 4550 } 4551 static DRIVER_ATTR_RW(num_tgts); 4552 4553 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf) 4554 { 4555 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb); 4556 } 4557 static DRIVER_ATTR_RO(dev_size_mb); 4558 4559 static ssize_t num_parts_show(struct device_driver *ddp, char *buf) 4560 { 4561 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts); 4562 } 4563 static DRIVER_ATTR_RO(num_parts); 4564 4565 static ssize_t every_nth_show(struct device_driver *ddp, char *buf) 4566 { 4567 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth); 4568 } 4569 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf, 4570 size_t count) 4571 { 4572 int nth; 4573 4574 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) { 4575 sdebug_every_nth = nth; 4576 if (nth && !sdebug_statistics) { 4577 pr_info("every_nth needs statistics=1, set it\n"); 4578 sdebug_statistics = true; 4579 } 4580 tweak_cmnd_count(); 4581 return count; 4582 } 4583 return -EINVAL; 4584 } 4585 static DRIVER_ATTR_RW(every_nth); 4586 4587 static ssize_t max_luns_show(struct device_driver *ddp, char *buf) 4588 { 4589 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns); 4590 } 4591 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf, 4592 size_t count) 4593 { 4594 int n; 4595 bool changed; 4596 4597 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4598 if (n > 256) { 4599 pr_warn("max_luns can be no more than 256\n"); 4600 return -EINVAL; 4601 } 4602 changed = (sdebug_max_luns != n); 4603 sdebug_max_luns = n; 4604 sdebug_max_tgts_luns(); 4605 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */ 4606 struct sdebug_host_info *sdhp; 4607 struct sdebug_dev_info *dp; 4608 4609 spin_lock(&sdebug_host_list_lock); 4610 list_for_each_entry(sdhp, &sdebug_host_list, 4611 host_list) { 4612 list_for_each_entry(dp, &sdhp->dev_info_list, 4613 dev_list) { 4614 set_bit(SDEBUG_UA_LUNS_CHANGED, 4615 dp->uas_bm); 4616 } 4617 } 4618 spin_unlock(&sdebug_host_list_lock); 4619 } 4620 return count; 4621 } 4622 return -EINVAL; 4623 } 4624 static DRIVER_ATTR_RW(max_luns); 4625 4626 static ssize_t max_queue_show(struct device_driver *ddp, char *buf) 4627 { 4628 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue); 4629 } 4630 /* N.B. max_queue can be changed while there are queued commands. In flight 4631 * commands beyond the new max_queue will be completed. */ 4632 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf, 4633 size_t count) 4634 { 4635 int j, n, k, a; 4636 struct sdebug_queue *sqp; 4637 4638 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) && 4639 (n <= SDEBUG_CANQUEUE)) { 4640 block_unblock_all_queues(true); 4641 k = 0; 4642 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; 4643 ++j, ++sqp) { 4644 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE); 4645 if (a > k) 4646 k = a; 4647 } 4648 sdebug_max_queue = n; 4649 if (k == SDEBUG_CANQUEUE) 4650 atomic_set(&retired_max_queue, 0); 4651 else if (k >= n) 4652 atomic_set(&retired_max_queue, k + 1); 4653 else 4654 atomic_set(&retired_max_queue, 0); 4655 block_unblock_all_queues(false); 4656 return count; 4657 } 4658 return -EINVAL; 4659 } 4660 static DRIVER_ATTR_RW(max_queue); 4661 4662 static ssize_t no_uld_show(struct device_driver *ddp, char *buf) 4663 { 4664 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld); 4665 } 4666 static DRIVER_ATTR_RO(no_uld); 4667 4668 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf) 4669 { 4670 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level); 4671 } 4672 static DRIVER_ATTR_RO(scsi_level); 4673 4674 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf) 4675 { 4676 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb); 4677 } 4678 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf, 4679 size_t count) 4680 { 4681 int n; 4682 bool changed; 4683 4684 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4685 changed = (sdebug_virtual_gb != n); 4686 sdebug_virtual_gb = n; 4687 sdebug_capacity = get_sdebug_capacity(); 4688 if (changed) { 4689 struct sdebug_host_info *sdhp; 4690 struct sdebug_dev_info *dp; 4691 4692 spin_lock(&sdebug_host_list_lock); 4693 list_for_each_entry(sdhp, &sdebug_host_list, 4694 host_list) { 4695 list_for_each_entry(dp, &sdhp->dev_info_list, 4696 dev_list) { 4697 set_bit(SDEBUG_UA_CAPACITY_CHANGED, 4698 dp->uas_bm); 4699 } 4700 } 4701 spin_unlock(&sdebug_host_list_lock); 4702 } 4703 return count; 4704 } 4705 return -EINVAL; 4706 } 4707 static DRIVER_ATTR_RW(virtual_gb); 4708 4709 static ssize_t add_host_show(struct device_driver *ddp, char *buf) 4710 { 4711 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host); 4712 } 4713 4714 static int sdebug_add_adapter(void); 4715 static void sdebug_remove_adapter(void); 4716 4717 static ssize_t add_host_store(struct device_driver *ddp, const char *buf, 4718 size_t count) 4719 { 4720 int delta_hosts; 4721 4722 if (sscanf(buf, "%d", &delta_hosts) != 1) 4723 return -EINVAL; 4724 if (delta_hosts > 0) { 4725 do { 4726 sdebug_add_adapter(); 4727 } while (--delta_hosts); 4728 } else if (delta_hosts < 0) { 4729 do { 4730 sdebug_remove_adapter(); 4731 } while (++delta_hosts); 4732 } 4733 return count; 4734 } 4735 static DRIVER_ATTR_RW(add_host); 4736 4737 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf) 4738 { 4739 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno); 4740 } 4741 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf, 4742 size_t count) 4743 { 4744 int n; 4745 4746 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4747 sdebug_vpd_use_hostno = n; 4748 return count; 4749 } 4750 return -EINVAL; 4751 } 4752 static DRIVER_ATTR_RW(vpd_use_hostno); 4753 4754 static ssize_t statistics_show(struct device_driver *ddp, char *buf) 4755 { 4756 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics); 4757 } 4758 static ssize_t statistics_store(struct device_driver *ddp, const char *buf, 4759 size_t count) 4760 { 4761 int n; 4762 4763 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) { 4764 if (n > 0) 4765 sdebug_statistics = true; 4766 else { 4767 clear_queue_stats(); 4768 sdebug_statistics = false; 4769 } 4770 return count; 4771 } 4772 return -EINVAL; 4773 } 4774 static DRIVER_ATTR_RW(statistics); 4775 4776 static ssize_t sector_size_show(struct device_driver *ddp, char *buf) 4777 { 4778 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size); 4779 } 4780 static DRIVER_ATTR_RO(sector_size); 4781 4782 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf) 4783 { 4784 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues); 4785 } 4786 static DRIVER_ATTR_RO(submit_queues); 4787 4788 static ssize_t dix_show(struct device_driver *ddp, char *buf) 4789 { 4790 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix); 4791 } 4792 static DRIVER_ATTR_RO(dix); 4793 4794 static ssize_t dif_show(struct device_driver *ddp, char *buf) 4795 { 4796 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif); 4797 } 4798 static DRIVER_ATTR_RO(dif); 4799 4800 static ssize_t guard_show(struct device_driver *ddp, char *buf) 4801 { 4802 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard); 4803 } 4804 static DRIVER_ATTR_RO(guard); 4805 4806 static ssize_t ato_show(struct device_driver *ddp, char *buf) 4807 { 4808 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato); 4809 } 4810 static DRIVER_ATTR_RO(ato); 4811 4812 static ssize_t map_show(struct device_driver *ddp, char *buf) 4813 { 4814 ssize_t count; 4815 4816 if (!scsi_debug_lbp()) 4817 return scnprintf(buf, PAGE_SIZE, "0-%u\n", 4818 sdebug_store_sectors); 4819 4820 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl", 4821 (int)map_size, map_storep); 4822 buf[count++] = '\n'; 4823 buf[count] = '\0'; 4824 4825 return count; 4826 } 4827 static DRIVER_ATTR_RO(map); 4828 4829 static ssize_t removable_show(struct device_driver *ddp, char *buf) 4830 { 4831 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0); 4832 } 4833 static ssize_t removable_store(struct device_driver *ddp, const char *buf, 4834 size_t count) 4835 { 4836 int n; 4837 4838 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4839 sdebug_removable = (n > 0); 4840 return count; 4841 } 4842 return -EINVAL; 4843 } 4844 static DRIVER_ATTR_RW(removable); 4845 4846 static ssize_t host_lock_show(struct device_driver *ddp, char *buf) 4847 { 4848 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock); 4849 } 4850 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */ 4851 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf, 4852 size_t count) 4853 { 4854 int n; 4855 4856 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4857 sdebug_host_lock = (n > 0); 4858 return count; 4859 } 4860 return -EINVAL; 4861 } 4862 static DRIVER_ATTR_RW(host_lock); 4863 4864 static ssize_t strict_show(struct device_driver *ddp, char *buf) 4865 { 4866 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict); 4867 } 4868 static ssize_t strict_store(struct device_driver *ddp, const char *buf, 4869 size_t count) 4870 { 4871 int n; 4872 4873 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 4874 sdebug_strict = (n > 0); 4875 return count; 4876 } 4877 return -EINVAL; 4878 } 4879 static DRIVER_ATTR_RW(strict); 4880 4881 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf) 4882 { 4883 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl); 4884 } 4885 static DRIVER_ATTR_RO(uuid_ctl); 4886 4887 4888 /* Note: The following array creates attribute files in the 4889 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these 4890 files (over those found in the /sys/module/scsi_debug/parameters 4891 directory) is that auxiliary actions can be triggered when an attribute 4892 is changed. For example see: sdebug_add_host_store() above. 4893 */ 4894 4895 static struct attribute *sdebug_drv_attrs[] = { 4896 &driver_attr_delay.attr, 4897 &driver_attr_opts.attr, 4898 &driver_attr_ptype.attr, 4899 &driver_attr_dsense.attr, 4900 &driver_attr_fake_rw.attr, 4901 &driver_attr_no_lun_0.attr, 4902 &driver_attr_num_tgts.attr, 4903 &driver_attr_dev_size_mb.attr, 4904 &driver_attr_num_parts.attr, 4905 &driver_attr_every_nth.attr, 4906 &driver_attr_max_luns.attr, 4907 &driver_attr_max_queue.attr, 4908 &driver_attr_no_uld.attr, 4909 &driver_attr_scsi_level.attr, 4910 &driver_attr_virtual_gb.attr, 4911 &driver_attr_add_host.attr, 4912 &driver_attr_vpd_use_hostno.attr, 4913 &driver_attr_sector_size.attr, 4914 &driver_attr_statistics.attr, 4915 &driver_attr_submit_queues.attr, 4916 &driver_attr_dix.attr, 4917 &driver_attr_dif.attr, 4918 &driver_attr_guard.attr, 4919 &driver_attr_ato.attr, 4920 &driver_attr_map.attr, 4921 &driver_attr_removable.attr, 4922 &driver_attr_host_lock.attr, 4923 &driver_attr_ndelay.attr, 4924 &driver_attr_strict.attr, 4925 &driver_attr_uuid_ctl.attr, 4926 NULL, 4927 }; 4928 ATTRIBUTE_GROUPS(sdebug_drv); 4929 4930 static struct device *pseudo_primary; 4931 4932 static int __init scsi_debug_init(void) 4933 { 4934 unsigned long sz; 4935 int host_to_add; 4936 int k; 4937 int ret; 4938 4939 atomic_set(&retired_max_queue, 0); 4940 4941 if (sdebug_ndelay >= 1000 * 1000 * 1000) { 4942 pr_warn("ndelay must be less than 1 second, ignored\n"); 4943 sdebug_ndelay = 0; 4944 } else if (sdebug_ndelay > 0) 4945 sdebug_jdelay = JDELAY_OVERRIDDEN; 4946 4947 switch (sdebug_sector_size) { 4948 case 512: 4949 case 1024: 4950 case 2048: 4951 case 4096: 4952 break; 4953 default: 4954 pr_err("invalid sector_size %d\n", sdebug_sector_size); 4955 return -EINVAL; 4956 } 4957 4958 switch (sdebug_dif) { 4959 case T10_PI_TYPE0_PROTECTION: 4960 break; 4961 case T10_PI_TYPE1_PROTECTION: 4962 case T10_PI_TYPE2_PROTECTION: 4963 case T10_PI_TYPE3_PROTECTION: 4964 have_dif_prot = true; 4965 break; 4966 4967 default: 4968 pr_err("dif must be 0, 1, 2 or 3\n"); 4969 return -EINVAL; 4970 } 4971 4972 if (sdebug_guard > 1) { 4973 pr_err("guard must be 0 or 1\n"); 4974 return -EINVAL; 4975 } 4976 4977 if (sdebug_ato > 1) { 4978 pr_err("ato must be 0 or 1\n"); 4979 return -EINVAL; 4980 } 4981 4982 if (sdebug_physblk_exp > 15) { 4983 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp); 4984 return -EINVAL; 4985 } 4986 if (sdebug_max_luns > 256) { 4987 pr_warn("max_luns can be no more than 256, use default\n"); 4988 sdebug_max_luns = DEF_MAX_LUNS; 4989 } 4990 4991 if (sdebug_lowest_aligned > 0x3fff) { 4992 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned); 4993 return -EINVAL; 4994 } 4995 4996 if (submit_queues < 1) { 4997 pr_err("submit_queues must be 1 or more\n"); 4998 return -EINVAL; 4999 } 5000 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue), 5001 GFP_KERNEL); 5002 if (sdebug_q_arr == NULL) 5003 return -ENOMEM; 5004 for (k = 0; k < submit_queues; ++k) 5005 spin_lock_init(&sdebug_q_arr[k].qc_lock); 5006 5007 if (sdebug_dev_size_mb < 1) 5008 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */ 5009 sz = (unsigned long)sdebug_dev_size_mb * 1048576; 5010 sdebug_store_sectors = sz / sdebug_sector_size; 5011 sdebug_capacity = get_sdebug_capacity(); 5012 5013 /* play around with geometry, don't waste too much on track 0 */ 5014 sdebug_heads = 8; 5015 sdebug_sectors_per = 32; 5016 if (sdebug_dev_size_mb >= 256) 5017 sdebug_heads = 64; 5018 else if (sdebug_dev_size_mb >= 16) 5019 sdebug_heads = 32; 5020 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 5021 (sdebug_sectors_per * sdebug_heads); 5022 if (sdebug_cylinders_per >= 1024) { 5023 /* other LLDs do this; implies >= 1GB ram disk ... */ 5024 sdebug_heads = 255; 5025 sdebug_sectors_per = 63; 5026 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 5027 (sdebug_sectors_per * sdebug_heads); 5028 } 5029 5030 if (sdebug_fake_rw == 0) { 5031 fake_storep = vmalloc(sz); 5032 if (NULL == fake_storep) { 5033 pr_err("out of memory, 1\n"); 5034 ret = -ENOMEM; 5035 goto free_q_arr; 5036 } 5037 memset(fake_storep, 0, sz); 5038 if (sdebug_num_parts > 0) 5039 sdebug_build_parts(fake_storep, sz); 5040 } 5041 5042 if (sdebug_dix) { 5043 int dif_size; 5044 5045 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple); 5046 dif_storep = vmalloc(dif_size); 5047 5048 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep); 5049 5050 if (dif_storep == NULL) { 5051 pr_err("out of mem. (DIX)\n"); 5052 ret = -ENOMEM; 5053 goto free_vm; 5054 } 5055 5056 memset(dif_storep, 0xff, dif_size); 5057 } 5058 5059 /* Logical Block Provisioning */ 5060 if (scsi_debug_lbp()) { 5061 sdebug_unmap_max_blocks = 5062 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU); 5063 5064 sdebug_unmap_max_desc = 5065 clamp(sdebug_unmap_max_desc, 0U, 256U); 5066 5067 sdebug_unmap_granularity = 5068 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU); 5069 5070 if (sdebug_unmap_alignment && 5071 sdebug_unmap_granularity <= 5072 sdebug_unmap_alignment) { 5073 pr_err("ERR: unmap_granularity <= unmap_alignment\n"); 5074 ret = -EINVAL; 5075 goto free_vm; 5076 } 5077 5078 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1; 5079 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long)); 5080 5081 pr_info("%lu provisioning blocks\n", map_size); 5082 5083 if (map_storep == NULL) { 5084 pr_err("out of mem. (MAP)\n"); 5085 ret = -ENOMEM; 5086 goto free_vm; 5087 } 5088 5089 bitmap_zero(map_storep, map_size); 5090 5091 /* Map first 1KB for partition table */ 5092 if (sdebug_num_parts) 5093 map_region(0, 2); 5094 } 5095 5096 pseudo_primary = root_device_register("pseudo_0"); 5097 if (IS_ERR(pseudo_primary)) { 5098 pr_warn("root_device_register() error\n"); 5099 ret = PTR_ERR(pseudo_primary); 5100 goto free_vm; 5101 } 5102 ret = bus_register(&pseudo_lld_bus); 5103 if (ret < 0) { 5104 pr_warn("bus_register error: %d\n", ret); 5105 goto dev_unreg; 5106 } 5107 ret = driver_register(&sdebug_driverfs_driver); 5108 if (ret < 0) { 5109 pr_warn("driver_register error: %d\n", ret); 5110 goto bus_unreg; 5111 } 5112 5113 host_to_add = sdebug_add_host; 5114 sdebug_add_host = 0; 5115 5116 for (k = 0; k < host_to_add; k++) { 5117 if (sdebug_add_adapter()) { 5118 pr_err("sdebug_add_adapter failed k=%d\n", k); 5119 break; 5120 } 5121 } 5122 5123 if (sdebug_verbose) 5124 pr_info("built %d host(s)\n", sdebug_add_host); 5125 5126 return 0; 5127 5128 bus_unreg: 5129 bus_unregister(&pseudo_lld_bus); 5130 dev_unreg: 5131 root_device_unregister(pseudo_primary); 5132 free_vm: 5133 vfree(map_storep); 5134 vfree(dif_storep); 5135 vfree(fake_storep); 5136 free_q_arr: 5137 kfree(sdebug_q_arr); 5138 return ret; 5139 } 5140 5141 static void __exit scsi_debug_exit(void) 5142 { 5143 int k = sdebug_add_host; 5144 5145 stop_all_queued(); 5146 free_all_queued(); 5147 for (; k; k--) 5148 sdebug_remove_adapter(); 5149 driver_unregister(&sdebug_driverfs_driver); 5150 bus_unregister(&pseudo_lld_bus); 5151 root_device_unregister(pseudo_primary); 5152 5153 vfree(map_storep); 5154 vfree(dif_storep); 5155 vfree(fake_storep); 5156 kfree(sdebug_q_arr); 5157 } 5158 5159 device_initcall(scsi_debug_init); 5160 module_exit(scsi_debug_exit); 5161 5162 static void sdebug_release_adapter(struct device * dev) 5163 { 5164 struct sdebug_host_info *sdbg_host; 5165 5166 sdbg_host = to_sdebug_host(dev); 5167 kfree(sdbg_host); 5168 } 5169 5170 static int sdebug_add_adapter(void) 5171 { 5172 int k, devs_per_host; 5173 int error = 0; 5174 struct sdebug_host_info *sdbg_host; 5175 struct sdebug_dev_info *sdbg_devinfo, *tmp; 5176 5177 sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL); 5178 if (NULL == sdbg_host) { 5179 pr_err("out of memory at line %d\n", __LINE__); 5180 return -ENOMEM; 5181 } 5182 5183 INIT_LIST_HEAD(&sdbg_host->dev_info_list); 5184 5185 devs_per_host = sdebug_num_tgts * sdebug_max_luns; 5186 for (k = 0; k < devs_per_host; k++) { 5187 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL); 5188 if (!sdbg_devinfo) { 5189 pr_err("out of memory at line %d\n", __LINE__); 5190 error = -ENOMEM; 5191 goto clean; 5192 } 5193 } 5194 5195 spin_lock(&sdebug_host_list_lock); 5196 list_add_tail(&sdbg_host->host_list, &sdebug_host_list); 5197 spin_unlock(&sdebug_host_list_lock); 5198 5199 sdbg_host->dev.bus = &pseudo_lld_bus; 5200 sdbg_host->dev.parent = pseudo_primary; 5201 sdbg_host->dev.release = &sdebug_release_adapter; 5202 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host); 5203 5204 error = device_register(&sdbg_host->dev); 5205 5206 if (error) 5207 goto clean; 5208 5209 ++sdebug_add_host; 5210 return error; 5211 5212 clean: 5213 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 5214 dev_list) { 5215 list_del(&sdbg_devinfo->dev_list); 5216 kfree(sdbg_devinfo); 5217 } 5218 5219 kfree(sdbg_host); 5220 return error; 5221 } 5222 5223 static void sdebug_remove_adapter(void) 5224 { 5225 struct sdebug_host_info * sdbg_host = NULL; 5226 5227 spin_lock(&sdebug_host_list_lock); 5228 if (!list_empty(&sdebug_host_list)) { 5229 sdbg_host = list_entry(sdebug_host_list.prev, 5230 struct sdebug_host_info, host_list); 5231 list_del(&sdbg_host->host_list); 5232 } 5233 spin_unlock(&sdebug_host_list_lock); 5234 5235 if (!sdbg_host) 5236 return; 5237 5238 device_unregister(&sdbg_host->dev); 5239 --sdebug_add_host; 5240 } 5241 5242 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth) 5243 { 5244 int num_in_q = 0; 5245 struct sdebug_dev_info *devip; 5246 5247 block_unblock_all_queues(true); 5248 devip = (struct sdebug_dev_info *)sdev->hostdata; 5249 if (NULL == devip) { 5250 block_unblock_all_queues(false); 5251 return -ENODEV; 5252 } 5253 num_in_q = atomic_read(&devip->num_in_q); 5254 5255 if (qdepth < 1) 5256 qdepth = 1; 5257 /* allow to exceed max host qc_arr elements for testing */ 5258 if (qdepth > SDEBUG_CANQUEUE + 10) 5259 qdepth = SDEBUG_CANQUEUE + 10; 5260 scsi_change_queue_depth(sdev, qdepth); 5261 5262 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) { 5263 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n", 5264 __func__, qdepth, num_in_q); 5265 } 5266 block_unblock_all_queues(false); 5267 return sdev->queue_depth; 5268 } 5269 5270 static bool fake_timeout(struct scsi_cmnd *scp) 5271 { 5272 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) { 5273 if (sdebug_every_nth < -1) 5274 sdebug_every_nth = -1; 5275 if (SDEBUG_OPT_TIMEOUT & sdebug_opts) 5276 return true; /* ignore command causing timeout */ 5277 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts && 5278 scsi_medium_access_command(scp)) 5279 return true; /* time out reads and writes */ 5280 } 5281 return false; 5282 } 5283 5284 static int scsi_debug_queuecommand(struct Scsi_Host *shost, 5285 struct scsi_cmnd *scp) 5286 { 5287 u8 sdeb_i; 5288 struct scsi_device *sdp = scp->device; 5289 const struct opcode_info_t *oip; 5290 const struct opcode_info_t *r_oip; 5291 struct sdebug_dev_info *devip; 5292 u8 *cmd = scp->cmnd; 5293 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 5294 int k, na; 5295 int errsts = 0; 5296 u32 flags; 5297 u16 sa; 5298 u8 opcode = cmd[0]; 5299 bool has_wlun_rl; 5300 5301 scsi_set_resid(scp, 0); 5302 if (sdebug_statistics) 5303 atomic_inc(&sdebug_cmnd_count); 5304 if (unlikely(sdebug_verbose && 5305 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) { 5306 char b[120]; 5307 int n, len, sb; 5308 5309 len = scp->cmd_len; 5310 sb = (int)sizeof(b); 5311 if (len > 32) 5312 strcpy(b, "too long, over 32 bytes"); 5313 else { 5314 for (k = 0, n = 0; k < len && n < sb; ++k) 5315 n += scnprintf(b + n, sb - n, "%02x ", 5316 (u32)cmd[k]); 5317 } 5318 if (sdebug_mq_active) 5319 sdev_printk(KERN_INFO, sdp, "%s: tag=%u, cmd %s\n", 5320 my_name, blk_mq_unique_tag(scp->request), 5321 b); 5322 else 5323 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name, 5324 b); 5325 } 5326 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS); 5327 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl)) 5328 goto err_out; 5329 5330 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */ 5331 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */ 5332 devip = (struct sdebug_dev_info *)sdp->hostdata; 5333 if (unlikely(!devip)) { 5334 devip = find_build_dev_info(sdp); 5335 if (NULL == devip) 5336 goto err_out; 5337 } 5338 na = oip->num_attached; 5339 r_pfp = oip->pfp; 5340 if (na) { /* multiple commands with this opcode */ 5341 r_oip = oip; 5342 if (FF_SA & r_oip->flags) { 5343 if (F_SA_LOW & oip->flags) 5344 sa = 0x1f & cmd[1]; 5345 else 5346 sa = get_unaligned_be16(cmd + 8); 5347 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 5348 if (opcode == oip->opcode && sa == oip->sa) 5349 break; 5350 } 5351 } else { /* since no service action only check opcode */ 5352 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 5353 if (opcode == oip->opcode) 5354 break; 5355 } 5356 } 5357 if (k > na) { 5358 if (F_SA_LOW & r_oip->flags) 5359 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4); 5360 else if (F_SA_HIGH & r_oip->flags) 5361 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7); 5362 else 5363 mk_sense_invalid_opcode(scp); 5364 goto check_cond; 5365 } 5366 } /* else (when na==0) we assume the oip is a match */ 5367 flags = oip->flags; 5368 if (unlikely(F_INV_OP & flags)) { 5369 mk_sense_invalid_opcode(scp); 5370 goto check_cond; 5371 } 5372 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) { 5373 if (sdebug_verbose) 5374 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n", 5375 my_name, opcode, " supported for wlun"); 5376 mk_sense_invalid_opcode(scp); 5377 goto check_cond; 5378 } 5379 if (unlikely(sdebug_strict)) { /* check cdb against mask */ 5380 u8 rem; 5381 int j; 5382 5383 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) { 5384 rem = ~oip->len_mask[k] & cmd[k]; 5385 if (rem) { 5386 for (j = 7; j >= 0; --j, rem <<= 1) { 5387 if (0x80 & rem) 5388 break; 5389 } 5390 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j); 5391 goto check_cond; 5392 } 5393 } 5394 } 5395 if (unlikely(!(F_SKIP_UA & flags) && 5396 find_first_bit(devip->uas_bm, 5397 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) { 5398 errsts = make_ua(scp, devip); 5399 if (errsts) 5400 goto check_cond; 5401 } 5402 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) { 5403 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2); 5404 if (sdebug_verbose) 5405 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: " 5406 "%s\n", my_name, "initializing command " 5407 "required"); 5408 errsts = check_condition_result; 5409 goto fini; 5410 } 5411 if (sdebug_fake_rw && (F_FAKE_RW & flags)) 5412 goto fini; 5413 if (unlikely(sdebug_every_nth)) { 5414 if (fake_timeout(scp)) 5415 return 0; /* ignore command: make trouble */ 5416 } 5417 if (likely(oip->pfp)) 5418 errsts = oip->pfp(scp, devip); /* calls a resp_* function */ 5419 else if (r_pfp) /* if leaf function ptr NULL, try the root's */ 5420 errsts = r_pfp(scp, devip); 5421 5422 fini: 5423 return schedule_resp(scp, devip, errsts, 5424 ((F_DELAY_OVERR & flags) ? 0 : sdebug_jdelay)); 5425 check_cond: 5426 return schedule_resp(scp, devip, check_condition_result, 0); 5427 err_out: 5428 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, 0); 5429 } 5430 5431 static struct scsi_host_template sdebug_driver_template = { 5432 .show_info = scsi_debug_show_info, 5433 .write_info = scsi_debug_write_info, 5434 .proc_name = sdebug_proc_name, 5435 .name = "SCSI DEBUG", 5436 .info = scsi_debug_info, 5437 .slave_alloc = scsi_debug_slave_alloc, 5438 .slave_configure = scsi_debug_slave_configure, 5439 .slave_destroy = scsi_debug_slave_destroy, 5440 .ioctl = scsi_debug_ioctl, 5441 .queuecommand = scsi_debug_queuecommand, 5442 .change_queue_depth = sdebug_change_qdepth, 5443 .eh_abort_handler = scsi_debug_abort, 5444 .eh_device_reset_handler = scsi_debug_device_reset, 5445 .eh_target_reset_handler = scsi_debug_target_reset, 5446 .eh_bus_reset_handler = scsi_debug_bus_reset, 5447 .eh_host_reset_handler = scsi_debug_host_reset, 5448 .can_queue = SDEBUG_CANQUEUE, 5449 .this_id = 7, 5450 .sg_tablesize = SG_MAX_SEGMENTS, 5451 .cmd_per_lun = DEF_CMD_PER_LUN, 5452 .max_sectors = -1U, 5453 .use_clustering = DISABLE_CLUSTERING, 5454 .module = THIS_MODULE, 5455 .track_queue_depth = 1, 5456 }; 5457 5458 static int sdebug_driver_probe(struct device * dev) 5459 { 5460 int error = 0; 5461 struct sdebug_host_info *sdbg_host; 5462 struct Scsi_Host *hpnt; 5463 int hprot; 5464 5465 sdbg_host = to_sdebug_host(dev); 5466 5467 sdebug_driver_template.can_queue = sdebug_max_queue; 5468 if (sdebug_clustering) 5469 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING; 5470 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host)); 5471 if (NULL == hpnt) { 5472 pr_err("scsi_host_alloc failed\n"); 5473 error = -ENODEV; 5474 return error; 5475 } 5476 if (submit_queues > nr_cpu_ids) { 5477 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n", 5478 my_name, submit_queues, nr_cpu_ids); 5479 submit_queues = nr_cpu_ids; 5480 } 5481 /* Decide whether to tell scsi subsystem that we want mq */ 5482 /* Following should give the same answer for each host */ 5483 sdebug_mq_active = shost_use_blk_mq(hpnt) && (submit_queues > 1); 5484 if (sdebug_mq_active) 5485 hpnt->nr_hw_queues = submit_queues; 5486 5487 sdbg_host->shost = hpnt; 5488 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host; 5489 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id)) 5490 hpnt->max_id = sdebug_num_tgts + 1; 5491 else 5492 hpnt->max_id = sdebug_num_tgts; 5493 /* = sdebug_max_luns; */ 5494 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 5495 5496 hprot = 0; 5497 5498 switch (sdebug_dif) { 5499 5500 case T10_PI_TYPE1_PROTECTION: 5501 hprot = SHOST_DIF_TYPE1_PROTECTION; 5502 if (sdebug_dix) 5503 hprot |= SHOST_DIX_TYPE1_PROTECTION; 5504 break; 5505 5506 case T10_PI_TYPE2_PROTECTION: 5507 hprot = SHOST_DIF_TYPE2_PROTECTION; 5508 if (sdebug_dix) 5509 hprot |= SHOST_DIX_TYPE2_PROTECTION; 5510 break; 5511 5512 case T10_PI_TYPE3_PROTECTION: 5513 hprot = SHOST_DIF_TYPE3_PROTECTION; 5514 if (sdebug_dix) 5515 hprot |= SHOST_DIX_TYPE3_PROTECTION; 5516 break; 5517 5518 default: 5519 if (sdebug_dix) 5520 hprot |= SHOST_DIX_TYPE0_PROTECTION; 5521 break; 5522 } 5523 5524 scsi_host_set_prot(hpnt, hprot); 5525 5526 if (have_dif_prot || sdebug_dix) 5527 pr_info("host protection%s%s%s%s%s%s%s\n", 5528 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "", 5529 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "", 5530 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "", 5531 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "", 5532 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "", 5533 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "", 5534 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : ""); 5535 5536 if (sdebug_guard == 1) 5537 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP); 5538 else 5539 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC); 5540 5541 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts); 5542 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts); 5543 if (sdebug_every_nth) /* need stats counters for every_nth */ 5544 sdebug_statistics = true; 5545 error = scsi_add_host(hpnt, &sdbg_host->dev); 5546 if (error) { 5547 pr_err("scsi_add_host failed\n"); 5548 error = -ENODEV; 5549 scsi_host_put(hpnt); 5550 } else 5551 scsi_scan_host(hpnt); 5552 5553 return error; 5554 } 5555 5556 static int sdebug_driver_remove(struct device * dev) 5557 { 5558 struct sdebug_host_info *sdbg_host; 5559 struct sdebug_dev_info *sdbg_devinfo, *tmp; 5560 5561 sdbg_host = to_sdebug_host(dev); 5562 5563 if (!sdbg_host) { 5564 pr_err("Unable to locate host info\n"); 5565 return -ENODEV; 5566 } 5567 5568 scsi_remove_host(sdbg_host->shost); 5569 5570 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 5571 dev_list) { 5572 list_del(&sdbg_devinfo->dev_list); 5573 kfree(sdbg_devinfo); 5574 } 5575 5576 scsi_host_put(sdbg_host->shost); 5577 return 0; 5578 } 5579 5580 static int pseudo_lld_bus_match(struct device *dev, 5581 struct device_driver *dev_driver) 5582 { 5583 return 1; 5584 } 5585 5586 static struct bus_type pseudo_lld_bus = { 5587 .name = "pseudo", 5588 .match = pseudo_lld_bus_match, 5589 .probe = sdebug_driver_probe, 5590 .remove = sdebug_driver_remove, 5591 .drv_groups = sdebug_drv_groups, 5592 }; 5593