1 /*- 2 * Copyright (c) 2007 Scott Long 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions, and the following disclaimer, 10 * without modification, immediately at the beginning of the file. 11 * 2. The name of the author may not be used to endorse or promote products 12 * derived from this software without specific prior written permission. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR 18 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 /* 28 * scsi_sg peripheral driver. This driver is meant to implement the Linux 29 * SG passthrough interface for SCSI. 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include <sys/param.h> 36 #include <sys/systm.h> 37 #include <sys/kernel.h> 38 #include <sys/types.h> 39 #include <sys/bio.h> 40 #include <sys/malloc.h> 41 #include <sys/fcntl.h> 42 #include <sys/ioccom.h> 43 #include <sys/conf.h> 44 #include <sys/errno.h> 45 #include <sys/devicestat.h> 46 #include <sys/proc.h> 47 #include <sys/uio.h> 48 49 #include <cam/cam.h> 50 #include <cam/cam_ccb.h> 51 #include <cam/cam_periph.h> 52 #include <cam/cam_queue.h> 53 #include <cam/cam_xpt_periph.h> 54 #include <cam/cam_debug.h> 55 #include <cam/cam_sim.h> 56 57 #include <cam/scsi/scsi_all.h> 58 #include <cam/scsi/scsi_message.h> 59 #include <cam/scsi/scsi_sg.h> 60 61 #include <compat/linux/linux_ioctl.h> 62 63 typedef enum { 64 SG_FLAG_OPEN = 0x01, 65 SG_FLAG_LOCKED = 0x02, 66 SG_FLAG_INVALID = 0x04 67 } sg_flags; 68 69 typedef enum { 70 SG_STATE_NORMAL 71 } sg_state; 72 73 typedef enum { 74 SG_RDWR_FREE, 75 SG_RDWR_INPROG, 76 SG_RDWR_DONE 77 } sg_rdwr_state; 78 79 typedef enum { 80 SG_CCB_RDWR_IO, 81 SG_CCB_WAITING 82 } sg_ccb_types; 83 84 #define ccb_type ppriv_field0 85 #define ccb_rdwr ppriv_ptr1 86 87 struct sg_rdwr { 88 TAILQ_ENTRY(sg_rdwr) rdwr_link; 89 int tag; 90 int state; 91 int buf_len; 92 char *buf; 93 union ccb *ccb; 94 union { 95 struct sg_header hdr; 96 struct sg_io_hdr io_hdr; 97 } hdr; 98 }; 99 100 struct sg_softc { 101 sg_state state; 102 sg_flags flags; 103 struct devstat *device_stats; 104 TAILQ_HEAD(, sg_rdwr) rdwr_done; 105 struct cdev *dev; 106 int sg_timeout; 107 int sg_user_timeout; 108 uint8_t pd_type; 109 union ccb saved_ccb; 110 }; 111 112 static d_open_t sgopen; 113 static d_close_t sgclose; 114 static d_ioctl_t sgioctl; 115 static d_write_t sgwrite; 116 static d_read_t sgread; 117 118 static periph_init_t sginit; 119 static periph_ctor_t sgregister; 120 static periph_oninv_t sgoninvalidate; 121 static periph_dtor_t sgcleanup; 122 static periph_start_t sgstart; 123 static void sgasync(void *callback_arg, uint32_t code, 124 struct cam_path *path, void *arg); 125 static void sgdone(struct cam_periph *periph, union ccb *done_ccb); 126 static int sgsendccb(struct cam_periph *periph, union ccb *ccb); 127 static int sgsendrdwr(struct cam_periph *periph, union ccb *ccb); 128 static int sgerror(union ccb *ccb, uint32_t cam_flags, 129 uint32_t sense_flags); 130 static void sg_scsiio_status(struct ccb_scsiio *csio, 131 u_short *hoststat, u_short *drvstat); 132 133 static int scsi_group_len(u_char cmd); 134 135 static struct periph_driver sgdriver = 136 { 137 sginit, "sg", 138 TAILQ_HEAD_INITIALIZER(sgdriver.units), /* gen */ 0 139 }; 140 PERIPHDRIVER_DECLARE(sg, sgdriver); 141 142 static struct cdevsw sg_cdevsw = { 143 .d_version = D_VERSION, 144 .d_flags = D_NEEDGIANT, 145 .d_open = sgopen, 146 .d_close = sgclose, 147 .d_ioctl = sgioctl, 148 .d_write = sgwrite, 149 .d_read = sgread, 150 .d_name = "sg", 151 }; 152 153 static int sg_version = 30125; 154 155 static void 156 sginit(void) 157 { 158 cam_status status; 159 struct cam_path *path; 160 161 /* 162 * Install a global async callback. This callback will receive aync 163 * callbacks like "new device found". 164 */ 165 status = xpt_create_path(&path, /*periph*/NULL, CAM_XPT_PATH_ID, 166 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD); 167 168 if (status == CAM_REQ_CMP) { 169 struct ccb_setasync csa; 170 171 xpt_setup_ccb(&csa.ccb_h, path, /*priority*/5); 172 csa.ccb_h.func_code = XPT_SASYNC_CB; 173 csa.event_enable = AC_FOUND_DEVICE; 174 csa.callback = sgasync; 175 csa.callback_arg = NULL; 176 xpt_action((union ccb *)&csa); 177 status = csa.ccb_h.status; 178 xpt_free_path(path); 179 } 180 181 if (status != CAM_REQ_CMP) { 182 printf("sg: Failed to attach master async callbac " 183 "due to status 0x%x!\n", status); 184 } 185 } 186 187 static void 188 sgoninvalidate(struct cam_periph *periph) 189 { 190 struct sg_softc *softc; 191 struct ccb_setasync csa; 192 193 softc = (struct sg_softc *)periph->softc; 194 195 /* 196 * Deregister any async callbacks. 197 */ 198 xpt_setup_ccb(&csa.ccb_h, periph->path, /*priority*/5); 199 csa.ccb_h.func_code = XPT_SASYNC_CB; 200 csa.event_enable = 0; 201 csa.callback = sgasync; 202 csa.callback_arg = periph; 203 xpt_action((union ccb *)&csa); 204 205 softc->flags |= SG_FLAG_INVALID; 206 207 /* 208 * XXX Return all queued I/O with ENXIO. 209 * XXX Handle any transactions queued to the card 210 * with XPT_ABORT_CCB. 211 */ 212 213 if (bootverbose) { 214 xpt_print(periph->path, "lost device\n"); 215 } 216 } 217 218 static void 219 sgcleanup(struct cam_periph *periph) 220 { 221 struct sg_softc *softc; 222 223 softc = (struct sg_softc *)periph->softc; 224 devstat_remove_entry(softc->device_stats); 225 destroy_dev(softc->dev); 226 if (bootverbose) { 227 xpt_print(periph->path, "removing device entry\n"); 228 } 229 free(softc, M_DEVBUF); 230 } 231 232 static void 233 sgasync(void *callback_arg, uint32_t code, struct cam_path *path, void *arg) 234 { 235 struct cam_periph *periph; 236 237 periph = (struct cam_periph *)callback_arg; 238 239 switch (code) { 240 case AC_FOUND_DEVICE: 241 { 242 struct ccb_getdev *cgd; 243 cam_status status; 244 245 cgd = (struct ccb_getdev *)arg; 246 if (cgd == NULL) 247 break; 248 249 /* 250 * Allocate a peripheral instance for this device and 251 * start the probe process. 252 */ 253 status = cam_periph_alloc(sgregister, sgoninvalidate, 254 sgcleanup, sgstart, "sg", 255 CAM_PERIPH_BIO, cgd->ccb_h.path, 256 sgasync, AC_FOUND_DEVICE, cgd); 257 if ((status != CAM_REQ_CMP) && (status != CAM_REQ_INPROG)) { 258 const struct cam_status_entry *entry; 259 260 entry = cam_fetch_status_entry(status); 261 printf("sgasync: Unable to attach new device " 262 "due to status %#x: %s\n", status, entry ? 263 entry->status_text : "Unknown"); 264 } 265 break; 266 } 267 default: 268 cam_periph_async(periph, code, path, arg); 269 break; 270 } 271 } 272 273 static cam_status 274 sgregister(struct cam_periph *periph, void *arg) 275 { 276 struct sg_softc *softc; 277 struct ccb_setasync csa; 278 struct ccb_getdev *cgd; 279 int no_tags; 280 281 cgd = (struct ccb_getdev *)arg; 282 if (periph == NULL) { 283 printf("sgregister: periph was NULL!!\n"); 284 return (CAM_REQ_CMP_ERR); 285 } 286 287 if (cgd == NULL) { 288 printf("sgregister: no getdev CCB, can't register device\n"); 289 return (CAM_REQ_CMP_ERR); 290 } 291 292 softc = malloc(sizeof(*softc), M_DEVBUF, M_ZERO | M_NOWAIT); 293 if (softc == NULL) { 294 printf("sgregister: Unable to allocate softc\n"); 295 return (CAM_REQ_CMP_ERR); 296 } 297 298 softc->state = SG_STATE_NORMAL; 299 softc->pd_type = SID_TYPE(&cgd->inq_data); 300 softc->sg_timeout = SG_DEFAULT_TIMEOUT / SG_DEFAULT_HZ * hz; 301 softc->sg_user_timeout = SG_DEFAULT_TIMEOUT; 302 TAILQ_INIT(&softc->rdwr_done); 303 periph->softc = softc; 304 305 /* 306 * We pass in 0 for all blocksize, since we don't know what the 307 * blocksize of the device is, if it even has a blocksize. 308 */ 309 no_tags = (cgd->inq_data.flags & SID_CmdQue) == 0; 310 softc->device_stats = devstat_new_entry("sg", 311 unit2minor(periph->unit_number), 0, 312 DEVSTAT_NO_BLOCKSIZE 313 | (no_tags ? DEVSTAT_NO_ORDERED_TAGS : 0), 314 softc->pd_type | 315 DEVSTAT_TYPE_IF_SCSI | 316 DEVSTAT_TYPE_PASS, 317 DEVSTAT_PRIORITY_PASS); 318 319 /* Register the device */ 320 cam_periph_unlock(periph); 321 softc->dev = make_dev(&sg_cdevsw, unit2minor(periph->unit_number), 322 UID_ROOT, GID_OPERATOR, 0600, "%s%d", 323 periph->periph_name, periph->unit_number); 324 (void)make_dev_alias(softc->dev, "sg%c", 'a' + periph->unit_number); 325 cam_periph_lock(periph); 326 softc->dev->si_drv1 = periph; 327 328 /* 329 * Add as async callback so that we get 330 * notified if this device goes away. 331 */ 332 xpt_setup_ccb(&csa.ccb_h, periph->path, /*priority*/5); 333 csa.ccb_h.func_code = XPT_SASYNC_CB; 334 csa.event_enable = AC_LOST_DEVICE; 335 csa.callback = sgasync; 336 csa.callback_arg = periph; 337 xpt_action((union ccb *)&csa); 338 339 if (bootverbose) 340 xpt_announce_periph(periph, NULL); 341 342 return (CAM_REQ_CMP); 343 } 344 345 static void 346 sgstart(struct cam_periph *periph, union ccb *start_ccb) 347 { 348 struct sg_softc *softc; 349 350 softc = (struct sg_softc *)periph->softc; 351 352 switch (softc->state) { 353 case SG_STATE_NORMAL: 354 start_ccb->ccb_h.ccb_type = SG_CCB_WAITING; 355 SLIST_INSERT_HEAD(&periph->ccb_list, &start_ccb->ccb_h, 356 periph_links.sle); 357 periph->immediate_priority = CAM_PRIORITY_NONE; 358 wakeup(&periph->ccb_list); 359 break; 360 } 361 } 362 363 static void 364 sgdone(struct cam_periph *periph, union ccb *done_ccb) 365 { 366 struct sg_softc *softc; 367 struct ccb_scsiio *csio; 368 369 softc = (struct sg_softc *)periph->softc; 370 csio = &done_ccb->csio; 371 switch (csio->ccb_h.ccb_type) { 372 case SG_CCB_WAITING: 373 /* Caller will release the CCB */ 374 wakeup(&done_ccb->ccb_h.cbfcnp); 375 return; 376 case SG_CCB_RDWR_IO: 377 { 378 struct sg_rdwr *rdwr; 379 int state; 380 381 devstat_end_transaction(softc->device_stats, 382 csio->dxfer_len, 383 csio->tag_action & 0xf, 384 ((csio->ccb_h.flags & CAM_DIR_MASK) == 385 CAM_DIR_NONE) ? DEVSTAT_NO_DATA : 386 (csio->ccb_h.flags & CAM_DIR_OUT) ? 387 DEVSTAT_WRITE : DEVSTAT_READ, 388 NULL, NULL); 389 390 rdwr = done_ccb->ccb_h.ccb_rdwr; 391 state = rdwr->state; 392 rdwr->state = SG_RDWR_DONE; 393 wakeup(rdwr); 394 break; 395 } 396 default: 397 panic("unknown sg CCB type"); 398 } 399 } 400 401 static int 402 sgopen(struct cdev *dev, int flags, int fmt, struct thread *td) 403 { 404 struct cam_periph *periph; 405 struct sg_softc *softc; 406 int error = 0; 407 408 periph = (struct cam_periph *)dev->si_drv1; 409 if (periph == NULL) 410 return (ENXIO); 411 412 /* 413 * Don't allow access when we're running at a high securelevel. 414 */ 415 error = securelevel_gt(td->td_ucred, 1); 416 if (error) 417 return (error); 418 419 cam_periph_lock(periph); 420 421 softc = (struct sg_softc *)periph->softc; 422 if (softc->flags & SG_FLAG_INVALID) { 423 cam_periph_unlock(periph); 424 return (ENXIO); 425 } 426 427 if ((softc->flags & SG_FLAG_OPEN) == 0) { 428 softc->flags |= SG_FLAG_OPEN; 429 } else { 430 /* Device closes aren't symmetrical, fix up the refcount. */ 431 cam_periph_release(periph); 432 } 433 434 cam_periph_unlock(periph); 435 436 return (error); 437 } 438 439 static int 440 sgclose(struct cdev *dev, int flag, int fmt, struct thread *td) 441 { 442 struct cam_periph *periph; 443 struct sg_softc *softc; 444 445 periph = (struct cam_periph *)dev->si_drv1; 446 if (periph == NULL) 447 return (ENXIO); 448 449 cam_periph_lock(periph); 450 451 softc = (struct sg_softc *)periph->softc; 452 softc->flags &= ~SG_FLAG_OPEN; 453 454 cam_periph_unlock(periph); 455 cam_periph_release(periph); 456 457 return (0); 458 } 459 460 static int 461 sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int flag, struct thread *td) 462 { 463 union ccb *ccb; 464 struct ccb_scsiio *csio; 465 struct cam_periph *periph; 466 struct sg_softc *softc; 467 struct sg_io_hdr req; 468 int dir, error; 469 470 periph = (struct cam_periph *)dev->si_drv1; 471 if (periph == NULL) 472 return (ENXIO); 473 474 cam_periph_lock(periph); 475 476 softc = (struct sg_softc *)periph->softc; 477 error = 0; 478 479 switch (cmd) { 480 case LINUX_SCSI_GET_BUS_NUMBER: { 481 int busno; 482 483 busno = xpt_path_path_id(periph->path); 484 error = copyout(&busno, arg, sizeof(busno)); 485 break; 486 } 487 case LINUX_SCSI_GET_IDLUN: { 488 struct scsi_idlun idlun; 489 struct cam_sim *sim; 490 491 idlun.dev_id = xpt_path_target_id(periph->path); 492 sim = xpt_path_sim(periph->path); 493 idlun.host_unique_id = sim->unit_number; 494 error = copyout(&idlun, arg, sizeof(idlun)); 495 break; 496 } 497 case SG_GET_VERSION_NUM: 498 case LINUX_SG_GET_VERSION_NUM: 499 error = copyout(&sg_version, arg, sizeof(sg_version)); 500 break; 501 case SG_SET_TIMEOUT: 502 case LINUX_SG_SET_TIMEOUT: { 503 u_int user_timeout; 504 505 error = copyin(arg, &user_timeout, sizeof(u_int)); 506 if (error == 0) { 507 softc->sg_user_timeout = user_timeout; 508 softc->sg_timeout = user_timeout / SG_DEFAULT_HZ * hz; 509 } 510 break; 511 } 512 case SG_GET_TIMEOUT: 513 case LINUX_SG_GET_TIMEOUT: 514 /* 515 * The value is returned directly to the syscall. 516 */ 517 td->td_retval[0] = softc->sg_user_timeout; 518 error = 0; 519 break; 520 case SG_IO: 521 case LINUX_SG_IO: 522 error = copyin(arg, &req, sizeof(req)); 523 if (error) 524 break; 525 526 if (req.cmd_len > IOCDBLEN) { 527 error = EINVAL; 528 break; 529 } 530 531 if (req.iovec_count != 0) { 532 error = EOPNOTSUPP; 533 break; 534 } 535 536 ccb = cam_periph_getccb(periph, /*priority*/5); 537 csio = &ccb->csio; 538 539 error = copyin(req.cmdp, &csio->cdb_io.cdb_bytes, 540 req.cmd_len); 541 if (error) { 542 xpt_release_ccb(ccb); 543 break; 544 } 545 546 switch(req.dxfer_direction) { 547 case SG_DXFER_TO_DEV: 548 dir = CAM_DIR_OUT; 549 break; 550 case SG_DXFER_FROM_DEV: 551 dir = CAM_DIR_IN; 552 break; 553 case SG_DXFER_TO_FROM_DEV: 554 dir = CAM_DIR_IN | CAM_DIR_OUT; 555 break; 556 case SG_DXFER_NONE: 557 default: 558 dir = CAM_DIR_NONE; 559 break; 560 } 561 562 cam_fill_csio(csio, 563 /*retries*/1, 564 sgdone, 565 dir|CAM_DEV_QFRZDIS, 566 MSG_SIMPLE_Q_TAG, 567 req.dxferp, 568 req.dxfer_len, 569 req.mx_sb_len, 570 req.cmd_len, 571 req.timeout); 572 573 error = sgsendccb(periph, ccb); 574 if (error) { 575 req.host_status = DID_ERROR; 576 req.driver_status = DRIVER_INVALID; 577 xpt_release_ccb(ccb); 578 break; 579 } 580 581 req.status = csio->scsi_status; 582 req.masked_status = (csio->scsi_status >> 1) & 0x7f; 583 sg_scsiio_status(csio, &req.host_status, &req.driver_status); 584 req.resid = csio->resid; 585 req.duration = csio->ccb_h.timeout; 586 req.info = 0; 587 588 error = copyout(&req, arg, sizeof(req)); 589 if ((error == 0) && (csio->ccb_h.status & CAM_AUTOSNS_VALID) 590 && (req.sbp != NULL)) { 591 req.sb_len_wr = req.mx_sb_len - csio->sense_resid; 592 error = copyout(&csio->sense_data, req.sbp, 593 req.sb_len_wr); 594 } 595 596 xpt_release_ccb(ccb); 597 break; 598 599 case SG_GET_RESERVED_SIZE: 600 case LINUX_SG_GET_RESERVED_SIZE: { 601 int size = 32768; 602 603 error = copyout(&size, arg, sizeof(size)); 604 break; 605 } 606 607 case SG_GET_SCSI_ID: 608 case LINUX_SG_GET_SCSI_ID: 609 { 610 struct sg_scsi_id id; 611 612 id.host_no = 0; /* XXX */ 613 id.channel = xpt_path_path_id(periph->path); 614 id.scsi_id = xpt_path_target_id(periph->path); 615 id.lun = xpt_path_lun_id(periph->path); 616 id.scsi_type = softc->pd_type; 617 id.h_cmd_per_lun = 1; 618 id.d_queue_depth = 1; 619 id.unused[0] = 0; 620 id.unused[1] = 0; 621 622 error = copyout(&id, arg, sizeof(id)); 623 break; 624 } 625 626 case SG_EMULATED_HOST: 627 case SG_SET_TRANSFORM: 628 case SG_GET_TRANSFORM: 629 case SG_GET_NUM_WAITING: 630 case SG_SCSI_RESET: 631 case SG_GET_REQUEST_TABLE: 632 case SG_SET_KEEP_ORPHAN: 633 case SG_GET_KEEP_ORPHAN: 634 case SG_GET_ACCESS_COUNT: 635 case SG_SET_FORCE_LOW_DMA: 636 case SG_GET_LOW_DMA: 637 case SG_GET_SG_TABLESIZE: 638 case SG_SET_FORCE_PACK_ID: 639 case SG_GET_PACK_ID: 640 case SG_SET_RESERVED_SIZE: 641 case SG_GET_COMMAND_Q: 642 case SG_SET_COMMAND_Q: 643 case SG_SET_DEBUG: 644 case SG_NEXT_CMD_LEN: 645 case LINUX_SG_EMULATED_HOST: 646 case LINUX_SG_SET_TRANSFORM: 647 case LINUX_SG_GET_TRANSFORM: 648 case LINUX_SG_GET_NUM_WAITING: 649 case LINUX_SG_SCSI_RESET: 650 case LINUX_SG_GET_REQUEST_TABLE: 651 case LINUX_SG_SET_KEEP_ORPHAN: 652 case LINUX_SG_GET_KEEP_ORPHAN: 653 case LINUX_SG_GET_ACCESS_COUNT: 654 case LINUX_SG_SET_FORCE_LOW_DMA: 655 case LINUX_SG_GET_LOW_DMA: 656 case LINUX_SG_GET_SG_TABLESIZE: 657 case LINUX_SG_SET_FORCE_PACK_ID: 658 case LINUX_SG_GET_PACK_ID: 659 case LINUX_SG_SET_RESERVED_SIZE: 660 case LINUX_SG_GET_COMMAND_Q: 661 case LINUX_SG_SET_COMMAND_Q: 662 case LINUX_SG_SET_DEBUG: 663 case LINUX_SG_NEXT_CMD_LEN: 664 default: 665 #ifdef CAMDEBUG 666 printf("sgioctl: rejecting cmd 0x%lx\n", cmd); 667 #endif 668 error = ENODEV; 669 break; 670 } 671 672 cam_periph_unlock(periph); 673 return (error); 674 } 675 676 static int 677 sgwrite(struct cdev *dev, struct uio *uio, int ioflag) 678 { 679 union ccb *ccb; 680 struct cam_periph *periph; 681 struct ccb_scsiio *csio; 682 struct sg_softc *sc; 683 struct sg_header *hdr; 684 struct sg_rdwr *rdwr; 685 u_char cdb_cmd; 686 char *buf; 687 int error = 0, cdb_len, buf_len, dir; 688 689 periph = dev->si_drv1; 690 rdwr = malloc(sizeof(*rdwr), M_DEVBUF, M_WAITOK | M_ZERO); 691 hdr = &rdwr->hdr.hdr; 692 693 /* Copy in the header block and sanity check it */ 694 if (uio->uio_resid < sizeof(*hdr)) { 695 error = EINVAL; 696 goto out_hdr; 697 } 698 error = uiomove(hdr, sizeof(*hdr), uio); 699 if (error) 700 goto out_hdr; 701 702 ccb = xpt_alloc_ccb(); 703 if (ccb == NULL) { 704 error = ENOMEM; 705 goto out_hdr; 706 } 707 csio = &ccb->csio; 708 709 /* 710 * Copy in the CDB block. The designers of the interface didn't 711 * bother to provide a size for this in the header, so we have to 712 * figure it out ourselves. 713 */ 714 if (uio->uio_resid < 1) 715 goto out_ccb; 716 error = uiomove(&cdb_cmd, 1, uio); 717 if (error) 718 goto out_ccb; 719 if (hdr->twelve_byte) 720 cdb_len = 12; 721 else 722 cdb_len = scsi_group_len(cdb_cmd); 723 /* 724 * We've already read the first byte of the CDB and advanced the uio 725 * pointer. Just read the rest. 726 */ 727 csio->cdb_io.cdb_bytes[0] = cdb_cmd; 728 error = uiomove(&csio->cdb_io.cdb_bytes[1], cdb_len - 1, uio); 729 if (error) 730 goto out_ccb; 731 732 /* 733 * Now set up the data block. Again, the designers didn't bother 734 * to make this reliable. 735 */ 736 buf_len = uio->uio_resid; 737 if (buf_len != 0) { 738 buf = malloc(buf_len, M_DEVBUF, M_WAITOK | M_ZERO); 739 error = uiomove(buf, buf_len, uio); 740 if (error) 741 goto out_buf; 742 dir = CAM_DIR_OUT; 743 } else if (hdr->reply_len != 0) { 744 buf = malloc(hdr->reply_len, M_DEVBUF, M_WAITOK | M_ZERO); 745 buf_len = hdr->reply_len; 746 dir = CAM_DIR_IN; 747 } else { 748 buf = NULL; 749 buf_len = 0; 750 dir = CAM_DIR_NONE; 751 } 752 753 cam_periph_lock(periph); 754 sc = periph->softc; 755 xpt_setup_ccb(&ccb->ccb_h, periph->path, /*priority*/5); 756 cam_fill_csio(csio, 757 /*retries*/1, 758 sgdone, 759 dir|CAM_DEV_QFRZDIS, 760 MSG_SIMPLE_Q_TAG, 761 buf, 762 buf_len, 763 SG_MAX_SENSE, 764 cdb_len, 765 sc->sg_timeout); 766 767 /* 768 * Send off the command and hope that it works. This path does not 769 * go through sgstart because the I/O is supposed to be asynchronous. 770 */ 771 rdwr->buf = buf; 772 rdwr->buf_len = buf_len; 773 rdwr->tag = hdr->pack_id; 774 rdwr->ccb = ccb; 775 rdwr->state = SG_RDWR_INPROG; 776 ccb->ccb_h.ccb_rdwr = rdwr; 777 ccb->ccb_h.ccb_type = SG_CCB_RDWR_IO; 778 TAILQ_INSERT_TAIL(&sc->rdwr_done, rdwr, rdwr_link); 779 error = sgsendrdwr(periph, ccb); 780 cam_periph_unlock(periph); 781 return (error); 782 783 out_buf: 784 free(buf, M_DEVBUF); 785 out_ccb: 786 xpt_free_ccb(ccb); 787 out_hdr: 788 free(rdwr, M_DEVBUF); 789 return (error); 790 } 791 792 static int 793 sgread(struct cdev *dev, struct uio *uio, int ioflag) 794 { 795 struct ccb_scsiio *csio; 796 struct cam_periph *periph; 797 struct sg_softc *sc; 798 struct sg_header *hdr; 799 struct sg_rdwr *rdwr; 800 u_short hstat, dstat; 801 int error, pack_len, reply_len, pack_id; 802 803 periph = dev->si_drv1; 804 805 /* XXX The pack len field needs to be updated and written out instead 806 * of discarded. Not sure how to do that. 807 */ 808 uio->uio_rw = UIO_WRITE; 809 if ((error = uiomove(&pack_len, 4, uio)) != 0) 810 return (error); 811 if ((error = uiomove(&reply_len, 4, uio)) != 0) 812 return (error); 813 if ((error = uiomove(&pack_id, 4, uio)) != 0) 814 return (error); 815 uio->uio_rw = UIO_READ; 816 817 cam_periph_lock(periph); 818 sc = periph->softc; 819 search: 820 TAILQ_FOREACH(rdwr, &sc->rdwr_done, rdwr_link) { 821 if (rdwr->tag == pack_id) 822 break; 823 } 824 if ((rdwr == NULL) || (rdwr->state != SG_RDWR_DONE)) { 825 if (msleep(rdwr, periph->sim->mtx, PCATCH, "sgread", 0) == ERESTART) 826 return (EAGAIN); 827 goto search; 828 } 829 TAILQ_REMOVE(&sc->rdwr_done, rdwr, rdwr_link); 830 cam_periph_unlock(periph); 831 832 hdr = &rdwr->hdr.hdr; 833 csio = &rdwr->ccb->csio; 834 sg_scsiio_status(csio, &hstat, &dstat); 835 hdr->host_status = hstat; 836 hdr->driver_status = dstat; 837 hdr->target_status = csio->scsi_status >> 1; 838 839 switch (hstat) { 840 case DID_OK: 841 case DID_PASSTHROUGH: 842 case DID_SOFT_ERROR: 843 hdr->result = 0; 844 break; 845 case DID_NO_CONNECT: 846 case DID_BUS_BUSY: 847 case DID_TIME_OUT: 848 hdr->result = EBUSY; 849 break; 850 case DID_BAD_TARGET: 851 case DID_ABORT: 852 case DID_PARITY: 853 case DID_RESET: 854 case DID_BAD_INTR: 855 case DID_ERROR: 856 default: 857 hdr->result = EIO; 858 break; 859 } 860 861 if (dstat == DRIVER_SENSE) { 862 bcopy(&csio->sense_data, hdr->sense_buffer, 863 min(csio->sense_len, SG_MAX_SENSE)); 864 #ifdef CAMDEBUG 865 scsi_sense_print(csio); 866 #endif 867 } 868 869 error = uiomove(&hdr->result, sizeof(*hdr) - 870 offsetof(struct sg_header, result), uio); 871 if ((error == 0) && (hdr->result == 0)) 872 error = uiomove(rdwr->buf, rdwr->buf_len, uio); 873 874 cam_periph_lock(periph); 875 xpt_free_ccb(rdwr->ccb); 876 cam_periph_unlock(periph); 877 free(rdwr->buf, M_DEVBUF); 878 free(rdwr, M_DEVBUF); 879 return (error); 880 } 881 882 static int 883 sgsendccb(struct cam_periph *periph, union ccb *ccb) 884 { 885 struct sg_softc *softc; 886 struct cam_periph_map_info mapinfo; 887 int error, need_unmap = 0; 888 889 softc = periph->softc; 890 if (((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) 891 && (ccb->csio.data_ptr != NULL)) { 892 bzero(&mapinfo, sizeof(mapinfo)); 893 894 /* 895 * cam_periph_mapmem calls into proc and vm functions that can 896 * sleep as well as trigger I/O, so we can't hold the lock. 897 * Dropping it here is reasonably safe. 898 */ 899 cam_periph_unlock(periph); 900 error = cam_periph_mapmem(ccb, &mapinfo); 901 cam_periph_lock(periph); 902 if (error) 903 return (error); 904 need_unmap = 1; 905 } 906 907 error = cam_periph_runccb(ccb, 908 sgerror, 909 CAM_RETRY_SELTO, 910 SF_RETRY_UA, 911 softc->device_stats); 912 913 if (need_unmap) 914 cam_periph_unmapmem(ccb, &mapinfo); 915 916 return (error); 917 } 918 919 static int 920 sgsendrdwr(struct cam_periph *periph, union ccb *ccb) 921 { 922 struct sg_softc *softc; 923 924 softc = periph->softc; 925 devstat_start_transaction(softc->device_stats, NULL); 926 xpt_action(ccb); 927 return (0); 928 } 929 930 static int 931 sgerror(union ccb *ccb, uint32_t cam_flags, uint32_t sense_flags) 932 { 933 struct cam_periph *periph; 934 struct sg_softc *softc; 935 936 periph = xpt_path_periph(ccb->ccb_h.path); 937 softc = (struct sg_softc *)periph->softc; 938 939 return (cam_periph_error(ccb, cam_flags, sense_flags, 940 &softc->saved_ccb)); 941 } 942 943 static void 944 sg_scsiio_status(struct ccb_scsiio *csio, u_short *hoststat, u_short *drvstat) 945 { 946 int status; 947 948 status = csio->ccb_h.status; 949 950 switch (status & CAM_STATUS_MASK) { 951 case CAM_REQ_CMP: 952 *hoststat = DID_OK; 953 *drvstat = 0; 954 break; 955 case CAM_REQ_CMP_ERR: 956 *hoststat = DID_ERROR; 957 *drvstat = 0; 958 break; 959 case CAM_REQ_ABORTED: 960 *hoststat = DID_ABORT; 961 *drvstat = 0; 962 break; 963 case CAM_REQ_INVALID: 964 *hoststat = DID_ERROR; 965 *drvstat = DRIVER_INVALID; 966 break; 967 case CAM_DEV_NOT_THERE: 968 *hoststat = DID_BAD_TARGET; 969 *drvstat = 0; 970 case CAM_SEL_TIMEOUT: 971 *hoststat = DID_NO_CONNECT; 972 *drvstat = 0; 973 break; 974 case CAM_CMD_TIMEOUT: 975 *hoststat = DID_TIME_OUT; 976 *drvstat = 0; 977 break; 978 case CAM_SCSI_STATUS_ERROR: 979 *hoststat = DID_ERROR; 980 *drvstat = 0; 981 case CAM_SCSI_BUS_RESET: 982 *hoststat = DID_RESET; 983 *drvstat = 0; 984 break; 985 case CAM_UNCOR_PARITY: 986 *hoststat = DID_PARITY; 987 *drvstat = 0; 988 break; 989 case CAM_SCSI_BUSY: 990 *hoststat = DID_BUS_BUSY; 991 *drvstat = 0; 992 default: 993 *hoststat = DID_ERROR; 994 *drvstat = DRIVER_ERROR; 995 } 996 997 if (status & CAM_AUTOSNS_VALID) 998 *drvstat = DRIVER_SENSE; 999 } 1000 1001 static int 1002 scsi_group_len(u_char cmd) 1003 { 1004 int len[] = {6, 10, 10, 12, 12, 12, 10, 10}; 1005 int group; 1006 1007 group = (cmd >> 5) & 0x7; 1008 return (len[group]); 1009 } 1010 1011