1 /*- 2 * Copyright (c) 2009 Yahoo! Inc. 3 * Copyright (c) 2011-2015 LSI Corp. 4 * Copyright (c) 2013-2016 Avago Technologies 5 * Copyright 2000-2020 Broadcom Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD 30 * 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 /* Communications core for Avago Technologies (LSI) MPT3 */ 37 38 /* TODO Move headers to mprvar */ 39 #include <sys/types.h> 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/kernel.h> 43 #include <sys/selinfo.h> 44 #include <sys/module.h> 45 #include <sys/bus.h> 46 #include <sys/conf.h> 47 #include <sys/bio.h> 48 #include <sys/malloc.h> 49 #include <sys/uio.h> 50 #include <sys/sysctl.h> 51 #include <sys/endian.h> 52 #include <sys/queue.h> 53 #include <sys/kthread.h> 54 #include <sys/taskqueue.h> 55 #include <sys/sbuf.h> 56 57 #include <machine/bus.h> 58 #include <machine/resource.h> 59 #include <sys/rman.h> 60 61 #include <machine/stdarg.h> 62 63 #include <cam/cam.h> 64 #include <cam/cam_ccb.h> 65 #include <cam/cam_debug.h> 66 #include <cam/cam_sim.h> 67 #include <cam/cam_xpt_sim.h> 68 #include <cam/cam_xpt_periph.h> 69 #include <cam/cam_periph.h> 70 #include <cam/scsi/scsi_all.h> 71 #include <cam/scsi/scsi_message.h> 72 #include <cam/scsi/smp_all.h> 73 74 #include <dev/nvme/nvme.h> 75 76 #include <dev/mpr/mpi/mpi2_type.h> 77 #include <dev/mpr/mpi/mpi2.h> 78 #include <dev/mpr/mpi/mpi2_ioc.h> 79 #include <dev/mpr/mpi/mpi2_sas.h> 80 #include <dev/mpr/mpi/mpi2_pci.h> 81 #include <dev/mpr/mpi/mpi2_cnfg.h> 82 #include <dev/mpr/mpi/mpi2_init.h> 83 #include <dev/mpr/mpi/mpi2_tool.h> 84 #include <dev/mpr/mpr_ioctl.h> 85 #include <dev/mpr/mprvar.h> 86 #include <dev/mpr/mpr_table.h> 87 #include <dev/mpr/mpr_sas.h> 88 89 #define MPRSAS_DISCOVERY_TIMEOUT 20 90 #define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 91 92 /* 93 * static array to check SCSI OpCode for EEDP protection bits 94 */ 95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 98 static uint8_t op_code_prot[256] = { 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 115 }; 116 117 MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory"); 118 119 static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *); 120 static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *); 121 static void mprsas_action(struct cam_sim *sim, union ccb *ccb); 122 static void mprsas_poll(struct cam_sim *sim); 123 static void mprsas_scsiio_timeout(void *data); 124 static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm); 125 static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *); 126 static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *); 127 static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *); 128 static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *); 129 static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 130 struct mpr_command *cm); 131 static void mprsas_async(void *callback_arg, uint32_t code, 132 struct cam_path *path, void *arg); 133 static int mprsas_send_portenable(struct mpr_softc *sc); 134 static void mprsas_portenable_complete(struct mpr_softc *sc, 135 struct mpr_command *cm); 136 137 static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm); 138 static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, 139 uint64_t sasaddr); 140 static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb); 141 142 struct mprsas_target * 143 mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start, 144 uint16_t handle) 145 { 146 struct mprsas_target *target; 147 int i; 148 149 for (i = start; i < sassc->maxtargets; i++) { 150 target = &sassc->targets[i]; 151 if (target->handle == handle) 152 return (target); 153 } 154 155 return (NULL); 156 } 157 158 /* we need to freeze the simq during attach and diag reset, to avoid failing 159 * commands before device handles have been found by discovery. Since 160 * discovery involves reading config pages and possibly sending commands, 161 * discovery actions may continue even after we receive the end of discovery 162 * event, so refcount discovery actions instead of assuming we can unfreeze 163 * the simq when we get the event. 164 */ 165 void 166 mprsas_startup_increment(struct mprsas_softc *sassc) 167 { 168 MPR_FUNCTRACE(sassc->sc); 169 170 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 171 if (sassc->startup_refcount++ == 0) { 172 /* just starting, freeze the simq */ 173 mpr_dprint(sassc->sc, MPR_INIT, 174 "%s freezing simq\n", __func__); 175 xpt_hold_boot(); 176 xpt_freeze_simq(sassc->sim, 1); 177 } 178 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 179 sassc->startup_refcount); 180 } 181 } 182 183 void 184 mprsas_release_simq_reinit(struct mprsas_softc *sassc) 185 { 186 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 187 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 188 xpt_release_simq(sassc->sim, 1); 189 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n"); 190 } 191 } 192 193 void 194 mprsas_startup_decrement(struct mprsas_softc *sassc) 195 { 196 MPR_FUNCTRACE(sassc->sc); 197 198 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 199 if (--sassc->startup_refcount == 0) { 200 /* finished all discovery-related actions, release 201 * the simq and rescan for the latest topology. 202 */ 203 mpr_dprint(sassc->sc, MPR_INIT, 204 "%s releasing simq\n", __func__); 205 sassc->flags &= ~MPRSAS_IN_STARTUP; 206 xpt_release_simq(sassc->sim, 1); 207 xpt_release_boot(); 208 } 209 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 210 sassc->startup_refcount); 211 } 212 } 213 214 /* 215 * The firmware requires us to stop sending commands when we're doing task 216 * management. 217 * use. 218 * XXX The logic for serializing the device has been made lazy and moved to 219 * mprsas_prepare_for_tm(). 220 */ 221 struct mpr_command * 222 mprsas_alloc_tm(struct mpr_softc *sc) 223 { 224 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 225 struct mpr_command *tm; 226 227 MPR_FUNCTRACE(sc); 228 tm = mpr_alloc_high_priority_command(sc); 229 if (tm == NULL) 230 return (NULL); 231 232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 233 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 234 return tm; 235 } 236 237 void 238 mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm) 239 { 240 241 MPR_FUNCTRACE(sc); 242 if (tm == NULL) 243 return; 244 245 /* 246 * For TM's the devq is frozen for the device. Unfreeze it here and 247 * free the resources used for freezing the devq. Must clear the 248 * INRESET flag as well or scsi I/O will not work. 249 */ 250 if (tm->cm_ccb) { 251 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 252 "Unfreezing devq for target ID %d\n", 253 tm->cm_targ->tid); 254 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET; 255 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 256 xpt_free_path(tm->cm_ccb->ccb_h.path); 257 xpt_free_ccb(tm->cm_ccb); 258 } 259 260 mpr_free_high_priority_command(sc, tm); 261 } 262 263 void 264 mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ) 265 { 266 struct mprsas_softc *sassc = sc->sassc; 267 path_id_t pathid; 268 target_id_t targetid; 269 union ccb *ccb; 270 271 MPR_FUNCTRACE(sc); 272 pathid = cam_sim_path(sassc->sim); 273 if (targ == NULL) 274 targetid = CAM_TARGET_WILDCARD; 275 else 276 targetid = targ - sassc->targets; 277 278 /* 279 * Allocate a CCB and schedule a rescan. 280 */ 281 ccb = xpt_alloc_ccb_nowait(); 282 if (ccb == NULL) { 283 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n"); 284 return; 285 } 286 287 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid, 288 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 289 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n"); 290 xpt_free_ccb(ccb); 291 return; 292 } 293 294 if (targetid == CAM_TARGET_WILDCARD) 295 ccb->ccb_h.func_code = XPT_SCAN_BUS; 296 else 297 ccb->ccb_h.func_code = XPT_SCAN_TGT; 298 299 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid); 300 xpt_rescan(ccb); 301 } 302 303 static void 304 mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...) 305 { 306 struct sbuf sb; 307 va_list ap; 308 char str[224]; 309 char path_str[64]; 310 311 if (cm == NULL) 312 return; 313 314 /* No need to be in here if debugging isn't enabled */ 315 if ((cm->cm_sc->mpr_debug & level) == 0) 316 return; 317 318 sbuf_new(&sb, str, sizeof(str), 0); 319 320 va_start(ap, fmt); 321 322 if (cm->cm_ccb != NULL) { 323 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 324 sizeof(path_str)); 325 sbuf_cat(&sb, path_str); 326 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 327 scsi_command_string(&cm->cm_ccb->csio, &sb); 328 sbuf_printf(&sb, "length %d ", 329 cm->cm_ccb->csio.dxfer_len); 330 } 331 } else { 332 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 333 cam_sim_name(cm->cm_sc->sassc->sim), 334 cam_sim_unit(cm->cm_sc->sassc->sim), 335 cam_sim_bus(cm->cm_sc->sassc->sim), 336 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 337 cm->cm_lun); 338 } 339 340 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 341 sbuf_vprintf(&sb, fmt, ap); 342 sbuf_finish(&sb); 343 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 344 345 va_end(ap); 346 } 347 348 static void 349 mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm) 350 { 351 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 352 struct mprsas_target *targ; 353 uint16_t handle; 354 355 MPR_FUNCTRACE(sc); 356 357 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 358 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 359 targ = tm->cm_targ; 360 361 if (reply == NULL) { 362 /* XXX retry the remove after the diag reset completes? */ 363 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 364 "0x%04x\n", __func__, handle); 365 mprsas_free_tm(sc, tm); 366 return; 367 } 368 369 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 370 MPI2_IOCSTATUS_SUCCESS) { 371 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 372 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 373 } 374 375 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 376 le32toh(reply->TerminationCount)); 377 mpr_free_reply(sc, tm->cm_reply_data); 378 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 379 380 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n", 381 targ->tid, handle); 382 383 /* 384 * Don't clear target if remove fails because things will get confusing. 385 * Leave the devname and sasaddr intact so that we know to avoid reusing 386 * this target id if possible, and so we can assign the same target id 387 * to this device if it comes back in the future. 388 */ 389 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 390 MPI2_IOCSTATUS_SUCCESS) { 391 targ = tm->cm_targ; 392 targ->handle = 0x0; 393 targ->encl_handle = 0x0; 394 targ->encl_level_valid = 0x0; 395 targ->encl_level = 0x0; 396 targ->connector_name[0] = ' '; 397 targ->connector_name[1] = ' '; 398 targ->connector_name[2] = ' '; 399 targ->connector_name[3] = ' '; 400 targ->encl_slot = 0x0; 401 targ->exp_dev_handle = 0x0; 402 targ->phy_num = 0x0; 403 targ->linkrate = 0x0; 404 targ->devinfo = 0x0; 405 targ->flags = 0x0; 406 targ->scsi_req_desc_type = 0; 407 } 408 409 mprsas_free_tm(sc, tm); 410 } 411 412 /* 413 * Retry mprsas_prepare_remove() if some previous attempt failed to allocate 414 * high priority command due to limit reached. 415 */ 416 void 417 mprsas_prepare_remove_retry(struct mprsas_softc *sassc) 418 { 419 struct mprsas_target *target; 420 int i; 421 422 if ((sassc->flags & MPRSAS_TOREMOVE) == 0) 423 return; 424 425 for (i = 0; i < sassc->maxtargets; i++) { 426 target = &sassc->targets[i]; 427 if ((target->flags & MPRSAS_TARGET_TOREMOVE) == 0) 428 continue; 429 if (TAILQ_EMPTY(&sassc->sc->high_priority_req_list)) 430 return; 431 target->flags &= ~MPRSAS_TARGET_TOREMOVE; 432 if (target->flags & MPR_TARGET_FLAGS_VOLUME) 433 mprsas_prepare_volume_remove(sassc, target->handle); 434 else 435 mprsas_prepare_remove(sassc, target->handle); 436 } 437 sassc->flags &= ~MPRSAS_TOREMOVE; 438 } 439 440 /* 441 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 442 * Otherwise Volume Delete is same as Bare Drive Removal. 443 */ 444 void 445 mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle) 446 { 447 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 448 struct mpr_softc *sc; 449 struct mpr_command *cm; 450 struct mprsas_target *targ = NULL; 451 452 MPR_FUNCTRACE(sassc->sc); 453 sc = sassc->sc; 454 455 targ = mprsas_find_target_by_handle(sassc, 0, handle); 456 if (targ == NULL) { 457 /* FIXME: what is the action? */ 458 /* We don't know about this device? */ 459 mpr_dprint(sc, MPR_ERROR, 460 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 461 return; 462 } 463 464 targ->flags |= MPRSAS_TARGET_INREMOVAL; 465 466 cm = mprsas_alloc_tm(sc); 467 if (cm == NULL) { 468 targ->flags |= MPRSAS_TARGET_TOREMOVE; 469 sassc->flags |= MPRSAS_TOREMOVE; 470 return; 471 } 472 473 mprsas_rescan_target(sc, targ); 474 475 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 476 req->DevHandle = targ->handle; 477 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 478 479 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 480 /* SAS Hard Link Reset / SATA Link Reset */ 481 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 482 } else { 483 /* PCIe Protocol Level Reset*/ 484 req->MsgFlags = 485 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 486 } 487 488 cm->cm_targ = targ; 489 cm->cm_data = NULL; 490 cm->cm_complete = mprsas_remove_volume; 491 cm->cm_complete_data = (void *)(uintptr_t)handle; 492 493 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 494 __func__, targ->tid); 495 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 496 497 mpr_map_command(sc, cm); 498 } 499 500 /* 501 * The firmware performs debounce on the link to avoid transient link errors 502 * and false removals. When it does decide that link has been lost and a 503 * device needs to go away, it expects that the host will perform a target reset 504 * and then an op remove. The reset has the side-effect of aborting any 505 * outstanding requests for the device, which is required for the op-remove to 506 * succeed. It's not clear if the host should check for the device coming back 507 * alive after the reset. 508 */ 509 void 510 mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle) 511 { 512 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 513 struct mpr_softc *sc; 514 struct mpr_command *tm; 515 struct mprsas_target *targ = NULL; 516 517 MPR_FUNCTRACE(sassc->sc); 518 519 sc = sassc->sc; 520 521 targ = mprsas_find_target_by_handle(sassc, 0, handle); 522 if (targ == NULL) { 523 /* FIXME: what is the action? */ 524 /* We don't know about this device? */ 525 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n", 526 __func__, handle); 527 return; 528 } 529 530 targ->flags |= MPRSAS_TARGET_INREMOVAL; 531 532 tm = mprsas_alloc_tm(sc); 533 if (tm == NULL) { 534 targ->flags |= MPRSAS_TARGET_TOREMOVE; 535 sassc->flags |= MPRSAS_TOREMOVE; 536 return; 537 } 538 539 mprsas_rescan_target(sc, targ); 540 541 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 542 req->DevHandle = htole16(targ->handle); 543 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 544 545 /* SAS Hard Link Reset / SATA Link Reset */ 546 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 547 548 tm->cm_targ = targ; 549 tm->cm_data = NULL; 550 tm->cm_complete = mprsas_remove_device; 551 tm->cm_complete_data = (void *)(uintptr_t)handle; 552 553 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 554 __func__, targ->tid); 555 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 556 557 mpr_map_command(sc, tm); 558 } 559 560 static void 561 mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm) 562 { 563 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 564 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 565 struct mprsas_target *targ; 566 uint16_t handle; 567 568 MPR_FUNCTRACE(sc); 569 570 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 571 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 572 targ = tm->cm_targ; 573 574 /* 575 * Currently there should be no way we can hit this case. It only 576 * happens when we have a failure to allocate chain frames, and 577 * task management commands don't have S/G lists. 578 */ 579 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 580 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of " 581 "handle %#04x! This should not happen!\n", __func__, 582 tm->cm_flags, handle); 583 } 584 585 if (reply == NULL) { 586 /* XXX retry the remove after the diag reset completes? */ 587 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 588 "0x%04x\n", __func__, handle); 589 mprsas_free_tm(sc, tm); 590 return; 591 } 592 593 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 594 MPI2_IOCSTATUS_SUCCESS) { 595 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 596 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 597 } 598 599 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 600 le32toh(reply->TerminationCount)); 601 mpr_free_reply(sc, tm->cm_reply_data); 602 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 603 604 /* Reuse the existing command */ 605 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 606 memset(req, 0, sizeof(*req)); 607 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 608 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 609 req->DevHandle = htole16(handle); 610 tm->cm_data = NULL; 611 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 612 tm->cm_complete = mprsas_remove_complete; 613 tm->cm_complete_data = (void *)(uintptr_t)handle; 614 615 /* 616 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 617 * They should be aborted or time out and we'll kick thus off there 618 * if so. 619 */ 620 if (TAILQ_FIRST(&targ->commands) == NULL) { 621 mpr_dprint(sc, MPR_INFO, "No pending commands: starting remove_device\n"); 622 mpr_map_command(sc, tm); 623 targ->pending_remove_tm = NULL; 624 } else { 625 targ->pending_remove_tm = tm; 626 } 627 628 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n", 629 targ->tid, handle); 630 if (targ->encl_level_valid) { 631 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, " 632 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 633 targ->connector_name); 634 } 635 } 636 637 static void 638 mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm) 639 { 640 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 641 uint16_t handle; 642 struct mprsas_target *targ; 643 struct mprsas_lun *lun; 644 645 MPR_FUNCTRACE(sc); 646 647 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 648 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 649 650 targ = tm->cm_targ; 651 652 /* 653 * At this point, we should have no pending commands for the target. 654 * The remove target has just completed. 655 */ 656 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 657 ("%s: no commands should be pending\n", __func__)); 658 659 /* 660 * Currently there should be no way we can hit this case. It only 661 * happens when we have a failure to allocate chain frames, and 662 * task management commands don't have S/G lists. 663 */ 664 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 665 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of " 666 "handle %#04x! This should not happen!\n", __func__, 667 tm->cm_flags, handle); 668 mprsas_free_tm(sc, tm); 669 return; 670 } 671 672 if (reply == NULL) { 673 /* most likely a chip reset */ 674 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device " 675 "0x%04x\n", __func__, handle); 676 mprsas_free_tm(sc, tm); 677 return; 678 } 679 680 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n", 681 __func__, handle, le16toh(reply->IOCStatus)); 682 683 /* 684 * Don't clear target if remove fails because things will get confusing. 685 * Leave the devname and sasaddr intact so that we know to avoid reusing 686 * this target id if possible, and so we can assign the same target id 687 * to this device if it comes back in the future. 688 */ 689 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 690 MPI2_IOCSTATUS_SUCCESS) { 691 targ->handle = 0x0; 692 targ->encl_handle = 0x0; 693 targ->encl_level_valid = 0x0; 694 targ->encl_level = 0x0; 695 targ->connector_name[0] = ' '; 696 targ->connector_name[1] = ' '; 697 targ->connector_name[2] = ' '; 698 targ->connector_name[3] = ' '; 699 targ->encl_slot = 0x0; 700 targ->exp_dev_handle = 0x0; 701 targ->phy_num = 0x0; 702 targ->linkrate = 0x0; 703 targ->devinfo = 0x0; 704 targ->flags = 0x0; 705 targ->scsi_req_desc_type = 0; 706 707 while (!SLIST_EMPTY(&targ->luns)) { 708 lun = SLIST_FIRST(&targ->luns); 709 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 710 free(lun, M_MPR); 711 } 712 } 713 714 mprsas_free_tm(sc, tm); 715 } 716 717 static int 718 mprsas_register_events(struct mpr_softc *sc) 719 { 720 uint8_t events[16]; 721 722 bzero(events, 16); 723 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 724 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 725 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 726 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 727 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 728 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 729 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 730 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 731 setbit(events, MPI2_EVENT_IR_VOLUME); 732 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 733 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 734 setbit(events, MPI2_EVENT_TEMP_THRESHOLD); 735 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR); 736 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) { 737 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION); 738 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 739 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE); 740 setbit(events, MPI2_EVENT_PCIE_ENUMERATION); 741 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST); 742 } 743 } 744 745 mpr_register_events(sc, events, mprsas_evt_handler, NULL, 746 &sc->sassc->mprsas_eh); 747 748 return (0); 749 } 750 751 int 752 mpr_attach_sas(struct mpr_softc *sc) 753 { 754 struct mprsas_softc *sassc; 755 cam_status status; 756 int unit, error = 0, reqs; 757 758 MPR_FUNCTRACE(sc); 759 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__); 760 761 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO); 762 763 /* 764 * XXX MaxTargets could change during a reinit. Since we don't 765 * resize the targets[] array during such an event, cache the value 766 * of MaxTargets here so that we don't get into trouble later. This 767 * should move into the reinit logic. 768 */ 769 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 770 sassc->targets = malloc(sizeof(struct mprsas_target) * 771 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO); 772 sc->sassc = sassc; 773 sassc->sc = sc; 774 775 reqs = sc->num_reqs - sc->num_prireqs - 1; 776 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 777 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n"); 778 error = ENOMEM; 779 goto out; 780 } 781 782 unit = device_get_unit(sc->mpr_dev); 783 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc, 784 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq); 785 if (sassc->sim == NULL) { 786 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n"); 787 error = EINVAL; 788 goto out; 789 } 790 791 TAILQ_INIT(&sassc->ev_queue); 792 793 /* Initialize taskqueue for Event Handling */ 794 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc); 795 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO, 796 taskqueue_thread_enqueue, &sassc->ev_tq); 797 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 798 device_get_nameunit(sc->mpr_dev)); 799 800 mpr_lock(sc); 801 802 /* 803 * XXX There should be a bus for every port on the adapter, but since 804 * we're just going to fake the topology for now, we'll pretend that 805 * everything is just a target on a single bus. 806 */ 807 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) { 808 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 809 "Error %d registering SCSI bus\n", error); 810 mpr_unlock(sc); 811 goto out; 812 } 813 814 /* 815 * Assume that discovery events will start right away. 816 * 817 * Hold off boot until discovery is complete. 818 */ 819 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY; 820 sc->sassc->startup_refcount = 0; 821 mprsas_startup_increment(sassc); 822 823 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/); 824 825 mpr_unlock(sc); 826 827 /* 828 * Register for async events so we can determine the EEDP 829 * capabilities of devices. 830 */ 831 status = xpt_create_path(&sassc->path, /*periph*/NULL, 832 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 833 CAM_LUN_WILDCARD); 834 if (status != CAM_REQ_CMP) { 835 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 836 "Error %#x creating sim path\n", status); 837 sassc->path = NULL; 838 } else { 839 int event; 840 841 event = AC_ADVINFO_CHANGED; 842 status = xpt_register_async(event, mprsas_async, sc, 843 sassc->path); 844 845 if (status != CAM_REQ_CMP) { 846 mpr_dprint(sc, MPR_ERROR, 847 "Error %#x registering async handler for " 848 "AC_ADVINFO_CHANGED events\n", status); 849 xpt_free_path(sassc->path); 850 sassc->path = NULL; 851 } 852 } 853 if (status != CAM_REQ_CMP) { 854 /* 855 * EEDP use is the exception, not the rule. 856 * Warn the user, but do not fail to attach. 857 */ 858 mpr_printf(sc, "EEDP capabilities disabled.\n"); 859 } 860 861 mprsas_register_events(sc); 862 out: 863 if (error) 864 mpr_detach_sas(sc); 865 866 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error); 867 return (error); 868 } 869 870 int 871 mpr_detach_sas(struct mpr_softc *sc) 872 { 873 struct mprsas_softc *sassc; 874 struct mprsas_lun *lun, *lun_tmp; 875 struct mprsas_target *targ; 876 int i; 877 878 MPR_FUNCTRACE(sc); 879 880 if (sc->sassc == NULL) 881 return (0); 882 883 sassc = sc->sassc; 884 mpr_deregister_events(sc, sassc->mprsas_eh); 885 886 /* 887 * Drain and free the event handling taskqueue with the lock 888 * unheld so that any parallel processing tasks drain properly 889 * without deadlocking. 890 */ 891 if (sassc->ev_tq != NULL) 892 taskqueue_free(sassc->ev_tq); 893 894 /* Deregister our async handler */ 895 if (sassc->path != NULL) { 896 xpt_register_async(0, mprsas_async, sc, sassc->path); 897 xpt_free_path(sassc->path); 898 sassc->path = NULL; 899 } 900 901 /* Make sure CAM doesn't wedge if we had to bail out early. */ 902 mpr_lock(sc); 903 904 while (sassc->startup_refcount != 0) 905 mprsas_startup_decrement(sassc); 906 907 if (sassc->flags & MPRSAS_IN_STARTUP) 908 xpt_release_simq(sassc->sim, 1); 909 910 if (sassc->sim != NULL) { 911 xpt_bus_deregister(cam_sim_path(sassc->sim)); 912 cam_sim_free(sassc->sim, FALSE); 913 } 914 915 mpr_unlock(sc); 916 917 if (sassc->devq != NULL) 918 cam_simq_free(sassc->devq); 919 920 for (i = 0; i < sassc->maxtargets; i++) { 921 targ = &sassc->targets[i]; 922 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 923 free(lun, M_MPR); 924 } 925 } 926 free(sassc->targets, M_MPR); 927 free(sassc, M_MPR); 928 sc->sassc = NULL; 929 930 return (0); 931 } 932 933 void 934 mprsas_discovery_end(struct mprsas_softc *sassc) 935 { 936 struct mpr_softc *sc = sassc->sc; 937 938 MPR_FUNCTRACE(sc); 939 940 if (sassc->flags & MPRSAS_DISCOVERY_TIMEOUT_PENDING) 941 callout_stop(&sassc->discovery_callout); 942 943 /* 944 * After discovery has completed, check the mapping table for any 945 * missing devices and update their missing counts. Only do this once 946 * whenever the driver is initialized so that missing counts aren't 947 * updated unnecessarily. Note that just because discovery has 948 * completed doesn't mean that events have been processed yet. The 949 * check_devices function is a callout timer that checks if ALL devices 950 * are missing. If so, it will wait a little longer for events to 951 * complete and keep resetting itself until some device in the mapping 952 * table is not missing, meaning that event processing has started. 953 */ 954 if (sc->track_mapping_events) { 955 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has " 956 "completed. Check for missing devices in the mapping " 957 "table.\n"); 958 callout_reset(&sc->device_check_callout, 959 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices, 960 sc); 961 } 962 } 963 964 static void 965 mprsas_action(struct cam_sim *sim, union ccb *ccb) 966 { 967 struct mprsas_softc *sassc; 968 969 sassc = cam_sim_softc(sim); 970 971 MPR_FUNCTRACE(sassc->sc); 972 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n", 973 ccb->ccb_h.func_code); 974 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 975 976 switch (ccb->ccb_h.func_code) { 977 case XPT_PATH_INQ: 978 { 979 struct ccb_pathinq *cpi = &ccb->cpi; 980 struct mpr_softc *sc = sassc->sc; 981 982 cpi->version_num = 1; 983 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 984 cpi->target_sprt = 0; 985 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 986 cpi->hba_eng_cnt = 0; 987 cpi->max_target = sassc->maxtargets - 1; 988 cpi->max_lun = 255; 989 990 /* 991 * initiator_id is set here to an ID outside the set of valid 992 * target IDs (including volumes). 993 */ 994 cpi->initiator_id = sassc->maxtargets; 995 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 996 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 997 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 998 cpi->unit_number = cam_sim_unit(sim); 999 cpi->bus_id = cam_sim_bus(sim); 1000 /* 1001 * XXXSLM-I think this needs to change based on config page or 1002 * something instead of hardcoded to 150000. 1003 */ 1004 cpi->base_transfer_speed = 150000; 1005 cpi->transport = XPORT_SAS; 1006 cpi->transport_version = 0; 1007 cpi->protocol = PROTO_SCSI; 1008 cpi->protocol_version = SCSI_REV_SPC; 1009 cpi->maxio = sc->maxio; 1010 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1011 break; 1012 } 1013 case XPT_GET_TRAN_SETTINGS: 1014 { 1015 struct ccb_trans_settings *cts; 1016 struct ccb_trans_settings_sas *sas; 1017 struct ccb_trans_settings_scsi *scsi; 1018 struct mprsas_target *targ; 1019 1020 cts = &ccb->cts; 1021 sas = &cts->xport_specific.sas; 1022 scsi = &cts->proto_specific.scsi; 1023 1024 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 1025 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n", 1026 cts->ccb_h.target_id)); 1027 targ = &sassc->targets[cts->ccb_h.target_id]; 1028 if (targ->handle == 0x0) { 1029 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1030 break; 1031 } 1032 1033 cts->protocol_version = SCSI_REV_SPC2; 1034 cts->transport = XPORT_SAS; 1035 cts->transport_version = 0; 1036 1037 sas->valid = CTS_SAS_VALID_SPEED; 1038 switch (targ->linkrate) { 1039 case 0x08: 1040 sas->bitrate = 150000; 1041 break; 1042 case 0x09: 1043 sas->bitrate = 300000; 1044 break; 1045 case 0x0a: 1046 sas->bitrate = 600000; 1047 break; 1048 case 0x0b: 1049 sas->bitrate = 1200000; 1050 break; 1051 default: 1052 sas->valid = 0; 1053 } 1054 1055 cts->protocol = PROTO_SCSI; 1056 scsi->valid = CTS_SCSI_VALID_TQ; 1057 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1058 1059 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1060 break; 1061 } 1062 case XPT_CALC_GEOMETRY: 1063 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1064 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1065 break; 1066 case XPT_RESET_DEV: 1067 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action " 1068 "XPT_RESET_DEV\n"); 1069 mprsas_action_resetdev(sassc, ccb); 1070 return; 1071 case XPT_RESET_BUS: 1072 case XPT_ABORT: 1073 case XPT_TERM_IO: 1074 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success " 1075 "for abort or reset\n"); 1076 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1077 break; 1078 case XPT_SCSI_IO: 1079 mprsas_action_scsiio(sassc, ccb); 1080 return; 1081 case XPT_SMP_IO: 1082 mprsas_action_smpio(sassc, ccb); 1083 return; 1084 default: 1085 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1086 break; 1087 } 1088 xpt_done(ccb); 1089 1090 } 1091 1092 static void 1093 mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code, 1094 target_id_t target_id, lun_id_t lun_id) 1095 { 1096 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1097 struct cam_path *path; 1098 1099 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__, 1100 ac_code, target_id, (uintmax_t)lun_id); 1101 1102 if (xpt_create_path(&path, NULL, 1103 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1104 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset " 1105 "notification\n"); 1106 return; 1107 } 1108 1109 xpt_async(ac_code, path, NULL); 1110 xpt_free_path(path); 1111 } 1112 1113 static void 1114 mprsas_complete_all_commands(struct mpr_softc *sc) 1115 { 1116 struct mpr_command *cm; 1117 int i; 1118 int completed; 1119 1120 MPR_FUNCTRACE(sc); 1121 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1122 1123 /* complete all commands with a NULL reply */ 1124 for (i = 1; i < sc->num_reqs; i++) { 1125 cm = &sc->commands[i]; 1126 if (cm->cm_state == MPR_CM_STATE_FREE) 1127 continue; 1128 1129 cm->cm_state = MPR_CM_STATE_BUSY; 1130 cm->cm_reply = NULL; 1131 completed = 0; 1132 1133 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) { 1134 MPASS(cm->cm_data); 1135 free(cm->cm_data, M_MPR); 1136 cm->cm_data = NULL; 1137 } 1138 1139 if (cm->cm_flags & MPR_CM_FLAGS_POLLED) 1140 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE; 1141 1142 if (cm->cm_complete != NULL) { 1143 mprsas_log_command(cm, MPR_RECOVERY, 1144 "completing cm %p state %x ccb %p for diag reset\n", 1145 cm, cm->cm_state, cm->cm_ccb); 1146 cm->cm_complete(sc, cm); 1147 completed = 1; 1148 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) { 1149 mprsas_log_command(cm, MPR_RECOVERY, 1150 "waking up cm %p state %x ccb %p for diag reset\n", 1151 cm, cm->cm_state, cm->cm_ccb); 1152 wakeup(cm); 1153 completed = 1; 1154 } 1155 1156 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) { 1157 /* this should never happen, but if it does, log */ 1158 mprsas_log_command(cm, MPR_RECOVERY, 1159 "cm %p state %x flags 0x%x ccb %p during diag " 1160 "reset\n", cm, cm->cm_state, cm->cm_flags, 1161 cm->cm_ccb); 1162 } 1163 } 1164 1165 sc->io_cmds_active = 0; 1166 } 1167 1168 void 1169 mprsas_handle_reinit(struct mpr_softc *sc) 1170 { 1171 int i; 1172 1173 /* Go back into startup mode and freeze the simq, so that CAM 1174 * doesn't send any commands until after we've rediscovered all 1175 * targets and found the proper device handles for them. 1176 * 1177 * After the reset, portenable will trigger discovery, and after all 1178 * discovery-related activities have finished, the simq will be 1179 * released. 1180 */ 1181 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__); 1182 sc->sassc->flags |= MPRSAS_IN_STARTUP; 1183 sc->sassc->flags |= MPRSAS_IN_DISCOVERY; 1184 mprsas_startup_increment(sc->sassc); 1185 1186 /* notify CAM of a bus reset */ 1187 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1188 CAM_LUN_WILDCARD); 1189 1190 /* complete and cleanup after all outstanding commands */ 1191 mprsas_complete_all_commands(sc); 1192 1193 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n", 1194 __func__, sc->sassc->startup_refcount); 1195 1196 /* zero all the target handles, since they may change after the 1197 * reset, and we have to rediscover all the targets and use the new 1198 * handles. 1199 */ 1200 for (i = 0; i < sc->sassc->maxtargets; i++) { 1201 if (sc->sassc->targets[i].outstanding != 0) 1202 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n", 1203 i, sc->sassc->targets[i].outstanding); 1204 sc->sassc->targets[i].handle = 0x0; 1205 sc->sassc->targets[i].exp_dev_handle = 0x0; 1206 sc->sassc->targets[i].outstanding = 0; 1207 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET; 1208 } 1209 } 1210 static void 1211 mprsas_tm_timeout(void *data) 1212 { 1213 struct mpr_command *tm = data; 1214 struct mpr_softc *sc = tm->cm_sc; 1215 1216 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1217 1218 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed " 1219 "out\n", tm); 1220 1221 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE, 1222 ("command not inqueue, state = %u\n", tm->cm_state)); 1223 1224 tm->cm_state = MPR_CM_STATE_BUSY; 1225 mpr_reinit(sc); 1226 } 1227 1228 static void 1229 mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1230 { 1231 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1232 unsigned int cm_count = 0; 1233 struct mpr_command *cm; 1234 struct mprsas_target *targ; 1235 1236 callout_stop(&tm->cm_callout); 1237 1238 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1239 targ = tm->cm_targ; 1240 1241 /* 1242 * Currently there should be no way we can hit this case. It only 1243 * happens when we have a failure to allocate chain frames, and 1244 * task management commands don't have S/G lists. 1245 */ 1246 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1247 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1248 "%s: cm_flags = %#x for LUN reset! " 1249 "This should not happen!\n", __func__, tm->cm_flags); 1250 mprsas_free_tm(sc, tm); 1251 return; 1252 } 1253 1254 if (reply == NULL) { 1255 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n", 1256 tm); 1257 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1258 /* this completion was due to a reset, just cleanup */ 1259 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1260 "reset, ignoring NULL LUN reset reply\n"); 1261 targ->tm = NULL; 1262 mprsas_free_tm(sc, tm); 1263 } 1264 else { 1265 /* we should have gotten a reply. */ 1266 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1267 "LUN reset attempt, resetting controller\n"); 1268 mpr_reinit(sc); 1269 } 1270 return; 1271 } 1272 1273 mpr_dprint(sc, MPR_RECOVERY, 1274 "logical unit reset status 0x%x code 0x%x count %u\n", 1275 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1276 le32toh(reply->TerminationCount)); 1277 1278 /* 1279 * See if there are any outstanding commands for this LUN. 1280 * This could be made more efficient by using a per-LU data 1281 * structure of some sort. 1282 */ 1283 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1284 if (cm->cm_lun == tm->cm_lun) 1285 cm_count++; 1286 } 1287 1288 if (cm_count == 0) { 1289 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1290 "Finished recovery after LUN reset for target %u\n", 1291 targ->tid); 1292 1293 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid, 1294 tm->cm_lun); 1295 1296 /* 1297 * We've finished recovery for this logical unit. check and 1298 * see if some other logical unit has a timedout command 1299 * that needs to be processed. 1300 */ 1301 cm = TAILQ_FIRST(&targ->timedout_commands); 1302 if (cm) { 1303 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1304 "More commands to abort for target %u\n", targ->tid); 1305 mprsas_send_abort(sc, tm, cm); 1306 } else { 1307 targ->tm = NULL; 1308 mprsas_free_tm(sc, tm); 1309 } 1310 } else { 1311 /* if we still have commands for this LUN, the reset 1312 * effectively failed, regardless of the status reported. 1313 * Escalate to a target reset. 1314 */ 1315 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1316 "logical unit reset complete for target %u, but still " 1317 "have %u command(s), sending target reset\n", targ->tid, 1318 cm_count); 1319 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1320 mprsas_send_reset(sc, tm, 1321 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1322 else 1323 mpr_reinit(sc); 1324 } 1325 } 1326 1327 static void 1328 mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1329 { 1330 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1331 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1332 struct mprsas_target *targ; 1333 1334 callout_stop(&tm->cm_callout); 1335 1336 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1337 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1338 targ = tm->cm_targ; 1339 1340 /* 1341 * Currently there should be no way we can hit this case. It only 1342 * happens when we have a failure to allocate chain frames, and 1343 * task management commands don't have S/G lists. 1344 */ 1345 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1346 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target " 1347 "reset! This should not happen!\n", __func__, tm->cm_flags); 1348 mprsas_free_tm(sc, tm); 1349 return; 1350 } 1351 1352 if (reply == NULL) { 1353 mpr_dprint(sc, MPR_RECOVERY, 1354 "NULL target reset reply for tm %p TaskMID %u\n", 1355 tm, le16toh(req->TaskMID)); 1356 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1357 /* this completion was due to a reset, just cleanup */ 1358 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1359 "reset, ignoring NULL target reset reply\n"); 1360 targ->tm = NULL; 1361 mprsas_free_tm(sc, tm); 1362 } 1363 else { 1364 /* we should have gotten a reply. */ 1365 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1366 "target reset attempt, resetting controller\n"); 1367 mpr_reinit(sc); 1368 } 1369 return; 1370 } 1371 1372 mpr_dprint(sc, MPR_RECOVERY, 1373 "target reset status 0x%x code 0x%x count %u\n", 1374 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1375 le32toh(reply->TerminationCount)); 1376 1377 if (targ->outstanding == 0) { 1378 /* 1379 * We've finished recovery for this target and all 1380 * of its logical units. 1381 */ 1382 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1383 "Finished reset recovery for target %u\n", targ->tid); 1384 1385 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1386 CAM_LUN_WILDCARD); 1387 1388 targ->tm = NULL; 1389 mprsas_free_tm(sc, tm); 1390 } else { 1391 /* 1392 * After a target reset, if this target still has 1393 * outstanding commands, the reset effectively failed, 1394 * regardless of the status reported. escalate. 1395 */ 1396 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1397 "Target reset complete for target %u, but still have %u " 1398 "command(s), resetting controller\n", targ->tid, 1399 targ->outstanding); 1400 mpr_reinit(sc); 1401 } 1402 } 1403 1404 #define MPR_RESET_TIMEOUT 30 1405 1406 int 1407 mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type) 1408 { 1409 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1410 struct mprsas_target *target; 1411 int err, timeout; 1412 1413 target = tm->cm_targ; 1414 if (target->handle == 0) { 1415 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id " 1416 "%d\n", __func__, target->tid); 1417 return -1; 1418 } 1419 1420 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1421 req->DevHandle = htole16(target->handle); 1422 req->TaskType = type; 1423 1424 if (!target->is_nvme || sc->custom_nvme_tm_handling) { 1425 timeout = MPR_RESET_TIMEOUT; 1426 /* 1427 * Target reset method = 1428 * SAS Hard Link Reset / SATA Link Reset 1429 */ 1430 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1431 } else { 1432 timeout = (target->controller_reset_timeout) ? ( 1433 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT); 1434 /* PCIe Protocol Level Reset*/ 1435 req->MsgFlags = 1436 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 1437 } 1438 1439 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1440 /* XXX Need to handle invalid LUNs */ 1441 MPR_SET_LUN(req->LUN, tm->cm_lun); 1442 tm->cm_targ->logical_unit_resets++; 1443 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1444 "Sending logical unit reset to target %u lun %d\n", 1445 target->tid, tm->cm_lun); 1446 tm->cm_complete = mprsas_logical_unit_reset_complete; 1447 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1448 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1449 tm->cm_targ->target_resets++; 1450 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1451 "Sending target reset to target %u\n", target->tid); 1452 tm->cm_complete = mprsas_target_reset_complete; 1453 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1454 } 1455 else { 1456 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type); 1457 return -1; 1458 } 1459 1460 if (target->encl_level_valid) { 1461 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1462 "At enclosure level %d, slot %d, connector name (%4s)\n", 1463 target->encl_level, target->encl_slot, 1464 target->connector_name); 1465 } 1466 1467 tm->cm_data = NULL; 1468 tm->cm_complete_data = (void *)tm; 1469 1470 callout_reset(&tm->cm_callout, timeout * hz, 1471 mprsas_tm_timeout, tm); 1472 1473 err = mpr_map_command(sc, tm); 1474 if (err) 1475 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1476 "error %d sending reset type %u\n", err, type); 1477 1478 return err; 1479 } 1480 1481 static void 1482 mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm) 1483 { 1484 struct mpr_command *cm; 1485 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1486 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1487 struct mprsas_target *targ; 1488 1489 callout_stop(&tm->cm_callout); 1490 1491 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1492 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1493 targ = tm->cm_targ; 1494 1495 /* 1496 * Currently there should be no way we can hit this case. It only 1497 * happens when we have a failure to allocate chain frames, and 1498 * task management commands don't have S/G lists. 1499 */ 1500 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1501 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1502 "cm_flags = %#x for abort %p TaskMID %u!\n", 1503 tm->cm_flags, tm, le16toh(req->TaskMID)); 1504 mprsas_free_tm(sc, tm); 1505 return; 1506 } 1507 1508 if (reply == NULL) { 1509 mpr_dprint(sc, MPR_RECOVERY, 1510 "NULL abort reply for tm %p TaskMID %u\n", 1511 tm, le16toh(req->TaskMID)); 1512 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1513 /* this completion was due to a reset, just cleanup */ 1514 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1515 "reset, ignoring NULL abort reply\n"); 1516 targ->tm = NULL; 1517 mprsas_free_tm(sc, tm); 1518 } else { 1519 /* we should have gotten a reply. */ 1520 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1521 "abort attempt, resetting controller\n"); 1522 mpr_reinit(sc); 1523 } 1524 return; 1525 } 1526 1527 mpr_dprint(sc, MPR_RECOVERY, 1528 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1529 le16toh(req->TaskMID), 1530 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1531 le32toh(reply->TerminationCount)); 1532 1533 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1534 if (cm == NULL) { 1535 /* 1536 * if there are no more timedout commands, we're done with 1537 * error recovery for this target. 1538 */ 1539 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1540 "Finished abort recovery for target %u\n", targ->tid); 1541 targ->tm = NULL; 1542 mprsas_free_tm(sc, tm); 1543 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1544 /* abort success, but we have more timedout commands to abort */ 1545 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1546 "Continuing abort recovery for target %u\n", targ->tid); 1547 mprsas_send_abort(sc, tm, cm); 1548 } else { 1549 /* 1550 * we didn't get a command completion, so the abort 1551 * failed as far as we're concerned. escalate. 1552 */ 1553 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1554 "Abort failed for target %u, sending logical unit reset\n", 1555 targ->tid); 1556 1557 mprsas_send_reset(sc, tm, 1558 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1559 } 1560 } 1561 1562 #define MPR_ABORT_TIMEOUT 5 1563 1564 static int 1565 mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 1566 struct mpr_command *cm) 1567 { 1568 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1569 struct mprsas_target *targ; 1570 int err, timeout; 1571 1572 targ = cm->cm_targ; 1573 if (targ->handle == 0) { 1574 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1575 "%s null devhandle for target_id %d\n", 1576 __func__, cm->cm_ccb->ccb_h.target_id); 1577 return -1; 1578 } 1579 1580 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO, 1581 "Aborting command %p\n", cm); 1582 1583 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1584 req->DevHandle = htole16(targ->handle); 1585 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1586 1587 /* XXX Need to handle invalid LUNs */ 1588 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1589 1590 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1591 1592 tm->cm_data = NULL; 1593 tm->cm_complete = mprsas_abort_complete; 1594 tm->cm_complete_data = (void *)tm; 1595 tm->cm_targ = cm->cm_targ; 1596 tm->cm_lun = cm->cm_lun; 1597 1598 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1599 timeout = MPR_ABORT_TIMEOUT; 1600 else 1601 timeout = sc->nvme_abort_timeout; 1602 1603 callout_reset(&tm->cm_callout, timeout * hz, 1604 mprsas_tm_timeout, tm); 1605 1606 targ->aborts++; 1607 1608 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1609 1610 err = mpr_map_command(sc, tm); 1611 if (err) 1612 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1613 "error %d sending abort for cm %p SMID %u\n", 1614 err, cm, req->TaskMID); 1615 return err; 1616 } 1617 1618 static void 1619 mprsas_scsiio_timeout(void *data) 1620 { 1621 sbintime_t elapsed, now; 1622 union ccb *ccb; 1623 struct mpr_softc *sc; 1624 struct mpr_command *cm; 1625 struct mprsas_target *targ; 1626 1627 cm = (struct mpr_command *)data; 1628 sc = cm->cm_sc; 1629 ccb = cm->cm_ccb; 1630 now = sbinuptime(); 1631 1632 MPR_FUNCTRACE(sc); 1633 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1634 1635 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm); 1636 1637 /* 1638 * Run the interrupt handler to make sure it's not pending. This 1639 * isn't perfect because the command could have already completed 1640 * and been re-used, though this is unlikely. 1641 */ 1642 mpr_intr_locked(sc); 1643 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 1644 mprsas_log_command(cm, MPR_XINFO, 1645 "SCSI command %p almost timed out\n", cm); 1646 return; 1647 } 1648 1649 if (cm->cm_ccb == NULL) { 1650 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n"); 1651 return; 1652 } 1653 1654 targ = cm->cm_targ; 1655 targ->timeouts++; 1656 1657 elapsed = now - ccb->ccb_h.qos.sim_data; 1658 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY, 1659 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n", 1660 targ->tid, targ->handle, ccb->ccb_h.timeout, 1661 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1662 if (targ->encl_level_valid) { 1663 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1664 "At enclosure level %d, slot %d, connector name (%4s)\n", 1665 targ->encl_level, targ->encl_slot, targ->connector_name); 1666 } 1667 1668 /* XXX first, check the firmware state, to see if it's still 1669 * operational. if not, do a diag reset. 1670 */ 1671 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1672 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT; 1673 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1674 1675 if (targ->tm != NULL) { 1676 /* target already in recovery, just queue up another 1677 * timedout command to be processed later. 1678 */ 1679 mpr_dprint(sc, MPR_RECOVERY, 1680 "queued timedout cm %p for processing by tm %p\n", 1681 cm, targ->tm); 1682 } else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) { 1683 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1684 "Sending abort to target %u for SMID %d\n", targ->tid, 1685 cm->cm_desc.Default.SMID); 1686 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n", 1687 cm, targ->tm); 1688 1689 /* start recovery by aborting the first timedout command */ 1690 mprsas_send_abort(sc, targ->tm, cm); 1691 } else { 1692 /* XXX queue this target up for recovery once a TM becomes 1693 * available. The firmware only has a limited number of 1694 * HighPriority credits for the high priority requests used 1695 * for task management, and we ran out. 1696 * 1697 * Isilon: don't worry about this for now, since we have 1698 * more credits than disks in an enclosure, and limit 1699 * ourselves to one TM per target for recovery. 1700 */ 1701 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1702 "timedout cm %p failed to allocate a tm\n", cm); 1703 } 1704 } 1705 1706 /** 1707 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent 1708 * to SCSI Unmap. 1709 * Return 0 - for success, 1710 * 1 - to immediately return back the command with success status to CAM 1711 * negative value - to fallback to firmware path i.e. issue scsi unmap 1712 * to FW without any translation. 1713 */ 1714 static int 1715 mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm, 1716 union ccb *ccb, struct mprsas_target *targ) 1717 { 1718 Mpi26NVMeEncapsulatedRequest_t *req = NULL; 1719 struct ccb_scsiio *csio; 1720 struct unmap_parm_list *plist; 1721 struct nvme_dsm_range *nvme_dsm_ranges = NULL; 1722 struct nvme_command *c; 1723 int i, res; 1724 uint16_t ndesc, list_len, data_length; 1725 struct mpr_prp_page *prp_page_info; 1726 uint64_t nvme_dsm_ranges_dma_handle; 1727 1728 csio = &ccb->csio; 1729 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]); 1730 if (!list_len) { 1731 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n"); 1732 return -EINVAL; 1733 } 1734 1735 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT); 1736 if (!plist) { 1737 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to " 1738 "save UNMAP data\n"); 1739 return -ENOMEM; 1740 } 1741 1742 /* Copy SCSI unmap data to a local buffer */ 1743 bcopy(csio->data_ptr, plist, csio->dxfer_len); 1744 1745 /* return back the unmap command to CAM with success status, 1746 * if number of descripts is zero. 1747 */ 1748 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4; 1749 if (!ndesc) { 1750 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in " 1751 "UNMAP cmd is Zero\n"); 1752 res = 1; 1753 goto out; 1754 } 1755 1756 data_length = ndesc * sizeof(struct nvme_dsm_range); 1757 if (data_length > targ->MDTS) { 1758 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than " 1759 "Device's MDTS: %d\n", data_length, targ->MDTS); 1760 res = -EINVAL; 1761 goto out; 1762 } 1763 1764 prp_page_info = mpr_alloc_prp_page(sc); 1765 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for " 1766 "UNMAP command.\n", __func__)); 1767 1768 /* 1769 * Insert the allocated PRP page into the command's PRP page list. This 1770 * will be freed when the command is freed. 1771 */ 1772 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link); 1773 1774 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page; 1775 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr; 1776 1777 bzero(nvme_dsm_ranges, data_length); 1778 1779 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data 1780 * for each descriptors contained in SCSI UNMAP data. 1781 */ 1782 for (i = 0; i < ndesc; i++) { 1783 nvme_dsm_ranges[i].length = 1784 htole32(be32toh(plist->desc[i].nlb)); 1785 nvme_dsm_ranges[i].starting_lba = 1786 htole64(be64toh(plist->desc[i].slba)); 1787 nvme_dsm_ranges[i].attributes = 0; 1788 } 1789 1790 /* Build MPI2.6's NVMe Encapsulated Request Message */ 1791 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req; 1792 bzero(req, sizeof(*req)); 1793 req->DevHandle = htole16(targ->handle); 1794 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED; 1795 req->Flags = MPI26_NVME_FLAGS_WRITE; 1796 req->ErrorResponseBaseAddress.High = 1797 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32)); 1798 req->ErrorResponseBaseAddress.Low = 1799 htole32(cm->cm_sense_busaddr); 1800 req->ErrorResponseAllocationLength = 1801 htole16(sizeof(struct nvme_completion)); 1802 req->EncapsulatedCommandLength = 1803 htole16(sizeof(struct nvme_command)); 1804 req->DataLength = htole32(data_length); 1805 1806 /* Build NVMe DSM command */ 1807 c = (struct nvme_command *) req->NVMe_Command; 1808 c->opc = NVME_OPC_DATASET_MANAGEMENT; 1809 c->nsid = htole32(csio->ccb_h.target_lun + 1); 1810 c->cdw10 = htole32(ndesc - 1); 1811 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE); 1812 1813 cm->cm_length = data_length; 1814 cm->cm_data = NULL; 1815 1816 cm->cm_complete = mprsas_scsiio_complete; 1817 cm->cm_complete_data = ccb; 1818 cm->cm_targ = targ; 1819 cm->cm_lun = csio->ccb_h.target_lun; 1820 cm->cm_ccb = ccb; 1821 1822 cm->cm_desc.Default.RequestFlags = 1823 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED; 1824 1825 csio->ccb_h.qos.sim_data = sbinuptime(); 1826 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1827 mprsas_scsiio_timeout, cm, 0); 1828 1829 targ->issued++; 1830 targ->outstanding++; 1831 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1832 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1833 1834 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 1835 __func__, cm, ccb, targ->outstanding); 1836 1837 mpr_build_nvme_prp(sc, cm, req, 1838 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length); 1839 mpr_map_command(sc, cm); 1840 res = 0; 1841 1842 out: 1843 free(plist, M_MPR); 1844 return (res); 1845 } 1846 1847 static void 1848 mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb) 1849 { 1850 MPI2_SCSI_IO_REQUEST *req; 1851 struct ccb_scsiio *csio; 1852 struct mpr_softc *sc; 1853 struct mprsas_target *targ; 1854 struct mprsas_lun *lun; 1855 struct mpr_command *cm; 1856 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode; 1857 uint16_t eedp_flags; 1858 uint32_t mpi_control; 1859 int rc; 1860 1861 sc = sassc->sc; 1862 MPR_FUNCTRACE(sc); 1863 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1864 1865 csio = &ccb->csio; 1866 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1867 ("Target %d out of bounds in XPT_SCSI_IO\n", 1868 csio->ccb_h.target_id)); 1869 targ = &sassc->targets[csio->ccb_h.target_id]; 1870 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1871 if (targ->handle == 0x0) { 1872 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n", 1873 __func__, csio->ccb_h.target_id); 1874 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1875 xpt_done(ccb); 1876 return; 1877 } 1878 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) { 1879 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO " 1880 "supported %u\n", __func__, csio->ccb_h.target_id); 1881 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1882 xpt_done(ccb); 1883 return; 1884 } 1885 /* 1886 * Sometimes, it is possible to get a command that is not "In 1887 * Progress" and was actually aborted by the upper layer. Check for 1888 * this here and complete the command without error. 1889 */ 1890 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1891 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for " 1892 "target %u\n", __func__, csio->ccb_h.target_id); 1893 xpt_done(ccb); 1894 return; 1895 } 1896 /* 1897 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1898 * that the volume has timed out. We want volumes to be enumerated 1899 * until they are deleted/removed, not just failed. In either event, 1900 * we're removing the target due to a firmware event telling us 1901 * the device is now gone (as opposed to some transient event). Since 1902 * we're opting to remove failed devices from the OS's view, we need 1903 * to propagate that status up the stack. 1904 */ 1905 if (targ->flags & MPRSAS_TARGET_INREMOVAL) { 1906 if (targ->devinfo == 0) 1907 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1908 else 1909 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1910 xpt_done(ccb); 1911 return; 1912 } 1913 1914 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) { 1915 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__); 1916 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1917 xpt_done(ccb); 1918 return; 1919 } 1920 1921 /* 1922 * If target has a reset in progress, the devq should be frozen. 1923 * Geting here we likely hit a race, so just requeue. 1924 */ 1925 if (targ->flags & MPRSAS_TARGET_INRESET) { 1926 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1927 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 1928 "%s: Freezing devq for target ID %d\n", 1929 __func__, targ->tid); 1930 xpt_freeze_devq(ccb->ccb_h.path, 1); 1931 xpt_done(ccb); 1932 return; 1933 } 1934 1935 cm = mpr_alloc_command(sc); 1936 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) { 1937 if (cm != NULL) { 1938 mpr_free_command(sc, cm); 1939 } 1940 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 1941 xpt_freeze_simq(sassc->sim, 1); 1942 sassc->flags |= MPRSAS_QUEUE_FROZEN; 1943 } 1944 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1945 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1946 xpt_done(ccb); 1947 return; 1948 } 1949 1950 /* For NVME device's issue UNMAP command directly to NVME drives by 1951 * constructing equivalent native NVMe DataSetManagement command. 1952 */ 1953 scsi_opcode = scsiio_cdb_ptr(csio)[0]; 1954 if (scsi_opcode == UNMAP && 1955 targ->is_nvme && 1956 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 1957 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ); 1958 if (rc == 1) { /* return command to CAM with success status */ 1959 mpr_free_command(sc, cm); 1960 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1961 xpt_done(ccb); 1962 return; 1963 } else if (!rc) /* Issued NVMe Encapsulated Request Message */ 1964 return; 1965 } 1966 1967 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1968 bzero(req, sizeof(*req)); 1969 req->DevHandle = htole16(targ->handle); 1970 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1971 req->MsgFlags = 0; 1972 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1973 req->SenseBufferLength = MPR_SENSE_LEN; 1974 req->SGLFlags = 0; 1975 req->ChainOffset = 0; 1976 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1977 req->SGLOffset1= 0; 1978 req->SGLOffset2= 0; 1979 req->SGLOffset3= 0; 1980 req->SkipCount = 0; 1981 req->DataLength = htole32(csio->dxfer_len); 1982 req->BidirectionalDataLength = 0; 1983 req->IoFlags = htole16(csio->cdb_len); 1984 req->EEDPFlags = 0; 1985 1986 /* Note: BiDirectional transfers are not supported */ 1987 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1988 case CAM_DIR_IN: 1989 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1990 cm->cm_flags |= MPR_CM_FLAGS_DATAIN; 1991 break; 1992 case CAM_DIR_OUT: 1993 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1994 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT; 1995 break; 1996 case CAM_DIR_NONE: 1997 default: 1998 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 1999 break; 2000 } 2001 2002 if (csio->cdb_len == 32) 2003 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 2004 /* 2005 * It looks like the hardware doesn't require an explicit tag 2006 * number for each transaction. SAM Task Management not supported 2007 * at the moment. 2008 */ 2009 switch (csio->tag_action) { 2010 case MSG_HEAD_OF_Q_TAG: 2011 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 2012 break; 2013 case MSG_ORDERED_Q_TAG: 2014 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 2015 break; 2016 case MSG_ACA_TASK: 2017 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 2018 break; 2019 case CAM_TAG_ACTION_NONE: 2020 case MSG_SIMPLE_Q_TAG: 2021 default: 2022 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 2023 break; 2024 } 2025 mpi_control |= (csio->priority << MPI2_SCSIIO_CONTROL_CMDPRI_SHIFT) & 2026 MPI2_SCSIIO_CONTROL_CMDPRI_MASK; 2027 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 2028 req->Control = htole32(mpi_control); 2029 2030 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 2031 mpr_free_command(sc, cm); 2032 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID); 2033 xpt_done(ccb); 2034 return; 2035 } 2036 2037 if (csio->ccb_h.flags & CAM_CDB_POINTER) 2038 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 2039 else { 2040 KASSERT(csio->cdb_len <= IOCDBLEN, 2041 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER " 2042 "is not set", csio->cdb_len)); 2043 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 2044 } 2045 req->IoFlags = htole16(csio->cdb_len); 2046 2047 /* 2048 * Check if EEDP is supported and enabled. If it is then check if the 2049 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 2050 * is formatted for EEDP support. If all of this is true, set CDB up 2051 * for EEDP transfer. 2052 */ 2053 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 2054 if (sc->eedp_enabled && eedp_flags) { 2055 SLIST_FOREACH(lun, &targ->luns, lun_link) { 2056 if (lun->lun_id == csio->ccb_h.target_lun) { 2057 break; 2058 } 2059 } 2060 2061 if ((lun != NULL) && (lun->eedp_formatted)) { 2062 req->EEDPBlockSize = htole32(lun->eedp_block_size); 2063 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 2064 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 2065 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 2066 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 2067 eedp_flags |= 2068 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE; 2069 } 2070 req->EEDPFlags = htole16(eedp_flags); 2071 2072 /* 2073 * If CDB less than 32, fill in Primary Ref Tag with 2074 * low 4 bytes of LBA. If CDB is 32, tag stuff is 2075 * already there. Also, set protection bit. FreeBSD 2076 * currently does not support CDBs bigger than 16, but 2077 * the code doesn't hurt, and will be here for the 2078 * future. 2079 */ 2080 if (csio->cdb_len != 32) { 2081 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 2082 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 2083 PrimaryReferenceTag; 2084 for (i = 0; i < 4; i++) { 2085 *ref_tag_addr = 2086 req->CDB.CDB32[lba_byte + i]; 2087 ref_tag_addr++; 2088 } 2089 req->CDB.EEDP32.PrimaryReferenceTag = 2090 htole32(req-> 2091 CDB.EEDP32.PrimaryReferenceTag); 2092 req->CDB.EEDP32.PrimaryApplicationTagMask = 2093 0xFFFF; 2094 req->CDB.CDB32[1] = 2095 (req->CDB.CDB32[1] & 0x1F) | 0x20; 2096 } else { 2097 eedp_flags |= 2098 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 2099 req->EEDPFlags = htole16(eedp_flags); 2100 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 2101 0x1F) | 0x20; 2102 } 2103 } 2104 } 2105 2106 cm->cm_length = csio->dxfer_len; 2107 if (cm->cm_length != 0) { 2108 cm->cm_data = ccb; 2109 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB; 2110 } else { 2111 cm->cm_data = NULL; 2112 } 2113 cm->cm_sge = &req->SGL; 2114 cm->cm_sglsize = (32 - 24) * 4; 2115 cm->cm_complete = mprsas_scsiio_complete; 2116 cm->cm_complete_data = ccb; 2117 cm->cm_targ = targ; 2118 cm->cm_lun = csio->ccb_h.target_lun; 2119 cm->cm_ccb = ccb; 2120 /* 2121 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0) 2122 * and set descriptor type. 2123 */ 2124 if (targ->scsi_req_desc_type == 2125 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) { 2126 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH; 2127 cm->cm_desc.FastPathSCSIIO.RequestFlags = 2128 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO; 2129 if (!sc->atomic_desc_capable) { 2130 cm->cm_desc.FastPathSCSIIO.DevHandle = 2131 htole16(targ->handle); 2132 } 2133 } else { 2134 cm->cm_desc.SCSIIO.RequestFlags = 2135 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 2136 if (!sc->atomic_desc_capable) 2137 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 2138 } 2139 2140 csio->ccb_h.qos.sim_data = sbinuptime(); 2141 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 2142 mprsas_scsiio_timeout, cm, 0); 2143 2144 targ->issued++; 2145 targ->outstanding++; 2146 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 2147 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2148 2149 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 2150 __func__, cm, ccb, targ->outstanding); 2151 2152 mpr_map_command(sc, cm); 2153 return; 2154 } 2155 2156 /** 2157 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request 2158 */ 2159 static void 2160 mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio, 2161 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ) 2162 { 2163 u32 response_info; 2164 u8 *response_bytes; 2165 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 2166 MPI2_IOCSTATUS_MASK; 2167 u8 scsi_state = mpi_reply->SCSIState; 2168 u8 scsi_status = mpi_reply->SCSIStatus; 2169 char *desc_ioc_state = NULL; 2170 char *desc_scsi_status = NULL; 2171 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 2172 2173 if (log_info == 0x31170000) 2174 return; 2175 2176 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string, 2177 ioc_status); 2178 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string, 2179 scsi_status); 2180 2181 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 2182 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 2183 if (targ->encl_level_valid) { 2184 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, " 2185 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 2186 targ->connector_name); 2187 } 2188 2189 /* 2190 * We can add more detail about underflow data here 2191 * TO-DO 2192 */ 2193 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), " 2194 "scsi_state %b\n", desc_scsi_status, scsi_status, 2195 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 2196 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 2197 2198 if (sc->mpr_debug & MPR_XINFO && 2199 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2200 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n"); 2201 scsi_sense_print(csio); 2202 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n"); 2203 } 2204 2205 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 2206 response_info = le32toh(mpi_reply->ResponseInfo); 2207 response_bytes = (u8 *)&response_info; 2208 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n", 2209 response_bytes[0], 2210 mpr_describe_table(mpr_scsi_taskmgmt_string, 2211 response_bytes[0])); 2212 } 2213 } 2214 2215 /** mprsas_nvme_trans_status_code 2216 * 2217 * Convert Native NVMe command error status to 2218 * equivalent SCSI error status. 2219 * 2220 * Returns appropriate scsi_status 2221 */ 2222 static u8 2223 mprsas_nvme_trans_status_code(uint16_t nvme_status, 2224 struct mpr_command *cm) 2225 { 2226 u8 status = MPI2_SCSI_STATUS_GOOD; 2227 int skey, asc, ascq; 2228 union ccb *ccb = cm->cm_complete_data; 2229 int returned_sense_len; 2230 uint8_t sct, sc; 2231 2232 sct = NVME_STATUS_GET_SCT(nvme_status); 2233 sc = NVME_STATUS_GET_SC(nvme_status); 2234 2235 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2236 skey = SSD_KEY_ILLEGAL_REQUEST; 2237 asc = SCSI_ASC_NO_SENSE; 2238 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2239 2240 switch (sct) { 2241 case NVME_SCT_GENERIC: 2242 switch (sc) { 2243 case NVME_SC_SUCCESS: 2244 status = MPI2_SCSI_STATUS_GOOD; 2245 skey = SSD_KEY_NO_SENSE; 2246 asc = SCSI_ASC_NO_SENSE; 2247 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2248 break; 2249 case NVME_SC_INVALID_OPCODE: 2250 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2251 skey = SSD_KEY_ILLEGAL_REQUEST; 2252 asc = SCSI_ASC_ILLEGAL_COMMAND; 2253 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2254 break; 2255 case NVME_SC_INVALID_FIELD: 2256 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2257 skey = SSD_KEY_ILLEGAL_REQUEST; 2258 asc = SCSI_ASC_INVALID_CDB; 2259 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2260 break; 2261 case NVME_SC_DATA_TRANSFER_ERROR: 2262 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2263 skey = SSD_KEY_MEDIUM_ERROR; 2264 asc = SCSI_ASC_NO_SENSE; 2265 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2266 break; 2267 case NVME_SC_ABORTED_POWER_LOSS: 2268 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2269 skey = SSD_KEY_ABORTED_COMMAND; 2270 asc = SCSI_ASC_WARNING; 2271 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED; 2272 break; 2273 case NVME_SC_INTERNAL_DEVICE_ERROR: 2274 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2275 skey = SSD_KEY_HARDWARE_ERROR; 2276 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE; 2277 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2278 break; 2279 case NVME_SC_ABORTED_BY_REQUEST: 2280 case NVME_SC_ABORTED_SQ_DELETION: 2281 case NVME_SC_ABORTED_FAILED_FUSED: 2282 case NVME_SC_ABORTED_MISSING_FUSED: 2283 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2284 skey = SSD_KEY_ABORTED_COMMAND; 2285 asc = SCSI_ASC_NO_SENSE; 2286 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2287 break; 2288 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT: 2289 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2290 skey = SSD_KEY_ILLEGAL_REQUEST; 2291 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2292 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2293 break; 2294 case NVME_SC_LBA_OUT_OF_RANGE: 2295 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2296 skey = SSD_KEY_ILLEGAL_REQUEST; 2297 asc = SCSI_ASC_ILLEGAL_BLOCK; 2298 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2299 break; 2300 case NVME_SC_CAPACITY_EXCEEDED: 2301 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2302 skey = SSD_KEY_MEDIUM_ERROR; 2303 asc = SCSI_ASC_NO_SENSE; 2304 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2305 break; 2306 case NVME_SC_NAMESPACE_NOT_READY: 2307 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2308 skey = SSD_KEY_NOT_READY; 2309 asc = SCSI_ASC_LUN_NOT_READY; 2310 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2311 break; 2312 } 2313 break; 2314 case NVME_SCT_COMMAND_SPECIFIC: 2315 switch (sc) { 2316 case NVME_SC_INVALID_FORMAT: 2317 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2318 skey = SSD_KEY_ILLEGAL_REQUEST; 2319 asc = SCSI_ASC_FORMAT_COMMAND_FAILED; 2320 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED; 2321 break; 2322 case NVME_SC_CONFLICTING_ATTRIBUTES: 2323 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2324 skey = SSD_KEY_ILLEGAL_REQUEST; 2325 asc = SCSI_ASC_INVALID_CDB; 2326 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2327 break; 2328 } 2329 break; 2330 case NVME_SCT_MEDIA_ERROR: 2331 switch (sc) { 2332 case NVME_SC_WRITE_FAULTS: 2333 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2334 skey = SSD_KEY_MEDIUM_ERROR; 2335 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT; 2336 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2337 break; 2338 case NVME_SC_UNRECOVERED_READ_ERROR: 2339 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2340 skey = SSD_KEY_MEDIUM_ERROR; 2341 asc = SCSI_ASC_UNRECOVERED_READ_ERROR; 2342 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2343 break; 2344 case NVME_SC_GUARD_CHECK_ERROR: 2345 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2346 skey = SSD_KEY_MEDIUM_ERROR; 2347 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED; 2348 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED; 2349 break; 2350 case NVME_SC_APPLICATION_TAG_CHECK_ERROR: 2351 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2352 skey = SSD_KEY_MEDIUM_ERROR; 2353 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED; 2354 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED; 2355 break; 2356 case NVME_SC_REFERENCE_TAG_CHECK_ERROR: 2357 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2358 skey = SSD_KEY_MEDIUM_ERROR; 2359 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED; 2360 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED; 2361 break; 2362 case NVME_SC_COMPARE_FAILURE: 2363 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2364 skey = SSD_KEY_MISCOMPARE; 2365 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY; 2366 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2367 break; 2368 case NVME_SC_ACCESS_DENIED: 2369 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2370 skey = SSD_KEY_ILLEGAL_REQUEST; 2371 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2372 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2373 break; 2374 } 2375 break; 2376 } 2377 2378 returned_sense_len = sizeof(struct scsi_sense_data); 2379 if (returned_sense_len < ccb->csio.sense_len) 2380 ccb->csio.sense_resid = ccb->csio.sense_len - 2381 returned_sense_len; 2382 else 2383 ccb->csio.sense_resid = 0; 2384 2385 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED, 2386 1, skey, asc, ascq, SSD_ELEM_NONE); 2387 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2388 2389 return status; 2390 } 2391 2392 /** mprsas_complete_nvme_unmap 2393 * 2394 * Complete native NVMe command issued using NVMe Encapsulated 2395 * Request Message. 2396 */ 2397 static u8 2398 mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm) 2399 { 2400 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply; 2401 struct nvme_completion *nvme_completion = NULL; 2402 u8 scsi_status = MPI2_SCSI_STATUS_GOOD; 2403 2404 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply; 2405 if (le16toh(mpi_reply->ErrorResponseCount)){ 2406 nvme_completion = (struct nvme_completion *)cm->cm_sense; 2407 scsi_status = mprsas_nvme_trans_status_code( 2408 nvme_completion->status, cm); 2409 } 2410 return scsi_status; 2411 } 2412 2413 static void 2414 mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2415 { 2416 MPI2_SCSI_IO_REPLY *rep; 2417 union ccb *ccb; 2418 struct ccb_scsiio *csio; 2419 struct mprsas_softc *sassc; 2420 struct scsi_vpd_supported_page_list *vpd_list = NULL; 2421 u8 *TLR_bits, TLR_on, *scsi_cdb; 2422 int dir = 0, i; 2423 u16 alloc_len; 2424 struct mprsas_target *target; 2425 target_id_t target_id; 2426 2427 MPR_FUNCTRACE(sc); 2428 2429 callout_stop(&cm->cm_callout); 2430 mtx_assert(&sc->mpr_mtx, MA_OWNED); 2431 2432 sassc = sc->sassc; 2433 ccb = cm->cm_complete_data; 2434 csio = &ccb->csio; 2435 target_id = csio->ccb_h.target_id; 2436 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 2437 mpr_dprint(sc, MPR_TRACE, 2438 "cm %p SMID %u ccb %p reply %p outstanding %u csio->scsi_status 0x%x," 2439 "csio->dxfer_len 0x%x, csio->msg_le 0x%xn\n", cm, 2440 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 2441 cm->cm_targ->outstanding, csio->scsi_status, 2442 csio->dxfer_len, csio->msg_len); 2443 /* 2444 * XXX KDM if the chain allocation fails, does it matter if we do 2445 * the sync and unload here? It is simpler to do it in every case, 2446 * assuming it doesn't cause problems. 2447 */ 2448 if (cm->cm_data != NULL) { 2449 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN) 2450 dir = BUS_DMASYNC_POSTREAD; 2451 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT) 2452 dir = BUS_DMASYNC_POSTWRITE; 2453 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2454 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2455 } 2456 2457 cm->cm_targ->completed++; 2458 cm->cm_targ->outstanding--; 2459 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2460 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2461 2462 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 2463 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2464 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY, 2465 ("Not busy for CM_FLAGS_TIMEDOUT: %u\n", cm->cm_state)); 2466 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY; 2467 if (cm->cm_reply != NULL) 2468 mprsas_log_command(cm, MPR_RECOVERY, 2469 "completed timedout cm %p ccb %p during recovery " 2470 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb, 2471 le16toh(rep->IOCStatus), rep->SCSIStatus, 2472 rep->SCSIState, le32toh(rep->TransferCount)); 2473 else 2474 mprsas_log_command(cm, MPR_RECOVERY, 2475 "completed timedout cm %p ccb %p during recovery\n", 2476 cm, cm->cm_ccb); 2477 } else if (cm->cm_targ->tm != NULL) { 2478 if (cm->cm_reply != NULL) 2479 mprsas_log_command(cm, MPR_RECOVERY, 2480 "completed cm %p ccb %p during recovery " 2481 "ioc %x scsi %x state %x xfer %u\n", 2482 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2483 rep->SCSIStatus, rep->SCSIState, 2484 le32toh(rep->TransferCount)); 2485 else 2486 mprsas_log_command(cm, MPR_RECOVERY, 2487 "completed cm %p ccb %p during recovery\n", 2488 cm, cm->cm_ccb); 2489 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 2490 mprsas_log_command(cm, MPR_RECOVERY, 2491 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb); 2492 } 2493 2494 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2495 /* 2496 * We ran into an error after we tried to map the command, 2497 * so we're getting a callback without queueing the command 2498 * to the hardware. So we set the status here, and it will 2499 * be retained below. We'll go through the "fast path", 2500 * because there can be no reply when we haven't actually 2501 * gone out to the hardware. 2502 */ 2503 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2504 2505 /* 2506 * Currently the only error included in the mask is 2507 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of 2508 * chain frames. We need to freeze the queue until we get 2509 * a command that completed without this error, which will 2510 * hopefully have some chain frames attached that we can 2511 * use. If we wanted to get smarter about it, we would 2512 * only unfreeze the queue in this condition when we're 2513 * sure that we're getting some chain frames back. That's 2514 * probably unnecessary. 2515 */ 2516 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 2517 xpt_freeze_simq(sassc->sim, 1); 2518 sassc->flags |= MPRSAS_QUEUE_FROZEN; 2519 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2520 "Error sending command, freezing SIM queue\n"); 2521 } 2522 } 2523 2524 /* 2525 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER 2526 * flag, and use it in a few places in the rest of this function for 2527 * convenience. Use the macro if available. 2528 */ 2529 scsi_cdb = scsiio_cdb_ptr(csio); 2530 2531 /* 2532 * If this is a Start Stop Unit command and it was issued by the driver 2533 * during shutdown, decrement the refcount to account for all of the 2534 * commands that were sent. All SSU commands should be completed before 2535 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2536 * is TRUE. 2537 */ 2538 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) { 2539 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n"); 2540 sc->SSU_refcount--; 2541 } 2542 2543 /* Take the fast path to completion */ 2544 if (cm->cm_reply == NULL) { 2545 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2546 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) 2547 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2548 else { 2549 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2550 csio->scsi_status = SCSI_STATUS_OK; 2551 } 2552 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2553 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2554 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2555 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2556 "Unfreezing SIM queue\n"); 2557 } 2558 } 2559 2560 /* 2561 * There are two scenarios where the status won't be 2562 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is 2563 * set, the second is in the MPR_FLAGS_DIAGRESET above. 2564 */ 2565 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2566 /* 2567 * Freeze the dev queue so that commands are 2568 * executed in the correct order after error 2569 * recovery. 2570 */ 2571 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2572 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2573 } 2574 mpr_free_command(sc, cm); 2575 xpt_done(ccb); 2576 return; 2577 } 2578 2579 target = &sassc->targets[target_id]; 2580 if (scsi_cdb[0] == UNMAP && 2581 target->is_nvme && 2582 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 2583 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm); 2584 csio->scsi_status = rep->SCSIStatus; 2585 } 2586 2587 mprsas_log_command(cm, MPR_XINFO, 2588 "ioc %x scsi %x state %x xfer %u\n", 2589 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2590 le32toh(rep->TransferCount)); 2591 2592 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2593 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2594 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2595 /* FALLTHROUGH */ 2596 case MPI2_IOCSTATUS_SUCCESS: 2597 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2598 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2599 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2600 mprsas_log_command(cm, MPR_XINFO, "recovered error\n"); 2601 2602 /* Completion failed at the transport level. */ 2603 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2604 MPI2_SCSI_STATE_TERMINATED)) { 2605 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2606 break; 2607 } 2608 2609 /* In a modern packetized environment, an autosense failure 2610 * implies that there's not much else that can be done to 2611 * recover the command. 2612 */ 2613 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2614 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2615 break; 2616 } 2617 2618 /* 2619 * CAM doesn't care about SAS Response Info data, but if this is 2620 * the state check if TLR should be done. If not, clear the 2621 * TLR_bits for the target. 2622 */ 2623 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2624 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE) 2625 == MPR_SCSI_RI_INVALID_FRAME)) { 2626 sc->mapping_table[target_id].TLR_bits = 2627 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2628 } 2629 2630 /* 2631 * Intentionally override the normal SCSI status reporting 2632 * for these two cases. These are likely to happen in a 2633 * multi-initiator environment, and we want to make sure that 2634 * CAM retries these commands rather than fail them. 2635 */ 2636 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2637 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2638 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2639 break; 2640 } 2641 2642 /* Handle normal status and sense */ 2643 csio->scsi_status = rep->SCSIStatus; 2644 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2645 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2646 else 2647 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2648 2649 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2650 int sense_len, returned_sense_len; 2651 2652 returned_sense_len = min(le32toh(rep->SenseCount), 2653 sizeof(struct scsi_sense_data)); 2654 if (returned_sense_len < csio->sense_len) 2655 csio->sense_resid = csio->sense_len - 2656 returned_sense_len; 2657 else 2658 csio->sense_resid = 0; 2659 2660 sense_len = min(returned_sense_len, 2661 csio->sense_len - csio->sense_resid); 2662 bzero(&csio->sense_data, sizeof(csio->sense_data)); 2663 bcopy(cm->cm_sense, &csio->sense_data, sense_len); 2664 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2665 } 2666 2667 /* 2668 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2669 * and it's page code 0 (Supported Page List), and there is 2670 * inquiry data, and this is for a sequential access device, and 2671 * the device is an SSP target, and TLR is supported by the 2672 * controller, turn the TLR_bits value ON if page 0x90 is 2673 * supported. 2674 */ 2675 if ((scsi_cdb[0] == INQUIRY) && 2676 (scsi_cdb[1] & SI_EVPD) && 2677 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) && 2678 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2679 (csio->data_ptr != NULL) && 2680 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2681 (sc->control_TLR) && 2682 (sc->mapping_table[target_id].device_info & 2683 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2684 vpd_list = (struct scsi_vpd_supported_page_list *) 2685 csio->data_ptr; 2686 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2687 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2688 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2689 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4]; 2690 alloc_len -= csio->resid; 2691 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2692 if (vpd_list->list[i] == 0x90) { 2693 *TLR_bits = TLR_on; 2694 break; 2695 } 2696 } 2697 } 2698 2699 /* 2700 * If this is a SATA direct-access end device, mark it so that 2701 * a SCSI StartStopUnit command will be sent to it when the 2702 * driver is being shutdown. 2703 */ 2704 if ((scsi_cdb[0] == INQUIRY) && 2705 (csio->data_ptr != NULL) && 2706 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2707 (sc->mapping_table[target_id].device_info & 2708 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2709 ((sc->mapping_table[target_id].device_info & 2710 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2711 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2712 target = &sassc->targets[target_id]; 2713 target->supports_SSU = TRUE; 2714 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n", 2715 target_id); 2716 } 2717 break; 2718 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2719 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2720 /* 2721 * If devinfo is 0 this will be a volume. In that case don't 2722 * tell CAM that the volume is not there. We want volumes to 2723 * be enumerated until they are deleted/removed, not just 2724 * failed. 2725 */ 2726 if (cm->cm_targ->devinfo == 0) 2727 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2728 else 2729 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2730 break; 2731 case MPI2_IOCSTATUS_INVALID_SGL: 2732 mpr_print_scsiio_cmd(sc, cm); 2733 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2734 break; 2735 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2736 /* 2737 * This is one of the responses that comes back when an I/O 2738 * has been aborted. If it is because of a timeout that we 2739 * initiated, just set the status to CAM_CMD_TIMEOUT. 2740 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2741 * command is the same (it gets retried, subject to the 2742 * retry counter), the only difference is what gets printed 2743 * on the console. 2744 */ 2745 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT) 2746 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2747 else 2748 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2749 break; 2750 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2751 /* resid is ignored for this condition */ 2752 csio->resid = 0; 2753 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2754 break; 2755 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2756 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2757 /* 2758 * These can sometimes be transient transport-related 2759 * errors, and sometimes persistent drive-related errors. 2760 * We used to retry these without decrementing the retry 2761 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2762 * we hit a persistent drive problem that returns one of 2763 * these error codes, we would retry indefinitely. So, 2764 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2765 * count and avoid infinite retries. We're taking the 2766 * potential risk of flagging false failures in the event 2767 * of a topology-related error (e.g. a SAS expander problem 2768 * causes a command addressed to a drive to fail), but 2769 * avoiding getting into an infinite retry loop. However, 2770 * if we get them while were moving a device, we should 2771 * fail the request as 'not there' because the device 2772 * is effectively gone. 2773 */ 2774 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) 2775 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2776 else 2777 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2778 mpr_dprint(sc, MPR_INFO, 2779 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2780 mpr_describe_table(mpr_iocstatus_string, 2781 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2782 target_id, cm->cm_desc.Default.SMID, 2783 le32toh(rep->IOCLogInfo), 2784 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : ""); 2785 mpr_dprint(sc, MPR_XINFO, 2786 "SCSIStatus %x SCSIState %x xfercount %u\n", 2787 rep->SCSIStatus, rep->SCSIState, 2788 le32toh(rep->TransferCount)); 2789 break; 2790 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2791 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2792 case MPI2_IOCSTATUS_INVALID_VPID: 2793 case MPI2_IOCSTATUS_INVALID_FIELD: 2794 case MPI2_IOCSTATUS_INVALID_STATE: 2795 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2796 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2797 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2798 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2799 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2800 default: 2801 mprsas_log_command(cm, MPR_XINFO, 2802 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2803 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2804 rep->SCSIStatus, rep->SCSIState, 2805 le32toh(rep->TransferCount)); 2806 csio->resid = cm->cm_length; 2807 2808 if (scsi_cdb[0] == UNMAP && 2809 target->is_nvme && 2810 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) 2811 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2812 else 2813 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2814 2815 break; 2816 } 2817 2818 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ); 2819 2820 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2821 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2822 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2823 mpr_dprint(sc, MPR_INFO, "Command completed, unfreezing SIM " 2824 "queue\n"); 2825 } 2826 2827 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2828 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2829 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2830 } 2831 2832 /* 2833 * Check to see if we're removing the device. If so, and this is the 2834 * last command on the queue, proceed with the deferred removal of the 2835 * device. Note, for removing a volume, this won't trigger because 2836 * pending_remove_tm will be NULL. 2837 */ 2838 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) { 2839 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2840 cm->cm_targ->pending_remove_tm != NULL) { 2841 mpr_dprint(sc, MPR_INFO, "Last pending command complete: starting remove_device\n"); 2842 mpr_map_command(sc, cm->cm_targ->pending_remove_tm); 2843 cm->cm_targ->pending_remove_tm = NULL; 2844 } 2845 } 2846 2847 mpr_free_command(sc, cm); 2848 xpt_done(ccb); 2849 } 2850 2851 static void 2852 mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2853 { 2854 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2855 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2856 uint64_t sasaddr; 2857 union ccb *ccb; 2858 2859 ccb = cm->cm_complete_data; 2860 2861 /* 2862 * Currently there should be no way we can hit this case. It only 2863 * happens when we have a failure to allocate chain frames, and SMP 2864 * commands require two S/G elements only. That should be handled 2865 * in the standard request size. 2866 */ 2867 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2868 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP " 2869 "request!\n", __func__, cm->cm_flags); 2870 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2871 goto bailout; 2872 } 2873 2874 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2875 if (rpl == NULL) { 2876 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__); 2877 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2878 goto bailout; 2879 } 2880 2881 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2882 sasaddr = le32toh(req->SASAddress.Low); 2883 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2884 2885 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2886 MPI2_IOCSTATUS_SUCCESS || 2887 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2888 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2889 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2890 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2891 goto bailout; 2892 } 2893 2894 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx " 2895 "completed successfully\n", __func__, (uintmax_t)sasaddr); 2896 2897 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2898 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2899 else 2900 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2901 2902 bailout: 2903 /* 2904 * We sync in both directions because we had DMAs in the S/G list 2905 * in both directions. 2906 */ 2907 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2908 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2909 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2910 mpr_free_command(sc, cm); 2911 xpt_done(ccb); 2912 } 2913 2914 static void 2915 mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2916 { 2917 struct mpr_command *cm; 2918 uint8_t *request, *response; 2919 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2920 struct mpr_softc *sc; 2921 int error; 2922 2923 sc = sassc->sc; 2924 error = 0; 2925 2926 switch (ccb->ccb_h.flags & CAM_DATA_MASK) { 2927 case CAM_DATA_PADDR: 2928 case CAM_DATA_SG_PADDR: 2929 /* 2930 * XXX We don't yet support physical addresses here. 2931 */ 2932 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not " 2933 "supported\n", __func__); 2934 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2935 xpt_done(ccb); 2936 return; 2937 case CAM_DATA_SG: 2938 /* 2939 * The chip does not support more than one buffer for the 2940 * request or response. 2941 */ 2942 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2943 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2944 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or " 2945 "response buffer segments not supported for SMP\n", 2946 __func__); 2947 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2948 xpt_done(ccb); 2949 return; 2950 } 2951 2952 /* 2953 * The CAM_SCATTER_VALID flag was originally implemented 2954 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2955 * We have two. So, just take that flag to mean that we 2956 * might have S/G lists, and look at the S/G segment count 2957 * to figure out whether that is the case for each individual 2958 * buffer. 2959 */ 2960 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2961 bus_dma_segment_t *req_sg; 2962 2963 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2964 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2965 } else 2966 request = ccb->smpio.smp_request; 2967 2968 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2969 bus_dma_segment_t *rsp_sg; 2970 2971 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2972 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2973 } else 2974 response = ccb->smpio.smp_response; 2975 break; 2976 case CAM_DATA_VADDR: 2977 request = ccb->smpio.smp_request; 2978 response = ccb->smpio.smp_response; 2979 break; 2980 default: 2981 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2982 xpt_done(ccb); 2983 return; 2984 } 2985 2986 cm = mpr_alloc_command(sc); 2987 if (cm == NULL) { 2988 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n", 2989 __func__); 2990 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2991 xpt_done(ccb); 2992 return; 2993 } 2994 2995 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2996 bzero(req, sizeof(*req)); 2997 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 2998 2999 /* Allow the chip to use any route to this SAS address. */ 3000 req->PhysicalPort = 0xff; 3001 3002 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 3003 req->SGLFlags = 3004 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 3005 3006 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address " 3007 "%#jx\n", __func__, (uintmax_t)sasaddr); 3008 3009 mpr_init_sge(cm, req, &req->SGL); 3010 3011 /* 3012 * Set up a uio to pass into mpr_map_command(). This allows us to 3013 * do one map command, and one busdma call in there. 3014 */ 3015 cm->cm_uio.uio_iov = cm->cm_iovec; 3016 cm->cm_uio.uio_iovcnt = 2; 3017 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 3018 3019 /* 3020 * The read/write flag isn't used by busdma, but set it just in 3021 * case. This isn't exactly accurate, either, since we're going in 3022 * both directions. 3023 */ 3024 cm->cm_uio.uio_rw = UIO_WRITE; 3025 3026 cm->cm_iovec[0].iov_base = request; 3027 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 3028 cm->cm_iovec[1].iov_base = response; 3029 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 3030 3031 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 3032 cm->cm_iovec[1].iov_len; 3033 3034 /* 3035 * Trigger a warning message in mpr_data_cb() for the user if we 3036 * wind up exceeding two S/G segments. The chip expects one 3037 * segment for the request and another for the response. 3038 */ 3039 cm->cm_max_segs = 2; 3040 3041 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3042 cm->cm_complete = mprsas_smpio_complete; 3043 cm->cm_complete_data = ccb; 3044 3045 /* 3046 * Tell the mapping code that we're using a uio, and that this is 3047 * an SMP passthrough request. There is a little special-case 3048 * logic there (in mpr_data_cb()) to handle the bidirectional 3049 * transfer. 3050 */ 3051 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS | 3052 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT; 3053 3054 /* The chip data format is little endian. */ 3055 req->SASAddress.High = htole32(sasaddr >> 32); 3056 req->SASAddress.Low = htole32(sasaddr); 3057 3058 /* 3059 * XXX Note that we don't have a timeout/abort mechanism here. 3060 * From the manual, it looks like task management requests only 3061 * work for SCSI IO and SATA passthrough requests. We may need to 3062 * have a mechanism to retry requests in the event of a chip reset 3063 * at least. Hopefully the chip will insure that any errors short 3064 * of that are relayed back to the driver. 3065 */ 3066 error = mpr_map_command(sc, cm); 3067 if ((error != 0) && (error != EINPROGRESS)) { 3068 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from " 3069 "mpr_map_command()\n", __func__, error); 3070 goto bailout_error; 3071 } 3072 3073 return; 3074 3075 bailout_error: 3076 mpr_free_command(sc, cm); 3077 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3078 xpt_done(ccb); 3079 return; 3080 } 3081 3082 static void 3083 mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb) 3084 { 3085 struct mpr_softc *sc; 3086 struct mprsas_target *targ; 3087 uint64_t sasaddr = 0; 3088 3089 sc = sassc->sc; 3090 3091 /* 3092 * Make sure the target exists. 3093 */ 3094 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3095 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 3096 targ = &sassc->targets[ccb->ccb_h.target_id]; 3097 if (targ->handle == 0x0) { 3098 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n", 3099 __func__, ccb->ccb_h.target_id); 3100 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 3101 xpt_done(ccb); 3102 return; 3103 } 3104 3105 /* 3106 * If this device has an embedded SMP target, we'll talk to it 3107 * directly. 3108 * figure out what the expander's address is. 3109 */ 3110 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 3111 sasaddr = targ->sasaddr; 3112 3113 /* 3114 * If we don't have a SAS address for the expander yet, try 3115 * grabbing it from the page 0x83 information cached in the 3116 * transport layer for this target. LSI expanders report the 3117 * expander SAS address as the port-associated SAS address in 3118 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 3119 * 0x83. 3120 * 3121 * XXX KDM disable this for now, but leave it commented out so that 3122 * it is obvious that this is another possible way to get the SAS 3123 * address. 3124 * 3125 * The parent handle method below is a little more reliable, and 3126 * the other benefit is that it works for devices other than SES 3127 * devices. So you can send a SMP request to a da(4) device and it 3128 * will get routed to the expander that device is attached to. 3129 * (Assuming the da(4) device doesn't contain an SMP target...) 3130 */ 3131 #if 0 3132 if (sasaddr == 0) 3133 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 3134 #endif 3135 3136 /* 3137 * If we still don't have a SAS address for the expander, look for 3138 * the parent device of this device, which is probably the expander. 3139 */ 3140 if (sasaddr == 0) { 3141 #ifdef OLD_MPR_PROBE 3142 struct mprsas_target *parent_target; 3143 #endif 3144 3145 if (targ->parent_handle == 0x0) { 3146 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3147 "a valid parent handle!\n", __func__, targ->handle); 3148 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3149 goto bailout; 3150 } 3151 #ifdef OLD_MPR_PROBE 3152 parent_target = mprsas_find_target_by_handle(sassc, 0, 3153 targ->parent_handle); 3154 3155 if (parent_target == NULL) { 3156 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3157 "a valid parent target!\n", __func__, targ->handle); 3158 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3159 goto bailout; 3160 } 3161 3162 if ((parent_target->devinfo & 3163 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3164 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3165 "does not have an SMP target!\n", __func__, 3166 targ->handle, parent_target->handle); 3167 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3168 goto bailout; 3169 } 3170 3171 sasaddr = parent_target->sasaddr; 3172 #else /* OLD_MPR_PROBE */ 3173 if ((targ->parent_devinfo & 3174 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3175 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3176 "does not have an SMP target!\n", __func__, 3177 targ->handle, targ->parent_handle); 3178 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3179 goto bailout; 3180 } 3181 if (targ->parent_sasaddr == 0x0) { 3182 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle " 3183 "%d does not have a valid SAS address!\n", __func__, 3184 targ->handle, targ->parent_handle); 3185 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3186 goto bailout; 3187 } 3188 3189 sasaddr = targ->parent_sasaddr; 3190 #endif /* OLD_MPR_PROBE */ 3191 } 3192 3193 if (sasaddr == 0) { 3194 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for " 3195 "handle %d\n", __func__, targ->handle); 3196 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3197 goto bailout; 3198 } 3199 mprsas_send_smpcmd(sassc, ccb, sasaddr); 3200 3201 return; 3202 3203 bailout: 3204 xpt_done(ccb); 3205 3206 } 3207 3208 static void 3209 mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb) 3210 { 3211 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3212 struct mpr_softc *sc; 3213 struct mpr_command *tm; 3214 struct mprsas_target *targ; 3215 3216 MPR_FUNCTRACE(sassc->sc); 3217 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 3218 3219 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of " 3220 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id)); 3221 sc = sassc->sc; 3222 tm = mprsas_alloc_tm(sc); 3223 if (tm == NULL) { 3224 mpr_dprint(sc, MPR_ERROR, "command alloc failure in " 3225 "mprsas_action_resetdev\n"); 3226 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3227 xpt_done(ccb); 3228 return; 3229 } 3230 3231 targ = &sassc->targets[ccb->ccb_h.target_id]; 3232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3233 req->DevHandle = htole16(targ->handle); 3234 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3235 3236 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 3237 /* SAS Hard Link Reset / SATA Link Reset */ 3238 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3239 } else { 3240 /* PCIe Protocol Level Reset*/ 3241 req->MsgFlags = 3242 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 3243 } 3244 3245 tm->cm_data = NULL; 3246 tm->cm_complete = mprsas_resetdev_complete; 3247 tm->cm_complete_data = ccb; 3248 3249 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 3250 __func__, targ->tid); 3251 tm->cm_targ = targ; 3252 3253 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3254 mpr_map_command(sc, tm); 3255 } 3256 3257 static void 3258 mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm) 3259 { 3260 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3261 union ccb *ccb; 3262 3263 MPR_FUNCTRACE(sc); 3264 mtx_assert(&sc->mpr_mtx, MA_OWNED); 3265 3266 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3267 ccb = tm->cm_complete_data; 3268 3269 /* 3270 * Currently there should be no way we can hit this case. It only 3271 * happens when we have a failure to allocate chain frames, and 3272 * task management commands don't have S/G lists. 3273 */ 3274 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3275 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3276 3277 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3278 3279 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of " 3280 "handle %#04x! This should not happen!\n", __func__, 3281 tm->cm_flags, req->DevHandle); 3282 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3283 goto bailout; 3284 } 3285 3286 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", 3287 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3288 3289 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3290 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 3291 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3292 CAM_LUN_WILDCARD); 3293 } 3294 else 3295 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3296 3297 bailout: 3298 3299 mprsas_free_tm(sc, tm); 3300 xpt_done(ccb); 3301 } 3302 3303 static void 3304 mprsas_poll(struct cam_sim *sim) 3305 { 3306 struct mprsas_softc *sassc; 3307 3308 sassc = cam_sim_softc(sim); 3309 3310 if (sassc->sc->mpr_debug & MPR_TRACE) { 3311 /* frequent debug messages during a panic just slow 3312 * everything down too much. 3313 */ 3314 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n", 3315 __func__); 3316 sassc->sc->mpr_debug &= ~MPR_TRACE; 3317 } 3318 3319 mpr_intr_locked(sassc->sc); 3320 } 3321 3322 static void 3323 mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3324 void *arg) 3325 { 3326 struct mpr_softc *sc; 3327 3328 sc = (struct mpr_softc *)callback_arg; 3329 3330 mpr_lock(sc); 3331 switch (code) { 3332 case AC_ADVINFO_CHANGED: { 3333 struct mprsas_target *target; 3334 struct mprsas_softc *sassc; 3335 struct scsi_read_capacity_data_long rcap_buf; 3336 struct ccb_dev_advinfo cdai; 3337 struct mprsas_lun *lun; 3338 lun_id_t lunid; 3339 int found_lun; 3340 uintptr_t buftype; 3341 3342 buftype = (uintptr_t)arg; 3343 3344 found_lun = 0; 3345 sassc = sc->sassc; 3346 3347 /* 3348 * We're only interested in read capacity data changes. 3349 */ 3350 if (buftype != CDAI_TYPE_RCAPLONG) 3351 break; 3352 3353 /* 3354 * We should have a handle for this, but check to make sure. 3355 */ 3356 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3357 ("Target %d out of bounds in mprsas_async\n", 3358 xpt_path_target_id(path))); 3359 target = &sassc->targets[xpt_path_target_id(path)]; 3360 if (target->handle == 0) 3361 break; 3362 3363 lunid = xpt_path_lun_id(path); 3364 3365 SLIST_FOREACH(lun, &target->luns, lun_link) { 3366 if (lun->lun_id == lunid) { 3367 found_lun = 1; 3368 break; 3369 } 3370 } 3371 3372 if (found_lun == 0) { 3373 lun = malloc(sizeof(struct mprsas_lun), M_MPR, 3374 M_NOWAIT | M_ZERO); 3375 if (lun == NULL) { 3376 mpr_dprint(sc, MPR_ERROR, "Unable to alloc " 3377 "LUN for EEDP support.\n"); 3378 break; 3379 } 3380 lun->lun_id = lunid; 3381 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3382 } 3383 3384 bzero(&rcap_buf, sizeof(rcap_buf)); 3385 bzero(&cdai, sizeof(cdai)); 3386 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3387 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3388 cdai.ccb_h.flags = CAM_DIR_IN; 3389 cdai.buftype = CDAI_TYPE_RCAPLONG; 3390 cdai.flags = CDAI_FLAG_NONE; 3391 cdai.bufsiz = sizeof(rcap_buf); 3392 cdai.buf = (uint8_t *)&rcap_buf; 3393 xpt_action((union ccb *)&cdai); 3394 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3395 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE); 3396 3397 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3398 && (rcap_buf.prot & SRC16_PROT_EN)) { 3399 switch (rcap_buf.prot & SRC16_P_TYPE) { 3400 case SRC16_PTYPE_1: 3401 case SRC16_PTYPE_3: 3402 lun->eedp_formatted = TRUE; 3403 lun->eedp_block_size = 3404 scsi_4btoul(rcap_buf.length); 3405 break; 3406 case SRC16_PTYPE_2: 3407 default: 3408 lun->eedp_formatted = FALSE; 3409 lun->eedp_block_size = 0; 3410 break; 3411 } 3412 } else { 3413 lun->eedp_formatted = FALSE; 3414 lun->eedp_block_size = 0; 3415 } 3416 break; 3417 } 3418 default: 3419 break; 3420 } 3421 mpr_unlock(sc); 3422 } 3423 3424 /* 3425 * Freeze the devq and set the INRESET flag so that no I/O will be sent to 3426 * the target until the reset has completed. The CCB holds the path which 3427 * is used to release the devq. The devq is released and the CCB is freed 3428 * when the TM completes. 3429 * We only need to do this when we're entering reset, not at each time we 3430 * need to send an abort (which will happen if multiple commands timeout 3431 * while we're sending the abort). We do not release the queue for each 3432 * command we complete (just at the end when we free the tm), so freezing 3433 * it each time doesn't make sense. 3434 */ 3435 void 3436 mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm, 3437 struct mprsas_target *target, lun_id_t lun_id) 3438 { 3439 union ccb *ccb; 3440 path_id_t path_id; 3441 3442 ccb = xpt_alloc_ccb_nowait(); 3443 if (ccb) { 3444 path_id = cam_sim_path(sc->sassc->sim); 3445 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3446 target->tid, lun_id) != CAM_REQ_CMP) { 3447 xpt_free_ccb(ccb); 3448 } else { 3449 tm->cm_ccb = ccb; 3450 tm->cm_targ = target; 3451 if ((target->flags & MPRSAS_TARGET_INRESET) == 0) { 3452 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 3453 "%s: Freezing devq for target ID %d\n", 3454 __func__, target->tid); 3455 xpt_freeze_devq(ccb->ccb_h.path, 1); 3456 target->flags |= MPRSAS_TARGET_INRESET; 3457 } 3458 } 3459 } 3460 } 3461 3462 int 3463 mprsas_startup(struct mpr_softc *sc) 3464 { 3465 /* 3466 * Send the port enable message and set the wait_for_port_enable flag. 3467 * This flag helps to keep the simq frozen until all discovery events 3468 * are processed. 3469 */ 3470 sc->wait_for_port_enable = 1; 3471 mprsas_send_portenable(sc); 3472 return (0); 3473 } 3474 3475 static int 3476 mprsas_send_portenable(struct mpr_softc *sc) 3477 { 3478 MPI2_PORT_ENABLE_REQUEST *request; 3479 struct mpr_command *cm; 3480 3481 MPR_FUNCTRACE(sc); 3482 3483 if ((cm = mpr_alloc_command(sc)) == NULL) 3484 return (EBUSY); 3485 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3486 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3487 request->MsgFlags = 0; 3488 request->VP_ID = 0; 3489 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3490 cm->cm_complete = mprsas_portenable_complete; 3491 cm->cm_data = NULL; 3492 cm->cm_sge = NULL; 3493 3494 mpr_map_command(sc, cm); 3495 mpr_dprint(sc, MPR_XINFO, 3496 "mpr_send_portenable finished cm %p req %p complete %p\n", 3497 cm, cm->cm_req, cm->cm_complete); 3498 return (0); 3499 } 3500 3501 static void 3502 mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm) 3503 { 3504 MPI2_PORT_ENABLE_REPLY *reply; 3505 struct mprsas_softc *sassc; 3506 3507 MPR_FUNCTRACE(sc); 3508 sassc = sc->sassc; 3509 3510 /* 3511 * Currently there should be no way we can hit this case. It only 3512 * happens when we have a failure to allocate chain frames, and 3513 * port enable commands don't have S/G lists. 3514 */ 3515 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3516 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! " 3517 "This should not happen!\n", __func__, cm->cm_flags); 3518 } 3519 3520 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3521 if (reply == NULL) 3522 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n"); 3523 else if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 3524 MPI2_IOCSTATUS_SUCCESS) 3525 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n"); 3526 3527 mpr_free_command(sc, cm); 3528 /* 3529 * Done waiting for port enable to complete. Decrement the refcount. 3530 * If refcount is 0, discovery is complete and a rescan of the bus can 3531 * take place. 3532 */ 3533 sc->wait_for_port_enable = 0; 3534 sc->port_enable_complete = 1; 3535 wakeup(&sc->port_enable_complete); 3536 mprsas_startup_decrement(sassc); 3537 } 3538 3539 int 3540 mprsas_check_id(struct mprsas_softc *sassc, int id) 3541 { 3542 struct mpr_softc *sc = sassc->sc; 3543 char *ids; 3544 char *name; 3545 3546 ids = &sc->exclude_ids[0]; 3547 while((name = strsep(&ids, ",")) != NULL) { 3548 if (name[0] == '\0') 3549 continue; 3550 if (strtol(name, NULL, 0) == (long)id) 3551 return (1); 3552 } 3553 3554 return (0); 3555 } 3556 3557 void 3558 mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets) 3559 { 3560 struct mprsas_softc *sassc; 3561 struct mprsas_lun *lun, *lun_tmp; 3562 struct mprsas_target *targ; 3563 int i; 3564 3565 sassc = sc->sassc; 3566 /* 3567 * The number of targets is based on IOC Facts, so free all of 3568 * the allocated LUNs for each target and then the target buffer 3569 * itself. 3570 */ 3571 for (i=0; i< maxtargets; i++) { 3572 targ = &sassc->targets[i]; 3573 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3574 free(lun, M_MPR); 3575 } 3576 } 3577 free(sassc->targets, M_MPR); 3578 3579 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets, 3580 M_MPR, M_WAITOK|M_ZERO); 3581 } 3582