1 /*- 2 * Copyright (c) 2009 Yahoo! Inc. 3 * Copyright (c) 2011-2015 LSI Corp. 4 * Copyright (c) 2013-2016 Avago Technologies 5 * Copyright 2000-2020 Broadcom Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD 30 * 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 /* Communications core for Avago Technologies (LSI) MPT3 */ 37 38 /* TODO Move headers to mprvar */ 39 #include <sys/types.h> 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/kernel.h> 43 #include <sys/selinfo.h> 44 #include <sys/module.h> 45 #include <sys/bus.h> 46 #include <sys/conf.h> 47 #include <sys/bio.h> 48 #include <sys/malloc.h> 49 #include <sys/uio.h> 50 #include <sys/sysctl.h> 51 #include <sys/endian.h> 52 #include <sys/queue.h> 53 #include <sys/kthread.h> 54 #include <sys/taskqueue.h> 55 #include <sys/sbuf.h> 56 57 #include <machine/bus.h> 58 #include <machine/resource.h> 59 #include <sys/rman.h> 60 61 #include <machine/stdarg.h> 62 63 #include <cam/cam.h> 64 #include <cam/cam_ccb.h> 65 #include <cam/cam_debug.h> 66 #include <cam/cam_sim.h> 67 #include <cam/cam_xpt_sim.h> 68 #include <cam/cam_xpt_periph.h> 69 #include <cam/cam_periph.h> 70 #include <cam/scsi/scsi_all.h> 71 #include <cam/scsi/scsi_message.h> 72 #include <cam/scsi/smp_all.h> 73 74 #include <dev/nvme/nvme.h> 75 76 #include <dev/mpr/mpi/mpi2_type.h> 77 #include <dev/mpr/mpi/mpi2.h> 78 #include <dev/mpr/mpi/mpi2_ioc.h> 79 #include <dev/mpr/mpi/mpi2_sas.h> 80 #include <dev/mpr/mpi/mpi2_pci.h> 81 #include <dev/mpr/mpi/mpi2_cnfg.h> 82 #include <dev/mpr/mpi/mpi2_init.h> 83 #include <dev/mpr/mpi/mpi2_tool.h> 84 #include <dev/mpr/mpr_ioctl.h> 85 #include <dev/mpr/mprvar.h> 86 #include <dev/mpr/mpr_table.h> 87 #include <dev/mpr/mpr_sas.h> 88 89 #define MPRSAS_DISCOVERY_TIMEOUT 20 90 #define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 91 92 /* 93 * static array to check SCSI OpCode for EEDP protection bits 94 */ 95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 98 static uint8_t op_code_prot[256] = { 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 115 }; 116 117 MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory"); 118 119 static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *); 120 static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *); 121 static void mprsas_action(struct cam_sim *sim, union ccb *ccb); 122 static void mprsas_poll(struct cam_sim *sim); 123 static void mprsas_scsiio_timeout(void *data); 124 static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm); 125 static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *); 126 static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *); 127 static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *); 128 static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *); 129 static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 130 struct mpr_command *cm); 131 static void mprsas_async(void *callback_arg, uint32_t code, 132 struct cam_path *path, void *arg); 133 static int mprsas_send_portenable(struct mpr_softc *sc); 134 static void mprsas_portenable_complete(struct mpr_softc *sc, 135 struct mpr_command *cm); 136 137 static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm); 138 static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, 139 uint64_t sasaddr); 140 static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb); 141 142 struct mprsas_target * 143 mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start, 144 uint16_t handle) 145 { 146 struct mprsas_target *target; 147 int i; 148 149 for (i = start; i < sassc->maxtargets; i++) { 150 target = &sassc->targets[i]; 151 if (target->handle == handle) 152 return (target); 153 } 154 155 return (NULL); 156 } 157 158 /* we need to freeze the simq during attach and diag reset, to avoid failing 159 * commands before device handles have been found by discovery. Since 160 * discovery involves reading config pages and possibly sending commands, 161 * discovery actions may continue even after we receive the end of discovery 162 * event, so refcount discovery actions instead of assuming we can unfreeze 163 * the simq when we get the event. 164 */ 165 void 166 mprsas_startup_increment(struct mprsas_softc *sassc) 167 { 168 MPR_FUNCTRACE(sassc->sc); 169 170 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 171 if (sassc->startup_refcount++ == 0) { 172 /* just starting, freeze the simq */ 173 mpr_dprint(sassc->sc, MPR_INIT, 174 "%s freezing simq\n", __func__); 175 xpt_hold_boot(); 176 xpt_freeze_simq(sassc->sim, 1); 177 } 178 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 179 sassc->startup_refcount); 180 } 181 } 182 183 void 184 mprsas_release_simq_reinit(struct mprsas_softc *sassc) 185 { 186 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 187 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 188 xpt_release_simq(sassc->sim, 1); 189 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n"); 190 } 191 } 192 193 void 194 mprsas_startup_decrement(struct mprsas_softc *sassc) 195 { 196 MPR_FUNCTRACE(sassc->sc); 197 198 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 199 if (--sassc->startup_refcount == 0) { 200 /* finished all discovery-related actions, release 201 * the simq and rescan for the latest topology. 202 */ 203 mpr_dprint(sassc->sc, MPR_INIT, 204 "%s releasing simq\n", __func__); 205 sassc->flags &= ~MPRSAS_IN_STARTUP; 206 xpt_release_simq(sassc->sim, 1); 207 xpt_release_boot(); 208 } 209 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 210 sassc->startup_refcount); 211 } 212 } 213 214 /* 215 * The firmware requires us to stop sending commands when we're doing task 216 * management. 217 * use. 218 * XXX The logic for serializing the device has been made lazy and moved to 219 * mprsas_prepare_for_tm(). 220 */ 221 struct mpr_command * 222 mprsas_alloc_tm(struct mpr_softc *sc) 223 { 224 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 225 struct mpr_command *tm; 226 227 MPR_FUNCTRACE(sc); 228 tm = mpr_alloc_high_priority_command(sc); 229 if (tm == NULL) 230 return (NULL); 231 232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 233 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 234 return tm; 235 } 236 237 void 238 mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm) 239 { 240 241 MPR_FUNCTRACE(sc); 242 if (tm == NULL) 243 return; 244 245 /* 246 * For TM's the devq is frozen for the device. Unfreeze it here and 247 * free the resources used for freezing the devq. Must clear the 248 * INRESET flag as well or scsi I/O will not work. 249 */ 250 if (tm->cm_ccb) { 251 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 252 "Unfreezing devq for target ID %d\n", 253 tm->cm_targ->tid); 254 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET; 255 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 256 xpt_free_path(tm->cm_ccb->ccb_h.path); 257 xpt_free_ccb(tm->cm_ccb); 258 } 259 260 mpr_free_high_priority_command(sc, tm); 261 } 262 263 void 264 mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ) 265 { 266 struct mprsas_softc *sassc = sc->sassc; 267 path_id_t pathid; 268 target_id_t targetid; 269 union ccb *ccb; 270 271 MPR_FUNCTRACE(sc); 272 pathid = cam_sim_path(sassc->sim); 273 if (targ == NULL) 274 targetid = CAM_TARGET_WILDCARD; 275 else 276 targetid = targ - sassc->targets; 277 278 /* 279 * Allocate a CCB and schedule a rescan. 280 */ 281 ccb = xpt_alloc_ccb_nowait(); 282 if (ccb == NULL) { 283 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n"); 284 return; 285 } 286 287 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid, 288 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 289 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n"); 290 xpt_free_ccb(ccb); 291 return; 292 } 293 294 if (targetid == CAM_TARGET_WILDCARD) 295 ccb->ccb_h.func_code = XPT_SCAN_BUS; 296 else 297 ccb->ccb_h.func_code = XPT_SCAN_TGT; 298 299 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid); 300 xpt_rescan(ccb); 301 } 302 303 static void 304 mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...) 305 { 306 struct sbuf sb; 307 va_list ap; 308 char str[224]; 309 char path_str[64]; 310 311 if (cm == NULL) 312 return; 313 314 /* No need to be in here if debugging isn't enabled */ 315 if ((cm->cm_sc->mpr_debug & level) == 0) 316 return; 317 318 sbuf_new(&sb, str, sizeof(str), 0); 319 320 va_start(ap, fmt); 321 322 if (cm->cm_ccb != NULL) { 323 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 324 sizeof(path_str)); 325 sbuf_cat(&sb, path_str); 326 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 327 scsi_command_string(&cm->cm_ccb->csio, &sb); 328 sbuf_printf(&sb, "length %d ", 329 cm->cm_ccb->csio.dxfer_len); 330 } 331 } else { 332 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 333 cam_sim_name(cm->cm_sc->sassc->sim), 334 cam_sim_unit(cm->cm_sc->sassc->sim), 335 cam_sim_bus(cm->cm_sc->sassc->sim), 336 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 337 cm->cm_lun); 338 } 339 340 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 341 sbuf_vprintf(&sb, fmt, ap); 342 sbuf_finish(&sb); 343 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 344 345 va_end(ap); 346 } 347 348 static void 349 mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm) 350 { 351 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 352 struct mprsas_target *targ; 353 uint16_t handle; 354 355 MPR_FUNCTRACE(sc); 356 357 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 358 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 359 targ = tm->cm_targ; 360 361 if (reply == NULL) { 362 /* XXX retry the remove after the diag reset completes? */ 363 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 364 "0x%04x\n", __func__, handle); 365 mprsas_free_tm(sc, tm); 366 return; 367 } 368 369 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 370 MPI2_IOCSTATUS_SUCCESS) { 371 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 372 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 373 } 374 375 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 376 le32toh(reply->TerminationCount)); 377 mpr_free_reply(sc, tm->cm_reply_data); 378 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 379 380 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n", 381 targ->tid, handle); 382 383 /* 384 * Don't clear target if remove fails because things will get confusing. 385 * Leave the devname and sasaddr intact so that we know to avoid reusing 386 * this target id if possible, and so we can assign the same target id 387 * to this device if it comes back in the future. 388 */ 389 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 390 MPI2_IOCSTATUS_SUCCESS) { 391 targ = tm->cm_targ; 392 targ->handle = 0x0; 393 targ->encl_handle = 0x0; 394 targ->encl_level_valid = 0x0; 395 targ->encl_level = 0x0; 396 targ->connector_name[0] = ' '; 397 targ->connector_name[1] = ' '; 398 targ->connector_name[2] = ' '; 399 targ->connector_name[3] = ' '; 400 targ->encl_slot = 0x0; 401 targ->exp_dev_handle = 0x0; 402 targ->phy_num = 0x0; 403 targ->linkrate = 0x0; 404 targ->devinfo = 0x0; 405 targ->flags = 0x0; 406 targ->scsi_req_desc_type = 0; 407 } 408 409 mprsas_free_tm(sc, tm); 410 } 411 412 /* 413 * Retry mprsas_prepare_remove() if some previous attempt failed to allocate 414 * high priority command due to limit reached. 415 */ 416 void 417 mprsas_prepare_remove_retry(struct mprsas_softc *sassc) 418 { 419 struct mprsas_target *target; 420 int i; 421 422 if ((sassc->flags & MPRSAS_TOREMOVE) == 0) 423 return; 424 425 for (i = 0; i < sassc->maxtargets; i++) { 426 target = &sassc->targets[i]; 427 if ((target->flags & MPRSAS_TARGET_TOREMOVE) == 0) 428 continue; 429 if (TAILQ_EMPTY(&sassc->sc->high_priority_req_list)) 430 return; 431 target->flags &= ~MPRSAS_TARGET_TOREMOVE; 432 if (target->flags & MPR_TARGET_FLAGS_VOLUME) 433 mprsas_prepare_volume_remove(sassc, target->handle); 434 else 435 mprsas_prepare_remove(sassc, target->handle); 436 } 437 sassc->flags &= ~MPRSAS_TOREMOVE; 438 } 439 440 /* 441 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 442 * Otherwise Volume Delete is same as Bare Drive Removal. 443 */ 444 void 445 mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle) 446 { 447 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 448 struct mpr_softc *sc; 449 struct mpr_command *cm; 450 struct mprsas_target *targ = NULL; 451 452 MPR_FUNCTRACE(sassc->sc); 453 sc = sassc->sc; 454 455 targ = mprsas_find_target_by_handle(sassc, 0, handle); 456 if (targ == NULL) { 457 /* FIXME: what is the action? */ 458 /* We don't know about this device? */ 459 mpr_dprint(sc, MPR_ERROR, 460 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 461 return; 462 } 463 464 targ->flags |= MPRSAS_TARGET_INREMOVAL; 465 466 cm = mprsas_alloc_tm(sc); 467 if (cm == NULL) { 468 targ->flags |= MPRSAS_TARGET_TOREMOVE; 469 sassc->flags |= MPRSAS_TOREMOVE; 470 return; 471 } 472 473 mprsas_rescan_target(sc, targ); 474 475 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 476 req->DevHandle = targ->handle; 477 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 478 479 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 480 /* SAS Hard Link Reset / SATA Link Reset */ 481 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 482 } else { 483 /* PCIe Protocol Level Reset*/ 484 req->MsgFlags = 485 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 486 } 487 488 cm->cm_targ = targ; 489 cm->cm_data = NULL; 490 cm->cm_complete = mprsas_remove_volume; 491 cm->cm_complete_data = (void *)(uintptr_t)handle; 492 493 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 494 __func__, targ->tid); 495 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 496 497 mpr_map_command(sc, cm); 498 } 499 500 /* 501 * The firmware performs debounce on the link to avoid transient link errors 502 * and false removals. When it does decide that link has been lost and a 503 * device needs to go away, it expects that the host will perform a target reset 504 * and then an op remove. The reset has the side-effect of aborting any 505 * outstanding requests for the device, which is required for the op-remove to 506 * succeed. It's not clear if the host should check for the device coming back 507 * alive after the reset. 508 */ 509 void 510 mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle) 511 { 512 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 513 struct mpr_softc *sc; 514 struct mpr_command *tm; 515 struct mprsas_target *targ = NULL; 516 517 MPR_FUNCTRACE(sassc->sc); 518 519 sc = sassc->sc; 520 521 targ = mprsas_find_target_by_handle(sassc, 0, handle); 522 if (targ == NULL) { 523 /* FIXME: what is the action? */ 524 /* We don't know about this device? */ 525 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n", 526 __func__, handle); 527 return; 528 } 529 530 targ->flags |= MPRSAS_TARGET_INREMOVAL; 531 532 tm = mprsas_alloc_tm(sc); 533 if (tm == NULL) { 534 targ->flags |= MPRSAS_TARGET_TOREMOVE; 535 sassc->flags |= MPRSAS_TOREMOVE; 536 return; 537 } 538 539 mprsas_rescan_target(sc, targ); 540 541 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 542 req->DevHandle = htole16(targ->handle); 543 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 544 545 /* SAS Hard Link Reset / SATA Link Reset */ 546 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 547 548 tm->cm_targ = targ; 549 tm->cm_data = NULL; 550 tm->cm_complete = mprsas_remove_device; 551 tm->cm_complete_data = (void *)(uintptr_t)handle; 552 553 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 554 __func__, targ->tid); 555 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 556 557 mpr_map_command(sc, tm); 558 } 559 560 static void 561 mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm) 562 { 563 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 564 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 565 struct mprsas_target *targ; 566 uint16_t handle; 567 568 MPR_FUNCTRACE(sc); 569 570 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 571 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 572 targ = tm->cm_targ; 573 574 /* 575 * Currently there should be no way we can hit this case. It only 576 * happens when we have a failure to allocate chain frames, and 577 * task management commands don't have S/G lists. 578 */ 579 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 580 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of " 581 "handle %#04x! This should not happen!\n", __func__, 582 tm->cm_flags, handle); 583 } 584 585 if (reply == NULL) { 586 /* XXX retry the remove after the diag reset completes? */ 587 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 588 "0x%04x\n", __func__, handle); 589 mprsas_free_tm(sc, tm); 590 return; 591 } 592 593 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 594 MPI2_IOCSTATUS_SUCCESS) { 595 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 596 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 597 } 598 599 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 600 le32toh(reply->TerminationCount)); 601 mpr_free_reply(sc, tm->cm_reply_data); 602 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 603 604 /* Reuse the existing command */ 605 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 606 memset(req, 0, sizeof(*req)); 607 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 608 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 609 req->DevHandle = htole16(handle); 610 tm->cm_data = NULL; 611 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 612 tm->cm_complete = mprsas_remove_complete; 613 tm->cm_complete_data = (void *)(uintptr_t)handle; 614 615 /* 616 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 617 * They should be aborted or time out and we'll kick thus off there 618 * if so. 619 */ 620 if (TAILQ_FIRST(&targ->commands) == NULL) { 621 mpr_dprint(sc, MPR_INFO, "No pending commands: starting remove_device\n"); 622 mpr_map_command(sc, tm); 623 targ->pending_remove_tm = NULL; 624 } else { 625 targ->pending_remove_tm = tm; 626 } 627 628 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n", 629 targ->tid, handle); 630 if (targ->encl_level_valid) { 631 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, " 632 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 633 targ->connector_name); 634 } 635 } 636 637 static void 638 mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm) 639 { 640 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 641 uint16_t handle; 642 struct mprsas_target *targ; 643 struct mprsas_lun *lun; 644 645 MPR_FUNCTRACE(sc); 646 647 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 648 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 649 650 targ = tm->cm_targ; 651 652 /* 653 * At this point, we should have no pending commands for the target. 654 * The remove target has just completed. 655 */ 656 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 657 ("%s: no commands should be pending\n", __func__)); 658 659 /* 660 * Currently there should be no way we can hit this case. It only 661 * happens when we have a failure to allocate chain frames, and 662 * task management commands don't have S/G lists. 663 */ 664 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 665 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of " 666 "handle %#04x! This should not happen!\n", __func__, 667 tm->cm_flags, handle); 668 mprsas_free_tm(sc, tm); 669 return; 670 } 671 672 if (reply == NULL) { 673 /* most likely a chip reset */ 674 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device " 675 "0x%04x\n", __func__, handle); 676 mprsas_free_tm(sc, tm); 677 return; 678 } 679 680 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n", 681 __func__, handle, le16toh(reply->IOCStatus)); 682 683 /* 684 * Don't clear target if remove fails because things will get confusing. 685 * Leave the devname and sasaddr intact so that we know to avoid reusing 686 * this target id if possible, and so we can assign the same target id 687 * to this device if it comes back in the future. 688 */ 689 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 690 MPI2_IOCSTATUS_SUCCESS) { 691 targ->handle = 0x0; 692 targ->encl_handle = 0x0; 693 targ->encl_level_valid = 0x0; 694 targ->encl_level = 0x0; 695 targ->connector_name[0] = ' '; 696 targ->connector_name[1] = ' '; 697 targ->connector_name[2] = ' '; 698 targ->connector_name[3] = ' '; 699 targ->encl_slot = 0x0; 700 targ->exp_dev_handle = 0x0; 701 targ->phy_num = 0x0; 702 targ->linkrate = 0x0; 703 targ->devinfo = 0x0; 704 targ->flags = 0x0; 705 targ->scsi_req_desc_type = 0; 706 707 while (!SLIST_EMPTY(&targ->luns)) { 708 lun = SLIST_FIRST(&targ->luns); 709 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 710 free(lun, M_MPR); 711 } 712 } 713 714 mprsas_free_tm(sc, tm); 715 } 716 717 static int 718 mprsas_register_events(struct mpr_softc *sc) 719 { 720 uint8_t events[16]; 721 722 bzero(events, 16); 723 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 724 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 725 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 726 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 727 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 728 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 729 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 730 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 731 setbit(events, MPI2_EVENT_IR_VOLUME); 732 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 733 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 734 setbit(events, MPI2_EVENT_TEMP_THRESHOLD); 735 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR); 736 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) { 737 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION); 738 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 739 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE); 740 setbit(events, MPI2_EVENT_PCIE_ENUMERATION); 741 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST); 742 } 743 } 744 745 mpr_register_events(sc, events, mprsas_evt_handler, NULL, 746 &sc->sassc->mprsas_eh); 747 748 return (0); 749 } 750 751 int 752 mpr_attach_sas(struct mpr_softc *sc) 753 { 754 struct mprsas_softc *sassc; 755 cam_status status; 756 int unit, error = 0, reqs; 757 758 MPR_FUNCTRACE(sc); 759 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__); 760 761 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO); 762 763 /* 764 * XXX MaxTargets could change during a reinit. Since we don't 765 * resize the targets[] array during such an event, cache the value 766 * of MaxTargets here so that we don't get into trouble later. This 767 * should move into the reinit logic. 768 */ 769 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 770 sassc->targets = malloc(sizeof(struct mprsas_target) * 771 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO); 772 sc->sassc = sassc; 773 sassc->sc = sc; 774 775 reqs = sc->num_reqs - sc->num_prireqs - 1; 776 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 777 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n"); 778 error = ENOMEM; 779 goto out; 780 } 781 782 unit = device_get_unit(sc->mpr_dev); 783 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc, 784 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq); 785 if (sassc->sim == NULL) { 786 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n"); 787 error = EINVAL; 788 goto out; 789 } 790 791 TAILQ_INIT(&sassc->ev_queue); 792 793 /* Initialize taskqueue for Event Handling */ 794 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc); 795 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO, 796 taskqueue_thread_enqueue, &sassc->ev_tq); 797 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 798 device_get_nameunit(sc->mpr_dev)); 799 800 mpr_lock(sc); 801 802 /* 803 * XXX There should be a bus for every port on the adapter, but since 804 * we're just going to fake the topology for now, we'll pretend that 805 * everything is just a target on a single bus. 806 */ 807 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) { 808 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 809 "Error %d registering SCSI bus\n", error); 810 mpr_unlock(sc); 811 goto out; 812 } 813 814 /* 815 * Assume that discovery events will start right away. 816 * 817 * Hold off boot until discovery is complete. 818 */ 819 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY; 820 sc->sassc->startup_refcount = 0; 821 mprsas_startup_increment(sassc); 822 823 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/); 824 825 mpr_unlock(sc); 826 827 /* 828 * Register for async events so we can determine the EEDP 829 * capabilities of devices. 830 */ 831 status = xpt_create_path(&sassc->path, /*periph*/NULL, 832 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 833 CAM_LUN_WILDCARD); 834 if (status != CAM_REQ_CMP) { 835 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 836 "Error %#x creating sim path\n", status); 837 sassc->path = NULL; 838 } else { 839 int event; 840 841 event = AC_ADVINFO_CHANGED; 842 status = xpt_register_async(event, mprsas_async, sc, 843 sassc->path); 844 845 if (status != CAM_REQ_CMP) { 846 mpr_dprint(sc, MPR_ERROR, 847 "Error %#x registering async handler for " 848 "AC_ADVINFO_CHANGED events\n", status); 849 xpt_free_path(sassc->path); 850 sassc->path = NULL; 851 } 852 } 853 if (status != CAM_REQ_CMP) { 854 /* 855 * EEDP use is the exception, not the rule. 856 * Warn the user, but do not fail to attach. 857 */ 858 mpr_printf(sc, "EEDP capabilities disabled.\n"); 859 } 860 861 mprsas_register_events(sc); 862 out: 863 if (error) 864 mpr_detach_sas(sc); 865 866 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error); 867 return (error); 868 } 869 870 int 871 mpr_detach_sas(struct mpr_softc *sc) 872 { 873 struct mprsas_softc *sassc; 874 struct mprsas_lun *lun, *lun_tmp; 875 struct mprsas_target *targ; 876 int i; 877 878 MPR_FUNCTRACE(sc); 879 880 if (sc->sassc == NULL) 881 return (0); 882 883 sassc = sc->sassc; 884 mpr_deregister_events(sc, sassc->mprsas_eh); 885 886 /* 887 * Drain and free the event handling taskqueue with the lock 888 * unheld so that any parallel processing tasks drain properly 889 * without deadlocking. 890 */ 891 if (sassc->ev_tq != NULL) 892 taskqueue_free(sassc->ev_tq); 893 894 /* Deregister our async handler */ 895 if (sassc->path != NULL) { 896 xpt_register_async(0, mprsas_async, sc, sassc->path); 897 xpt_free_path(sassc->path); 898 sassc->path = NULL; 899 } 900 901 /* Make sure CAM doesn't wedge if we had to bail out early. */ 902 mpr_lock(sc); 903 904 while (sassc->startup_refcount != 0) 905 mprsas_startup_decrement(sassc); 906 907 if (sassc->flags & MPRSAS_IN_STARTUP) 908 xpt_release_simq(sassc->sim, 1); 909 910 if (sassc->sim != NULL) { 911 xpt_bus_deregister(cam_sim_path(sassc->sim)); 912 cam_sim_free(sassc->sim, FALSE); 913 } 914 915 mpr_unlock(sc); 916 917 if (sassc->devq != NULL) 918 cam_simq_free(sassc->devq); 919 920 for (i = 0; i < sassc->maxtargets; i++) { 921 targ = &sassc->targets[i]; 922 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 923 free(lun, M_MPR); 924 } 925 } 926 free(sassc->targets, M_MPR); 927 free(sassc, M_MPR); 928 sc->sassc = NULL; 929 930 return (0); 931 } 932 933 void 934 mprsas_discovery_end(struct mprsas_softc *sassc) 935 { 936 struct mpr_softc *sc = sassc->sc; 937 938 MPR_FUNCTRACE(sc); 939 940 if (sassc->flags & MPRSAS_DISCOVERY_TIMEOUT_PENDING) 941 callout_stop(&sassc->discovery_callout); 942 943 /* 944 * After discovery has completed, check the mapping table for any 945 * missing devices and update their missing counts. Only do this once 946 * whenever the driver is initialized so that missing counts aren't 947 * updated unnecessarily. Note that just because discovery has 948 * completed doesn't mean that events have been processed yet. The 949 * check_devices function is a callout timer that checks if ALL devices 950 * are missing. If so, it will wait a little longer for events to 951 * complete and keep resetting itself until some device in the mapping 952 * table is not missing, meaning that event processing has started. 953 */ 954 if (sc->track_mapping_events) { 955 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has " 956 "completed. Check for missing devices in the mapping " 957 "table.\n"); 958 callout_reset(&sc->device_check_callout, 959 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices, 960 sc); 961 } 962 } 963 964 static void 965 mprsas_action(struct cam_sim *sim, union ccb *ccb) 966 { 967 struct mprsas_softc *sassc; 968 969 sassc = cam_sim_softc(sim); 970 971 MPR_FUNCTRACE(sassc->sc); 972 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n", 973 ccb->ccb_h.func_code); 974 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 975 976 switch (ccb->ccb_h.func_code) { 977 case XPT_PATH_INQ: 978 { 979 struct ccb_pathinq *cpi = &ccb->cpi; 980 struct mpr_softc *sc = sassc->sc; 981 982 cpi->version_num = 1; 983 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 984 cpi->target_sprt = 0; 985 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 986 cpi->hba_eng_cnt = 0; 987 cpi->max_target = sassc->maxtargets - 1; 988 cpi->max_lun = 255; 989 990 /* 991 * initiator_id is set here to an ID outside the set of valid 992 * target IDs (including volumes). 993 */ 994 cpi->initiator_id = sassc->maxtargets; 995 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 996 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 997 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 998 cpi->unit_number = cam_sim_unit(sim); 999 cpi->bus_id = cam_sim_bus(sim); 1000 /* 1001 * XXXSLM-I think this needs to change based on config page or 1002 * something instead of hardcoded to 150000. 1003 */ 1004 cpi->base_transfer_speed = 150000; 1005 cpi->transport = XPORT_SAS; 1006 cpi->transport_version = 0; 1007 cpi->protocol = PROTO_SCSI; 1008 cpi->protocol_version = SCSI_REV_SPC; 1009 cpi->maxio = sc->maxio; 1010 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1011 break; 1012 } 1013 case XPT_GET_TRAN_SETTINGS: 1014 { 1015 struct ccb_trans_settings *cts; 1016 struct ccb_trans_settings_sas *sas; 1017 struct ccb_trans_settings_scsi *scsi; 1018 struct mprsas_target *targ; 1019 1020 cts = &ccb->cts; 1021 sas = &cts->xport_specific.sas; 1022 scsi = &cts->proto_specific.scsi; 1023 1024 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 1025 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n", 1026 cts->ccb_h.target_id)); 1027 targ = &sassc->targets[cts->ccb_h.target_id]; 1028 if (targ->handle == 0x0) { 1029 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1030 break; 1031 } 1032 1033 cts->protocol_version = SCSI_REV_SPC2; 1034 cts->transport = XPORT_SAS; 1035 cts->transport_version = 0; 1036 1037 sas->valid = CTS_SAS_VALID_SPEED; 1038 switch (targ->linkrate) { 1039 case 0x08: 1040 sas->bitrate = 150000; 1041 break; 1042 case 0x09: 1043 sas->bitrate = 300000; 1044 break; 1045 case 0x0a: 1046 sas->bitrate = 600000; 1047 break; 1048 case 0x0b: 1049 sas->bitrate = 1200000; 1050 break; 1051 default: 1052 sas->valid = 0; 1053 } 1054 1055 cts->protocol = PROTO_SCSI; 1056 scsi->valid = CTS_SCSI_VALID_TQ; 1057 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1058 1059 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1060 break; 1061 } 1062 case XPT_CALC_GEOMETRY: 1063 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1064 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1065 break; 1066 case XPT_RESET_DEV: 1067 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action " 1068 "XPT_RESET_DEV\n"); 1069 mprsas_action_resetdev(sassc, ccb); 1070 return; 1071 case XPT_RESET_BUS: 1072 case XPT_ABORT: 1073 case XPT_TERM_IO: 1074 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success " 1075 "for abort or reset\n"); 1076 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1077 break; 1078 case XPT_SCSI_IO: 1079 mprsas_action_scsiio(sassc, ccb); 1080 return; 1081 case XPT_SMP_IO: 1082 mprsas_action_smpio(sassc, ccb); 1083 return; 1084 default: 1085 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1086 break; 1087 } 1088 xpt_done(ccb); 1089 1090 } 1091 1092 static void 1093 mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code, 1094 target_id_t target_id, lun_id_t lun_id) 1095 { 1096 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1097 struct cam_path *path; 1098 1099 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__, 1100 ac_code, target_id, (uintmax_t)lun_id); 1101 1102 if (xpt_create_path(&path, NULL, 1103 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1104 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset " 1105 "notification\n"); 1106 return; 1107 } 1108 1109 xpt_async(ac_code, path, NULL); 1110 xpt_free_path(path); 1111 } 1112 1113 static void 1114 mprsas_complete_all_commands(struct mpr_softc *sc) 1115 { 1116 struct mpr_command *cm; 1117 int i; 1118 int completed; 1119 1120 MPR_FUNCTRACE(sc); 1121 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1122 1123 /* complete all commands with a NULL reply */ 1124 for (i = 1; i < sc->num_reqs; i++) { 1125 cm = &sc->commands[i]; 1126 if (cm->cm_state == MPR_CM_STATE_FREE) 1127 continue; 1128 1129 cm->cm_state = MPR_CM_STATE_BUSY; 1130 cm->cm_reply = NULL; 1131 completed = 0; 1132 1133 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) { 1134 MPASS(cm->cm_data); 1135 free(cm->cm_data, M_MPR); 1136 cm->cm_data = NULL; 1137 } 1138 1139 if (cm->cm_flags & MPR_CM_FLAGS_POLLED) 1140 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE; 1141 1142 if (cm->cm_complete != NULL) { 1143 mprsas_log_command(cm, MPR_RECOVERY, 1144 "completing cm %p state %x ccb %p for diag reset\n", 1145 cm, cm->cm_state, cm->cm_ccb); 1146 cm->cm_complete(sc, cm); 1147 completed = 1; 1148 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) { 1149 mprsas_log_command(cm, MPR_RECOVERY, 1150 "waking up cm %p state %x ccb %p for diag reset\n", 1151 cm, cm->cm_state, cm->cm_ccb); 1152 wakeup(cm); 1153 completed = 1; 1154 } 1155 1156 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) { 1157 /* this should never happen, but if it does, log */ 1158 mprsas_log_command(cm, MPR_RECOVERY, 1159 "cm %p state %x flags 0x%x ccb %p during diag " 1160 "reset\n", cm, cm->cm_state, cm->cm_flags, 1161 cm->cm_ccb); 1162 } 1163 } 1164 1165 sc->io_cmds_active = 0; 1166 } 1167 1168 void 1169 mprsas_handle_reinit(struct mpr_softc *sc) 1170 { 1171 int i; 1172 1173 /* Go back into startup mode and freeze the simq, so that CAM 1174 * doesn't send any commands until after we've rediscovered all 1175 * targets and found the proper device handles for them. 1176 * 1177 * After the reset, portenable will trigger discovery, and after all 1178 * discovery-related activities have finished, the simq will be 1179 * released. 1180 */ 1181 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__); 1182 sc->sassc->flags |= MPRSAS_IN_STARTUP; 1183 sc->sassc->flags |= MPRSAS_IN_DISCOVERY; 1184 mprsas_startup_increment(sc->sassc); 1185 1186 /* notify CAM of a bus reset */ 1187 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1188 CAM_LUN_WILDCARD); 1189 1190 /* complete and cleanup after all outstanding commands */ 1191 mprsas_complete_all_commands(sc); 1192 1193 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n", 1194 __func__, sc->sassc->startup_refcount); 1195 1196 /* zero all the target handles, since they may change after the 1197 * reset, and we have to rediscover all the targets and use the new 1198 * handles. 1199 */ 1200 for (i = 0; i < sc->sassc->maxtargets; i++) { 1201 if (sc->sassc->targets[i].outstanding != 0) 1202 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n", 1203 i, sc->sassc->targets[i].outstanding); 1204 sc->sassc->targets[i].handle = 0x0; 1205 sc->sassc->targets[i].exp_dev_handle = 0x0; 1206 sc->sassc->targets[i].outstanding = 0; 1207 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET; 1208 } 1209 } 1210 static void 1211 mprsas_tm_timeout(void *data) 1212 { 1213 struct mpr_command *tm = data; 1214 struct mpr_softc *sc = tm->cm_sc; 1215 1216 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1217 1218 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed " 1219 "out\n", tm); 1220 1221 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE, 1222 ("command not inqueue, state = %u\n", tm->cm_state)); 1223 1224 tm->cm_state = MPR_CM_STATE_BUSY; 1225 mpr_reinit(sc); 1226 } 1227 1228 static void 1229 mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1230 { 1231 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1232 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1233 unsigned int cm_count = 0; 1234 struct mpr_command *cm; 1235 struct mprsas_target *targ; 1236 1237 callout_stop(&tm->cm_callout); 1238 1239 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1240 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1241 targ = tm->cm_targ; 1242 1243 /* 1244 * Currently there should be no way we can hit this case. It only 1245 * happens when we have a failure to allocate chain frames, and 1246 * task management commands don't have S/G lists. 1247 */ 1248 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1249 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1250 "%s: cm_flags = %#x for LUN reset! " 1251 "This should not happen!\n", __func__, tm->cm_flags); 1252 mprsas_free_tm(sc, tm); 1253 return; 1254 } 1255 1256 if (reply == NULL) { 1257 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n", 1258 tm); 1259 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1260 /* this completion was due to a reset, just cleanup */ 1261 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1262 "reset, ignoring NULL LUN reset reply\n"); 1263 targ->tm = NULL; 1264 mprsas_free_tm(sc, tm); 1265 } 1266 else { 1267 /* we should have gotten a reply. */ 1268 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1269 "LUN reset attempt, resetting controller\n"); 1270 mpr_reinit(sc); 1271 } 1272 return; 1273 } 1274 1275 mpr_dprint(sc, MPR_RECOVERY, 1276 "logical unit reset status 0x%x code 0x%x count %u\n", 1277 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1278 le32toh(reply->TerminationCount)); 1279 1280 /* 1281 * See if there are any outstanding commands for this LUN. 1282 * This could be made more efficient by using a per-LU data 1283 * structure of some sort. 1284 */ 1285 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1286 if (cm->cm_lun == tm->cm_lun) 1287 cm_count++; 1288 } 1289 1290 if (cm_count == 0) { 1291 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1292 "Finished recovery after LUN reset for target %u\n", 1293 targ->tid); 1294 1295 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid, 1296 tm->cm_lun); 1297 1298 /* 1299 * We've finished recovery for this logical unit. check and 1300 * see if some other logical unit has a timedout command 1301 * that needs to be processed. 1302 */ 1303 cm = TAILQ_FIRST(&targ->timedout_commands); 1304 if (cm) { 1305 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1306 "More commands to abort for target %u\n", targ->tid); 1307 mprsas_send_abort(sc, tm, cm); 1308 } else { 1309 targ->tm = NULL; 1310 mprsas_free_tm(sc, tm); 1311 } 1312 } else { 1313 /* if we still have commands for this LUN, the reset 1314 * effectively failed, regardless of the status reported. 1315 * Escalate to a target reset. 1316 */ 1317 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1318 "logical unit reset complete for target %u, but still " 1319 "have %u command(s), sending target reset\n", targ->tid, 1320 cm_count); 1321 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1322 mprsas_send_reset(sc, tm, 1323 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1324 else 1325 mpr_reinit(sc); 1326 } 1327 } 1328 1329 static void 1330 mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1331 { 1332 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1333 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1334 struct mprsas_target *targ; 1335 1336 callout_stop(&tm->cm_callout); 1337 1338 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1339 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1340 targ = tm->cm_targ; 1341 1342 /* 1343 * Currently there should be no way we can hit this case. It only 1344 * happens when we have a failure to allocate chain frames, and 1345 * task management commands don't have S/G lists. 1346 */ 1347 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1348 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target " 1349 "reset! This should not happen!\n", __func__, tm->cm_flags); 1350 mprsas_free_tm(sc, tm); 1351 return; 1352 } 1353 1354 if (reply == NULL) { 1355 mpr_dprint(sc, MPR_RECOVERY, 1356 "NULL target reset reply for tm %p TaskMID %u\n", 1357 tm, le16toh(req->TaskMID)); 1358 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1359 /* this completion was due to a reset, just cleanup */ 1360 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1361 "reset, ignoring NULL target reset reply\n"); 1362 targ->tm = NULL; 1363 mprsas_free_tm(sc, tm); 1364 } 1365 else { 1366 /* we should have gotten a reply. */ 1367 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1368 "target reset attempt, resetting controller\n"); 1369 mpr_reinit(sc); 1370 } 1371 return; 1372 } 1373 1374 mpr_dprint(sc, MPR_RECOVERY, 1375 "target reset status 0x%x code 0x%x count %u\n", 1376 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1377 le32toh(reply->TerminationCount)); 1378 1379 if (targ->outstanding == 0) { 1380 /* 1381 * We've finished recovery for this target and all 1382 * of its logical units. 1383 */ 1384 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1385 "Finished reset recovery for target %u\n", targ->tid); 1386 1387 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1388 CAM_LUN_WILDCARD); 1389 1390 targ->tm = NULL; 1391 mprsas_free_tm(sc, tm); 1392 } else { 1393 /* 1394 * After a target reset, if this target still has 1395 * outstanding commands, the reset effectively failed, 1396 * regardless of the status reported. escalate. 1397 */ 1398 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1399 "Target reset complete for target %u, but still have %u " 1400 "command(s), resetting controller\n", targ->tid, 1401 targ->outstanding); 1402 mpr_reinit(sc); 1403 } 1404 } 1405 1406 #define MPR_RESET_TIMEOUT 30 1407 1408 int 1409 mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type) 1410 { 1411 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1412 struct mprsas_target *target; 1413 int err, timeout; 1414 1415 target = tm->cm_targ; 1416 if (target->handle == 0) { 1417 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id " 1418 "%d\n", __func__, target->tid); 1419 return -1; 1420 } 1421 1422 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1423 req->DevHandle = htole16(target->handle); 1424 req->TaskType = type; 1425 1426 if (!target->is_nvme || sc->custom_nvme_tm_handling) { 1427 timeout = MPR_RESET_TIMEOUT; 1428 /* 1429 * Target reset method = 1430 * SAS Hard Link Reset / SATA Link Reset 1431 */ 1432 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1433 } else { 1434 timeout = (target->controller_reset_timeout) ? ( 1435 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT); 1436 /* PCIe Protocol Level Reset*/ 1437 req->MsgFlags = 1438 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 1439 } 1440 1441 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1442 /* XXX Need to handle invalid LUNs */ 1443 MPR_SET_LUN(req->LUN, tm->cm_lun); 1444 tm->cm_targ->logical_unit_resets++; 1445 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1446 "Sending logical unit reset to target %u lun %d\n", 1447 target->tid, tm->cm_lun); 1448 tm->cm_complete = mprsas_logical_unit_reset_complete; 1449 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1450 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1451 tm->cm_targ->target_resets++; 1452 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1453 "Sending target reset to target %u\n", target->tid); 1454 tm->cm_complete = mprsas_target_reset_complete; 1455 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1456 } 1457 else { 1458 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type); 1459 return -1; 1460 } 1461 1462 if (target->encl_level_valid) { 1463 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1464 "At enclosure level %d, slot %d, connector name (%4s)\n", 1465 target->encl_level, target->encl_slot, 1466 target->connector_name); 1467 } 1468 1469 tm->cm_data = NULL; 1470 tm->cm_complete_data = (void *)tm; 1471 1472 callout_reset(&tm->cm_callout, timeout * hz, 1473 mprsas_tm_timeout, tm); 1474 1475 err = mpr_map_command(sc, tm); 1476 if (err) 1477 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1478 "error %d sending reset type %u\n", err, type); 1479 1480 return err; 1481 } 1482 1483 static void 1484 mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm) 1485 { 1486 struct mpr_command *cm; 1487 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1488 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1489 struct mprsas_target *targ; 1490 1491 callout_stop(&tm->cm_callout); 1492 1493 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1494 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1495 targ = tm->cm_targ; 1496 1497 /* 1498 * Currently there should be no way we can hit this case. It only 1499 * happens when we have a failure to allocate chain frames, and 1500 * task management commands don't have S/G lists. 1501 */ 1502 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1503 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1504 "cm_flags = %#x for abort %p TaskMID %u!\n", 1505 tm->cm_flags, tm, le16toh(req->TaskMID)); 1506 mprsas_free_tm(sc, tm); 1507 return; 1508 } 1509 1510 if (reply == NULL) { 1511 mpr_dprint(sc, MPR_RECOVERY, 1512 "NULL abort reply for tm %p TaskMID %u\n", 1513 tm, le16toh(req->TaskMID)); 1514 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1515 /* this completion was due to a reset, just cleanup */ 1516 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1517 "reset, ignoring NULL abort reply\n"); 1518 targ->tm = NULL; 1519 mprsas_free_tm(sc, tm); 1520 } else { 1521 /* we should have gotten a reply. */ 1522 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1523 "abort attempt, resetting controller\n"); 1524 mpr_reinit(sc); 1525 } 1526 return; 1527 } 1528 1529 mpr_dprint(sc, MPR_RECOVERY, 1530 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1531 le16toh(req->TaskMID), 1532 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1533 le32toh(reply->TerminationCount)); 1534 1535 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1536 if (cm == NULL) { 1537 /* 1538 * if there are no more timedout commands, we're done with 1539 * error recovery for this target. 1540 */ 1541 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1542 "Finished abort recovery for target %u\n", targ->tid); 1543 targ->tm = NULL; 1544 mprsas_free_tm(sc, tm); 1545 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1546 /* abort success, but we have more timedout commands to abort */ 1547 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1548 "Continuing abort recovery for target %u\n", targ->tid); 1549 mprsas_send_abort(sc, tm, cm); 1550 } else { 1551 /* 1552 * we didn't get a command completion, so the abort 1553 * failed as far as we're concerned. escalate. 1554 */ 1555 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1556 "Abort failed for target %u, sending logical unit reset\n", 1557 targ->tid); 1558 1559 mprsas_send_reset(sc, tm, 1560 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1561 } 1562 } 1563 1564 #define MPR_ABORT_TIMEOUT 5 1565 1566 static int 1567 mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 1568 struct mpr_command *cm) 1569 { 1570 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1571 struct mprsas_target *targ; 1572 int err, timeout; 1573 1574 targ = cm->cm_targ; 1575 if (targ->handle == 0) { 1576 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1577 "%s null devhandle for target_id %d\n", 1578 __func__, cm->cm_ccb->ccb_h.target_id); 1579 return -1; 1580 } 1581 1582 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO, 1583 "Aborting command %p\n", cm); 1584 1585 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1586 req->DevHandle = htole16(targ->handle); 1587 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1588 1589 /* XXX Need to handle invalid LUNs */ 1590 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1591 1592 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1593 1594 tm->cm_data = NULL; 1595 tm->cm_complete = mprsas_abort_complete; 1596 tm->cm_complete_data = (void *)tm; 1597 tm->cm_targ = cm->cm_targ; 1598 tm->cm_lun = cm->cm_lun; 1599 1600 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1601 timeout = MPR_ABORT_TIMEOUT; 1602 else 1603 timeout = sc->nvme_abort_timeout; 1604 1605 callout_reset(&tm->cm_callout, timeout * hz, 1606 mprsas_tm_timeout, tm); 1607 1608 targ->aborts++; 1609 1610 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1611 1612 err = mpr_map_command(sc, tm); 1613 if (err) 1614 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1615 "error %d sending abort for cm %p SMID %u\n", 1616 err, cm, req->TaskMID); 1617 return err; 1618 } 1619 1620 static void 1621 mprsas_scsiio_timeout(void *data) 1622 { 1623 sbintime_t elapsed, now; 1624 union ccb *ccb; 1625 struct mpr_softc *sc; 1626 struct mpr_command *cm; 1627 struct mprsas_target *targ; 1628 1629 cm = (struct mpr_command *)data; 1630 sc = cm->cm_sc; 1631 ccb = cm->cm_ccb; 1632 now = sbinuptime(); 1633 1634 MPR_FUNCTRACE(sc); 1635 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1636 1637 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm); 1638 1639 /* 1640 * Run the interrupt handler to make sure it's not pending. This 1641 * isn't perfect because the command could have already completed 1642 * and been re-used, though this is unlikely. 1643 */ 1644 mpr_intr_locked(sc); 1645 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 1646 mprsas_log_command(cm, MPR_XINFO, 1647 "SCSI command %p almost timed out\n", cm); 1648 return; 1649 } 1650 1651 if (cm->cm_ccb == NULL) { 1652 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n"); 1653 return; 1654 } 1655 1656 targ = cm->cm_targ; 1657 targ->timeouts++; 1658 1659 elapsed = now - ccb->ccb_h.qos.sim_data; 1660 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY, 1661 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n", 1662 targ->tid, targ->handle, ccb->ccb_h.timeout, 1663 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1664 if (targ->encl_level_valid) { 1665 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1666 "At enclosure level %d, slot %d, connector name (%4s)\n", 1667 targ->encl_level, targ->encl_slot, targ->connector_name); 1668 } 1669 1670 /* XXX first, check the firmware state, to see if it's still 1671 * operational. if not, do a diag reset. 1672 */ 1673 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1674 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT; 1675 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1676 1677 if (targ->tm != NULL) { 1678 /* target already in recovery, just queue up another 1679 * timedout command to be processed later. 1680 */ 1681 mpr_dprint(sc, MPR_RECOVERY, 1682 "queued timedout cm %p for processing by tm %p\n", 1683 cm, targ->tm); 1684 } else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) { 1685 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1686 "Sending abort to target %u for SMID %d\n", targ->tid, 1687 cm->cm_desc.Default.SMID); 1688 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n", 1689 cm, targ->tm); 1690 1691 /* start recovery by aborting the first timedout command */ 1692 mprsas_send_abort(sc, targ->tm, cm); 1693 } else { 1694 /* XXX queue this target up for recovery once a TM becomes 1695 * available. The firmware only has a limited number of 1696 * HighPriority credits for the high priority requests used 1697 * for task management, and we ran out. 1698 * 1699 * Isilon: don't worry about this for now, since we have 1700 * more credits than disks in an enclosure, and limit 1701 * ourselves to one TM per target for recovery. 1702 */ 1703 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1704 "timedout cm %p failed to allocate a tm\n", cm); 1705 } 1706 } 1707 1708 /** 1709 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent 1710 * to SCSI Unmap. 1711 * Return 0 - for success, 1712 * 1 - to immediately return back the command with success status to CAM 1713 * negative value - to fallback to firmware path i.e. issue scsi unmap 1714 * to FW without any translation. 1715 */ 1716 static int 1717 mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm, 1718 union ccb *ccb, struct mprsas_target *targ) 1719 { 1720 Mpi26NVMeEncapsulatedRequest_t *req = NULL; 1721 struct ccb_scsiio *csio; 1722 struct unmap_parm_list *plist; 1723 struct nvme_dsm_range *nvme_dsm_ranges = NULL; 1724 struct nvme_command *c; 1725 int i, res; 1726 uint16_t ndesc, list_len, data_length; 1727 struct mpr_prp_page *prp_page_info; 1728 uint64_t nvme_dsm_ranges_dma_handle; 1729 1730 csio = &ccb->csio; 1731 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]); 1732 if (!list_len) { 1733 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n"); 1734 return -EINVAL; 1735 } 1736 1737 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT); 1738 if (!plist) { 1739 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to " 1740 "save UNMAP data\n"); 1741 return -ENOMEM; 1742 } 1743 1744 /* Copy SCSI unmap data to a local buffer */ 1745 bcopy(csio->data_ptr, plist, csio->dxfer_len); 1746 1747 /* return back the unmap command to CAM with success status, 1748 * if number of descripts is zero. 1749 */ 1750 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4; 1751 if (!ndesc) { 1752 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in " 1753 "UNMAP cmd is Zero\n"); 1754 res = 1; 1755 goto out; 1756 } 1757 1758 data_length = ndesc * sizeof(struct nvme_dsm_range); 1759 if (data_length > targ->MDTS) { 1760 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than " 1761 "Device's MDTS: %d\n", data_length, targ->MDTS); 1762 res = -EINVAL; 1763 goto out; 1764 } 1765 1766 prp_page_info = mpr_alloc_prp_page(sc); 1767 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for " 1768 "UNMAP command.\n", __func__)); 1769 1770 /* 1771 * Insert the allocated PRP page into the command's PRP page list. This 1772 * will be freed when the command is freed. 1773 */ 1774 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link); 1775 1776 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page; 1777 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr; 1778 1779 bzero(nvme_dsm_ranges, data_length); 1780 1781 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data 1782 * for each descriptors contained in SCSI UNMAP data. 1783 */ 1784 for (i = 0; i < ndesc; i++) { 1785 nvme_dsm_ranges[i].length = 1786 htole32(be32toh(plist->desc[i].nlb)); 1787 nvme_dsm_ranges[i].starting_lba = 1788 htole64(be64toh(plist->desc[i].slba)); 1789 nvme_dsm_ranges[i].attributes = 0; 1790 } 1791 1792 /* Build MPI2.6's NVMe Encapsulated Request Message */ 1793 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req; 1794 bzero(req, sizeof(*req)); 1795 req->DevHandle = htole16(targ->handle); 1796 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED; 1797 req->Flags = MPI26_NVME_FLAGS_WRITE; 1798 req->ErrorResponseBaseAddress.High = 1799 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32)); 1800 req->ErrorResponseBaseAddress.Low = 1801 htole32(cm->cm_sense_busaddr); 1802 req->ErrorResponseAllocationLength = 1803 htole16(sizeof(struct nvme_completion)); 1804 req->EncapsulatedCommandLength = 1805 htole16(sizeof(struct nvme_command)); 1806 req->DataLength = htole32(data_length); 1807 1808 /* Build NVMe DSM command */ 1809 c = (struct nvme_command *) req->NVMe_Command; 1810 c->opc = NVME_OPC_DATASET_MANAGEMENT; 1811 c->nsid = htole32(csio->ccb_h.target_lun + 1); 1812 c->cdw10 = htole32(ndesc - 1); 1813 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE); 1814 1815 cm->cm_length = data_length; 1816 cm->cm_data = NULL; 1817 1818 cm->cm_complete = mprsas_scsiio_complete; 1819 cm->cm_complete_data = ccb; 1820 cm->cm_targ = targ; 1821 cm->cm_lun = csio->ccb_h.target_lun; 1822 cm->cm_ccb = ccb; 1823 1824 cm->cm_desc.Default.RequestFlags = 1825 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED; 1826 1827 csio->ccb_h.qos.sim_data = sbinuptime(); 1828 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1829 mprsas_scsiio_timeout, cm, 0); 1830 1831 targ->issued++; 1832 targ->outstanding++; 1833 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1834 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1835 1836 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 1837 __func__, cm, ccb, targ->outstanding); 1838 1839 mpr_build_nvme_prp(sc, cm, req, 1840 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length); 1841 mpr_map_command(sc, cm); 1842 1843 out: 1844 free(plist, M_MPR); 1845 return 0; 1846 } 1847 1848 static void 1849 mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb) 1850 { 1851 MPI2_SCSI_IO_REQUEST *req; 1852 struct ccb_scsiio *csio; 1853 struct mpr_softc *sc; 1854 struct mprsas_target *targ; 1855 struct mprsas_lun *lun; 1856 struct mpr_command *cm; 1857 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode; 1858 uint16_t eedp_flags; 1859 uint32_t mpi_control; 1860 int rc; 1861 1862 sc = sassc->sc; 1863 MPR_FUNCTRACE(sc); 1864 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1865 1866 csio = &ccb->csio; 1867 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1868 ("Target %d out of bounds in XPT_SCSI_IO\n", 1869 csio->ccb_h.target_id)); 1870 targ = &sassc->targets[csio->ccb_h.target_id]; 1871 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1872 if (targ->handle == 0x0) { 1873 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n", 1874 __func__, csio->ccb_h.target_id); 1875 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1876 xpt_done(ccb); 1877 return; 1878 } 1879 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) { 1880 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO " 1881 "supported %u\n", __func__, csio->ccb_h.target_id); 1882 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1883 xpt_done(ccb); 1884 return; 1885 } 1886 /* 1887 * Sometimes, it is possible to get a command that is not "In 1888 * Progress" and was actually aborted by the upper layer. Check for 1889 * this here and complete the command without error. 1890 */ 1891 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1892 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for " 1893 "target %u\n", __func__, csio->ccb_h.target_id); 1894 xpt_done(ccb); 1895 return; 1896 } 1897 /* 1898 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1899 * that the volume has timed out. We want volumes to be enumerated 1900 * until they are deleted/removed, not just failed. In either event, 1901 * we're removing the target due to a firmware event telling us 1902 * the device is now gone (as opposed to some transient event). Since 1903 * we're opting to remove failed devices from the OS's view, we need 1904 * to propagate that status up the stack. 1905 */ 1906 if (targ->flags & MPRSAS_TARGET_INREMOVAL) { 1907 if (targ->devinfo == 0) 1908 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1909 else 1910 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1911 xpt_done(ccb); 1912 return; 1913 } 1914 1915 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) { 1916 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__); 1917 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1918 xpt_done(ccb); 1919 return; 1920 } 1921 1922 /* 1923 * If target has a reset in progress, the devq should be frozen. 1924 * Geting here we likely hit a race, so just requeue. 1925 */ 1926 if (targ->flags & MPRSAS_TARGET_INRESET) { 1927 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1928 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 1929 "%s: Freezing devq for target ID %d\n", 1930 __func__, targ->tid); 1931 xpt_freeze_devq(ccb->ccb_h.path, 1); 1932 xpt_done(ccb); 1933 return; 1934 } 1935 1936 cm = mpr_alloc_command(sc); 1937 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) { 1938 if (cm != NULL) { 1939 mpr_free_command(sc, cm); 1940 } 1941 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 1942 xpt_freeze_simq(sassc->sim, 1); 1943 sassc->flags |= MPRSAS_QUEUE_FROZEN; 1944 } 1945 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1946 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1947 xpt_done(ccb); 1948 return; 1949 } 1950 1951 /* For NVME device's issue UNMAP command directly to NVME drives by 1952 * constructing equivalent native NVMe DataSetManagement command. 1953 */ 1954 scsi_opcode = scsiio_cdb_ptr(csio)[0]; 1955 if (scsi_opcode == UNMAP && 1956 targ->is_nvme && 1957 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 1958 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ); 1959 if (rc == 1) { /* return command to CAM with success status */ 1960 mpr_free_command(sc, cm); 1961 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1962 xpt_done(ccb); 1963 return; 1964 } else if (!rc) /* Issued NVMe Encapsulated Request Message */ 1965 return; 1966 } 1967 1968 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1969 bzero(req, sizeof(*req)); 1970 req->DevHandle = htole16(targ->handle); 1971 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1972 req->MsgFlags = 0; 1973 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1974 req->SenseBufferLength = MPR_SENSE_LEN; 1975 req->SGLFlags = 0; 1976 req->ChainOffset = 0; 1977 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1978 req->SGLOffset1= 0; 1979 req->SGLOffset2= 0; 1980 req->SGLOffset3= 0; 1981 req->SkipCount = 0; 1982 req->DataLength = htole32(csio->dxfer_len); 1983 req->BidirectionalDataLength = 0; 1984 req->IoFlags = htole16(csio->cdb_len); 1985 req->EEDPFlags = 0; 1986 1987 /* Note: BiDirectional transfers are not supported */ 1988 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1989 case CAM_DIR_IN: 1990 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1991 cm->cm_flags |= MPR_CM_FLAGS_DATAIN; 1992 break; 1993 case CAM_DIR_OUT: 1994 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1995 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT; 1996 break; 1997 case CAM_DIR_NONE: 1998 default: 1999 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 2000 break; 2001 } 2002 2003 if (csio->cdb_len == 32) 2004 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 2005 /* 2006 * It looks like the hardware doesn't require an explicit tag 2007 * number for each transaction. SAM Task Management not supported 2008 * at the moment. 2009 */ 2010 switch (csio->tag_action) { 2011 case MSG_HEAD_OF_Q_TAG: 2012 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 2013 break; 2014 case MSG_ORDERED_Q_TAG: 2015 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 2016 break; 2017 case MSG_ACA_TASK: 2018 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 2019 break; 2020 case CAM_TAG_ACTION_NONE: 2021 case MSG_SIMPLE_Q_TAG: 2022 default: 2023 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 2024 break; 2025 } 2026 mpi_control |= (csio->priority << MPI2_SCSIIO_CONTROL_CMDPRI_SHIFT) & 2027 MPI2_SCSIIO_CONTROL_CMDPRI_MASK; 2028 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 2029 req->Control = htole32(mpi_control); 2030 2031 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 2032 mpr_free_command(sc, cm); 2033 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID); 2034 xpt_done(ccb); 2035 return; 2036 } 2037 2038 if (csio->ccb_h.flags & CAM_CDB_POINTER) 2039 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 2040 else { 2041 KASSERT(csio->cdb_len <= IOCDBLEN, 2042 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER " 2043 "is not set", csio->cdb_len)); 2044 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 2045 } 2046 req->IoFlags = htole16(csio->cdb_len); 2047 2048 /* 2049 * Check if EEDP is supported and enabled. If it is then check if the 2050 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 2051 * is formatted for EEDP support. If all of this is true, set CDB up 2052 * for EEDP transfer. 2053 */ 2054 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 2055 if (sc->eedp_enabled && eedp_flags) { 2056 SLIST_FOREACH(lun, &targ->luns, lun_link) { 2057 if (lun->lun_id == csio->ccb_h.target_lun) { 2058 break; 2059 } 2060 } 2061 2062 if ((lun != NULL) && (lun->eedp_formatted)) { 2063 req->EEDPBlockSize = htole32(lun->eedp_block_size); 2064 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 2065 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 2066 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 2067 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 2068 eedp_flags |= 2069 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE; 2070 } 2071 req->EEDPFlags = htole16(eedp_flags); 2072 2073 /* 2074 * If CDB less than 32, fill in Primary Ref Tag with 2075 * low 4 bytes of LBA. If CDB is 32, tag stuff is 2076 * already there. Also, set protection bit. FreeBSD 2077 * currently does not support CDBs bigger than 16, but 2078 * the code doesn't hurt, and will be here for the 2079 * future. 2080 */ 2081 if (csio->cdb_len != 32) { 2082 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 2083 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 2084 PrimaryReferenceTag; 2085 for (i = 0; i < 4; i++) { 2086 *ref_tag_addr = 2087 req->CDB.CDB32[lba_byte + i]; 2088 ref_tag_addr++; 2089 } 2090 req->CDB.EEDP32.PrimaryReferenceTag = 2091 htole32(req-> 2092 CDB.EEDP32.PrimaryReferenceTag); 2093 req->CDB.EEDP32.PrimaryApplicationTagMask = 2094 0xFFFF; 2095 req->CDB.CDB32[1] = 2096 (req->CDB.CDB32[1] & 0x1F) | 0x20; 2097 } else { 2098 eedp_flags |= 2099 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 2100 req->EEDPFlags = htole16(eedp_flags); 2101 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 2102 0x1F) | 0x20; 2103 } 2104 } 2105 } 2106 2107 cm->cm_length = csio->dxfer_len; 2108 if (cm->cm_length != 0) { 2109 cm->cm_data = ccb; 2110 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB; 2111 } else { 2112 cm->cm_data = NULL; 2113 } 2114 cm->cm_sge = &req->SGL; 2115 cm->cm_sglsize = (32 - 24) * 4; 2116 cm->cm_complete = mprsas_scsiio_complete; 2117 cm->cm_complete_data = ccb; 2118 cm->cm_targ = targ; 2119 cm->cm_lun = csio->ccb_h.target_lun; 2120 cm->cm_ccb = ccb; 2121 /* 2122 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0) 2123 * and set descriptor type. 2124 */ 2125 if (targ->scsi_req_desc_type == 2126 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) { 2127 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH; 2128 cm->cm_desc.FastPathSCSIIO.RequestFlags = 2129 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO; 2130 if (!sc->atomic_desc_capable) { 2131 cm->cm_desc.FastPathSCSIIO.DevHandle = 2132 htole16(targ->handle); 2133 } 2134 } else { 2135 cm->cm_desc.SCSIIO.RequestFlags = 2136 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 2137 if (!sc->atomic_desc_capable) 2138 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 2139 } 2140 2141 csio->ccb_h.qos.sim_data = sbinuptime(); 2142 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 2143 mprsas_scsiio_timeout, cm, 0); 2144 2145 targ->issued++; 2146 targ->outstanding++; 2147 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 2148 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2149 2150 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 2151 __func__, cm, ccb, targ->outstanding); 2152 2153 mpr_map_command(sc, cm); 2154 return; 2155 } 2156 2157 /** 2158 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request 2159 */ 2160 static void 2161 mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio, 2162 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ) 2163 { 2164 u32 response_info; 2165 u8 *response_bytes; 2166 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 2167 MPI2_IOCSTATUS_MASK; 2168 u8 scsi_state = mpi_reply->SCSIState; 2169 u8 scsi_status = mpi_reply->SCSIStatus; 2170 char *desc_ioc_state = NULL; 2171 char *desc_scsi_status = NULL; 2172 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 2173 2174 if (log_info == 0x31170000) 2175 return; 2176 2177 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string, 2178 ioc_status); 2179 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string, 2180 scsi_status); 2181 2182 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 2183 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 2184 if (targ->encl_level_valid) { 2185 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, " 2186 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 2187 targ->connector_name); 2188 } 2189 2190 /* 2191 * We can add more detail about underflow data here 2192 * TO-DO 2193 */ 2194 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), " 2195 "scsi_state %b\n", desc_scsi_status, scsi_status, 2196 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 2197 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 2198 2199 if (sc->mpr_debug & MPR_XINFO && 2200 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2201 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n"); 2202 scsi_sense_print(csio); 2203 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n"); 2204 } 2205 2206 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 2207 response_info = le32toh(mpi_reply->ResponseInfo); 2208 response_bytes = (u8 *)&response_info; 2209 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n", 2210 response_bytes[0], 2211 mpr_describe_table(mpr_scsi_taskmgmt_string, 2212 response_bytes[0])); 2213 } 2214 } 2215 2216 /** mprsas_nvme_trans_status_code 2217 * 2218 * Convert Native NVMe command error status to 2219 * equivalent SCSI error status. 2220 * 2221 * Returns appropriate scsi_status 2222 */ 2223 static u8 2224 mprsas_nvme_trans_status_code(uint16_t nvme_status, 2225 struct mpr_command *cm) 2226 { 2227 u8 status = MPI2_SCSI_STATUS_GOOD; 2228 int skey, asc, ascq; 2229 union ccb *ccb = cm->cm_complete_data; 2230 int returned_sense_len; 2231 uint8_t sct, sc; 2232 2233 sct = NVME_STATUS_GET_SCT(nvme_status); 2234 sc = NVME_STATUS_GET_SC(nvme_status); 2235 2236 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2237 skey = SSD_KEY_ILLEGAL_REQUEST; 2238 asc = SCSI_ASC_NO_SENSE; 2239 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2240 2241 switch (sct) { 2242 case NVME_SCT_GENERIC: 2243 switch (sc) { 2244 case NVME_SC_SUCCESS: 2245 status = MPI2_SCSI_STATUS_GOOD; 2246 skey = SSD_KEY_NO_SENSE; 2247 asc = SCSI_ASC_NO_SENSE; 2248 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2249 break; 2250 case NVME_SC_INVALID_OPCODE: 2251 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2252 skey = SSD_KEY_ILLEGAL_REQUEST; 2253 asc = SCSI_ASC_ILLEGAL_COMMAND; 2254 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2255 break; 2256 case NVME_SC_INVALID_FIELD: 2257 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2258 skey = SSD_KEY_ILLEGAL_REQUEST; 2259 asc = SCSI_ASC_INVALID_CDB; 2260 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2261 break; 2262 case NVME_SC_DATA_TRANSFER_ERROR: 2263 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2264 skey = SSD_KEY_MEDIUM_ERROR; 2265 asc = SCSI_ASC_NO_SENSE; 2266 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2267 break; 2268 case NVME_SC_ABORTED_POWER_LOSS: 2269 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2270 skey = SSD_KEY_ABORTED_COMMAND; 2271 asc = SCSI_ASC_WARNING; 2272 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED; 2273 break; 2274 case NVME_SC_INTERNAL_DEVICE_ERROR: 2275 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2276 skey = SSD_KEY_HARDWARE_ERROR; 2277 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE; 2278 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2279 break; 2280 case NVME_SC_ABORTED_BY_REQUEST: 2281 case NVME_SC_ABORTED_SQ_DELETION: 2282 case NVME_SC_ABORTED_FAILED_FUSED: 2283 case NVME_SC_ABORTED_MISSING_FUSED: 2284 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2285 skey = SSD_KEY_ABORTED_COMMAND; 2286 asc = SCSI_ASC_NO_SENSE; 2287 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2288 break; 2289 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT: 2290 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2291 skey = SSD_KEY_ILLEGAL_REQUEST; 2292 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2293 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2294 break; 2295 case NVME_SC_LBA_OUT_OF_RANGE: 2296 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2297 skey = SSD_KEY_ILLEGAL_REQUEST; 2298 asc = SCSI_ASC_ILLEGAL_BLOCK; 2299 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2300 break; 2301 case NVME_SC_CAPACITY_EXCEEDED: 2302 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2303 skey = SSD_KEY_MEDIUM_ERROR; 2304 asc = SCSI_ASC_NO_SENSE; 2305 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2306 break; 2307 case NVME_SC_NAMESPACE_NOT_READY: 2308 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2309 skey = SSD_KEY_NOT_READY; 2310 asc = SCSI_ASC_LUN_NOT_READY; 2311 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2312 break; 2313 } 2314 break; 2315 case NVME_SCT_COMMAND_SPECIFIC: 2316 switch (sc) { 2317 case NVME_SC_INVALID_FORMAT: 2318 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2319 skey = SSD_KEY_ILLEGAL_REQUEST; 2320 asc = SCSI_ASC_FORMAT_COMMAND_FAILED; 2321 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED; 2322 break; 2323 case NVME_SC_CONFLICTING_ATTRIBUTES: 2324 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2325 skey = SSD_KEY_ILLEGAL_REQUEST; 2326 asc = SCSI_ASC_INVALID_CDB; 2327 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2328 break; 2329 } 2330 break; 2331 case NVME_SCT_MEDIA_ERROR: 2332 switch (sc) { 2333 case NVME_SC_WRITE_FAULTS: 2334 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2335 skey = SSD_KEY_MEDIUM_ERROR; 2336 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT; 2337 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2338 break; 2339 case NVME_SC_UNRECOVERED_READ_ERROR: 2340 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2341 skey = SSD_KEY_MEDIUM_ERROR; 2342 asc = SCSI_ASC_UNRECOVERED_READ_ERROR; 2343 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2344 break; 2345 case NVME_SC_GUARD_CHECK_ERROR: 2346 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2347 skey = SSD_KEY_MEDIUM_ERROR; 2348 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED; 2349 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED; 2350 break; 2351 case NVME_SC_APPLICATION_TAG_CHECK_ERROR: 2352 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2353 skey = SSD_KEY_MEDIUM_ERROR; 2354 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED; 2355 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED; 2356 break; 2357 case NVME_SC_REFERENCE_TAG_CHECK_ERROR: 2358 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2359 skey = SSD_KEY_MEDIUM_ERROR; 2360 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED; 2361 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED; 2362 break; 2363 case NVME_SC_COMPARE_FAILURE: 2364 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2365 skey = SSD_KEY_MISCOMPARE; 2366 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY; 2367 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2368 break; 2369 case NVME_SC_ACCESS_DENIED: 2370 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2371 skey = SSD_KEY_ILLEGAL_REQUEST; 2372 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2373 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2374 break; 2375 } 2376 break; 2377 } 2378 2379 returned_sense_len = sizeof(struct scsi_sense_data); 2380 if (returned_sense_len < ccb->csio.sense_len) 2381 ccb->csio.sense_resid = ccb->csio.sense_len - 2382 returned_sense_len; 2383 else 2384 ccb->csio.sense_resid = 0; 2385 2386 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED, 2387 1, skey, asc, ascq, SSD_ELEM_NONE); 2388 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2389 2390 return status; 2391 } 2392 2393 /** mprsas_complete_nvme_unmap 2394 * 2395 * Complete native NVMe command issued using NVMe Encapsulated 2396 * Request Message. 2397 */ 2398 static u8 2399 mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm) 2400 { 2401 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply; 2402 struct nvme_completion *nvme_completion = NULL; 2403 u8 scsi_status = MPI2_SCSI_STATUS_GOOD; 2404 2405 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply; 2406 if (le16toh(mpi_reply->ErrorResponseCount)){ 2407 nvme_completion = (struct nvme_completion *)cm->cm_sense; 2408 scsi_status = mprsas_nvme_trans_status_code( 2409 nvme_completion->status, cm); 2410 } 2411 return scsi_status; 2412 } 2413 2414 static void 2415 mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2416 { 2417 MPI2_SCSI_IO_REPLY *rep; 2418 union ccb *ccb; 2419 struct ccb_scsiio *csio; 2420 struct mprsas_softc *sassc; 2421 struct scsi_vpd_supported_page_list *vpd_list = NULL; 2422 u8 *TLR_bits, TLR_on, *scsi_cdb; 2423 int dir = 0, i; 2424 u16 alloc_len; 2425 struct mprsas_target *target; 2426 target_id_t target_id; 2427 2428 MPR_FUNCTRACE(sc); 2429 2430 callout_stop(&cm->cm_callout); 2431 mtx_assert(&sc->mpr_mtx, MA_OWNED); 2432 2433 sassc = sc->sassc; 2434 ccb = cm->cm_complete_data; 2435 csio = &ccb->csio; 2436 target_id = csio->ccb_h.target_id; 2437 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 2438 mpr_dprint(sc, MPR_TRACE, 2439 "cm %p SMID %u ccb %p reply %p outstanding %u csio->scsi_status 0x%x," 2440 "csio->dxfer_len 0x%x, csio->msg_le 0x%xn\n", cm, 2441 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 2442 cm->cm_targ->outstanding, csio->scsi_status, 2443 csio->dxfer_len, csio->msg_len); 2444 /* 2445 * XXX KDM if the chain allocation fails, does it matter if we do 2446 * the sync and unload here? It is simpler to do it in every case, 2447 * assuming it doesn't cause problems. 2448 */ 2449 if (cm->cm_data != NULL) { 2450 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN) 2451 dir = BUS_DMASYNC_POSTREAD; 2452 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT) 2453 dir = BUS_DMASYNC_POSTWRITE; 2454 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2455 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2456 } 2457 2458 cm->cm_targ->completed++; 2459 cm->cm_targ->outstanding--; 2460 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2461 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2462 2463 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 2464 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2465 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY, 2466 ("Not busy for CM_FLAGS_TIMEDOUT: %u\n", cm->cm_state)); 2467 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY; 2468 if (cm->cm_reply != NULL) 2469 mprsas_log_command(cm, MPR_RECOVERY, 2470 "completed timedout cm %p ccb %p during recovery " 2471 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb, 2472 le16toh(rep->IOCStatus), rep->SCSIStatus, 2473 rep->SCSIState, le32toh(rep->TransferCount)); 2474 else 2475 mprsas_log_command(cm, MPR_RECOVERY, 2476 "completed timedout cm %p ccb %p during recovery\n", 2477 cm, cm->cm_ccb); 2478 } else if (cm->cm_targ->tm != NULL) { 2479 if (cm->cm_reply != NULL) 2480 mprsas_log_command(cm, MPR_RECOVERY, 2481 "completed cm %p ccb %p during recovery " 2482 "ioc %x scsi %x state %x xfer %u\n", 2483 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2484 rep->SCSIStatus, rep->SCSIState, 2485 le32toh(rep->TransferCount)); 2486 else 2487 mprsas_log_command(cm, MPR_RECOVERY, 2488 "completed cm %p ccb %p during recovery\n", 2489 cm, cm->cm_ccb); 2490 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 2491 mprsas_log_command(cm, MPR_RECOVERY, 2492 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb); 2493 } 2494 2495 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2496 /* 2497 * We ran into an error after we tried to map the command, 2498 * so we're getting a callback without queueing the command 2499 * to the hardware. So we set the status here, and it will 2500 * be retained below. We'll go through the "fast path", 2501 * because there can be no reply when we haven't actually 2502 * gone out to the hardware. 2503 */ 2504 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2505 2506 /* 2507 * Currently the only error included in the mask is 2508 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of 2509 * chain frames. We need to freeze the queue until we get 2510 * a command that completed without this error, which will 2511 * hopefully have some chain frames attached that we can 2512 * use. If we wanted to get smarter about it, we would 2513 * only unfreeze the queue in this condition when we're 2514 * sure that we're getting some chain frames back. That's 2515 * probably unnecessary. 2516 */ 2517 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 2518 xpt_freeze_simq(sassc->sim, 1); 2519 sassc->flags |= MPRSAS_QUEUE_FROZEN; 2520 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2521 "Error sending command, freezing SIM queue\n"); 2522 } 2523 } 2524 2525 /* 2526 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER 2527 * flag, and use it in a few places in the rest of this function for 2528 * convenience. Use the macro if available. 2529 */ 2530 scsi_cdb = scsiio_cdb_ptr(csio); 2531 2532 /* 2533 * If this is a Start Stop Unit command and it was issued by the driver 2534 * during shutdown, decrement the refcount to account for all of the 2535 * commands that were sent. All SSU commands should be completed before 2536 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2537 * is TRUE. 2538 */ 2539 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) { 2540 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n"); 2541 sc->SSU_refcount--; 2542 } 2543 2544 /* Take the fast path to completion */ 2545 if (cm->cm_reply == NULL) { 2546 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2547 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) 2548 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2549 else { 2550 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2551 csio->scsi_status = SCSI_STATUS_OK; 2552 } 2553 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2554 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2555 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2556 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2557 "Unfreezing SIM queue\n"); 2558 } 2559 } 2560 2561 /* 2562 * There are two scenarios where the status won't be 2563 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is 2564 * set, the second is in the MPR_FLAGS_DIAGRESET above. 2565 */ 2566 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2567 /* 2568 * Freeze the dev queue so that commands are 2569 * executed in the correct order after error 2570 * recovery. 2571 */ 2572 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2573 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2574 } 2575 mpr_free_command(sc, cm); 2576 xpt_done(ccb); 2577 return; 2578 } 2579 2580 target = &sassc->targets[target_id]; 2581 if (scsi_cdb[0] == UNMAP && 2582 target->is_nvme && 2583 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 2584 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm); 2585 csio->scsi_status = rep->SCSIStatus; 2586 } 2587 2588 mprsas_log_command(cm, MPR_XINFO, 2589 "ioc %x scsi %x state %x xfer %u\n", 2590 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2591 le32toh(rep->TransferCount)); 2592 2593 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2594 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2595 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2596 /* FALLTHROUGH */ 2597 case MPI2_IOCSTATUS_SUCCESS: 2598 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2599 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2600 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2601 mprsas_log_command(cm, MPR_XINFO, "recovered error\n"); 2602 2603 /* Completion failed at the transport level. */ 2604 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2605 MPI2_SCSI_STATE_TERMINATED)) { 2606 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2607 break; 2608 } 2609 2610 /* In a modern packetized environment, an autosense failure 2611 * implies that there's not much else that can be done to 2612 * recover the command. 2613 */ 2614 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2615 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2616 break; 2617 } 2618 2619 /* 2620 * CAM doesn't care about SAS Response Info data, but if this is 2621 * the state check if TLR should be done. If not, clear the 2622 * TLR_bits for the target. 2623 */ 2624 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2625 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE) 2626 == MPR_SCSI_RI_INVALID_FRAME)) { 2627 sc->mapping_table[target_id].TLR_bits = 2628 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2629 } 2630 2631 /* 2632 * Intentionally override the normal SCSI status reporting 2633 * for these two cases. These are likely to happen in a 2634 * multi-initiator environment, and we want to make sure that 2635 * CAM retries these commands rather than fail them. 2636 */ 2637 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2638 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2639 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2640 break; 2641 } 2642 2643 /* Handle normal status and sense */ 2644 csio->scsi_status = rep->SCSIStatus; 2645 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2646 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2647 else 2648 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2649 2650 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2651 int sense_len, returned_sense_len; 2652 2653 returned_sense_len = min(le32toh(rep->SenseCount), 2654 sizeof(struct scsi_sense_data)); 2655 if (returned_sense_len < csio->sense_len) 2656 csio->sense_resid = csio->sense_len - 2657 returned_sense_len; 2658 else 2659 csio->sense_resid = 0; 2660 2661 sense_len = min(returned_sense_len, 2662 csio->sense_len - csio->sense_resid); 2663 bzero(&csio->sense_data, sizeof(csio->sense_data)); 2664 bcopy(cm->cm_sense, &csio->sense_data, sense_len); 2665 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2666 } 2667 2668 /* 2669 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2670 * and it's page code 0 (Supported Page List), and there is 2671 * inquiry data, and this is for a sequential access device, and 2672 * the device is an SSP target, and TLR is supported by the 2673 * controller, turn the TLR_bits value ON if page 0x90 is 2674 * supported. 2675 */ 2676 if ((scsi_cdb[0] == INQUIRY) && 2677 (scsi_cdb[1] & SI_EVPD) && 2678 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) && 2679 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2680 (csio->data_ptr != NULL) && 2681 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2682 (sc->control_TLR) && 2683 (sc->mapping_table[target_id].device_info & 2684 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2685 vpd_list = (struct scsi_vpd_supported_page_list *) 2686 csio->data_ptr; 2687 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2688 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2689 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2690 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4]; 2691 alloc_len -= csio->resid; 2692 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2693 if (vpd_list->list[i] == 0x90) { 2694 *TLR_bits = TLR_on; 2695 break; 2696 } 2697 } 2698 } 2699 2700 /* 2701 * If this is a SATA direct-access end device, mark it so that 2702 * a SCSI StartStopUnit command will be sent to it when the 2703 * driver is being shutdown. 2704 */ 2705 if ((scsi_cdb[0] == INQUIRY) && 2706 (csio->data_ptr != NULL) && 2707 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2708 (sc->mapping_table[target_id].device_info & 2709 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2710 ((sc->mapping_table[target_id].device_info & 2711 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2712 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2713 target = &sassc->targets[target_id]; 2714 target->supports_SSU = TRUE; 2715 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n", 2716 target_id); 2717 } 2718 break; 2719 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2720 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2721 /* 2722 * If devinfo is 0 this will be a volume. In that case don't 2723 * tell CAM that the volume is not there. We want volumes to 2724 * be enumerated until they are deleted/removed, not just 2725 * failed. 2726 */ 2727 if (cm->cm_targ->devinfo == 0) 2728 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2729 else 2730 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2731 break; 2732 case MPI2_IOCSTATUS_INVALID_SGL: 2733 mpr_print_scsiio_cmd(sc, cm); 2734 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2735 break; 2736 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2737 /* 2738 * This is one of the responses that comes back when an I/O 2739 * has been aborted. If it is because of a timeout that we 2740 * initiated, just set the status to CAM_CMD_TIMEOUT. 2741 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2742 * command is the same (it gets retried, subject to the 2743 * retry counter), the only difference is what gets printed 2744 * on the console. 2745 */ 2746 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT) 2747 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2748 else 2749 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2750 break; 2751 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2752 /* resid is ignored for this condition */ 2753 csio->resid = 0; 2754 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2755 break; 2756 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2757 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2758 /* 2759 * These can sometimes be transient transport-related 2760 * errors, and sometimes persistent drive-related errors. 2761 * We used to retry these without decrementing the retry 2762 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2763 * we hit a persistent drive problem that returns one of 2764 * these error codes, we would retry indefinitely. So, 2765 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2766 * count and avoid infinite retries. We're taking the 2767 * potential risk of flagging false failures in the event 2768 * of a topology-related error (e.g. a SAS expander problem 2769 * causes a command addressed to a drive to fail), but 2770 * avoiding getting into an infinite retry loop. However, 2771 * if we get them while were moving a device, we should 2772 * fail the request as 'not there' because the device 2773 * is effectively gone. 2774 */ 2775 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) 2776 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2777 else 2778 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2779 mpr_dprint(sc, MPR_INFO, 2780 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2781 mpr_describe_table(mpr_iocstatus_string, 2782 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2783 target_id, cm->cm_desc.Default.SMID, 2784 le32toh(rep->IOCLogInfo), 2785 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : ""); 2786 mpr_dprint(sc, MPR_XINFO, 2787 "SCSIStatus %x SCSIState %x xfercount %u\n", 2788 rep->SCSIStatus, rep->SCSIState, 2789 le32toh(rep->TransferCount)); 2790 break; 2791 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2792 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2793 case MPI2_IOCSTATUS_INVALID_VPID: 2794 case MPI2_IOCSTATUS_INVALID_FIELD: 2795 case MPI2_IOCSTATUS_INVALID_STATE: 2796 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2797 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2798 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2799 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2800 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2801 default: 2802 mprsas_log_command(cm, MPR_XINFO, 2803 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2804 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2805 rep->SCSIStatus, rep->SCSIState, 2806 le32toh(rep->TransferCount)); 2807 csio->resid = cm->cm_length; 2808 2809 if (scsi_cdb[0] == UNMAP && 2810 target->is_nvme && 2811 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) 2812 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2813 else 2814 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2815 2816 break; 2817 } 2818 2819 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ); 2820 2821 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2822 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2823 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2824 mpr_dprint(sc, MPR_INFO, "Command completed, unfreezing SIM " 2825 "queue\n"); 2826 } 2827 2828 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2829 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2830 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2831 } 2832 2833 /* 2834 * Check to see if we're removing the device. If so, and this is the 2835 * last command on the queue, proceed with the deferred removal of the 2836 * device. Note, for removing a volume, this won't trigger because 2837 * pending_remove_tm will be NULL. 2838 */ 2839 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) { 2840 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2841 cm->cm_targ->pending_remove_tm != NULL) { 2842 mpr_dprint(sc, MPR_INFO, "Last pending command complete: starting remove_device\n"); 2843 mpr_map_command(sc, cm->cm_targ->pending_remove_tm); 2844 cm->cm_targ->pending_remove_tm = NULL; 2845 } 2846 } 2847 2848 mpr_free_command(sc, cm); 2849 xpt_done(ccb); 2850 } 2851 2852 static void 2853 mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2854 { 2855 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2856 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2857 uint64_t sasaddr; 2858 union ccb *ccb; 2859 2860 ccb = cm->cm_complete_data; 2861 2862 /* 2863 * Currently there should be no way we can hit this case. It only 2864 * happens when we have a failure to allocate chain frames, and SMP 2865 * commands require two S/G elements only. That should be handled 2866 * in the standard request size. 2867 */ 2868 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2869 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP " 2870 "request!\n", __func__, cm->cm_flags); 2871 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2872 goto bailout; 2873 } 2874 2875 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2876 if (rpl == NULL) { 2877 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__); 2878 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2879 goto bailout; 2880 } 2881 2882 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2883 sasaddr = le32toh(req->SASAddress.Low); 2884 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2885 2886 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2887 MPI2_IOCSTATUS_SUCCESS || 2888 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2889 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2890 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2891 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2892 goto bailout; 2893 } 2894 2895 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx " 2896 "completed successfully\n", __func__, (uintmax_t)sasaddr); 2897 2898 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2899 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2900 else 2901 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2902 2903 bailout: 2904 /* 2905 * We sync in both directions because we had DMAs in the S/G list 2906 * in both directions. 2907 */ 2908 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2909 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2910 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2911 mpr_free_command(sc, cm); 2912 xpt_done(ccb); 2913 } 2914 2915 static void 2916 mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2917 { 2918 struct mpr_command *cm; 2919 uint8_t *request, *response; 2920 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2921 struct mpr_softc *sc; 2922 struct sglist *sg; 2923 int error; 2924 2925 sc = sassc->sc; 2926 sg = NULL; 2927 error = 0; 2928 2929 switch (ccb->ccb_h.flags & CAM_DATA_MASK) { 2930 case CAM_DATA_PADDR: 2931 case CAM_DATA_SG_PADDR: 2932 /* 2933 * XXX We don't yet support physical addresses here. 2934 */ 2935 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not " 2936 "supported\n", __func__); 2937 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2938 xpt_done(ccb); 2939 return; 2940 case CAM_DATA_SG: 2941 /* 2942 * The chip does not support more than one buffer for the 2943 * request or response. 2944 */ 2945 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2946 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2947 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or " 2948 "response buffer segments not supported for SMP\n", 2949 __func__); 2950 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2951 xpt_done(ccb); 2952 return; 2953 } 2954 2955 /* 2956 * The CAM_SCATTER_VALID flag was originally implemented 2957 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2958 * We have two. So, just take that flag to mean that we 2959 * might have S/G lists, and look at the S/G segment count 2960 * to figure out whether that is the case for each individual 2961 * buffer. 2962 */ 2963 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2964 bus_dma_segment_t *req_sg; 2965 2966 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2967 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2968 } else 2969 request = ccb->smpio.smp_request; 2970 2971 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2972 bus_dma_segment_t *rsp_sg; 2973 2974 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2975 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2976 } else 2977 response = ccb->smpio.smp_response; 2978 break; 2979 case CAM_DATA_VADDR: 2980 request = ccb->smpio.smp_request; 2981 response = ccb->smpio.smp_response; 2982 break; 2983 default: 2984 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2985 xpt_done(ccb); 2986 return; 2987 } 2988 2989 cm = mpr_alloc_command(sc); 2990 if (cm == NULL) { 2991 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n", 2992 __func__); 2993 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2994 xpt_done(ccb); 2995 return; 2996 } 2997 2998 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2999 bzero(req, sizeof(*req)); 3000 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 3001 3002 /* Allow the chip to use any route to this SAS address. */ 3003 req->PhysicalPort = 0xff; 3004 3005 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 3006 req->SGLFlags = 3007 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 3008 3009 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address " 3010 "%#jx\n", __func__, (uintmax_t)sasaddr); 3011 3012 mpr_init_sge(cm, req, &req->SGL); 3013 3014 /* 3015 * Set up a uio to pass into mpr_map_command(). This allows us to 3016 * do one map command, and one busdma call in there. 3017 */ 3018 cm->cm_uio.uio_iov = cm->cm_iovec; 3019 cm->cm_uio.uio_iovcnt = 2; 3020 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 3021 3022 /* 3023 * The read/write flag isn't used by busdma, but set it just in 3024 * case. This isn't exactly accurate, either, since we're going in 3025 * both directions. 3026 */ 3027 cm->cm_uio.uio_rw = UIO_WRITE; 3028 3029 cm->cm_iovec[0].iov_base = request; 3030 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 3031 cm->cm_iovec[1].iov_base = response; 3032 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 3033 3034 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 3035 cm->cm_iovec[1].iov_len; 3036 3037 /* 3038 * Trigger a warning message in mpr_data_cb() for the user if we 3039 * wind up exceeding two S/G segments. The chip expects one 3040 * segment for the request and another for the response. 3041 */ 3042 cm->cm_max_segs = 2; 3043 3044 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3045 cm->cm_complete = mprsas_smpio_complete; 3046 cm->cm_complete_data = ccb; 3047 3048 /* 3049 * Tell the mapping code that we're using a uio, and that this is 3050 * an SMP passthrough request. There is a little special-case 3051 * logic there (in mpr_data_cb()) to handle the bidirectional 3052 * transfer. 3053 */ 3054 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS | 3055 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT; 3056 3057 /* The chip data format is little endian. */ 3058 req->SASAddress.High = htole32(sasaddr >> 32); 3059 req->SASAddress.Low = htole32(sasaddr); 3060 3061 /* 3062 * XXX Note that we don't have a timeout/abort mechanism here. 3063 * From the manual, it looks like task management requests only 3064 * work for SCSI IO and SATA passthrough requests. We may need to 3065 * have a mechanism to retry requests in the event of a chip reset 3066 * at least. Hopefully the chip will insure that any errors short 3067 * of that are relayed back to the driver. 3068 */ 3069 error = mpr_map_command(sc, cm); 3070 if ((error != 0) && (error != EINPROGRESS)) { 3071 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from " 3072 "mpr_map_command()\n", __func__, error); 3073 goto bailout_error; 3074 } 3075 3076 return; 3077 3078 bailout_error: 3079 mpr_free_command(sc, cm); 3080 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3081 xpt_done(ccb); 3082 return; 3083 } 3084 3085 static void 3086 mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb) 3087 { 3088 struct mpr_softc *sc; 3089 struct mprsas_target *targ; 3090 uint64_t sasaddr = 0; 3091 3092 sc = sassc->sc; 3093 3094 /* 3095 * Make sure the target exists. 3096 */ 3097 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3098 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 3099 targ = &sassc->targets[ccb->ccb_h.target_id]; 3100 if (targ->handle == 0x0) { 3101 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n", 3102 __func__, ccb->ccb_h.target_id); 3103 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 3104 xpt_done(ccb); 3105 return; 3106 } 3107 3108 /* 3109 * If this device has an embedded SMP target, we'll talk to it 3110 * directly. 3111 * figure out what the expander's address is. 3112 */ 3113 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 3114 sasaddr = targ->sasaddr; 3115 3116 /* 3117 * If we don't have a SAS address for the expander yet, try 3118 * grabbing it from the page 0x83 information cached in the 3119 * transport layer for this target. LSI expanders report the 3120 * expander SAS address as the port-associated SAS address in 3121 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 3122 * 0x83. 3123 * 3124 * XXX KDM disable this for now, but leave it commented out so that 3125 * it is obvious that this is another possible way to get the SAS 3126 * address. 3127 * 3128 * The parent handle method below is a little more reliable, and 3129 * the other benefit is that it works for devices other than SES 3130 * devices. So you can send a SMP request to a da(4) device and it 3131 * will get routed to the expander that device is attached to. 3132 * (Assuming the da(4) device doesn't contain an SMP target...) 3133 */ 3134 #if 0 3135 if (sasaddr == 0) 3136 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 3137 #endif 3138 3139 /* 3140 * If we still don't have a SAS address for the expander, look for 3141 * the parent device of this device, which is probably the expander. 3142 */ 3143 if (sasaddr == 0) { 3144 #ifdef OLD_MPR_PROBE 3145 struct mprsas_target *parent_target; 3146 #endif 3147 3148 if (targ->parent_handle == 0x0) { 3149 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3150 "a valid parent handle!\n", __func__, targ->handle); 3151 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3152 goto bailout; 3153 } 3154 #ifdef OLD_MPR_PROBE 3155 parent_target = mprsas_find_target_by_handle(sassc, 0, 3156 targ->parent_handle); 3157 3158 if (parent_target == NULL) { 3159 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3160 "a valid parent target!\n", __func__, targ->handle); 3161 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3162 goto bailout; 3163 } 3164 3165 if ((parent_target->devinfo & 3166 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3167 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3168 "does not have an SMP target!\n", __func__, 3169 targ->handle, parent_target->handle); 3170 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3171 goto bailout; 3172 } 3173 3174 sasaddr = parent_target->sasaddr; 3175 #else /* OLD_MPR_PROBE */ 3176 if ((targ->parent_devinfo & 3177 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3178 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3179 "does not have an SMP target!\n", __func__, 3180 targ->handle, targ->parent_handle); 3181 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3182 goto bailout; 3183 } 3184 if (targ->parent_sasaddr == 0x0) { 3185 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle " 3186 "%d does not have a valid SAS address!\n", __func__, 3187 targ->handle, targ->parent_handle); 3188 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3189 goto bailout; 3190 } 3191 3192 sasaddr = targ->parent_sasaddr; 3193 #endif /* OLD_MPR_PROBE */ 3194 } 3195 3196 if (sasaddr == 0) { 3197 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for " 3198 "handle %d\n", __func__, targ->handle); 3199 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3200 goto bailout; 3201 } 3202 mprsas_send_smpcmd(sassc, ccb, sasaddr); 3203 3204 return; 3205 3206 bailout: 3207 xpt_done(ccb); 3208 3209 } 3210 3211 static void 3212 mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb) 3213 { 3214 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3215 struct mpr_softc *sc; 3216 struct mpr_command *tm; 3217 struct mprsas_target *targ; 3218 3219 MPR_FUNCTRACE(sassc->sc); 3220 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 3221 3222 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of " 3223 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id)); 3224 sc = sassc->sc; 3225 tm = mprsas_alloc_tm(sc); 3226 if (tm == NULL) { 3227 mpr_dprint(sc, MPR_ERROR, "command alloc failure in " 3228 "mprsas_action_resetdev\n"); 3229 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3230 xpt_done(ccb); 3231 return; 3232 } 3233 3234 targ = &sassc->targets[ccb->ccb_h.target_id]; 3235 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3236 req->DevHandle = htole16(targ->handle); 3237 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3238 3239 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 3240 /* SAS Hard Link Reset / SATA Link Reset */ 3241 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3242 } else { 3243 /* PCIe Protocol Level Reset*/ 3244 req->MsgFlags = 3245 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 3246 } 3247 3248 tm->cm_data = NULL; 3249 tm->cm_complete = mprsas_resetdev_complete; 3250 tm->cm_complete_data = ccb; 3251 3252 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 3253 __func__, targ->tid); 3254 tm->cm_targ = targ; 3255 3256 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3257 mpr_map_command(sc, tm); 3258 } 3259 3260 static void 3261 mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm) 3262 { 3263 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3264 union ccb *ccb; 3265 3266 MPR_FUNCTRACE(sc); 3267 mtx_assert(&sc->mpr_mtx, MA_OWNED); 3268 3269 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3270 ccb = tm->cm_complete_data; 3271 3272 /* 3273 * Currently there should be no way we can hit this case. It only 3274 * happens when we have a failure to allocate chain frames, and 3275 * task management commands don't have S/G lists. 3276 */ 3277 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3278 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3279 3280 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3281 3282 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of " 3283 "handle %#04x! This should not happen!\n", __func__, 3284 tm->cm_flags, req->DevHandle); 3285 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3286 goto bailout; 3287 } 3288 3289 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", 3290 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3291 3292 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3293 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 3294 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3295 CAM_LUN_WILDCARD); 3296 } 3297 else 3298 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3299 3300 bailout: 3301 3302 mprsas_free_tm(sc, tm); 3303 xpt_done(ccb); 3304 } 3305 3306 static void 3307 mprsas_poll(struct cam_sim *sim) 3308 { 3309 struct mprsas_softc *sassc; 3310 3311 sassc = cam_sim_softc(sim); 3312 3313 if (sassc->sc->mpr_debug & MPR_TRACE) { 3314 /* frequent debug messages during a panic just slow 3315 * everything down too much. 3316 */ 3317 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n", 3318 __func__); 3319 sassc->sc->mpr_debug &= ~MPR_TRACE; 3320 } 3321 3322 mpr_intr_locked(sassc->sc); 3323 } 3324 3325 static void 3326 mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3327 void *arg) 3328 { 3329 struct mpr_softc *sc; 3330 3331 sc = (struct mpr_softc *)callback_arg; 3332 3333 mpr_lock(sc); 3334 switch (code) { 3335 case AC_ADVINFO_CHANGED: { 3336 struct mprsas_target *target; 3337 struct mprsas_softc *sassc; 3338 struct scsi_read_capacity_data_long rcap_buf; 3339 struct ccb_dev_advinfo cdai; 3340 struct mprsas_lun *lun; 3341 lun_id_t lunid; 3342 int found_lun; 3343 uintptr_t buftype; 3344 3345 buftype = (uintptr_t)arg; 3346 3347 found_lun = 0; 3348 sassc = sc->sassc; 3349 3350 /* 3351 * We're only interested in read capacity data changes. 3352 */ 3353 if (buftype != CDAI_TYPE_RCAPLONG) 3354 break; 3355 3356 /* 3357 * We should have a handle for this, but check to make sure. 3358 */ 3359 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3360 ("Target %d out of bounds in mprsas_async\n", 3361 xpt_path_target_id(path))); 3362 target = &sassc->targets[xpt_path_target_id(path)]; 3363 if (target->handle == 0) 3364 break; 3365 3366 lunid = xpt_path_lun_id(path); 3367 3368 SLIST_FOREACH(lun, &target->luns, lun_link) { 3369 if (lun->lun_id == lunid) { 3370 found_lun = 1; 3371 break; 3372 } 3373 } 3374 3375 if (found_lun == 0) { 3376 lun = malloc(sizeof(struct mprsas_lun), M_MPR, 3377 M_NOWAIT | M_ZERO); 3378 if (lun == NULL) { 3379 mpr_dprint(sc, MPR_ERROR, "Unable to alloc " 3380 "LUN for EEDP support.\n"); 3381 break; 3382 } 3383 lun->lun_id = lunid; 3384 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3385 } 3386 3387 bzero(&rcap_buf, sizeof(rcap_buf)); 3388 bzero(&cdai, sizeof(cdai)); 3389 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3390 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3391 cdai.ccb_h.flags = CAM_DIR_IN; 3392 cdai.buftype = CDAI_TYPE_RCAPLONG; 3393 cdai.flags = CDAI_FLAG_NONE; 3394 cdai.bufsiz = sizeof(rcap_buf); 3395 cdai.buf = (uint8_t *)&rcap_buf; 3396 xpt_action((union ccb *)&cdai); 3397 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3398 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE); 3399 3400 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3401 && (rcap_buf.prot & SRC16_PROT_EN)) { 3402 switch (rcap_buf.prot & SRC16_P_TYPE) { 3403 case SRC16_PTYPE_1: 3404 case SRC16_PTYPE_3: 3405 lun->eedp_formatted = TRUE; 3406 lun->eedp_block_size = 3407 scsi_4btoul(rcap_buf.length); 3408 break; 3409 case SRC16_PTYPE_2: 3410 default: 3411 lun->eedp_formatted = FALSE; 3412 lun->eedp_block_size = 0; 3413 break; 3414 } 3415 } else { 3416 lun->eedp_formatted = FALSE; 3417 lun->eedp_block_size = 0; 3418 } 3419 break; 3420 } 3421 default: 3422 break; 3423 } 3424 mpr_unlock(sc); 3425 } 3426 3427 /* 3428 * Freeze the devq and set the INRESET flag so that no I/O will be sent to 3429 * the target until the reset has completed. The CCB holds the path which 3430 * is used to release the devq. The devq is released and the CCB is freed 3431 * when the TM completes. 3432 * We only need to do this when we're entering reset, not at each time we 3433 * need to send an abort (which will happen if multiple commands timeout 3434 * while we're sending the abort). We do not release the queue for each 3435 * command we complete (just at the end when we free the tm), so freezing 3436 * it each time doesn't make sense. 3437 */ 3438 void 3439 mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm, 3440 struct mprsas_target *target, lun_id_t lun_id) 3441 { 3442 union ccb *ccb; 3443 path_id_t path_id; 3444 3445 ccb = xpt_alloc_ccb_nowait(); 3446 if (ccb) { 3447 path_id = cam_sim_path(sc->sassc->sim); 3448 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3449 target->tid, lun_id) != CAM_REQ_CMP) { 3450 xpt_free_ccb(ccb); 3451 } else { 3452 tm->cm_ccb = ccb; 3453 tm->cm_targ = target; 3454 if ((target->flags & MPRSAS_TARGET_INRESET) == 0) { 3455 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 3456 "%s: Freezing devq for target ID %d\n", 3457 __func__, target->tid); 3458 xpt_freeze_devq(ccb->ccb_h.path, 1); 3459 target->flags |= MPRSAS_TARGET_INRESET; 3460 } 3461 } 3462 } 3463 } 3464 3465 int 3466 mprsas_startup(struct mpr_softc *sc) 3467 { 3468 /* 3469 * Send the port enable message and set the wait_for_port_enable flag. 3470 * This flag helps to keep the simq frozen until all discovery events 3471 * are processed. 3472 */ 3473 sc->wait_for_port_enable = 1; 3474 mprsas_send_portenable(sc); 3475 return (0); 3476 } 3477 3478 static int 3479 mprsas_send_portenable(struct mpr_softc *sc) 3480 { 3481 MPI2_PORT_ENABLE_REQUEST *request; 3482 struct mpr_command *cm; 3483 3484 MPR_FUNCTRACE(sc); 3485 3486 if ((cm = mpr_alloc_command(sc)) == NULL) 3487 return (EBUSY); 3488 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3489 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3490 request->MsgFlags = 0; 3491 request->VP_ID = 0; 3492 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3493 cm->cm_complete = mprsas_portenable_complete; 3494 cm->cm_data = NULL; 3495 cm->cm_sge = NULL; 3496 3497 mpr_map_command(sc, cm); 3498 mpr_dprint(sc, MPR_XINFO, 3499 "mpr_send_portenable finished cm %p req %p complete %p\n", 3500 cm, cm->cm_req, cm->cm_complete); 3501 return (0); 3502 } 3503 3504 static void 3505 mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm) 3506 { 3507 MPI2_PORT_ENABLE_REPLY *reply; 3508 struct mprsas_softc *sassc; 3509 3510 MPR_FUNCTRACE(sc); 3511 sassc = sc->sassc; 3512 3513 /* 3514 * Currently there should be no way we can hit this case. It only 3515 * happens when we have a failure to allocate chain frames, and 3516 * port enable commands don't have S/G lists. 3517 */ 3518 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3519 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! " 3520 "This should not happen!\n", __func__, cm->cm_flags); 3521 } 3522 3523 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3524 if (reply == NULL) 3525 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n"); 3526 else if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 3527 MPI2_IOCSTATUS_SUCCESS) 3528 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n"); 3529 3530 mpr_free_command(sc, cm); 3531 /* 3532 * Done waiting for port enable to complete. Decrement the refcount. 3533 * If refcount is 0, discovery is complete and a rescan of the bus can 3534 * take place. 3535 */ 3536 sc->wait_for_port_enable = 0; 3537 sc->port_enable_complete = 1; 3538 wakeup(&sc->port_enable_complete); 3539 mprsas_startup_decrement(sassc); 3540 } 3541 3542 int 3543 mprsas_check_id(struct mprsas_softc *sassc, int id) 3544 { 3545 struct mpr_softc *sc = sassc->sc; 3546 char *ids; 3547 char *name; 3548 3549 ids = &sc->exclude_ids[0]; 3550 while((name = strsep(&ids, ",")) != NULL) { 3551 if (name[0] == '\0') 3552 continue; 3553 if (strtol(name, NULL, 0) == (long)id) 3554 return (1); 3555 } 3556 3557 return (0); 3558 } 3559 3560 void 3561 mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets) 3562 { 3563 struct mprsas_softc *sassc; 3564 struct mprsas_lun *lun, *lun_tmp; 3565 struct mprsas_target *targ; 3566 int i; 3567 3568 sassc = sc->sassc; 3569 /* 3570 * The number of targets is based on IOC Facts, so free all of 3571 * the allocated LUNs for each target and then the target buffer 3572 * itself. 3573 */ 3574 for (i=0; i< maxtargets; i++) { 3575 targ = &sassc->targets[i]; 3576 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3577 free(lun, M_MPR); 3578 } 3579 } 3580 free(sassc->targets, M_MPR); 3581 3582 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets, 3583 M_MPR, M_WAITOK|M_ZERO); 3584 } 3585