1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright (c) 2016 The MathWorks, Inc. All rights reserved.
14 * Copyright 2019 Unix Software Ltd.
15 * Copyright 2020 Joyent, Inc.
16 * Copyright 2020 Racktop Systems.
17 * Copyright 2025 Oxide Computer Company.
18 * Copyright 2022 OmniOS Community Edition (OmniOSce) Association.
19 * Copyright 2022 Tintri by DDN, Inc. All rights reserved.
20 */
21
22 /*
23 * blkdev driver for NVMe compliant storage devices
24 *
25 * This driver targets and is designed to support all NVMe 1.x and NVMe 2.x
26 * devices. Features are added to the driver as we encounter devices that
27 * require them and our needs, so some commands or log pages may not take
28 * advantage of newer features that devices support at this time. When you
29 * encounter such a case, it is generally fine to add that support to the driver
30 * as long as you take care to ensure that the requisite device version is met
31 * before using it.
32 *
33 * The driver has only been tested on x86 systems and will not work on big-
34 * endian systems without changes to the code accessing registers and data
35 * structures used by the hardware.
36 *
37 *
38 * Interrupt Usage:
39 *
40 * The driver will use a single interrupt while configuring the device as the
41 * specification requires, but contrary to the specification it will try to use
42 * a single-message MSI(-X) or FIXED interrupt. Later in the attach process it
43 * will switch to multiple-message MSI(-X) if supported. The driver wants to
44 * have one interrupt vector per CPU, but it will work correctly if less are
45 * available. Interrupts can be shared by queues, the interrupt handler will
46 * iterate through the I/O queue array by steps of n_intr_cnt. Usually only
47 * the admin queue will share an interrupt with one I/O queue. The interrupt
48 * handler will retrieve completed commands from all queues sharing an interrupt
49 * vector and will post them to a taskq for completion processing.
50 *
51 *
52 * Command Processing:
53 *
54 * NVMe devices can have up to 65535 I/O queue pairs, with each queue holding up
55 * to 65536 I/O commands. The driver will configure one I/O queue pair per
56 * available interrupt vector, with the queue length usually much smaller than
57 * the maximum of 65536. If the hardware doesn't provide enough queues, fewer
58 * interrupt vectors will be used.
59 *
60 * Additionally the hardware provides a single special admin queue pair that can
61 * hold up to 4096 admin commands.
62 *
63 * From the hardware perspective both queues of a queue pair are independent,
64 * but they share some driver state: the command array (holding pointers to
65 * commands currently being processed by the hardware) and the active command
66 * counter. Access to a submission queue and the shared state is protected by
67 * nq_mutex; completion queue is protected by ncq_mutex.
68 *
69 * When a command is submitted to a queue pair the active command counter is
70 * incremented and a pointer to the command is stored in the command array. The
71 * array index is used as command identifier (CID) in the submission queue
72 * entry. Some commands may take a very long time to complete, and if the queue
73 * wraps around in that time a submission may find the next array slot to still
74 * be used by a long-running command. In this case the array is sequentially
75 * searched for the next free slot. The length of the command array is the same
76 * as the configured queue length. Queue overrun is prevented by the semaphore,
77 * so a command submission may block if the queue is full.
78 *
79 *
80 * Polled I/O Support:
81 *
82 * For kernel core dump support the driver can do polled I/O. As interrupts are
83 * turned off while dumping the driver will just submit a command in the regular
84 * way, and then repeatedly attempt a command retrieval until it gets the
85 * command back.
86 *
87 *
88 * Namespace Support:
89 *
90 * NVMe devices can have multiple namespaces, each being a independent data
91 * store. The driver supports multiple namespaces and creates a blkdev interface
92 * for each namespace found. Namespaces can have various attributes to support
93 * protection information. This driver does not support any of this and ignores
94 * namespaces that have these attributes.
95 *
96 * As of NVMe 1.1 namespaces can have an 64bit Extended Unique Identifier
97 * (EUI64), and NVMe 1.2 introduced an additional 128bit Namespace Globally
98 * Unique Identifier (NGUID). This driver uses either the NGUID or the EUI64
99 * if present to generate the devid, and passes the EUI64 to blkdev to use it
100 * in the device node names.
101 *
102 * We currently support only (2 << NVME_MINOR_INST_SHIFT) - 2 namespaces in a
103 * single controller. This is an artificial limit imposed by the driver to be
104 * able to address a reasonable number of controllers and namespaces while
105 * fitting within the constraints of MAXMIN32, aka a 32-bit device number which
106 * only has 18-bits for the minor number. See the minor node section for more
107 * information.
108 *
109 *
110 * Minor nodes:
111 *
112 * For each NVMe device the driver exposes one minor node for the controller and
113 * one minor node for each namespace. The only operations supported by those
114 * minor nodes are open(9E), close(9E), and ioctl(9E). This serves as the
115 * primary control interface for the devices. The character device is a private
116 * interface and we attempt stability through libnvme and more so nvmeadm.
117 *
118 * The controller minor node is much more flexible than the namespace minor node
119 * and should be preferred. The controller node allows one to target any
120 * namespace that the device has, while the namespace is limited in what it can
121 * acquire. While the namespace minor exists, it should not be relied upon and
122 * is not by libnvme.
123 *
124 * The minor number space is split in two. We use the lower part to support the
125 * controller and namespaces as described above in the 'Namespace Support'
126 * section. The second set is used for cloning opens. We set aside one million
127 * minors for this purpose. We utilize a cloning open so that way we can have
128 * per-file_t state. This is how we end up implementing and tracking locking
129 * state and related.
130 *
131 * When we have this cloned open, then we allocate a new nvme_minor_t which gets
132 * its minor number from the nvme_open_minors id_space_t and is stored in the
133 * nvme_open_minors_avl. While someone calls open on a controller or namespace
134 * minor, everything else occurs in the context of one of these ephemeral
135 * minors.
136 *
137 *
138 * ioctls, Errors, and Exclusive Access:
139 *
140 * All of the logical commands that one can issue are driven through the
141 * ioctl(9E) interface. All of our ioctls have a similar shape where they
142 * all include the 'nvme_ioctl_common_t' as their first member.
143 *
144 * This common ioctl structure is used to communicate the namespace that should
145 * be targeted. When the namespace is left as 0, then that indicates that it
146 * should target whatever the default is of the minor node. For a namespace
147 * minor, that will be transparently rewritten to the namespace's namespace id.
148 *
149 * In addition, the nvme_ioctl_common_t structure also has a standard error
150 * return. Our goal in our ioctl path is to ensure that we have useful semantic
151 * errors as much as possible. EINVAL, EIO, etc. are all overloaded. Instead as
152 * long as we can copy in our structure, then we will set a semantic error. If
153 * we have an error from the controller, then that will be included there.
154 *
155 * Each command has a specific policy that controls whether or not it is allowed
156 * on the namespace or controller minor, whether the broadcast namespace is
157 * allowed, various settings around what kind of exclusive access is allowed,
158 * and more. Each of these is wrapped up in a bit of policy described by the
159 * 'nvme_ioctl_check_t' structure.
160 *
161 * The device provides a form of exclusion in the form of both a
162 * controller-level and namespace-level read and write lock. Most operations do
163 * not require a lock (e.g. get log page, identify, etc.), but a few do (e.g.
164 * format nvm, firmware related activity, etc.). A read lock guarantees that you
165 * can complete your operation without interference, but read locks are not
166 * required. If you don't take a read lock and someone comes in with a write
167 * lock, then subsequent operations will fail with a semantic error indicating
168 * that you were blocked due to this.
169 *
170 * Here are some of the rules that govern our locks:
171 *
172 * 1. Writers starve readers. Any readers are allowed to finish when there is a
173 * pending writer; however, all subsequent readers will be blocked upon that
174 * writer.
175 * 2. A controller write lock takes priority over all other locks. Put
176 * differently a controller writer not only starves subsequent controller
177 * readers, but also all namespace read and write locks.
178 * 3. Each namespace lock is independent.
179 * 4. At most a single namespace lock may be owned.
180 * 5. If you own a namespace lock, you may not take a controller lock (to help
181 * with lock ordering).
182 * 6. In a similar spirit, if you own a controller write lock, you may not take
183 * any namespace lock. Someone with the controller write lock can perform any
184 * operations that they need to. However, if you have a controller read lock
185 * you may take any namespace lock.
186 * 7. There is no ability to upgrade a read lock to a write lock.
187 * 8. There is no recursive locking.
188 *
189 * While there's a lot there to keep track of, the goals of these are to
190 * constrain things so as to avoid deadlock. This is more complex than the
191 * original implementation in the driver which only allowed for an exclusive
192 * open that was tied to the thread. The first issue with tying this to the
193 * thread was that that didn't work well for software that utilized thread
194 * pools, like complex daemons. The second issue is that we want the ability for
195 * daemons, such as a FRU monitor, to be able to retain a file descriptor to the
196 * device without blocking others from taking action except during critical
197 * periods.
198 *
199 * In particular to enable something like libnvme, we didn't want someone to
200 * have to open and close the file descriptor to change what kind of exclusive
201 * access they desired.
202 *
203 * There are two different sets of data structures that we employ for tracking
204 * locking information:
205 *
206 * 1) The nvme_lock_t structure is contained in both the nvme_t and the
207 * nvme_namespace_t and tracks the current writer, readers, and pending writers
208 * and readers. Each of these lists or the writer pointer all refer to our
209 * second data structure.
210 *
211 * When a lock is owned by a single writer, then the nl_writer field is set to a
212 * specific minor's lock data structure. If instead readers are present, then
213 * the nl_readers list_t is not empty. An invariant of the system is that if
214 * nl_writer is non-NULL, nl_readers must be empty and conversely, if nl_readers
215 * is not empty, nl_writer must be NULL.
216 *
217 * 2) The nvme_minor_lock_info_t exists in the nvme_minor_t. There is one
218 * information structure which represents the minor's controller lock and a
219 * second one that represents the minor's namespace lock. The members of this
220 * are broken into tracking what the current lock is and what it targets. It
221 * also several members that are intended for debugging (nli_last_change,
222 * nli_acq_kthread, etc.).
223 *
224 * While the minor has two different lock information structures, our rules
225 * ensure that only one of the two can be pending and that they shouldn't result
226 * in a deadlock. When a lock is pending, the caller is sleeping on the minor's
227 * nm_cv member.
228 *
229 * These relationships are represented in the following image which shows a
230 * controller write lock being held with a pending readers on the controller
231 * lock and pending writers on one of the controller's namespaces.
232 *
233 * +---------+
234 * | nvme_t |
235 * | |
236 * | n_lock -|-------+
237 * | n_ns -+ | | +-----------------------------+
238 * +-------|-+ +-----------------+ | nvme_minor_t |
239 * | | nvme_lock_t | | |
240 * | | | | +------------------------+ |
241 * | | writer --|-------------->| nvme_minor_lock_info_t | |
242 * | | reader list | | | nm_ctrl_lock | |
243 * | | pending writers | | +------------------------+ |
244 * | | pending readers |------+ | +------------------------+ |
245 * | +-----------------+ | | | nvme_minor_lock_info_t | |
246 * | | | | nm_ns_lock | |
247 * | | | +------------------------+ |
248 * | | +-----------------------------+
249 * +------------------+ | +-----------------+
250 * | nvme_namespace_t | | | nvme_minor_t |
251 * | | | | |
252 * | ns_lock ---+ | | | +-------------+ |
253 * +------------|-----+ +-----------------|>|nm_ctrl_lock | |
254 * | | +-------------+ |
255 * v +-----------------+
256 * +------------------+ ...
257 * | nvme_lock_t | +-----------------+
258 * | | | nvme_minor_t |
259 * | writer | | |
260 * | reader list | | +-------------+ |
261 * | pending writers -|-----------------+ | |nm_ctrl_lock | |
262 * | pending readers | | | +-------------+ |
263 * +------------------+ | +-----------------+
264 * +-----------------------------+ | +-----------------------------+
265 * | nvme_minor_t | | | nvme_minor_t |
266 * | | | | |
267 * | +------------------------+ | | | +------------------------+ |
268 * | | nvme_minor_lock_info_t | | | | | nvme_minor_lock_info_t | |
269 * | | nm_ctrl_lock | | | | | nm_ctrl_lock | |
270 * | +------------------------+ | | | +------------------------+ |
271 * | +------------------------+ | v | +------------------------+ |
272 * | | nvme_minor_lock_info_t |-|-----|->| nvme_minor_lock_info_t | |
273 * | | nm_ns_lock | | | | nm_ns_lock | |
274 * | +------------------------+ | | +------------------------+ |
275 * +-----------------------------+ +-----------------------------+
276 *
277 * Blkdev Interface:
278 *
279 * This driver uses blkdev to do all the heavy lifting involved with presenting
280 * a disk device to the system. As a result, the processing of I/O requests is
281 * relatively simple as blkdev takes care of partitioning, boundary checks, DMA
282 * setup, and splitting of transfers into manageable chunks.
283 *
284 * I/O requests coming in from blkdev are turned into NVM commands and posted to
285 * an I/O queue. The queue is selected by taking the CPU id modulo the number of
286 * queues. There is currently no timeout handling of I/O commands.
287 *
288 * Blkdev also supports querying device/media information and generating a
289 * devid. The driver reports the best block size as determined by the namespace
290 * format back to blkdev as physical block size to support partition and block
291 * alignment. The devid is either based on the namespace GUID or EUI64, if
292 * present, or composed using the device vendor ID, model number, serial number,
293 * and the namespace ID.
294 *
295 *
296 * Error Handling:
297 *
298 * Error handling is currently limited to detecting fatal hardware errors,
299 * either by asynchronous events, or synchronously through command status or
300 * admin command timeouts. In case of severe errors the device is fenced off,
301 * all further requests will return EIO. FMA is then called to fault the device.
302 *
303 * The hardware has a limit for outstanding asynchronous event requests. Before
304 * this limit is known the driver assumes it is at least 1 and posts a single
305 * asynchronous request. Later when the limit is known more asynchronous event
306 * requests are posted to allow quicker reception of error information. When an
307 * asynchronous event is posted by the hardware the driver will parse the error
308 * status fields and log information or fault the device, depending on the
309 * severity of the asynchronous event. The asynchronous event request is then
310 * reused and posted to the admin queue again.
311 *
312 * On command completion the command status is checked for errors. In case of
313 * errors indicating a driver bug the driver panics. Almost all other error
314 * status values just cause EIO to be returned.
315 *
316 * Command timeouts are currently detected for all admin commands except
317 * asynchronous event requests. If a command times out and the hardware appears
318 * to be healthy the driver attempts to abort the command. The abort command
319 * timeout is a separate tunable but the original command timeout will be used
320 * if it is greater. If the abort times out too the driver assumes the device
321 * to be dead, fences it off, and calls FMA to retire it. In all other cases
322 * the aborted command should return immediately with a status indicating it
323 * was aborted, and the driver will wait indefinitely for that to happen. No
324 * timeout handling of normal I/O commands is presently done.
325 *
326 * Any command that times out due to the controller dropping dead will be put on
327 * nvme_lost_cmds list if it references DMA memory. This will prevent the DMA
328 * memory being reused by the system and later being written to by a "dead"
329 * NVMe controller.
330 *
331 *
332 * Locking:
333 *
334 * Each queue pair has a nq_mutex and ncq_mutex. The nq_mutex must be held
335 * when accessing shared state and submission queue registers, ncq_mutex
336 * is held when accessing completion queue state and registers.
337 * Callers of nvme_unqueue_cmd() must make sure that nq_mutex is held, while
338 * nvme_submit_{admin,io}_cmd() and nvme_retrieve_cmd() take care of both
339 * mutexes themselves.
340 *
341 * Each command also has its own nc_mutex, which is associated with the
342 * condition variable nc_cv. It is only used on admin commands which are run
343 * synchronously. In that case it must be held across calls to
344 * nvme_submit_{admin,io}_cmd() and nvme_wait_cmd(), which is taken care of by
345 * nvme_admin_cmd(). It must also be held whenever the completion state of the
346 * command is changed or while an admin command timeout is handled.
347 *
348 * If both nc_mutex and nq_mutex must be held, nc_mutex must be acquired first.
349 * More than one nc_mutex may only be held when aborting commands. In this case,
350 * the nc_mutex of the command to be aborted must be held across the call to
351 * nvme_abort_cmd() to prevent the command from completing while the abort is in
352 * progress.
353 *
354 * If both nq_mutex and ncq_mutex need to be held, ncq_mutex must be
355 * acquired first. More than one nq_mutex is never held by a single thread.
356 * The ncq_mutex is only held by nvme_retrieve_cmd() and
357 * nvme_process_iocq(). nvme_process_iocq() is only called from the
358 * interrupt thread and nvme_retrieve_cmd() during polled I/O, so the
359 * mutex is non-contentious but is required for implementation completeness
360 * and safety.
361 *
362 * Each nvme_t has an n_admin_stat_mutex that protects the admin command
363 * statistics structure. If this is taken in conjunction with any other locks,
364 * then it must be taken last.
365 *
366 * There is one mutex n_minor_mutex which protects all open flags nm_open and
367 * exclusive-open thread pointers nm_oexcl of each minor node associated with a
368 * controller and its namespaces.
369 *
370 * In addition, there is a logical namespace management mutex which protects the
371 * data about namespaces. When interrogating the metadata of any namespace, this
372 * lock must be held. This gets tricky as we need to call into blkdev, which may
373 * issue callbacks into us which want this and it is illegal to hold locks
374 * across those blkdev calls as otherwise they might lead to deadlock (blkdev
375 * leverages ndi_devi_enter()).
376 *
377 * The lock exposes two levels, one that we call 'NVME' and one 'BDRO' or blkdev
378 * read-only. The idea is that most callers will use the NVME level which says
379 * this is a full traditional mutex operation. The BDRO level is used by blkdev
380 * callback functions and is a promise to only only read the data. When a blkdev
381 * operation starts, the lock holder will use nvme_mgmt_bd_start(). This
382 * strictly speaking drops the mutex, but records that the lock is logically
383 * held by the thread that did the start() operation.
384 *
385 * During this time, other threads (or even the same one) may end up calling
386 * into nvme_mgmt_lock(). Only one person may still hold the lock at any time;
387 * however, the BRDO level will be allowed to proceed during this time. This
388 * allows us to make consistent progress and honor the blkdev lock ordering
389 * requirements, albeit it is not as straightforward as a simple mutex.
390 *
391 * Quiesce / Fast Reboot:
392 *
393 * The driver currently does not support fast reboot. A quiesce(9E) entry point
394 * is still provided which is used to send a shutdown notification to the
395 * device.
396 *
397 *
398 * NVMe Hotplug:
399 *
400 * The driver supports hot removal. The driver uses the NDI event framework
401 * to register a callback, nvme_remove_callback, to clean up when a disk is
402 * removed. In particular, the driver will unqueue outstanding I/O commands and
403 * set n_dead on the softstate to true so that other operations, such as ioctls
404 * and command submissions, fail as well.
405 *
406 * While the callback registration relies on the NDI event framework, the
407 * removal event itself is kicked off in the PCIe hotplug framework, when the
408 * PCIe bridge driver ("pcieb") gets a hotplug interrupt indicating that a
409 * device was removed from the slot.
410 *
411 * The NVMe driver instance itself will remain until the final close of the
412 * device.
413 *
414 *
415 * DDI UFM Support
416 *
417 * The driver supports the DDI UFM framework for reporting information about
418 * the device's firmware image and slot configuration. This data can be
419 * queried by userland software via ioctls to the ufm driver. For more
420 * information, see ddi_ufm(9E).
421 *
422 *
423 * Driver Configuration:
424 *
425 * The following driver properties can be changed to control some aspects of the
426 * drivers operation:
427 * - strict-version: can be set to 0 to allow devices conforming to newer
428 * major versions to be used
429 * - ignore-unknown-vendor-status: can be set to 1 to not handle any vendor
430 * specific command status as a fatal error leading device faulting
431 * - admin-queue-len: the maximum length of the admin queue (16-4096)
432 * - io-squeue-len: the maximum length of the I/O submission queues (16-65536)
433 * - io-cqueue-len: the maximum length of the I/O completion queues (16-65536)
434 * - async-event-limit: the maximum number of asynchronous event requests to be
435 * posted by the driver
436 * - volatile-write-cache-enable: can be set to 0 to disable the volatile write
437 * cache
438 * - min-phys-block-size: the minimum physical block size to report to blkdev,
439 * which is among other things the basis for ZFS vdev ashift
440 * - max-submission-queues: the maximum number of I/O submission queues.
441 * - max-completion-queues: the maximum number of I/O completion queues,
442 * can be less than max-submission-queues, in which case the completion
443 * queues are shared.
444 *
445 * In addition to the above properties, some device-specific tunables can be
446 * configured using the nvme-config-list global property. The value of this
447 * property is a list of triplets. The formal syntax is:
448 *
449 * nvme-config-list ::= <triplet> [, <triplet>]* ;
450 * <triplet> ::= "<model>" , "<rev-list>" , "<tuple-list>"
451 * <rev-list> ::= [ <fwrev> [, <fwrev>]*]
452 * <tuple-list> ::= <tunable> [, <tunable>]*
453 * <tunable> ::= <name> : <value>
454 *
455 * The <model> and <fwrev> are the strings in nvme_identify_ctrl_t`id_model and
456 * nvme_identify_ctrl_t`id_fwrev, respectively. The remainder of <tuple-list>
457 * contains one or more tunables to apply to all controllers that match the
458 * specified model number and optionally firmware revision. Each <tunable> is a
459 * <name> : <value> pair. Supported tunables are:
460 *
461 * - ignore-unknown-vendor-status: can be set to "on" to not handle any vendor
462 * specific command status as a fatal error leading device faulting
463 *
464 * - min-phys-block-size: the minimum physical block size to report to blkdev,
465 * which is among other things the basis for ZFS vdev ashift
466 *
467 * - volatile-write-cache: can be set to "on" or "off" to enable or disable the
468 * volatile write cache, if present
469 *
470 *
471 * TODO:
472 * - figure out sane default for I/O queue depth reported to blkdev
473 * - FMA handling of media errors
474 * - support for devices supporting very large I/O requests using chained PRPs
475 * - support for configuring hardware parameters like interrupt coalescing
476 * - support for media formatting and hard partitioning into namespaces
477 * - support for big-endian systems
478 * - support for fast reboot
479 * - support for NVMe Subsystem Reset (1.1)
480 * - support for Scatter/Gather lists (1.1)
481 * - support for Reservations (1.1)
482 * - support for power management
483 */
484
485 #include <sys/byteorder.h>
486 #ifdef _BIG_ENDIAN
487 #error nvme driver needs porting for big-endian platforms
488 #endif
489
490 #include <sys/modctl.h>
491 #include <sys/conf.h>
492 #include <sys/devops.h>
493 #include <sys/ddi.h>
494 #include <sys/ddi_ufm.h>
495 #include <sys/sunddi.h>
496 #include <sys/sunndi.h>
497 #include <sys/bitmap.h>
498 #include <sys/sysmacros.h>
499 #include <sys/param.h>
500 #include <sys/varargs.h>
501 #include <sys/cpuvar.h>
502 #include <sys/disp.h>
503 #include <sys/blkdev.h>
504 #include <sys/atomic.h>
505 #include <sys/archsystm.h>
506 #include <sys/sata/sata_hba.h>
507 #include <sys/stat.h>
508 #include <sys/policy.h>
509 #include <sys/list.h>
510 #include <sys/dkio.h>
511 #include <sys/pci.h>
512 #include <sys/mkdev.h>
513
514 #include <sys/nvme.h>
515
516 #ifdef __x86
517 #include <sys/x86_archext.h>
518 #endif
519
520 #include "nvme_reg.h"
521 #include "nvme_var.h"
522
523 /*
524 * Assertions to make sure that we've properly captured various aspects of the
525 * packed structures and haven't broken them during updates.
526 */
527 CTASSERT(sizeof (nvme_identify_ctrl_t) == NVME_IDENTIFY_BUFSIZE);
528 CTASSERT(offsetof(nvme_identify_ctrl_t, id_oacs) == 256);
529 CTASSERT(offsetof(nvme_identify_ctrl_t, id_sqes) == 512);
530 CTASSERT(offsetof(nvme_identify_ctrl_t, id_oncs) == 520);
531 CTASSERT(offsetof(nvme_identify_ctrl_t, id_subnqn) == 768);
532 CTASSERT(offsetof(nvme_identify_ctrl_t, id_nvmof) == 1792);
533 CTASSERT(offsetof(nvme_identify_ctrl_t, id_psd) == 2048);
534 CTASSERT(offsetof(nvme_identify_ctrl_t, id_vs) == 3072);
535
536 CTASSERT(sizeof (nvme_identify_nsid_t) == NVME_IDENTIFY_BUFSIZE);
537 CTASSERT(offsetof(nvme_identify_nsid_t, id_fpi) == 32);
538 CTASSERT(offsetof(nvme_identify_nsid_t, id_anagrpid) == 92);
539 CTASSERT(offsetof(nvme_identify_nsid_t, id_nguid) == 104);
540 CTASSERT(offsetof(nvme_identify_nsid_t, id_lbaf) == 128);
541 CTASSERT(offsetof(nvme_identify_nsid_t, id_vs) == 384);
542
543 CTASSERT(sizeof (nvme_identify_nsid_list_t) == NVME_IDENTIFY_BUFSIZE);
544 CTASSERT(sizeof (nvme_identify_ctrl_list_t) == NVME_IDENTIFY_BUFSIZE);
545
546 CTASSERT(sizeof (nvme_identify_primary_caps_t) == NVME_IDENTIFY_BUFSIZE);
547 CTASSERT(offsetof(nvme_identify_primary_caps_t, nipc_vqfrt) == 32);
548 CTASSERT(offsetof(nvme_identify_primary_caps_t, nipc_vifrt) == 64);
549
550 CTASSERT(sizeof (nvme_nschange_list_t) == 4096);
551
552 /* NVMe spec version supported */
553 static const int nvme_version_major = 2;
554
555 /* Tunable for FORMAT NVM command timeout in seconds, default is 600s */
556 uint32_t nvme_format_cmd_timeout = 600;
557
558 /* Tunable for firmware commit with NVME_FWC_SAVE, default is 15s */
559 uint32_t nvme_commit_save_cmd_timeout = 15;
560
561 /*
562 * Tunable for the admin command timeout used for commands other than those
563 * with their own timeouts defined above; in seconds. While most commands are
564 * expected to complete very quickly (sub-second), experience has shown that
565 * some controllers can occasionally be a bit slower, and not always consistent
566 * in the time taken - times of up to around 4.2s have been observed. Setting
567 * this to 15s by default provides headroom.
568 */
569 uint32_t nvme_admin_cmd_timeout = 15;
570
571 /*
572 * Tunable for abort command timeout in seconds, default is 60s. This timeout
573 * is used when issuing an abort command, currently only in response to a
574 * different admin command timing out. Aborts always complete after the command
575 * that they are attempting to abort so we need to allow enough time for the
576 * controller to process the long running command that we are attempting to
577 * abort. The abort timeout here is only used if it is greater than the timeout
578 * for the command that is being aborted.
579 */
580 uint32_t nvme_abort_cmd_timeout = 60;
581
582 /*
583 * Tunable for the size of arbitrary vendor specific admin commands,
584 * default is 16MiB.
585 */
586 uint32_t nvme_vendor_specific_admin_cmd_size = 1 << 24;
587
588 /*
589 * Tunable for the max timeout of arbitary vendor specific admin commands,
590 * default is 60s.
591 */
592 uint_t nvme_vendor_specific_admin_cmd_max_timeout = 60;
593
594 /*
595 * This ID space, AVL, and lock are used for keeping track of minor state across
596 * opens between different devices.
597 */
598 static id_space_t *nvme_open_minors;
599 static avl_tree_t nvme_open_minors_avl;
600 kmutex_t nvme_open_minors_mutex;
601
602 /*
603 * Removal taskq used for n_dead callback processing.
604 */
605 taskq_t *nvme_dead_taskq;
606
607 /*
608 * This enumeration is used in tandem with nvme_mgmt_lock() to describe which
609 * form of the lock is being taken. See the theory statement for more context.
610 */
611 typedef enum {
612 /*
613 * This is the primary form of taking the management lock and indicates
614 * that the user intends to do a read/write of it. This should always be
615 * used for any ioctl paths or truly anything other than a blkdev
616 * information operation.
617 */
618 NVME_MGMT_LOCK_NVME,
619 /*
620 * This is a subordinate form of the lock whereby the user is in blkdev
621 * callback context and will only intend to read the namespace data.
622 */
623 NVME_MGMT_LOCK_BDRO
624 } nvme_mgmt_lock_level_t;
625
626 static int nvme_attach(dev_info_t *, ddi_attach_cmd_t);
627 static int nvme_detach(dev_info_t *, ddi_detach_cmd_t);
628 static int nvme_quiesce(dev_info_t *);
629 static int nvme_fm_errcb(dev_info_t *, ddi_fm_error_t *, const void *);
630 static int nvme_setup_interrupts(nvme_t *, int, int);
631 static void nvme_release_interrupts(nvme_t *);
632 static uint_t nvme_intr(caddr_t, caddr_t);
633
634 static void nvme_shutdown(nvme_t *, boolean_t);
635 static boolean_t nvme_reset(nvme_t *, boolean_t);
636 static int nvme_init(nvme_t *);
637 static nvme_cmd_t *nvme_alloc_cmd(nvme_t *, int);
638 static void nvme_free_cmd(nvme_cmd_t *);
639 static nvme_cmd_t *nvme_create_nvm_cmd(nvme_namespace_t *, uint8_t,
640 bd_xfer_t *);
641 static void nvme_admin_cmd(nvme_cmd_t *, uint32_t);
642 static void nvme_submit_admin_cmd(nvme_qpair_t *, nvme_cmd_t *, uint32_t *);
643 static int nvme_submit_io_cmd(nvme_qpair_t *, nvme_cmd_t *);
644 static void nvme_submit_cmd_common(nvme_qpair_t *, nvme_cmd_t *, uint32_t *);
645 static nvme_cmd_t *nvme_unqueue_cmd(nvme_t *, nvme_qpair_t *, int);
646 static nvme_cmd_t *nvme_retrieve_cmd(nvme_t *, nvme_qpair_t *);
647 static void nvme_wait_cmd(nvme_cmd_t *, uint_t);
648 static void nvme_wakeup_cmd(void *);
649 static void nvme_async_event_task(void *);
650
651 static int nvme_check_unknown_cmd_status(nvme_cmd_t *);
652 static int nvme_check_vendor_cmd_status(nvme_cmd_t *);
653 static int nvme_check_integrity_cmd_status(nvme_cmd_t *);
654 static int nvme_check_specific_cmd_status(nvme_cmd_t *);
655 static int nvme_check_generic_cmd_status(nvme_cmd_t *);
656 static inline int nvme_check_cmd_status(nvme_cmd_t *);
657 static boolean_t nvme_check_cmd_status_ioctl(nvme_cmd_t *,
658 nvme_ioctl_common_t *);
659
660 static int nvme_abort_cmd(nvme_cmd_t *, const uint32_t);
661 static void nvme_async_event(nvme_t *);
662 static boolean_t nvme_format_nvm(nvme_t *, nvme_ioctl_format_t *);
663 static boolean_t nvme_get_logpage_int(nvme_t *, boolean_t, void **, size_t *,
664 uint8_t);
665 static boolean_t nvme_identify(nvme_t *, boolean_t, nvme_ioctl_identify_t *,
666 void **);
667 static boolean_t nvme_identify_int(nvme_t *, uint32_t, uint8_t, void **);
668 static int nvme_set_features(nvme_t *, boolean_t, uint32_t, uint8_t, uint32_t,
669 uint32_t *);
670 static int nvme_write_cache_set(nvme_t *, boolean_t);
671 static int nvme_set_nqueues(nvme_t *);
672
673 static void nvme_free_dma(nvme_dma_t *);
674 static int nvme_zalloc_dma(nvme_t *, size_t, uint_t, ddi_dma_attr_t *,
675 nvme_dma_t **);
676 static int nvme_zalloc_queue_dma(nvme_t *, uint32_t, uint16_t, uint_t,
677 nvme_dma_t **);
678 static void nvme_free_qpair(nvme_qpair_t *);
679 static int nvme_alloc_qpair(nvme_t *, uint32_t, nvme_qpair_t **, uint_t);
680 static int nvme_create_io_qpair(nvme_t *, nvme_qpair_t *, uint16_t);
681
682 static inline void nvme_put64(nvme_t *, uintptr_t, uint64_t);
683 static inline void nvme_put32(nvme_t *, uintptr_t, uint32_t);
684 static inline uint64_t nvme_get64(nvme_t *, uintptr_t);
685 static inline uint32_t nvme_get32(nvme_t *, uintptr_t);
686
687 static boolean_t nvme_check_regs_hdl(nvme_t *);
688 static boolean_t nvme_check_dma_hdl(nvme_dma_t *);
689
690 static int nvme_fill_prp(nvme_cmd_t *, ddi_dma_handle_t);
691
692 static void nvme_bd_xfer_done(void *);
693 static void nvme_bd_driveinfo(void *, bd_drive_t *);
694 static int nvme_bd_mediainfo(void *, bd_media_t *);
695 static int nvme_bd_cmd(nvme_namespace_t *, bd_xfer_t *, uint8_t);
696 static int nvme_bd_read(void *, bd_xfer_t *);
697 static int nvme_bd_write(void *, bd_xfer_t *);
698 static int nvme_bd_sync(void *, bd_xfer_t *);
699 static int nvme_bd_devid(void *, dev_info_t *, ddi_devid_t *);
700 static int nvme_bd_free_space(void *, bd_xfer_t *);
701
702 static int nvme_prp_dma_constructor(void *, void *, int);
703 static void nvme_prp_dma_destructor(void *, void *);
704
705 static void nvme_prepare_devid(nvme_t *, uint32_t);
706
707 /* DDI UFM callbacks */
708 static int nvme_ufm_fill_image(ddi_ufm_handle_t *, void *, uint_t,
709 ddi_ufm_image_t *);
710 static int nvme_ufm_fill_slot(ddi_ufm_handle_t *, void *, uint_t, uint_t,
711 ddi_ufm_slot_t *);
712 static int nvme_ufm_getcaps(ddi_ufm_handle_t *, void *, ddi_ufm_cap_t *);
713
714 static int nvme_open(dev_t *, int, int, cred_t *);
715 static int nvme_close(dev_t, int, int, cred_t *);
716 static int nvme_ioctl(dev_t, int, intptr_t, int, cred_t *, int *);
717
718 static int nvme_init_ns(nvme_t *, uint32_t);
719 static boolean_t nvme_attach_ns(nvme_t *, nvme_ioctl_common_t *);
720 static boolean_t nvme_detach_ns(nvme_t *, nvme_ioctl_common_t *);
721
722 static int nvme_minor_comparator(const void *, const void *);
723
724 static ddi_ufm_ops_t nvme_ufm_ops = {
725 NULL,
726 nvme_ufm_fill_image,
727 nvme_ufm_fill_slot,
728 nvme_ufm_getcaps
729 };
730
731 /*
732 * Minor numbers are split amongst those used for controllers and for device
733 * opens. The number of controller minors are limited based open MAXMIN32 per
734 * the theory statement. We allocate 1 million minors as a total guess at a
735 * number that'll probably be enough. The starting point of the open minors can
736 * be shifted to accommodate future expansion of the NVMe device minors.
737 */
738 #define NVME_MINOR_INST_SHIFT 9
739 #define NVME_MINOR(inst, nsid) (((inst) << NVME_MINOR_INST_SHIFT) | (nsid))
740 #define NVME_MINOR_INST(minor) ((minor) >> NVME_MINOR_INST_SHIFT)
741 #define NVME_MINOR_NSID(minor) ((minor) & ((1 << NVME_MINOR_INST_SHIFT) - 1))
742 #define NVME_MINOR_MAX (NVME_MINOR(1, 0) - 2)
743
744 #define NVME_OPEN_NMINORS (1024 * 1024)
745 #define NVME_OPEN_MINOR_MIN (MAXMIN32 + 1)
746 #define NVME_OPEN_MINOR_MAX_EXCL (NVME_OPEN_MINOR_MIN + \
747 NVME_OPEN_NMINORS)
748
749 #define NVME_BUMP_STAT(nvme, stat) \
750 atomic_inc_64(&nvme->n_device_stat.nds_ ## stat.value.ui64)
751
752 static void *nvme_state;
753 static kmem_cache_t *nvme_cmd_cache;
754
755 /*
756 * DMA attributes for queue DMA memory
757 *
758 * Queue DMA memory must be page aligned. The maximum length of a queue is
759 * 65536 entries, and an entry can be 64 bytes long.
760 */
761 static const ddi_dma_attr_t nvme_queue_dma_attr = {
762 .dma_attr_version = DMA_ATTR_V0,
763 .dma_attr_addr_lo = 0,
764 .dma_attr_addr_hi = 0xffffffffffffffffULL,
765 .dma_attr_count_max = (UINT16_MAX + 1) * sizeof (nvme_sqe_t) - 1,
766 .dma_attr_align = 0x1000,
767 .dma_attr_burstsizes = 0x7ff,
768 .dma_attr_minxfer = 0x1000,
769 .dma_attr_maxxfer = (UINT16_MAX + 1) * sizeof (nvme_sqe_t),
770 .dma_attr_seg = 0xffffffffffffffffULL,
771 .dma_attr_sgllen = 1,
772 .dma_attr_granular = 1,
773 .dma_attr_flags = 0,
774 };
775
776 /*
777 * DMA attributes for transfers using Physical Region Page (PRP) entries
778 *
779 * A PRP entry describes one page of DMA memory using the page size specified
780 * in the controller configuration's memory page size register (CC.MPS). It uses
781 * a 64bit base address aligned to this page size. There is no limitation on
782 * chaining PRPs together for arbitrarily large DMA transfers. These DMA
783 * attributes will be copied into the nvme_t during nvme_attach() and the
784 * dma_attr_maxxfer will be updated.
785 */
786 static const ddi_dma_attr_t nvme_prp_dma_attr = {
787 .dma_attr_version = DMA_ATTR_V0,
788 .dma_attr_addr_lo = 0,
789 .dma_attr_addr_hi = 0xffffffffffffffffULL,
790 .dma_attr_count_max = 0xfff,
791 .dma_attr_align = 0x1000,
792 .dma_attr_burstsizes = 0x7ff,
793 .dma_attr_minxfer = 0x1000,
794 .dma_attr_maxxfer = 0x1000,
795 .dma_attr_seg = 0xfff,
796 .dma_attr_sgllen = -1,
797 .dma_attr_granular = 1,
798 .dma_attr_flags = 0,
799 };
800
801 /*
802 * DMA attributes for transfers using scatter/gather lists
803 *
804 * A SGL entry describes a chunk of DMA memory using a 64bit base address and a
805 * 32bit length field. SGL Segment and SGL Last Segment entries require the
806 * length to be a multiple of 16 bytes. While the SGL DMA attributes are copied
807 * into the nvme_t, they are not currently used for any I/O.
808 */
809 static const ddi_dma_attr_t nvme_sgl_dma_attr = {
810 .dma_attr_version = DMA_ATTR_V0,
811 .dma_attr_addr_lo = 0,
812 .dma_attr_addr_hi = 0xffffffffffffffffULL,
813 .dma_attr_count_max = 0xffffffffUL,
814 .dma_attr_align = 1,
815 .dma_attr_burstsizes = 0x7ff,
816 .dma_attr_minxfer = 0x10,
817 .dma_attr_maxxfer = 0xfffffffffULL,
818 .dma_attr_seg = 0xffffffffffffffffULL,
819 .dma_attr_sgllen = -1,
820 .dma_attr_granular = 0x10,
821 .dma_attr_flags = 0
822 };
823
824 static ddi_device_acc_attr_t nvme_reg_acc_attr = {
825 .devacc_attr_version = DDI_DEVICE_ATTR_V0,
826 .devacc_attr_endian_flags = DDI_STRUCTURE_LE_ACC,
827 .devacc_attr_dataorder = DDI_STRICTORDER_ACC
828 };
829
830 /*
831 * ioctl validation policies. These are policies that determine which namespaces
832 * are allowed or disallowed for various operations. Note, all policy items
833 * should be explicitly listed here to help make it clear what our intent is.
834 * That is also why some of these are identical or repeated when they cover
835 * different ioctls.
836 */
837
838 /*
839 * The controller information ioctl generally contains read-only information
840 * about the controller that is sourced from multiple different pieces of
841 * information. This does not operate on a namespace and none are accepted.
842 */
843 static const nvme_ioctl_check_t nvme_check_ctrl_info = {
844 .nck_ns_ok = B_FALSE, .nck_ns_minor_ok = B_FALSE,
845 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
846 .nck_bcast_ok = B_FALSE, .nck_excl = NVME_IOCTL_EXCL_NONE
847 };
848
849 /*
850 * The kernel namespace information requires a namespace ID to be specified. It
851 * does not allow for the broadcast ID to be specified.
852 */
853 static const nvme_ioctl_check_t nvme_check_ns_info = {
854 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
855 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
856 .nck_bcast_ok = B_FALSE, .nck_excl = NVME_IOCTL_EXCL_NONE
857 };
858
859 /*
860 * Identify commands are allowed to operate on a namespace minor. Unfortunately,
861 * the namespace field in identify commands is a bit, weird. In particular, some
862 * commands need a valid namespace, while others are namespace listing
863 * operations, which means illegal namespaces like zero are allowed.
864 */
865 static const nvme_ioctl_check_t nvme_check_identify = {
866 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
867 .nck_skip_ctrl = B_TRUE, .nck_ctrl_rewrite = B_FALSE,
868 .nck_bcast_ok = B_TRUE, .nck_excl = NVME_IOCTL_EXCL_NONE
869 };
870
871 /*
872 * The get log page command requires the ability to specify namespaces. When
873 * targeting the controller, one must use the broadcast NSID.
874 */
875 static const nvme_ioctl_check_t nvme_check_get_logpage = {
876 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
877 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_TRUE,
878 .nck_bcast_ok = B_TRUE, .nck_excl = NVME_IOCTL_EXCL_NONE
879 };
880
881 /*
882 * When getting a feature, we do not want rewriting behavior as most features do
883 * not require a namespace to be specified. Specific instances are checked in
884 * nvme_validate_get_feature().
885 */
886 static const nvme_ioctl_check_t nvme_check_get_feature = {
887 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
888 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
889 .nck_bcast_ok = B_TRUE, .nck_excl = NVME_IOCTL_EXCL_NONE
890 };
891
892 /*
893 * Format commands must target a namespace. The broadcast namespace must be used
894 * when referring to the controller.
895 */
896 static const nvme_ioctl_check_t nvme_check_format = {
897 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
898 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_TRUE,
899 .nck_bcast_ok = B_TRUE, .nck_excl = NVME_IOCTL_EXCL_WRITE
900 };
901
902 /*
903 * Attach and detach must always target a minor. However, the broadcast
904 * namespace is not allowed. We still perform rewriting so that way specifying
905 * the controller node with 0 will be caught.
906 */
907 static const nvme_ioctl_check_t nvme_check_attach_detach = {
908 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
909 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_TRUE,
910 .nck_bcast_ok = B_FALSE, .nck_excl = NVME_IOCTL_EXCL_WRITE
911 };
912
913 /*
914 * Firmware operations must not target a namespace and are only allowed from the
915 * controller.
916 */
917 static const nvme_ioctl_check_t nvme_check_firmware = {
918 .nck_ns_ok = B_FALSE, .nck_ns_minor_ok = B_FALSE,
919 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
920 .nck_bcast_ok = B_FALSE, .nck_excl = NVME_IOCTL_EXCL_WRITE
921 };
922
923 /*
924 * Passthru commands are an odd set. We only allow them from the primary
925 * controller; however, we allow a namespace to be specified in them and allow
926 * the broadcast namespace. We do not perform rewriting because we don't know
927 * what the semantics are. We explicitly exempt passthru commands from needing
928 * an exclusive lock and leave it up to them to tell us the impact of the
929 * command and semantics. As this is a privileged interface and the semantics
930 * are arbitrary, there's not much we can do without some assistance from the
931 * consumer.
932 */
933 static const nvme_ioctl_check_t nvme_check_passthru = {
934 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_FALSE,
935 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
936 .nck_bcast_ok = B_TRUE, .nck_excl = NVME_IOCTL_EXCL_NONE
937 };
938
939 /*
940 * Lock operations are allowed to target a namespace, but must not be rewritten.
941 * There is no support for the broadcast namespace. This is the only ioctl that
942 * should skip exclusive checking as it's used to grant it.
943 */
944 static const nvme_ioctl_check_t nvme_check_locking = {
945 .nck_ns_ok = B_TRUE, .nck_ns_minor_ok = B_TRUE,
946 .nck_skip_ctrl = B_FALSE, .nck_ctrl_rewrite = B_FALSE,
947 .nck_bcast_ok = B_FALSE, .nck_excl = NVME_IOCTL_EXCL_SKIP
948 };
949
950 static struct cb_ops nvme_cb_ops = {
951 .cb_open = nvme_open,
952 .cb_close = nvme_close,
953 .cb_strategy = nodev,
954 .cb_print = nodev,
955 .cb_dump = nodev,
956 .cb_read = nodev,
957 .cb_write = nodev,
958 .cb_ioctl = nvme_ioctl,
959 .cb_devmap = nodev,
960 .cb_mmap = nodev,
961 .cb_segmap = nodev,
962 .cb_chpoll = nochpoll,
963 .cb_prop_op = ddi_prop_op,
964 .cb_str = 0,
965 .cb_flag = D_NEW | D_MP,
966 .cb_rev = CB_REV,
967 .cb_aread = nodev,
968 .cb_awrite = nodev
969 };
970
971 static struct dev_ops nvme_dev_ops = {
972 .devo_rev = DEVO_REV,
973 .devo_refcnt = 0,
974 .devo_getinfo = ddi_no_info,
975 .devo_identify = nulldev,
976 .devo_probe = nulldev,
977 .devo_attach = nvme_attach,
978 .devo_detach = nvme_detach,
979 .devo_reset = nodev,
980 .devo_cb_ops = &nvme_cb_ops,
981 .devo_bus_ops = NULL,
982 .devo_power = NULL,
983 .devo_quiesce = nvme_quiesce,
984 };
985
986 static struct modldrv nvme_modldrv = {
987 .drv_modops = &mod_driverops,
988 .drv_linkinfo = "NVMe driver",
989 .drv_dev_ops = &nvme_dev_ops
990 };
991
992 static struct modlinkage nvme_modlinkage = {
993 .ml_rev = MODREV_1,
994 .ml_linkage = { &nvme_modldrv, NULL }
995 };
996
997 static bd_ops_t nvme_bd_ops = {
998 .o_version = BD_OPS_CURRENT_VERSION,
999 .o_drive_info = nvme_bd_driveinfo,
1000 .o_media_info = nvme_bd_mediainfo,
1001 .o_devid_init = nvme_bd_devid,
1002 .o_sync_cache = nvme_bd_sync,
1003 .o_read = nvme_bd_read,
1004 .o_write = nvme_bd_write,
1005 .o_free_space = nvme_bd_free_space,
1006 };
1007
1008 /*
1009 * This list will hold commands that have timed out and couldn't be aborted.
1010 * As we don't know what the hardware may still do with the DMA memory we can't
1011 * free them, so we'll keep them forever on this list where we can easily look
1012 * at them with mdb.
1013 */
1014 static struct list nvme_lost_cmds;
1015 static kmutex_t nvme_lc_mutex;
1016
1017 int
_init(void)1018 _init(void)
1019 {
1020 int error;
1021
1022 error = ddi_soft_state_init(&nvme_state, sizeof (nvme_t), 1);
1023 if (error != DDI_SUCCESS)
1024 return (error);
1025
1026 if ((nvme_open_minors = id_space_create("nvme_open_minors",
1027 NVME_OPEN_MINOR_MIN, NVME_OPEN_MINOR_MAX_EXCL)) == NULL) {
1028 ddi_soft_state_fini(&nvme_state);
1029 return (ENOMEM);
1030 }
1031
1032 nvme_cmd_cache = kmem_cache_create("nvme_cmd_cache",
1033 sizeof (nvme_cmd_t), 64, NULL, NULL, NULL, NULL, NULL, 0);
1034
1035 mutex_init(&nvme_lc_mutex, NULL, MUTEX_DRIVER, NULL);
1036 list_create(&nvme_lost_cmds, sizeof (nvme_cmd_t),
1037 offsetof(nvme_cmd_t, nc_list));
1038
1039 mutex_init(&nvme_open_minors_mutex, NULL, MUTEX_DRIVER, NULL);
1040 avl_create(&nvme_open_minors_avl, nvme_minor_comparator,
1041 sizeof (nvme_minor_t), offsetof(nvme_minor_t, nm_avl));
1042
1043 nvme_dead_taskq = taskq_create("nvme_dead_taskq", 1, minclsyspri, 1, 1,
1044 TASKQ_PREPOPULATE);
1045
1046 bd_mod_init(&nvme_dev_ops);
1047
1048 error = mod_install(&nvme_modlinkage);
1049 if (error != DDI_SUCCESS) {
1050 ddi_soft_state_fini(&nvme_state);
1051 id_space_destroy(nvme_open_minors);
1052 mutex_destroy(&nvme_lc_mutex);
1053 list_destroy(&nvme_lost_cmds);
1054 bd_mod_fini(&nvme_dev_ops);
1055 mutex_destroy(&nvme_open_minors_mutex);
1056 avl_destroy(&nvme_open_minors_avl);
1057 taskq_destroy(nvme_dead_taskq);
1058 }
1059
1060 return (error);
1061 }
1062
1063 int
_fini(void)1064 _fini(void)
1065 {
1066 int error;
1067
1068 if (!list_is_empty(&nvme_lost_cmds))
1069 return (DDI_FAILURE);
1070
1071 error = mod_remove(&nvme_modlinkage);
1072 if (error == DDI_SUCCESS) {
1073 ddi_soft_state_fini(&nvme_state);
1074 id_space_destroy(nvme_open_minors);
1075 kmem_cache_destroy(nvme_cmd_cache);
1076 mutex_destroy(&nvme_lc_mutex);
1077 list_destroy(&nvme_lost_cmds);
1078 bd_mod_fini(&nvme_dev_ops);
1079 mutex_destroy(&nvme_open_minors_mutex);
1080 avl_destroy(&nvme_open_minors_avl);
1081 taskq_destroy(nvme_dead_taskq);
1082 }
1083
1084 return (error);
1085 }
1086
1087 int
_info(struct modinfo * modinfop)1088 _info(struct modinfo *modinfop)
1089 {
1090 return (mod_info(&nvme_modlinkage, modinfop));
1091 }
1092
1093 static inline void
nvme_put64(nvme_t * nvme,uintptr_t reg,uint64_t val)1094 nvme_put64(nvme_t *nvme, uintptr_t reg, uint64_t val)
1095 {
1096 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x7) == 0);
1097
1098 /*LINTED: E_BAD_PTR_CAST_ALIGN*/
1099 ddi_put64(nvme->n_regh, (uint64_t *)(nvme->n_regs + reg), val);
1100 }
1101
1102 static inline void
nvme_put32(nvme_t * nvme,uintptr_t reg,uint32_t val)1103 nvme_put32(nvme_t *nvme, uintptr_t reg, uint32_t val)
1104 {
1105 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x3) == 0);
1106
1107 /*LINTED: E_BAD_PTR_CAST_ALIGN*/
1108 ddi_put32(nvme->n_regh, (uint32_t *)(nvme->n_regs + reg), val);
1109 }
1110
1111 static inline uint64_t
nvme_get64(nvme_t * nvme,uintptr_t reg)1112 nvme_get64(nvme_t *nvme, uintptr_t reg)
1113 {
1114 uint64_t val;
1115
1116 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x7) == 0);
1117
1118 /*LINTED: E_BAD_PTR_CAST_ALIGN*/
1119 val = ddi_get64(nvme->n_regh, (uint64_t *)(nvme->n_regs + reg));
1120
1121 return (val);
1122 }
1123
1124 static inline uint32_t
nvme_get32(nvme_t * nvme,uintptr_t reg)1125 nvme_get32(nvme_t *nvme, uintptr_t reg)
1126 {
1127 uint32_t val;
1128
1129 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x3) == 0);
1130
1131 /*LINTED: E_BAD_PTR_CAST_ALIGN*/
1132 val = ddi_get32(nvme->n_regh, (uint32_t *)(nvme->n_regs + reg));
1133
1134 return (val);
1135 }
1136
1137 static void
nvme_mgmt_lock_fini(nvme_mgmt_lock_t * lock)1138 nvme_mgmt_lock_fini(nvme_mgmt_lock_t *lock)
1139 {
1140 ASSERT3U(lock->nml_bd_own, ==, 0);
1141 mutex_destroy(&lock->nml_lock);
1142 cv_destroy(&lock->nml_cv);
1143 }
1144
1145 static void
nvme_mgmt_lock_init(nvme_mgmt_lock_t * lock)1146 nvme_mgmt_lock_init(nvme_mgmt_lock_t *lock)
1147 {
1148 mutex_init(&lock->nml_lock, NULL, MUTEX_DRIVER, NULL);
1149 cv_init(&lock->nml_cv, NULL, CV_DRIVER, NULL);
1150 lock->nml_bd_own = 0;
1151 }
1152
1153 static void
nvme_mgmt_unlock(nvme_t * nvme)1154 nvme_mgmt_unlock(nvme_t *nvme)
1155 {
1156 nvme_mgmt_lock_t *lock = &nvme->n_mgmt;
1157
1158 cv_broadcast(&lock->nml_cv);
1159 mutex_exit(&lock->nml_lock);
1160 }
1161
1162 #ifdef DEBUG
1163 static boolean_t
nvme_mgmt_lock_held(nvme_t * nvme)1164 nvme_mgmt_lock_held(nvme_t *nvme)
1165 {
1166 return (MUTEX_HELD(&nvme->n_mgmt.nml_lock) != 0);
1167 }
1168 #endif /* DEBUG */
1169
1170 static void
nvme_mgmt_lock(nvme_t * nvme,nvme_mgmt_lock_level_t level)1171 nvme_mgmt_lock(nvme_t *nvme, nvme_mgmt_lock_level_t level)
1172 {
1173 nvme_mgmt_lock_t *lock = &nvme->n_mgmt;
1174 mutex_enter(&lock->nml_lock);
1175 while (lock->nml_bd_own != 0) {
1176 if (level == NVME_MGMT_LOCK_BDRO)
1177 break;
1178 cv_wait(&lock->nml_cv, &lock->nml_lock);
1179 }
1180 }
1181
1182 /*
1183 * This and nvme_mgmt_bd_end() are used to indicate that the driver is going to
1184 * be calling into a re-entrant blkdev related function. We cannot hold the lock
1185 * across such an operation and therefore must indicate that this is logically
1186 * held, while allowing other operations to proceed. This nvme_mgmt_bd_end() may
1187 * only be called by a thread that already holds the nmve_mgmt_lock().
1188 */
1189 static void
nvme_mgmt_bd_start(nvme_t * nvme)1190 nvme_mgmt_bd_start(nvme_t *nvme)
1191 {
1192 nvme_mgmt_lock_t *lock = &nvme->n_mgmt;
1193
1194 VERIFY(MUTEX_HELD(&lock->nml_lock));
1195 VERIFY3U(lock->nml_bd_own, ==, 0);
1196 lock->nml_bd_own = (uintptr_t)curthread;
1197 mutex_exit(&lock->nml_lock);
1198 }
1199
1200 static void
nvme_mgmt_bd_end(nvme_t * nvme)1201 nvme_mgmt_bd_end(nvme_t *nvme)
1202 {
1203 nvme_mgmt_lock_t *lock = &nvme->n_mgmt;
1204
1205 mutex_enter(&lock->nml_lock);
1206 VERIFY3U(lock->nml_bd_own, ==, (uintptr_t)curthread);
1207 lock->nml_bd_own = 0;
1208 }
1209
1210 /*
1211 * This is a central clearing house for marking an NVMe controller dead and/or
1212 * removed. This takes care of setting the flag, taking care of outstanding
1213 * blocked locks, and sending a DDI FMA impact. This is called from a precarious
1214 * place where locking is suspect. The only guarantee we have is that the nvme_t
1215 * is valid and won't disappear until we return.
1216 *
1217 * This should only be used after attach has been called.
1218 */
1219 static void
nvme_ctrl_mark_dead(nvme_t * nvme,boolean_t removed)1220 nvme_ctrl_mark_dead(nvme_t *nvme, boolean_t removed)
1221 {
1222 boolean_t was_dead;
1223
1224 /*
1225 * See if we win the race to set things up here. If someone beat us to
1226 * it, we do not do anything.
1227 */
1228 was_dead = atomic_cas_32((volatile uint32_t *)&nvme->n_dead, B_FALSE,
1229 B_TRUE);
1230 if (was_dead) {
1231 return;
1232 }
1233
1234 /*
1235 * If this was removed, there is no reason to change the service impact.
1236 * However, then we need to change our default return code that we use
1237 * here to indicate that it was gone versus that it is dead.
1238 */
1239 if (removed) {
1240 nvme->n_dead_status = NVME_IOCTL_E_CTRL_GONE;
1241 } else {
1242 ASSERT3U(nvme->n_dead_status, ==, NVME_IOCTL_E_CTRL_DEAD);
1243 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST);
1244 }
1245
1246 taskq_dispatch_ent(nvme_dead_taskq, nvme_rwlock_ctrl_dead, nvme,
1247 TQ_NOSLEEP, &nvme->n_dead_tqent);
1248 }
1249
1250 static boolean_t
nvme_check_regs_hdl(nvme_t * nvme)1251 nvme_check_regs_hdl(nvme_t *nvme)
1252 {
1253 ddi_fm_error_t error;
1254
1255 ddi_fm_acc_err_get(nvme->n_regh, &error, DDI_FME_VERSION);
1256
1257 if (error.fme_status != DDI_FM_OK)
1258 return (B_TRUE);
1259
1260 return (B_FALSE);
1261 }
1262
1263 static boolean_t
nvme_check_dma_hdl(nvme_dma_t * dma)1264 nvme_check_dma_hdl(nvme_dma_t *dma)
1265 {
1266 ddi_fm_error_t error;
1267
1268 if (dma == NULL)
1269 return (B_FALSE);
1270
1271 ddi_fm_dma_err_get(dma->nd_dmah, &error, DDI_FME_VERSION);
1272
1273 if (error.fme_status != DDI_FM_OK)
1274 return (B_TRUE);
1275
1276 return (B_FALSE);
1277 }
1278
1279 static void
nvme_free_dma_common(nvme_dma_t * dma)1280 nvme_free_dma_common(nvme_dma_t *dma)
1281 {
1282 if (dma->nd_dmah != NULL)
1283 (void) ddi_dma_unbind_handle(dma->nd_dmah);
1284 if (dma->nd_acch != NULL)
1285 ddi_dma_mem_free(&dma->nd_acch);
1286 if (dma->nd_dmah != NULL)
1287 ddi_dma_free_handle(&dma->nd_dmah);
1288 }
1289
1290 static void
nvme_free_dma(nvme_dma_t * dma)1291 nvme_free_dma(nvme_dma_t *dma)
1292 {
1293 nvme_free_dma_common(dma);
1294 kmem_free(dma, sizeof (*dma));
1295 }
1296
1297 static void
nvme_prp_dma_destructor(void * buf,void * private __unused)1298 nvme_prp_dma_destructor(void *buf, void *private __unused)
1299 {
1300 nvme_dma_t *dma = (nvme_dma_t *)buf;
1301
1302 nvme_free_dma_common(dma);
1303 }
1304
1305 static int
nvme_alloc_dma_common(nvme_t * nvme,nvme_dma_t * dma,size_t len,uint_t flags,ddi_dma_attr_t * dma_attr)1306 nvme_alloc_dma_common(nvme_t *nvme, nvme_dma_t *dma,
1307 size_t len, uint_t flags, ddi_dma_attr_t *dma_attr)
1308 {
1309 if (ddi_dma_alloc_handle(nvme->n_dip, dma_attr, DDI_DMA_SLEEP, NULL,
1310 &dma->nd_dmah) != DDI_SUCCESS) {
1311 /*
1312 * Due to DDI_DMA_SLEEP this can't be DDI_DMA_NORESOURCES, and
1313 * the only other possible error is DDI_DMA_BADATTR which
1314 * indicates a driver bug which should cause a panic.
1315 */
1316 dev_err(nvme->n_dip, CE_PANIC,
1317 "!failed to get DMA handle, check DMA attributes");
1318 return (DDI_FAILURE);
1319 }
1320
1321 /*
1322 * ddi_dma_mem_alloc() can only fail when DDI_DMA_NOSLEEP is specified
1323 * or the flags are conflicting, which isn't the case here.
1324 */
1325 (void) ddi_dma_mem_alloc(dma->nd_dmah, len, &nvme->n_reg_acc_attr,
1326 DDI_DMA_CONSISTENT, DDI_DMA_SLEEP, NULL, &dma->nd_memp,
1327 &dma->nd_len, &dma->nd_acch);
1328
1329 if (ddi_dma_addr_bind_handle(dma->nd_dmah, NULL, dma->nd_memp,
1330 dma->nd_len, flags | DDI_DMA_CONSISTENT, DDI_DMA_SLEEP, NULL,
1331 &dma->nd_cookie, &dma->nd_ncookie) != DDI_DMA_MAPPED) {
1332 dev_err(nvme->n_dip, CE_WARN,
1333 "!failed to bind DMA memory");
1334 NVME_BUMP_STAT(nvme, dma_bind_err);
1335 nvme_free_dma_common(dma);
1336 return (DDI_FAILURE);
1337 }
1338
1339 return (DDI_SUCCESS);
1340 }
1341
1342 static int
nvme_zalloc_dma(nvme_t * nvme,size_t len,uint_t flags,ddi_dma_attr_t * dma_attr,nvme_dma_t ** ret)1343 nvme_zalloc_dma(nvme_t *nvme, size_t len, uint_t flags,
1344 ddi_dma_attr_t *dma_attr, nvme_dma_t **ret)
1345 {
1346 nvme_dma_t *dma = kmem_zalloc(sizeof (nvme_dma_t), KM_SLEEP);
1347
1348 if (nvme_alloc_dma_common(nvme, dma, len, flags, dma_attr) !=
1349 DDI_SUCCESS) {
1350 *ret = NULL;
1351 kmem_free(dma, sizeof (nvme_dma_t));
1352 return (DDI_FAILURE);
1353 }
1354
1355 bzero(dma->nd_memp, dma->nd_len);
1356
1357 *ret = dma;
1358 return (DDI_SUCCESS);
1359 }
1360
1361 static int
nvme_prp_dma_constructor(void * buf,void * private,int flags __unused)1362 nvme_prp_dma_constructor(void *buf, void *private, int flags __unused)
1363 {
1364 nvme_dma_t *dma = (nvme_dma_t *)buf;
1365 nvme_t *nvme = (nvme_t *)private;
1366
1367 dma->nd_dmah = NULL;
1368 dma->nd_acch = NULL;
1369
1370 if (nvme_alloc_dma_common(nvme, dma, nvme->n_pagesize,
1371 DDI_DMA_READ, &nvme->n_prp_dma_attr) != DDI_SUCCESS) {
1372 return (-1);
1373 }
1374
1375 ASSERT(dma->nd_ncookie == 1);
1376
1377 dma->nd_cached = B_TRUE;
1378
1379 return (0);
1380 }
1381
1382 static int
nvme_zalloc_queue_dma(nvme_t * nvme,uint32_t nentry,uint16_t qe_len,uint_t flags,nvme_dma_t ** dma)1383 nvme_zalloc_queue_dma(nvme_t *nvme, uint32_t nentry, uint16_t qe_len,
1384 uint_t flags, nvme_dma_t **dma)
1385 {
1386 uint32_t len = nentry * qe_len;
1387 ddi_dma_attr_t q_dma_attr = nvme->n_queue_dma_attr;
1388
1389 len = roundup(len, nvme->n_pagesize);
1390
1391 if (nvme_zalloc_dma(nvme, len, flags, &q_dma_attr, dma)
1392 != DDI_SUCCESS) {
1393 dev_err(nvme->n_dip, CE_WARN,
1394 "!failed to get DMA memory for queue");
1395 goto fail;
1396 }
1397
1398 if ((*dma)->nd_ncookie != 1) {
1399 dev_err(nvme->n_dip, CE_WARN,
1400 "!got too many cookies for queue DMA");
1401 goto fail;
1402 }
1403
1404 return (DDI_SUCCESS);
1405
1406 fail:
1407 if (*dma) {
1408 nvme_free_dma(*dma);
1409 *dma = NULL;
1410 }
1411
1412 return (DDI_FAILURE);
1413 }
1414
1415 static void
nvme_free_cq(nvme_cq_t * cq)1416 nvme_free_cq(nvme_cq_t *cq)
1417 {
1418 mutex_destroy(&cq->ncq_mutex);
1419
1420 if (cq->ncq_cmd_taskq != NULL)
1421 taskq_destroy(cq->ncq_cmd_taskq);
1422
1423 if (cq->ncq_dma != NULL)
1424 nvme_free_dma(cq->ncq_dma);
1425
1426 kmem_free(cq, sizeof (*cq));
1427 }
1428
1429 static void
nvme_free_qpair(nvme_qpair_t * qp)1430 nvme_free_qpair(nvme_qpair_t *qp)
1431 {
1432 int i;
1433
1434 mutex_destroy(&qp->nq_mutex);
1435 sema_destroy(&qp->nq_sema);
1436
1437 if (qp->nq_sqdma != NULL)
1438 nvme_free_dma(qp->nq_sqdma);
1439
1440 if (qp->nq_active_cmds > 0)
1441 for (i = 0; i != qp->nq_nentry; i++)
1442 if (qp->nq_cmd[i] != NULL)
1443 nvme_free_cmd(qp->nq_cmd[i]);
1444
1445 if (qp->nq_cmd != NULL)
1446 kmem_free(qp->nq_cmd, sizeof (nvme_cmd_t *) * qp->nq_nentry);
1447
1448 kmem_free(qp, sizeof (nvme_qpair_t));
1449 }
1450
1451 /*
1452 * Destroy the pre-allocated cq array, but only free individual completion
1453 * queues from the given starting index.
1454 */
1455 static void
nvme_destroy_cq_array(nvme_t * nvme,uint_t start)1456 nvme_destroy_cq_array(nvme_t *nvme, uint_t start)
1457 {
1458 uint_t i;
1459
1460 for (i = start; i < nvme->n_cq_count; i++)
1461 if (nvme->n_cq[i] != NULL)
1462 nvme_free_cq(nvme->n_cq[i]);
1463
1464 kmem_free(nvme->n_cq, sizeof (*nvme->n_cq) * nvme->n_cq_count);
1465 }
1466
1467 static int
nvme_alloc_cq(nvme_t * nvme,uint32_t nentry,nvme_cq_t ** cqp,uint16_t idx,uint_t nthr)1468 nvme_alloc_cq(nvme_t *nvme, uint32_t nentry, nvme_cq_t **cqp, uint16_t idx,
1469 uint_t nthr)
1470 {
1471 nvme_cq_t *cq = kmem_zalloc(sizeof (*cq), KM_SLEEP);
1472 char name[64]; /* large enough for the taskq name */
1473
1474 mutex_init(&cq->ncq_mutex, NULL, MUTEX_DRIVER,
1475 DDI_INTR_PRI(nvme->n_intr_pri));
1476
1477 if (nvme_zalloc_queue_dma(nvme, nentry, sizeof (nvme_cqe_t),
1478 DDI_DMA_READ, &cq->ncq_dma) != DDI_SUCCESS)
1479 goto fail;
1480
1481 cq->ncq_cq = (nvme_cqe_t *)cq->ncq_dma->nd_memp;
1482 cq->ncq_nentry = nentry;
1483 cq->ncq_id = idx;
1484 cq->ncq_hdbl = NVME_REG_CQHDBL(nvme, idx);
1485
1486 /*
1487 * Each completion queue has its own command taskq.
1488 */
1489 (void) snprintf(name, sizeof (name), "%s%d_cmd_taskq%u",
1490 ddi_driver_name(nvme->n_dip), ddi_get_instance(nvme->n_dip), idx);
1491
1492 cq->ncq_cmd_taskq = taskq_create(name, nthr, minclsyspri, 64, INT_MAX,
1493 TASKQ_PREPOPULATE);
1494
1495 if (cq->ncq_cmd_taskq == NULL) {
1496 dev_err(nvme->n_dip, CE_WARN, "!failed to create cmd "
1497 "taskq for cq %u", idx);
1498 goto fail;
1499 }
1500
1501 *cqp = cq;
1502 return (DDI_SUCCESS);
1503
1504 fail:
1505 nvme_free_cq(cq);
1506 *cqp = NULL;
1507
1508 return (DDI_FAILURE);
1509 }
1510
1511 /*
1512 * Create the n_cq array big enough to hold "ncq" completion queues.
1513 * If the array already exists it will be re-sized (but only larger).
1514 * The admin queue is included in this array, which boosts the
1515 * max number of entries to UINT16_MAX + 1.
1516 */
1517 static int
nvme_create_cq_array(nvme_t * nvme,uint_t ncq,uint32_t nentry,uint_t nthr)1518 nvme_create_cq_array(nvme_t *nvme, uint_t ncq, uint32_t nentry, uint_t nthr)
1519 {
1520 nvme_cq_t **cq;
1521 uint_t i, cq_count;
1522
1523 ASSERT3U(ncq, >, nvme->n_cq_count);
1524
1525 cq = nvme->n_cq;
1526 cq_count = nvme->n_cq_count;
1527
1528 nvme->n_cq = kmem_zalloc(sizeof (*nvme->n_cq) * ncq, KM_SLEEP);
1529 nvme->n_cq_count = ncq;
1530
1531 for (i = 0; i < cq_count; i++)
1532 nvme->n_cq[i] = cq[i];
1533
1534 for (; i < nvme->n_cq_count; i++)
1535 if (nvme_alloc_cq(nvme, nentry, &nvme->n_cq[i], i, nthr) !=
1536 DDI_SUCCESS)
1537 goto fail;
1538
1539 if (cq != NULL)
1540 kmem_free(cq, sizeof (*cq) * cq_count);
1541
1542 return (DDI_SUCCESS);
1543
1544 fail:
1545 nvme_destroy_cq_array(nvme, cq_count);
1546 /*
1547 * Restore the original array
1548 */
1549 nvme->n_cq_count = cq_count;
1550 nvme->n_cq = cq;
1551
1552 return (DDI_FAILURE);
1553 }
1554
1555 static int
nvme_alloc_qpair(nvme_t * nvme,uint32_t nentry,nvme_qpair_t ** nqp,uint_t idx)1556 nvme_alloc_qpair(nvme_t *nvme, uint32_t nentry, nvme_qpair_t **nqp,
1557 uint_t idx)
1558 {
1559 nvme_qpair_t *qp = kmem_zalloc(sizeof (*qp), KM_SLEEP);
1560 uint_t cq_idx;
1561
1562 mutex_init(&qp->nq_mutex, NULL, MUTEX_DRIVER,
1563 DDI_INTR_PRI(nvme->n_intr_pri));
1564
1565 /*
1566 * The NVMe spec defines that a full queue has one empty (unused) slot;
1567 * initialize the semaphore accordingly.
1568 */
1569 sema_init(&qp->nq_sema, nentry - 1, NULL, SEMA_DRIVER, NULL);
1570
1571 if (nvme_zalloc_queue_dma(nvme, nentry, sizeof (nvme_sqe_t),
1572 DDI_DMA_WRITE, &qp->nq_sqdma) != DDI_SUCCESS)
1573 goto fail;
1574
1575 /*
1576 * idx == 0 is adminq, those above 0 are shared io completion queues.
1577 */
1578 cq_idx = idx == 0 ? 0 : 1 + (idx - 1) % (nvme->n_cq_count - 1);
1579 qp->nq_cq = nvme->n_cq[cq_idx];
1580 qp->nq_sq = (nvme_sqe_t *)qp->nq_sqdma->nd_memp;
1581 qp->nq_nentry = nentry;
1582
1583 qp->nq_sqtdbl = NVME_REG_SQTDBL(nvme, idx);
1584
1585 qp->nq_cmd = kmem_zalloc(sizeof (nvme_cmd_t *) * nentry, KM_SLEEP);
1586 qp->nq_next_cmd = 0;
1587
1588 *nqp = qp;
1589 return (DDI_SUCCESS);
1590
1591 fail:
1592 nvme_free_qpair(qp);
1593 *nqp = NULL;
1594
1595 return (DDI_FAILURE);
1596 }
1597
1598 /*
1599 * One might reasonably consider that the nvme_cmd_cache should have a cache
1600 * constructor and destructor that takes care of the mutex/cv init/destroy, and
1601 * that nvme_free_cmd should reset more fields such that allocation becomes
1602 * simpler. This is not currently implemented as:
1603 * - nvme_cmd_cache is a global cache, shared across nvme instances and
1604 * therefore there is no easy access to the corresponding nvme_t in the
1605 * constructor to determine the required interrupt priority.
1606 * - Most fields in nvme_cmd_t would need to be zeroed in nvme_free_cmd while
1607 * preserving the mutex/cv. It is easier to able to zero the entire
1608 * structure and then init the mutex/cv only in the unlikely event that we
1609 * want an admin command.
1610 */
1611 static nvme_cmd_t *
nvme_alloc_cmd(nvme_t * nvme,int kmflag)1612 nvme_alloc_cmd(nvme_t *nvme, int kmflag)
1613 {
1614 nvme_cmd_t *cmd = kmem_cache_alloc(nvme_cmd_cache, kmflag);
1615
1616 if (cmd != NULL) {
1617 bzero(cmd, sizeof (nvme_cmd_t));
1618 cmd->nc_nvme = nvme;
1619 }
1620
1621 return (cmd);
1622 }
1623
1624 static nvme_cmd_t *
nvme_alloc_admin_cmd(nvme_t * nvme,int kmflag)1625 nvme_alloc_admin_cmd(nvme_t *nvme, int kmflag)
1626 {
1627 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, kmflag);
1628
1629 if (cmd != NULL) {
1630 cmd->nc_flags |= NVME_CMD_F_USELOCK;
1631 mutex_init(&cmd->nc_mutex, NULL, MUTEX_DRIVER,
1632 DDI_INTR_PRI(nvme->n_intr_pri));
1633 cv_init(&cmd->nc_cv, NULL, CV_DRIVER, NULL);
1634 }
1635
1636 return (cmd);
1637 }
1638
1639 static void
nvme_free_cmd(nvme_cmd_t * cmd)1640 nvme_free_cmd(nvme_cmd_t *cmd)
1641 {
1642 /* Don't free commands on the lost commands list. */
1643 if (list_link_active(&cmd->nc_list))
1644 return;
1645
1646 if (cmd->nc_dma) {
1647 nvme_free_dma(cmd->nc_dma);
1648 cmd->nc_dma = NULL;
1649 }
1650
1651 if (cmd->nc_prp) {
1652 kmem_cache_free(cmd->nc_nvme->n_prp_cache, cmd->nc_prp);
1653 cmd->nc_prp = NULL;
1654 }
1655
1656 if ((cmd->nc_flags & NVME_CMD_F_USELOCK) != 0) {
1657 cv_destroy(&cmd->nc_cv);
1658 mutex_destroy(&cmd->nc_mutex);
1659 }
1660
1661 kmem_cache_free(nvme_cmd_cache, cmd);
1662 }
1663
1664 static void
nvme_submit_admin_cmd(nvme_qpair_t * qp,nvme_cmd_t * cmd,uint32_t * qtimeoutp)1665 nvme_submit_admin_cmd(nvme_qpair_t *qp, nvme_cmd_t *cmd, uint32_t *qtimeoutp)
1666 {
1667 sema_p(&qp->nq_sema);
1668 nvme_submit_cmd_common(qp, cmd, qtimeoutp);
1669 }
1670
1671 static int
nvme_submit_io_cmd(nvme_qpair_t * qp,nvme_cmd_t * cmd)1672 nvme_submit_io_cmd(nvme_qpair_t *qp, nvme_cmd_t *cmd)
1673 {
1674 if (cmd->nc_nvme->n_dead) {
1675 return (EIO);
1676 }
1677
1678 if (sema_tryp(&qp->nq_sema) == 0)
1679 return (EAGAIN);
1680
1681 nvme_submit_cmd_common(qp, cmd, NULL);
1682 return (0);
1683 }
1684
1685 /*
1686 * Common command submission routine. If `qtimeoutp` is not NULL then it will
1687 * be set to the sum of the timeouts of any active commands ahead of the one
1688 * being submitted.
1689 */
1690 static void
nvme_submit_cmd_common(nvme_qpair_t * qp,nvme_cmd_t * cmd,uint32_t * qtimeoutp)1691 nvme_submit_cmd_common(nvme_qpair_t *qp, nvme_cmd_t *cmd, uint32_t *qtimeoutp)
1692 {
1693 nvme_reg_sqtdbl_t tail = { 0 };
1694
1695 /*
1696 * We don't need to take a lock on cmd since it is not yet enqueued.
1697 */
1698 cmd->nc_submit_ts = gethrtime();
1699 cmd->nc_state = NVME_CMD_SUBMITTED;
1700
1701 mutex_enter(&qp->nq_mutex);
1702
1703 /*
1704 * Now that we hold the queue pair lock, we must check whether or not
1705 * the controller has been listed as dead (e.g. was removed due to
1706 * hotplug). This is necessary as otherwise we could race with
1707 * nvme_remove_callback(). Because this has not been enqueued, we don't
1708 * call nvme_unqueue_cmd(), which is why we must manually decrement the
1709 * semaphore.
1710 */
1711 if (cmd->nc_nvme->n_dead) {
1712 cmd->nc_queue_ts = gethrtime();
1713 cmd->nc_state = NVME_CMD_QUEUED;
1714 taskq_dispatch_ent(qp->nq_cq->ncq_cmd_taskq, cmd->nc_callback,
1715 cmd, TQ_NOSLEEP, &cmd->nc_tqent);
1716 sema_v(&qp->nq_sema);
1717 mutex_exit(&qp->nq_mutex);
1718 return;
1719 }
1720
1721 /*
1722 * Try to insert the cmd into the active cmd array at the nq_next_cmd
1723 * slot. If the slot is already occupied advance to the next slot and
1724 * try again. This can happen for long running commands like async event
1725 * requests.
1726 */
1727 while (qp->nq_cmd[qp->nq_next_cmd] != NULL)
1728 qp->nq_next_cmd = (qp->nq_next_cmd + 1) % qp->nq_nentry;
1729 qp->nq_cmd[qp->nq_next_cmd] = cmd;
1730
1731 /*
1732 * We keep track of the number of active commands in this queue, and
1733 * the sum of the timeouts for those active commands.
1734 */
1735 qp->nq_active_cmds++;
1736 if (qtimeoutp != NULL)
1737 *qtimeoutp = qp->nq_active_timeout;
1738 qp->nq_active_timeout += cmd->nc_timeout;
1739
1740 cmd->nc_sqe.sqe_cid = qp->nq_next_cmd;
1741 bcopy(&cmd->nc_sqe, &qp->nq_sq[qp->nq_sqtail], sizeof (nvme_sqe_t));
1742 (void) ddi_dma_sync(qp->nq_sqdma->nd_dmah,
1743 sizeof (nvme_sqe_t) * qp->nq_sqtail,
1744 sizeof (nvme_sqe_t), DDI_DMA_SYNC_FORDEV);
1745 qp->nq_next_cmd = (qp->nq_next_cmd + 1) % qp->nq_nentry;
1746
1747 tail.b.sqtdbl_sqt = qp->nq_sqtail = (qp->nq_sqtail + 1) % qp->nq_nentry;
1748 nvme_put32(cmd->nc_nvme, qp->nq_sqtdbl, tail.r);
1749
1750 mutex_exit(&qp->nq_mutex);
1751 }
1752
1753 static nvme_cmd_t *
nvme_unqueue_cmd(nvme_t * nvme,nvme_qpair_t * qp,int cid)1754 nvme_unqueue_cmd(nvme_t *nvme, nvme_qpair_t *qp, int cid)
1755 {
1756 nvme_cmd_t *cmd;
1757
1758 ASSERT(mutex_owned(&qp->nq_mutex));
1759 ASSERT3S(cid, <, qp->nq_nentry);
1760
1761 cmd = qp->nq_cmd[cid];
1762 /*
1763 * Some controllers will erroneously add things to the completion queue
1764 * for which there is no matching outstanding command. If this happens,
1765 * it is almost certainly a controller firmware bug since nq_mutex
1766 * is held across command submission and ringing the queue doorbell,
1767 * and is also held in this function.
1768 *
1769 * If we see such an unexpected command, there is not much we can do.
1770 * These will be logged and counted in nvme_get_completed(), but
1771 * otherwise ignored.
1772 */
1773 if (cmd == NULL)
1774 return (NULL);
1775 qp->nq_cmd[cid] = NULL;
1776 ASSERT3U(qp->nq_active_cmds, >, 0);
1777 qp->nq_active_cmds--;
1778 ASSERT3U(qp->nq_active_timeout, >=, cmd->nc_timeout);
1779 qp->nq_active_timeout -= cmd->nc_timeout;
1780 sema_v(&qp->nq_sema);
1781
1782 ASSERT3P(cmd, !=, NULL);
1783 ASSERT3P(cmd->nc_nvme, ==, nvme);
1784 ASSERT3S(cmd->nc_sqe.sqe_cid, ==, cid);
1785
1786 return (cmd);
1787 }
1788
1789 /*
1790 * This is called when an admin abort has failed to complete, once for the
1791 * original command and once for the abort itself. At this point the controller
1792 * has been marked dead. The commands are considered lost, de-queued if
1793 * possible, and placed on a global lost commands list so that they cannot be
1794 * freed and so that any DMA memory they have have is not re-used.
1795 */
1796 static void
nvme_lost_cmd(nvme_t * nvme,nvme_cmd_t * cmd)1797 nvme_lost_cmd(nvme_t *nvme, nvme_cmd_t *cmd)
1798 {
1799 ASSERT(mutex_owned(&cmd->nc_mutex));
1800
1801 switch (cmd->nc_state) {
1802 case NVME_CMD_SUBMITTED: {
1803 nvme_qpair_t *qp = nvme->n_ioq[cmd->nc_sqid];
1804
1805 /*
1806 * The command is still in the submitted state, meaning that we
1807 * have not processed a completion queue entry for it. De-queue
1808 * should be successful and if the hardware does later report
1809 * completion we'll skip it as a command for which we aren't
1810 * expecting a response (see nvme_unqueue_cmd()).
1811 */
1812 mutex_enter(&qp->nq_mutex);
1813 (void) nvme_unqueue_cmd(nvme, qp, cmd->nc_sqe.sqe_cid);
1814 mutex_exit(&qp->nq_mutex);
1815 }
1816 case NVME_CMD_ALLOCATED:
1817 case NVME_CMD_COMPLETED:
1818 /*
1819 * If the command has not been submitted, or has completed,
1820 * there is nothing to do here. In the event of an abort
1821 * command timeout, we can end up here in the process of
1822 * "losing" the original command. It's possible that command
1823 * has actually completed (or been queued on the taskq) in the
1824 * interim.
1825 */
1826 break;
1827 case NVME_CMD_QUEUED:
1828 /*
1829 * The command is on the taskq, awaiting callback. This should
1830 * be fairly rapid so wait for completion.
1831 */
1832 while (cmd->nc_state != NVME_CMD_COMPLETED)
1833 cv_wait(&cmd->nc_cv, &cmd->nc_mutex);
1834 break;
1835 case NVME_CMD_LOST:
1836 dev_err(cmd->nc_nvme->n_dip, CE_PANIC,
1837 "%s: command %p already lost", __func__, (void *)cmd);
1838 break;
1839 }
1840
1841 cmd->nc_state = NVME_CMD_LOST;
1842
1843 mutex_enter(&nvme_lc_mutex);
1844 list_insert_head(&nvme_lost_cmds, cmd);
1845 mutex_exit(&nvme_lc_mutex);
1846 }
1847
1848 /*
1849 * Get the command tied to the next completed cqe and bump along completion
1850 * queue head counter.
1851 */
1852 static nvme_cmd_t *
nvme_get_completed(nvme_t * nvme,nvme_cq_t * cq)1853 nvme_get_completed(nvme_t *nvme, nvme_cq_t *cq)
1854 {
1855 nvme_qpair_t *qp;
1856 nvme_cqe_t *cqe;
1857 nvme_cmd_t *cmd;
1858
1859 ASSERT(mutex_owned(&cq->ncq_mutex));
1860
1861 retry:
1862 cqe = &cq->ncq_cq[cq->ncq_head];
1863
1864 /* Check phase tag of CQE. Hardware inverts it for new entries. */
1865 if (cqe->cqe_sf.sf_p == cq->ncq_phase)
1866 return (NULL);
1867
1868 qp = nvme->n_ioq[cqe->cqe_sqid];
1869
1870 mutex_enter(&qp->nq_mutex);
1871 cmd = nvme_unqueue_cmd(nvme, qp, cqe->cqe_cid);
1872 mutex_exit(&qp->nq_mutex);
1873
1874 qp->nq_sqhead = cqe->cqe_sqhd;
1875 cq->ncq_head = (cq->ncq_head + 1) % cq->ncq_nentry;
1876
1877 /* Toggle phase on wrap-around. */
1878 if (cq->ncq_head == 0)
1879 cq->ncq_phase = cq->ncq_phase != 0 ? 0 : 1;
1880
1881 if (cmd == NULL) {
1882 dev_err(nvme->n_dip, CE_WARN,
1883 "!received completion for unknown cid 0x%x", cqe->cqe_cid);
1884 NVME_BUMP_STAT(nvme, unknown_cid);
1885 /*
1886 * We want to ignore this unexpected completion entry as it
1887 * is most likely a result of a bug in the controller firmware.
1888 * However, if we return NULL, then callers will assume there
1889 * are no more pending commands for this wakeup. Retry to keep
1890 * enumerating commands until the phase tag indicates there are
1891 * no more and we are really done.
1892 */
1893 goto retry;
1894 }
1895
1896 ASSERT3U(cmd->nc_sqid, ==, cqe->cqe_sqid);
1897 bcopy(cqe, &cmd->nc_cqe, sizeof (nvme_cqe_t));
1898
1899 return (cmd);
1900 }
1901
1902 /*
1903 * Process all completed commands on the io completion queue.
1904 */
1905 static uint_t
nvme_process_iocq(nvme_t * nvme,nvme_cq_t * cq)1906 nvme_process_iocq(nvme_t *nvme, nvme_cq_t *cq)
1907 {
1908 nvme_reg_cqhdbl_t head = { 0 };
1909 nvme_cmd_t *cmd;
1910 uint_t completed = 0;
1911
1912 if (ddi_dma_sync(cq->ncq_dma->nd_dmah, 0, 0, DDI_DMA_SYNC_FORKERNEL) !=
1913 DDI_SUCCESS)
1914 dev_err(nvme->n_dip, CE_WARN, "!ddi_dma_sync() failed in %s",
1915 __func__);
1916
1917 mutex_enter(&cq->ncq_mutex);
1918
1919 while ((cmd = nvme_get_completed(nvme, cq)) != NULL) {
1920 /*
1921 * NVME_CMD_F_USELOCK is applied to all commands which are
1922 * going to be waited for by another thread in nvme_wait_cmd
1923 * and indicates that the lock should be taken before modifying
1924 * protected fields, and that the mutex has been initialised.
1925 * Commands which do not require the mutex to be held have not
1926 * initialised it (to reduce overhead).
1927 */
1928 if ((cmd->nc_flags & NVME_CMD_F_USELOCK) != 0) {
1929 mutex_enter(&cmd->nc_mutex);
1930 /*
1931 * The command could have been de-queued as lost while
1932 * we waited on the lock, in which case we drop it.
1933 */
1934 if (cmd->nc_state == NVME_CMD_LOST) {
1935 mutex_exit(&cmd->nc_mutex);
1936 completed++;
1937 continue;
1938 }
1939 }
1940 cmd->nc_queue_ts = gethrtime();
1941 cmd->nc_state = NVME_CMD_QUEUED;
1942 if ((cmd->nc_flags & NVME_CMD_F_USELOCK) != 0)
1943 mutex_exit(&cmd->nc_mutex);
1944 taskq_dispatch_ent(cq->ncq_cmd_taskq, cmd->nc_callback, cmd,
1945 TQ_NOSLEEP, &cmd->nc_tqent);
1946
1947 completed++;
1948 }
1949
1950 if (completed > 0) {
1951 /*
1952 * Update the completion queue head doorbell.
1953 */
1954 head.b.cqhdbl_cqh = cq->ncq_head;
1955 nvme_put32(nvme, cq->ncq_hdbl, head.r);
1956 }
1957
1958 mutex_exit(&cq->ncq_mutex);
1959
1960 return (completed);
1961 }
1962
1963 static nvme_cmd_t *
nvme_retrieve_cmd(nvme_t * nvme,nvme_qpair_t * qp)1964 nvme_retrieve_cmd(nvme_t *nvme, nvme_qpair_t *qp)
1965 {
1966 nvme_cq_t *cq = qp->nq_cq;
1967 nvme_reg_cqhdbl_t head = { 0 };
1968 nvme_cmd_t *cmd;
1969
1970 if (ddi_dma_sync(cq->ncq_dma->nd_dmah, 0, 0, DDI_DMA_SYNC_FORKERNEL) !=
1971 DDI_SUCCESS)
1972 dev_err(nvme->n_dip, CE_WARN, "!ddi_dma_sync() failed in %s",
1973 __func__);
1974
1975 mutex_enter(&cq->ncq_mutex);
1976
1977 if ((cmd = nvme_get_completed(nvme, cq)) != NULL) {
1978 head.b.cqhdbl_cqh = cq->ncq_head;
1979 nvme_put32(nvme, cq->ncq_hdbl, head.r);
1980 }
1981
1982 mutex_exit(&cq->ncq_mutex);
1983
1984 return (cmd);
1985 }
1986
1987 static int
nvme_check_unknown_cmd_status(nvme_cmd_t * cmd)1988 nvme_check_unknown_cmd_status(nvme_cmd_t *cmd)
1989 {
1990 nvme_cqe_t *cqe = &cmd->nc_cqe;
1991
1992 dev_err(cmd->nc_nvme->n_dip, CE_WARN,
1993 "!unknown command status received: opc = %x, sqid = %d, cid = %d, "
1994 "sc = %x, sct = %x, dnr = %d, m = %d", cmd->nc_sqe.sqe_opc,
1995 cqe->cqe_sqid, cqe->cqe_cid, cqe->cqe_sf.sf_sc, cqe->cqe_sf.sf_sct,
1996 cqe->cqe_sf.sf_dnr, cqe->cqe_sf.sf_m);
1997
1998 if (cmd->nc_xfer != NULL)
1999 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ);
2000
2001 if (cmd->nc_nvme->n_strict_version) {
2002 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2003 }
2004
2005 return (EIO);
2006 }
2007
2008 static int
nvme_check_vendor_cmd_status(nvme_cmd_t * cmd)2009 nvme_check_vendor_cmd_status(nvme_cmd_t *cmd)
2010 {
2011 nvme_cqe_t *cqe = &cmd->nc_cqe;
2012
2013 dev_err(cmd->nc_nvme->n_dip, CE_WARN,
2014 "!unknown command status received: opc = %x, sqid = %d, cid = %d, "
2015 "sc = %x, sct = %x, dnr = %d, m = %d", cmd->nc_sqe.sqe_opc,
2016 cqe->cqe_sqid, cqe->cqe_cid, cqe->cqe_sf.sf_sc, cqe->cqe_sf.sf_sct,
2017 cqe->cqe_sf.sf_dnr, cqe->cqe_sf.sf_m);
2018 if (!cmd->nc_nvme->n_ignore_unknown_vendor_status) {
2019 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2020 }
2021
2022 return (EIO);
2023 }
2024
2025 static int
nvme_check_integrity_cmd_status(nvme_cmd_t * cmd)2026 nvme_check_integrity_cmd_status(nvme_cmd_t *cmd)
2027 {
2028 nvme_cqe_t *cqe = &cmd->nc_cqe;
2029
2030 switch (cqe->cqe_sf.sf_sc) {
2031 case NVME_CQE_SC_INT_NVM_WRITE:
2032 /* write fail */
2033 /* TODO: post ereport */
2034 if (cmd->nc_xfer != NULL)
2035 bd_error(cmd->nc_xfer, BD_ERR_MEDIA);
2036 return (EIO);
2037
2038 case NVME_CQE_SC_INT_NVM_READ:
2039 /* read fail */
2040 /* TODO: post ereport */
2041 if (cmd->nc_xfer != NULL)
2042 bd_error(cmd->nc_xfer, BD_ERR_MEDIA);
2043 return (EIO);
2044
2045 default:
2046 return (nvme_check_unknown_cmd_status(cmd));
2047 }
2048 }
2049
2050 static int
nvme_check_generic_cmd_status(nvme_cmd_t * cmd)2051 nvme_check_generic_cmd_status(nvme_cmd_t *cmd)
2052 {
2053 nvme_cqe_t *cqe = &cmd->nc_cqe;
2054
2055 switch (cqe->cqe_sf.sf_sc) {
2056 case NVME_CQE_SC_GEN_SUCCESS:
2057 return (0);
2058
2059 /*
2060 * Errors indicating a bug in the driver should cause a panic.
2061 */
2062 case NVME_CQE_SC_GEN_INV_OPC:
2063 /* Invalid Command Opcode */
2064 NVME_BUMP_STAT(cmd->nc_nvme, inv_cmd_err);
2065 if ((cmd->nc_flags & NVME_CMD_F_DONTPANIC) == 0) {
2066 dev_err(cmd->nc_nvme->n_dip, CE_PANIC,
2067 "programming error: invalid opcode in cmd %p",
2068 (void *)cmd);
2069 }
2070 return (EINVAL);
2071
2072 case NVME_CQE_SC_GEN_INV_FLD:
2073 /* Invalid Field in Command */
2074 NVME_BUMP_STAT(cmd->nc_nvme, inv_field_err);
2075 if ((cmd->nc_flags & NVME_CMD_F_DONTPANIC) == 0) {
2076 dev_err(cmd->nc_nvme->n_dip, CE_PANIC,
2077 "programming error: invalid field in cmd %p",
2078 (void *)cmd);
2079 }
2080 return (EIO);
2081
2082 case NVME_CQE_SC_GEN_ID_CNFL:
2083 /* Command ID Conflict */
2084 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: "
2085 "cmd ID conflict in cmd %p", (void *)cmd);
2086 return (0);
2087
2088 case NVME_CQE_SC_GEN_INV_NS:
2089 /* Invalid Namespace or Format */
2090 NVME_BUMP_STAT(cmd->nc_nvme, inv_nsfmt_err);
2091 if ((cmd->nc_flags & NVME_CMD_F_DONTPANIC) == 0) {
2092 dev_err(cmd->nc_nvme->n_dip, CE_PANIC,
2093 "programming error: invalid NS/format in cmd %p",
2094 (void *)cmd);
2095 }
2096 return (EINVAL);
2097
2098 case NVME_CQE_SC_GEN_CMD_SEQ_ERR:
2099 /*
2100 * Command Sequence Error
2101 *
2102 * This can be generated normally by user log page requests that
2103 * come out of order (e.g. getting the persistent event log
2104 * without establishing the context). If the kernel manages this
2105 * on its own then that's problematic.
2106 */
2107 NVME_BUMP_STAT(cmd->nc_nvme, inv_cmdseq_err);
2108 if ((cmd->nc_flags & NVME_CMD_F_DONTPANIC) == 0) {
2109 dev_err(cmd->nc_nvme->n_dip, CE_PANIC,
2110 "programming error: command sequencing error %p",
2111 (void *)cmd);
2112 }
2113 return (EINVAL);
2114
2115 case NVME_CQE_SC_GEN_NVM_LBA_RANGE:
2116 /* LBA Out Of Range */
2117 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: "
2118 "LBA out of range in cmd %p", (void *)cmd);
2119 return (0);
2120
2121 /*
2122 * Non-fatal errors, handle gracefully.
2123 */
2124 case NVME_CQE_SC_GEN_DATA_XFR_ERR:
2125 /* Data Transfer Error (DMA) */
2126 /* TODO: post ereport */
2127 NVME_BUMP_STAT(cmd->nc_nvme, data_xfr_err);
2128 if (cmd->nc_xfer != NULL)
2129 bd_error(cmd->nc_xfer, BD_ERR_NTRDY);
2130 return (EIO);
2131
2132 case NVME_CQE_SC_GEN_INTERNAL_ERR:
2133 /*
2134 * Internal Error. The spec (v1.0, section 4.5.1.2) says
2135 * detailed error information is returned as async event,
2136 * so we pretty much ignore the error here and handle it
2137 * in the async event handler.
2138 */
2139 NVME_BUMP_STAT(cmd->nc_nvme, internal_err);
2140 if (cmd->nc_xfer != NULL)
2141 bd_error(cmd->nc_xfer, BD_ERR_NTRDY);
2142 return (EIO);
2143
2144 case NVME_CQE_SC_GEN_ABORT_REQUEST:
2145 /*
2146 * Command Abort Requested. This normally happens only when a
2147 * command times out.
2148 */
2149 /* TODO: post ereport or change blkdev to handle this? */
2150 NVME_BUMP_STAT(cmd->nc_nvme, abort_rq_err);
2151 return (ECANCELED);
2152
2153 case NVME_CQE_SC_GEN_ABORT_PWRLOSS:
2154 /* Command Aborted due to Power Loss Notification */
2155 NVME_BUMP_STAT(cmd->nc_nvme, abort_pwrloss_err);
2156 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2157 return (EIO);
2158
2159 case NVME_CQE_SC_GEN_ABORT_SQ_DEL:
2160 /* Command Aborted due to SQ Deletion */
2161 NVME_BUMP_STAT(cmd->nc_nvme, abort_sq_del);
2162 return (EIO);
2163
2164 case NVME_CQE_SC_GEN_NVM_CAP_EXC:
2165 /* Capacity Exceeded */
2166 NVME_BUMP_STAT(cmd->nc_nvme, nvm_cap_exc);
2167 if (cmd->nc_xfer != NULL)
2168 bd_error(cmd->nc_xfer, BD_ERR_MEDIA);
2169 return (EIO);
2170
2171 case NVME_CQE_SC_GEN_NVM_NS_NOTRDY:
2172 /* Namespace Not Ready */
2173 NVME_BUMP_STAT(cmd->nc_nvme, nvm_ns_notrdy);
2174 if (cmd->nc_xfer != NULL)
2175 bd_error(cmd->nc_xfer, BD_ERR_NTRDY);
2176 return (EIO);
2177
2178 case NVME_CQE_SC_GEN_NVM_FORMATTING:
2179 /* Format in progress (1.2) */
2180 if (!NVME_VERSION_ATLEAST(&cmd->nc_nvme->n_version, 1, 2))
2181 return (nvme_check_unknown_cmd_status(cmd));
2182 NVME_BUMP_STAT(cmd->nc_nvme, nvm_ns_formatting);
2183 if (cmd->nc_xfer != NULL)
2184 bd_error(cmd->nc_xfer, BD_ERR_NTRDY);
2185 return (EIO);
2186
2187 default:
2188 return (nvme_check_unknown_cmd_status(cmd));
2189 }
2190 }
2191
2192 static int
nvme_check_specific_cmd_status(nvme_cmd_t * cmd)2193 nvme_check_specific_cmd_status(nvme_cmd_t *cmd)
2194 {
2195 nvme_cqe_t *cqe = &cmd->nc_cqe;
2196
2197 switch (cqe->cqe_sf.sf_sc) {
2198 case NVME_CQE_SC_SPC_INV_CQ:
2199 /* Completion Queue Invalid */
2200 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE);
2201 NVME_BUMP_STAT(cmd->nc_nvme, inv_cq_err);
2202 return (EINVAL);
2203
2204 case NVME_CQE_SC_SPC_INV_QID:
2205 /* Invalid Queue Identifier */
2206 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE ||
2207 cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_SQUEUE ||
2208 cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE ||
2209 cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_CQUEUE);
2210 NVME_BUMP_STAT(cmd->nc_nvme, inv_qid_err);
2211 return (EINVAL);
2212
2213 case NVME_CQE_SC_SPC_MAX_QSZ_EXC:
2214 /* Max Queue Size Exceeded */
2215 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE ||
2216 cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE);
2217 NVME_BUMP_STAT(cmd->nc_nvme, max_qsz_exc);
2218 return (EINVAL);
2219
2220 case NVME_CQE_SC_SPC_ABRT_CMD_EXC:
2221 /* Abort Command Limit Exceeded */
2222 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_ABORT);
2223 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: "
2224 "abort command limit exceeded in cmd %p", (void *)cmd);
2225 return (0);
2226
2227 case NVME_CQE_SC_SPC_ASYNC_EVREQ_EXC:
2228 /* Async Event Request Limit Exceeded */
2229 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_ASYNC_EVENT);
2230 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: "
2231 "async event request limit exceeded in cmd %p",
2232 (void *)cmd);
2233 return (0);
2234
2235 case NVME_CQE_SC_SPC_INV_INT_VECT:
2236 /* Invalid Interrupt Vector */
2237 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE);
2238 NVME_BUMP_STAT(cmd->nc_nvme, inv_int_vect);
2239 return (EINVAL);
2240
2241 case NVME_CQE_SC_SPC_INV_LOG_PAGE:
2242 /* Invalid Log Page */
2243 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_GET_LOG_PAGE);
2244 NVME_BUMP_STAT(cmd->nc_nvme, inv_log_page);
2245 return (EINVAL);
2246
2247 case NVME_CQE_SC_SPC_INV_FORMAT:
2248 /* Invalid Format */
2249 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_FORMAT);
2250 NVME_BUMP_STAT(cmd->nc_nvme, inv_format);
2251 if (cmd->nc_xfer != NULL)
2252 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ);
2253 return (EINVAL);
2254
2255 case NVME_CQE_SC_SPC_INV_Q_DEL:
2256 /* Invalid Queue Deletion */
2257 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_CQUEUE);
2258 NVME_BUMP_STAT(cmd->nc_nvme, inv_q_del);
2259 return (EINVAL);
2260
2261 case NVME_CQE_SC_SPC_NVM_CNFL_ATTR:
2262 /* Conflicting Attributes */
2263 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_DSET_MGMT ||
2264 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_READ ||
2265 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE);
2266 NVME_BUMP_STAT(cmd->nc_nvme, cnfl_attr);
2267 if (cmd->nc_xfer != NULL)
2268 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ);
2269 return (EINVAL);
2270
2271 case NVME_CQE_SC_SPC_NVM_INV_PROT:
2272 /* Invalid Protection Information */
2273 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_COMPARE ||
2274 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_READ ||
2275 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE);
2276 NVME_BUMP_STAT(cmd->nc_nvme, inv_prot);
2277 if (cmd->nc_xfer != NULL)
2278 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ);
2279 return (EINVAL);
2280
2281 case NVME_CQE_SC_SPC_NVM_READONLY:
2282 /* Write to Read Only Range */
2283 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE);
2284 NVME_BUMP_STAT(cmd->nc_nvme, readonly);
2285 if (cmd->nc_xfer != NULL)
2286 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ);
2287 return (EROFS);
2288
2289 case NVME_CQE_SC_SPC_INV_FW_SLOT:
2290 /* Invalid Firmware Slot */
2291 NVME_BUMP_STAT(cmd->nc_nvme, inv_fwslot);
2292 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2293 return (EINVAL);
2294
2295 case NVME_CQE_SC_SPC_INV_FW_IMG:
2296 /* Invalid Firmware Image */
2297 NVME_BUMP_STAT(cmd->nc_nvme, inv_fwimg);
2298 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2299 return (EINVAL);
2300
2301 case NVME_CQE_SC_SPC_FW_RESET:
2302 /* Conventional Reset Required */
2303 NVME_BUMP_STAT(cmd->nc_nvme, fwact_creset);
2304 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2305 return (0);
2306
2307 case NVME_CQE_SC_SPC_FW_NSSR:
2308 /* NVMe Subsystem Reset Required */
2309 NVME_BUMP_STAT(cmd->nc_nvme, fwact_nssr);
2310 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2311 return (0);
2312
2313 case NVME_CQE_SC_SPC_FW_NEXT_RESET:
2314 /* Activation Requires Reset */
2315 NVME_BUMP_STAT(cmd->nc_nvme, fwact_reset);
2316 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2317 return (0);
2318
2319 case NVME_CQE_SC_SPC_FW_MTFA:
2320 /* Activation Requires Maximum Time Violation */
2321 NVME_BUMP_STAT(cmd->nc_nvme, fwact_mtfa);
2322 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2323 return (EAGAIN);
2324
2325 case NVME_CQE_SC_SPC_FW_PROHIBITED:
2326 /* Activation Prohibited */
2327 NVME_BUMP_STAT(cmd->nc_nvme, fwact_prohibited);
2328 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2329 return (EINVAL);
2330
2331 case NVME_CQE_SC_SPC_FW_OVERLAP:
2332 /* Overlapping Firmware Ranges */
2333 NVME_BUMP_STAT(cmd->nc_nvme, fw_overlap);
2334 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_FW_IMAGE_LOAD ||
2335 cmd->nc_sqe.sqe_opc == NVME_OPC_FW_ACTIVATE);
2336 return (EINVAL);
2337
2338 default:
2339 return (nvme_check_unknown_cmd_status(cmd));
2340 }
2341 }
2342
2343 static inline int
nvme_check_cmd_status(nvme_cmd_t * cmd)2344 nvme_check_cmd_status(nvme_cmd_t *cmd)
2345 {
2346 nvme_cqe_t *cqe = &cmd->nc_cqe;
2347
2348 /*
2349 * Take a shortcut if the controller is dead, or if
2350 * command status indicates no error.
2351 */
2352 if (cmd->nc_nvme->n_dead)
2353 return (EIO);
2354
2355 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC &&
2356 cqe->cqe_sf.sf_sc == NVME_CQE_SC_GEN_SUCCESS)
2357 return (0);
2358
2359 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC)
2360 return (nvme_check_generic_cmd_status(cmd));
2361 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_SPECIFIC)
2362 return (nvme_check_specific_cmd_status(cmd));
2363 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_INTEGRITY)
2364 return (nvme_check_integrity_cmd_status(cmd));
2365 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_VENDOR)
2366 return (nvme_check_vendor_cmd_status(cmd));
2367
2368 return (nvme_check_unknown_cmd_status(cmd));
2369 }
2370
2371 /*
2372 * Check the command status as used by an ioctl path and do not convert it to an
2373 * errno. We still allow all the command status checking to occur, but otherwise
2374 * will pass back the controller error as is.
2375 */
2376 static boolean_t
nvme_check_cmd_status_ioctl(nvme_cmd_t * cmd,nvme_ioctl_common_t * ioc)2377 nvme_check_cmd_status_ioctl(nvme_cmd_t *cmd, nvme_ioctl_common_t *ioc)
2378 {
2379 nvme_cqe_t *cqe = &cmd->nc_cqe;
2380 nvme_t *nvme = cmd->nc_nvme;
2381
2382 if (nvme->n_dead) {
2383 return (nvme_ioctl_error(ioc, nvme->n_dead_status, 0, 0));
2384 }
2385
2386 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC &&
2387 cqe->cqe_sf.sf_sc == NVME_CQE_SC_GEN_SUCCESS)
2388 return (B_TRUE);
2389
2390 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC) {
2391 (void) nvme_check_generic_cmd_status(cmd);
2392 } else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_SPECIFIC) {
2393 (void) nvme_check_specific_cmd_status(cmd);
2394 } else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_INTEGRITY) {
2395 (void) nvme_check_integrity_cmd_status(cmd);
2396 } else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_VENDOR) {
2397 (void) nvme_check_vendor_cmd_status(cmd);
2398 } else {
2399 (void) nvme_check_unknown_cmd_status(cmd);
2400 }
2401
2402 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_CTRL_ERROR,
2403 cqe->cqe_sf.sf_sct, cqe->cqe_sf.sf_sc));
2404 }
2405
2406 static int
nvme_abort_cmd(nvme_cmd_t * cmd,const uint32_t sec)2407 nvme_abort_cmd(nvme_cmd_t *cmd, const uint32_t sec)
2408 {
2409 nvme_t *nvme = cmd->nc_nvme;
2410 nvme_cmd_t *abort_cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
2411 nvme_abort_cmd_t ac = { 0 };
2412 int ret = 0;
2413
2414 sema_p(&nvme->n_abort_sema);
2415
2416 ac.b.ac_cid = cmd->nc_sqe.sqe_cid;
2417 ac.b.ac_sqid = cmd->nc_sqid;
2418
2419 abort_cmd->nc_sqid = 0;
2420 abort_cmd->nc_sqe.sqe_opc = NVME_OPC_ABORT;
2421 abort_cmd->nc_callback = nvme_wakeup_cmd;
2422 abort_cmd->nc_sqe.sqe_cdw10 = ac.r;
2423
2424 /*
2425 * Send the ABORT to the hardware. The ABORT command will return _after_
2426 * the aborted command has completed (aborted or otherwise) so we must
2427 * drop the aborted command's lock to allow it to complete.
2428 * We want to allow at least `nvme_abort_cmd_timeout` seconds for the
2429 * abort to be processed, but more if we are aborting a long-running
2430 * command to give that time to complete/abort too.
2431 */
2432 mutex_exit(&cmd->nc_mutex);
2433 nvme_admin_cmd(abort_cmd, MAX(nvme_abort_cmd_timeout, sec));
2434 mutex_enter(&cmd->nc_mutex);
2435
2436 sema_v(&nvme->n_abort_sema);
2437
2438 /*
2439 * If the abort command itself has timed out, it will have been
2440 * de-queued so that its callback will not be called after this point,
2441 * and its state will be NVME_CMD_LOST.
2442 *
2443 * nvme_admin_cmd(abort_cmd)
2444 * -> nvme_wait_cmd(abort_cmd)
2445 * -> nvme_cmd(abort_cmd)
2446 * | -> nvme_admin_cmd(cmd)
2447 * | -> nvme_wait_cmd(cmd)
2448 * | -> nvme_ctrl_mark_dead()
2449 * | -> nvme_lost_cmd(cmd)
2450 * | -> cmd->nc_stat = NVME_CMD_LOST
2451 * and here we are.
2452 */
2453 if (abort_cmd->nc_state == NVME_CMD_LOST) {
2454 dev_err(nvme->n_dip, CE_WARN,
2455 "!ABORT of command %d/%d timed out",
2456 cmd->nc_sqe.sqe_cid, cmd->nc_sqid);
2457 NVME_BUMP_STAT(nvme, abort_timeout);
2458 ret = EIO;
2459 } else if ((ret = nvme_check_cmd_status(abort_cmd)) != 0) {
2460 dev_err(nvme->n_dip, CE_WARN,
2461 "!ABORT of command %d/%d "
2462 "failed with sct = %x, sc = %x",
2463 cmd->nc_sqe.sqe_cid, cmd->nc_sqid,
2464 abort_cmd->nc_cqe.cqe_sf.sf_sct,
2465 abort_cmd->nc_cqe.cqe_sf.sf_sc);
2466 NVME_BUMP_STAT(nvme, abort_failed);
2467 } else {
2468 boolean_t success = ((abort_cmd->nc_cqe.cqe_dw0 & 1) == 0);
2469
2470 dev_err(nvme->n_dip, CE_WARN,
2471 "!ABORT of command %d/%d %ssuccessful",
2472 cmd->nc_sqe.sqe_cid, cmd->nc_sqid,
2473 success ? "" : "un");
2474
2475 if (success) {
2476 NVME_BUMP_STAT(nvme, abort_successful);
2477 } else {
2478 NVME_BUMP_STAT(nvme, abort_unsuccessful);
2479 }
2480 }
2481
2482 /*
2483 * This abort abort_cmd has either completed or been de-queued as
2484 * lost in nvme_wait_cmd. Either way it's safe to free it here.
2485 */
2486 nvme_free_cmd(abort_cmd);
2487
2488 return (ret);
2489 }
2490
2491 /*
2492 * nvme_wait_cmd -- wait for command completion or timeout
2493 *
2494 * In case of a serious error or a timeout of the abort command the hardware
2495 * will be declared dead and FMA will be notified.
2496 */
2497 static void
nvme_wait_cmd(nvme_cmd_t * cmd,uint32_t sec)2498 nvme_wait_cmd(nvme_cmd_t *cmd, uint32_t sec)
2499 {
2500 nvme_t *nvme = cmd->nc_nvme;
2501 nvme_reg_csts_t csts;
2502
2503 ASSERT(mutex_owned(&cmd->nc_mutex));
2504
2505 while (cmd->nc_state != NVME_CMD_COMPLETED) {
2506 clock_t timeout = ddi_get_lbolt() +
2507 drv_usectohz((long)sec * MICROSEC);
2508
2509 if (cv_timedwait(&cmd->nc_cv, &cmd->nc_mutex, timeout) == -1) {
2510 /*
2511 * If this command is on the task queue then we don't
2512 * consider it to have timed out. We are waiting for
2513 * the callback to be invoked, the timing of which can
2514 * be affected by system load and should not count
2515 * against the device; continue to wait.
2516 * While this doesn't help deal with the possibility of
2517 * a command timing out between being placed on the CQ
2518 * and arriving on the taskq, we expect interrupts to
2519 * run fairly promptly making this a small window.
2520 */
2521 if (cmd->nc_state != NVME_CMD_QUEUED)
2522 break;
2523 }
2524 }
2525
2526 if (cmd->nc_state == NVME_CMD_COMPLETED) {
2527 DTRACE_PROBE1(nvme_admin_cmd_completed, nvme_cmd_t *, cmd);
2528 nvme_admin_stat_cmd(nvme, cmd);
2529 return;
2530 }
2531
2532 /*
2533 * The command timed out.
2534 */
2535
2536 DTRACE_PROBE1(nvme_admin_cmd_timeout, nvme_cmd_t *, cmd);
2537 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
2538 dev_err(nvme->n_dip, CE_WARN, "!command %d/%d timeout, "
2539 "OPC = %x, CFS = %d", cmd->nc_sqe.sqe_cid, cmd->nc_sqid,
2540 cmd->nc_sqe.sqe_opc, csts.b.csts_cfs);
2541 NVME_BUMP_STAT(nvme, cmd_timeout);
2542
2543 /*
2544 * Check controller for fatal status, any errors associated with the
2545 * register or DMA handle, or for a double timeout (abort command timed
2546 * out). If necessary log a warning and call FMA.
2547 */
2548 if (csts.b.csts_cfs ||
2549 nvme_check_regs_hdl(nvme) ||
2550 nvme_check_dma_hdl(cmd->nc_dma) ||
2551 cmd->nc_sqe.sqe_opc == NVME_OPC_ABORT) {
2552 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2553 nvme_lost_cmd(nvme, cmd);
2554 return;
2555 }
2556
2557 /* Issue an abort for the command that has timed out */
2558 if (nvme_abort_cmd(cmd, sec) == 0) {
2559 /*
2560 * If the abort completed, whether or not it was
2561 * successful in aborting the command, that command
2562 * will also have completed with an appropriate
2563 * status.
2564 */
2565 while (cmd->nc_state != NVME_CMD_COMPLETED)
2566 cv_wait(&cmd->nc_cv, &cmd->nc_mutex);
2567 return;
2568 }
2569
2570 /*
2571 * Otherwise, the abort has also timed out or failed, which
2572 * will have marked the controller dead. De-queue the original command
2573 * and add it to the lost commands list.
2574 */
2575 VERIFY(cmd->nc_nvme->n_dead);
2576 nvme_lost_cmd(nvme, cmd);
2577 }
2578
2579 static void
nvme_wakeup_cmd(void * arg)2580 nvme_wakeup_cmd(void *arg)
2581 {
2582 nvme_cmd_t *cmd = arg;
2583
2584 ASSERT(cmd->nc_flags & NVME_CMD_F_USELOCK);
2585
2586 mutex_enter(&cmd->nc_mutex);
2587 cmd->nc_state = NVME_CMD_COMPLETED;
2588 cv_signal(&cmd->nc_cv);
2589 mutex_exit(&cmd->nc_mutex);
2590 }
2591
2592 static void
nvme_async_event_task(void * arg)2593 nvme_async_event_task(void *arg)
2594 {
2595 nvme_cmd_t *cmd = arg;
2596 nvme_t *nvme = cmd->nc_nvme;
2597 nvme_error_log_entry_t *error_log = NULL;
2598 nvme_health_log_t *health_log = NULL;
2599 nvme_nschange_list_t *nslist = NULL;
2600 size_t logsize = 0;
2601 nvme_async_event_t event;
2602
2603 /*
2604 * Check for errors associated with the async request itself. The only
2605 * command-specific error is "async event limit exceeded", which
2606 * indicates a programming error in the driver and causes a panic in
2607 * nvme_check_cmd_status().
2608 *
2609 * Other possible errors are various scenarios where the async request
2610 * was aborted, or internal errors in the device. Internal errors are
2611 * reported to FMA, the command aborts need no special handling here.
2612 *
2613 * And finally, at least qemu nvme does not support async events,
2614 * and will return NVME_CQE_SC_GEN_INV_OPC | DNR. If so, we
2615 * will avoid posting async events.
2616 */
2617
2618 if (nvme_check_cmd_status(cmd) != 0) {
2619 dev_err(cmd->nc_nvme->n_dip, CE_WARN,
2620 "!async event request returned failure, sct = 0x%x, "
2621 "sc = 0x%x, dnr = %d, m = %d", cmd->nc_cqe.cqe_sf.sf_sct,
2622 cmd->nc_cqe.cqe_sf.sf_sc, cmd->nc_cqe.cqe_sf.sf_dnr,
2623 cmd->nc_cqe.cqe_sf.sf_m);
2624
2625 if (cmd->nc_cqe.cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC &&
2626 cmd->nc_cqe.cqe_sf.sf_sc == NVME_CQE_SC_GEN_INTERNAL_ERR) {
2627 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2628 }
2629
2630 if (cmd->nc_cqe.cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC &&
2631 cmd->nc_cqe.cqe_sf.sf_sc == NVME_CQE_SC_GEN_INV_OPC &&
2632 cmd->nc_cqe.cqe_sf.sf_dnr == 1) {
2633 nvme->n_async_event_supported = B_FALSE;
2634 }
2635
2636 nvme_free_cmd(cmd);
2637 return;
2638 }
2639
2640 event.r = cmd->nc_cqe.cqe_dw0;
2641
2642 /* Clear CQE and re-submit the async request. */
2643 bzero(&cmd->nc_cqe, sizeof (nvme_cqe_t));
2644 nvme_submit_admin_cmd(nvme->n_adminq, cmd, NULL);
2645 cmd = NULL; /* cmd can no longer be used after resubmission */
2646
2647 switch (event.b.ae_type) {
2648 case NVME_ASYNC_TYPE_ERROR:
2649 if (event.b.ae_logpage == NVME_LOGPAGE_ERROR) {
2650 if (!nvme_get_logpage_int(nvme, B_FALSE,
2651 (void **)&error_log, &logsize,
2652 NVME_LOGPAGE_ERROR)) {
2653 return;
2654 }
2655 } else {
2656 dev_err(nvme->n_dip, CE_WARN, "!wrong logpage in "
2657 "async event reply: type=0x%x logpage=0x%x",
2658 event.b.ae_type, event.b.ae_logpage);
2659 NVME_BUMP_STAT(nvme, wrong_logpage);
2660 return;
2661 }
2662
2663 switch (event.b.ae_info) {
2664 case NVME_ASYNC_ERROR_INV_SQ:
2665 dev_err(nvme->n_dip, CE_PANIC, "programming error: "
2666 "invalid submission queue");
2667 return;
2668
2669 case NVME_ASYNC_ERROR_INV_DBL:
2670 dev_err(nvme->n_dip, CE_PANIC, "programming error: "
2671 "invalid doorbell write value");
2672 return;
2673
2674 case NVME_ASYNC_ERROR_DIAGFAIL:
2675 dev_err(nvme->n_dip, CE_WARN, "!diagnostic failure");
2676 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2677 NVME_BUMP_STAT(nvme, diagfail_event);
2678 break;
2679
2680 case NVME_ASYNC_ERROR_PERSISTENT:
2681 dev_err(nvme->n_dip, CE_WARN, "!persistent internal "
2682 "device error");
2683 nvme_ctrl_mark_dead(cmd->nc_nvme, B_FALSE);
2684 NVME_BUMP_STAT(nvme, persistent_event);
2685 break;
2686
2687 case NVME_ASYNC_ERROR_TRANSIENT:
2688 dev_err(nvme->n_dip, CE_WARN, "!transient internal "
2689 "device error");
2690 /* TODO: send ereport */
2691 NVME_BUMP_STAT(nvme, transient_event);
2692 break;
2693
2694 case NVME_ASYNC_ERROR_FW_LOAD:
2695 dev_err(nvme->n_dip, CE_WARN,
2696 "!firmware image load error");
2697 NVME_BUMP_STAT(nvme, fw_load_event);
2698 break;
2699 }
2700 break;
2701
2702 case NVME_ASYNC_TYPE_HEALTH:
2703 if (event.b.ae_logpage == NVME_LOGPAGE_HEALTH) {
2704 if (!nvme_get_logpage_int(nvme, B_FALSE,
2705 (void **)&health_log, &logsize,
2706 NVME_LOGPAGE_HEALTH)) {
2707 return;
2708 }
2709 } else {
2710 dev_err(nvme->n_dip, CE_WARN, "!wrong logpage in "
2711 "type=0x%x logpage=0x%x", event.b.ae_type,
2712 event.b.ae_logpage);
2713 NVME_BUMP_STAT(nvme, wrong_logpage);
2714 return;
2715 }
2716
2717 switch (event.b.ae_info) {
2718 case NVME_ASYNC_HEALTH_RELIABILITY:
2719 dev_err(nvme->n_dip, CE_WARN,
2720 "!device reliability compromised");
2721 /* TODO: send ereport */
2722 NVME_BUMP_STAT(nvme, reliability_event);
2723 break;
2724
2725 case NVME_ASYNC_HEALTH_TEMPERATURE:
2726 dev_err(nvme->n_dip, CE_WARN,
2727 "!temperature above threshold");
2728 /* TODO: send ereport */
2729 NVME_BUMP_STAT(nvme, temperature_event);
2730 break;
2731
2732 case NVME_ASYNC_HEALTH_SPARE:
2733 dev_err(nvme->n_dip, CE_WARN,
2734 "!spare space below threshold");
2735 /* TODO: send ereport */
2736 NVME_BUMP_STAT(nvme, spare_event);
2737 break;
2738 }
2739 break;
2740
2741 case NVME_ASYNC_TYPE_NOTICE:
2742 switch (event.b.ae_info) {
2743 case NVME_ASYNC_NOTICE_NS_CHANGE:
2744 if (event.b.ae_logpage != NVME_LOGPAGE_NSCHANGE) {
2745 dev_err(nvme->n_dip, CE_WARN,
2746 "!wrong logpage in async event reply: "
2747 "type=0x%x logpage=0x%x",
2748 event.b.ae_type, event.b.ae_logpage);
2749 NVME_BUMP_STAT(nvme, wrong_logpage);
2750 break;
2751 }
2752
2753 dev_err(nvme->n_dip, CE_NOTE,
2754 "namespace attribute change event, "
2755 "logpage = 0x%x", event.b.ae_logpage);
2756 NVME_BUMP_STAT(nvme, notice_event);
2757
2758 if (!nvme_get_logpage_int(nvme, B_FALSE,
2759 (void **)&nslist, &logsize,
2760 NVME_LOGPAGE_NSCHANGE)) {
2761 break;
2762 }
2763
2764 if (nslist->nscl_ns[0] == UINT32_MAX) {
2765 dev_err(nvme->n_dip, CE_CONT,
2766 "more than %u namespaces have changed.\n",
2767 NVME_NSCHANGE_LIST_SIZE);
2768 break;
2769 }
2770
2771 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
2772 for (uint_t i = 0; i < NVME_NSCHANGE_LIST_SIZE; i++) {
2773 uint32_t nsid = nslist->nscl_ns[i];
2774
2775 if (nsid == 0) /* end of list */
2776 break;
2777
2778 dev_err(nvme->n_dip, CE_NOTE,
2779 "!namespace nvme%d/%u has changed.",
2780 ddi_get_instance(nvme->n_dip), nsid);
2781
2782 if (nvme_init_ns(nvme, nsid) != DDI_SUCCESS)
2783 continue;
2784
2785 nvme_mgmt_bd_start(nvme);
2786 bd_state_change(nvme_nsid2ns(nvme,
2787 nsid)->ns_bd_hdl);
2788 nvme_mgmt_bd_end(nvme);
2789 }
2790 nvme_mgmt_unlock(nvme);
2791
2792 break;
2793
2794 case NVME_ASYNC_NOTICE_FW_ACTIVATE:
2795 dev_err(nvme->n_dip, CE_NOTE,
2796 "firmware activation starting, "
2797 "logpage = 0x%x", event.b.ae_logpage);
2798 NVME_BUMP_STAT(nvme, notice_event);
2799 break;
2800
2801 case NVME_ASYNC_NOTICE_TELEMETRY:
2802 dev_err(nvme->n_dip, CE_NOTE,
2803 "telemetry log changed, "
2804 "logpage = 0x%x", event.b.ae_logpage);
2805 NVME_BUMP_STAT(nvme, notice_event);
2806 break;
2807
2808 case NVME_ASYNC_NOTICE_NS_ASYMM:
2809 dev_err(nvme->n_dip, CE_NOTE,
2810 "asymmetric namespace access change, "
2811 "logpage = 0x%x", event.b.ae_logpage);
2812 NVME_BUMP_STAT(nvme, notice_event);
2813 break;
2814
2815 case NVME_ASYNC_NOTICE_LATENCYLOG:
2816 dev_err(nvme->n_dip, CE_NOTE,
2817 "predictable latency event aggregate log change, "
2818 "logpage = 0x%x", event.b.ae_logpage);
2819 NVME_BUMP_STAT(nvme, notice_event);
2820 break;
2821
2822 case NVME_ASYNC_NOTICE_LBASTATUS:
2823 dev_err(nvme->n_dip, CE_NOTE,
2824 "LBA status information alert, "
2825 "logpage = 0x%x", event.b.ae_logpage);
2826 NVME_BUMP_STAT(nvme, notice_event);
2827 break;
2828
2829 case NVME_ASYNC_NOTICE_ENDURANCELOG:
2830 dev_err(nvme->n_dip, CE_NOTE,
2831 "endurance group event aggregate log page change, "
2832 "logpage = 0x%x", event.b.ae_logpage);
2833 NVME_BUMP_STAT(nvme, notice_event);
2834 break;
2835
2836 default:
2837 dev_err(nvme->n_dip, CE_WARN,
2838 "!unknown notice async event received, "
2839 "info = 0x%x, logpage = 0x%x", event.b.ae_info,
2840 event.b.ae_logpage);
2841 NVME_BUMP_STAT(nvme, unknown_event);
2842 break;
2843 }
2844 break;
2845
2846 case NVME_ASYNC_TYPE_VENDOR:
2847 dev_err(nvme->n_dip, CE_WARN, "!vendor specific async event "
2848 "received, info = 0x%x, logpage = 0x%x", event.b.ae_info,
2849 event.b.ae_logpage);
2850 NVME_BUMP_STAT(nvme, vendor_event);
2851 break;
2852
2853 default:
2854 dev_err(nvme->n_dip, CE_WARN, "!unknown async event received, "
2855 "type = 0x%x, info = 0x%x, logpage = 0x%x", event.b.ae_type,
2856 event.b.ae_info, event.b.ae_logpage);
2857 NVME_BUMP_STAT(nvme, unknown_event);
2858 break;
2859 }
2860
2861 if (error_log != NULL)
2862 kmem_free(error_log, logsize);
2863
2864 if (health_log != NULL)
2865 kmem_free(health_log, logsize);
2866
2867 if (nslist != NULL)
2868 kmem_free(nslist, logsize);
2869 }
2870
2871 static void
nvme_admin_cmd(nvme_cmd_t * cmd,uint32_t sec)2872 nvme_admin_cmd(nvme_cmd_t *cmd, uint32_t sec)
2873 {
2874 uint32_t qtimeout;
2875
2876 ASSERT(cmd->nc_flags & NVME_CMD_F_USELOCK);
2877
2878 mutex_enter(&cmd->nc_mutex);
2879 cmd->nc_timeout = sec;
2880 nvme_submit_admin_cmd(cmd->nc_nvme->n_adminq, cmd, &qtimeout);
2881 /*
2882 * We will wait for a total of this command's specified timeout plus
2883 * the sum of the timeouts of any commands queued ahead of this one. If
2884 * we aren't first in the queue, this will inflate the timeout somewhat
2885 * but these times are not critical and it means that if we get stuck
2886 * behind a long running command such as a namespace format then we
2887 * won't time out and trigger an abort.
2888 */
2889 nvme_wait_cmd(cmd, sec + qtimeout);
2890 mutex_exit(&cmd->nc_mutex);
2891 }
2892
2893 static void
nvme_async_event(nvme_t * nvme)2894 nvme_async_event(nvme_t *nvme)
2895 {
2896 nvme_cmd_t *cmd;
2897
2898 cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
2899 cmd->nc_sqid = 0;
2900 cmd->nc_sqe.sqe_opc = NVME_OPC_ASYNC_EVENT;
2901 cmd->nc_callback = nvme_async_event_task;
2902 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
2903
2904 nvme_submit_admin_cmd(nvme->n_adminq, cmd, NULL);
2905 }
2906
2907 /*
2908 * There are commands such as format or vendor unique commands that are going to
2909 * manipulate the data in a namespace or destroy them, we make sure that none of
2910 * the ones that will be impacted are actually attached.
2911 */
2912 static boolean_t
nvme_no_blkdev_attached(nvme_t * nvme,uint32_t nsid)2913 nvme_no_blkdev_attached(nvme_t *nvme, uint32_t nsid)
2914 {
2915 ASSERT(nvme_mgmt_lock_held(nvme));
2916 ASSERT3U(nsid, !=, 0);
2917
2918 if (nsid != NVME_NSID_BCAST) {
2919 nvme_namespace_t *ns = nvme_nsid2ns(nvme, nsid);
2920 return (!ns->ns_attached);
2921 }
2922
2923 for (uint32_t i = 1; i <= nvme->n_namespace_count; i++) {
2924 nvme_namespace_t *ns = nvme_nsid2ns(nvme, i);
2925
2926 if (ns->ns_attached) {
2927 return (B_FALSE);
2928 }
2929 }
2930
2931 return (B_TRUE);
2932 }
2933
2934 static boolean_t
nvme_format_nvm(nvme_t * nvme,nvme_ioctl_format_t * ioc)2935 nvme_format_nvm(nvme_t *nvme, nvme_ioctl_format_t *ioc)
2936 {
2937 nvme_cmd_t *cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
2938 nvme_format_nvm_t format_nvm = { 0 };
2939 boolean_t ret;
2940
2941 format_nvm.b.fm_lbaf = bitx32(ioc->nif_lbaf, 3, 0);
2942 format_nvm.b.fm_ses = bitx32(ioc->nif_ses, 2, 0);
2943
2944 cmd->nc_sqid = 0;
2945 cmd->nc_callback = nvme_wakeup_cmd;
2946 cmd->nc_sqe.sqe_nsid = ioc->nif_common.nioc_nsid;
2947 cmd->nc_sqe.sqe_opc = NVME_OPC_NVM_FORMAT;
2948 cmd->nc_sqe.sqe_cdw10 = format_nvm.r;
2949
2950 /*
2951 * We don't want to panic on any format commands. There are two reasons
2952 * for this:
2953 *
2954 * 1) All format commands are initiated by users. We don't want to panic
2955 * on user commands.
2956 *
2957 * 2) Several devices like the Samsung SM951 don't allow formatting of
2958 * all namespaces in one command and we'd prefer to handle that
2959 * gracefully.
2960 */
2961 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
2962
2963 nvme_admin_cmd(cmd, nvme_format_cmd_timeout);
2964
2965 if (!nvme_check_cmd_status_ioctl(cmd, &ioc->nif_common) != 0) {
2966 dev_err(nvme->n_dip, CE_WARN,
2967 "!FORMAT failed with sct = %x, sc = %x",
2968 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc);
2969 ret = B_FALSE;
2970 goto fail;
2971 }
2972
2973 ret = B_TRUE;
2974 fail:
2975 nvme_free_cmd(cmd);
2976 return (ret);
2977 }
2978
2979 /*
2980 * Retrieve a specific log page. The contents of the log page request should
2981 * have already been validated by the system.
2982 */
2983 static boolean_t
nvme_get_logpage(nvme_t * nvme,boolean_t user,nvme_ioctl_get_logpage_t * log,void ** buf)2984 nvme_get_logpage(nvme_t *nvme, boolean_t user, nvme_ioctl_get_logpage_t *log,
2985 void **buf)
2986 {
2987 nvme_cmd_t *cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
2988 nvme_getlogpage_dw10_t dw10;
2989 uint32_t offlo, offhi;
2990 nvme_getlogpage_dw11_t dw11;
2991 nvme_getlogpage_dw14_t dw14;
2992 uint32_t ndw;
2993 boolean_t ret = B_FALSE;
2994
2995 bzero(&dw10, sizeof (dw10));
2996 bzero(&dw11, sizeof (dw11));
2997 bzero(&dw14, sizeof (dw14));
2998
2999 cmd->nc_sqid = 0;
3000 cmd->nc_callback = nvme_wakeup_cmd;
3001 cmd->nc_sqe.sqe_opc = NVME_OPC_GET_LOG_PAGE;
3002 cmd->nc_sqe.sqe_nsid = log->nigl_common.nioc_nsid;
3003
3004 if (user)
3005 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
3006
3007 /*
3008 * The size field is the number of double words, but is a zeros based
3009 * value. We need to store our actual value minus one.
3010 */
3011 ndw = (uint32_t)(log->nigl_len / 4);
3012 ASSERT3U(ndw, >, 0);
3013 ndw--;
3014
3015 dw10.b.lp_lid = bitx32(log->nigl_lid, 7, 0);
3016 dw10.b.lp_lsp = bitx32(log->nigl_lsp, 6, 0);
3017 dw10.b.lp_rae = bitx32(log->nigl_lsp, 0, 0);
3018 dw10.b.lp_lnumdl = bitx32(ndw, 15, 0);
3019
3020 dw11.b.lp_numdu = bitx32(ndw, 31, 16);
3021 dw11.b.lp_lsi = bitx32(log->nigl_lsi, 15, 0);
3022
3023 offlo = bitx64(log->nigl_offset, 31, 0);
3024 offhi = bitx64(log->nigl_offset, 63, 32);
3025
3026 dw14.b.lp_csi = bitx32(log->nigl_csi, 7, 0);
3027
3028 cmd->nc_sqe.sqe_cdw10 = dw10.r;
3029 cmd->nc_sqe.sqe_cdw11 = dw11.r;
3030 cmd->nc_sqe.sqe_cdw12 = offlo;
3031 cmd->nc_sqe.sqe_cdw13 = offhi;
3032 cmd->nc_sqe.sqe_cdw14 = dw14.r;
3033
3034 if (nvme_zalloc_dma(nvme, log->nigl_len, DDI_DMA_READ,
3035 &nvme->n_prp_dma_attr, &cmd->nc_dma) != DDI_SUCCESS) {
3036 dev_err(nvme->n_dip, CE_WARN,
3037 "!nvme_zalloc_dma failed for GET LOG PAGE");
3038 ret = nvme_ioctl_error(&log->nigl_common,
3039 NVME_IOCTL_E_NO_DMA_MEM, 0, 0);
3040 goto fail;
3041 }
3042
3043 if (nvme_fill_prp(cmd, cmd->nc_dma->nd_dmah) != 0) {
3044 ret = nvme_ioctl_error(&log->nigl_common,
3045 NVME_IOCTL_E_NO_DMA_MEM, 0, 0);
3046 goto fail;
3047 }
3048 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout);
3049
3050 if (!nvme_check_cmd_status_ioctl(cmd, &log->nigl_common)) {
3051 if (!user) {
3052 dev_err(nvme->n_dip, CE_WARN,
3053 "!GET LOG PAGE failed with sct = %x, sc = %x",
3054 cmd->nc_cqe.cqe_sf.sf_sct,
3055 cmd->nc_cqe.cqe_sf.sf_sc);
3056 }
3057 ret = B_FALSE;
3058 goto fail;
3059 }
3060
3061 *buf = kmem_alloc(log->nigl_len, KM_SLEEP);
3062 bcopy(cmd->nc_dma->nd_memp, *buf, log->nigl_len);
3063
3064 ret = B_TRUE;
3065 fail:
3066 nvme_free_cmd(cmd);
3067
3068 return (ret);
3069 }
3070
3071 /*
3072 * This is an internal wrapper for when the kernel wants to get a log page.
3073 * Currently this assumes that the only thing that is required is the log page
3074 * ID. If more information is required, we'll be better served to just use the
3075 * general ioctl interface.
3076 */
3077 static boolean_t
nvme_get_logpage_int(nvme_t * nvme,boolean_t user,void ** buf,size_t * bufsize,uint8_t lid)3078 nvme_get_logpage_int(nvme_t *nvme, boolean_t user, void **buf, size_t *bufsize,
3079 uint8_t lid)
3080 {
3081 const nvme_log_page_info_t *info = NULL;
3082 nvme_ioctl_get_logpage_t log;
3083 nvme_valid_ctrl_data_t data;
3084 boolean_t bret;
3085 bool var;
3086
3087 for (size_t i = 0; i < nvme_std_log_npages; i++) {
3088 if (nvme_std_log_pages[i].nlpi_lid == lid &&
3089 nvme_std_log_pages[i].nlpi_csi == NVME_CSI_NVM) {
3090 info = &nvme_std_log_pages[i];
3091 break;
3092 }
3093 }
3094
3095 if (info == NULL) {
3096 return (B_FALSE);
3097 }
3098
3099 data.vcd_vers = &nvme->n_version;
3100 data.vcd_id = nvme->n_idctl;
3101 bzero(&log, sizeof (log));
3102 log.nigl_common.nioc_nsid = NVME_NSID_BCAST;
3103 log.nigl_csi = info->nlpi_csi;
3104 log.nigl_lid = info->nlpi_lid;
3105 log.nigl_len = nvme_log_page_info_size(info, &data, &var);
3106
3107 /*
3108 * We only support getting standard fixed-length log pages through the
3109 * kernel interface at this time. If a log page either has an unknown
3110 * size or has a variable length, then we cannot get it.
3111 */
3112 if (log.nigl_len == 0 || var) {
3113 return (B_FALSE);
3114 }
3115
3116 bret = nvme_get_logpage(nvme, user, &log, buf);
3117 if (!bret) {
3118 return (B_FALSE);
3119 }
3120
3121 *bufsize = log.nigl_len;
3122 return (B_TRUE);
3123 }
3124
3125 static boolean_t
nvme_identify(nvme_t * nvme,boolean_t user,nvme_ioctl_identify_t * ioc,void ** buf)3126 nvme_identify(nvme_t *nvme, boolean_t user, nvme_ioctl_identify_t *ioc,
3127 void **buf)
3128 {
3129 nvme_cmd_t *cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
3130 boolean_t ret = B_FALSE;
3131 nvme_identify_dw10_t dw10;
3132
3133 ASSERT3P(buf, !=, NULL);
3134
3135 bzero(&dw10, sizeof (dw10));
3136
3137 cmd->nc_sqid = 0;
3138 cmd->nc_callback = nvme_wakeup_cmd;
3139 cmd->nc_sqe.sqe_opc = NVME_OPC_IDENTIFY;
3140 cmd->nc_sqe.sqe_nsid = ioc->nid_common.nioc_nsid;
3141
3142 dw10.b.id_cns = bitx32(ioc->nid_cns, 7, 0);
3143 dw10.b.id_cntid = bitx32(ioc->nid_ctrlid, 15, 0);
3144
3145 cmd->nc_sqe.sqe_cdw10 = dw10.r;
3146
3147 if (nvme_zalloc_dma(nvme, NVME_IDENTIFY_BUFSIZE, DDI_DMA_READ,
3148 &nvme->n_prp_dma_attr, &cmd->nc_dma) != DDI_SUCCESS) {
3149 dev_err(nvme->n_dip, CE_WARN,
3150 "!nvme_zalloc_dma failed for IDENTIFY");
3151 ret = nvme_ioctl_error(&ioc->nid_common,
3152 NVME_IOCTL_E_NO_DMA_MEM, 0, 0);
3153 goto fail;
3154 }
3155
3156 if (cmd->nc_dma->nd_ncookie > 2) {
3157 dev_err(nvme->n_dip, CE_WARN,
3158 "!too many DMA cookies for IDENTIFY");
3159 NVME_BUMP_STAT(nvme, too_many_cookies);
3160 ret = nvme_ioctl_error(&ioc->nid_common,
3161 NVME_IOCTL_E_BAD_PRP, 0, 0);
3162 goto fail;
3163 }
3164
3165 cmd->nc_sqe.sqe_dptr.d_prp[0] = cmd->nc_dma->nd_cookie.dmac_laddress;
3166 if (cmd->nc_dma->nd_ncookie > 1) {
3167 ddi_dma_nextcookie(cmd->nc_dma->nd_dmah,
3168 &cmd->nc_dma->nd_cookie);
3169 cmd->nc_sqe.sqe_dptr.d_prp[1] =
3170 cmd->nc_dma->nd_cookie.dmac_laddress;
3171 }
3172
3173 if (user)
3174 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
3175
3176 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout);
3177
3178 if (!nvme_check_cmd_status_ioctl(cmd, &ioc->nid_common)) {
3179 dev_err(nvme->n_dip, CE_WARN,
3180 "!IDENTIFY failed with sct = %x, sc = %x",
3181 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc);
3182 ret = B_FALSE;
3183 goto fail;
3184 }
3185
3186 *buf = kmem_alloc(NVME_IDENTIFY_BUFSIZE, KM_SLEEP);
3187 bcopy(cmd->nc_dma->nd_memp, *buf, NVME_IDENTIFY_BUFSIZE);
3188 ret = B_TRUE;
3189
3190 fail:
3191 nvme_free_cmd(cmd);
3192
3193 return (ret);
3194 }
3195
3196 static boolean_t
nvme_identify_int(nvme_t * nvme,uint32_t nsid,uint8_t cns,void ** buf)3197 nvme_identify_int(nvme_t *nvme, uint32_t nsid, uint8_t cns, void **buf)
3198 {
3199 nvme_ioctl_identify_t id;
3200
3201 bzero(&id, sizeof (nvme_ioctl_identify_t));
3202 id.nid_common.nioc_nsid = nsid;
3203 id.nid_cns = cns;
3204
3205 return (nvme_identify(nvme, B_FALSE, &id, buf));
3206 }
3207
3208 static int
nvme_set_features(nvme_t * nvme,boolean_t user,uint32_t nsid,uint8_t feature,uint32_t val,uint32_t * res)3209 nvme_set_features(nvme_t *nvme, boolean_t user, uint32_t nsid, uint8_t feature,
3210 uint32_t val, uint32_t *res)
3211 {
3212 _NOTE(ARGUNUSED(nsid));
3213 nvme_cmd_t *cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
3214 int ret = EINVAL;
3215
3216 ASSERT(res != NULL);
3217
3218 cmd->nc_sqid = 0;
3219 cmd->nc_callback = nvme_wakeup_cmd;
3220 cmd->nc_sqe.sqe_opc = NVME_OPC_SET_FEATURES;
3221 cmd->nc_sqe.sqe_cdw10 = feature;
3222 cmd->nc_sqe.sqe_cdw11 = val;
3223
3224 if (user)
3225 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
3226
3227 switch (feature) {
3228 case NVME_FEAT_WRITE_CACHE:
3229 if (!nvme->n_write_cache_present)
3230 goto fail;
3231 break;
3232
3233 case NVME_FEAT_NQUEUES:
3234 break;
3235
3236 default:
3237 goto fail;
3238 }
3239
3240 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout);
3241
3242 if ((ret = nvme_check_cmd_status(cmd)) != 0) {
3243 dev_err(nvme->n_dip, CE_WARN,
3244 "!SET FEATURES %d failed with sct = %x, sc = %x",
3245 feature, cmd->nc_cqe.cqe_sf.sf_sct,
3246 cmd->nc_cqe.cqe_sf.sf_sc);
3247 goto fail;
3248 }
3249
3250 *res = cmd->nc_cqe.cqe_dw0;
3251
3252 fail:
3253 nvme_free_cmd(cmd);
3254 return (ret);
3255 }
3256
3257 static int
nvme_write_cache_set(nvme_t * nvme,boolean_t enable)3258 nvme_write_cache_set(nvme_t *nvme, boolean_t enable)
3259 {
3260 nvme_write_cache_t nwc = { 0 };
3261
3262 if (enable)
3263 nwc.b.wc_wce = 1;
3264
3265 /*
3266 * We've seen some cases where this fails due to us being told we've
3267 * specified an invalid namespace when operating against the Xen xcp-ng
3268 * qemu NVMe virtual device. As such, we generally ensure that trying to
3269 * enable this doesn't lead us to panic. It's not completely clear why
3270 * specifying namespace zero here fails, but not when we're setting the
3271 * number of queues below.
3272 */
3273 return (nvme_set_features(nvme, B_TRUE, 0, NVME_FEAT_WRITE_CACHE,
3274 nwc.r, &nwc.r));
3275 }
3276
3277 static int
nvme_set_nqueues(nvme_t * nvme)3278 nvme_set_nqueues(nvme_t *nvme)
3279 {
3280 nvme_nqueues_t nq = { 0 };
3281 int ret;
3282
3283 /*
3284 * The default is to allocate one completion queue per vector.
3285 */
3286 if (nvme->n_completion_queues == -1)
3287 nvme->n_completion_queues = nvme->n_intr_cnt;
3288
3289 /*
3290 * There is no point in having more completion queues than
3291 * interrupt vectors.
3292 */
3293 nvme->n_completion_queues = MIN(nvme->n_completion_queues,
3294 nvme->n_intr_cnt);
3295
3296 /*
3297 * The default is to use one submission queue per completion queue.
3298 */
3299 if (nvme->n_submission_queues == -1)
3300 nvme->n_submission_queues = nvme->n_completion_queues;
3301
3302 /*
3303 * There is no point in having more completion queues than
3304 * submission queues.
3305 */
3306 nvme->n_completion_queues = MIN(nvme->n_completion_queues,
3307 nvme->n_submission_queues);
3308
3309 ASSERT(nvme->n_submission_queues > 0);
3310 ASSERT(nvme->n_completion_queues > 0);
3311
3312 nq.b.nq_nsq = nvme->n_submission_queues - 1;
3313 nq.b.nq_ncq = nvme->n_completion_queues - 1;
3314
3315 ret = nvme_set_features(nvme, B_FALSE, 0, NVME_FEAT_NQUEUES, nq.r,
3316 &nq.r);
3317
3318 if (ret == 0) {
3319 /*
3320 * Never use more than the requested number of queues.
3321 */
3322 nvme->n_submission_queues = MIN(nvme->n_submission_queues,
3323 nq.b.nq_nsq + 1);
3324 nvme->n_completion_queues = MIN(nvme->n_completion_queues,
3325 nq.b.nq_ncq + 1);
3326 }
3327
3328 return (ret);
3329 }
3330
3331 static int
nvme_create_completion_queue(nvme_t * nvme,nvme_cq_t * cq)3332 nvme_create_completion_queue(nvme_t *nvme, nvme_cq_t *cq)
3333 {
3334 nvme_cmd_t *cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
3335 nvme_create_queue_dw10_t dw10 = { 0 };
3336 nvme_create_cq_dw11_t c_dw11 = { 0 };
3337 int ret;
3338
3339 dw10.b.q_qid = cq->ncq_id;
3340 dw10.b.q_qsize = cq->ncq_nentry - 1;
3341
3342 c_dw11.b.cq_pc = 1;
3343 c_dw11.b.cq_ien = 1;
3344 c_dw11.b.cq_iv = cq->ncq_id % nvme->n_intr_cnt;
3345
3346 cmd->nc_sqid = 0;
3347 cmd->nc_callback = nvme_wakeup_cmd;
3348 cmd->nc_sqe.sqe_opc = NVME_OPC_CREATE_CQUEUE;
3349 cmd->nc_sqe.sqe_cdw10 = dw10.r;
3350 cmd->nc_sqe.sqe_cdw11 = c_dw11.r;
3351 cmd->nc_sqe.sqe_dptr.d_prp[0] = cq->ncq_dma->nd_cookie.dmac_laddress;
3352
3353 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout);
3354
3355 if ((ret = nvme_check_cmd_status(cmd)) != 0) {
3356 dev_err(nvme->n_dip, CE_WARN,
3357 "!CREATE CQUEUE failed with sct = %x, sc = %x",
3358 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc);
3359 }
3360
3361 nvme_free_cmd(cmd);
3362
3363 return (ret);
3364 }
3365
3366 static int
nvme_create_io_qpair(nvme_t * nvme,nvme_qpair_t * qp,uint16_t idx)3367 nvme_create_io_qpair(nvme_t *nvme, nvme_qpair_t *qp, uint16_t idx)
3368 {
3369 nvme_cq_t *cq = qp->nq_cq;
3370 nvme_cmd_t *cmd;
3371 nvme_create_queue_dw10_t dw10 = { 0 };
3372 nvme_create_sq_dw11_t s_dw11 = { 0 };
3373 int ret;
3374
3375 /*
3376 * It is possible to have more qpairs than completion queues,
3377 * and when the idx > ncq_id, that completion queue is shared
3378 * and has already been created.
3379 */
3380 if (idx <= cq->ncq_id &&
3381 nvme_create_completion_queue(nvme, cq) != DDI_SUCCESS)
3382 return (DDI_FAILURE);
3383
3384 dw10.b.q_qid = idx;
3385 dw10.b.q_qsize = qp->nq_nentry - 1;
3386
3387 s_dw11.b.sq_pc = 1;
3388 s_dw11.b.sq_cqid = cq->ncq_id;
3389
3390 cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
3391 cmd->nc_sqid = 0;
3392 cmd->nc_callback = nvme_wakeup_cmd;
3393 cmd->nc_sqe.sqe_opc = NVME_OPC_CREATE_SQUEUE;
3394 cmd->nc_sqe.sqe_cdw10 = dw10.r;
3395 cmd->nc_sqe.sqe_cdw11 = s_dw11.r;
3396 cmd->nc_sqe.sqe_dptr.d_prp[0] = qp->nq_sqdma->nd_cookie.dmac_laddress;
3397
3398 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout);
3399
3400 if ((ret = nvme_check_cmd_status(cmd)) != 0) {
3401 dev_err(nvme->n_dip, CE_WARN,
3402 "!CREATE SQUEUE failed with sct = %x, sc = %x",
3403 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc);
3404 }
3405
3406 nvme_free_cmd(cmd);
3407
3408 return (ret);
3409 }
3410
3411 static boolean_t
nvme_reset(nvme_t * nvme,boolean_t quiesce)3412 nvme_reset(nvme_t *nvme, boolean_t quiesce)
3413 {
3414 nvme_reg_csts_t csts;
3415 int i;
3416
3417 nvme_put32(nvme, NVME_REG_CC, 0);
3418
3419 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
3420 if (csts.b.csts_rdy == 1) {
3421 nvme_put32(nvme, NVME_REG_CC, 0);
3422
3423 /*
3424 * The timeout value is from the Controller Capabilities
3425 * register (CAP.TO, section 3.1.1). This is the worst case
3426 * time to wait for CSTS.RDY to transition from 1 to 0 after
3427 * CC.EN transitions from 1 to 0.
3428 *
3429 * The timeout units are in 500 ms units, and we are delaying
3430 * in 50ms chunks, hence counting to n_timeout * 10.
3431 */
3432 for (i = 0; i < nvme->n_timeout * 10; i++) {
3433 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
3434 if (csts.b.csts_rdy == 0)
3435 break;
3436
3437 /*
3438 * Quiescing drivers should not use locks or timeouts,
3439 * so if this is the quiesce path, use a quiesce-safe
3440 * delay.
3441 */
3442 if (quiesce) {
3443 drv_usecwait(50000);
3444 } else {
3445 delay(drv_usectohz(50000));
3446 }
3447 }
3448 }
3449
3450 nvme_put32(nvme, NVME_REG_AQA, 0);
3451 nvme_put32(nvme, NVME_REG_ASQ, 0);
3452 nvme_put32(nvme, NVME_REG_ACQ, 0);
3453
3454 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
3455 return (csts.b.csts_rdy == 0 ? B_TRUE : B_FALSE);
3456 }
3457
3458 static void
nvme_shutdown(nvme_t * nvme,boolean_t quiesce)3459 nvme_shutdown(nvme_t *nvme, boolean_t quiesce)
3460 {
3461 nvme_reg_cc_t cc;
3462 nvme_reg_csts_t csts;
3463 int i;
3464
3465 cc.r = nvme_get32(nvme, NVME_REG_CC);
3466 cc.b.cc_shn = NVME_CC_SHN_NORMAL;
3467 nvme_put32(nvme, NVME_REG_CC, cc.r);
3468
3469 for (i = 0; i < 10; i++) {
3470 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
3471 if (csts.b.csts_shst == NVME_CSTS_SHN_COMPLETE)
3472 break;
3473
3474 if (quiesce) {
3475 drv_usecwait(100000);
3476 } else {
3477 delay(drv_usectohz(100000));
3478 }
3479 }
3480 }
3481
3482 /*
3483 * Return length of string without trailing spaces.
3484 */
3485 static int
nvme_strlen(const char * str,int len)3486 nvme_strlen(const char *str, int len)
3487 {
3488 if (len <= 0)
3489 return (0);
3490
3491 while (str[--len] == ' ')
3492 ;
3493
3494 return (++len);
3495 }
3496
3497 static void
nvme_config_min_block_size(nvme_t * nvme,char * model,char * val)3498 nvme_config_min_block_size(nvme_t *nvme, char *model, char *val)
3499 {
3500 ulong_t bsize = 0;
3501 char *msg = "";
3502
3503 if (ddi_strtoul(val, NULL, 0, &bsize) != 0)
3504 goto err;
3505
3506 if (!ISP2(bsize)) {
3507 msg = ": not a power of 2";
3508 goto err;
3509 }
3510
3511 if (bsize < NVME_DEFAULT_MIN_BLOCK_SIZE) {
3512 msg = ": too low";
3513 goto err;
3514 }
3515
3516 nvme->n_min_block_size = bsize;
3517 return;
3518
3519 err:
3520 dev_err(nvme->n_dip, CE_WARN,
3521 "!nvme-config-list: ignoring invalid min-phys-block-size '%s' "
3522 "for model '%s'%s", val, model, msg);
3523
3524 nvme->n_min_block_size = NVME_DEFAULT_MIN_BLOCK_SIZE;
3525 }
3526
3527 static void
nvme_config_boolean(nvme_t * nvme,char * model,char * name,char * val,boolean_t * b)3528 nvme_config_boolean(nvme_t *nvme, char *model, char *name, char *val,
3529 boolean_t *b)
3530 {
3531 if (strcmp(val, "on") == 0 ||
3532 strcmp(val, "true") == 0)
3533 *b = B_TRUE;
3534 else if (strcmp(val, "off") == 0 ||
3535 strcmp(val, "false") == 0)
3536 *b = B_FALSE;
3537 else
3538 dev_err(nvme->n_dip, CE_WARN,
3539 "!nvme-config-list: invalid value for %s '%s'"
3540 " for model '%s', ignoring", name, val, model);
3541 }
3542
3543 static void
nvme_config_list(nvme_t * nvme)3544 nvme_config_list(nvme_t *nvme)
3545 {
3546 char **config_list;
3547 uint_t nelem;
3548 int rv, i;
3549
3550 /*
3551 * We're following the pattern of 'sd-config-list' here, but extend it.
3552 * Instead of two we have three separate strings for "model", "fwrev",
3553 * and "name-value-list".
3554 */
3555 rv = ddi_prop_lookup_string_array(DDI_DEV_T_ANY, nvme->n_dip,
3556 DDI_PROP_DONTPASS, "nvme-config-list", &config_list, &nelem);
3557
3558 if (rv != DDI_PROP_SUCCESS) {
3559 if (rv == DDI_PROP_CANNOT_DECODE) {
3560 dev_err(nvme->n_dip, CE_WARN,
3561 "!nvme-config-list: cannot be decoded");
3562 }
3563
3564 return;
3565 }
3566
3567 if ((nelem % 3) != 0) {
3568 dev_err(nvme->n_dip, CE_WARN, "!nvme-config-list: must be "
3569 "triplets of <model>/<fwrev>/<name-value-list> strings ");
3570 goto out;
3571 }
3572
3573 for (i = 0; i < nelem; i += 3) {
3574 char *model = config_list[i];
3575 char *fwrev = config_list[i + 1];
3576 char *nvp, *save_nv;
3577 int id_model_len, id_fwrev_len;
3578
3579 id_model_len = nvme_strlen(nvme->n_idctl->id_model,
3580 sizeof (nvme->n_idctl->id_model));
3581
3582 if (strlen(model) != id_model_len)
3583 continue;
3584
3585 if (strncmp(model, nvme->n_idctl->id_model, id_model_len) != 0)
3586 continue;
3587
3588 id_fwrev_len = nvme_strlen(nvme->n_idctl->id_fwrev,
3589 sizeof (nvme->n_idctl->id_fwrev));
3590
3591 if (strlen(fwrev) != 0) {
3592 boolean_t match = B_FALSE;
3593 char *fwr, *last_fw;
3594
3595 for (fwr = strtok_r(fwrev, ",", &last_fw);
3596 fwr != NULL;
3597 fwr = strtok_r(NULL, ",", &last_fw)) {
3598 if (strlen(fwr) != id_fwrev_len)
3599 continue;
3600
3601 if (strncmp(fwr, nvme->n_idctl->id_fwrev,
3602 id_fwrev_len) == 0)
3603 match = B_TRUE;
3604 }
3605
3606 if (!match)
3607 continue;
3608 }
3609
3610 /*
3611 * We should now have a comma-separated list of name:value
3612 * pairs.
3613 */
3614 for (nvp = strtok_r(config_list[i + 2], ",", &save_nv);
3615 nvp != NULL; nvp = strtok_r(NULL, ",", &save_nv)) {
3616 char *name = nvp;
3617 char *val = strchr(nvp, ':');
3618
3619 if (val == NULL || name == val) {
3620 dev_err(nvme->n_dip, CE_WARN,
3621 "!nvme-config-list: <name-value-list> "
3622 "for model '%s' is malformed", model);
3623 goto out;
3624 }
3625
3626 /*
3627 * Null-terminate 'name', move 'val' past ':' sep.
3628 */
3629 *val++ = '\0';
3630
3631 /*
3632 * Process the name:val pairs that we know about.
3633 */
3634 if (strcmp(name, "ignore-unknown-vendor-status") == 0) {
3635 nvme_config_boolean(nvme, model, name, val,
3636 &nvme->n_ignore_unknown_vendor_status);
3637 } else if (strcmp(name, "min-phys-block-size") == 0) {
3638 nvme_config_min_block_size(nvme, model, val);
3639 } else if (strcmp(name, "volatile-write-cache") == 0) {
3640 nvme_config_boolean(nvme, model, name, val,
3641 &nvme->n_write_cache_enabled);
3642 } else {
3643 /*
3644 * Unknown 'name'.
3645 */
3646 dev_err(nvme->n_dip, CE_WARN,
3647 "!nvme-config-list: unknown config '%s' "
3648 "for model '%s', ignoring", name, model);
3649 }
3650 }
3651 }
3652
3653 out:
3654 ddi_prop_free(config_list);
3655 }
3656
3657 static void
nvme_prepare_devid(nvme_t * nvme,uint32_t nsid)3658 nvme_prepare_devid(nvme_t *nvme, uint32_t nsid)
3659 {
3660 /*
3661 * Section 7.7 of the spec describes how to get a unique ID for
3662 * the controller: the vendor ID, the model name and the serial
3663 * number shall be unique when combined.
3664 *
3665 * If a namespace has no EUI64 we use the above and add the hex
3666 * namespace ID to get a unique ID for the namespace.
3667 */
3668 char model[sizeof (nvme->n_idctl->id_model) + 1];
3669 char serial[sizeof (nvme->n_idctl->id_serial) + 1];
3670
3671 bcopy(nvme->n_idctl->id_model, model, sizeof (nvme->n_idctl->id_model));
3672 bcopy(nvme->n_idctl->id_serial, serial,
3673 sizeof (nvme->n_idctl->id_serial));
3674
3675 model[sizeof (nvme->n_idctl->id_model)] = '\0';
3676 serial[sizeof (nvme->n_idctl->id_serial)] = '\0';
3677
3678 nvme_nsid2ns(nvme, nsid)->ns_devid = kmem_asprintf("%4X-%s-%s-%X",
3679 nvme->n_idctl->id_vid, model, serial, nsid);
3680 }
3681
3682 static nvme_identify_nsid_list_t *
nvme_update_nsid_list(nvme_t * nvme,int cns)3683 nvme_update_nsid_list(nvme_t *nvme, int cns)
3684 {
3685 nvme_identify_nsid_list_t *nslist;
3686
3687 /*
3688 * We currently don't handle cases where there are more than
3689 * 1024 active namespaces, requiring several IDENTIFY commands.
3690 */
3691 if (nvme_identify_int(nvme, 0, cns, (void **)&nslist))
3692 return (nslist);
3693
3694 return (NULL);
3695 }
3696
3697 nvme_namespace_t *
nvme_nsid2ns(nvme_t * nvme,uint32_t nsid)3698 nvme_nsid2ns(nvme_t *nvme, uint32_t nsid)
3699 {
3700 ASSERT3U(nsid, !=, 0);
3701 ASSERT3U(nsid, <=, nvme->n_namespace_count);
3702 return (&nvme->n_ns[nsid - 1]);
3703 }
3704
3705 static boolean_t
nvme_allocated_ns(nvme_namespace_t * ns)3706 nvme_allocated_ns(nvme_namespace_t *ns)
3707 {
3708 nvme_t *nvme = ns->ns_nvme;
3709 uint32_t i;
3710
3711 ASSERT(nvme_mgmt_lock_held(nvme));
3712
3713 /*
3714 * If supported, update the list of allocated namespace IDs.
3715 */
3716 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 2) &&
3717 nvme->n_idctl->id_oacs.oa_nsmgmt != 0) {
3718 nvme_identify_nsid_list_t *nslist = nvme_update_nsid_list(nvme,
3719 NVME_IDENTIFY_NSID_ALLOC_LIST);
3720 boolean_t found = B_FALSE;
3721
3722 /*
3723 * When namespace management is supported, this really shouldn't
3724 * be NULL. Treat all namespaces as allocated if it is.
3725 */
3726 if (nslist == NULL)
3727 return (B_TRUE);
3728
3729 for (i = 0; i < ARRAY_SIZE(nslist->nl_nsid); i++) {
3730 if (ns->ns_id == 0)
3731 break;
3732
3733 if (ns->ns_id == nslist->nl_nsid[i])
3734 found = B_TRUE;
3735 }
3736
3737 kmem_free(nslist, NVME_IDENTIFY_BUFSIZE);
3738 return (found);
3739 } else {
3740 /*
3741 * If namespace management isn't supported, report all
3742 * namespaces as allocated.
3743 */
3744 return (B_TRUE);
3745 }
3746 }
3747
3748 static boolean_t
nvme_active_ns(nvme_namespace_t * ns)3749 nvme_active_ns(nvme_namespace_t *ns)
3750 {
3751 nvme_t *nvme = ns->ns_nvme;
3752 uint64_t *ptr;
3753 uint32_t i;
3754
3755 ASSERT(nvme_mgmt_lock_held(nvme));
3756
3757 /*
3758 * If supported, update the list of active namespace IDs.
3759 */
3760 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 1)) {
3761 nvme_identify_nsid_list_t *nslist = nvme_update_nsid_list(nvme,
3762 NVME_IDENTIFY_NSID_LIST);
3763 boolean_t found = B_FALSE;
3764
3765 /*
3766 * When namespace management is supported, this really shouldn't
3767 * be NULL. Treat all namespaces as allocated if it is.
3768 */
3769 if (nslist == NULL)
3770 return (B_TRUE);
3771
3772 for (i = 0; i < ARRAY_SIZE(nslist->nl_nsid); i++) {
3773 if (ns->ns_id == 0)
3774 break;
3775
3776 if (ns->ns_id == nslist->nl_nsid[i])
3777 found = B_TRUE;
3778 }
3779
3780 kmem_free(nslist, NVME_IDENTIFY_BUFSIZE);
3781 return (found);
3782 }
3783
3784 /*
3785 * Workaround for revision 1.0:
3786 * Check whether the IDENTIFY NAMESPACE data is zero-filled.
3787 */
3788 for (ptr = (uint64_t *)ns->ns_idns;
3789 ptr != (uint64_t *)(ns->ns_idns + 1);
3790 ptr++) {
3791 if (*ptr != 0) {
3792 return (B_TRUE);
3793 }
3794 }
3795
3796 return (B_FALSE);
3797 }
3798
3799 static int
nvme_init_ns(nvme_t * nvme,uint32_t nsid)3800 nvme_init_ns(nvme_t *nvme, uint32_t nsid)
3801 {
3802 nvme_namespace_t *ns = nvme_nsid2ns(nvme, nsid);
3803 nvme_identify_nsid_t *idns;
3804 boolean_t was_ignored;
3805 int last_rp;
3806
3807 ns->ns_nvme = nvme;
3808
3809 ASSERT(nvme_mgmt_lock_held(nvme));
3810
3811 /*
3812 * Because we might rescan a namespace and this will fail after boot
3813 * that'd leave us in a bad spot. We need to do something about this
3814 * longer term, but it's not clear how exactly we would recover right
3815 * now.
3816 */
3817 if (!nvme_identify_int(nvme, nsid, NVME_IDENTIFY_NSID,
3818 (void **)&idns)) {
3819 dev_err(nvme->n_dip, CE_WARN,
3820 "!failed to identify namespace %d", nsid);
3821 return (DDI_FAILURE);
3822 }
3823
3824 if (ns->ns_idns != NULL)
3825 kmem_free(ns->ns_idns, sizeof (nvme_identify_nsid_t));
3826
3827 ns->ns_idns = idns;
3828 ns->ns_id = nsid;
3829
3830 was_ignored = ns->ns_ignore;
3831
3832 ns->ns_allocated = nvme_allocated_ns(ns);
3833 ns->ns_active = nvme_active_ns(ns);
3834
3835 ns->ns_block_count = idns->id_nsize;
3836 ns->ns_block_size =
3837 1 << idns->id_lbaf[idns->id_flbas.lba_format].lbaf_lbads;
3838 ns->ns_best_block_size = ns->ns_block_size;
3839
3840 /*
3841 * Get the EUI64 if present.
3842 */
3843 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 1))
3844 bcopy(idns->id_eui64, ns->ns_eui64, sizeof (ns->ns_eui64));
3845
3846 /*
3847 * Get the NGUID if present.
3848 */
3849 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 2))
3850 bcopy(idns->id_nguid, ns->ns_nguid, sizeof (ns->ns_nguid));
3851
3852 /*LINTED: E_BAD_PTR_CAST_ALIGN*/
3853 if (*(uint64_t *)ns->ns_eui64 == 0)
3854 nvme_prepare_devid(nvme, ns->ns_id);
3855
3856 (void) snprintf(ns->ns_name, sizeof (ns->ns_name), "%u", ns->ns_id);
3857
3858 /*
3859 * Find the LBA format with no metadata and the best relative
3860 * performance. A value of 3 means "degraded", 0 is best.
3861 */
3862 last_rp = 3;
3863 for (int j = 0; j <= idns->id_nlbaf; j++) {
3864 if (idns->id_lbaf[j].lbaf_lbads == 0)
3865 break;
3866 if (idns->id_lbaf[j].lbaf_ms != 0)
3867 continue;
3868 if (idns->id_lbaf[j].lbaf_rp >= last_rp)
3869 continue;
3870 last_rp = idns->id_lbaf[j].lbaf_rp;
3871 ns->ns_best_block_size =
3872 1 << idns->id_lbaf[j].lbaf_lbads;
3873 }
3874
3875 if (ns->ns_best_block_size < nvme->n_min_block_size)
3876 ns->ns_best_block_size = nvme->n_min_block_size;
3877
3878 was_ignored = ns->ns_ignore;
3879
3880 /*
3881 * We currently don't support namespaces that are inactive, or use
3882 * either:
3883 * - protection information
3884 * - illegal block size (< 512)
3885 */
3886 if (!ns->ns_active) {
3887 ns->ns_ignore = B_TRUE;
3888 } else if (idns->id_dps.dp_pinfo) {
3889 dev_err(nvme->n_dip, CE_WARN,
3890 "!ignoring namespace %d, unsupported feature: "
3891 "pinfo = %d", nsid, idns->id_dps.dp_pinfo);
3892 ns->ns_ignore = B_TRUE;
3893 } else if (ns->ns_block_size < 512) {
3894 dev_err(nvme->n_dip, CE_WARN,
3895 "!ignoring namespace %d, unsupported block size %"PRIu64,
3896 nsid, (uint64_t)ns->ns_block_size);
3897 ns->ns_ignore = B_TRUE;
3898 } else {
3899 ns->ns_ignore = B_FALSE;
3900 }
3901
3902 /*
3903 * Keep a count of namespaces which are attachable.
3904 * See comments in nvme_bd_driveinfo() to understand its effect.
3905 */
3906 if (was_ignored) {
3907 /*
3908 * Previously ignored, but now not. Count it.
3909 */
3910 if (!ns->ns_ignore)
3911 nvme->n_namespaces_attachable++;
3912 } else {
3913 /*
3914 * Wasn't ignored previously, but now needs to be.
3915 * Discount it.
3916 */
3917 if (ns->ns_ignore)
3918 nvme->n_namespaces_attachable--;
3919 }
3920
3921 return (DDI_SUCCESS);
3922 }
3923
3924 static boolean_t
nvme_attach_ns(nvme_t * nvme,nvme_ioctl_common_t * com)3925 nvme_attach_ns(nvme_t *nvme, nvme_ioctl_common_t *com)
3926 {
3927 nvme_namespace_t *ns = nvme_nsid2ns(nvme, com->nioc_nsid);
3928 int ret;
3929
3930 ASSERT(nvme_mgmt_lock_held(nvme));
3931
3932 if (ns->ns_ignore) {
3933 return (nvme_ioctl_error(com, NVME_IOCTL_E_UNSUP_ATTACH_NS,
3934 0, 0));
3935 }
3936
3937 if (ns->ns_bd_hdl == NULL) {
3938 bd_ops_t ops = nvme_bd_ops;
3939
3940 if (!nvme->n_idctl->id_oncs.on_dset_mgmt)
3941 ops.o_free_space = NULL;
3942
3943 ns->ns_bd_hdl = bd_alloc_handle(ns, &ops, &nvme->n_prp_dma_attr,
3944 KM_SLEEP);
3945
3946 if (ns->ns_bd_hdl == NULL) {
3947 dev_err(nvme->n_dip, CE_WARN, "!Failed to get blkdev "
3948 "handle for namespace id %u", com->nioc_nsid);
3949 return (nvme_ioctl_error(com,
3950 NVME_IOCTL_E_BLKDEV_ATTACH, 0, 0));
3951 }
3952 }
3953
3954 nvme_mgmt_bd_start(nvme);
3955 ret = bd_attach_handle(nvme->n_dip, ns->ns_bd_hdl);
3956 nvme_mgmt_bd_end(nvme);
3957 if (ret != DDI_SUCCESS) {
3958 return (nvme_ioctl_error(com, NVME_IOCTL_E_BLKDEV_ATTACH,
3959 0, 0));
3960 }
3961
3962 ns->ns_attached = B_TRUE;
3963
3964 return (B_TRUE);
3965 }
3966
3967 static boolean_t
nvme_detach_ns(nvme_t * nvme,nvme_ioctl_common_t * com)3968 nvme_detach_ns(nvme_t *nvme, nvme_ioctl_common_t *com)
3969 {
3970 nvme_namespace_t *ns = nvme_nsid2ns(nvme, com->nioc_nsid);
3971 int ret;
3972
3973 ASSERT(nvme_mgmt_lock_held(nvme));
3974
3975 if (ns->ns_ignore || !ns->ns_attached)
3976 return (B_TRUE);
3977
3978 nvme_mgmt_bd_start(nvme);
3979 ASSERT3P(ns->ns_bd_hdl, !=, NULL);
3980 ret = bd_detach_handle(ns->ns_bd_hdl);
3981 nvme_mgmt_bd_end(nvme);
3982
3983 if (ret != DDI_SUCCESS) {
3984 return (nvme_ioctl_error(com, NVME_IOCTL_E_BLKDEV_DETACH, 0,
3985 0));
3986 }
3987
3988 ns->ns_attached = B_FALSE;
3989 return (B_TRUE);
3990
3991 }
3992
3993 /*
3994 * Rescan the namespace information associated with the namespaces indicated by
3995 * ioc. They should not be attached to blkdev right now.
3996 */
3997 static void
nvme_rescan_ns(nvme_t * nvme,uint32_t nsid)3998 nvme_rescan_ns(nvme_t *nvme, uint32_t nsid)
3999 {
4000 ASSERT(nvme_mgmt_lock_held(nvme));
4001 ASSERT3U(nsid, !=, 0);
4002
4003 if (nsid != NVME_NSID_BCAST) {
4004 nvme_namespace_t *ns = nvme_nsid2ns(nvme, nsid);
4005
4006 ASSERT3U(ns->ns_attached, ==, B_FALSE);
4007 (void) nvme_init_ns(nvme, nsid);
4008 return;
4009 }
4010
4011 for (uint32_t i = 1; i <= nvme->n_namespace_count; i++) {
4012 nvme_namespace_t *ns = nvme_nsid2ns(nvme, i);
4013
4014 ASSERT3U(ns->ns_attached, ==, B_FALSE);
4015 (void) nvme_init_ns(nvme, i);
4016 }
4017 }
4018
4019 typedef struct nvme_quirk_table {
4020 uint16_t nq_vendor_id;
4021 uint16_t nq_device_id;
4022 nvme_quirk_t nq_quirks;
4023 } nvme_quirk_table_t;
4024
4025 static const nvme_quirk_table_t nvme_quirks[] = {
4026 { 0x1987, 0x5018, NVME_QUIRK_START_CID }, /* Phison E18 */
4027 };
4028
4029 static void
nvme_detect_quirks(nvme_t * nvme)4030 nvme_detect_quirks(nvme_t *nvme)
4031 {
4032 for (uint_t i = 0; i < ARRAY_SIZE(nvme_quirks); i++) {
4033 const nvme_quirk_table_t *nqt = &nvme_quirks[i];
4034
4035 if (nqt->nq_vendor_id == nvme->n_vendor_id &&
4036 nqt->nq_device_id == nvme->n_device_id) {
4037 nvme->n_quirks = nqt->nq_quirks;
4038 return;
4039 }
4040 }
4041 }
4042
4043 static int
nvme_init(nvme_t * nvme)4044 nvme_init(nvme_t *nvme)
4045 {
4046 nvme_reg_cc_t cc = { 0 };
4047 nvme_reg_aqa_t aqa = { 0 };
4048 nvme_reg_asq_t asq = { 0 };
4049 nvme_reg_acq_t acq = { 0 };
4050 nvme_reg_cap_t cap;
4051 nvme_reg_vs_t vs;
4052 nvme_reg_csts_t csts;
4053 int i = 0;
4054 uint16_t nqueues;
4055 uint_t tq_threads;
4056 char model[sizeof (nvme->n_idctl->id_model) + 1];
4057 char *vendor, *product;
4058 uint32_t nsid;
4059
4060 /* Check controller version */
4061 vs.r = nvme_get32(nvme, NVME_REG_VS);
4062 nvme->n_version.v_major = vs.b.vs_mjr;
4063 nvme->n_version.v_minor = vs.b.vs_mnr;
4064 dev_err(nvme->n_dip, CE_CONT, "?NVMe spec version %d.%d\n",
4065 nvme->n_version.v_major, nvme->n_version.v_minor);
4066
4067 if (nvme->n_version.v_major > nvme_version_major) {
4068 dev_err(nvme->n_dip, CE_WARN, "!no support for version > %d.x",
4069 nvme_version_major);
4070 if (nvme->n_strict_version)
4071 goto fail;
4072 }
4073
4074 /* retrieve controller configuration */
4075 cap.r = nvme_get64(nvme, NVME_REG_CAP);
4076
4077 if ((cap.b.cap_css & NVME_CAP_CSS_NVM) == 0) {
4078 dev_err(nvme->n_dip, CE_WARN,
4079 "!NVM command set not supported by hardware");
4080 goto fail;
4081 }
4082
4083 nvme->n_nssr_supported = cap.b.cap_nssrs;
4084 nvme->n_doorbell_stride = 4 << cap.b.cap_dstrd;
4085 nvme->n_timeout = cap.b.cap_to;
4086 nvme->n_arbitration_mechanisms = cap.b.cap_ams;
4087 nvme->n_cont_queues_reqd = cap.b.cap_cqr;
4088 nvme->n_max_queue_entries = cap.b.cap_mqes + 1;
4089
4090 /*
4091 * The MPSMIN and MPSMAX fields in the CAP register use 0 to specify
4092 * the base page size of 4k (1<<12), so add 12 here to get the real
4093 * page size value.
4094 */
4095 nvme->n_pageshift = MIN(MAX(cap.b.cap_mpsmin + 12, PAGESHIFT),
4096 cap.b.cap_mpsmax + 12);
4097 nvme->n_pagesize = 1UL << (nvme->n_pageshift);
4098
4099 /*
4100 * Set up Queue DMA to transfer at least 1 page-aligned page at a time.
4101 */
4102 nvme->n_queue_dma_attr.dma_attr_align = nvme->n_pagesize;
4103 nvme->n_queue_dma_attr.dma_attr_minxfer = nvme->n_pagesize;
4104
4105 /*
4106 * Set up PRP DMA to transfer 1 page-aligned page at a time.
4107 * Maxxfer may be increased after we identified the controller limits.
4108 */
4109 nvme->n_prp_dma_attr.dma_attr_maxxfer = nvme->n_pagesize;
4110 nvme->n_prp_dma_attr.dma_attr_minxfer = nvme->n_pagesize;
4111 nvme->n_prp_dma_attr.dma_attr_align = nvme->n_pagesize;
4112 nvme->n_prp_dma_attr.dma_attr_seg = nvme->n_pagesize - 1;
4113
4114 /*
4115 * Reset controller if it's still in ready state.
4116 */
4117 if (nvme_reset(nvme, B_FALSE) == B_FALSE) {
4118 dev_err(nvme->n_dip, CE_WARN, "!unable to reset controller");
4119 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST);
4120 nvme->n_dead = B_TRUE;
4121 goto fail;
4122 }
4123
4124 /*
4125 * Create the cq array with one completion queue to be assigned
4126 * to the admin queue pair and a limited number of taskqs (4).
4127 */
4128 if (nvme_create_cq_array(nvme, 1, nvme->n_admin_queue_len, 4) !=
4129 DDI_SUCCESS) {
4130 dev_err(nvme->n_dip, CE_WARN,
4131 "!failed to pre-allocate admin completion queue");
4132 goto fail;
4133 }
4134 /*
4135 * Create the admin queue pair.
4136 */
4137 if (nvme_alloc_qpair(nvme, nvme->n_admin_queue_len, &nvme->n_adminq, 0)
4138 != DDI_SUCCESS) {
4139 dev_err(nvme->n_dip, CE_WARN,
4140 "!unable to allocate admin qpair");
4141 goto fail;
4142 }
4143 nvme->n_ioq = kmem_alloc(sizeof (nvme_qpair_t *), KM_SLEEP);
4144 nvme->n_ioq[0] = nvme->n_adminq;
4145
4146 if (nvme->n_quirks & NVME_QUIRK_START_CID)
4147 nvme->n_adminq->nq_next_cmd++;
4148
4149 nvme->n_progress |= NVME_ADMIN_QUEUE;
4150
4151 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip,
4152 "admin-queue-len", nvme->n_admin_queue_len);
4153
4154 aqa.b.aqa_asqs = aqa.b.aqa_acqs = nvme->n_admin_queue_len - 1;
4155 asq = nvme->n_adminq->nq_sqdma->nd_cookie.dmac_laddress;
4156 acq = nvme->n_adminq->nq_cq->ncq_dma->nd_cookie.dmac_laddress;
4157
4158 ASSERT((asq & (nvme->n_pagesize - 1)) == 0);
4159 ASSERT((acq & (nvme->n_pagesize - 1)) == 0);
4160
4161 nvme_put32(nvme, NVME_REG_AQA, aqa.r);
4162 nvme_put64(nvme, NVME_REG_ASQ, asq);
4163 nvme_put64(nvme, NVME_REG_ACQ, acq);
4164
4165 cc.b.cc_ams = 0; /* use Round-Robin arbitration */
4166 cc.b.cc_css = 0; /* use NVM command set */
4167 cc.b.cc_mps = nvme->n_pageshift - 12;
4168 cc.b.cc_shn = 0; /* no shutdown in progress */
4169 cc.b.cc_en = 1; /* enable controller */
4170 cc.b.cc_iosqes = 6; /* submission queue entry is 2^6 bytes long */
4171 cc.b.cc_iocqes = 4; /* completion queue entry is 2^4 bytes long */
4172
4173 nvme_put32(nvme, NVME_REG_CC, cc.r);
4174
4175 /*
4176 * Wait for the controller to become ready.
4177 */
4178 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
4179 if (csts.b.csts_rdy == 0) {
4180 for (i = 0; i != nvme->n_timeout * 10; i++) {
4181 delay(drv_usectohz(50000));
4182 csts.r = nvme_get32(nvme, NVME_REG_CSTS);
4183
4184 if (csts.b.csts_cfs == 1) {
4185 dev_err(nvme->n_dip, CE_WARN,
4186 "!controller fatal status at init");
4187 ddi_fm_service_impact(nvme->n_dip,
4188 DDI_SERVICE_LOST);
4189 nvme->n_dead = B_TRUE;
4190 goto fail;
4191 }
4192
4193 if (csts.b.csts_rdy == 1)
4194 break;
4195 }
4196 }
4197
4198 if (csts.b.csts_rdy == 0) {
4199 dev_err(nvme->n_dip, CE_WARN, "!controller not ready");
4200 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST);
4201 nvme->n_dead = B_TRUE;
4202 goto fail;
4203 }
4204
4205 /*
4206 * Assume an abort command limit of 1. We'll destroy and re-init
4207 * that later when we know the true abort command limit.
4208 */
4209 sema_init(&nvme->n_abort_sema, 1, NULL, SEMA_DRIVER, NULL);
4210
4211 /*
4212 * Set up initial interrupt for admin queue.
4213 */
4214 if ((nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSIX, 1)
4215 != DDI_SUCCESS) &&
4216 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSI, 1)
4217 != DDI_SUCCESS) &&
4218 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_FIXED, 1)
4219 != DDI_SUCCESS)) {
4220 dev_err(nvme->n_dip, CE_WARN,
4221 "!failed to set up initial interrupt");
4222 goto fail;
4223 }
4224
4225 /*
4226 * Post an asynchronous event command to catch errors.
4227 * We assume the asynchronous events are supported as required by
4228 * specification (Figure 40 in section 5 of NVMe 1.2).
4229 * However, since at least qemu does not follow the specification,
4230 * we need a mechanism to protect ourselves.
4231 */
4232 nvme->n_async_event_supported = B_TRUE;
4233 nvme_async_event(nvme);
4234
4235 /*
4236 * Identify Controller
4237 */
4238 if (!nvme_identify_int(nvme, 0, NVME_IDENTIFY_CTRL,
4239 (void **)&nvme->n_idctl)) {
4240 dev_err(nvme->n_dip, CE_WARN, "!failed to identify controller");
4241 goto fail;
4242 }
4243
4244 /*
4245 * Get the common namespace information if available. If not, we use the
4246 * information for nsid 1.
4247 */
4248 if (nvme_ctrl_atleast(nvme, &nvme_vers_1v2) &&
4249 nvme->n_idctl->id_oacs.oa_nsmgmt != 0) {
4250 nsid = NVME_NSID_BCAST;
4251 } else {
4252 nsid = 1;
4253 }
4254
4255 if (!nvme_identify_int(nvme, nsid, NVME_IDENTIFY_NSID,
4256 (void **)&nvme->n_idcomns)) {
4257 dev_err(nvme->n_dip, CE_WARN, "!failed to identify common "
4258 "namespace information");
4259 goto fail;
4260 }
4261 /*
4262 * Process nvme-config-list (if present) in nvme.conf.
4263 */
4264 nvme_config_list(nvme);
4265
4266 /*
4267 * Get Vendor & Product ID
4268 */
4269 bcopy(nvme->n_idctl->id_model, model, sizeof (nvme->n_idctl->id_model));
4270 model[sizeof (nvme->n_idctl->id_model)] = '\0';
4271 sata_split_model(model, &vendor, &product);
4272
4273 if (vendor == NULL)
4274 nvme->n_vendor = strdup("NVMe");
4275 else
4276 nvme->n_vendor = strdup(vendor);
4277
4278 nvme->n_product = strdup(product);
4279
4280 /*
4281 * Get controller limits.
4282 */
4283 nvme->n_async_event_limit = MAX(NVME_MIN_ASYNC_EVENT_LIMIT,
4284 MIN(nvme->n_admin_queue_len / 10,
4285 MIN(nvme->n_idctl->id_aerl + 1, nvme->n_async_event_limit)));
4286
4287 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip,
4288 "async-event-limit", nvme->n_async_event_limit);
4289
4290 nvme->n_abort_command_limit = nvme->n_idctl->id_acl + 1;
4291
4292 /*
4293 * Reinitialize the semaphore with the true abort command limit
4294 * supported by the hardware. It's not necessary to disable interrupts
4295 * as only command aborts use the semaphore, and no commands are
4296 * executed or aborted while we're here.
4297 */
4298 sema_destroy(&nvme->n_abort_sema);
4299 sema_init(&nvme->n_abort_sema, nvme->n_abort_command_limit - 1, NULL,
4300 SEMA_DRIVER, NULL);
4301
4302 nvme->n_progress |= NVME_CTRL_LIMITS;
4303
4304 if (nvme->n_idctl->id_mdts == 0)
4305 nvme->n_max_data_transfer_size = nvme->n_pagesize * 65536;
4306 else
4307 nvme->n_max_data_transfer_size =
4308 1ull << (nvme->n_pageshift + nvme->n_idctl->id_mdts);
4309
4310 nvme->n_error_log_len = nvme->n_idctl->id_elpe + 1;
4311
4312 /*
4313 * Limit n_max_data_transfer_size to what we can handle in one PRP.
4314 * Chained PRPs are currently unsupported.
4315 *
4316 * This is a no-op on hardware which doesn't support a transfer size
4317 * big enough to require chained PRPs.
4318 */
4319 nvme->n_max_data_transfer_size = MIN(nvme->n_max_data_transfer_size,
4320 (nvme->n_pagesize / sizeof (uint64_t) * nvme->n_pagesize));
4321
4322 nvme->n_prp_dma_attr.dma_attr_maxxfer = nvme->n_max_data_transfer_size;
4323
4324 /*
4325 * Make sure the minimum/maximum queue entry sizes are not
4326 * larger/smaller than the default.
4327 */
4328
4329 if (((1 << nvme->n_idctl->id_sqes.qes_min) > sizeof (nvme_sqe_t)) ||
4330 ((1 << nvme->n_idctl->id_sqes.qes_max) < sizeof (nvme_sqe_t)) ||
4331 ((1 << nvme->n_idctl->id_cqes.qes_min) > sizeof (nvme_cqe_t)) ||
4332 ((1 << nvme->n_idctl->id_cqes.qes_max) < sizeof (nvme_cqe_t)))
4333 goto fail;
4334
4335 /*
4336 * Check for the presence of a Volatile Write Cache. If present,
4337 * enable or disable based on the value of the property
4338 * volatile-write-cache-enable (default is enabled).
4339 */
4340 nvme->n_write_cache_present =
4341 nvme->n_idctl->id_vwc.vwc_present == 0 ? B_FALSE : B_TRUE;
4342
4343 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip,
4344 "volatile-write-cache-present",
4345 nvme->n_write_cache_present ? 1 : 0);
4346
4347 if (!nvme->n_write_cache_present) {
4348 nvme->n_write_cache_enabled = B_FALSE;
4349 } else if (nvme_write_cache_set(nvme, nvme->n_write_cache_enabled)
4350 != 0) {
4351 dev_err(nvme->n_dip, CE_WARN,
4352 "!failed to %sable volatile write cache",
4353 nvme->n_write_cache_enabled ? "en" : "dis");
4354 /*
4355 * Assume the cache is (still) enabled.
4356 */
4357 nvme->n_write_cache_enabled = B_TRUE;
4358 }
4359
4360 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip,
4361 "volatile-write-cache-enable",
4362 nvme->n_write_cache_enabled ? 1 : 0);
4363
4364 /*
4365 * Get number of supported namespaces and allocate namespace array.
4366 */
4367 nvme->n_namespace_count = nvme->n_idctl->id_nn;
4368
4369 if (nvme->n_namespace_count == 0) {
4370 dev_err(nvme->n_dip, CE_WARN,
4371 "!controllers without namespaces are not supported");
4372 goto fail;
4373 }
4374
4375 nvme->n_ns = kmem_zalloc(sizeof (nvme_namespace_t) *
4376 nvme->n_namespace_count, KM_SLEEP);
4377
4378 /*
4379 * Try to set up MSI/MSI-X interrupts.
4380 */
4381 if ((nvme->n_intr_types & (DDI_INTR_TYPE_MSI | DDI_INTR_TYPE_MSIX))
4382 != 0) {
4383 nvme_release_interrupts(nvme);
4384
4385 nqueues = MIN(UINT16_MAX, ncpus);
4386
4387 if ((nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSIX,
4388 nqueues) != DDI_SUCCESS) &&
4389 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSI,
4390 nqueues) != DDI_SUCCESS)) {
4391 dev_err(nvme->n_dip, CE_WARN,
4392 "!failed to set up MSI/MSI-X interrupts");
4393 goto fail;
4394 }
4395 }
4396
4397 /*
4398 * Create I/O queue pairs.
4399 */
4400
4401 if (nvme_set_nqueues(nvme) != 0) {
4402 dev_err(nvme->n_dip, CE_WARN,
4403 "!failed to set number of I/O queues to %d",
4404 nvme->n_intr_cnt);
4405 goto fail;
4406 }
4407
4408 /*
4409 * Reallocate I/O queue array
4410 */
4411 kmem_free(nvme->n_ioq, sizeof (nvme_qpair_t *));
4412 nvme->n_ioq = kmem_zalloc(sizeof (nvme_qpair_t *) *
4413 (nvme->n_submission_queues + 1), KM_SLEEP);
4414 nvme->n_ioq[0] = nvme->n_adminq;
4415
4416 /*
4417 * There should always be at least as many submission queues
4418 * as completion queues.
4419 */
4420 ASSERT(nvme->n_submission_queues >= nvme->n_completion_queues);
4421
4422 nvme->n_ioq_count = nvme->n_submission_queues;
4423
4424 nvme->n_io_squeue_len =
4425 MIN(nvme->n_io_squeue_len, nvme->n_max_queue_entries);
4426
4427 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, "io-squeue-len",
4428 nvme->n_io_squeue_len);
4429
4430 /*
4431 * Pre-allocate completion queues.
4432 * When there are the same number of submission and completion
4433 * queues there is no value in having a larger completion
4434 * queue length.
4435 */
4436 if (nvme->n_submission_queues == nvme->n_completion_queues)
4437 nvme->n_io_cqueue_len = MIN(nvme->n_io_cqueue_len,
4438 nvme->n_io_squeue_len);
4439
4440 nvme->n_io_cqueue_len = MIN(nvme->n_io_cqueue_len,
4441 nvme->n_max_queue_entries);
4442
4443 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, "io-cqueue-len",
4444 nvme->n_io_cqueue_len);
4445
4446 /*
4447 * Assign the equal quantity of taskq threads to each completion
4448 * queue, capping the total number of threads to the number
4449 * of CPUs.
4450 */
4451 tq_threads = MIN(UINT16_MAX, ncpus) / nvme->n_completion_queues;
4452
4453 /*
4454 * In case the calculation above is zero, we need at least one
4455 * thread per completion queue.
4456 */
4457 tq_threads = MAX(1, tq_threads);
4458
4459 if (nvme_create_cq_array(nvme, nvme->n_completion_queues + 1,
4460 nvme->n_io_cqueue_len, tq_threads) != DDI_SUCCESS) {
4461 dev_err(nvme->n_dip, CE_WARN,
4462 "!failed to pre-allocate completion queues");
4463 goto fail;
4464 }
4465
4466 /*
4467 * If we use less completion queues than interrupt vectors return
4468 * some of the interrupt vectors back to the system.
4469 */
4470 if (nvme->n_completion_queues + 1 < nvme->n_intr_cnt) {
4471 nvme_release_interrupts(nvme);
4472
4473 if (nvme_setup_interrupts(nvme, nvme->n_intr_type,
4474 nvme->n_completion_queues + 1) != DDI_SUCCESS) {
4475 dev_err(nvme->n_dip, CE_WARN,
4476 "!failed to reduce number of interrupts");
4477 goto fail;
4478 }
4479 }
4480
4481 /*
4482 * Alloc & register I/O queue pairs
4483 */
4484
4485 for (i = 1; i != nvme->n_ioq_count + 1; i++) {
4486 if (nvme_alloc_qpair(nvme, nvme->n_io_squeue_len,
4487 &nvme->n_ioq[i], i) != DDI_SUCCESS) {
4488 dev_err(nvme->n_dip, CE_WARN,
4489 "!unable to allocate I/O qpair %d", i);
4490 goto fail;
4491 }
4492
4493 if (nvme_create_io_qpair(nvme, nvme->n_ioq[i], i) != 0) {
4494 dev_err(nvme->n_dip, CE_WARN,
4495 "!unable to create I/O qpair %d", i);
4496 goto fail;
4497 }
4498 }
4499
4500 /*
4501 * Post more asynchronous events commands to reduce event reporting
4502 * latency as suggested by the spec.
4503 */
4504 if (nvme->n_async_event_supported) {
4505 for (i = 1; i != nvme->n_async_event_limit; i++)
4506 nvme_async_event(nvme);
4507 }
4508
4509 return (DDI_SUCCESS);
4510
4511 fail:
4512 (void) nvme_reset(nvme, B_FALSE);
4513 return (DDI_FAILURE);
4514 }
4515
4516 static uint_t
nvme_intr(caddr_t arg1,caddr_t arg2)4517 nvme_intr(caddr_t arg1, caddr_t arg2)
4518 {
4519 nvme_t *nvme = (nvme_t *)arg1;
4520 int inum = (int)(uintptr_t)arg2;
4521 int ccnt = 0;
4522 int qnum;
4523
4524 if (inum >= nvme->n_intr_cnt)
4525 return (DDI_INTR_UNCLAIMED);
4526
4527 if (nvme->n_dead) {
4528 return (nvme->n_intr_type == DDI_INTR_TYPE_FIXED ?
4529 DDI_INTR_UNCLAIMED : DDI_INTR_CLAIMED);
4530 }
4531
4532 /*
4533 * The interrupt vector a queue uses is calculated as queue_idx %
4534 * intr_cnt in nvme_create_io_qpair(). Iterate through the queue array
4535 * in steps of n_intr_cnt to process all queues using this vector.
4536 */
4537 for (qnum = inum;
4538 qnum < nvme->n_cq_count && nvme->n_cq[qnum] != NULL;
4539 qnum += nvme->n_intr_cnt) {
4540 ccnt += nvme_process_iocq(nvme, nvme->n_cq[qnum]);
4541 }
4542
4543 return (ccnt > 0 ? DDI_INTR_CLAIMED : DDI_INTR_UNCLAIMED);
4544 }
4545
4546 static void
nvme_release_interrupts(nvme_t * nvme)4547 nvme_release_interrupts(nvme_t *nvme)
4548 {
4549 int i;
4550
4551 for (i = 0; i < nvme->n_intr_cnt; i++) {
4552 if (nvme->n_inth[i] == NULL)
4553 break;
4554
4555 if (nvme->n_intr_cap & DDI_INTR_FLAG_BLOCK)
4556 (void) ddi_intr_block_disable(&nvme->n_inth[i], 1);
4557 else
4558 (void) ddi_intr_disable(nvme->n_inth[i]);
4559
4560 (void) ddi_intr_remove_handler(nvme->n_inth[i]);
4561 (void) ddi_intr_free(nvme->n_inth[i]);
4562 }
4563
4564 kmem_free(nvme->n_inth, nvme->n_inth_sz);
4565 nvme->n_inth = NULL;
4566 nvme->n_inth_sz = 0;
4567
4568 nvme->n_progress &= ~NVME_INTERRUPTS;
4569 }
4570
4571 static int
nvme_setup_interrupts(nvme_t * nvme,int intr_type,int nqpairs)4572 nvme_setup_interrupts(nvme_t *nvme, int intr_type, int nqpairs)
4573 {
4574 int nintrs, navail, count;
4575 int ret;
4576 int i;
4577
4578 if (nvme->n_intr_types == 0) {
4579 ret = ddi_intr_get_supported_types(nvme->n_dip,
4580 &nvme->n_intr_types);
4581 if (ret != DDI_SUCCESS) {
4582 dev_err(nvme->n_dip, CE_WARN,
4583 "!%s: ddi_intr_get_supported types failed",
4584 __func__);
4585 return (ret);
4586 }
4587 #ifdef __x86
4588 if (get_hwenv() == HW_VMWARE)
4589 nvme->n_intr_types &= ~DDI_INTR_TYPE_MSIX;
4590 #endif
4591 }
4592
4593 if ((nvme->n_intr_types & intr_type) == 0)
4594 return (DDI_FAILURE);
4595
4596 ret = ddi_intr_get_nintrs(nvme->n_dip, intr_type, &nintrs);
4597 if (ret != DDI_SUCCESS) {
4598 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_nintrs failed",
4599 __func__);
4600 return (ret);
4601 }
4602
4603 ret = ddi_intr_get_navail(nvme->n_dip, intr_type, &navail);
4604 if (ret != DDI_SUCCESS) {
4605 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_navail failed",
4606 __func__);
4607 return (ret);
4608 }
4609
4610 /* We want at most one interrupt per queue pair. */
4611 if (navail > nqpairs)
4612 navail = nqpairs;
4613
4614 nvme->n_inth_sz = sizeof (ddi_intr_handle_t) * navail;
4615 nvme->n_inth = kmem_zalloc(nvme->n_inth_sz, KM_SLEEP);
4616
4617 ret = ddi_intr_alloc(nvme->n_dip, nvme->n_inth, intr_type, 0, navail,
4618 &count, 0);
4619 if (ret != DDI_SUCCESS) {
4620 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_alloc failed",
4621 __func__);
4622 goto fail;
4623 }
4624
4625 nvme->n_intr_cnt = count;
4626
4627 ret = ddi_intr_get_pri(nvme->n_inth[0], &nvme->n_intr_pri);
4628 if (ret != DDI_SUCCESS) {
4629 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_pri failed",
4630 __func__);
4631 goto fail;
4632 }
4633
4634 for (i = 0; i < count; i++) {
4635 ret = ddi_intr_add_handler(nvme->n_inth[i], nvme_intr,
4636 (void *)nvme, (void *)(uintptr_t)i);
4637 if (ret != DDI_SUCCESS) {
4638 dev_err(nvme->n_dip, CE_WARN,
4639 "!%s: ddi_intr_add_handler failed", __func__);
4640 goto fail;
4641 }
4642 }
4643
4644 (void) ddi_intr_get_cap(nvme->n_inth[0], &nvme->n_intr_cap);
4645
4646 for (i = 0; i < count; i++) {
4647 if (nvme->n_intr_cap & DDI_INTR_FLAG_BLOCK)
4648 ret = ddi_intr_block_enable(&nvme->n_inth[i], 1);
4649 else
4650 ret = ddi_intr_enable(nvme->n_inth[i]);
4651
4652 if (ret != DDI_SUCCESS) {
4653 dev_err(nvme->n_dip, CE_WARN,
4654 "!%s: enabling interrupt %d failed", __func__, i);
4655 goto fail;
4656 }
4657 }
4658
4659 nvme->n_intr_type = intr_type;
4660
4661 nvme->n_progress |= NVME_INTERRUPTS;
4662
4663 return (DDI_SUCCESS);
4664
4665 fail:
4666 nvme_release_interrupts(nvme);
4667
4668 return (ret);
4669 }
4670
4671 static int
nvme_fm_errcb(dev_info_t * dip,ddi_fm_error_t * fm_error,const void * arg)4672 nvme_fm_errcb(dev_info_t *dip, ddi_fm_error_t *fm_error, const void *arg)
4673 {
4674 _NOTE(ARGUNUSED(arg));
4675
4676 pci_ereport_post(dip, fm_error, NULL);
4677 return (fm_error->fme_status);
4678 }
4679
4680 static void
nvme_remove_callback(dev_info_t * dip,ddi_eventcookie_t cookie,void * a,void * b)4681 nvme_remove_callback(dev_info_t *dip, ddi_eventcookie_t cookie, void *a,
4682 void *b)
4683 {
4684 nvme_t *nvme = a;
4685
4686 nvme_ctrl_mark_dead(nvme, B_TRUE);
4687
4688 /*
4689 * Fail all outstanding commands, including those in the admin queue
4690 * (queue 0).
4691 */
4692 for (uint_t i = 0; i < nvme->n_ioq_count + 1; i++) {
4693 nvme_qpair_t *qp = nvme->n_ioq[i];
4694
4695 mutex_enter(&qp->nq_mutex);
4696 for (size_t j = 0; j < qp->nq_nentry; j++) {
4697 nvme_cmd_t *cmd = qp->nq_cmd[j];
4698 nvme_cmd_t *u_cmd;
4699
4700 if (cmd == NULL) {
4701 continue;
4702 }
4703
4704 /*
4705 * Since we have the queue lock held the entire time we
4706 * iterate over it, it's not possible for the queue to
4707 * change underneath us. Thus, we don't need to check
4708 * that the return value of nvme_unqueue_cmd matches the
4709 * requested cmd to unqueue.
4710 */
4711 u_cmd = nvme_unqueue_cmd(nvme, qp, cmd->nc_sqe.sqe_cid);
4712 taskq_dispatch_ent(qp->nq_cq->ncq_cmd_taskq,
4713 cmd->nc_callback, cmd, TQ_NOSLEEP, &cmd->nc_tqent);
4714
4715 ASSERT3P(u_cmd, ==, cmd);
4716 }
4717 mutex_exit(&qp->nq_mutex);
4718 }
4719 }
4720
4721 /*
4722 * Open minor management
4723 */
4724 static int
nvme_minor_comparator(const void * l,const void * r)4725 nvme_minor_comparator(const void *l, const void *r)
4726 {
4727 const nvme_minor_t *lm = l;
4728 const nvme_minor_t *rm = r;
4729
4730 if (lm->nm_minor > rm->nm_minor) {
4731 return (1);
4732 } else if (lm->nm_minor < rm->nm_minor) {
4733 return (-1);
4734 } else {
4735 return (0);
4736 }
4737 }
4738
4739 static void
nvme_minor_free(nvme_minor_t * minor)4740 nvme_minor_free(nvme_minor_t *minor)
4741 {
4742 if (minor->nm_minor > 0) {
4743 ASSERT3S(minor->nm_minor, >=, NVME_OPEN_MINOR_MIN);
4744 id_free(nvme_open_minors, minor->nm_minor);
4745 minor->nm_minor = 0;
4746 }
4747 VERIFY0(list_link_active(&minor->nm_ctrl_lock.nli_node));
4748 VERIFY0(list_link_active(&minor->nm_ns_lock.nli_node));
4749 cv_destroy(&minor->nm_cv);
4750 kmem_free(minor, sizeof (nvme_minor_t));
4751 }
4752
4753 static nvme_minor_t *
nvme_minor_find_by_dev(dev_t dev)4754 nvme_minor_find_by_dev(dev_t dev)
4755 {
4756 id_t id = (id_t)getminor(dev);
4757 nvme_minor_t search = { .nm_minor = id };
4758 nvme_minor_t *ret;
4759
4760 mutex_enter(&nvme_open_minors_mutex);
4761 ret = avl_find(&nvme_open_minors_avl, &search, NULL);
4762 mutex_exit(&nvme_open_minors_mutex);
4763
4764 return (ret);
4765 }
4766
4767 static int
nvme_attach(dev_info_t * dip,ddi_attach_cmd_t cmd)4768 nvme_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
4769 {
4770 nvme_t *nvme;
4771 int instance;
4772 int nregs;
4773 off_t regsize;
4774 char name[32];
4775 boolean_t attached_ns;
4776
4777 if (cmd != DDI_ATTACH)
4778 return (DDI_FAILURE);
4779
4780 instance = ddi_get_instance(dip);
4781
4782 if (ddi_soft_state_zalloc(nvme_state, instance) != DDI_SUCCESS)
4783 return (DDI_FAILURE);
4784
4785 nvme = ddi_get_soft_state(nvme_state, instance);
4786 ddi_set_driver_private(dip, nvme);
4787 nvme->n_dip = dip;
4788
4789 /*
4790 * Map PCI config space
4791 */
4792 if (pci_config_setup(dip, &nvme->n_pcicfg_handle) != DDI_SUCCESS) {
4793 dev_err(dip, CE_WARN, "!failed to map PCI config space");
4794 goto fail;
4795 }
4796 nvme->n_progress |= NVME_PCI_CONFIG;
4797
4798 /*
4799 * Get the various PCI IDs from config space
4800 */
4801 nvme->n_vendor_id =
4802 pci_config_get16(nvme->n_pcicfg_handle, PCI_CONF_VENID);
4803 nvme->n_device_id =
4804 pci_config_get16(nvme->n_pcicfg_handle, PCI_CONF_DEVID);
4805 nvme->n_revision_id =
4806 pci_config_get8(nvme->n_pcicfg_handle, PCI_CONF_REVID);
4807 nvme->n_subsystem_device_id =
4808 pci_config_get16(nvme->n_pcicfg_handle, PCI_CONF_SUBSYSID);
4809 nvme->n_subsystem_vendor_id =
4810 pci_config_get16(nvme->n_pcicfg_handle, PCI_CONF_SUBVENID);
4811
4812 nvme_detect_quirks(nvme);
4813
4814 /*
4815 * Set up event handlers for hot removal. While npe(4D) supports the hot
4816 * removal event being injected for devices, the same is not true of all
4817 * of our possible parents (i.e. pci(4D) as of this writing). The most
4818 * common case this shows up is in some virtualization environments. We
4819 * should treat this as non-fatal so that way devices work but leave
4820 * this set up in such a way that if a nexus does grow support for this
4821 * we're good to go.
4822 */
4823 if (ddi_get_eventcookie(nvme->n_dip, DDI_DEVI_REMOVE_EVENT,
4824 &nvme->n_rm_cookie) == DDI_SUCCESS) {
4825 if (ddi_add_event_handler(nvme->n_dip, nvme->n_rm_cookie,
4826 nvme_remove_callback, nvme, &nvme->n_ev_rm_cb_id) !=
4827 DDI_SUCCESS) {
4828 goto fail;
4829 }
4830 } else {
4831 nvme->n_ev_rm_cb_id = NULL;
4832 }
4833
4834 mutex_init(&nvme->n_minor_mutex, NULL, MUTEX_DRIVER, NULL);
4835 nvme->n_progress |= NVME_MUTEX_INIT;
4836
4837 nvme->n_strict_version = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4838 DDI_PROP_DONTPASS, "strict-version", 1) == 1 ? B_TRUE : B_FALSE;
4839 nvme->n_ignore_unknown_vendor_status = ddi_prop_get_int(DDI_DEV_T_ANY,
4840 dip, DDI_PROP_DONTPASS, "ignore-unknown-vendor-status", 0) == 1 ?
4841 B_TRUE : B_FALSE;
4842 nvme->n_admin_queue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4843 DDI_PROP_DONTPASS, "admin-queue-len", NVME_DEFAULT_ADMIN_QUEUE_LEN);
4844 nvme->n_io_squeue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4845 DDI_PROP_DONTPASS, "io-squeue-len", NVME_DEFAULT_IO_QUEUE_LEN);
4846 /*
4847 * Double up the default for completion queues in case of
4848 * queue sharing.
4849 */
4850 nvme->n_io_cqueue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4851 DDI_PROP_DONTPASS, "io-cqueue-len", 2 * NVME_DEFAULT_IO_QUEUE_LEN);
4852 nvme->n_async_event_limit = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4853 DDI_PROP_DONTPASS, "async-event-limit",
4854 NVME_DEFAULT_ASYNC_EVENT_LIMIT);
4855 nvme->n_write_cache_enabled = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4856 DDI_PROP_DONTPASS, "volatile-write-cache-enable", 1) != 0 ?
4857 B_TRUE : B_FALSE;
4858 nvme->n_min_block_size = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4859 DDI_PROP_DONTPASS, "min-phys-block-size",
4860 NVME_DEFAULT_MIN_BLOCK_SIZE);
4861 nvme->n_submission_queues = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4862 DDI_PROP_DONTPASS, "max-submission-queues", -1);
4863 nvme->n_completion_queues = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
4864 DDI_PROP_DONTPASS, "max-completion-queues", -1);
4865
4866 if (!ISP2(nvme->n_min_block_size) ||
4867 (nvme->n_min_block_size < NVME_DEFAULT_MIN_BLOCK_SIZE)) {
4868 dev_err(dip, CE_WARN, "!min-phys-block-size %s, "
4869 "using default %d", ISP2(nvme->n_min_block_size) ?
4870 "too low" : "not a power of 2",
4871 NVME_DEFAULT_MIN_BLOCK_SIZE);
4872 nvme->n_min_block_size = NVME_DEFAULT_MIN_BLOCK_SIZE;
4873 }
4874
4875 if (nvme->n_submission_queues != -1 &&
4876 (nvme->n_submission_queues < 1 ||
4877 nvme->n_submission_queues > UINT16_MAX)) {
4878 dev_err(dip, CE_WARN, "!\"submission-queues\"=%d is not "
4879 "valid. Must be [1..%d]", nvme->n_submission_queues,
4880 UINT16_MAX);
4881 nvme->n_submission_queues = -1;
4882 }
4883
4884 if (nvme->n_completion_queues != -1 &&
4885 (nvme->n_completion_queues < 1 ||
4886 nvme->n_completion_queues > UINT16_MAX)) {
4887 dev_err(dip, CE_WARN, "!\"completion-queues\"=%d is not "
4888 "valid. Must be [1..%d]", nvme->n_completion_queues,
4889 UINT16_MAX);
4890 nvme->n_completion_queues = -1;
4891 }
4892
4893 if (nvme->n_admin_queue_len < NVME_MIN_ADMIN_QUEUE_LEN)
4894 nvme->n_admin_queue_len = NVME_MIN_ADMIN_QUEUE_LEN;
4895 else if (nvme->n_admin_queue_len > NVME_MAX_ADMIN_QUEUE_LEN)
4896 nvme->n_admin_queue_len = NVME_MAX_ADMIN_QUEUE_LEN;
4897
4898 if (nvme->n_io_squeue_len < NVME_MIN_IO_QUEUE_LEN)
4899 nvme->n_io_squeue_len = NVME_MIN_IO_QUEUE_LEN;
4900 if (nvme->n_io_cqueue_len < NVME_MIN_IO_QUEUE_LEN)
4901 nvme->n_io_cqueue_len = NVME_MIN_IO_QUEUE_LEN;
4902
4903 if (nvme->n_async_event_limit < 1)
4904 nvme->n_async_event_limit = NVME_DEFAULT_ASYNC_EVENT_LIMIT;
4905
4906 nvme->n_reg_acc_attr = nvme_reg_acc_attr;
4907 nvme->n_queue_dma_attr = nvme_queue_dma_attr;
4908 nvme->n_prp_dma_attr = nvme_prp_dma_attr;
4909 nvme->n_sgl_dma_attr = nvme_sgl_dma_attr;
4910
4911 /*
4912 * Set up FMA support.
4913 */
4914 nvme->n_fm_cap = ddi_getprop(DDI_DEV_T_ANY, dip,
4915 DDI_PROP_CANSLEEP | DDI_PROP_DONTPASS, "fm-capable",
4916 DDI_FM_EREPORT_CAPABLE | DDI_FM_ACCCHK_CAPABLE |
4917 DDI_FM_DMACHK_CAPABLE | DDI_FM_ERRCB_CAPABLE);
4918
4919 ddi_fm_init(dip, &nvme->n_fm_cap, &nvme->n_fm_ibc);
4920
4921 if (nvme->n_fm_cap) {
4922 if (nvme->n_fm_cap & DDI_FM_ACCCHK_CAPABLE)
4923 nvme->n_reg_acc_attr.devacc_attr_access =
4924 DDI_FLAGERR_ACC;
4925
4926 if (nvme->n_fm_cap & DDI_FM_DMACHK_CAPABLE) {
4927 nvme->n_prp_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR;
4928 nvme->n_sgl_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR;
4929 }
4930
4931 if (DDI_FM_EREPORT_CAP(nvme->n_fm_cap) ||
4932 DDI_FM_ERRCB_CAP(nvme->n_fm_cap))
4933 pci_ereport_setup(dip);
4934
4935 if (DDI_FM_ERRCB_CAP(nvme->n_fm_cap))
4936 ddi_fm_handler_register(dip, nvme_fm_errcb,
4937 (void *)nvme);
4938 }
4939
4940 nvme->n_progress |= NVME_FMA_INIT;
4941
4942 /*
4943 * The spec defines several register sets. Only the controller
4944 * registers (set 1) are currently used.
4945 */
4946 if (ddi_dev_nregs(dip, &nregs) == DDI_FAILURE ||
4947 nregs < 2 ||
4948 ddi_dev_regsize(dip, 1, ®size) == DDI_FAILURE)
4949 goto fail;
4950
4951 if (ddi_regs_map_setup(dip, 1, &nvme->n_regs, 0, regsize,
4952 &nvme->n_reg_acc_attr, &nvme->n_regh) != DDI_SUCCESS) {
4953 dev_err(dip, CE_WARN, "!failed to map regset 1");
4954 goto fail;
4955 }
4956
4957 nvme->n_progress |= NVME_REGS_MAPPED;
4958
4959 /*
4960 * Set up kstats
4961 */
4962 if (!nvme_stat_init(nvme)) {
4963 dev_err(dip, CE_WARN, "!failed to create device kstats");
4964 goto fail;
4965 }
4966 nvme->n_progress |= NVME_STAT_INIT;
4967
4968 /*
4969 * Create PRP DMA cache
4970 */
4971 (void) snprintf(name, sizeof (name), "%s%d_prp_cache",
4972 ddi_driver_name(dip), ddi_get_instance(dip));
4973 nvme->n_prp_cache = kmem_cache_create(name, sizeof (nvme_dma_t),
4974 0, nvme_prp_dma_constructor, nvme_prp_dma_destructor,
4975 NULL, (void *)nvme, NULL, 0);
4976
4977 if (nvme_init(nvme) != DDI_SUCCESS)
4978 goto fail;
4979
4980 /*
4981 * Initialize the driver with the UFM subsystem
4982 */
4983 if (ddi_ufm_init(dip, DDI_UFM_CURRENT_VERSION, &nvme_ufm_ops,
4984 &nvme->n_ufmh, nvme) != 0) {
4985 dev_err(dip, CE_WARN, "!failed to initialize UFM subsystem");
4986 goto fail;
4987 }
4988 mutex_init(&nvme->n_fwslot_mutex, NULL, MUTEX_DRIVER, NULL);
4989 ddi_ufm_update(nvme->n_ufmh);
4990 nvme->n_progress |= NVME_UFM_INIT;
4991
4992 nvme_mgmt_lock_init(&nvme->n_mgmt);
4993 nvme_lock_init(&nvme->n_lock);
4994 nvme->n_progress |= NVME_MGMT_INIT;
4995 nvme->n_dead_status = NVME_IOCTL_E_CTRL_DEAD;
4996
4997 /*
4998 * Identify namespaces.
4999 */
5000 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
5001
5002 boolean_t minor_logged = B_FALSE;
5003 for (uint32_t i = 1; i <= nvme->n_namespace_count; i++) {
5004 nvme_namespace_t *ns = nvme_nsid2ns(nvme, i);
5005
5006 nvme_lock_init(&ns->ns_lock);
5007 ns->ns_progress |= NVME_NS_LOCK;
5008
5009 /*
5010 * Namespaces start out ignored. When nvme_init_ns() checks
5011 * their properties and finds they can be used, it will set
5012 * ns_ignore to B_FALSE. It will also use this state change
5013 * to keep an accurate count of attachable namespaces.
5014 */
5015 ns->ns_ignore = B_TRUE;
5016 if (nvme_init_ns(nvme, i) != 0) {
5017 nvme_mgmt_unlock(nvme);
5018 goto fail;
5019 }
5020
5021 /*
5022 * We only create compat minor nodes for the namespace for the
5023 * first NVME_MINOR_MAX namespaces. Those that are beyond this
5024 * can only be accessed through the primary controller node,
5025 * which is generally fine as that's what libnvme uses and is
5026 * our preferred path. Not having a minor is better than not
5027 * having the namespace!
5028 */
5029 if (i > NVME_MINOR_MAX) {
5030 if (!minor_logged) {
5031 dev_err(dip, CE_WARN, "namespace minor "
5032 "creation limited to the first %u "
5033 "namespaces, device has %u",
5034 NVME_MINOR_MAX, nvme->n_namespace_count);
5035 minor_logged = B_TRUE;
5036 }
5037 continue;
5038 }
5039
5040 if (ddi_create_minor_node(nvme->n_dip, ns->ns_name, S_IFCHR,
5041 NVME_MINOR(ddi_get_instance(nvme->n_dip), i),
5042 DDI_NT_NVME_ATTACHMENT_POINT, 0) != DDI_SUCCESS) {
5043 nvme_mgmt_unlock(nvme);
5044 dev_err(dip, CE_WARN,
5045 "!failed to create minor node for namespace %d", i);
5046 goto fail;
5047 }
5048 ns->ns_progress |= NVME_NS_MINOR;
5049 }
5050
5051 if (ddi_create_minor_node(dip, "devctl", S_IFCHR,
5052 NVME_MINOR(ddi_get_instance(dip), 0), DDI_NT_NVME_NEXUS, 0) !=
5053 DDI_SUCCESS) {
5054 nvme_mgmt_unlock(nvme);
5055 dev_err(dip, CE_WARN, "nvme_attach: "
5056 "cannot create devctl minor node");
5057 goto fail;
5058 }
5059
5060 attached_ns = B_FALSE;
5061 for (uint32_t i = 1; i <= nvme->n_namespace_count; i++) {
5062 nvme_ioctl_common_t com = { .nioc_nsid = i };
5063
5064 if (nvme_attach_ns(nvme, &com)) {
5065 attached_ns = B_TRUE;
5066 } else if (com.nioc_drv_err != NVME_IOCTL_E_UNSUP_ATTACH_NS) {
5067 dev_err(nvme->n_dip, CE_WARN, "!failed to attach "
5068 "namespace %d due to blkdev error", i);
5069 /*
5070 * Once we have successfully attached a namespace we
5071 * can no longer fail the driver attach as there is now
5072 * a blkdev child node linked to this device, and
5073 * our node is not yet in the attached state.
5074 */
5075 if (!attached_ns) {
5076 nvme_mgmt_unlock(nvme);
5077 goto fail;
5078 }
5079 }
5080 }
5081
5082 nvme_mgmt_unlock(nvme);
5083
5084 return (DDI_SUCCESS);
5085
5086 fail:
5087 /* attach successful anyway so that FMA can retire the device */
5088 if (nvme->n_dead)
5089 return (DDI_SUCCESS);
5090
5091 (void) nvme_detach(dip, DDI_DETACH);
5092
5093 return (DDI_FAILURE);
5094 }
5095
5096 static int
nvme_detach(dev_info_t * dip,ddi_detach_cmd_t cmd)5097 nvme_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5098 {
5099 int instance;
5100 nvme_t *nvme;
5101
5102 if (cmd != DDI_DETACH)
5103 return (DDI_FAILURE);
5104
5105 instance = ddi_get_instance(dip);
5106
5107 nvme = ddi_get_soft_state(nvme_state, instance);
5108
5109 if (nvme == NULL)
5110 return (DDI_FAILURE);
5111
5112 /*
5113 * Remove all minor nodes from the device regardless of the source in
5114 * one swoop.
5115 */
5116 ddi_remove_minor_node(dip, NULL);
5117
5118 /*
5119 * We need to remove the event handler as one of the first things that
5120 * we do. If we proceed with other teardown without removing the event
5121 * handler, we could end up in a very unfortunate race with ourselves.
5122 * The DDI does not serialize these with detach (just like timeout(9F)
5123 * and others).
5124 */
5125 if (nvme->n_ev_rm_cb_id != NULL) {
5126 (void) ddi_remove_event_handler(nvme->n_ev_rm_cb_id);
5127 }
5128 nvme->n_ev_rm_cb_id = NULL;
5129
5130 /*
5131 * If the controller was marked dead, there is a slight chance that we
5132 * are asynchronusly processing the removal taskq. Because we have
5133 * removed the callback handler above and all minor nodes and commands
5134 * are closed, there is no other way to get in here. As such, we wait on
5135 * the nvme_dead_taskq to complete so we can avoid tracking if it's
5136 * running or not.
5137 */
5138 taskq_wait(nvme_dead_taskq);
5139
5140 if (nvme->n_ns) {
5141 for (uint32_t i = 1; i <= nvme->n_namespace_count; i++) {
5142 nvme_namespace_t *ns = nvme_nsid2ns(nvme, i);
5143
5144 if (ns->ns_bd_hdl) {
5145 (void) bd_detach_handle(ns->ns_bd_hdl);
5146 bd_free_handle(ns->ns_bd_hdl);
5147 }
5148
5149 if (ns->ns_idns)
5150 kmem_free(ns->ns_idns,
5151 sizeof (nvme_identify_nsid_t));
5152 if (ns->ns_devid)
5153 strfree(ns->ns_devid);
5154
5155 if ((ns->ns_progress & NVME_NS_LOCK) != 0)
5156 nvme_lock_fini(&ns->ns_lock);
5157 }
5158
5159 kmem_free(nvme->n_ns, sizeof (nvme_namespace_t) *
5160 nvme->n_namespace_count);
5161 }
5162
5163 if (nvme->n_progress & NVME_MGMT_INIT) {
5164 nvme_lock_fini(&nvme->n_lock);
5165 nvme_mgmt_lock_fini(&nvme->n_mgmt);
5166 }
5167
5168 if (nvme->n_progress & NVME_UFM_INIT) {
5169 ddi_ufm_fini(nvme->n_ufmh);
5170 mutex_destroy(&nvme->n_fwslot_mutex);
5171 }
5172
5173 if (nvme->n_progress & NVME_INTERRUPTS)
5174 nvme_release_interrupts(nvme);
5175
5176 for (uint_t i = 0; i < nvme->n_cq_count; i++) {
5177 if (nvme->n_cq[i]->ncq_cmd_taskq != NULL)
5178 taskq_wait(nvme->n_cq[i]->ncq_cmd_taskq);
5179 }
5180
5181 if (nvme->n_progress & NVME_MUTEX_INIT) {
5182 mutex_destroy(&nvme->n_minor_mutex);
5183 }
5184
5185 if (nvme->n_ioq_count > 0) {
5186 for (uint_t i = 1; i != nvme->n_ioq_count + 1; i++) {
5187 if (nvme->n_ioq[i] != NULL) {
5188 /* TODO: send destroy queue commands */
5189 nvme_free_qpair(nvme->n_ioq[i]);
5190 }
5191 }
5192
5193 kmem_free(nvme->n_ioq, sizeof (nvme_qpair_t *) *
5194 (nvme->n_ioq_count + 1));
5195 }
5196
5197 if (nvme->n_prp_cache != NULL) {
5198 kmem_cache_destroy(nvme->n_prp_cache);
5199 }
5200
5201 if (nvme->n_progress & NVME_REGS_MAPPED) {
5202 nvme_shutdown(nvme, B_FALSE);
5203 (void) nvme_reset(nvme, B_FALSE);
5204 }
5205
5206 if (nvme->n_progress & NVME_CTRL_LIMITS)
5207 sema_destroy(&nvme->n_abort_sema);
5208
5209 if (nvme->n_progress & NVME_ADMIN_QUEUE)
5210 nvme_free_qpair(nvme->n_adminq);
5211
5212 if (nvme->n_cq_count > 0) {
5213 nvme_destroy_cq_array(nvme, 0);
5214 nvme->n_cq = NULL;
5215 nvme->n_cq_count = 0;
5216 }
5217
5218 if (nvme->n_idcomns)
5219 kmem_free(nvme->n_idcomns, NVME_IDENTIFY_BUFSIZE);
5220
5221 if (nvme->n_idctl)
5222 kmem_free(nvme->n_idctl, NVME_IDENTIFY_BUFSIZE);
5223
5224 if (nvme->n_progress & NVME_REGS_MAPPED)
5225 ddi_regs_map_free(&nvme->n_regh);
5226
5227 if (nvme->n_progress & NVME_STAT_INIT)
5228 nvme_stat_cleanup(nvme);
5229
5230 if (nvme->n_progress & NVME_FMA_INIT) {
5231 if (DDI_FM_ERRCB_CAP(nvme->n_fm_cap))
5232 ddi_fm_handler_unregister(nvme->n_dip);
5233
5234 if (DDI_FM_EREPORT_CAP(nvme->n_fm_cap) ||
5235 DDI_FM_ERRCB_CAP(nvme->n_fm_cap))
5236 pci_ereport_teardown(nvme->n_dip);
5237
5238 ddi_fm_fini(nvme->n_dip);
5239 }
5240
5241 if (nvme->n_progress & NVME_PCI_CONFIG)
5242 pci_config_teardown(&nvme->n_pcicfg_handle);
5243
5244 if (nvme->n_vendor != NULL)
5245 strfree(nvme->n_vendor);
5246
5247 if (nvme->n_product != NULL)
5248 strfree(nvme->n_product);
5249
5250 ddi_soft_state_free(nvme_state, instance);
5251
5252 return (DDI_SUCCESS);
5253 }
5254
5255 static int
nvme_quiesce(dev_info_t * dip)5256 nvme_quiesce(dev_info_t *dip)
5257 {
5258 int instance;
5259 nvme_t *nvme;
5260
5261 instance = ddi_get_instance(dip);
5262
5263 nvme = ddi_get_soft_state(nvme_state, instance);
5264
5265 if (nvme == NULL)
5266 return (DDI_FAILURE);
5267
5268 nvme_shutdown(nvme, B_TRUE);
5269
5270 (void) nvme_reset(nvme, B_TRUE);
5271
5272 return (DDI_SUCCESS);
5273 }
5274
5275 static int
nvme_fill_prp(nvme_cmd_t * cmd,ddi_dma_handle_t dma)5276 nvme_fill_prp(nvme_cmd_t *cmd, ddi_dma_handle_t dma)
5277 {
5278 nvme_t *nvme = cmd->nc_nvme;
5279 uint_t nprp_per_page, nprp;
5280 uint64_t *prp;
5281 const ddi_dma_cookie_t *cookie;
5282 uint_t idx;
5283 uint_t ncookies = ddi_dma_ncookies(dma);
5284
5285 if (ncookies == 0)
5286 return (DDI_FAILURE);
5287
5288 if ((cookie = ddi_dma_cookie_get(dma, 0)) == NULL)
5289 return (DDI_FAILURE);
5290 cmd->nc_sqe.sqe_dptr.d_prp[0] = cookie->dmac_laddress;
5291
5292 if (ncookies == 1) {
5293 cmd->nc_sqe.sqe_dptr.d_prp[1] = 0;
5294 return (DDI_SUCCESS);
5295 } else if (ncookies == 2) {
5296 if ((cookie = ddi_dma_cookie_get(dma, 1)) == NULL)
5297 return (DDI_FAILURE);
5298 cmd->nc_sqe.sqe_dptr.d_prp[1] = cookie->dmac_laddress;
5299 return (DDI_SUCCESS);
5300 }
5301
5302 /*
5303 * At this point, we're always operating on cookies at
5304 * index >= 1 and writing the addresses of those cookies
5305 * into a new page. The address of that page is stored
5306 * as the second PRP entry.
5307 */
5308 nprp_per_page = nvme->n_pagesize / sizeof (uint64_t);
5309 ASSERT(nprp_per_page > 0);
5310
5311 /*
5312 * We currently don't support chained PRPs and set up our DMA
5313 * attributes to reflect that. If we still get an I/O request
5314 * that needs a chained PRP something is very wrong. Account
5315 * for the first cookie here, which we've placed in d_prp[0].
5316 */
5317 nprp = howmany(ncookies - 1, nprp_per_page);
5318 VERIFY(nprp == 1);
5319
5320 /*
5321 * Allocate a page of pointers, in which we'll write the
5322 * addresses of cookies 1 to `ncookies`.
5323 */
5324 cmd->nc_prp = kmem_cache_alloc(nvme->n_prp_cache, KM_SLEEP);
5325 bzero(cmd->nc_prp->nd_memp, cmd->nc_prp->nd_len);
5326 cmd->nc_sqe.sqe_dptr.d_prp[1] = cmd->nc_prp->nd_cookie.dmac_laddress;
5327
5328 prp = (uint64_t *)cmd->nc_prp->nd_memp;
5329 for (idx = 1; idx < ncookies; idx++) {
5330 if ((cookie = ddi_dma_cookie_get(dma, idx)) == NULL)
5331 return (DDI_FAILURE);
5332 *prp++ = cookie->dmac_laddress;
5333 }
5334
5335 (void) ddi_dma_sync(cmd->nc_prp->nd_dmah, 0, cmd->nc_prp->nd_len,
5336 DDI_DMA_SYNC_FORDEV);
5337 return (DDI_SUCCESS);
5338 }
5339
5340 /*
5341 * The maximum number of requests supported for a deallocate request is
5342 * NVME_DSET_MGMT_MAX_RANGES (256) -- this is from the NVMe 1.1 spec (and
5343 * unchanged through at least 1.4a). The definition of nvme_range_t is also
5344 * from the NVMe 1.1 spec. Together, the result is that all of the ranges for
5345 * a deallocate request will fit into the smallest supported namespace page
5346 * (4k).
5347 */
5348 CTASSERT(sizeof (nvme_range_t) * NVME_DSET_MGMT_MAX_RANGES == 4096);
5349
5350 static int
nvme_fill_ranges(nvme_cmd_t * cmd,bd_xfer_t * xfer,uint64_t blocksize,int allocflag)5351 nvme_fill_ranges(nvme_cmd_t *cmd, bd_xfer_t *xfer, uint64_t blocksize,
5352 int allocflag)
5353 {
5354 const dkioc_free_list_t *dfl = xfer->x_dfl;
5355 const dkioc_free_list_ext_t *exts = dfl->dfl_exts;
5356 nvme_t *nvme = cmd->nc_nvme;
5357 nvme_range_t *ranges = NULL;
5358 uint_t i;
5359
5360 /*
5361 * The number of ranges in the request is 0s based (that is
5362 * word10 == 0 -> 1 range, word10 == 1 -> 2 ranges, ...,
5363 * word10 == 255 -> 256 ranges). Therefore the allowed values are
5364 * [1..NVME_DSET_MGMT_MAX_RANGES]. If blkdev gives us a bad request,
5365 * we either provided bad info in nvme_bd_driveinfo() or there is a bug
5366 * in blkdev.
5367 */
5368 VERIFY3U(dfl->dfl_num_exts, >, 0);
5369 VERIFY3U(dfl->dfl_num_exts, <=, NVME_DSET_MGMT_MAX_RANGES);
5370 cmd->nc_sqe.sqe_cdw10 = (dfl->dfl_num_exts - 1) & 0xff;
5371
5372 cmd->nc_sqe.sqe_cdw11 = NVME_DSET_MGMT_ATTR_DEALLOCATE;
5373
5374 cmd->nc_prp = kmem_cache_alloc(nvme->n_prp_cache, allocflag);
5375 if (cmd->nc_prp == NULL)
5376 return (DDI_FAILURE);
5377
5378 bzero(cmd->nc_prp->nd_memp, cmd->nc_prp->nd_len);
5379 ranges = (nvme_range_t *)cmd->nc_prp->nd_memp;
5380
5381 cmd->nc_sqe.sqe_dptr.d_prp[0] = cmd->nc_prp->nd_cookie.dmac_laddress;
5382 cmd->nc_sqe.sqe_dptr.d_prp[1] = 0;
5383
5384 for (i = 0; i < dfl->dfl_num_exts; i++) {
5385 uint64_t lba, len;
5386
5387 lba = (dfl->dfl_offset + exts[i].dfle_start) / blocksize;
5388 len = exts[i].dfle_length / blocksize;
5389
5390 VERIFY3U(len, <=, UINT32_MAX);
5391
5392 /* No context attributes for a deallocate request */
5393 ranges[i].nr_ctxattr = 0;
5394 ranges[i].nr_len = len;
5395 ranges[i].nr_lba = lba;
5396 }
5397
5398 (void) ddi_dma_sync(cmd->nc_prp->nd_dmah, 0, cmd->nc_prp->nd_len,
5399 DDI_DMA_SYNC_FORDEV);
5400
5401 return (DDI_SUCCESS);
5402 }
5403
5404 static nvme_cmd_t *
nvme_create_nvm_cmd(nvme_namespace_t * ns,uint8_t opc,bd_xfer_t * xfer)5405 nvme_create_nvm_cmd(nvme_namespace_t *ns, uint8_t opc, bd_xfer_t *xfer)
5406 {
5407 nvme_t *nvme = ns->ns_nvme;
5408 nvme_cmd_t *cmd;
5409 int allocflag;
5410
5411 /*
5412 * Blkdev only sets BD_XFER_POLL when dumping, so don't sleep.
5413 */
5414 allocflag = (xfer->x_flags & BD_XFER_POLL) ? KM_NOSLEEP : KM_SLEEP;
5415 cmd = nvme_alloc_cmd(nvme, allocflag);
5416
5417 if (cmd == NULL)
5418 return (NULL);
5419
5420 cmd->nc_sqe.sqe_opc = opc;
5421 cmd->nc_callback = nvme_bd_xfer_done;
5422 cmd->nc_xfer = xfer;
5423
5424 switch (opc) {
5425 case NVME_OPC_NVM_WRITE:
5426 case NVME_OPC_NVM_READ:
5427 VERIFY(xfer->x_nblks <= 0x10000);
5428
5429 cmd->nc_sqe.sqe_nsid = ns->ns_id;
5430
5431 cmd->nc_sqe.sqe_cdw10 = xfer->x_blkno & 0xffffffffu;
5432 cmd->nc_sqe.sqe_cdw11 = (xfer->x_blkno >> 32);
5433 cmd->nc_sqe.sqe_cdw12 = (uint16_t)(xfer->x_nblks - 1);
5434
5435 if (nvme_fill_prp(cmd, xfer->x_dmah) != DDI_SUCCESS)
5436 goto fail;
5437 break;
5438
5439 case NVME_OPC_NVM_FLUSH:
5440 cmd->nc_sqe.sqe_nsid = ns->ns_id;
5441 break;
5442
5443 case NVME_OPC_NVM_DSET_MGMT:
5444 cmd->nc_sqe.sqe_nsid = ns->ns_id;
5445
5446 if (nvme_fill_ranges(cmd, xfer,
5447 (uint64_t)ns->ns_block_size, allocflag) != DDI_SUCCESS)
5448 goto fail;
5449 break;
5450
5451 default:
5452 goto fail;
5453 }
5454
5455 return (cmd);
5456
5457 fail:
5458 nvme_free_cmd(cmd);
5459 return (NULL);
5460 }
5461
5462 static void
nvme_bd_xfer_done(void * arg)5463 nvme_bd_xfer_done(void *arg)
5464 {
5465 nvme_cmd_t *cmd = arg;
5466 bd_xfer_t *xfer = cmd->nc_xfer;
5467 int error = 0;
5468
5469 error = nvme_check_cmd_status(cmd);
5470 nvme_free_cmd(cmd);
5471
5472 bd_xfer_done(xfer, error);
5473 }
5474
5475 static void
nvme_bd_driveinfo(void * arg,bd_drive_t * drive)5476 nvme_bd_driveinfo(void *arg, bd_drive_t *drive)
5477 {
5478 nvme_namespace_t *ns = arg;
5479 nvme_t *nvme = ns->ns_nvme;
5480 uint_t ns_count = MAX(1, nvme->n_namespaces_attachable);
5481
5482 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_BDRO);
5483
5484 /*
5485 * Set the blkdev qcount to the number of submission queues.
5486 * It will then create one waitq/runq pair for each submission
5487 * queue and spread I/O requests across the queues.
5488 */
5489 drive->d_qcount = nvme->n_ioq_count;
5490
5491 /*
5492 * I/O activity to individual namespaces is distributed across
5493 * each of the d_qcount blkdev queues (which has been set to
5494 * the number of nvme submission queues). d_qsize is the number
5495 * of submitted and not completed I/Os within each queue that blkdev
5496 * will allow before it starts holding them in the waitq.
5497 *
5498 * Each namespace will create a child blkdev instance, for each one
5499 * we try and set the d_qsize so that each namespace gets an
5500 * equal portion of the submission queue.
5501 *
5502 * If post instantiation of the nvme drive, n_namespaces_attachable
5503 * changes and a namespace is attached it could calculate a
5504 * different d_qsize. It may even be that the sum of the d_qsizes is
5505 * now beyond the submission queue size. Should that be the case
5506 * and the I/O rate is such that blkdev attempts to submit more
5507 * I/Os than the size of the submission queue, the excess I/Os
5508 * will be held behind the semaphore nq_sema.
5509 */
5510 drive->d_qsize = nvme->n_io_squeue_len / ns_count;
5511
5512 /*
5513 * Don't let the queue size drop below the minimum, though.
5514 */
5515 drive->d_qsize = MAX(drive->d_qsize, NVME_MIN_IO_QUEUE_LEN);
5516
5517 /*
5518 * d_maxxfer is not set, which means the value is taken from the DMA
5519 * attributes specified to bd_alloc_handle.
5520 */
5521
5522 drive->d_removable = B_FALSE;
5523 drive->d_hotpluggable = B_FALSE;
5524
5525 bcopy(ns->ns_eui64, drive->d_eui64, sizeof (drive->d_eui64));
5526 drive->d_target = ns->ns_id;
5527 drive->d_lun = 0;
5528
5529 drive->d_model = nvme->n_idctl->id_model;
5530 drive->d_model_len = sizeof (nvme->n_idctl->id_model);
5531 drive->d_vendor = nvme->n_vendor;
5532 drive->d_vendor_len = strlen(nvme->n_vendor);
5533 drive->d_product = nvme->n_product;
5534 drive->d_product_len = strlen(nvme->n_product);
5535 drive->d_serial = nvme->n_idctl->id_serial;
5536 drive->d_serial_len = sizeof (nvme->n_idctl->id_serial);
5537 drive->d_revision = nvme->n_idctl->id_fwrev;
5538 drive->d_revision_len = sizeof (nvme->n_idctl->id_fwrev);
5539
5540 /*
5541 * If we support the dataset management command, the only restrictions
5542 * on a discard request are the maximum number of ranges (segments)
5543 * per single request.
5544 */
5545 if (nvme->n_idctl->id_oncs.on_dset_mgmt)
5546 drive->d_max_free_seg = NVME_DSET_MGMT_MAX_RANGES;
5547
5548 nvme_mgmt_unlock(nvme);
5549 }
5550
5551 static int
nvme_bd_mediainfo(void * arg,bd_media_t * media)5552 nvme_bd_mediainfo(void *arg, bd_media_t *media)
5553 {
5554 nvme_namespace_t *ns = arg;
5555 nvme_t *nvme = ns->ns_nvme;
5556
5557 if (nvme->n_dead) {
5558 return (EIO);
5559 }
5560
5561 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_BDRO);
5562
5563 media->m_nblks = ns->ns_block_count;
5564 media->m_blksize = ns->ns_block_size;
5565 media->m_readonly = B_FALSE;
5566 media->m_solidstate = B_TRUE;
5567
5568 media->m_pblksize = ns->ns_best_block_size;
5569
5570 nvme_mgmt_unlock(nvme);
5571
5572 return (0);
5573 }
5574
5575 static int
nvme_bd_cmd(nvme_namespace_t * ns,bd_xfer_t * xfer,uint8_t opc)5576 nvme_bd_cmd(nvme_namespace_t *ns, bd_xfer_t *xfer, uint8_t opc)
5577 {
5578 nvme_t *nvme = ns->ns_nvme;
5579 nvme_cmd_t *cmd;
5580 nvme_qpair_t *ioq;
5581 boolean_t poll;
5582 int ret;
5583
5584 if (nvme->n_dead) {
5585 return (EIO);
5586 }
5587
5588 cmd = nvme_create_nvm_cmd(ns, opc, xfer);
5589 if (cmd == NULL)
5590 return (ENOMEM);
5591
5592 cmd->nc_sqid = xfer->x_qnum + 1;
5593 ASSERT(cmd->nc_sqid <= nvme->n_ioq_count);
5594 ioq = nvme->n_ioq[cmd->nc_sqid];
5595
5596 /*
5597 * Get the polling flag before submitting the command. The command may
5598 * complete immediately after it was submitted, which means we must
5599 * treat both cmd and xfer as if they have been freed already.
5600 */
5601 poll = (xfer->x_flags & BD_XFER_POLL) != 0;
5602
5603 ret = nvme_submit_io_cmd(ioq, cmd);
5604
5605 if (ret != 0)
5606 return (ret);
5607
5608 if (!poll)
5609 return (0);
5610
5611 do {
5612 cmd = nvme_retrieve_cmd(nvme, ioq);
5613 if (cmd != NULL) {
5614 ASSERT0(cmd->nc_flags & NVME_CMD_F_USELOCK);
5615 cmd->nc_callback(cmd);
5616 } else {
5617 drv_usecwait(10);
5618 }
5619 } while (ioq->nq_active_cmds != 0);
5620
5621 return (0);
5622 }
5623
5624 static int
nvme_bd_read(void * arg,bd_xfer_t * xfer)5625 nvme_bd_read(void *arg, bd_xfer_t *xfer)
5626 {
5627 nvme_namespace_t *ns = arg;
5628
5629 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_READ));
5630 }
5631
5632 static int
nvme_bd_write(void * arg,bd_xfer_t * xfer)5633 nvme_bd_write(void *arg, bd_xfer_t *xfer)
5634 {
5635 nvme_namespace_t *ns = arg;
5636
5637 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_WRITE));
5638 }
5639
5640 static int
nvme_bd_sync(void * arg,bd_xfer_t * xfer)5641 nvme_bd_sync(void *arg, bd_xfer_t *xfer)
5642 {
5643 nvme_namespace_t *ns = arg;
5644
5645 if (ns->ns_nvme->n_dead)
5646 return (EIO);
5647
5648 /*
5649 * If the volatile write cache is not present or not enabled the FLUSH
5650 * command is a no-op, so we can take a shortcut here.
5651 */
5652 if (!ns->ns_nvme->n_write_cache_present) {
5653 bd_xfer_done(xfer, ENOTSUP);
5654 return (0);
5655 }
5656
5657 if (!ns->ns_nvme->n_write_cache_enabled) {
5658 bd_xfer_done(xfer, 0);
5659 return (0);
5660 }
5661
5662 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_FLUSH));
5663 }
5664
5665 static int
nvme_bd_devid(void * arg,dev_info_t * devinfo,ddi_devid_t * devid)5666 nvme_bd_devid(void *arg, dev_info_t *devinfo, ddi_devid_t *devid)
5667 {
5668 nvme_namespace_t *ns = arg;
5669 nvme_t *nvme = ns->ns_nvme;
5670
5671 if (nvme->n_dead) {
5672 return (EIO);
5673 }
5674
5675 if (*(uint64_t *)ns->ns_nguid != 0 ||
5676 *(uint64_t *)(ns->ns_nguid + 8) != 0) {
5677 return (ddi_devid_init(devinfo, DEVID_NVME_NGUID,
5678 sizeof (ns->ns_nguid), ns->ns_nguid, devid));
5679 } else if (*(uint64_t *)ns->ns_eui64 != 0) {
5680 return (ddi_devid_init(devinfo, DEVID_NVME_EUI64,
5681 sizeof (ns->ns_eui64), ns->ns_eui64, devid));
5682 } else {
5683 return (ddi_devid_init(devinfo, DEVID_NVME_NSID,
5684 strlen(ns->ns_devid), ns->ns_devid, devid));
5685 }
5686 }
5687
5688 static int
nvme_bd_free_space(void * arg,bd_xfer_t * xfer)5689 nvme_bd_free_space(void *arg, bd_xfer_t *xfer)
5690 {
5691 nvme_namespace_t *ns = arg;
5692
5693 if (xfer->x_dfl == NULL)
5694 return (EINVAL);
5695
5696 if (!ns->ns_nvme->n_idctl->id_oncs.on_dset_mgmt)
5697 return (ENOTSUP);
5698
5699 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_DSET_MGMT));
5700 }
5701
5702 static int
nvme_open(dev_t * devp,int flag,int otyp,cred_t * cred_p)5703 nvme_open(dev_t *devp, int flag, int otyp, cred_t *cred_p)
5704 {
5705 #ifndef __lock_lint
5706 _NOTE(ARGUNUSED(cred_p));
5707 #endif
5708 nvme_t *nvme;
5709 nvme_minor_t *minor = NULL;
5710 uint32_t nsid;
5711 minor_t m = getminor(*devp);
5712 int rv = 0;
5713
5714 if (otyp != OTYP_CHR)
5715 return (EINVAL);
5716
5717 if (m >= NVME_OPEN_MINOR_MIN)
5718 return (ENXIO);
5719
5720 nvme = ddi_get_soft_state(nvme_state, NVME_MINOR_INST(m));
5721 nsid = NVME_MINOR_NSID(m);
5722
5723 if (nvme == NULL)
5724 return (ENXIO);
5725
5726 if (nsid > MIN(nvme->n_namespace_count, NVME_MINOR_MAX))
5727 return (ENXIO);
5728
5729 if (nvme->n_dead)
5730 return (EIO);
5731
5732 /*
5733 * At this point, we're going to allow an open to proceed on this
5734 * device. We need to allocate a new instance for this (presuming one is
5735 * available).
5736 */
5737 minor = kmem_zalloc(sizeof (nvme_minor_t), KM_NOSLEEP_LAZY);
5738 if (minor == NULL) {
5739 return (ENOMEM);
5740 }
5741
5742 cv_init(&minor->nm_cv, NULL, CV_DRIVER, NULL);
5743 list_link_init(&minor->nm_ctrl_lock.nli_node);
5744 minor->nm_ctrl_lock.nli_nvme = nvme;
5745 minor->nm_ctrl_lock.nli_minor = minor;
5746 list_link_init(&minor->nm_ns_lock.nli_node);
5747 minor->nm_ns_lock.nli_nvme = nvme;
5748 minor->nm_ns_lock.nli_minor = minor;
5749 minor->nm_minor = id_alloc_nosleep(nvme_open_minors);
5750 if (minor->nm_minor == -1) {
5751 nvme_minor_free(minor);
5752 return (ENOSPC);
5753 }
5754
5755 minor->nm_ctrl = nvme;
5756 if (nsid != 0) {
5757 minor->nm_ns = nvme_nsid2ns(nvme, nsid);
5758 }
5759
5760 /*
5761 * Before we check for exclusive access and attempt a lock if requested,
5762 * ensure that this minor is persisted.
5763 */
5764 mutex_enter(&nvme_open_minors_mutex);
5765 avl_add(&nvme_open_minors_avl, minor);
5766 mutex_exit(&nvme_open_minors_mutex);
5767
5768 /*
5769 * A request for opening this FEXCL, is translated into a non-blocking
5770 * write lock of the appropriate entity. This honors the original
5771 * semantics here. In the future, we should see if we can remove this
5772 * and turn a request for FEXCL at open into ENOTSUP.
5773 */
5774 mutex_enter(&nvme->n_minor_mutex);
5775 if ((flag & FEXCL) != 0) {
5776 nvme_ioctl_lock_t lock = {
5777 .nil_level = NVME_LOCK_L_WRITE,
5778 .nil_flags = NVME_LOCK_F_DONT_BLOCK
5779 };
5780
5781 if (minor->nm_ns != NULL) {
5782 lock.nil_ent = NVME_LOCK_E_NS;
5783 lock.nil_common.nioc_nsid = nsid;
5784 } else {
5785 lock.nil_ent = NVME_LOCK_E_CTRL;
5786 }
5787 nvme_rwlock(minor, &lock);
5788 if (lock.nil_common.nioc_drv_err != NVME_IOCTL_E_OK) {
5789 mutex_exit(&nvme->n_minor_mutex);
5790
5791 mutex_enter(&nvme_open_minors_mutex);
5792 avl_remove(&nvme_open_minors_avl, minor);
5793 mutex_exit(&nvme_open_minors_mutex);
5794
5795 nvme_minor_free(minor);
5796 return (EBUSY);
5797 }
5798 }
5799 mutex_exit(&nvme->n_minor_mutex);
5800
5801 *devp = makedevice(getmajor(*devp), (minor_t)minor->nm_minor);
5802 return (rv);
5803
5804 }
5805
5806 static int
nvme_close(dev_t dev,int flag __unused,int otyp,cred_t * cred_p __unused)5807 nvme_close(dev_t dev, int flag __unused, int otyp, cred_t *cred_p __unused)
5808 {
5809 nvme_minor_t *minor;
5810 nvme_t *nvme;
5811
5812 if (otyp != OTYP_CHR) {
5813 return (ENXIO);
5814 }
5815
5816 minor = nvme_minor_find_by_dev(dev);
5817 if (minor == NULL) {
5818 return (ENXIO);
5819 }
5820
5821 mutex_enter(&nvme_open_minors_mutex);
5822 avl_remove(&nvme_open_minors_avl, minor);
5823 mutex_exit(&nvme_open_minors_mutex);
5824
5825 /*
5826 * When this device is being closed, we must ensure that any locks held
5827 * by this are dealt with.
5828 */
5829 nvme = minor->nm_ctrl;
5830 mutex_enter(&nvme->n_minor_mutex);
5831 ASSERT3U(minor->nm_ctrl_lock.nli_state, !=, NVME_LOCK_STATE_BLOCKED);
5832 ASSERT3U(minor->nm_ns_lock.nli_state, !=, NVME_LOCK_STATE_BLOCKED);
5833
5834 if (minor->nm_ctrl_lock.nli_state == NVME_LOCK_STATE_ACQUIRED) {
5835 VERIFY3P(minor->nm_ctrl_lock.nli_lock, !=, NULL);
5836 nvme_rwunlock(&minor->nm_ctrl_lock,
5837 minor->nm_ctrl_lock.nli_lock);
5838 }
5839
5840 if (minor->nm_ns_lock.nli_state == NVME_LOCK_STATE_ACQUIRED) {
5841 VERIFY3P(minor->nm_ns_lock.nli_lock, !=, NULL);
5842 nvme_rwunlock(&minor->nm_ns_lock, minor->nm_ns_lock.nli_lock);
5843 }
5844 mutex_exit(&nvme->n_minor_mutex);
5845
5846 nvme_minor_free(minor);
5847
5848 return (0);
5849 }
5850
5851 void
nvme_ioctl_success(nvme_ioctl_common_t * ioc)5852 nvme_ioctl_success(nvme_ioctl_common_t *ioc)
5853 {
5854 ioc->nioc_drv_err = NVME_IOCTL_E_OK;
5855 ioc->nioc_ctrl_sc = NVME_CQE_SC_GEN_SUCCESS;
5856 ioc->nioc_ctrl_sct = NVME_CQE_SCT_GENERIC;
5857 }
5858
5859 boolean_t
nvme_ioctl_error(nvme_ioctl_common_t * ioc,nvme_ioctl_errno_t err,uint32_t sct,uint32_t sc)5860 nvme_ioctl_error(nvme_ioctl_common_t *ioc, nvme_ioctl_errno_t err, uint32_t sct,
5861 uint32_t sc)
5862 {
5863 ioc->nioc_drv_err = err;
5864 ioc->nioc_ctrl_sct = sct;
5865 ioc->nioc_ctrl_sc = sc;
5866
5867 return (B_FALSE);
5868 }
5869
5870 static int
nvme_ioctl_copyout_error(nvme_ioctl_errno_t err,intptr_t uaddr,int mode)5871 nvme_ioctl_copyout_error(nvme_ioctl_errno_t err, intptr_t uaddr, int mode)
5872 {
5873 nvme_ioctl_common_t ioc;
5874
5875 ASSERT3U(err, !=, NVME_IOCTL_E_CTRL_ERROR);
5876 bzero(&ioc, sizeof (ioc));
5877 if (ddi_copyout(&ioc, (void *)uaddr, sizeof (nvme_ioctl_common_t),
5878 mode & FKIOCTL) != 0) {
5879 return (EFAULT);
5880 }
5881 return (0);
5882 }
5883
5884 /*
5885 * The companion to the namespace checking. This occurs after any rewriting
5886 * occurs. This is the primary point that we attempt to enforce any operation's
5887 * exclusivity. Note, it is theoretically possible for an operation to be
5888 * ongoing and to have someone with an exclusive lock ask to unlock it for some
5889 * reason. This does not maintain the number of such events that are going on.
5890 * While perhaps this is leaving too much up to the user, by the same token we
5891 * don't try to stop them from issuing two different format NVM commands
5892 * targeting the whole device at the same time either, even though the
5893 * controller would really rather that didn't happen.
5894 */
5895 static boolean_t
nvme_ioctl_excl_check(nvme_minor_t * minor,nvme_ioctl_common_t * ioc,const nvme_ioctl_check_t * check)5896 nvme_ioctl_excl_check(nvme_minor_t *minor, nvme_ioctl_common_t *ioc,
5897 const nvme_ioctl_check_t *check)
5898 {
5899 nvme_t *const nvme = minor->nm_ctrl;
5900 nvme_namespace_t *ns;
5901 boolean_t have_ctrl, have_ns, ctrl_is_excl, ns_is_excl;
5902
5903 /*
5904 * If the command doesn't require anything, then we're done.
5905 */
5906 if (check->nck_excl == NVME_IOCTL_EXCL_SKIP) {
5907 return (B_TRUE);
5908 }
5909
5910 if (ioc->nioc_nsid == 0 || ioc->nioc_nsid == NVME_NSID_BCAST) {
5911 ns = NULL;
5912 } else {
5913 ns = nvme_nsid2ns(nvme, ioc->nioc_nsid);
5914 }
5915
5916 mutex_enter(&nvme->n_minor_mutex);
5917 ctrl_is_excl = nvme->n_lock.nl_writer != NULL;
5918 have_ctrl = nvme->n_lock.nl_writer == &minor->nm_ctrl_lock;
5919 if (ns != NULL) {
5920 /*
5921 * We explicitly test the namespace lock's writer versus asking
5922 * the minor because the minor's namespace lock may apply to a
5923 * different namespace.
5924 */
5925 ns_is_excl = ns->ns_lock.nl_writer != NULL;
5926 have_ns = ns->ns_lock.nl_writer == &minor->nm_ns_lock;
5927 ASSERT0(have_ctrl && have_ns);
5928 #ifdef DEBUG
5929 if (have_ns) {
5930 ASSERT3P(minor->nm_ns_lock.nli_ns, ==, ns);
5931 }
5932 #endif
5933 } else {
5934 ns_is_excl = B_FALSE;
5935 have_ns = B_FALSE;
5936 }
5937 ASSERT0(ctrl_is_excl && ns_is_excl);
5938 mutex_exit(&nvme->n_minor_mutex);
5939
5940 if (check->nck_excl == NVME_IOCTL_EXCL_WRITE) {
5941 if (ns == NULL) {
5942 if (have_ctrl) {
5943 return (B_TRUE);
5944 }
5945 return (nvme_ioctl_error(ioc,
5946 NVME_IOCTL_E_NEED_CTRL_WRLOCK, 0, 0));
5947 } else {
5948 if (have_ctrl || have_ns) {
5949 return (B_TRUE);
5950 }
5951 return (nvme_ioctl_error(ioc,
5952 NVME_IOCTL_E_NEED_NS_WRLOCK, 0, 0));
5953 }
5954 }
5955
5956 /*
5957 * Now we have an operation that does not require exclusive access. We
5958 * can proceed as long as no one else has it or if someone does it is
5959 * us. Regardless of what we target, a controller lock will stop us.
5960 */
5961 if (ctrl_is_excl && !have_ctrl) {
5962 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_CTRL_LOCKED, 0, 0));
5963 }
5964
5965 /*
5966 * Only check namespace exclusivity if we are targeting one.
5967 */
5968 if (ns != NULL && ns_is_excl && !have_ns) {
5969 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_NS_LOCKED, 0, 0));
5970 }
5971
5972 return (B_TRUE);
5973 }
5974
5975 /*
5976 * Perform common checking as to whether or not an ioctl operation may proceed.
5977 * We check in this function various aspects of the namespace attributes that
5978 * it's calling on. Once the namespace attributes and any possible rewriting
5979 * have been performed, then we proceed to check whether or not the requisite
5980 * exclusive access is present in nvme_ioctl_excl_check().
5981 */
5982 static boolean_t
nvme_ioctl_check(nvme_minor_t * minor,nvme_ioctl_common_t * ioc,const nvme_ioctl_check_t * check)5983 nvme_ioctl_check(nvme_minor_t *minor, nvme_ioctl_common_t *ioc,
5984 const nvme_ioctl_check_t *check)
5985 {
5986 /*
5987 * If the minor has a namespace pointer, then it is constrained to that
5988 * namespace. If a namespace is allowed, then there are only two valid
5989 * values that we can find. The first is matching the minor. The second
5990 * is our value zero, which will be transformed to the current
5991 * namespace.
5992 */
5993 if (minor->nm_ns != NULL) {
5994 if (!check->nck_ns_ok || !check->nck_ns_minor_ok) {
5995 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_NOT_CTRL, 0,
5996 0));
5997 }
5998
5999 if (ioc->nioc_nsid == 0) {
6000 ioc->nioc_nsid = minor->nm_ns->ns_id;
6001 } else if (ioc->nioc_nsid != minor->nm_ns->ns_id) {
6002 return (nvme_ioctl_error(ioc,
6003 NVME_IOCTL_E_MINOR_WRONG_NS, 0, 0));
6004 }
6005
6006 return (nvme_ioctl_excl_check(minor, ioc, check));
6007 }
6008
6009 /*
6010 * If we've been told to skip checking the controller, here's where we
6011 * do that. This should really only be for commands which use the
6012 * namespace ID for listing purposes and therefore can have
6013 * traditionally illegal values here.
6014 */
6015 if (check->nck_skip_ctrl) {
6016 return (nvme_ioctl_excl_check(minor, ioc, check));
6017 }
6018
6019 /*
6020 * At this point, we know that we're on the controller's node. We first
6021 * deal with the simple case, is a namespace allowed at all or not. If
6022 * it is not allowed, then the only acceptable value is zero.
6023 */
6024 if (!check->nck_ns_ok) {
6025 if (ioc->nioc_nsid != 0) {
6026 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_NS_UNUSE, 0,
6027 0));
6028 }
6029
6030 return (nvme_ioctl_excl_check(minor, ioc, check));
6031 }
6032
6033 /*
6034 * At this point, we know that a controller is allowed to use a
6035 * namespace. If we haven't been given zero or the broadcast namespace,
6036 * check to see if it's actually a valid namespace ID. If is outside of
6037 * range, then it is an error. Next, if we have been requested to
6038 * rewrite 0 (the this controller indicator) as the broadcast namespace,
6039 * do so.
6040 *
6041 * While we validate that this namespace is within the valid range, we
6042 * do not check if it is active or inactive. That is left to our callers
6043 * to determine.
6044 */
6045 if (ioc->nioc_nsid > minor->nm_ctrl->n_namespace_count &&
6046 ioc->nioc_nsid != NVME_NSID_BCAST) {
6047 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_NS_RANGE, 0, 0));
6048 }
6049
6050 if (ioc->nioc_nsid == 0 && check->nck_ctrl_rewrite) {
6051 ioc->nioc_nsid = NVME_NSID_BCAST;
6052 }
6053
6054 /*
6055 * Finally, see if we have ended up with a broadcast namespace ID
6056 * whether through specification or rewriting. If that is not allowed,
6057 * then that is an error.
6058 */
6059 if (!check->nck_bcast_ok && ioc->nioc_nsid == NVME_NSID_BCAST) {
6060 return (nvme_ioctl_error(ioc, NVME_IOCTL_E_NO_BCAST_NS, 0, 0));
6061 }
6062
6063 return (nvme_ioctl_excl_check(minor, ioc, check));
6064 }
6065
6066 static int
nvme_ioctl_ctrl_info(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6067 nvme_ioctl_ctrl_info(nvme_minor_t *minor, intptr_t arg, int mode,
6068 cred_t *cred_p)
6069 {
6070 nvme_t *const nvme = minor->nm_ctrl;
6071 nvme_ioctl_ctrl_info_t *info;
6072 nvme_reg_cap_t cap = { 0 };
6073 nvme_ioctl_identify_t id = { .nid_cns = NVME_IDENTIFY_CTRL };
6074 void *idbuf;
6075
6076 if ((mode & FREAD) == 0)
6077 return (EBADF);
6078
6079 info = kmem_alloc(sizeof (nvme_ioctl_ctrl_info_t), KM_NOSLEEP_LAZY);
6080 if (info == NULL) {
6081 return (nvme_ioctl_copyout_error(NVME_IOCTL_E_NO_KERN_MEM, arg,
6082 mode));
6083 }
6084
6085 if (ddi_copyin((void *)arg, info, sizeof (nvme_ioctl_ctrl_info_t),
6086 mode & FKIOCTL) != 0) {
6087 kmem_free(info, sizeof (nvme_ioctl_ctrl_info_t));
6088 return (EFAULT);
6089 }
6090
6091 if (!nvme_ioctl_check(minor, &info->nci_common,
6092 &nvme_check_ctrl_info)) {
6093 goto copyout;
6094 }
6095
6096 /*
6097 * We explicitly do not use the identify controller copy in the kernel
6098 * right now so that way we can get a snapshot of the controller's
6099 * current capacity and values. While it's tempting to try to use this
6100 * to refresh the kernel's version we don't just to simplify the rest of
6101 * the driver right now.
6102 */
6103 if (!nvme_identify(nvme, B_TRUE, &id, &idbuf)) {
6104 info->nci_common = id.nid_common;
6105 goto copyout;
6106 }
6107 bcopy(idbuf, &info->nci_ctrl_id, sizeof (nvme_identify_ctrl_t));
6108 kmem_free(idbuf, NVME_IDENTIFY_BUFSIZE);
6109
6110 /*
6111 * Use the kernel's cached common namespace information for this.
6112 */
6113 bcopy(nvme->n_idcomns, &info->nci_common_ns,
6114 sizeof (nvme_identify_nsid_t));
6115
6116 info->nci_vers = nvme->n_version;
6117
6118 /*
6119 * The MPSMIN and MPSMAX fields in the CAP register use 0 to
6120 * specify the base page size of 4k (1<<12), so add 12 here to
6121 * get the real page size value.
6122 */
6123 cap.r = nvme_get64(nvme, NVME_REG_CAP);
6124 info->nci_caps.cap_mpsmax = 1 << (12 + cap.b.cap_mpsmax);
6125 info->nci_caps.cap_mpsmin = 1 << (12 + cap.b.cap_mpsmin);
6126
6127 info->nci_nintrs = (uint32_t)nvme->n_intr_cnt;
6128
6129 copyout:
6130 if (ddi_copyout(info, (void *)arg, sizeof (nvme_ioctl_ctrl_info_t),
6131 mode & FKIOCTL) != 0) {
6132 kmem_free(info, sizeof (nvme_ioctl_ctrl_info_t));
6133 return (EFAULT);
6134 }
6135
6136 kmem_free(info, sizeof (nvme_ioctl_ctrl_info_t));
6137 return (0);
6138 }
6139
6140 static int
nvme_ioctl_ns_info(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6141 nvme_ioctl_ns_info(nvme_minor_t *minor, intptr_t arg, int mode, cred_t *cred_p)
6142 {
6143 nvme_t *const nvme = minor->nm_ctrl;
6144 nvme_ioctl_ns_info_t *ns_info;
6145 nvme_namespace_t *ns;
6146 nvme_ioctl_identify_t id = { .nid_cns = NVME_IDENTIFY_NSID };
6147 void *idbuf;
6148
6149 if ((mode & FREAD) == 0)
6150 return (EBADF);
6151
6152 ns_info = kmem_zalloc(sizeof (nvme_ioctl_ns_info_t), KM_NOSLEEP_LAZY);
6153 if (ns_info == NULL) {
6154 return (nvme_ioctl_copyout_error(NVME_IOCTL_E_NO_KERN_MEM, arg,
6155 mode));
6156 }
6157
6158 if (ddi_copyin((void *)arg, ns_info, sizeof (nvme_ioctl_ns_info_t),
6159 mode & FKIOCTL) != 0) {
6160 kmem_free(ns_info, sizeof (nvme_ioctl_ns_info_t));
6161 return (EFAULT);
6162 }
6163
6164 if (!nvme_ioctl_check(minor, &ns_info->nni_common,
6165 &nvme_check_ns_info)) {
6166 goto copyout;
6167 }
6168
6169 ASSERT3U(ns_info->nni_common.nioc_nsid, >, 0);
6170 ns = nvme_nsid2ns(nvme, ns_info->nni_common.nioc_nsid);
6171
6172 /*
6173 * First fetch a fresh copy of the namespace information. Most callers
6174 * are using this because they will want a mostly accurate snapshot of
6175 * capacity and utilization.
6176 */
6177 id.nid_common.nioc_nsid = ns_info->nni_common.nioc_nsid;
6178 if (!nvme_identify(nvme, B_TRUE, &id, &idbuf)) {
6179 ns_info->nni_common = id.nid_common;
6180 goto copyout;
6181 }
6182 bcopy(idbuf, &ns_info->nni_id, sizeof (nvme_identify_nsid_t));
6183 kmem_free(idbuf, NVME_IDENTIFY_BUFSIZE);
6184
6185 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
6186 if (ns->ns_allocated)
6187 ns_info->nni_state |= NVME_NS_STATE_ALLOCATED;
6188
6189 if (ns->ns_active)
6190 ns_info->nni_state |= NVME_NS_STATE_ACTIVE;
6191
6192 if (ns->ns_ignore)
6193 ns_info->nni_state |= NVME_NS_STATE_IGNORED;
6194
6195 if (ns->ns_attached) {
6196 const char *addr;
6197
6198 ns_info->nni_state |= NVME_NS_STATE_ATTACHED;
6199 addr = bd_address(ns->ns_bd_hdl);
6200 if (strlcpy(ns_info->nni_addr, addr,
6201 sizeof (ns_info->nni_addr)) >= sizeof (ns_info->nni_addr)) {
6202 nvme_mgmt_unlock(nvme);
6203 (void) nvme_ioctl_error(&ns_info->nni_common,
6204 NVME_IOCTL_E_BD_ADDR_OVER, 0, 0);
6205 goto copyout;
6206 }
6207 }
6208 nvme_mgmt_unlock(nvme);
6209
6210 copyout:
6211 if (ddi_copyout(ns_info, (void *)arg, sizeof (nvme_ioctl_ns_info_t),
6212 mode & FKIOCTL) != 0) {
6213 kmem_free(ns_info, sizeof (nvme_ioctl_ns_info_t));
6214 return (EFAULT);
6215 }
6216
6217 kmem_free(ns_info, sizeof (nvme_ioctl_ns_info_t));
6218 return (0);
6219 }
6220
6221 static int
nvme_ioctl_identify(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6222 nvme_ioctl_identify(nvme_minor_t *minor, intptr_t arg, int mode, cred_t *cred_p)
6223 {
6224 _NOTE(ARGUNUSED(cred_p));
6225 nvme_t *const nvme = minor->nm_ctrl;
6226 void *idctl;
6227 uint_t model;
6228 nvme_ioctl_identify_t id;
6229 #ifdef _MULTI_DATAMODEL
6230 nvme_ioctl_identify32_t id32;
6231 #endif
6232 boolean_t ns_minor;
6233
6234 if ((mode & FREAD) == 0)
6235 return (EBADF);
6236
6237 model = ddi_model_convert_from(mode);
6238 switch (model) {
6239 #ifdef _MULTI_DATAMODEL
6240 case DDI_MODEL_ILP32:
6241 bzero(&id, sizeof (id));
6242 if (ddi_copyin((void *)arg, &id32, sizeof (id32),
6243 mode & FKIOCTL) != 0) {
6244 return (EFAULT);
6245 }
6246 id.nid_common.nioc_nsid = id32.nid_common.nioc_nsid;
6247 id.nid_cns = id32.nid_cns;
6248 id.nid_ctrlid = id32.nid_ctrlid;
6249 id.nid_data = id32.nid_data;
6250 break;
6251 #endif /* _MULTI_DATAMODEL */
6252 case DDI_MODEL_NONE:
6253 if (ddi_copyin((void *)arg, &id, sizeof (id),
6254 mode & FKIOCTL) != 0) {
6255 return (EFAULT);
6256 }
6257 break;
6258 default:
6259 return (ENOTSUP);
6260 }
6261
6262 if (!nvme_ioctl_check(minor, &id.nid_common, &nvme_check_identify)) {
6263 goto copyout;
6264 }
6265
6266 ns_minor = minor->nm_ns != NULL;
6267 if (!nvme_validate_identify(nvme, &id, ns_minor)) {
6268 goto copyout;
6269 }
6270
6271 if (nvme_identify(nvme, B_TRUE, &id, &idctl)) {
6272 int ret = ddi_copyout(idctl, (void *)id.nid_data,
6273 NVME_IDENTIFY_BUFSIZE, mode & FKIOCTL);
6274 kmem_free(idctl, NVME_IDENTIFY_BUFSIZE);
6275 if (ret != 0) {
6276 (void) nvme_ioctl_error(&id.nid_common,
6277 NVME_IOCTL_E_BAD_USER_DATA, 0, 0);
6278 goto copyout;
6279 }
6280
6281 nvme_ioctl_success(&id.nid_common);
6282 }
6283
6284 copyout:
6285 switch (model) {
6286 #ifdef _MULTI_DATAMODEL
6287 case DDI_MODEL_ILP32:
6288 id32.nid_common = id.nid_common;
6289
6290 if (ddi_copyout(&id32, (void *)arg, sizeof (id32),
6291 mode & FKIOCTL) != 0) {
6292 return (EFAULT);
6293 }
6294 break;
6295 #endif /* _MULTI_DATAMODEL */
6296 case DDI_MODEL_NONE:
6297 if (ddi_copyout(&id, (void *)arg, sizeof (id),
6298 mode & FKIOCTL) != 0) {
6299 return (EFAULT);
6300 }
6301 break;
6302 default:
6303 return (ENOTSUP);
6304 }
6305
6306 return (0);
6307 }
6308
6309 /*
6310 * Execute commands on behalf of the various ioctls.
6311 *
6312 * If this returns true then the command completed successfully. Otherwise error
6313 * information is returned in the nvme_ioctl_common_t arguments.
6314 */
6315 typedef struct {
6316 nvme_sqe_t *ica_sqe;
6317 void *ica_data;
6318 uint32_t ica_data_len;
6319 uint_t ica_dma_flags;
6320 int ica_copy_flags;
6321 uint32_t ica_timeout;
6322 uint32_t ica_cdw0;
6323 } nvme_ioc_cmd_args_t;
6324
6325 static boolean_t
nvme_ioc_cmd(nvme_t * nvme,nvme_ioctl_common_t * ioc,nvme_ioc_cmd_args_t * args)6326 nvme_ioc_cmd(nvme_t *nvme, nvme_ioctl_common_t *ioc, nvme_ioc_cmd_args_t *args)
6327 {
6328 nvme_cmd_t *cmd;
6329 boolean_t ret = B_FALSE;
6330
6331 cmd = nvme_alloc_admin_cmd(nvme, KM_SLEEP);
6332 cmd->nc_sqid = 0;
6333
6334 /*
6335 * This function is used to facilitate requests from
6336 * userspace, so don't panic if the command fails. This
6337 * is especially true for admin passthru commands, where
6338 * the actual command data structure is entirely defined
6339 * by userspace.
6340 */
6341 cmd->nc_flags |= NVME_CMD_F_DONTPANIC;
6342
6343 cmd->nc_callback = nvme_wakeup_cmd;
6344 cmd->nc_sqe = *args->ica_sqe;
6345
6346 if ((args->ica_dma_flags & DDI_DMA_RDWR) != 0) {
6347 if (args->ica_data == NULL) {
6348 ret = nvme_ioctl_error(ioc, NVME_IOCTL_E_NO_DMA_MEM,
6349 0, 0);
6350 goto free_cmd;
6351 }
6352
6353 if (nvme_zalloc_dma(nvme, args->ica_data_len,
6354 args->ica_dma_flags, &nvme->n_prp_dma_attr, &cmd->nc_dma) !=
6355 DDI_SUCCESS) {
6356 dev_err(nvme->n_dip, CE_WARN,
6357 "!nvme_zalloc_dma failed for nvme_ioc_cmd()");
6358 ret = nvme_ioctl_error(ioc,
6359 NVME_IOCTL_E_NO_DMA_MEM, 0, 0);
6360 goto free_cmd;
6361 }
6362
6363 if (nvme_fill_prp(cmd, cmd->nc_dma->nd_dmah) != 0) {
6364 ret = nvme_ioctl_error(ioc,
6365 NVME_IOCTL_E_NO_DMA_MEM, 0, 0);
6366 goto free_cmd;
6367 }
6368
6369 if ((args->ica_dma_flags & DDI_DMA_WRITE) != 0 &&
6370 ddi_copyin(args->ica_data, cmd->nc_dma->nd_memp,
6371 args->ica_data_len, args->ica_copy_flags) != 0) {
6372 ret = nvme_ioctl_error(ioc, NVME_IOCTL_E_BAD_USER_DATA,
6373 0, 0);
6374 goto free_cmd;
6375 }
6376 }
6377
6378 nvme_admin_cmd(cmd, args->ica_timeout);
6379
6380 if (!nvme_check_cmd_status_ioctl(cmd, ioc)) {
6381 ret = B_FALSE;
6382 goto free_cmd;
6383 }
6384
6385 args->ica_cdw0 = cmd->nc_cqe.cqe_dw0;
6386
6387 if ((args->ica_dma_flags & DDI_DMA_READ) != 0 &&
6388 ddi_copyout(cmd->nc_dma->nd_memp, args->ica_data,
6389 args->ica_data_len, args->ica_copy_flags) != 0) {
6390 ret = nvme_ioctl_error(ioc, NVME_IOCTL_E_BAD_USER_DATA, 0, 0);
6391 goto free_cmd;
6392 }
6393
6394 ret = B_TRUE;
6395 nvme_ioctl_success(ioc);
6396
6397 free_cmd:
6398 nvme_free_cmd(cmd);
6399
6400 return (ret);
6401 }
6402
6403 static int
nvme_ioctl_get_logpage(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6404 nvme_ioctl_get_logpage(nvme_minor_t *minor, intptr_t arg, int mode,
6405 cred_t *cred_p)
6406 {
6407 nvme_t *const nvme = minor->nm_ctrl;
6408 void *buf;
6409 nvme_ioctl_get_logpage_t log;
6410 uint_t model;
6411 #ifdef _MULTI_DATAMODEL
6412 nvme_ioctl_get_logpage32_t log32;
6413 #endif
6414
6415 if ((mode & FREAD) == 0) {
6416 return (EBADF);
6417 }
6418
6419 model = ddi_model_convert_from(mode);
6420 switch (model) {
6421 #ifdef _MULTI_DATAMODEL
6422 case DDI_MODEL_ILP32:
6423 bzero(&log, sizeof (log));
6424 if (ddi_copyin((void *)arg, &log32, sizeof (log32),
6425 mode & FKIOCTL) != 0) {
6426 return (EFAULT);
6427 }
6428
6429 log.nigl_common.nioc_nsid = log32.nigl_common.nioc_nsid;
6430 log.nigl_csi = log32.nigl_csi;
6431 log.nigl_lid = log32.nigl_lid;
6432 log.nigl_lsp = log32.nigl_lsp;
6433 log.nigl_len = log32.nigl_len;
6434 log.nigl_offset = log32.nigl_offset;
6435 log.nigl_data = log32.nigl_data;
6436 break;
6437 #endif /* _MULTI_DATAMODEL */
6438 case DDI_MODEL_NONE:
6439 if (ddi_copyin((void *)arg, &log, sizeof (log),
6440 mode & FKIOCTL) != 0) {
6441 return (EFAULT);
6442 }
6443 break;
6444 default:
6445 return (ENOTSUP);
6446 }
6447
6448 /*
6449 * Eventually we'd like to do a soft lock on the namespaces from
6450 * changing out from us during this operation in the future. But we
6451 * haven't implemented that yet.
6452 */
6453 if (!nvme_ioctl_check(minor, &log.nigl_common,
6454 &nvme_check_get_logpage)) {
6455 goto copyout;
6456 }
6457
6458 if (!nvme_validate_logpage(nvme, &log)) {
6459 goto copyout;
6460 }
6461
6462 if (nvme_get_logpage(nvme, B_TRUE, &log, &buf)) {
6463 int copy;
6464
6465 copy = ddi_copyout(buf, (void *)log.nigl_data, log.nigl_len,
6466 mode & FKIOCTL);
6467 kmem_free(buf, log.nigl_len);
6468 if (copy != 0) {
6469 (void) nvme_ioctl_error(&log.nigl_common,
6470 NVME_IOCTL_E_BAD_USER_DATA, 0, 0);
6471 goto copyout;
6472 }
6473
6474 nvme_ioctl_success(&log.nigl_common);
6475 }
6476
6477 copyout:
6478 switch (model) {
6479 #ifdef _MULTI_DATAMODEL
6480 case DDI_MODEL_ILP32:
6481 bzero(&log32, sizeof (log32));
6482
6483 log32.nigl_common = log.nigl_common;
6484 log32.nigl_csi = log.nigl_csi;
6485 log32.nigl_lid = log.nigl_lid;
6486 log32.nigl_lsp = log.nigl_lsp;
6487 log32.nigl_len = log.nigl_len;
6488 log32.nigl_offset = log.nigl_offset;
6489 log32.nigl_data = log.nigl_data;
6490 if (ddi_copyout(&log32, (void *)arg, sizeof (log32),
6491 mode & FKIOCTL) != 0) {
6492 return (EFAULT);
6493 }
6494 break;
6495 #endif /* _MULTI_DATAMODEL */
6496 case DDI_MODEL_NONE:
6497 if (ddi_copyout(&log, (void *)arg, sizeof (log),
6498 mode & FKIOCTL) != 0) {
6499 return (EFAULT);
6500 }
6501 break;
6502 default:
6503 return (ENOTSUP);
6504 }
6505
6506 return (0);
6507 }
6508
6509 static int
nvme_ioctl_get_feature(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6510 nvme_ioctl_get_feature(nvme_minor_t *minor, intptr_t arg, int mode,
6511 cred_t *cred_p)
6512 {
6513 nvme_t *const nvme = minor->nm_ctrl;
6514 nvme_ioctl_get_feature_t feat;
6515 uint_t model;
6516 #ifdef _MULTI_DATAMODEL
6517 nvme_ioctl_get_feature32_t feat32;
6518 #endif
6519 nvme_get_features_dw10_t gf_dw10 = { 0 };
6520 nvme_ioc_cmd_args_t args = { NULL };
6521 nvme_sqe_t sqe = {
6522 .sqe_opc = NVME_OPC_GET_FEATURES
6523 };
6524
6525 if ((mode & FREAD) == 0) {
6526 return (EBADF);
6527 }
6528
6529 model = ddi_model_convert_from(mode);
6530 switch (model) {
6531 #ifdef _MULTI_DATAMODEL
6532 case DDI_MODEL_ILP32:
6533 bzero(&feat, sizeof (feat));
6534 if (ddi_copyin((void *)arg, &feat32, sizeof (feat32),
6535 mode & FKIOCTL) != 0) {
6536 return (EFAULT);
6537 }
6538
6539 feat.nigf_common.nioc_nsid = feat32.nigf_common.nioc_nsid;
6540 feat.nigf_fid = feat32.nigf_fid;
6541 feat.nigf_sel = feat32.nigf_sel;
6542 feat.nigf_cdw11 = feat32.nigf_cdw11;
6543 feat.nigf_data = feat32.nigf_data;
6544 feat.nigf_len = feat32.nigf_len;
6545 break;
6546 #endif /* _MULTI_DATAMODEL */
6547 case DDI_MODEL_NONE:
6548 if (ddi_copyin((void *)arg, &feat, sizeof (feat),
6549 mode & FKIOCTL) != 0) {
6550 return (EFAULT);
6551 }
6552 break;
6553 default:
6554 return (ENOTSUP);
6555 }
6556
6557 if (!nvme_ioctl_check(minor, &feat.nigf_common,
6558 &nvme_check_get_feature)) {
6559 goto copyout;
6560 }
6561
6562 if (!nvme_validate_get_feature(nvme, &feat)) {
6563 goto copyout;
6564 }
6565
6566 gf_dw10.b.gt_fid = bitx32(feat.nigf_fid, 7, 0);
6567 gf_dw10.b.gt_sel = bitx32(feat.nigf_sel, 2, 0);
6568 sqe.sqe_cdw10 = gf_dw10.r;
6569 sqe.sqe_cdw11 = feat.nigf_cdw11;
6570 sqe.sqe_nsid = feat.nigf_common.nioc_nsid;
6571
6572 args.ica_sqe = &sqe;
6573 if (feat.nigf_len != 0) {
6574 args.ica_data = (void *)feat.nigf_data;
6575 args.ica_data_len = feat.nigf_len;
6576 args.ica_dma_flags = DDI_DMA_READ;
6577 }
6578 args.ica_copy_flags = mode;
6579 args.ica_timeout = nvme_admin_cmd_timeout;
6580
6581 if (!nvme_ioc_cmd(nvme, &feat.nigf_common, &args)) {
6582 goto copyout;
6583 }
6584
6585 feat.nigf_cdw0 = args.ica_cdw0;
6586
6587 copyout:
6588 switch (model) {
6589 #ifdef _MULTI_DATAMODEL
6590 case DDI_MODEL_ILP32:
6591 bzero(&feat32, sizeof (feat32));
6592
6593 feat32.nigf_common = feat.nigf_common;
6594 feat32.nigf_fid = feat.nigf_fid;
6595 feat32.nigf_sel = feat.nigf_sel;
6596 feat32.nigf_cdw11 = feat.nigf_cdw11;
6597 feat32.nigf_data = feat.nigf_data;
6598 feat32.nigf_len = feat.nigf_len;
6599 feat32.nigf_cdw0 = feat.nigf_cdw0;
6600 if (ddi_copyout(&feat32, (void *)arg, sizeof (feat32),
6601 mode & FKIOCTL) != 0) {
6602 return (EFAULT);
6603 }
6604 break;
6605 #endif /* _MULTI_DATAMODEL */
6606 case DDI_MODEL_NONE:
6607 if (ddi_copyout(&feat, (void *)arg, sizeof (feat),
6608 mode & FKIOCTL) != 0) {
6609 return (EFAULT);
6610 }
6611 break;
6612 default:
6613 return (ENOTSUP);
6614 }
6615
6616 return (0);
6617 }
6618
6619 static int
nvme_ioctl_format(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6620 nvme_ioctl_format(nvme_minor_t *minor, intptr_t arg, int mode, cred_t *cred_p)
6621 {
6622 nvme_t *const nvme = minor->nm_ctrl;
6623 nvme_ioctl_format_t ioc;
6624
6625 if ((mode & FWRITE) == 0)
6626 return (EBADF);
6627
6628 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
6629 return (EPERM);
6630
6631 if (ddi_copyin((void *)(uintptr_t)arg, &ioc,
6632 sizeof (nvme_ioctl_format_t), mode & FKIOCTL) != 0)
6633 return (EFAULT);
6634
6635 if (!nvme_ioctl_check(minor, &ioc.nif_common, &nvme_check_format)) {
6636 goto copyout;
6637 }
6638
6639 if (!nvme_validate_format(nvme, &ioc)) {
6640 goto copyout;
6641 }
6642
6643 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
6644 if (!nvme_no_blkdev_attached(nvme, ioc.nif_common.nioc_nsid)) {
6645 nvme_mgmt_unlock(nvme);
6646 (void) nvme_ioctl_error(&ioc.nif_common,
6647 NVME_IOCTL_E_NS_BLKDEV_ATTACH, 0, 0);
6648 goto copyout;
6649 }
6650
6651 if (nvme_format_nvm(nvme, &ioc)) {
6652 nvme_ioctl_success(&ioc.nif_common);
6653 nvme_rescan_ns(nvme, ioc.nif_common.nioc_nsid);
6654 }
6655 nvme_mgmt_unlock(nvme);
6656
6657 copyout:
6658 if (ddi_copyout(&ioc, (void *)(uintptr_t)arg, sizeof (ioc),
6659 mode & FKIOCTL) != 0) {
6660 return (EFAULT);
6661 }
6662
6663 return (0);
6664 }
6665
6666 static int
nvme_ioctl_detach(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6667 nvme_ioctl_detach(nvme_minor_t *minor, intptr_t arg, int mode, cred_t *cred_p)
6668 {
6669 nvme_t *const nvme = minor->nm_ctrl;
6670 nvme_ioctl_common_t com;
6671
6672 if ((mode & FWRITE) == 0)
6673 return (EBADF);
6674
6675 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
6676 return (EPERM);
6677
6678 if (ddi_copyin((void *)(uintptr_t)arg, &com, sizeof (com),
6679 mode & FKIOCTL) != 0) {
6680 return (EFAULT);
6681 }
6682
6683 if (!nvme_ioctl_check(minor, &com, &nvme_check_attach_detach)) {
6684 goto copyout;
6685 }
6686
6687 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
6688 if (nvme_detach_ns(nvme, &com)) {
6689 nvme_ioctl_success(&com);
6690 }
6691 nvme_mgmt_unlock(nvme);
6692
6693 copyout:
6694 if (ddi_copyout(&com, (void *)(uintptr_t)arg, sizeof (com),
6695 mode & FKIOCTL) != 0) {
6696 return (EFAULT);
6697 }
6698
6699 return (0);
6700 }
6701
6702 static int
nvme_ioctl_attach(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6703 nvme_ioctl_attach(nvme_minor_t *minor, intptr_t arg, int mode,
6704 cred_t *cred_p)
6705 {
6706 nvme_t *const nvme = minor->nm_ctrl;
6707 nvme_ioctl_common_t com;
6708 nvme_namespace_t *ns;
6709
6710 if ((mode & FWRITE) == 0)
6711 return (EBADF);
6712
6713 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
6714 return (EPERM);
6715
6716 if (ddi_copyin((void *)(uintptr_t)arg, &com, sizeof (com),
6717 mode & FKIOCTL) != 0) {
6718 return (EFAULT);
6719 }
6720
6721 if (!nvme_ioctl_check(minor, &com, &nvme_check_attach_detach)) {
6722 goto copyout;
6723 }
6724
6725 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
6726 ns = nvme_nsid2ns(nvme, com.nioc_nsid);
6727
6728 /*
6729 * Strictly speaking we shouldn't need to call nvme_init_ns() here as
6730 * we should be properly refreshing the internal state when we are
6731 * issuing commands that change things. However, we opt to still do so
6732 * as a bit of a safety check lest we give the kernel something bad or a
6733 * vendor unique command somehow did something behind our backs.
6734 */
6735 if (!ns->ns_attached) {
6736 (void) nvme_rescan_ns(nvme, com.nioc_nsid);
6737 if (nvme_attach_ns(nvme, &com)) {
6738 nvme_ioctl_success(&com);
6739 }
6740 } else {
6741 nvme_ioctl_success(&com);
6742 }
6743 nvme_mgmt_unlock(nvme);
6744
6745 copyout:
6746 if (ddi_copyout(&com, (void *)(uintptr_t)arg, sizeof (com),
6747 mode & FKIOCTL) != 0) {
6748 return (EFAULT);
6749 }
6750
6751 return (0);
6752 }
6753
6754 static void
nvme_ufm_update(nvme_t * nvme)6755 nvme_ufm_update(nvme_t *nvme)
6756 {
6757 mutex_enter(&nvme->n_fwslot_mutex);
6758 ddi_ufm_update(nvme->n_ufmh);
6759 if (nvme->n_fwslot != NULL) {
6760 kmem_free(nvme->n_fwslot, sizeof (nvme_fwslot_log_t));
6761 nvme->n_fwslot = NULL;
6762 }
6763 mutex_exit(&nvme->n_fwslot_mutex);
6764 }
6765
6766 /*
6767 * Download new firmware to the device's internal staging area. We do not call
6768 * nvme_ufm_update() here because after a firmware download, there has been no
6769 * change to any of the actual persistent firmware data. That requires a
6770 * subsequent ioctl (NVME_IOC_FIRMWARE_COMMIT) to commit the firmware to a slot
6771 * or to activate a slot.
6772 */
6773 static int
nvme_ioctl_firmware_download(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6774 nvme_ioctl_firmware_download(nvme_minor_t *minor, intptr_t arg, int mode,
6775 cred_t *cred_p)
6776 {
6777 nvme_t *const nvme = minor->nm_ctrl;
6778 nvme_ioctl_fw_load_t fw;
6779 uint64_t len, maxcopy;
6780 offset_t offset;
6781 uint32_t gran;
6782 nvme_valid_ctrl_data_t data;
6783 uintptr_t buf;
6784 nvme_sqe_t sqe = {
6785 .sqe_opc = NVME_OPC_FW_IMAGE_LOAD
6786 };
6787
6788 if ((mode & FWRITE) == 0)
6789 return (EBADF);
6790
6791 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
6792 return (EPERM);
6793
6794 if (ddi_copyin((void *)(uintptr_t)arg, &fw, sizeof (fw),
6795 mode & FKIOCTL) != 0) {
6796 return (EFAULT);
6797 }
6798
6799 if (!nvme_ioctl_check(minor, &fw.fwl_common, &nvme_check_firmware)) {
6800 goto copyout;
6801 }
6802
6803 if (!nvme_validate_fw_load(nvme, &fw)) {
6804 goto copyout;
6805 }
6806
6807 len = fw.fwl_len;
6808 offset = fw.fwl_off;
6809 buf = fw.fwl_buf;
6810
6811 /*
6812 * We need to determine the minimum and maximum amount of data that we
6813 * will send to the device in a given go. Starting in NMVe 1.3 this must
6814 * be a multiple of the firmware update granularity (FWUG), but must not
6815 * exceed the maximum data transfer that we've set. Many devices don't
6816 * report something here, which means we'll end up getting our default
6817 * value. Our policy is a little simple, but it's basically if the
6818 * maximum data transfer is evenly divided by the granularity, then use
6819 * it. Otherwise we use the granularity itself. The granularity is
6820 * always in page sized units, so trying to find another optimum point
6821 * isn't worth it. If we encounter a contradiction, then we will have to
6822 * error out.
6823 */
6824 data.vcd_vers = &nvme->n_version;
6825 data.vcd_id = nvme->n_idctl;
6826 gran = nvme_fw_load_granularity(&data);
6827
6828 if ((nvme->n_max_data_transfer_size % gran) == 0) {
6829 maxcopy = nvme->n_max_data_transfer_size;
6830 } else if (gran <= nvme->n_max_data_transfer_size) {
6831 maxcopy = gran;
6832 } else {
6833 (void) nvme_ioctl_error(&fw.fwl_common,
6834 NVME_IOCTL_E_FW_LOAD_IMPOS_GRAN, 0, 0);
6835 goto copyout;
6836 }
6837
6838 while (len > 0) {
6839 nvme_ioc_cmd_args_t args = { NULL };
6840 uint64_t copylen = MIN(maxcopy, len);
6841
6842 sqe.sqe_cdw10 = (uint32_t)(copylen >> NVME_DWORD_SHIFT) - 1;
6843 sqe.sqe_cdw11 = (uint32_t)(offset >> NVME_DWORD_SHIFT);
6844
6845 args.ica_sqe = &sqe;
6846 args.ica_data = (void *)buf;
6847 args.ica_data_len = copylen;
6848 args.ica_dma_flags = DDI_DMA_WRITE;
6849 args.ica_copy_flags = mode;
6850 args.ica_timeout = nvme_admin_cmd_timeout;
6851
6852 if (!nvme_ioc_cmd(nvme, &fw.fwl_common, &args)) {
6853 break;
6854 }
6855
6856 buf += copylen;
6857 offset += copylen;
6858 len -= copylen;
6859 }
6860
6861 copyout:
6862 if (ddi_copyout(&fw, (void *)(uintptr_t)arg, sizeof (fw),
6863 mode & FKIOCTL) != 0) {
6864 return (EFAULT);
6865 }
6866
6867 return (0);
6868 }
6869
6870 static int
nvme_ioctl_firmware_commit(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)6871 nvme_ioctl_firmware_commit(nvme_minor_t *minor, intptr_t arg, int mode,
6872 cred_t *cred_p)
6873 {
6874 nvme_t *const nvme = minor->nm_ctrl;
6875 nvme_ioctl_fw_commit_t fw;
6876 nvme_firmware_commit_dw10_t fc_dw10 = { 0 };
6877 nvme_ioc_cmd_args_t args = { NULL };
6878 nvme_sqe_t sqe = {
6879 .sqe_opc = NVME_OPC_FW_ACTIVATE
6880 };
6881
6882 if ((mode & FWRITE) == 0)
6883 return (EBADF);
6884
6885 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
6886 return (EPERM);
6887
6888 if (ddi_copyin((void *)(uintptr_t)arg, &fw, sizeof (fw),
6889 mode & FKIOCTL) != 0) {
6890 return (EFAULT);
6891 }
6892
6893 if (!nvme_ioctl_check(minor, &fw.fwc_common, &nvme_check_firmware)) {
6894 goto copyout;
6895 }
6896
6897 if (!nvme_validate_fw_commit(nvme, &fw)) {
6898 goto copyout;
6899 }
6900
6901 fc_dw10.b.fc_slot = fw.fwc_slot;
6902 fc_dw10.b.fc_action = fw.fwc_action;
6903 sqe.sqe_cdw10 = fc_dw10.r;
6904
6905 args.ica_sqe = &sqe;
6906 args.ica_timeout = nvme_commit_save_cmd_timeout;
6907
6908 /*
6909 * There are no conditional actions to take based on this succeeding or
6910 * failing. A failure is recorded in the ioctl structure returned to the
6911 * user.
6912 */
6913 (void) nvme_ioc_cmd(nvme, &fw.fwc_common, &args);
6914
6915 /*
6916 * Let the DDI UFM subsystem know that the firmware information for
6917 * this device has changed. We perform this unconditionally as an
6918 * invalidation doesn't particularly hurt us.
6919 */
6920 nvme_ufm_update(nvme);
6921
6922 copyout:
6923 if (ddi_copyout(&fw, (void *)(uintptr_t)arg, sizeof (fw),
6924 mode & FKIOCTL) != 0) {
6925 return (EFAULT);
6926 }
6927
6928 return (0);
6929 }
6930
6931 /*
6932 * Helper to copy in a passthru command from userspace, handling
6933 * different data models.
6934 */
6935 static int
nvme_passthru_copyin_cmd(const void * buf,nvme_ioctl_passthru_t * cmd,int mode)6936 nvme_passthru_copyin_cmd(const void *buf, nvme_ioctl_passthru_t *cmd, int mode)
6937 {
6938 switch (ddi_model_convert_from(mode & FMODELS)) {
6939 #ifdef _MULTI_DATAMODEL
6940 case DDI_MODEL_ILP32: {
6941 nvme_ioctl_passthru32_t cmd32;
6942
6943 if (ddi_copyin(buf, (void*)&cmd32, sizeof (cmd32), mode) != 0)
6944 return (EFAULT);
6945
6946 bzero(cmd, sizeof (nvme_ioctl_passthru_t));
6947
6948 cmd->npc_common.nioc_nsid = cmd32.npc_common.nioc_nsid;
6949 cmd->npc_opcode = cmd32.npc_opcode;
6950 cmd->npc_timeout = cmd32.npc_timeout;
6951 cmd->npc_flags = cmd32.npc_flags;
6952 cmd->npc_impact = cmd32.npc_impact;
6953 cmd->npc_cdw12 = cmd32.npc_cdw12;
6954 cmd->npc_cdw13 = cmd32.npc_cdw13;
6955 cmd->npc_cdw14 = cmd32.npc_cdw14;
6956 cmd->npc_cdw15 = cmd32.npc_cdw15;
6957 cmd->npc_buflen = cmd32.npc_buflen;
6958 cmd->npc_buf = cmd32.npc_buf;
6959 break;
6960 }
6961 #endif /* _MULTI_DATAMODEL */
6962 case DDI_MODEL_NONE:
6963 if (ddi_copyin(buf, (void *)cmd, sizeof (nvme_ioctl_passthru_t),
6964 mode) != 0) {
6965 return (EFAULT);
6966 }
6967 break;
6968 default:
6969 return (ENOTSUP);
6970 }
6971
6972 return (0);
6973 }
6974
6975 /*
6976 * Helper to copy out a passthru command result to userspace, handling
6977 * different data models.
6978 */
6979 static int
nvme_passthru_copyout_cmd(const nvme_ioctl_passthru_t * cmd,void * buf,int mode)6980 nvme_passthru_copyout_cmd(const nvme_ioctl_passthru_t *cmd, void *buf, int mode)
6981 {
6982 switch (ddi_model_convert_from(mode & FMODELS)) {
6983 #ifdef _MULTI_DATAMODEL
6984 case DDI_MODEL_ILP32: {
6985 nvme_ioctl_passthru32_t cmd32;
6986
6987 bzero(&cmd32, sizeof (nvme_ioctl_passthru32_t));
6988
6989 cmd32.npc_common = cmd->npc_common;
6990 cmd32.npc_opcode = cmd->npc_opcode;
6991 cmd32.npc_timeout = cmd->npc_timeout;
6992 cmd32.npc_flags = cmd->npc_flags;
6993 cmd32.npc_impact = cmd->npc_impact;
6994 cmd32.npc_cdw0 = cmd->npc_cdw0;
6995 cmd32.npc_cdw12 = cmd->npc_cdw12;
6996 cmd32.npc_cdw13 = cmd->npc_cdw13;
6997 cmd32.npc_cdw14 = cmd->npc_cdw14;
6998 cmd32.npc_cdw15 = cmd->npc_cdw15;
6999 cmd32.npc_buflen = (size32_t)cmd->npc_buflen;
7000 cmd32.npc_buf = (uintptr32_t)cmd->npc_buf;
7001 if (ddi_copyout(&cmd32, buf, sizeof (cmd32), mode) != 0)
7002 return (EFAULT);
7003 break;
7004 }
7005 #endif /* _MULTI_DATAMODEL */
7006 case DDI_MODEL_NONE:
7007 if (ddi_copyout(cmd, buf, sizeof (nvme_ioctl_passthru_t),
7008 mode) != 0) {
7009 return (EFAULT);
7010 }
7011 break;
7012 default:
7013 return (ENOTSUP);
7014 }
7015 return (0);
7016 }
7017
7018 /*
7019 * Run an arbitrary vendor-specific admin command on the device.
7020 */
7021 static int
nvme_ioctl_passthru(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)7022 nvme_ioctl_passthru(nvme_minor_t *minor, intptr_t arg, int mode, cred_t *cred_p)
7023 {
7024 nvme_t *const nvme = minor->nm_ctrl;
7025 int rv;
7026 nvme_ioctl_passthru_t pass;
7027 nvme_sqe_t sqe;
7028 nvme_ioc_cmd_args_t args = { NULL };
7029
7030 /*
7031 * Basic checks: permissions, data model, argument size.
7032 */
7033 if ((mode & FWRITE) == 0)
7034 return (EBADF);
7035
7036 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
7037 return (EPERM);
7038
7039 if ((rv = nvme_passthru_copyin_cmd((void *)(uintptr_t)arg, &pass,
7040 mode)) != 0) {
7041 return (rv);
7042 }
7043
7044 if (!nvme_ioctl_check(minor, &pass.npc_common, &nvme_check_passthru)) {
7045 goto copyout;
7046 }
7047
7048 if (!nvme_validate_vuc(nvme, &pass)) {
7049 goto copyout;
7050 }
7051
7052 nvme_mgmt_lock(nvme, NVME_MGMT_LOCK_NVME);
7053 if ((pass.npc_impact & NVME_IMPACT_NS) != 0) {
7054 /*
7055 * We've been told this has ns impact. Right now force that to
7056 * be every ns until we have more use cases and reason to trust
7057 * the nsid field.
7058 */
7059 if (!nvme_no_blkdev_attached(nvme, NVME_NSID_BCAST)) {
7060 nvme_mgmt_unlock(nvme);
7061 (void) nvme_ioctl_error(&pass.npc_common,
7062 NVME_IOCTL_E_NS_BLKDEV_ATTACH, 0, 0);
7063 goto copyout;
7064 }
7065 }
7066
7067 bzero(&sqe, sizeof (sqe));
7068
7069 sqe.sqe_opc = pass.npc_opcode;
7070 sqe.sqe_nsid = pass.npc_common.nioc_nsid;
7071 sqe.sqe_cdw10 = (uint32_t)(pass.npc_buflen >> NVME_DWORD_SHIFT);
7072 sqe.sqe_cdw12 = pass.npc_cdw12;
7073 sqe.sqe_cdw13 = pass.npc_cdw13;
7074 sqe.sqe_cdw14 = pass.npc_cdw14;
7075 sqe.sqe_cdw15 = pass.npc_cdw15;
7076
7077 args.ica_sqe = &sqe;
7078 args.ica_data = (void *)pass.npc_buf;
7079 args.ica_data_len = pass.npc_buflen;
7080 args.ica_copy_flags = mode;
7081 args.ica_timeout = pass.npc_timeout;
7082
7083 if ((pass.npc_flags & NVME_PASSTHRU_READ) != 0)
7084 args.ica_dma_flags |= DDI_DMA_READ;
7085 else if ((pass.npc_flags & NVME_PASSTHRU_WRITE) != 0)
7086 args.ica_dma_flags |= DDI_DMA_WRITE;
7087
7088 if (nvme_ioc_cmd(nvme, &pass.npc_common, &args)) {
7089 pass.npc_cdw0 = args.ica_cdw0;
7090 if ((pass.npc_impact & NVME_IMPACT_NS) != 0) {
7091 nvme_rescan_ns(nvme, NVME_NSID_BCAST);
7092 }
7093 }
7094 nvme_mgmt_unlock(nvme);
7095
7096 copyout:
7097 rv = nvme_passthru_copyout_cmd(&pass, (void *)(uintptr_t)arg,
7098 mode);
7099
7100 return (rv);
7101 }
7102
7103 static int
nvme_ioctl_lock(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)7104 nvme_ioctl_lock(nvme_minor_t *minor, intptr_t arg, int mode,
7105 cred_t *cred_p)
7106 {
7107 nvme_ioctl_lock_t lock;
7108 const nvme_lock_flags_t all_flags = NVME_LOCK_F_DONT_BLOCK;
7109 nvme_t *nvme = minor->nm_ctrl;
7110
7111 if ((mode & FWRITE) == 0)
7112 return (EBADF);
7113
7114 if (secpolicy_sys_config(cred_p, B_FALSE) != 0)
7115 return (EPERM);
7116
7117 if (ddi_copyin((void *)(uintptr_t)arg, &lock, sizeof (lock),
7118 mode & FKIOCTL) != 0) {
7119 return (EFAULT);
7120 }
7121
7122 if (lock.nil_ent != NVME_LOCK_E_CTRL &&
7123 lock.nil_ent != NVME_LOCK_E_NS) {
7124 (void) nvme_ioctl_error(&lock.nil_common,
7125 NVME_IOCTL_E_BAD_LOCK_ENTITY, 0, 0);
7126 goto copyout;
7127 }
7128
7129 if (lock.nil_level != NVME_LOCK_L_READ &&
7130 lock.nil_level != NVME_LOCK_L_WRITE) {
7131 (void) nvme_ioctl_error(&lock.nil_common,
7132 NVME_IOCTL_E_BAD_LOCK_LEVEL, 0, 0);
7133 goto copyout;
7134 }
7135
7136 if ((lock.nil_flags & ~all_flags) != 0) {
7137 (void) nvme_ioctl_error(&lock.nil_common,
7138 NVME_IOCTL_E_BAD_LOCK_FLAGS, 0, 0);
7139 goto copyout;
7140 }
7141
7142 if (!nvme_ioctl_check(minor, &lock.nil_common, &nvme_check_locking)) {
7143 goto copyout;
7144 }
7145
7146 /*
7147 * If we're on a namespace, confirm that we're not asking for the
7148 * controller.
7149 */
7150 if (lock.nil_common.nioc_nsid != 0 &&
7151 lock.nil_ent == NVME_LOCK_E_CTRL) {
7152 (void) nvme_ioctl_error(&lock.nil_common,
7153 NVME_IOCTL_E_NS_CANNOT_LOCK_CTRL, 0, 0);
7154 goto copyout;
7155 }
7156
7157 /*
7158 * We've reached the point where we can no longer actually check things
7159 * without serializing state. First, we need to check to make sure that
7160 * none of our invariants are being broken for locking:
7161 *
7162 * 1) The caller isn't already blocking for a lock operation to
7163 * complete.
7164 *
7165 * 2) The caller is attempting to grab a lock that they already have.
7166 * While there are other rule violations that this might create, we opt
7167 * to check this ahead of it so we can have slightly better error
7168 * messages for our callers.
7169 *
7170 * 3) The caller is trying to grab a controller lock, while holding a
7171 * namespace lock.
7172 *
7173 * 4) The caller has a controller write lock and is trying to get a
7174 * namespace lock. For now, we disallow this case. Holding a controller
7175 * read lock is allowed, but the write lock allows you to operate on all
7176 * namespaces anyways. In addition, this simplifies the locking logic;
7177 * however, this constraint may be loosened in the future.
7178 *
7179 * 5) The caller is trying to acquire a second namespace lock when they
7180 * already have one.
7181 */
7182 mutex_enter(&nvme->n_minor_mutex);
7183 if (minor->nm_ctrl_lock.nli_state == NVME_LOCK_STATE_BLOCKED ||
7184 minor->nm_ns_lock.nli_state == NVME_LOCK_STATE_BLOCKED) {
7185 (void) nvme_ioctl_error(&lock.nil_common,
7186 NVME_IOCTL_E_LOCK_PENDING, 0, 0);
7187 mutex_exit(&nvme->n_minor_mutex);
7188 goto copyout;
7189 }
7190
7191 if ((lock.nil_ent == NVME_LOCK_E_CTRL &&
7192 minor->nm_ctrl_lock.nli_state == NVME_LOCK_STATE_ACQUIRED) ||
7193 (lock.nil_ent == NVME_LOCK_E_NS &&
7194 minor->nm_ns_lock.nli_state == NVME_LOCK_STATE_ACQUIRED &&
7195 minor->nm_ns_lock.nli_ns->ns_id == lock.nil_common.nioc_nsid)) {
7196 (void) nvme_ioctl_error(&lock.nil_common,
7197 NVME_IOCTL_E_LOCK_ALREADY_HELD, 0, 0);
7198 mutex_exit(&nvme->n_minor_mutex);
7199 goto copyout;
7200 }
7201
7202 if (lock.nil_ent == NVME_LOCK_E_CTRL &&
7203 minor->nm_ns_lock.nli_state != NVME_LOCK_STATE_UNLOCKED) {
7204 (void) nvme_ioctl_error(&lock.nil_common,
7205 NVME_IOCTL_E_LOCK_NO_CTRL_WITH_NS, 0, 0);
7206 mutex_exit(&nvme->n_minor_mutex);
7207 goto copyout;
7208 }
7209
7210 if (lock.nil_ent == NVME_LOCK_E_NS &&
7211 (minor->nm_ctrl_lock.nli_state == NVME_LOCK_STATE_ACQUIRED &&
7212 minor->nm_ctrl_lock.nli_curlevel == NVME_LOCK_L_WRITE)) {
7213 (void) nvme_ioctl_error(&lock.nil_common,
7214 NVME_IOCTL_LOCK_NO_NS_WITH_CTRL_WRLOCK, 0, 0);
7215 mutex_exit(&nvme->n_minor_mutex);
7216 goto copyout;
7217 }
7218
7219 if (lock.nil_ent == NVME_LOCK_E_NS &&
7220 minor->nm_ns_lock.nli_state != NVME_LOCK_STATE_UNLOCKED) {
7221 (void) nvme_ioctl_error(&lock.nil_common,
7222 NVME_IOCTL_E_LOCK_NO_2ND_NS, 0, 0);
7223 mutex_exit(&nvme->n_minor_mutex);
7224 goto copyout;
7225 }
7226
7227 #ifdef DEBUG
7228 /*
7229 * This is a big block of sanity checks to make sure that we haven't
7230 * allowed anything bad to happen.
7231 */
7232 if (lock.nil_ent == NVME_LOCK_E_NS) {
7233 ASSERT3P(minor->nm_ns_lock.nli_lock, ==, NULL);
7234 ASSERT3U(minor->nm_ns_lock.nli_state, ==,
7235 NVME_LOCK_STATE_UNLOCKED);
7236 ASSERT3U(minor->nm_ns_lock.nli_curlevel, ==, 0);
7237 ASSERT3P(minor->nm_ns_lock.nli_ns, ==, NULL);
7238
7239 if (minor->nm_ns != NULL) {
7240 ASSERT3U(minor->nm_ns->ns_id, ==,
7241 lock.nil_common.nioc_nsid);
7242 }
7243
7244 ASSERT0(list_link_active(&minor->nm_ns_lock.nli_node));
7245 } else {
7246 ASSERT3P(minor->nm_ctrl_lock.nli_lock, ==, NULL);
7247 ASSERT3U(minor->nm_ctrl_lock.nli_state, ==,
7248 NVME_LOCK_STATE_UNLOCKED);
7249 ASSERT3U(minor->nm_ctrl_lock.nli_curlevel, ==, 0);
7250 ASSERT3P(minor->nm_ns_lock.nli_ns, ==, NULL);
7251 ASSERT0(list_link_active(&minor->nm_ctrl_lock.nli_node));
7252
7253 ASSERT3P(minor->nm_ns_lock.nli_lock, ==, NULL);
7254 ASSERT3U(minor->nm_ns_lock.nli_state, ==,
7255 NVME_LOCK_STATE_UNLOCKED);
7256 ASSERT3U(minor->nm_ns_lock.nli_curlevel, ==, 0);
7257 ASSERT3P(minor->nm_ns_lock.nli_ns, ==, NULL);
7258 ASSERT0(list_link_active(&minor->nm_ns_lock.nli_node));
7259 }
7260 #endif /* DEBUG */
7261
7262 /*
7263 * At this point we should actually attempt a locking operation.
7264 */
7265 nvme_rwlock(minor, &lock);
7266 mutex_exit(&nvme->n_minor_mutex);
7267
7268 copyout:
7269 if (ddi_copyout(&lock, (void *)(uintptr_t)arg, sizeof (lock),
7270 mode & FKIOCTL) != 0) {
7271 return (EFAULT);
7272 }
7273
7274 return (0);
7275 }
7276
7277 static int
nvme_ioctl_unlock(nvme_minor_t * minor,intptr_t arg,int mode,cred_t * cred_p)7278 nvme_ioctl_unlock(nvme_minor_t *minor, intptr_t arg, int mode,
7279 cred_t *cred_p)
7280 {
7281 nvme_ioctl_unlock_t unlock;
7282 nvme_t *const nvme = minor->nm_ctrl;
7283 boolean_t is_ctrl;
7284 nvme_lock_t *lock;
7285 nvme_minor_lock_info_t *info;
7286
7287 /*
7288 * Note, we explicitly don't check for privileges for unlock. The idea
7289 * being that if you have the lock, that's what matters. If you don't
7290 * have the lock, it doesn't matter what privileges that you have at
7291 * all.
7292 */
7293 if ((mode & FWRITE) == 0)
7294 return (EBADF);
7295
7296 if (ddi_copyin((void *)(uintptr_t)arg, &unlock, sizeof (unlock),
7297 mode & FKIOCTL) != 0) {
7298 return (EFAULT);
7299 }
7300
7301 if (unlock.niu_ent != NVME_LOCK_E_CTRL &&
7302 unlock.niu_ent != NVME_LOCK_E_NS) {
7303 (void) nvme_ioctl_error(&unlock.niu_common,
7304 NVME_IOCTL_E_BAD_LOCK_ENTITY, 0, 0);
7305 goto copyout;
7306 }
7307
7308 if (!nvme_ioctl_check(minor, &unlock.niu_common, &nvme_check_locking)) {
7309 goto copyout;
7310 }
7311
7312 /*
7313 * If we're on a namespace, confirm that we're not asking for the
7314 * controller.
7315 */
7316 if (unlock.niu_common.nioc_nsid != 0 &&
7317 unlock.niu_ent == NVME_LOCK_E_CTRL) {
7318 (void) nvme_ioctl_error(&unlock.niu_common,
7319 NVME_IOCTL_E_NS_CANNOT_UNLOCK_CTRL, 0, 0);
7320 goto copyout;
7321 }
7322
7323 mutex_enter(&nvme->n_minor_mutex);
7324 if (unlock.niu_ent == NVME_LOCK_E_CTRL) {
7325 if (minor->nm_ctrl_lock.nli_state != NVME_LOCK_STATE_ACQUIRED) {
7326 mutex_exit(&nvme->n_minor_mutex);
7327 (void) nvme_ioctl_error(&unlock.niu_common,
7328 NVME_IOCTL_E_LOCK_NOT_HELD, 0, 0);
7329 goto copyout;
7330 }
7331 } else {
7332 if (minor->nm_ns_lock.nli_ns == NULL) {
7333 mutex_exit(&nvme->n_minor_mutex);
7334 (void) nvme_ioctl_error(&unlock.niu_common,
7335 NVME_IOCTL_E_LOCK_NOT_HELD, 0, 0);
7336 goto copyout;
7337 }
7338
7339 /*
7340 * Check that our unlock request corresponds to the namespace ID
7341 * that is currently locked. This could happen if we're using
7342 * the controller node and it specified a valid, but not locked,
7343 * namespace ID.
7344 */
7345 if (minor->nm_ns_lock.nli_ns->ns_id !=
7346 unlock.niu_common.nioc_nsid) {
7347 mutex_exit(&nvme->n_minor_mutex);
7348 ASSERT3P(minor->nm_ns, ==, NULL);
7349 (void) nvme_ioctl_error(&unlock.niu_common,
7350 NVME_IOCTL_E_LOCK_WRONG_NS, 0, 0);
7351 goto copyout;
7352 }
7353
7354 if (minor->nm_ns_lock.nli_state != NVME_LOCK_STATE_ACQUIRED) {
7355 mutex_exit(&nvme->n_minor_mutex);
7356 (void) nvme_ioctl_error(&unlock.niu_common,
7357 NVME_IOCTL_E_LOCK_NOT_HELD, 0, 0);
7358 goto copyout;
7359 }
7360 }
7361
7362 /*
7363 * Finally, perform the unlock.
7364 */
7365 is_ctrl = unlock.niu_ent == NVME_LOCK_E_CTRL;
7366 if (is_ctrl) {
7367 lock = &nvme->n_lock;
7368 info = &minor->nm_ctrl_lock;
7369 } else {
7370 nvme_namespace_t *ns;
7371 const uint32_t nsid = unlock.niu_common.nioc_nsid;
7372
7373 ns = nvme_nsid2ns(nvme, nsid);
7374 lock = &ns->ns_lock;
7375 info = &minor->nm_ns_lock;
7376 VERIFY3P(ns, ==, info->nli_ns);
7377 }
7378 nvme_rwunlock(info, lock);
7379 mutex_exit(&nvme->n_minor_mutex);
7380 nvme_ioctl_success(&unlock.niu_common);
7381
7382 copyout:
7383 if (ddi_copyout(&unlock, (void *)(uintptr_t)arg, sizeof (unlock),
7384 mode & FKIOCTL) != 0) {
7385 return (EFAULT);
7386 }
7387
7388 return (0);
7389 }
7390
7391 static int
nvme_ioctl(dev_t dev,int cmd,intptr_t arg,int mode,cred_t * cred_p,int * rval_p)7392 nvme_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *cred_p,
7393 int *rval_p)
7394 {
7395 #ifndef __lock_lint
7396 _NOTE(ARGUNUSED(rval_p));
7397 #endif
7398 nvme_minor_t *minor;
7399 nvme_t *nvme;
7400
7401 minor = nvme_minor_find_by_dev(dev);
7402 if (minor == NULL) {
7403 return (ENXIO);
7404 }
7405
7406 nvme = minor->nm_ctrl;
7407 if (nvme == NULL)
7408 return (ENXIO);
7409
7410 if (IS_DEVCTL(cmd))
7411 return (ndi_devctl_ioctl(nvme->n_dip, cmd, arg, mode, 0));
7412
7413 if (nvme->n_dead && (cmd != NVME_IOC_DETACH && cmd !=
7414 NVME_IOC_UNLOCK)) {
7415 if (IS_NVME_IOC(cmd) == 0) {
7416 return (EIO);
7417 }
7418
7419 return (nvme_ioctl_copyout_error(nvme->n_dead_status, arg,
7420 mode));
7421 }
7422
7423 /*
7424 * ioctls that are no longer using the original ioctl structure.
7425 */
7426 switch (cmd) {
7427 case NVME_IOC_CTRL_INFO:
7428 return (nvme_ioctl_ctrl_info(minor, arg, mode, cred_p));
7429 case NVME_IOC_IDENTIFY:
7430 return (nvme_ioctl_identify(minor, arg, mode, cred_p));
7431 case NVME_IOC_GET_LOGPAGE:
7432 return (nvme_ioctl_get_logpage(minor, arg, mode, cred_p));
7433 case NVME_IOC_GET_FEATURE:
7434 return (nvme_ioctl_get_feature(minor, arg, mode, cred_p));
7435 case NVME_IOC_DETACH:
7436 return (nvme_ioctl_detach(minor, arg, mode, cred_p));
7437 case NVME_IOC_ATTACH:
7438 return (nvme_ioctl_attach(minor, arg, mode, cred_p));
7439 case NVME_IOC_FORMAT:
7440 return (nvme_ioctl_format(minor, arg, mode, cred_p));
7441 case NVME_IOC_FIRMWARE_DOWNLOAD:
7442 return (nvme_ioctl_firmware_download(minor, arg, mode,
7443 cred_p));
7444 case NVME_IOC_FIRMWARE_COMMIT:
7445 return (nvme_ioctl_firmware_commit(minor, arg, mode,
7446 cred_p));
7447 case NVME_IOC_NS_INFO:
7448 return (nvme_ioctl_ns_info(minor, arg, mode, cred_p));
7449 case NVME_IOC_PASSTHRU:
7450 return (nvme_ioctl_passthru(minor, arg, mode, cred_p));
7451 case NVME_IOC_LOCK:
7452 return (nvme_ioctl_lock(minor, arg, mode, cred_p));
7453 case NVME_IOC_UNLOCK:
7454 return (nvme_ioctl_unlock(minor, arg, mode, cred_p));
7455 default:
7456 return (ENOTTY);
7457 }
7458 }
7459
7460 /*
7461 * DDI UFM Callbacks
7462 */
7463 static int
nvme_ufm_fill_image(ddi_ufm_handle_t * ufmh,void * arg,uint_t imgno,ddi_ufm_image_t * img)7464 nvme_ufm_fill_image(ddi_ufm_handle_t *ufmh, void *arg, uint_t imgno,
7465 ddi_ufm_image_t *img)
7466 {
7467 nvme_t *nvme = arg;
7468
7469 if (imgno != 0)
7470 return (EINVAL);
7471
7472 ddi_ufm_image_set_desc(img, "Firmware");
7473 ddi_ufm_image_set_nslots(img, nvme->n_idctl->id_frmw.fw_nslot);
7474
7475 return (0);
7476 }
7477
7478 /*
7479 * Fill out firmware slot information for the requested slot. The firmware
7480 * slot information is gathered by requesting the Firmware Slot Information log
7481 * page. The format of the page is described in section 5.10.1.3.
7482 *
7483 * We lazily cache the log page on the first call and then invalidate the cache
7484 * data after a successful firmware download or firmware commit command.
7485 * The cached data is protected by a mutex as the state can change
7486 * asynchronous to this callback.
7487 */
7488 static int
nvme_ufm_fill_slot(ddi_ufm_handle_t * ufmh,void * arg,uint_t imgno,uint_t slotno,ddi_ufm_slot_t * slot)7489 nvme_ufm_fill_slot(ddi_ufm_handle_t *ufmh, void *arg, uint_t imgno,
7490 uint_t slotno, ddi_ufm_slot_t *slot)
7491 {
7492 nvme_t *nvme = arg;
7493 void *log = NULL;
7494 size_t bufsize;
7495 ddi_ufm_attr_t attr = 0;
7496 char fw_ver[NVME_FWVER_SZ + 1];
7497
7498 if (imgno > 0 || slotno > (nvme->n_idctl->id_frmw.fw_nslot - 1))
7499 return (EINVAL);
7500
7501 mutex_enter(&nvme->n_fwslot_mutex);
7502 if (nvme->n_fwslot == NULL) {
7503 if (!nvme_get_logpage_int(nvme, B_TRUE, &log, &bufsize,
7504 NVME_LOGPAGE_FWSLOT) ||
7505 bufsize != sizeof (nvme_fwslot_log_t)) {
7506 if (log != NULL)
7507 kmem_free(log, bufsize);
7508 mutex_exit(&nvme->n_fwslot_mutex);
7509 return (EIO);
7510 }
7511 nvme->n_fwslot = (nvme_fwslot_log_t *)log;
7512 }
7513
7514 /*
7515 * NVMe numbers firmware slots starting at 1
7516 */
7517 if (slotno == (nvme->n_fwslot->fw_afi - 1))
7518 attr |= DDI_UFM_ATTR_ACTIVE;
7519
7520 if (slotno != 0 || nvme->n_idctl->id_frmw.fw_readonly == 0)
7521 attr |= DDI_UFM_ATTR_WRITEABLE;
7522
7523 if (nvme->n_fwslot->fw_frs[slotno][0] == '\0') {
7524 attr |= DDI_UFM_ATTR_EMPTY;
7525 } else {
7526 (void) strncpy(fw_ver, nvme->n_fwslot->fw_frs[slotno],
7527 NVME_FWVER_SZ);
7528 fw_ver[NVME_FWVER_SZ] = '\0';
7529 ddi_ufm_slot_set_version(slot, fw_ver);
7530 }
7531 mutex_exit(&nvme->n_fwslot_mutex);
7532
7533 ddi_ufm_slot_set_attrs(slot, attr);
7534
7535 return (0);
7536 }
7537
7538 static int
nvme_ufm_getcaps(ddi_ufm_handle_t * ufmh,void * arg,ddi_ufm_cap_t * caps)7539 nvme_ufm_getcaps(ddi_ufm_handle_t *ufmh, void *arg, ddi_ufm_cap_t *caps)
7540 {
7541 *caps = DDI_UFM_CAP_REPORT;
7542 return (0);
7543 }
7544
7545 boolean_t
nvme_ctrl_atleast(nvme_t * nvme,const nvme_version_t * min)7546 nvme_ctrl_atleast(nvme_t *nvme, const nvme_version_t *min)
7547 {
7548 return (nvme_vers_atleast(&nvme->n_version, min) ? B_TRUE : B_FALSE);
7549 }
7550