1 /******************************************************************************* 2 * Filename: target_core_tmr.c 3 * 4 * This file contains SPC-3 task management infrastructure 5 * 6 * (c) Copyright 2009-2012 RisingTide Systems LLC. 7 * 8 * Nicholas A. Bellinger <nab@kernel.org> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License as published by 12 * the Free Software Foundation; either version 2 of the License, or 13 * (at your option) any later version. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with this program; if not, write to the Free Software 22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 23 * 24 ******************************************************************************/ 25 26 #include <linux/slab.h> 27 #include <linux/spinlock.h> 28 #include <linux/list.h> 29 #include <linux/export.h> 30 #include <scsi/scsi.h> 31 #include <scsi/scsi_cmnd.h> 32 33 #include <target/target_core_base.h> 34 #include <target/target_core_backend.h> 35 #include <target/target_core_fabric.h> 36 #include <target/target_core_configfs.h> 37 38 #include "target_core_internal.h" 39 #include "target_core_alua.h" 40 #include "target_core_pr.h" 41 42 int core_tmr_alloc_req( 43 struct se_cmd *se_cmd, 44 void *fabric_tmr_ptr, 45 u8 function, 46 gfp_t gfp_flags) 47 { 48 struct se_tmr_req *tmr; 49 50 tmr = kzalloc(sizeof(struct se_tmr_req), gfp_flags); 51 if (!tmr) { 52 pr_err("Unable to allocate struct se_tmr_req\n"); 53 return -ENOMEM; 54 } 55 56 se_cmd->se_cmd_flags |= SCF_SCSI_TMR_CDB; 57 se_cmd->se_tmr_req = tmr; 58 tmr->task_cmd = se_cmd; 59 tmr->fabric_tmr_ptr = fabric_tmr_ptr; 60 tmr->function = function; 61 INIT_LIST_HEAD(&tmr->tmr_list); 62 63 return 0; 64 } 65 EXPORT_SYMBOL(core_tmr_alloc_req); 66 67 void core_tmr_release_req( 68 struct se_tmr_req *tmr) 69 { 70 struct se_device *dev = tmr->tmr_dev; 71 unsigned long flags; 72 73 if (!dev) { 74 kfree(tmr); 75 return; 76 } 77 78 spin_lock_irqsave(&dev->se_tmr_lock, flags); 79 list_del(&tmr->tmr_list); 80 spin_unlock_irqrestore(&dev->se_tmr_lock, flags); 81 82 kfree(tmr); 83 } 84 85 static void core_tmr_handle_tas_abort( 86 struct se_node_acl *tmr_nacl, 87 struct se_cmd *cmd, 88 int tas) 89 { 90 /* 91 * TASK ABORTED status (TAS) bit support 92 */ 93 if ((tmr_nacl && 94 (tmr_nacl == cmd->se_sess->se_node_acl)) || tas) 95 transport_send_task_abort(cmd); 96 97 transport_cmd_finish_abort(cmd, 0); 98 } 99 100 static int target_check_cdb_and_preempt(struct list_head *list, 101 struct se_cmd *cmd) 102 { 103 struct t10_pr_registration *reg; 104 105 if (!list) 106 return 0; 107 list_for_each_entry(reg, list, pr_reg_abort_list) { 108 if (reg->pr_res_key == cmd->pr_res_key) 109 return 0; 110 } 111 112 return 1; 113 } 114 115 void core_tmr_abort_task( 116 struct se_device *dev, 117 struct se_tmr_req *tmr, 118 struct se_session *se_sess) 119 { 120 struct se_cmd *se_cmd, *tmp_cmd; 121 unsigned long flags; 122 int ref_tag; 123 124 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); 125 list_for_each_entry_safe(se_cmd, tmp_cmd, 126 &se_sess->sess_cmd_list, se_cmd_list) { 127 128 if (dev != se_cmd->se_dev) 129 continue; 130 ref_tag = se_cmd->se_tfo->get_task_tag(se_cmd); 131 if (tmr->ref_task_tag != ref_tag) 132 continue; 133 134 printk("ABORT_TASK: Found referenced %s task_tag: %u\n", 135 se_cmd->se_tfo->get_fabric_name(), ref_tag); 136 137 spin_lock(&se_cmd->t_state_lock); 138 if (se_cmd->transport_state & CMD_T_COMPLETE) { 139 printk("ABORT_TASK: ref_tag: %u already complete, skipping\n", ref_tag); 140 spin_unlock(&se_cmd->t_state_lock); 141 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 142 goto out; 143 } 144 se_cmd->transport_state |= CMD_T_ABORTED; 145 spin_unlock(&se_cmd->t_state_lock); 146 147 list_del_init(&se_cmd->se_cmd_list); 148 kref_get(&se_cmd->cmd_kref); 149 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 150 151 cancel_work_sync(&se_cmd->work); 152 transport_wait_for_tasks(se_cmd); 153 /* 154 * Now send SAM_STAT_TASK_ABORTED status for the referenced 155 * se_cmd descriptor.. 156 */ 157 transport_send_task_abort(se_cmd); 158 /* 159 * Also deal with possible extra acknowledge reference.. 160 */ 161 if (se_cmd->se_cmd_flags & SCF_ACK_KREF) 162 target_put_sess_cmd(se_sess, se_cmd); 163 164 target_put_sess_cmd(se_sess, se_cmd); 165 166 printk("ABORT_TASK: Sending TMR_FUNCTION_COMPLETE for" 167 " ref_tag: %d\n", ref_tag); 168 tmr->response = TMR_FUNCTION_COMPLETE; 169 return; 170 } 171 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 172 173 out: 174 printk("ABORT_TASK: Sending TMR_TASK_DOES_NOT_EXIST for ref_tag: %d\n", 175 tmr->ref_task_tag); 176 tmr->response = TMR_TASK_DOES_NOT_EXIST; 177 } 178 179 static void core_tmr_drain_tmr_list( 180 struct se_device *dev, 181 struct se_tmr_req *tmr, 182 struct list_head *preempt_and_abort_list) 183 { 184 LIST_HEAD(drain_tmr_list); 185 struct se_tmr_req *tmr_p, *tmr_pp; 186 struct se_cmd *cmd; 187 unsigned long flags; 188 /* 189 * Release all pending and outgoing TMRs aside from the received 190 * LUN_RESET tmr.. 191 */ 192 spin_lock_irqsave(&dev->se_tmr_lock, flags); 193 list_for_each_entry_safe(tmr_p, tmr_pp, &dev->dev_tmr_list, tmr_list) { 194 /* 195 * Allow the received TMR to return with FUNCTION_COMPLETE. 196 */ 197 if (tmr_p == tmr) 198 continue; 199 200 cmd = tmr_p->task_cmd; 201 if (!cmd) { 202 pr_err("Unable to locate struct se_cmd for TMR\n"); 203 continue; 204 } 205 /* 206 * If this function was called with a valid pr_res_key 207 * parameter (eg: for PROUT PREEMPT_AND_ABORT service action 208 * skip non regisration key matching TMRs. 209 */ 210 if (target_check_cdb_and_preempt(preempt_and_abort_list, cmd)) 211 continue; 212 213 spin_lock(&cmd->t_state_lock); 214 if (!(cmd->transport_state & CMD_T_ACTIVE)) { 215 spin_unlock(&cmd->t_state_lock); 216 continue; 217 } 218 if (cmd->t_state == TRANSPORT_ISTATE_PROCESSING) { 219 spin_unlock(&cmd->t_state_lock); 220 continue; 221 } 222 spin_unlock(&cmd->t_state_lock); 223 224 list_move_tail(&tmr_p->tmr_list, &drain_tmr_list); 225 } 226 spin_unlock_irqrestore(&dev->se_tmr_lock, flags); 227 228 list_for_each_entry_safe(tmr_p, tmr_pp, &drain_tmr_list, tmr_list) { 229 list_del_init(&tmr_p->tmr_list); 230 cmd = tmr_p->task_cmd; 231 232 pr_debug("LUN_RESET: %s releasing TMR %p Function: 0x%02x," 233 " Response: 0x%02x, t_state: %d\n", 234 (preempt_and_abort_list) ? "Preempt" : "", tmr_p, 235 tmr_p->function, tmr_p->response, cmd->t_state); 236 237 transport_cmd_finish_abort(cmd, 1); 238 } 239 } 240 241 static void core_tmr_drain_state_list( 242 struct se_device *dev, 243 struct se_cmd *prout_cmd, 244 struct se_node_acl *tmr_nacl, 245 int tas, 246 struct list_head *preempt_and_abort_list) 247 { 248 LIST_HEAD(drain_task_list); 249 struct se_cmd *cmd, *next; 250 unsigned long flags; 251 252 /* 253 * Complete outstanding commands with TASK_ABORTED SAM status. 254 * 255 * This is following sam4r17, section 5.6 Aborting commands, Table 38 256 * for TMR LUN_RESET: 257 * 258 * a) "Yes" indicates that each command that is aborted on an I_T nexus 259 * other than the one that caused the SCSI device condition is 260 * completed with TASK ABORTED status, if the TAS bit is set to one in 261 * the Control mode page (see SPC-4). "No" indicates that no status is 262 * returned for aborted commands. 263 * 264 * d) If the logical unit reset is caused by a particular I_T nexus 265 * (e.g., by a LOGICAL UNIT RESET task management function), then "yes" 266 * (TASK_ABORTED status) applies. 267 * 268 * Otherwise (e.g., if triggered by a hard reset), "no" 269 * (no TASK_ABORTED SAM status) applies. 270 * 271 * Note that this seems to be independent of TAS (Task Aborted Status) 272 * in the Control Mode Page. 273 */ 274 spin_lock_irqsave(&dev->execute_task_lock, flags); 275 list_for_each_entry_safe(cmd, next, &dev->state_list, state_list) { 276 /* 277 * For PREEMPT_AND_ABORT usage, only process commands 278 * with a matching reservation key. 279 */ 280 if (target_check_cdb_and_preempt(preempt_and_abort_list, cmd)) 281 continue; 282 283 /* 284 * Not aborting PROUT PREEMPT_AND_ABORT CDB.. 285 */ 286 if (prout_cmd == cmd) 287 continue; 288 289 list_move_tail(&cmd->state_list, &drain_task_list); 290 cmd->state_active = false; 291 } 292 spin_unlock_irqrestore(&dev->execute_task_lock, flags); 293 294 while (!list_empty(&drain_task_list)) { 295 cmd = list_entry(drain_task_list.next, struct se_cmd, state_list); 296 list_del(&cmd->state_list); 297 298 pr_debug("LUN_RESET: %s cmd: %p" 299 " ITT/CmdSN: 0x%08x/0x%08x, i_state: %d, t_state: %d" 300 "cdb: 0x%02x\n", 301 (preempt_and_abort_list) ? "Preempt" : "", cmd, 302 cmd->se_tfo->get_task_tag(cmd), 0, 303 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state, 304 cmd->t_task_cdb[0]); 305 pr_debug("LUN_RESET: ITT[0x%08x] - pr_res_key: 0x%016Lx" 306 " -- CMD_T_ACTIVE: %d" 307 " CMD_T_STOP: %d CMD_T_SENT: %d\n", 308 cmd->se_tfo->get_task_tag(cmd), cmd->pr_res_key, 309 (cmd->transport_state & CMD_T_ACTIVE) != 0, 310 (cmd->transport_state & CMD_T_STOP) != 0, 311 (cmd->transport_state & CMD_T_SENT) != 0); 312 313 /* 314 * If the command may be queued onto a workqueue cancel it now. 315 * 316 * This is equivalent to removal from the execute queue in the 317 * loop above, but we do it down here given that 318 * cancel_work_sync may block. 319 */ 320 if (cmd->t_state == TRANSPORT_COMPLETE) 321 cancel_work_sync(&cmd->work); 322 323 spin_lock_irqsave(&cmd->t_state_lock, flags); 324 target_stop_cmd(cmd, &flags); 325 326 cmd->transport_state |= CMD_T_ABORTED; 327 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 328 329 core_tmr_handle_tas_abort(tmr_nacl, cmd, tas); 330 } 331 } 332 333 int core_tmr_lun_reset( 334 struct se_device *dev, 335 struct se_tmr_req *tmr, 336 struct list_head *preempt_and_abort_list, 337 struct se_cmd *prout_cmd) 338 { 339 struct se_node_acl *tmr_nacl = NULL; 340 struct se_portal_group *tmr_tpg = NULL; 341 int tas; 342 /* 343 * TASK_ABORTED status bit, this is configurable via ConfigFS 344 * struct se_device attributes. spc4r17 section 7.4.6 Control mode page 345 * 346 * A task aborted status (TAS) bit set to zero specifies that aborted 347 * tasks shall be terminated by the device server without any response 348 * to the application client. A TAS bit set to one specifies that tasks 349 * aborted by the actions of an I_T nexus other than the I_T nexus on 350 * which the command was received shall be completed with TASK ABORTED 351 * status (see SAM-4). 352 */ 353 tas = dev->dev_attrib.emulate_tas; 354 /* 355 * Determine if this se_tmr is coming from a $FABRIC_MOD 356 * or struct se_device passthrough.. 357 */ 358 if (tmr && tmr->task_cmd && tmr->task_cmd->se_sess) { 359 tmr_nacl = tmr->task_cmd->se_sess->se_node_acl; 360 tmr_tpg = tmr->task_cmd->se_sess->se_tpg; 361 if (tmr_nacl && tmr_tpg) { 362 pr_debug("LUN_RESET: TMR caller fabric: %s" 363 " initiator port %s\n", 364 tmr_tpg->se_tpg_tfo->get_fabric_name(), 365 tmr_nacl->initiatorname); 366 } 367 } 368 pr_debug("LUN_RESET: %s starting for [%s], tas: %d\n", 369 (preempt_and_abort_list) ? "Preempt" : "TMR", 370 dev->transport->name, tas); 371 372 core_tmr_drain_tmr_list(dev, tmr, preempt_and_abort_list); 373 core_tmr_drain_state_list(dev, prout_cmd, tmr_nacl, tas, 374 preempt_and_abort_list); 375 376 /* 377 * Clear any legacy SPC-2 reservation when called during 378 * LOGICAL UNIT RESET 379 */ 380 if (!preempt_and_abort_list && 381 (dev->dev_reservation_flags & DRF_SPC2_RESERVATIONS)) { 382 spin_lock(&dev->dev_reservation_lock); 383 dev->dev_reserved_node_acl = NULL; 384 dev->dev_reservation_flags &= ~DRF_SPC2_RESERVATIONS; 385 spin_unlock(&dev->dev_reservation_lock); 386 pr_debug("LUN_RESET: SCSI-2 Released reservation\n"); 387 } 388 389 spin_lock_irq(&dev->stats_lock); 390 dev->num_resets++; 391 spin_unlock_irq(&dev->stats_lock); 392 393 pr_debug("LUN_RESET: %s for [%s] Complete\n", 394 (preempt_and_abort_list) ? "Preempt" : "TMR", 395 dev->transport->name); 396 return 0; 397 } 398 399