1 /* 2 * SCSI Primary Commands (SPC) parsing and emulation. 3 * 4 * Copyright (c) 2002, 2003, 2004, 2005 PyX Technologies, Inc. 5 * Copyright (c) 2005, 2006, 2007 SBE, Inc. 6 * Copyright (c) 2007-2010 Rising Tide Systems 7 * Copyright (c) 2008-2010 Linux-iSCSI.org 8 * 9 * Nicholas A. Bellinger <nab@kernel.org> 10 * 11 * This program is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License as published by 13 * the Free Software Foundation; either version 2 of the License, or 14 * (at your option) any later version. 15 * 16 * This program is distributed in the hope that it will be useful, 17 * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 * GNU General Public License for more details. 20 * 21 * You should have received a copy of the GNU General Public License 22 * along with this program; if not, write to the Free Software 23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 24 */ 25 26 #include <linux/kernel.h> 27 #include <linux/module.h> 28 #include <asm/unaligned.h> 29 30 #include <scsi/scsi.h> 31 #include <scsi/scsi_tcq.h> 32 33 #include <target/target_core_base.h> 34 #include <target/target_core_backend.h> 35 #include <target/target_core_fabric.h> 36 37 #include "target_core_internal.h" 38 #include "target_core_alua.h" 39 #include "target_core_pr.h" 40 #include "target_core_ua.h" 41 42 43 static void spc_fill_alua_data(struct se_port *port, unsigned char *buf) 44 { 45 struct t10_alua_tg_pt_gp *tg_pt_gp; 46 struct t10_alua_tg_pt_gp_member *tg_pt_gp_mem; 47 48 /* 49 * Set SCCS for MAINTENANCE_IN + REPORT_TARGET_PORT_GROUPS. 50 */ 51 buf[5] = 0x80; 52 53 /* 54 * Set TPGS field for explict and/or implict ALUA access type 55 * and opteration. 56 * 57 * See spc4r17 section 6.4.2 Table 135 58 */ 59 if (!port) 60 return; 61 tg_pt_gp_mem = port->sep_alua_tg_pt_gp_mem; 62 if (!tg_pt_gp_mem) 63 return; 64 65 spin_lock(&tg_pt_gp_mem->tg_pt_gp_mem_lock); 66 tg_pt_gp = tg_pt_gp_mem->tg_pt_gp; 67 if (tg_pt_gp) 68 buf[5] |= tg_pt_gp->tg_pt_gp_alua_access_type; 69 spin_unlock(&tg_pt_gp_mem->tg_pt_gp_mem_lock); 70 } 71 72 static int spc_emulate_inquiry_std(struct se_cmd *cmd, char *buf) 73 { 74 struct se_lun *lun = cmd->se_lun; 75 struct se_device *dev = cmd->se_dev; 76 77 /* Set RMB (removable media) for tape devices */ 78 if (dev->transport->get_device_type(dev) == TYPE_TAPE) 79 buf[1] = 0x80; 80 81 buf[2] = dev->transport->get_device_rev(dev); 82 83 /* 84 * NORMACA and HISUP = 0, RESPONSE DATA FORMAT = 2 85 * 86 * SPC4 says: 87 * A RESPONSE DATA FORMAT field set to 2h indicates that the 88 * standard INQUIRY data is in the format defined in this 89 * standard. Response data format values less than 2h are 90 * obsolete. Response data format values greater than 2h are 91 * reserved. 92 */ 93 buf[3] = 2; 94 95 /* 96 * Enable SCCS and TPGS fields for Emulated ALUA 97 */ 98 if (dev->se_sub_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) 99 spc_fill_alua_data(lun->lun_sep, buf); 100 101 buf[7] = 0x2; /* CmdQue=1 */ 102 103 snprintf(&buf[8], 8, "LIO-ORG"); 104 snprintf(&buf[16], 16, "%s", dev->se_sub_dev->t10_wwn.model); 105 snprintf(&buf[32], 4, "%s", dev->se_sub_dev->t10_wwn.revision); 106 buf[4] = 31; /* Set additional length to 31 */ 107 108 return 0; 109 } 110 111 /* unit serial number */ 112 static int spc_emulate_evpd_80(struct se_cmd *cmd, unsigned char *buf) 113 { 114 struct se_device *dev = cmd->se_dev; 115 u16 len = 0; 116 117 if (dev->se_sub_dev->su_dev_flags & 118 SDF_EMULATED_VPD_UNIT_SERIAL) { 119 u32 unit_serial_len; 120 121 unit_serial_len = strlen(dev->se_sub_dev->t10_wwn.unit_serial); 122 unit_serial_len++; /* For NULL Terminator */ 123 124 len += sprintf(&buf[4], "%s", 125 dev->se_sub_dev->t10_wwn.unit_serial); 126 len++; /* Extra Byte for NULL Terminator */ 127 buf[3] = len; 128 } 129 return 0; 130 } 131 132 static void spc_parse_naa_6h_vendor_specific(struct se_device *dev, 133 unsigned char *buf) 134 { 135 unsigned char *p = &dev->se_sub_dev->t10_wwn.unit_serial[0]; 136 int cnt; 137 bool next = true; 138 139 /* 140 * Generate up to 36 bits of VENDOR SPECIFIC IDENTIFIER starting on 141 * byte 3 bit 3-0 for NAA IEEE Registered Extended DESIGNATOR field 142 * format, followed by 64 bits of VENDOR SPECIFIC IDENTIFIER EXTENSION 143 * to complete the payload. These are based from VPD=0x80 PRODUCT SERIAL 144 * NUMBER set via vpd_unit_serial in target_core_configfs.c to ensure 145 * per device uniqeness. 146 */ 147 for (cnt = 0; *p && cnt < 13; p++) { 148 int val = hex_to_bin(*p); 149 150 if (val < 0) 151 continue; 152 153 if (next) { 154 next = false; 155 buf[cnt++] |= val; 156 } else { 157 next = true; 158 buf[cnt] = val << 4; 159 } 160 } 161 } 162 163 /* 164 * Device identification VPD, for a complete list of 165 * DESIGNATOR TYPEs see spc4r17 Table 459. 166 */ 167 static int spc_emulate_evpd_83(struct se_cmd *cmd, unsigned char *buf) 168 { 169 struct se_device *dev = cmd->se_dev; 170 struct se_lun *lun = cmd->se_lun; 171 struct se_port *port = NULL; 172 struct se_portal_group *tpg = NULL; 173 struct t10_alua_lu_gp_member *lu_gp_mem; 174 struct t10_alua_tg_pt_gp *tg_pt_gp; 175 struct t10_alua_tg_pt_gp_member *tg_pt_gp_mem; 176 unsigned char *prod = &dev->se_sub_dev->t10_wwn.model[0]; 177 u32 prod_len; 178 u32 unit_serial_len, off = 0; 179 u16 len = 0, id_len; 180 181 off = 4; 182 183 /* 184 * NAA IEEE Registered Extended Assigned designator format, see 185 * spc4r17 section 7.7.3.6.5 186 * 187 * We depend upon a target_core_mod/ConfigFS provided 188 * /sys/kernel/config/target/core/$HBA/$DEV/wwn/vpd_unit_serial 189 * value in order to return the NAA id. 190 */ 191 if (!(dev->se_sub_dev->su_dev_flags & SDF_EMULATED_VPD_UNIT_SERIAL)) 192 goto check_t10_vend_desc; 193 194 /* CODE SET == Binary */ 195 buf[off++] = 0x1; 196 197 /* Set ASSOCIATION == addressed logical unit: 0)b */ 198 buf[off] = 0x00; 199 200 /* Identifier/Designator type == NAA identifier */ 201 buf[off++] |= 0x3; 202 off++; 203 204 /* Identifier/Designator length */ 205 buf[off++] = 0x10; 206 207 /* 208 * Start NAA IEEE Registered Extended Identifier/Designator 209 */ 210 buf[off++] = (0x6 << 4); 211 212 /* 213 * Use OpenFabrics IEEE Company ID: 00 14 05 214 */ 215 buf[off++] = 0x01; 216 buf[off++] = 0x40; 217 buf[off] = (0x5 << 4); 218 219 /* 220 * Return ConfigFS Unit Serial Number information for 221 * VENDOR_SPECIFIC_IDENTIFIER and 222 * VENDOR_SPECIFIC_IDENTIFIER_EXTENTION 223 */ 224 spc_parse_naa_6h_vendor_specific(dev, &buf[off]); 225 226 len = 20; 227 off = (len + 4); 228 229 check_t10_vend_desc: 230 /* 231 * T10 Vendor Identifier Page, see spc4r17 section 7.7.3.4 232 */ 233 id_len = 8; /* For Vendor field */ 234 prod_len = 4; /* For VPD Header */ 235 prod_len += 8; /* For Vendor field */ 236 prod_len += strlen(prod); 237 prod_len++; /* For : */ 238 239 if (dev->se_sub_dev->su_dev_flags & 240 SDF_EMULATED_VPD_UNIT_SERIAL) { 241 unit_serial_len = 242 strlen(&dev->se_sub_dev->t10_wwn.unit_serial[0]); 243 unit_serial_len++; /* For NULL Terminator */ 244 245 id_len += sprintf(&buf[off+12], "%s:%s", prod, 246 &dev->se_sub_dev->t10_wwn.unit_serial[0]); 247 } 248 buf[off] = 0x2; /* ASCII */ 249 buf[off+1] = 0x1; /* T10 Vendor ID */ 250 buf[off+2] = 0x0; 251 memcpy(&buf[off+4], "LIO-ORG", 8); 252 /* Extra Byte for NULL Terminator */ 253 id_len++; 254 /* Identifier Length */ 255 buf[off+3] = id_len; 256 /* Header size for Designation descriptor */ 257 len += (id_len + 4); 258 off += (id_len + 4); 259 /* 260 * struct se_port is only set for INQUIRY VPD=1 through $FABRIC_MOD 261 */ 262 port = lun->lun_sep; 263 if (port) { 264 struct t10_alua_lu_gp *lu_gp; 265 u32 padding, scsi_name_len; 266 u16 lu_gp_id = 0; 267 u16 tg_pt_gp_id = 0; 268 u16 tpgt; 269 270 tpg = port->sep_tpg; 271 /* 272 * Relative target port identifer, see spc4r17 273 * section 7.7.3.7 274 * 275 * Get the PROTOCOL IDENTIFIER as defined by spc4r17 276 * section 7.5.1 Table 362 277 */ 278 buf[off] = 279 (tpg->se_tpg_tfo->get_fabric_proto_ident(tpg) << 4); 280 buf[off++] |= 0x1; /* CODE SET == Binary */ 281 buf[off] = 0x80; /* Set PIV=1 */ 282 /* Set ASSOCIATION == target port: 01b */ 283 buf[off] |= 0x10; 284 /* DESIGNATOR TYPE == Relative target port identifer */ 285 buf[off++] |= 0x4; 286 off++; /* Skip over Reserved */ 287 buf[off++] = 4; /* DESIGNATOR LENGTH */ 288 /* Skip over Obsolete field in RTPI payload 289 * in Table 472 */ 290 off += 2; 291 buf[off++] = ((port->sep_rtpi >> 8) & 0xff); 292 buf[off++] = (port->sep_rtpi & 0xff); 293 len += 8; /* Header size + Designation descriptor */ 294 /* 295 * Target port group identifier, see spc4r17 296 * section 7.7.3.8 297 * 298 * Get the PROTOCOL IDENTIFIER as defined by spc4r17 299 * section 7.5.1 Table 362 300 */ 301 if (dev->se_sub_dev->t10_alua.alua_type != 302 SPC3_ALUA_EMULATED) 303 goto check_scsi_name; 304 305 tg_pt_gp_mem = port->sep_alua_tg_pt_gp_mem; 306 if (!tg_pt_gp_mem) 307 goto check_lu_gp; 308 309 spin_lock(&tg_pt_gp_mem->tg_pt_gp_mem_lock); 310 tg_pt_gp = tg_pt_gp_mem->tg_pt_gp; 311 if (!tg_pt_gp) { 312 spin_unlock(&tg_pt_gp_mem->tg_pt_gp_mem_lock); 313 goto check_lu_gp; 314 } 315 tg_pt_gp_id = tg_pt_gp->tg_pt_gp_id; 316 spin_unlock(&tg_pt_gp_mem->tg_pt_gp_mem_lock); 317 318 buf[off] = 319 (tpg->se_tpg_tfo->get_fabric_proto_ident(tpg) << 4); 320 buf[off++] |= 0x1; /* CODE SET == Binary */ 321 buf[off] = 0x80; /* Set PIV=1 */ 322 /* Set ASSOCIATION == target port: 01b */ 323 buf[off] |= 0x10; 324 /* DESIGNATOR TYPE == Target port group identifier */ 325 buf[off++] |= 0x5; 326 off++; /* Skip over Reserved */ 327 buf[off++] = 4; /* DESIGNATOR LENGTH */ 328 off += 2; /* Skip over Reserved Field */ 329 buf[off++] = ((tg_pt_gp_id >> 8) & 0xff); 330 buf[off++] = (tg_pt_gp_id & 0xff); 331 len += 8; /* Header size + Designation descriptor */ 332 /* 333 * Logical Unit Group identifier, see spc4r17 334 * section 7.7.3.8 335 */ 336 check_lu_gp: 337 lu_gp_mem = dev->dev_alua_lu_gp_mem; 338 if (!lu_gp_mem) 339 goto check_scsi_name; 340 341 spin_lock(&lu_gp_mem->lu_gp_mem_lock); 342 lu_gp = lu_gp_mem->lu_gp; 343 if (!lu_gp) { 344 spin_unlock(&lu_gp_mem->lu_gp_mem_lock); 345 goto check_scsi_name; 346 } 347 lu_gp_id = lu_gp->lu_gp_id; 348 spin_unlock(&lu_gp_mem->lu_gp_mem_lock); 349 350 buf[off++] |= 0x1; /* CODE SET == Binary */ 351 /* DESIGNATOR TYPE == Logical Unit Group identifier */ 352 buf[off++] |= 0x6; 353 off++; /* Skip over Reserved */ 354 buf[off++] = 4; /* DESIGNATOR LENGTH */ 355 off += 2; /* Skip over Reserved Field */ 356 buf[off++] = ((lu_gp_id >> 8) & 0xff); 357 buf[off++] = (lu_gp_id & 0xff); 358 len += 8; /* Header size + Designation descriptor */ 359 /* 360 * SCSI name string designator, see spc4r17 361 * section 7.7.3.11 362 * 363 * Get the PROTOCOL IDENTIFIER as defined by spc4r17 364 * section 7.5.1 Table 362 365 */ 366 check_scsi_name: 367 scsi_name_len = strlen(tpg->se_tpg_tfo->tpg_get_wwn(tpg)); 368 /* UTF-8 ",t,0x<16-bit TPGT>" + NULL Terminator */ 369 scsi_name_len += 10; 370 /* Check for 4-byte padding */ 371 padding = ((-scsi_name_len) & 3); 372 if (padding != 0) 373 scsi_name_len += padding; 374 /* Header size + Designation descriptor */ 375 scsi_name_len += 4; 376 377 buf[off] = 378 (tpg->se_tpg_tfo->get_fabric_proto_ident(tpg) << 4); 379 buf[off++] |= 0x3; /* CODE SET == UTF-8 */ 380 buf[off] = 0x80; /* Set PIV=1 */ 381 /* Set ASSOCIATION == target port: 01b */ 382 buf[off] |= 0x10; 383 /* DESIGNATOR TYPE == SCSI name string */ 384 buf[off++] |= 0x8; 385 off += 2; /* Skip over Reserved and length */ 386 /* 387 * SCSI name string identifer containing, $FABRIC_MOD 388 * dependent information. For LIO-Target and iSCSI 389 * Target Port, this means "<iSCSI name>,t,0x<TPGT> in 390 * UTF-8 encoding. 391 */ 392 tpgt = tpg->se_tpg_tfo->tpg_get_tag(tpg); 393 scsi_name_len = sprintf(&buf[off], "%s,t,0x%04x", 394 tpg->se_tpg_tfo->tpg_get_wwn(tpg), tpgt); 395 scsi_name_len += 1 /* Include NULL terminator */; 396 /* 397 * The null-terminated, null-padded (see 4.4.2) SCSI 398 * NAME STRING field contains a UTF-8 format string. 399 * The number of bytes in the SCSI NAME STRING field 400 * (i.e., the value in the DESIGNATOR LENGTH field) 401 * shall be no larger than 256 and shall be a multiple 402 * of four. 403 */ 404 if (padding) 405 scsi_name_len += padding; 406 407 buf[off-1] = scsi_name_len; 408 off += scsi_name_len; 409 /* Header size + Designation descriptor */ 410 len += (scsi_name_len + 4); 411 } 412 buf[2] = ((len >> 8) & 0xff); 413 buf[3] = (len & 0xff); /* Page Length for VPD 0x83 */ 414 return 0; 415 } 416 417 /* Extended INQUIRY Data VPD Page */ 418 static int spc_emulate_evpd_86(struct se_cmd *cmd, unsigned char *buf) 419 { 420 buf[3] = 0x3c; 421 /* Set HEADSUP, ORDSUP, SIMPSUP */ 422 buf[5] = 0x07; 423 424 /* If WriteCache emulation is enabled, set V_SUP */ 425 if (cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_write_cache > 0) 426 buf[6] = 0x01; 427 return 0; 428 } 429 430 /* Block Limits VPD page */ 431 static int spc_emulate_evpd_b0(struct se_cmd *cmd, unsigned char *buf) 432 { 433 struct se_device *dev = cmd->se_dev; 434 u32 max_sectors; 435 int have_tp = 0; 436 437 /* 438 * Following spc3r22 section 6.5.3 Block Limits VPD page, when 439 * emulate_tpu=1 or emulate_tpws=1 we will be expect a 440 * different page length for Thin Provisioning. 441 */ 442 if (dev->se_sub_dev->se_dev_attrib.emulate_tpu || dev->se_sub_dev->se_dev_attrib.emulate_tpws) 443 have_tp = 1; 444 445 buf[0] = dev->transport->get_device_type(dev); 446 buf[3] = have_tp ? 0x3c : 0x10; 447 448 /* Set WSNZ to 1 */ 449 buf[4] = 0x01; 450 451 /* 452 * Set OPTIMAL TRANSFER LENGTH GRANULARITY 453 */ 454 put_unaligned_be16(1, &buf[6]); 455 456 /* 457 * Set MAXIMUM TRANSFER LENGTH 458 */ 459 max_sectors = min(dev->se_sub_dev->se_dev_attrib.fabric_max_sectors, 460 dev->se_sub_dev->se_dev_attrib.hw_max_sectors); 461 put_unaligned_be32(max_sectors, &buf[8]); 462 463 /* 464 * Set OPTIMAL TRANSFER LENGTH 465 */ 466 put_unaligned_be32(dev->se_sub_dev->se_dev_attrib.optimal_sectors, &buf[12]); 467 468 /* 469 * Exit now if we don't support TP. 470 */ 471 if (!have_tp) 472 return 0; 473 474 /* 475 * Set MAXIMUM UNMAP LBA COUNT 476 */ 477 put_unaligned_be32(dev->se_sub_dev->se_dev_attrib.max_unmap_lba_count, &buf[20]); 478 479 /* 480 * Set MAXIMUM UNMAP BLOCK DESCRIPTOR COUNT 481 */ 482 put_unaligned_be32(dev->se_sub_dev->se_dev_attrib.max_unmap_block_desc_count, 483 &buf[24]); 484 485 /* 486 * Set OPTIMAL UNMAP GRANULARITY 487 */ 488 put_unaligned_be32(dev->se_sub_dev->se_dev_attrib.unmap_granularity, &buf[28]); 489 490 /* 491 * UNMAP GRANULARITY ALIGNMENT 492 */ 493 put_unaligned_be32(dev->se_sub_dev->se_dev_attrib.unmap_granularity_alignment, 494 &buf[32]); 495 if (dev->se_sub_dev->se_dev_attrib.unmap_granularity_alignment != 0) 496 buf[32] |= 0x80; /* Set the UGAVALID bit */ 497 498 return 0; 499 } 500 501 /* Block Device Characteristics VPD page */ 502 static int spc_emulate_evpd_b1(struct se_cmd *cmd, unsigned char *buf) 503 { 504 struct se_device *dev = cmd->se_dev; 505 506 buf[0] = dev->transport->get_device_type(dev); 507 buf[3] = 0x3c; 508 buf[5] = dev->se_sub_dev->se_dev_attrib.is_nonrot ? 1 : 0; 509 510 return 0; 511 } 512 513 /* Thin Provisioning VPD */ 514 static int spc_emulate_evpd_b2(struct se_cmd *cmd, unsigned char *buf) 515 { 516 struct se_device *dev = cmd->se_dev; 517 518 /* 519 * From spc3r22 section 6.5.4 Thin Provisioning VPD page: 520 * 521 * The PAGE LENGTH field is defined in SPC-4. If the DP bit is set to 522 * zero, then the page length shall be set to 0004h. If the DP bit 523 * is set to one, then the page length shall be set to the value 524 * defined in table 162. 525 */ 526 buf[0] = dev->transport->get_device_type(dev); 527 528 /* 529 * Set Hardcoded length mentioned above for DP=0 530 */ 531 put_unaligned_be16(0x0004, &buf[2]); 532 533 /* 534 * The THRESHOLD EXPONENT field indicates the threshold set size in 535 * LBAs as a power of 2 (i.e., the threshold set size is equal to 536 * 2(threshold exponent)). 537 * 538 * Note that this is currently set to 0x00 as mkp says it will be 539 * changing again. We can enable this once it has settled in T10 540 * and is actually used by Linux/SCSI ML code. 541 */ 542 buf[4] = 0x00; 543 544 /* 545 * A TPU bit set to one indicates that the device server supports 546 * the UNMAP command (see 5.25). A TPU bit set to zero indicates 547 * that the device server does not support the UNMAP command. 548 */ 549 if (dev->se_sub_dev->se_dev_attrib.emulate_tpu != 0) 550 buf[5] = 0x80; 551 552 /* 553 * A TPWS bit set to one indicates that the device server supports 554 * the use of the WRITE SAME (16) command (see 5.42) to unmap LBAs. 555 * A TPWS bit set to zero indicates that the device server does not 556 * support the use of the WRITE SAME (16) command to unmap LBAs. 557 */ 558 if (dev->se_sub_dev->se_dev_attrib.emulate_tpws != 0) 559 buf[5] |= 0x40; 560 561 return 0; 562 } 563 564 static int spc_emulate_evpd_00(struct se_cmd *cmd, unsigned char *buf); 565 566 static struct { 567 uint8_t page; 568 int (*emulate)(struct se_cmd *, unsigned char *); 569 } evpd_handlers[] = { 570 { .page = 0x00, .emulate = spc_emulate_evpd_00 }, 571 { .page = 0x80, .emulate = spc_emulate_evpd_80 }, 572 { .page = 0x83, .emulate = spc_emulate_evpd_83 }, 573 { .page = 0x86, .emulate = spc_emulate_evpd_86 }, 574 { .page = 0xb0, .emulate = spc_emulate_evpd_b0 }, 575 { .page = 0xb1, .emulate = spc_emulate_evpd_b1 }, 576 { .page = 0xb2, .emulate = spc_emulate_evpd_b2 }, 577 }; 578 579 /* supported vital product data pages */ 580 static int spc_emulate_evpd_00(struct se_cmd *cmd, unsigned char *buf) 581 { 582 int p; 583 584 /* 585 * Only report the INQUIRY EVPD=1 pages after a valid NAA 586 * Registered Extended LUN WWN has been set via ConfigFS 587 * during device creation/restart. 588 */ 589 if (cmd->se_dev->se_sub_dev->su_dev_flags & 590 SDF_EMULATED_VPD_UNIT_SERIAL) { 591 buf[3] = ARRAY_SIZE(evpd_handlers); 592 for (p = 0; p < ARRAY_SIZE(evpd_handlers); ++p) 593 buf[p + 4] = evpd_handlers[p].page; 594 } 595 596 return 0; 597 } 598 599 static int spc_emulate_inquiry(struct se_cmd *cmd) 600 { 601 struct se_device *dev = cmd->se_dev; 602 struct se_portal_group *tpg = cmd->se_lun->lun_sep->sep_tpg; 603 unsigned char *rbuf; 604 unsigned char *cdb = cmd->t_task_cdb; 605 unsigned char buf[SE_INQUIRY_BUF]; 606 int p, ret; 607 608 memset(buf, 0, SE_INQUIRY_BUF); 609 610 if (dev == tpg->tpg_virt_lun0.lun_se_dev) 611 buf[0] = 0x3f; /* Not connected */ 612 else 613 buf[0] = dev->transport->get_device_type(dev); 614 615 if (!(cdb[1] & 0x1)) { 616 if (cdb[2]) { 617 pr_err("INQUIRY with EVPD==0 but PAGE CODE=%02x\n", 618 cdb[2]); 619 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 620 ret = -EINVAL; 621 goto out; 622 } 623 624 ret = spc_emulate_inquiry_std(cmd, buf); 625 goto out; 626 } 627 628 for (p = 0; p < ARRAY_SIZE(evpd_handlers); ++p) { 629 if (cdb[2] == evpd_handlers[p].page) { 630 buf[1] = cdb[2]; 631 ret = evpd_handlers[p].emulate(cmd, buf); 632 goto out; 633 } 634 } 635 636 pr_err("Unknown VPD Code: 0x%02x\n", cdb[2]); 637 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 638 ret = -EINVAL; 639 640 out: 641 rbuf = transport_kmap_data_sg(cmd); 642 if (rbuf) { 643 memcpy(rbuf, buf, min_t(u32, sizeof(buf), cmd->data_length)); 644 transport_kunmap_data_sg(cmd); 645 } 646 647 if (!ret) 648 target_complete_cmd(cmd, GOOD); 649 return ret; 650 } 651 652 static int spc_modesense_rwrecovery(unsigned char *p) 653 { 654 p[0] = 0x01; 655 p[1] = 0x0a; 656 657 return 12; 658 } 659 660 static int spc_modesense_control(struct se_device *dev, unsigned char *p) 661 { 662 p[0] = 0x0a; 663 p[1] = 0x0a; 664 p[2] = 2; 665 /* 666 * From spc4r23, 7.4.7 Control mode page 667 * 668 * The QUEUE ALGORITHM MODIFIER field (see table 368) specifies 669 * restrictions on the algorithm used for reordering commands 670 * having the SIMPLE task attribute (see SAM-4). 671 * 672 * Table 368 -- QUEUE ALGORITHM MODIFIER field 673 * Code Description 674 * 0h Restricted reordering 675 * 1h Unrestricted reordering allowed 676 * 2h to 7h Reserved 677 * 8h to Fh Vendor specific 678 * 679 * A value of zero in the QUEUE ALGORITHM MODIFIER field specifies that 680 * the device server shall order the processing sequence of commands 681 * having the SIMPLE task attribute such that data integrity is maintained 682 * for that I_T nexus (i.e., if the transmission of new SCSI transport protocol 683 * requests is halted at any time, the final value of all data observable 684 * on the medium shall be the same as if all the commands had been processed 685 * with the ORDERED task attribute). 686 * 687 * A value of one in the QUEUE ALGORITHM MODIFIER field specifies that the 688 * device server may reorder the processing sequence of commands having the 689 * SIMPLE task attribute in any manner. Any data integrity exposures related to 690 * command sequence order shall be explicitly handled by the application client 691 * through the selection of appropriate ommands and task attributes. 692 */ 693 p[3] = (dev->se_sub_dev->se_dev_attrib.emulate_rest_reord == 1) ? 0x00 : 0x10; 694 /* 695 * From spc4r17, section 7.4.6 Control mode Page 696 * 697 * Unit Attention interlocks control (UN_INTLCK_CTRL) to code 00b 698 * 699 * 00b: The logical unit shall clear any unit attention condition 700 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION 701 * status and shall not establish a unit attention condition when a com- 702 * mand is completed with BUSY, TASK SET FULL, or RESERVATION CONFLICT 703 * status. 704 * 705 * 10b: The logical unit shall not clear any unit attention condition 706 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION 707 * status and shall not establish a unit attention condition when 708 * a command is completed with BUSY, TASK SET FULL, or RESERVATION 709 * CONFLICT status. 710 * 711 * 11b a The logical unit shall not clear any unit attention condition 712 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION 713 * status and shall establish a unit attention condition for the 714 * initiator port associated with the I_T nexus on which the BUSY, 715 * TASK SET FULL, or RESERVATION CONFLICT status is being returned. 716 * Depending on the status, the additional sense code shall be set to 717 * PREVIOUS BUSY STATUS, PREVIOUS TASK SET FULL STATUS, or PREVIOUS 718 * RESERVATION CONFLICT STATUS. Until it is cleared by a REQUEST SENSE 719 * command, a unit attention condition shall be established only once 720 * for a BUSY, TASK SET FULL, or RESERVATION CONFLICT status regardless 721 * to the number of commands completed with one of those status codes. 722 */ 723 p[4] = (dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2) ? 0x30 : 724 (dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 1) ? 0x20 : 0x00; 725 /* 726 * From spc4r17, section 7.4.6 Control mode Page 727 * 728 * Task Aborted Status (TAS) bit set to zero. 729 * 730 * A task aborted status (TAS) bit set to zero specifies that aborted 731 * tasks shall be terminated by the device server without any response 732 * to the application client. A TAS bit set to one specifies that tasks 733 * aborted by the actions of an I_T nexus other than the I_T nexus on 734 * which the command was received shall be completed with TASK ABORTED 735 * status (see SAM-4). 736 */ 737 p[5] = (dev->se_sub_dev->se_dev_attrib.emulate_tas) ? 0x40 : 0x00; 738 p[8] = 0xff; 739 p[9] = 0xff; 740 p[11] = 30; 741 742 return 12; 743 } 744 745 static int spc_modesense_caching(struct se_device *dev, unsigned char *p) 746 { 747 p[0] = 0x08; 748 p[1] = 0x12; 749 if (dev->se_sub_dev->se_dev_attrib.emulate_write_cache > 0) 750 p[2] = 0x04; /* Write Cache Enable */ 751 p[12] = 0x20; /* Disabled Read Ahead */ 752 753 return 20; 754 } 755 756 static void spc_modesense_write_protect(unsigned char *buf, int type) 757 { 758 /* 759 * I believe that the WP bit (bit 7) in the mode header is the same for 760 * all device types.. 761 */ 762 switch (type) { 763 case TYPE_DISK: 764 case TYPE_TAPE: 765 default: 766 buf[0] |= 0x80; /* WP bit */ 767 break; 768 } 769 } 770 771 static void spc_modesense_dpofua(unsigned char *buf, int type) 772 { 773 switch (type) { 774 case TYPE_DISK: 775 buf[0] |= 0x10; /* DPOFUA bit */ 776 break; 777 default: 778 break; 779 } 780 } 781 782 static int spc_emulate_modesense(struct se_cmd *cmd) 783 { 784 struct se_device *dev = cmd->se_dev; 785 char *cdb = cmd->t_task_cdb; 786 unsigned char *rbuf; 787 int type = dev->transport->get_device_type(dev); 788 int ten = (cmd->t_task_cdb[0] == MODE_SENSE_10); 789 u32 offset = ten ? 8 : 4; 790 int length = 0; 791 unsigned char buf[SE_MODE_PAGE_BUF]; 792 793 memset(buf, 0, SE_MODE_PAGE_BUF); 794 795 switch (cdb[2] & 0x3f) { 796 case 0x01: 797 length = spc_modesense_rwrecovery(&buf[offset]); 798 break; 799 case 0x08: 800 length = spc_modesense_caching(dev, &buf[offset]); 801 break; 802 case 0x0a: 803 length = spc_modesense_control(dev, &buf[offset]); 804 break; 805 case 0x3f: 806 length = spc_modesense_rwrecovery(&buf[offset]); 807 length += spc_modesense_caching(dev, &buf[offset+length]); 808 length += spc_modesense_control(dev, &buf[offset+length]); 809 break; 810 default: 811 pr_err("MODE SENSE: unimplemented page/subpage: 0x%02x/0x%02x\n", 812 cdb[2] & 0x3f, cdb[3]); 813 cmd->scsi_sense_reason = TCM_UNKNOWN_MODE_PAGE; 814 return -EINVAL; 815 } 816 offset += length; 817 818 if (ten) { 819 offset -= 2; 820 buf[0] = (offset >> 8) & 0xff; 821 buf[1] = offset & 0xff; 822 offset += 2; 823 824 if ((cmd->se_lun->lun_access & TRANSPORT_LUNFLAGS_READ_ONLY) || 825 (cmd->se_deve && 826 (cmd->se_deve->lun_flags & TRANSPORT_LUNFLAGS_READ_ONLY))) 827 spc_modesense_write_protect(&buf[3], type); 828 829 if ((dev->se_sub_dev->se_dev_attrib.emulate_write_cache > 0) && 830 (dev->se_sub_dev->se_dev_attrib.emulate_fua_write > 0)) 831 spc_modesense_dpofua(&buf[3], type); 832 } else { 833 offset -= 1; 834 buf[0] = offset & 0xff; 835 offset += 1; 836 837 if ((cmd->se_lun->lun_access & TRANSPORT_LUNFLAGS_READ_ONLY) || 838 (cmd->se_deve && 839 (cmd->se_deve->lun_flags & TRANSPORT_LUNFLAGS_READ_ONLY))) 840 spc_modesense_write_protect(&buf[2], type); 841 842 if ((dev->se_sub_dev->se_dev_attrib.emulate_write_cache > 0) && 843 (dev->se_sub_dev->se_dev_attrib.emulate_fua_write > 0)) 844 spc_modesense_dpofua(&buf[2], type); 845 } 846 847 rbuf = transport_kmap_data_sg(cmd); 848 if (rbuf) { 849 memcpy(rbuf, buf, min(offset, cmd->data_length)); 850 transport_kunmap_data_sg(cmd); 851 } 852 853 target_complete_cmd(cmd, GOOD); 854 return 0; 855 } 856 857 static int spc_emulate_request_sense(struct se_cmd *cmd) 858 { 859 unsigned char *cdb = cmd->t_task_cdb; 860 unsigned char *rbuf; 861 u8 ua_asc = 0, ua_ascq = 0; 862 unsigned char buf[SE_SENSE_BUF]; 863 864 memset(buf, 0, SE_SENSE_BUF); 865 866 if (cdb[1] & 0x01) { 867 pr_err("REQUEST_SENSE description emulation not" 868 " supported\n"); 869 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 870 return -ENOSYS; 871 } 872 873 rbuf = transport_kmap_data_sg(cmd); 874 if (cmd->scsi_sense_reason != 0) { 875 /* 876 * Out of memory. We will fail with CHECK CONDITION, so 877 * we must not clear the unit attention condition. 878 */ 879 target_complete_cmd(cmd, CHECK_CONDITION); 880 return 0; 881 } else if (!core_scsi3_ua_clear_for_request_sense(cmd, &ua_asc, &ua_ascq)) { 882 /* 883 * CURRENT ERROR, UNIT ATTENTION 884 */ 885 buf[0] = 0x70; 886 buf[SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION; 887 888 /* 889 * The Additional Sense Code (ASC) from the UNIT ATTENTION 890 */ 891 buf[SPC_ASC_KEY_OFFSET] = ua_asc; 892 buf[SPC_ASCQ_KEY_OFFSET] = ua_ascq; 893 buf[7] = 0x0A; 894 } else { 895 /* 896 * CURRENT ERROR, NO SENSE 897 */ 898 buf[0] = 0x70; 899 buf[SPC_SENSE_KEY_OFFSET] = NO_SENSE; 900 901 /* 902 * NO ADDITIONAL SENSE INFORMATION 903 */ 904 buf[SPC_ASC_KEY_OFFSET] = 0x00; 905 buf[7] = 0x0A; 906 } 907 908 if (rbuf) { 909 memcpy(rbuf, buf, min_t(u32, sizeof(buf), cmd->data_length)); 910 transport_kunmap_data_sg(cmd); 911 } 912 913 target_complete_cmd(cmd, GOOD); 914 return 0; 915 } 916 917 static int spc_emulate_testunitready(struct se_cmd *cmd) 918 { 919 target_complete_cmd(cmd, GOOD); 920 return 0; 921 } 922 923 int spc_parse_cdb(struct se_cmd *cmd, unsigned int *size) 924 { 925 struct se_device *dev = cmd->se_dev; 926 struct se_subsystem_dev *su_dev = dev->se_sub_dev; 927 unsigned char *cdb = cmd->t_task_cdb; 928 929 switch (cdb[0]) { 930 case MODE_SELECT: 931 *size = cdb[4]; 932 break; 933 case MODE_SELECT_10: 934 *size = (cdb[7] << 8) + cdb[8]; 935 break; 936 case MODE_SENSE: 937 *size = cdb[4]; 938 cmd->execute_cmd = spc_emulate_modesense; 939 break; 940 case MODE_SENSE_10: 941 *size = (cdb[7] << 8) + cdb[8]; 942 cmd->execute_cmd = spc_emulate_modesense; 943 break; 944 case LOG_SELECT: 945 case LOG_SENSE: 946 *size = (cdb[7] << 8) + cdb[8]; 947 break; 948 case PERSISTENT_RESERVE_IN: 949 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS) 950 cmd->execute_cmd = target_scsi3_emulate_pr_in; 951 *size = (cdb[7] << 8) + cdb[8]; 952 break; 953 case PERSISTENT_RESERVE_OUT: 954 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS) 955 cmd->execute_cmd = target_scsi3_emulate_pr_out; 956 *size = (cdb[7] << 8) + cdb[8]; 957 break; 958 case RELEASE: 959 case RELEASE_10: 960 if (cdb[0] == RELEASE_10) 961 *size = (cdb[7] << 8) | cdb[8]; 962 else 963 *size = cmd->data_length; 964 965 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH) 966 cmd->execute_cmd = target_scsi2_reservation_release; 967 break; 968 case RESERVE: 969 case RESERVE_10: 970 /* 971 * The SPC-2 RESERVE does not contain a size in the SCSI CDB. 972 * Assume the passthrough or $FABRIC_MOD will tell us about it. 973 */ 974 if (cdb[0] == RESERVE_10) 975 *size = (cdb[7] << 8) | cdb[8]; 976 else 977 *size = cmd->data_length; 978 979 /* 980 * Setup the legacy emulated handler for SPC-2 and 981 * >= SPC-3 compatible reservation handling (CRH=1) 982 * Otherwise, we assume the underlying SCSI logic is 983 * is running in SPC_PASSTHROUGH, and wants reservations 984 * emulation disabled. 985 */ 986 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH) 987 cmd->execute_cmd = target_scsi2_reservation_reserve; 988 break; 989 case REQUEST_SENSE: 990 *size = cdb[4]; 991 cmd->execute_cmd = spc_emulate_request_sense; 992 break; 993 case INQUIRY: 994 *size = (cdb[3] << 8) + cdb[4]; 995 996 /* 997 * Do implict HEAD_OF_QUEUE processing for INQUIRY. 998 * See spc4r17 section 5.3 999 */ 1000 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 1001 cmd->sam_task_attr = MSG_HEAD_TAG; 1002 cmd->execute_cmd = spc_emulate_inquiry; 1003 break; 1004 case SECURITY_PROTOCOL_IN: 1005 case SECURITY_PROTOCOL_OUT: 1006 *size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9]; 1007 break; 1008 case EXTENDED_COPY: 1009 case READ_ATTRIBUTE: 1010 case RECEIVE_COPY_RESULTS: 1011 case WRITE_ATTRIBUTE: 1012 *size = (cdb[10] << 24) | (cdb[11] << 16) | 1013 (cdb[12] << 8) | cdb[13]; 1014 break; 1015 case RECEIVE_DIAGNOSTIC: 1016 case SEND_DIAGNOSTIC: 1017 *size = (cdb[3] << 8) | cdb[4]; 1018 break; 1019 case WRITE_BUFFER: 1020 *size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8]; 1021 break; 1022 case REPORT_LUNS: 1023 cmd->execute_cmd = target_report_luns; 1024 *size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9]; 1025 /* 1026 * Do implict HEAD_OF_QUEUE processing for REPORT_LUNS 1027 * See spc4r17 section 5.3 1028 */ 1029 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 1030 cmd->sam_task_attr = MSG_HEAD_TAG; 1031 break; 1032 case TEST_UNIT_READY: 1033 cmd->execute_cmd = spc_emulate_testunitready; 1034 *size = 0; 1035 break; 1036 case MAINTENANCE_IN: 1037 if (dev->transport->get_device_type(dev) != TYPE_ROM) { 1038 /* 1039 * MAINTENANCE_IN from SCC-2 1040 * Check for emulated MI_REPORT_TARGET_PGS 1041 */ 1042 if ((cdb[1] & 0x1f) == MI_REPORT_TARGET_PGS && 1043 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) { 1044 cmd->execute_cmd = 1045 target_emulate_report_target_port_groups; 1046 } 1047 *size = get_unaligned_be32(&cdb[6]); 1048 } else { 1049 /* 1050 * GPCMD_SEND_KEY from multi media commands 1051 */ 1052 *size = get_unaligned_be16(&cdb[8]); 1053 } 1054 break; 1055 case MAINTENANCE_OUT: 1056 if (dev->transport->get_device_type(dev) != TYPE_ROM) { 1057 /* 1058 * MAINTENANCE_OUT from SCC-2 1059 * Check for emulated MO_SET_TARGET_PGS. 1060 */ 1061 if (cdb[1] == MO_SET_TARGET_PGS && 1062 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) { 1063 cmd->execute_cmd = 1064 target_emulate_set_target_port_groups; 1065 } 1066 *size = get_unaligned_be32(&cdb[6]); 1067 } else { 1068 /* 1069 * GPCMD_SEND_KEY from multi media commands 1070 */ 1071 *size = get_unaligned_be16(&cdb[8]); 1072 } 1073 break; 1074 default: 1075 pr_warn("TARGET_CORE[%s]: Unsupported SCSI Opcode" 1076 " 0x%02x, sending CHECK_CONDITION.\n", 1077 cmd->se_tfo->get_fabric_name(), cdb[0]); 1078 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 1079 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE; 1080 return -EINVAL; 1081 } 1082 1083 return 0; 1084 } 1085 EXPORT_SYMBOL(spc_parse_cdb); 1086