1 /*- 2 * Copyright (c) 2009 Yahoo! Inc. 3 * Copyright (c) 2011-2015 LSI Corp. 4 * Copyright (c) 2013-2016 Avago Technologies 5 * Copyright 2000-2020 Broadcom Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD 30 * 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 /* Communications core for Avago Technologies (LSI) MPT3 */ 37 38 /* TODO Move headers to mprvar */ 39 #include <sys/types.h> 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/kernel.h> 43 #include <sys/selinfo.h> 44 #include <sys/module.h> 45 #include <sys/bus.h> 46 #include <sys/conf.h> 47 #include <sys/bio.h> 48 #include <sys/malloc.h> 49 #include <sys/uio.h> 50 #include <sys/sysctl.h> 51 #include <sys/endian.h> 52 #include <sys/queue.h> 53 #include <sys/kthread.h> 54 #include <sys/taskqueue.h> 55 #include <sys/sbuf.h> 56 57 #include <machine/bus.h> 58 #include <machine/resource.h> 59 #include <sys/rman.h> 60 61 #include <machine/stdarg.h> 62 63 #include <cam/cam.h> 64 #include <cam/cam_ccb.h> 65 #include <cam/cam_debug.h> 66 #include <cam/cam_sim.h> 67 #include <cam/cam_xpt_sim.h> 68 #include <cam/cam_xpt_periph.h> 69 #include <cam/cam_periph.h> 70 #include <cam/scsi/scsi_all.h> 71 #include <cam/scsi/scsi_message.h> 72 #include <cam/scsi/smp_all.h> 73 74 #include <dev/nvme/nvme.h> 75 76 #include <dev/mpr/mpi/mpi2_type.h> 77 #include <dev/mpr/mpi/mpi2.h> 78 #include <dev/mpr/mpi/mpi2_ioc.h> 79 #include <dev/mpr/mpi/mpi2_sas.h> 80 #include <dev/mpr/mpi/mpi2_pci.h> 81 #include <dev/mpr/mpi/mpi2_cnfg.h> 82 #include <dev/mpr/mpi/mpi2_init.h> 83 #include <dev/mpr/mpi/mpi2_tool.h> 84 #include <dev/mpr/mpr_ioctl.h> 85 #include <dev/mpr/mprvar.h> 86 #include <dev/mpr/mpr_table.h> 87 #include <dev/mpr/mpr_sas.h> 88 89 #define MPRSAS_DISCOVERY_TIMEOUT 20 90 #define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 91 92 /* 93 * static array to check SCSI OpCode for EEDP protection bits 94 */ 95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 98 static uint8_t op_code_prot[256] = { 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 115 }; 116 117 MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory"); 118 119 static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *); 120 static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *); 121 static void mprsas_action(struct cam_sim *sim, union ccb *ccb); 122 static void mprsas_poll(struct cam_sim *sim); 123 static void mprsas_scsiio_timeout(void *data); 124 static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm); 125 static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *); 126 static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *); 127 static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *); 128 static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *); 129 static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 130 struct mpr_command *cm); 131 static void mprsas_async(void *callback_arg, uint32_t code, 132 struct cam_path *path, void *arg); 133 static int mprsas_send_portenable(struct mpr_softc *sc); 134 static void mprsas_portenable_complete(struct mpr_softc *sc, 135 struct mpr_command *cm); 136 137 static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm); 138 static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, 139 uint64_t sasaddr); 140 static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb); 141 142 struct mprsas_target * 143 mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start, 144 uint16_t handle) 145 { 146 struct mprsas_target *target; 147 int i; 148 149 for (i = start; i < sassc->maxtargets; i++) { 150 target = &sassc->targets[i]; 151 if (target->handle == handle) 152 return (target); 153 } 154 155 return (NULL); 156 } 157 158 /* we need to freeze the simq during attach and diag reset, to avoid failing 159 * commands before device handles have been found by discovery. Since 160 * discovery involves reading config pages and possibly sending commands, 161 * discovery actions may continue even after we receive the end of discovery 162 * event, so refcount discovery actions instead of assuming we can unfreeze 163 * the simq when we get the event. 164 */ 165 void 166 mprsas_startup_increment(struct mprsas_softc *sassc) 167 { 168 MPR_FUNCTRACE(sassc->sc); 169 170 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 171 if (sassc->startup_refcount++ == 0) { 172 /* just starting, freeze the simq */ 173 mpr_dprint(sassc->sc, MPR_INIT, 174 "%s freezing simq\n", __func__); 175 xpt_hold_boot(); 176 xpt_freeze_simq(sassc->sim, 1); 177 } 178 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 179 sassc->startup_refcount); 180 } 181 } 182 183 void 184 mprsas_release_simq_reinit(struct mprsas_softc *sassc) 185 { 186 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 187 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 188 xpt_release_simq(sassc->sim, 1); 189 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n"); 190 } 191 } 192 193 void 194 mprsas_startup_decrement(struct mprsas_softc *sassc) 195 { 196 MPR_FUNCTRACE(sassc->sc); 197 198 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 199 if (--sassc->startup_refcount == 0) { 200 /* finished all discovery-related actions, release 201 * the simq and rescan for the latest topology. 202 */ 203 mpr_dprint(sassc->sc, MPR_INIT, 204 "%s releasing simq\n", __func__); 205 sassc->flags &= ~MPRSAS_IN_STARTUP; 206 xpt_release_simq(sassc->sim, 1); 207 xpt_release_boot(); 208 } 209 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 210 sassc->startup_refcount); 211 } 212 } 213 214 /* 215 * The firmware requires us to stop sending commands when we're doing task 216 * management. 217 * use. 218 * XXX The logic for serializing the device has been made lazy and moved to 219 * mprsas_prepare_for_tm(). 220 */ 221 struct mpr_command * 222 mprsas_alloc_tm(struct mpr_softc *sc) 223 { 224 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 225 struct mpr_command *tm; 226 227 MPR_FUNCTRACE(sc); 228 tm = mpr_alloc_high_priority_command(sc); 229 if (tm == NULL) 230 return (NULL); 231 232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 233 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 234 return tm; 235 } 236 237 void 238 mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm) 239 { 240 int target_id = 0xFFFFFFFF; 241 242 MPR_FUNCTRACE(sc); 243 if (tm == NULL) 244 return; 245 246 /* 247 * For TM's the devq is frozen for the device. Unfreeze it here and 248 * free the resources used for freezing the devq. Must clear the 249 * INRESET flag as well or scsi I/O will not work. 250 */ 251 if (tm->cm_targ != NULL) { 252 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET; 253 target_id = tm->cm_targ->tid; 254 } 255 if (tm->cm_ccb) { 256 mpr_dprint(sc, MPR_INFO, "Unfreezing devq for target ID %d\n", 257 target_id); 258 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 259 xpt_free_path(tm->cm_ccb->ccb_h.path); 260 xpt_free_ccb(tm->cm_ccb); 261 } 262 263 mpr_free_high_priority_command(sc, tm); 264 } 265 266 void 267 mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ) 268 { 269 struct mprsas_softc *sassc = sc->sassc; 270 path_id_t pathid; 271 target_id_t targetid; 272 union ccb *ccb; 273 274 MPR_FUNCTRACE(sc); 275 pathid = cam_sim_path(sassc->sim); 276 if (targ == NULL) 277 targetid = CAM_TARGET_WILDCARD; 278 else 279 targetid = targ - sassc->targets; 280 281 /* 282 * Allocate a CCB and schedule a rescan. 283 */ 284 ccb = xpt_alloc_ccb_nowait(); 285 if (ccb == NULL) { 286 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n"); 287 return; 288 } 289 290 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid, 291 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 292 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n"); 293 xpt_free_ccb(ccb); 294 return; 295 } 296 297 if (targetid == CAM_TARGET_WILDCARD) 298 ccb->ccb_h.func_code = XPT_SCAN_BUS; 299 else 300 ccb->ccb_h.func_code = XPT_SCAN_TGT; 301 302 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid); 303 xpt_rescan(ccb); 304 } 305 306 static void 307 mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...) 308 { 309 struct sbuf sb; 310 va_list ap; 311 char str[224]; 312 char path_str[64]; 313 314 if (cm == NULL) 315 return; 316 317 /* No need to be in here if debugging isn't enabled */ 318 if ((cm->cm_sc->mpr_debug & level) == 0) 319 return; 320 321 sbuf_new(&sb, str, sizeof(str), 0); 322 323 va_start(ap, fmt); 324 325 if (cm->cm_ccb != NULL) { 326 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 327 sizeof(path_str)); 328 sbuf_cat(&sb, path_str); 329 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 330 scsi_command_string(&cm->cm_ccb->csio, &sb); 331 sbuf_printf(&sb, "length %d ", 332 cm->cm_ccb->csio.dxfer_len); 333 } 334 } else { 335 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 336 cam_sim_name(cm->cm_sc->sassc->sim), 337 cam_sim_unit(cm->cm_sc->sassc->sim), 338 cam_sim_bus(cm->cm_sc->sassc->sim), 339 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 340 cm->cm_lun); 341 } 342 343 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 344 sbuf_vprintf(&sb, fmt, ap); 345 sbuf_finish(&sb); 346 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 347 348 va_end(ap); 349 } 350 351 static void 352 mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm) 353 { 354 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 355 struct mprsas_target *targ; 356 uint16_t handle; 357 358 MPR_FUNCTRACE(sc); 359 360 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 361 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 362 targ = tm->cm_targ; 363 364 if (reply == NULL) { 365 /* XXX retry the remove after the diag reset completes? */ 366 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 367 "0x%04x\n", __func__, handle); 368 mprsas_free_tm(sc, tm); 369 return; 370 } 371 372 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 373 MPI2_IOCSTATUS_SUCCESS) { 374 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 375 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 376 } 377 378 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 379 le32toh(reply->TerminationCount)); 380 mpr_free_reply(sc, tm->cm_reply_data); 381 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 382 383 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n", 384 targ->tid, handle); 385 386 /* 387 * Don't clear target if remove fails because things will get confusing. 388 * Leave the devname and sasaddr intact so that we know to avoid reusing 389 * this target id if possible, and so we can assign the same target id 390 * to this device if it comes back in the future. 391 */ 392 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 393 MPI2_IOCSTATUS_SUCCESS) { 394 targ = tm->cm_targ; 395 targ->handle = 0x0; 396 targ->encl_handle = 0x0; 397 targ->encl_level_valid = 0x0; 398 targ->encl_level = 0x0; 399 targ->connector_name[0] = ' '; 400 targ->connector_name[1] = ' '; 401 targ->connector_name[2] = ' '; 402 targ->connector_name[3] = ' '; 403 targ->encl_slot = 0x0; 404 targ->exp_dev_handle = 0x0; 405 targ->phy_num = 0x0; 406 targ->linkrate = 0x0; 407 targ->devinfo = 0x0; 408 targ->flags = 0x0; 409 targ->scsi_req_desc_type = 0; 410 } 411 412 mprsas_free_tm(sc, tm); 413 } 414 415 /* 416 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 417 * Otherwise Volume Delete is same as Bare Drive Removal. 418 */ 419 void 420 mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle) 421 { 422 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 423 struct mpr_softc *sc; 424 struct mpr_command *cm; 425 struct mprsas_target *targ = NULL; 426 427 MPR_FUNCTRACE(sassc->sc); 428 sc = sassc->sc; 429 430 targ = mprsas_find_target_by_handle(sassc, 0, handle); 431 if (targ == NULL) { 432 /* FIXME: what is the action? */ 433 /* We don't know about this device? */ 434 mpr_dprint(sc, MPR_ERROR, 435 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 436 return; 437 } 438 439 targ->flags |= MPRSAS_TARGET_INREMOVAL; 440 441 cm = mprsas_alloc_tm(sc); 442 if (cm == NULL) { 443 mpr_dprint(sc, MPR_ERROR, 444 "%s: command alloc failure\n", __func__); 445 return; 446 } 447 448 mprsas_rescan_target(sc, targ); 449 450 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 451 req->DevHandle = targ->handle; 452 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 453 454 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 455 /* SAS Hard Link Reset / SATA Link Reset */ 456 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 457 } else { 458 /* PCIe Protocol Level Reset*/ 459 req->MsgFlags = 460 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 461 } 462 463 cm->cm_targ = targ; 464 cm->cm_data = NULL; 465 cm->cm_complete = mprsas_remove_volume; 466 cm->cm_complete_data = (void *)(uintptr_t)handle; 467 468 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 469 __func__, targ->tid); 470 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 471 472 mpr_map_command(sc, cm); 473 } 474 475 /* 476 * The firmware performs debounce on the link to avoid transient link errors 477 * and false removals. When it does decide that link has been lost and a 478 * device needs to go away, it expects that the host will perform a target reset 479 * and then an op remove. The reset has the side-effect of aborting any 480 * outstanding requests for the device, which is required for the op-remove to 481 * succeed. It's not clear if the host should check for the device coming back 482 * alive after the reset. 483 */ 484 void 485 mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle) 486 { 487 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 488 struct mpr_softc *sc; 489 struct mpr_command *tm; 490 struct mprsas_target *targ = NULL; 491 492 MPR_FUNCTRACE(sassc->sc); 493 494 sc = sassc->sc; 495 496 targ = mprsas_find_target_by_handle(sassc, 0, handle); 497 if (targ == NULL) { 498 /* FIXME: what is the action? */ 499 /* We don't know about this device? */ 500 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n", 501 __func__, handle); 502 return; 503 } 504 505 targ->flags |= MPRSAS_TARGET_INREMOVAL; 506 507 tm = mprsas_alloc_tm(sc); 508 if (tm == NULL) { 509 mpr_dprint(sc, MPR_ERROR, "%s: command alloc failure\n", 510 __func__); 511 return; 512 } 513 514 mprsas_rescan_target(sc, targ); 515 516 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 517 req->DevHandle = htole16(targ->handle); 518 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 519 520 /* SAS Hard Link Reset / SATA Link Reset */ 521 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 522 523 tm->cm_targ = targ; 524 tm->cm_data = NULL; 525 tm->cm_complete = mprsas_remove_device; 526 tm->cm_complete_data = (void *)(uintptr_t)handle; 527 528 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 529 __func__, targ->tid); 530 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 531 532 mpr_map_command(sc, tm); 533 } 534 535 static void 536 mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm) 537 { 538 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 539 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 540 struct mprsas_target *targ; 541 uint16_t handle; 542 543 MPR_FUNCTRACE(sc); 544 545 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 546 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 547 targ = tm->cm_targ; 548 549 /* 550 * Currently there should be no way we can hit this case. It only 551 * happens when we have a failure to allocate chain frames, and 552 * task management commands don't have S/G lists. 553 */ 554 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 555 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of " 556 "handle %#04x! This should not happen!\n", __func__, 557 tm->cm_flags, handle); 558 } 559 560 if (reply == NULL) { 561 /* XXX retry the remove after the diag reset completes? */ 562 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 563 "0x%04x\n", __func__, handle); 564 mprsas_free_tm(sc, tm); 565 return; 566 } 567 568 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 569 MPI2_IOCSTATUS_SUCCESS) { 570 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 571 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 572 } 573 574 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 575 le32toh(reply->TerminationCount)); 576 mpr_free_reply(sc, tm->cm_reply_data); 577 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 578 579 /* Reuse the existing command */ 580 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 581 memset(req, 0, sizeof(*req)); 582 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 583 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 584 req->DevHandle = htole16(handle); 585 tm->cm_data = NULL; 586 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 587 tm->cm_complete = mprsas_remove_complete; 588 tm->cm_complete_data = (void *)(uintptr_t)handle; 589 590 /* 591 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 592 * They should be aborted or time out and we'll kick thus off there 593 * if so. 594 */ 595 if (TAILQ_FIRST(&targ->commands) == NULL) { 596 mpr_dprint(sc, MPR_INFO, "No pending commands: starting remove_device\n"); 597 mpr_map_command(sc, tm); 598 targ->pending_remove_tm = NULL; 599 } else { 600 targ->pending_remove_tm = tm; 601 } 602 603 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n", 604 targ->tid, handle); 605 if (targ->encl_level_valid) { 606 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, " 607 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 608 targ->connector_name); 609 } 610 } 611 612 static void 613 mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm) 614 { 615 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 616 uint16_t handle; 617 struct mprsas_target *targ; 618 struct mprsas_lun *lun; 619 620 MPR_FUNCTRACE(sc); 621 622 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 623 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 624 625 targ = tm->cm_targ; 626 627 /* 628 * At this point, we should have no pending commands for the target. 629 * The remove target has just completed. 630 */ 631 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 632 ("%s: no commands should be pending\n", __func__)); 633 634 /* 635 * Currently there should be no way we can hit this case. It only 636 * happens when we have a failure to allocate chain frames, and 637 * task management commands don't have S/G lists. 638 */ 639 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 640 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of " 641 "handle %#04x! This should not happen!\n", __func__, 642 tm->cm_flags, handle); 643 mprsas_free_tm(sc, tm); 644 return; 645 } 646 647 if (reply == NULL) { 648 /* most likely a chip reset */ 649 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device " 650 "0x%04x\n", __func__, handle); 651 mprsas_free_tm(sc, tm); 652 return; 653 } 654 655 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n", 656 __func__, handle, le16toh(reply->IOCStatus)); 657 658 /* 659 * Don't clear target if remove fails because things will get confusing. 660 * Leave the devname and sasaddr intact so that we know to avoid reusing 661 * this target id if possible, and so we can assign the same target id 662 * to this device if it comes back in the future. 663 */ 664 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 665 MPI2_IOCSTATUS_SUCCESS) { 666 targ->handle = 0x0; 667 targ->encl_handle = 0x0; 668 targ->encl_level_valid = 0x0; 669 targ->encl_level = 0x0; 670 targ->connector_name[0] = ' '; 671 targ->connector_name[1] = ' '; 672 targ->connector_name[2] = ' '; 673 targ->connector_name[3] = ' '; 674 targ->encl_slot = 0x0; 675 targ->exp_dev_handle = 0x0; 676 targ->phy_num = 0x0; 677 targ->linkrate = 0x0; 678 targ->devinfo = 0x0; 679 targ->flags = 0x0; 680 targ->scsi_req_desc_type = 0; 681 682 while (!SLIST_EMPTY(&targ->luns)) { 683 lun = SLIST_FIRST(&targ->luns); 684 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 685 free(lun, M_MPR); 686 } 687 } 688 689 mprsas_free_tm(sc, tm); 690 } 691 692 static int 693 mprsas_register_events(struct mpr_softc *sc) 694 { 695 uint8_t events[16]; 696 697 bzero(events, 16); 698 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 699 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 700 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 701 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 702 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 703 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 704 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 705 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 706 setbit(events, MPI2_EVENT_IR_VOLUME); 707 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 708 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 709 setbit(events, MPI2_EVENT_TEMP_THRESHOLD); 710 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR); 711 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) { 712 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION); 713 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 714 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE); 715 setbit(events, MPI2_EVENT_PCIE_ENUMERATION); 716 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST); 717 } 718 } 719 720 mpr_register_events(sc, events, mprsas_evt_handler, NULL, 721 &sc->sassc->mprsas_eh); 722 723 return (0); 724 } 725 726 int 727 mpr_attach_sas(struct mpr_softc *sc) 728 { 729 struct mprsas_softc *sassc; 730 cam_status status; 731 int unit, error = 0, reqs; 732 733 MPR_FUNCTRACE(sc); 734 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__); 735 736 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO); 737 738 /* 739 * XXX MaxTargets could change during a reinit. Since we don't 740 * resize the targets[] array during such an event, cache the value 741 * of MaxTargets here so that we don't get into trouble later. This 742 * should move into the reinit logic. 743 */ 744 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 745 sassc->targets = malloc(sizeof(struct mprsas_target) * 746 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO); 747 sc->sassc = sassc; 748 sassc->sc = sc; 749 750 reqs = sc->num_reqs - sc->num_prireqs - 1; 751 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 752 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n"); 753 error = ENOMEM; 754 goto out; 755 } 756 757 unit = device_get_unit(sc->mpr_dev); 758 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc, 759 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq); 760 if (sassc->sim == NULL) { 761 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n"); 762 error = EINVAL; 763 goto out; 764 } 765 766 TAILQ_INIT(&sassc->ev_queue); 767 768 /* Initialize taskqueue for Event Handling */ 769 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc); 770 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO, 771 taskqueue_thread_enqueue, &sassc->ev_tq); 772 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 773 device_get_nameunit(sc->mpr_dev)); 774 775 mpr_lock(sc); 776 777 /* 778 * XXX There should be a bus for every port on the adapter, but since 779 * we're just going to fake the topology for now, we'll pretend that 780 * everything is just a target on a single bus. 781 */ 782 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) { 783 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 784 "Error %d registering SCSI bus\n", error); 785 mpr_unlock(sc); 786 goto out; 787 } 788 789 /* 790 * Assume that discovery events will start right away. 791 * 792 * Hold off boot until discovery is complete. 793 */ 794 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY; 795 sc->sassc->startup_refcount = 0; 796 mprsas_startup_increment(sassc); 797 798 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/); 799 800 /* 801 * Register for async events so we can determine the EEDP 802 * capabilities of devices. 803 */ 804 status = xpt_create_path(&sassc->path, /*periph*/NULL, 805 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 806 CAM_LUN_WILDCARD); 807 if (status != CAM_REQ_CMP) { 808 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 809 "Error %#x creating sim path\n", status); 810 sassc->path = NULL; 811 } else { 812 int event; 813 814 event = AC_ADVINFO_CHANGED | AC_FOUND_DEVICE; 815 status = xpt_register_async(event, mprsas_async, sc, 816 sassc->path); 817 818 if (status != CAM_REQ_CMP) { 819 mpr_dprint(sc, MPR_ERROR, 820 "Error %#x registering async handler for " 821 "AC_ADVINFO_CHANGED events\n", status); 822 xpt_free_path(sassc->path); 823 sassc->path = NULL; 824 } 825 } 826 if (status != CAM_REQ_CMP) { 827 /* 828 * EEDP use is the exception, not the rule. 829 * Warn the user, but do not fail to attach. 830 */ 831 mpr_printf(sc, "EEDP capabilities disabled.\n"); 832 } 833 834 mpr_unlock(sc); 835 836 mprsas_register_events(sc); 837 out: 838 if (error) 839 mpr_detach_sas(sc); 840 841 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error); 842 return (error); 843 } 844 845 int 846 mpr_detach_sas(struct mpr_softc *sc) 847 { 848 struct mprsas_softc *sassc; 849 struct mprsas_lun *lun, *lun_tmp; 850 struct mprsas_target *targ; 851 int i; 852 853 MPR_FUNCTRACE(sc); 854 855 if (sc->sassc == NULL) 856 return (0); 857 858 sassc = sc->sassc; 859 mpr_deregister_events(sc, sassc->mprsas_eh); 860 861 /* 862 * Drain and free the event handling taskqueue with the lock 863 * unheld so that any parallel processing tasks drain properly 864 * without deadlocking. 865 */ 866 if (sassc->ev_tq != NULL) 867 taskqueue_free(sassc->ev_tq); 868 869 /* Make sure CAM doesn't wedge if we had to bail out early. */ 870 mpr_lock(sc); 871 872 while (sassc->startup_refcount != 0) 873 mprsas_startup_decrement(sassc); 874 875 /* Deregister our async handler */ 876 if (sassc->path != NULL) { 877 xpt_register_async(0, mprsas_async, sc, sassc->path); 878 xpt_free_path(sassc->path); 879 sassc->path = NULL; 880 } 881 882 if (sassc->flags & MPRSAS_IN_STARTUP) 883 xpt_release_simq(sassc->sim, 1); 884 885 if (sassc->sim != NULL) { 886 xpt_bus_deregister(cam_sim_path(sassc->sim)); 887 cam_sim_free(sassc->sim, FALSE); 888 } 889 890 mpr_unlock(sc); 891 892 if (sassc->devq != NULL) 893 cam_simq_free(sassc->devq); 894 895 for (i = 0; i < sassc->maxtargets; i++) { 896 targ = &sassc->targets[i]; 897 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 898 free(lun, M_MPR); 899 } 900 } 901 free(sassc->targets, M_MPR); 902 free(sassc, M_MPR); 903 sc->sassc = NULL; 904 905 return (0); 906 } 907 908 void 909 mprsas_discovery_end(struct mprsas_softc *sassc) 910 { 911 struct mpr_softc *sc = sassc->sc; 912 913 MPR_FUNCTRACE(sc); 914 915 if (sassc->flags & MPRSAS_DISCOVERY_TIMEOUT_PENDING) 916 callout_stop(&sassc->discovery_callout); 917 918 /* 919 * After discovery has completed, check the mapping table for any 920 * missing devices and update their missing counts. Only do this once 921 * whenever the driver is initialized so that missing counts aren't 922 * updated unnecessarily. Note that just because discovery has 923 * completed doesn't mean that events have been processed yet. The 924 * check_devices function is a callout timer that checks if ALL devices 925 * are missing. If so, it will wait a little longer for events to 926 * complete and keep resetting itself until some device in the mapping 927 * table is not missing, meaning that event processing has started. 928 */ 929 if (sc->track_mapping_events) { 930 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has " 931 "completed. Check for missing devices in the mapping " 932 "table.\n"); 933 callout_reset(&sc->device_check_callout, 934 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices, 935 sc); 936 } 937 } 938 939 static void 940 mprsas_action(struct cam_sim *sim, union ccb *ccb) 941 { 942 struct mprsas_softc *sassc; 943 944 sassc = cam_sim_softc(sim); 945 946 MPR_FUNCTRACE(sassc->sc); 947 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n", 948 ccb->ccb_h.func_code); 949 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 950 951 switch (ccb->ccb_h.func_code) { 952 case XPT_PATH_INQ: 953 { 954 struct ccb_pathinq *cpi = &ccb->cpi; 955 struct mpr_softc *sc = sassc->sc; 956 957 cpi->version_num = 1; 958 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 959 cpi->target_sprt = 0; 960 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 961 cpi->hba_eng_cnt = 0; 962 cpi->max_target = sassc->maxtargets - 1; 963 cpi->max_lun = 255; 964 965 /* 966 * initiator_id is set here to an ID outside the set of valid 967 * target IDs (including volumes). 968 */ 969 cpi->initiator_id = sassc->maxtargets; 970 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 971 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 972 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 973 cpi->unit_number = cam_sim_unit(sim); 974 cpi->bus_id = cam_sim_bus(sim); 975 /* 976 * XXXSLM-I think this needs to change based on config page or 977 * something instead of hardcoded to 150000. 978 */ 979 cpi->base_transfer_speed = 150000; 980 cpi->transport = XPORT_SAS; 981 cpi->transport_version = 0; 982 cpi->protocol = PROTO_SCSI; 983 cpi->protocol_version = SCSI_REV_SPC; 984 cpi->maxio = sc->maxio; 985 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 986 break; 987 } 988 case XPT_GET_TRAN_SETTINGS: 989 { 990 struct ccb_trans_settings *cts; 991 struct ccb_trans_settings_sas *sas; 992 struct ccb_trans_settings_scsi *scsi; 993 struct mprsas_target *targ; 994 995 cts = &ccb->cts; 996 sas = &cts->xport_specific.sas; 997 scsi = &cts->proto_specific.scsi; 998 999 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 1000 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n", 1001 cts->ccb_h.target_id)); 1002 targ = &sassc->targets[cts->ccb_h.target_id]; 1003 if (targ->handle == 0x0) { 1004 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1005 break; 1006 } 1007 1008 cts->protocol_version = SCSI_REV_SPC2; 1009 cts->transport = XPORT_SAS; 1010 cts->transport_version = 0; 1011 1012 sas->valid = CTS_SAS_VALID_SPEED; 1013 switch (targ->linkrate) { 1014 case 0x08: 1015 sas->bitrate = 150000; 1016 break; 1017 case 0x09: 1018 sas->bitrate = 300000; 1019 break; 1020 case 0x0a: 1021 sas->bitrate = 600000; 1022 break; 1023 case 0x0b: 1024 sas->bitrate = 1200000; 1025 break; 1026 default: 1027 sas->valid = 0; 1028 } 1029 1030 cts->protocol = PROTO_SCSI; 1031 scsi->valid = CTS_SCSI_VALID_TQ; 1032 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1033 1034 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1035 break; 1036 } 1037 case XPT_CALC_GEOMETRY: 1038 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1039 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1040 break; 1041 case XPT_RESET_DEV: 1042 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action " 1043 "XPT_RESET_DEV\n"); 1044 mprsas_action_resetdev(sassc, ccb); 1045 return; 1046 case XPT_RESET_BUS: 1047 case XPT_ABORT: 1048 case XPT_TERM_IO: 1049 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success " 1050 "for abort or reset\n"); 1051 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1052 break; 1053 case XPT_SCSI_IO: 1054 mprsas_action_scsiio(sassc, ccb); 1055 return; 1056 case XPT_SMP_IO: 1057 mprsas_action_smpio(sassc, ccb); 1058 return; 1059 default: 1060 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1061 break; 1062 } 1063 xpt_done(ccb); 1064 1065 } 1066 1067 static void 1068 mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code, 1069 target_id_t target_id, lun_id_t lun_id) 1070 { 1071 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1072 struct cam_path *path; 1073 1074 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__, 1075 ac_code, target_id, (uintmax_t)lun_id); 1076 1077 if (xpt_create_path(&path, NULL, 1078 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1079 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset " 1080 "notification\n"); 1081 return; 1082 } 1083 1084 xpt_async(ac_code, path, NULL); 1085 xpt_free_path(path); 1086 } 1087 1088 static void 1089 mprsas_complete_all_commands(struct mpr_softc *sc) 1090 { 1091 struct mpr_command *cm; 1092 int i; 1093 int completed; 1094 1095 MPR_FUNCTRACE(sc); 1096 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1097 1098 /* complete all commands with a NULL reply */ 1099 for (i = 1; i < sc->num_reqs; i++) { 1100 cm = &sc->commands[i]; 1101 if (cm->cm_state == MPR_CM_STATE_FREE) 1102 continue; 1103 1104 cm->cm_state = MPR_CM_STATE_BUSY; 1105 cm->cm_reply = NULL; 1106 completed = 0; 1107 1108 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) { 1109 MPASS(cm->cm_data); 1110 free(cm->cm_data, M_MPR); 1111 cm->cm_data = NULL; 1112 } 1113 1114 if (cm->cm_flags & MPR_CM_FLAGS_POLLED) 1115 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE; 1116 1117 if (cm->cm_complete != NULL) { 1118 mprsas_log_command(cm, MPR_RECOVERY, 1119 "completing cm %p state %x ccb %p for diag reset\n", 1120 cm, cm->cm_state, cm->cm_ccb); 1121 cm->cm_complete(sc, cm); 1122 completed = 1; 1123 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) { 1124 mprsas_log_command(cm, MPR_RECOVERY, 1125 "waking up cm %p state %x ccb %p for diag reset\n", 1126 cm, cm->cm_state, cm->cm_ccb); 1127 wakeup(cm); 1128 completed = 1; 1129 } 1130 1131 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) { 1132 /* this should never happen, but if it does, log */ 1133 mprsas_log_command(cm, MPR_RECOVERY, 1134 "cm %p state %x flags 0x%x ccb %p during diag " 1135 "reset\n", cm, cm->cm_state, cm->cm_flags, 1136 cm->cm_ccb); 1137 } 1138 } 1139 1140 sc->io_cmds_active = 0; 1141 } 1142 1143 void 1144 mprsas_handle_reinit(struct mpr_softc *sc) 1145 { 1146 int i; 1147 1148 /* Go back into startup mode and freeze the simq, so that CAM 1149 * doesn't send any commands until after we've rediscovered all 1150 * targets and found the proper device handles for them. 1151 * 1152 * After the reset, portenable will trigger discovery, and after all 1153 * discovery-related activities have finished, the simq will be 1154 * released. 1155 */ 1156 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__); 1157 sc->sassc->flags |= MPRSAS_IN_STARTUP; 1158 sc->sassc->flags |= MPRSAS_IN_DISCOVERY; 1159 mprsas_startup_increment(sc->sassc); 1160 1161 /* notify CAM of a bus reset */ 1162 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1163 CAM_LUN_WILDCARD); 1164 1165 /* complete and cleanup after all outstanding commands */ 1166 mprsas_complete_all_commands(sc); 1167 1168 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n", 1169 __func__, sc->sassc->startup_refcount); 1170 1171 /* zero all the target handles, since they may change after the 1172 * reset, and we have to rediscover all the targets and use the new 1173 * handles. 1174 */ 1175 for (i = 0; i < sc->sassc->maxtargets; i++) { 1176 if (sc->sassc->targets[i].outstanding != 0) 1177 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n", 1178 i, sc->sassc->targets[i].outstanding); 1179 sc->sassc->targets[i].handle = 0x0; 1180 sc->sassc->targets[i].exp_dev_handle = 0x0; 1181 sc->sassc->targets[i].outstanding = 0; 1182 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET; 1183 } 1184 } 1185 static void 1186 mprsas_tm_timeout(void *data) 1187 { 1188 struct mpr_command *tm = data; 1189 struct mpr_softc *sc = tm->cm_sc; 1190 1191 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1192 1193 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed " 1194 "out\n", tm); 1195 1196 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE, 1197 ("command not inqueue\n")); 1198 1199 tm->cm_state = MPR_CM_STATE_BUSY; 1200 mpr_reinit(sc); 1201 } 1202 1203 static void 1204 mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1205 { 1206 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1207 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1208 unsigned int cm_count = 0; 1209 struct mpr_command *cm; 1210 struct mprsas_target *targ; 1211 1212 callout_stop(&tm->cm_callout); 1213 1214 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1215 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1216 targ = tm->cm_targ; 1217 1218 /* 1219 * Currently there should be no way we can hit this case. It only 1220 * happens when we have a failure to allocate chain frames, and 1221 * task management commands don't have S/G lists. 1222 */ 1223 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1224 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1225 "%s: cm_flags = %#x for LUN reset! " 1226 "This should not happen!\n", __func__, tm->cm_flags); 1227 mprsas_free_tm(sc, tm); 1228 return; 1229 } 1230 1231 if (reply == NULL) { 1232 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n", 1233 tm); 1234 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1235 /* this completion was due to a reset, just cleanup */ 1236 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1237 "reset, ignoring NULL LUN reset reply\n"); 1238 targ->tm = NULL; 1239 mprsas_free_tm(sc, tm); 1240 } 1241 else { 1242 /* we should have gotten a reply. */ 1243 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1244 "LUN reset attempt, resetting controller\n"); 1245 mpr_reinit(sc); 1246 } 1247 return; 1248 } 1249 1250 mpr_dprint(sc, MPR_RECOVERY, 1251 "logical unit reset status 0x%x code 0x%x count %u\n", 1252 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1253 le32toh(reply->TerminationCount)); 1254 1255 /* 1256 * See if there are any outstanding commands for this LUN. 1257 * This could be made more efficient by using a per-LU data 1258 * structure of some sort. 1259 */ 1260 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1261 if (cm->cm_lun == tm->cm_lun) 1262 cm_count++; 1263 } 1264 1265 if (cm_count == 0) { 1266 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1267 "Finished recovery after LUN reset for target %u\n", 1268 targ->tid); 1269 1270 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid, 1271 tm->cm_lun); 1272 1273 /* 1274 * We've finished recovery for this logical unit. check and 1275 * see if some other logical unit has a timedout command 1276 * that needs to be processed. 1277 */ 1278 cm = TAILQ_FIRST(&targ->timedout_commands); 1279 if (cm) { 1280 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1281 "More commands to abort for target %u\n", targ->tid); 1282 mprsas_send_abort(sc, tm, cm); 1283 } else { 1284 targ->tm = NULL; 1285 mprsas_free_tm(sc, tm); 1286 } 1287 } else { 1288 /* if we still have commands for this LUN, the reset 1289 * effectively failed, regardless of the status reported. 1290 * Escalate to a target reset. 1291 */ 1292 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1293 "logical unit reset complete for target %u, but still " 1294 "have %u command(s), sending target reset\n", targ->tid, 1295 cm_count); 1296 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1297 mprsas_send_reset(sc, tm, 1298 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1299 else 1300 mpr_reinit(sc); 1301 } 1302 } 1303 1304 static void 1305 mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1306 { 1307 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1308 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1309 struct mprsas_target *targ; 1310 1311 callout_stop(&tm->cm_callout); 1312 1313 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1314 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1315 targ = tm->cm_targ; 1316 1317 /* 1318 * Currently there should be no way we can hit this case. It only 1319 * happens when we have a failure to allocate chain frames, and 1320 * task management commands don't have S/G lists. 1321 */ 1322 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1323 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target " 1324 "reset! This should not happen!\n", __func__, tm->cm_flags); 1325 mprsas_free_tm(sc, tm); 1326 return; 1327 } 1328 1329 if (reply == NULL) { 1330 mpr_dprint(sc, MPR_RECOVERY, 1331 "NULL target reset reply for tm %p TaskMID %u\n", 1332 tm, le16toh(req->TaskMID)); 1333 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1334 /* this completion was due to a reset, just cleanup */ 1335 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1336 "reset, ignoring NULL target reset reply\n"); 1337 targ->tm = NULL; 1338 mprsas_free_tm(sc, tm); 1339 } 1340 else { 1341 /* we should have gotten a reply. */ 1342 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1343 "target reset attempt, resetting controller\n"); 1344 mpr_reinit(sc); 1345 } 1346 return; 1347 } 1348 1349 mpr_dprint(sc, MPR_RECOVERY, 1350 "target reset status 0x%x code 0x%x count %u\n", 1351 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1352 le32toh(reply->TerminationCount)); 1353 1354 if (targ->outstanding == 0) { 1355 /* 1356 * We've finished recovery for this target and all 1357 * of its logical units. 1358 */ 1359 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1360 "Finished reset recovery for target %u\n", targ->tid); 1361 1362 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1363 CAM_LUN_WILDCARD); 1364 1365 targ->tm = NULL; 1366 mprsas_free_tm(sc, tm); 1367 } else { 1368 /* 1369 * After a target reset, if this target still has 1370 * outstanding commands, the reset effectively failed, 1371 * regardless of the status reported. escalate. 1372 */ 1373 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1374 "Target reset complete for target %u, but still have %u " 1375 "command(s), resetting controller\n", targ->tid, 1376 targ->outstanding); 1377 mpr_reinit(sc); 1378 } 1379 } 1380 1381 #define MPR_RESET_TIMEOUT 30 1382 1383 int 1384 mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type) 1385 { 1386 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1387 struct mprsas_target *target; 1388 int err, timeout; 1389 1390 target = tm->cm_targ; 1391 if (target->handle == 0) { 1392 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id " 1393 "%d\n", __func__, target->tid); 1394 return -1; 1395 } 1396 1397 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1398 req->DevHandle = htole16(target->handle); 1399 req->TaskType = type; 1400 1401 if (!target->is_nvme || sc->custom_nvme_tm_handling) { 1402 timeout = MPR_RESET_TIMEOUT; 1403 /* 1404 * Target reset method = 1405 * SAS Hard Link Reset / SATA Link Reset 1406 */ 1407 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1408 } else { 1409 timeout = (target->controller_reset_timeout) ? ( 1410 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT); 1411 /* PCIe Protocol Level Reset*/ 1412 req->MsgFlags = 1413 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 1414 } 1415 1416 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1417 /* XXX Need to handle invalid LUNs */ 1418 MPR_SET_LUN(req->LUN, tm->cm_lun); 1419 tm->cm_targ->logical_unit_resets++; 1420 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1421 "Sending logical unit reset to target %u lun %d\n", 1422 target->tid, tm->cm_lun); 1423 tm->cm_complete = mprsas_logical_unit_reset_complete; 1424 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1425 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1426 tm->cm_targ->target_resets++; 1427 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1428 "Sending target reset to target %u\n", target->tid); 1429 tm->cm_complete = mprsas_target_reset_complete; 1430 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1431 } 1432 else { 1433 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type); 1434 return -1; 1435 } 1436 1437 if (target->encl_level_valid) { 1438 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1439 "At enclosure level %d, slot %d, connector name (%4s)\n", 1440 target->encl_level, target->encl_slot, 1441 target->connector_name); 1442 } 1443 1444 tm->cm_data = NULL; 1445 tm->cm_complete_data = (void *)tm; 1446 1447 callout_reset(&tm->cm_callout, timeout * hz, 1448 mprsas_tm_timeout, tm); 1449 1450 err = mpr_map_command(sc, tm); 1451 if (err) 1452 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1453 "error %d sending reset type %u\n", err, type); 1454 1455 return err; 1456 } 1457 1458 static void 1459 mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm) 1460 { 1461 struct mpr_command *cm; 1462 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1463 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1464 struct mprsas_target *targ; 1465 1466 callout_stop(&tm->cm_callout); 1467 1468 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1469 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1470 targ = tm->cm_targ; 1471 1472 /* 1473 * Currently there should be no way we can hit this case. It only 1474 * happens when we have a failure to allocate chain frames, and 1475 * task management commands don't have S/G lists. 1476 */ 1477 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1478 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1479 "cm_flags = %#x for abort %p TaskMID %u!\n", 1480 tm->cm_flags, tm, le16toh(req->TaskMID)); 1481 mprsas_free_tm(sc, tm); 1482 return; 1483 } 1484 1485 if (reply == NULL) { 1486 mpr_dprint(sc, MPR_RECOVERY, 1487 "NULL abort reply for tm %p TaskMID %u\n", 1488 tm, le16toh(req->TaskMID)); 1489 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1490 /* this completion was due to a reset, just cleanup */ 1491 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1492 "reset, ignoring NULL abort reply\n"); 1493 targ->tm = NULL; 1494 mprsas_free_tm(sc, tm); 1495 } else { 1496 /* we should have gotten a reply. */ 1497 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1498 "abort attempt, resetting controller\n"); 1499 mpr_reinit(sc); 1500 } 1501 return; 1502 } 1503 1504 mpr_dprint(sc, MPR_RECOVERY, 1505 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1506 le16toh(req->TaskMID), 1507 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1508 le32toh(reply->TerminationCount)); 1509 1510 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1511 if (cm == NULL) { 1512 /* 1513 * if there are no more timedout commands, we're done with 1514 * error recovery for this target. 1515 */ 1516 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1517 "Finished abort recovery for target %u\n", targ->tid); 1518 targ->tm = NULL; 1519 mprsas_free_tm(sc, tm); 1520 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1521 /* abort success, but we have more timedout commands to abort */ 1522 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1523 "Continuing abort recovery for target %u\n", targ->tid); 1524 mprsas_send_abort(sc, tm, cm); 1525 } else { 1526 /* 1527 * we didn't get a command completion, so the abort 1528 * failed as far as we're concerned. escalate. 1529 */ 1530 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1531 "Abort failed for target %u, sending logical unit reset\n", 1532 targ->tid); 1533 1534 mprsas_send_reset(sc, tm, 1535 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1536 } 1537 } 1538 1539 #define MPR_ABORT_TIMEOUT 5 1540 1541 static int 1542 mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 1543 struct mpr_command *cm) 1544 { 1545 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1546 struct mprsas_target *targ; 1547 int err, timeout; 1548 1549 targ = cm->cm_targ; 1550 if (targ->handle == 0) { 1551 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1552 "%s null devhandle for target_id %d\n", 1553 __func__, cm->cm_ccb->ccb_h.target_id); 1554 return -1; 1555 } 1556 1557 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO, 1558 "Aborting command %p\n", cm); 1559 1560 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1561 req->DevHandle = htole16(targ->handle); 1562 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1563 1564 /* XXX Need to handle invalid LUNs */ 1565 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1566 1567 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1568 1569 tm->cm_data = NULL; 1570 tm->cm_complete = mprsas_abort_complete; 1571 tm->cm_complete_data = (void *)tm; 1572 tm->cm_targ = cm->cm_targ; 1573 tm->cm_lun = cm->cm_lun; 1574 1575 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1576 timeout = MPR_ABORT_TIMEOUT; 1577 else 1578 timeout = sc->nvme_abort_timeout; 1579 1580 callout_reset(&tm->cm_callout, timeout * hz, 1581 mprsas_tm_timeout, tm); 1582 1583 targ->aborts++; 1584 1585 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1586 1587 err = mpr_map_command(sc, tm); 1588 if (err) 1589 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1590 "error %d sending abort for cm %p SMID %u\n", 1591 err, cm, req->TaskMID); 1592 return err; 1593 } 1594 1595 static void 1596 mprsas_scsiio_timeout(void *data) 1597 { 1598 sbintime_t elapsed, now; 1599 union ccb *ccb; 1600 struct mpr_softc *sc; 1601 struct mpr_command *cm; 1602 struct mprsas_target *targ; 1603 1604 cm = (struct mpr_command *)data; 1605 sc = cm->cm_sc; 1606 ccb = cm->cm_ccb; 1607 now = sbinuptime(); 1608 1609 MPR_FUNCTRACE(sc); 1610 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1611 1612 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm); 1613 1614 /* 1615 * Run the interrupt handler to make sure it's not pending. This 1616 * isn't perfect because the command could have already completed 1617 * and been re-used, though this is unlikely. 1618 */ 1619 mpr_intr_locked(sc); 1620 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 1621 mprsas_log_command(cm, MPR_XINFO, 1622 "SCSI command %p almost timed out\n", cm); 1623 return; 1624 } 1625 1626 if (cm->cm_ccb == NULL) { 1627 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n"); 1628 return; 1629 } 1630 1631 targ = cm->cm_targ; 1632 targ->timeouts++; 1633 1634 elapsed = now - ccb->ccb_h.qos.sim_data; 1635 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY, 1636 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n", 1637 targ->tid, targ->handle, ccb->ccb_h.timeout, 1638 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1639 if (targ->encl_level_valid) { 1640 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1641 "At enclosure level %d, slot %d, connector name (%4s)\n", 1642 targ->encl_level, targ->encl_slot, targ->connector_name); 1643 } 1644 1645 /* XXX first, check the firmware state, to see if it's still 1646 * operational. if not, do a diag reset. 1647 */ 1648 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1649 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT; 1650 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1651 1652 if (targ->tm != NULL) { 1653 /* target already in recovery, just queue up another 1654 * timedout command to be processed later. 1655 */ 1656 mpr_dprint(sc, MPR_RECOVERY, "queued timedout cm %p for " 1657 "processing by tm %p\n", cm, targ->tm); 1658 } 1659 else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) { 1660 /* start recovery by aborting the first timedout command */ 1661 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1662 "Sending abort to target %u for SMID %d\n", targ->tid, 1663 cm->cm_desc.Default.SMID); 1664 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n", 1665 cm, targ->tm); 1666 mprsas_send_abort(sc, targ->tm, cm); 1667 } 1668 else { 1669 /* XXX queue this target up for recovery once a TM becomes 1670 * available. The firmware only has a limited number of 1671 * HighPriority credits for the high priority requests used 1672 * for task management, and we ran out. 1673 * 1674 * Isilon: don't worry about this for now, since we have 1675 * more credits than disks in an enclosure, and limit 1676 * ourselves to one TM per target for recovery. 1677 */ 1678 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1679 "timedout cm %p failed to allocate a tm\n", cm); 1680 } 1681 } 1682 1683 /** 1684 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent 1685 * to SCSI Unmap. 1686 * Return 0 - for success, 1687 * 1 - to immediately return back the command with success status to CAM 1688 * negative value - to fallback to firmware path i.e. issue scsi unmap 1689 * to FW without any translation. 1690 */ 1691 static int 1692 mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm, 1693 union ccb *ccb, struct mprsas_target *targ) 1694 { 1695 Mpi26NVMeEncapsulatedRequest_t *req = NULL; 1696 struct ccb_scsiio *csio; 1697 struct unmap_parm_list *plist; 1698 struct nvme_dsm_range *nvme_dsm_ranges = NULL; 1699 struct nvme_command *c; 1700 int i, res; 1701 uint16_t ndesc, list_len, data_length; 1702 struct mpr_prp_page *prp_page_info; 1703 uint64_t nvme_dsm_ranges_dma_handle; 1704 1705 csio = &ccb->csio; 1706 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]); 1707 if (!list_len) { 1708 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n"); 1709 return -EINVAL; 1710 } 1711 1712 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT); 1713 if (!plist) { 1714 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to " 1715 "save UNMAP data\n"); 1716 return -ENOMEM; 1717 } 1718 1719 /* Copy SCSI unmap data to a local buffer */ 1720 bcopy(csio->data_ptr, plist, csio->dxfer_len); 1721 1722 /* return back the unmap command to CAM with success status, 1723 * if number of descripts is zero. 1724 */ 1725 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4; 1726 if (!ndesc) { 1727 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in " 1728 "UNMAP cmd is Zero\n"); 1729 res = 1; 1730 goto out; 1731 } 1732 1733 data_length = ndesc * sizeof(struct nvme_dsm_range); 1734 if (data_length > targ->MDTS) { 1735 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than " 1736 "Device's MDTS: %d\n", data_length, targ->MDTS); 1737 res = -EINVAL; 1738 goto out; 1739 } 1740 1741 prp_page_info = mpr_alloc_prp_page(sc); 1742 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for " 1743 "UNMAP command.\n", __func__)); 1744 1745 /* 1746 * Insert the allocated PRP page into the command's PRP page list. This 1747 * will be freed when the command is freed. 1748 */ 1749 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link); 1750 1751 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page; 1752 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr; 1753 1754 bzero(nvme_dsm_ranges, data_length); 1755 1756 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data 1757 * for each descriptors contained in SCSI UNMAP data. 1758 */ 1759 for (i = 0; i < ndesc; i++) { 1760 nvme_dsm_ranges[i].length = 1761 htole32(be32toh(plist->desc[i].nlb)); 1762 nvme_dsm_ranges[i].starting_lba = 1763 htole64(be64toh(plist->desc[i].slba)); 1764 nvme_dsm_ranges[i].attributes = 0; 1765 } 1766 1767 /* Build MPI2.6's NVMe Encapsulated Request Message */ 1768 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req; 1769 bzero(req, sizeof(*req)); 1770 req->DevHandle = htole16(targ->handle); 1771 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED; 1772 req->Flags = MPI26_NVME_FLAGS_WRITE; 1773 req->ErrorResponseBaseAddress.High = 1774 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32)); 1775 req->ErrorResponseBaseAddress.Low = 1776 htole32(cm->cm_sense_busaddr); 1777 req->ErrorResponseAllocationLength = 1778 htole16(sizeof(struct nvme_completion)); 1779 req->EncapsulatedCommandLength = 1780 htole16(sizeof(struct nvme_command)); 1781 req->DataLength = htole32(data_length); 1782 1783 /* Build NVMe DSM command */ 1784 c = (struct nvme_command *) req->NVMe_Command; 1785 c->opc = NVME_OPC_DATASET_MANAGEMENT; 1786 c->nsid = htole32(csio->ccb_h.target_lun + 1); 1787 c->cdw10 = htole32(ndesc - 1); 1788 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE); 1789 1790 cm->cm_length = data_length; 1791 cm->cm_data = NULL; 1792 1793 cm->cm_complete = mprsas_scsiio_complete; 1794 cm->cm_complete_data = ccb; 1795 cm->cm_targ = targ; 1796 cm->cm_lun = csio->ccb_h.target_lun; 1797 cm->cm_ccb = ccb; 1798 1799 cm->cm_desc.Default.RequestFlags = 1800 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED; 1801 1802 csio->ccb_h.qos.sim_data = sbinuptime(); 1803 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1804 mprsas_scsiio_timeout, cm, 0); 1805 1806 targ->issued++; 1807 targ->outstanding++; 1808 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1809 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1810 1811 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 1812 __func__, cm, ccb, targ->outstanding); 1813 1814 mpr_build_nvme_prp(sc, cm, req, 1815 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length); 1816 mpr_map_command(sc, cm); 1817 1818 out: 1819 free(plist, M_MPR); 1820 return 0; 1821 } 1822 1823 static void 1824 mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb) 1825 { 1826 MPI2_SCSI_IO_REQUEST *req; 1827 struct ccb_scsiio *csio; 1828 struct mpr_softc *sc; 1829 struct mprsas_target *targ; 1830 struct mprsas_lun *lun; 1831 struct mpr_command *cm; 1832 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode; 1833 uint16_t eedp_flags; 1834 uint32_t mpi_control; 1835 int rc; 1836 1837 sc = sassc->sc; 1838 MPR_FUNCTRACE(sc); 1839 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1840 1841 csio = &ccb->csio; 1842 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1843 ("Target %d out of bounds in XPT_SCSI_IO\n", 1844 csio->ccb_h.target_id)); 1845 targ = &sassc->targets[csio->ccb_h.target_id]; 1846 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1847 if (targ->handle == 0x0) { 1848 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n", 1849 __func__, csio->ccb_h.target_id); 1850 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1851 xpt_done(ccb); 1852 return; 1853 } 1854 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) { 1855 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO " 1856 "supported %u\n", __func__, csio->ccb_h.target_id); 1857 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1858 xpt_done(ccb); 1859 return; 1860 } 1861 /* 1862 * Sometimes, it is possible to get a command that is not "In 1863 * Progress" and was actually aborted by the upper layer. Check for 1864 * this here and complete the command without error. 1865 */ 1866 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1867 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for " 1868 "target %u\n", __func__, csio->ccb_h.target_id); 1869 xpt_done(ccb); 1870 return; 1871 } 1872 /* 1873 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1874 * that the volume has timed out. We want volumes to be enumerated 1875 * until they are deleted/removed, not just failed. In either event, 1876 * we're removing the target due to a firmware event telling us 1877 * the device is now gone (as opposed to some transient event). Since 1878 * we're opting to remove failed devices from the OS's view, we need 1879 * to propagate that status up the stack. 1880 */ 1881 if (targ->flags & MPRSAS_TARGET_INREMOVAL) { 1882 if (targ->devinfo == 0) 1883 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1884 else 1885 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1886 xpt_done(ccb); 1887 return; 1888 } 1889 1890 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) { 1891 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__); 1892 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1893 xpt_done(ccb); 1894 return; 1895 } 1896 1897 /* 1898 * If target has a reset in progress, freeze the devq and return. The 1899 * devq will be released when the TM reset is finished. 1900 */ 1901 if (targ->flags & MPRSAS_TARGET_INRESET) { 1902 ccb->ccb_h.status = CAM_BUSY | CAM_DEV_QFRZN; 1903 mpr_dprint(sc, MPR_INFO, "%s: Freezing devq for target ID %d\n", 1904 __func__, targ->tid); 1905 xpt_freeze_devq(ccb->ccb_h.path, 1); 1906 xpt_done(ccb); 1907 return; 1908 } 1909 1910 cm = mpr_alloc_command(sc); 1911 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) { 1912 if (cm != NULL) { 1913 mpr_free_command(sc, cm); 1914 } 1915 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 1916 xpt_freeze_simq(sassc->sim, 1); 1917 sassc->flags |= MPRSAS_QUEUE_FROZEN; 1918 } 1919 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1920 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1921 xpt_done(ccb); 1922 return; 1923 } 1924 1925 /* For NVME device's issue UNMAP command directly to NVME drives by 1926 * constructing equivalent native NVMe DataSetManagement command. 1927 */ 1928 scsi_opcode = scsiio_cdb_ptr(csio)[0]; 1929 if (scsi_opcode == UNMAP && 1930 targ->is_nvme && 1931 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 1932 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ); 1933 if (rc == 1) { /* return command to CAM with success status */ 1934 mpr_free_command(sc, cm); 1935 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1936 xpt_done(ccb); 1937 return; 1938 } else if (!rc) /* Issued NVMe Encapsulated Request Message */ 1939 return; 1940 } 1941 1942 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1943 bzero(req, sizeof(*req)); 1944 req->DevHandle = htole16(targ->handle); 1945 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1946 req->MsgFlags = 0; 1947 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1948 req->SenseBufferLength = MPR_SENSE_LEN; 1949 req->SGLFlags = 0; 1950 req->ChainOffset = 0; 1951 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1952 req->SGLOffset1= 0; 1953 req->SGLOffset2= 0; 1954 req->SGLOffset3= 0; 1955 req->SkipCount = 0; 1956 req->DataLength = htole32(csio->dxfer_len); 1957 req->BidirectionalDataLength = 0; 1958 req->IoFlags = htole16(csio->cdb_len); 1959 req->EEDPFlags = 0; 1960 1961 /* Note: BiDirectional transfers are not supported */ 1962 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1963 case CAM_DIR_IN: 1964 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1965 cm->cm_flags |= MPR_CM_FLAGS_DATAIN; 1966 break; 1967 case CAM_DIR_OUT: 1968 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1969 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT; 1970 break; 1971 case CAM_DIR_NONE: 1972 default: 1973 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 1974 break; 1975 } 1976 1977 if (csio->cdb_len == 32) 1978 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 1979 /* 1980 * It looks like the hardware doesn't require an explicit tag 1981 * number for each transaction. SAM Task Management not supported 1982 * at the moment. 1983 */ 1984 switch (csio->tag_action) { 1985 case MSG_HEAD_OF_Q_TAG: 1986 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 1987 break; 1988 case MSG_ORDERED_Q_TAG: 1989 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 1990 break; 1991 case MSG_ACA_TASK: 1992 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 1993 break; 1994 case CAM_TAG_ACTION_NONE: 1995 case MSG_SIMPLE_Q_TAG: 1996 default: 1997 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 1998 break; 1999 } 2000 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 2001 req->Control = htole32(mpi_control); 2002 2003 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 2004 mpr_free_command(sc, cm); 2005 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID); 2006 xpt_done(ccb); 2007 return; 2008 } 2009 2010 if (csio->ccb_h.flags & CAM_CDB_POINTER) 2011 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 2012 else { 2013 KASSERT(csio->cdb_len <= IOCDBLEN, 2014 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER " 2015 "is not set", csio->cdb_len)); 2016 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 2017 } 2018 req->IoFlags = htole16(csio->cdb_len); 2019 2020 /* 2021 * Check if EEDP is supported and enabled. If it is then check if the 2022 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 2023 * is formatted for EEDP support. If all of this is true, set CDB up 2024 * for EEDP transfer. 2025 */ 2026 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 2027 if (sc->eedp_enabled && eedp_flags) { 2028 SLIST_FOREACH(lun, &targ->luns, lun_link) { 2029 if (lun->lun_id == csio->ccb_h.target_lun) { 2030 break; 2031 } 2032 } 2033 2034 if ((lun != NULL) && (lun->eedp_formatted)) { 2035 req->EEDPBlockSize = htole16(lun->eedp_block_size); 2036 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 2037 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 2038 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 2039 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 2040 eedp_flags |= 2041 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE; 2042 } 2043 req->EEDPFlags = htole16(eedp_flags); 2044 2045 /* 2046 * If CDB less than 32, fill in Primary Ref Tag with 2047 * low 4 bytes of LBA. If CDB is 32, tag stuff is 2048 * already there. Also, set protection bit. FreeBSD 2049 * currently does not support CDBs bigger than 16, but 2050 * the code doesn't hurt, and will be here for the 2051 * future. 2052 */ 2053 if (csio->cdb_len != 32) { 2054 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 2055 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 2056 PrimaryReferenceTag; 2057 for (i = 0; i < 4; i++) { 2058 *ref_tag_addr = 2059 req->CDB.CDB32[lba_byte + i]; 2060 ref_tag_addr++; 2061 } 2062 req->CDB.EEDP32.PrimaryReferenceTag = 2063 htole32(req-> 2064 CDB.EEDP32.PrimaryReferenceTag); 2065 req->CDB.EEDP32.PrimaryApplicationTagMask = 2066 0xFFFF; 2067 req->CDB.CDB32[1] = 2068 (req->CDB.CDB32[1] & 0x1F) | 0x20; 2069 } else { 2070 eedp_flags |= 2071 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 2072 req->EEDPFlags = htole16(eedp_flags); 2073 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 2074 0x1F) | 0x20; 2075 } 2076 } 2077 } 2078 2079 cm->cm_length = csio->dxfer_len; 2080 if (cm->cm_length != 0) { 2081 cm->cm_data = ccb; 2082 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB; 2083 } else { 2084 cm->cm_data = NULL; 2085 } 2086 cm->cm_sge = &req->SGL; 2087 cm->cm_sglsize = (32 - 24) * 4; 2088 cm->cm_complete = mprsas_scsiio_complete; 2089 cm->cm_complete_data = ccb; 2090 cm->cm_targ = targ; 2091 cm->cm_lun = csio->ccb_h.target_lun; 2092 cm->cm_ccb = ccb; 2093 /* 2094 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0) 2095 * and set descriptor type. 2096 */ 2097 if (targ->scsi_req_desc_type == 2098 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) { 2099 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH; 2100 cm->cm_desc.FastPathSCSIIO.RequestFlags = 2101 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO; 2102 if (!sc->atomic_desc_capable) { 2103 cm->cm_desc.FastPathSCSIIO.DevHandle = 2104 htole16(targ->handle); 2105 } 2106 } else { 2107 cm->cm_desc.SCSIIO.RequestFlags = 2108 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 2109 if (!sc->atomic_desc_capable) 2110 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 2111 } 2112 2113 csio->ccb_h.qos.sim_data = sbinuptime(); 2114 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 2115 mprsas_scsiio_timeout, cm, 0); 2116 2117 targ->issued++; 2118 targ->outstanding++; 2119 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 2120 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2121 2122 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 2123 __func__, cm, ccb, targ->outstanding); 2124 2125 mpr_map_command(sc, cm); 2126 return; 2127 } 2128 2129 /** 2130 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request 2131 */ 2132 static void 2133 mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio, 2134 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ) 2135 { 2136 u32 response_info; 2137 u8 *response_bytes; 2138 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 2139 MPI2_IOCSTATUS_MASK; 2140 u8 scsi_state = mpi_reply->SCSIState; 2141 u8 scsi_status = mpi_reply->SCSIStatus; 2142 char *desc_ioc_state = NULL; 2143 char *desc_scsi_status = NULL; 2144 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 2145 2146 if (log_info == 0x31170000) 2147 return; 2148 2149 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string, 2150 ioc_status); 2151 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string, 2152 scsi_status); 2153 2154 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 2155 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 2156 if (targ->encl_level_valid) { 2157 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, " 2158 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 2159 targ->connector_name); 2160 } 2161 2162 /* 2163 * We can add more detail about underflow data here 2164 * TO-DO 2165 */ 2166 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), " 2167 "scsi_state %b\n", desc_scsi_status, scsi_status, 2168 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 2169 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 2170 2171 if (sc->mpr_debug & MPR_XINFO && 2172 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2173 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n"); 2174 scsi_sense_print(csio); 2175 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n"); 2176 } 2177 2178 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 2179 response_info = le32toh(mpi_reply->ResponseInfo); 2180 response_bytes = (u8 *)&response_info; 2181 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n", 2182 response_bytes[0], 2183 mpr_describe_table(mpr_scsi_taskmgmt_string, 2184 response_bytes[0])); 2185 } 2186 } 2187 2188 /** mprsas_nvme_trans_status_code 2189 * 2190 * Convert Native NVMe command error status to 2191 * equivalent SCSI error status. 2192 * 2193 * Returns appropriate scsi_status 2194 */ 2195 static u8 2196 mprsas_nvme_trans_status_code(uint16_t nvme_status, 2197 struct mpr_command *cm) 2198 { 2199 u8 status = MPI2_SCSI_STATUS_GOOD; 2200 int skey, asc, ascq; 2201 union ccb *ccb = cm->cm_complete_data; 2202 int returned_sense_len; 2203 uint8_t sct, sc; 2204 2205 sct = NVME_STATUS_GET_SCT(nvme_status); 2206 sc = NVME_STATUS_GET_SC(nvme_status); 2207 2208 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2209 skey = SSD_KEY_ILLEGAL_REQUEST; 2210 asc = SCSI_ASC_NO_SENSE; 2211 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2212 2213 switch (sct) { 2214 case NVME_SCT_GENERIC: 2215 switch (sc) { 2216 case NVME_SC_SUCCESS: 2217 status = MPI2_SCSI_STATUS_GOOD; 2218 skey = SSD_KEY_NO_SENSE; 2219 asc = SCSI_ASC_NO_SENSE; 2220 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2221 break; 2222 case NVME_SC_INVALID_OPCODE: 2223 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2224 skey = SSD_KEY_ILLEGAL_REQUEST; 2225 asc = SCSI_ASC_ILLEGAL_COMMAND; 2226 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2227 break; 2228 case NVME_SC_INVALID_FIELD: 2229 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2230 skey = SSD_KEY_ILLEGAL_REQUEST; 2231 asc = SCSI_ASC_INVALID_CDB; 2232 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2233 break; 2234 case NVME_SC_DATA_TRANSFER_ERROR: 2235 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2236 skey = SSD_KEY_MEDIUM_ERROR; 2237 asc = SCSI_ASC_NO_SENSE; 2238 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2239 break; 2240 case NVME_SC_ABORTED_POWER_LOSS: 2241 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2242 skey = SSD_KEY_ABORTED_COMMAND; 2243 asc = SCSI_ASC_WARNING; 2244 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED; 2245 break; 2246 case NVME_SC_INTERNAL_DEVICE_ERROR: 2247 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2248 skey = SSD_KEY_HARDWARE_ERROR; 2249 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE; 2250 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2251 break; 2252 case NVME_SC_ABORTED_BY_REQUEST: 2253 case NVME_SC_ABORTED_SQ_DELETION: 2254 case NVME_SC_ABORTED_FAILED_FUSED: 2255 case NVME_SC_ABORTED_MISSING_FUSED: 2256 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2257 skey = SSD_KEY_ABORTED_COMMAND; 2258 asc = SCSI_ASC_NO_SENSE; 2259 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2260 break; 2261 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT: 2262 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2263 skey = SSD_KEY_ILLEGAL_REQUEST; 2264 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2265 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2266 break; 2267 case NVME_SC_LBA_OUT_OF_RANGE: 2268 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2269 skey = SSD_KEY_ILLEGAL_REQUEST; 2270 asc = SCSI_ASC_ILLEGAL_BLOCK; 2271 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2272 break; 2273 case NVME_SC_CAPACITY_EXCEEDED: 2274 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2275 skey = SSD_KEY_MEDIUM_ERROR; 2276 asc = SCSI_ASC_NO_SENSE; 2277 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2278 break; 2279 case NVME_SC_NAMESPACE_NOT_READY: 2280 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2281 skey = SSD_KEY_NOT_READY; 2282 asc = SCSI_ASC_LUN_NOT_READY; 2283 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2284 break; 2285 } 2286 break; 2287 case NVME_SCT_COMMAND_SPECIFIC: 2288 switch (sc) { 2289 case NVME_SC_INVALID_FORMAT: 2290 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2291 skey = SSD_KEY_ILLEGAL_REQUEST; 2292 asc = SCSI_ASC_FORMAT_COMMAND_FAILED; 2293 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED; 2294 break; 2295 case NVME_SC_CONFLICTING_ATTRIBUTES: 2296 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2297 skey = SSD_KEY_ILLEGAL_REQUEST; 2298 asc = SCSI_ASC_INVALID_CDB; 2299 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2300 break; 2301 } 2302 break; 2303 case NVME_SCT_MEDIA_ERROR: 2304 switch (sc) { 2305 case NVME_SC_WRITE_FAULTS: 2306 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2307 skey = SSD_KEY_MEDIUM_ERROR; 2308 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT; 2309 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2310 break; 2311 case NVME_SC_UNRECOVERED_READ_ERROR: 2312 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2313 skey = SSD_KEY_MEDIUM_ERROR; 2314 asc = SCSI_ASC_UNRECOVERED_READ_ERROR; 2315 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2316 break; 2317 case NVME_SC_GUARD_CHECK_ERROR: 2318 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2319 skey = SSD_KEY_MEDIUM_ERROR; 2320 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED; 2321 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED; 2322 break; 2323 case NVME_SC_APPLICATION_TAG_CHECK_ERROR: 2324 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2325 skey = SSD_KEY_MEDIUM_ERROR; 2326 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED; 2327 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED; 2328 break; 2329 case NVME_SC_REFERENCE_TAG_CHECK_ERROR: 2330 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2331 skey = SSD_KEY_MEDIUM_ERROR; 2332 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED; 2333 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED; 2334 break; 2335 case NVME_SC_COMPARE_FAILURE: 2336 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2337 skey = SSD_KEY_MISCOMPARE; 2338 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY; 2339 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2340 break; 2341 case NVME_SC_ACCESS_DENIED: 2342 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2343 skey = SSD_KEY_ILLEGAL_REQUEST; 2344 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2345 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2346 break; 2347 } 2348 break; 2349 } 2350 2351 returned_sense_len = sizeof(struct scsi_sense_data); 2352 if (returned_sense_len < ccb->csio.sense_len) 2353 ccb->csio.sense_resid = ccb->csio.sense_len - 2354 returned_sense_len; 2355 else 2356 ccb->csio.sense_resid = 0; 2357 2358 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED, 2359 1, skey, asc, ascq, SSD_ELEM_NONE); 2360 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2361 2362 return status; 2363 } 2364 2365 /** mprsas_complete_nvme_unmap 2366 * 2367 * Complete native NVMe command issued using NVMe Encapsulated 2368 * Request Message. 2369 */ 2370 static u8 2371 mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm) 2372 { 2373 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply; 2374 struct nvme_completion *nvme_completion = NULL; 2375 u8 scsi_status = MPI2_SCSI_STATUS_GOOD; 2376 2377 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply; 2378 if (le16toh(mpi_reply->ErrorResponseCount)){ 2379 nvme_completion = (struct nvme_completion *)cm->cm_sense; 2380 scsi_status = mprsas_nvme_trans_status_code( 2381 nvme_completion->status, cm); 2382 } 2383 return scsi_status; 2384 } 2385 2386 static void 2387 mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2388 { 2389 MPI2_SCSI_IO_REPLY *rep; 2390 union ccb *ccb; 2391 struct ccb_scsiio *csio; 2392 struct mprsas_softc *sassc; 2393 struct scsi_vpd_supported_page_list *vpd_list = NULL; 2394 u8 *TLR_bits, TLR_on, *scsi_cdb; 2395 int dir = 0, i; 2396 u16 alloc_len; 2397 struct mprsas_target *target; 2398 target_id_t target_id; 2399 2400 MPR_FUNCTRACE(sc); 2401 mpr_dprint(sc, MPR_TRACE, 2402 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm, 2403 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 2404 cm->cm_targ->outstanding); 2405 2406 callout_stop(&cm->cm_callout); 2407 mtx_assert(&sc->mpr_mtx, MA_OWNED); 2408 2409 sassc = sc->sassc; 2410 ccb = cm->cm_complete_data; 2411 csio = &ccb->csio; 2412 target_id = csio->ccb_h.target_id; 2413 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 2414 /* 2415 * XXX KDM if the chain allocation fails, does it matter if we do 2416 * the sync and unload here? It is simpler to do it in every case, 2417 * assuming it doesn't cause problems. 2418 */ 2419 if (cm->cm_data != NULL) { 2420 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN) 2421 dir = BUS_DMASYNC_POSTREAD; 2422 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT) 2423 dir = BUS_DMASYNC_POSTWRITE; 2424 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2425 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2426 } 2427 2428 cm->cm_targ->completed++; 2429 cm->cm_targ->outstanding--; 2430 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2431 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2432 2433 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 2434 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2435 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY, 2436 ("Not busy for CM_FLAGS_TIMEDOUT: %d\n", cm->cm_state)); 2437 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY; 2438 if (cm->cm_reply != NULL) 2439 mprsas_log_command(cm, MPR_RECOVERY, 2440 "completed timedout cm %p ccb %p during recovery " 2441 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb, 2442 le16toh(rep->IOCStatus), rep->SCSIStatus, 2443 rep->SCSIState, le32toh(rep->TransferCount)); 2444 else 2445 mprsas_log_command(cm, MPR_RECOVERY, 2446 "completed timedout cm %p ccb %p during recovery\n", 2447 cm, cm->cm_ccb); 2448 } else if (cm->cm_targ->tm != NULL) { 2449 if (cm->cm_reply != NULL) 2450 mprsas_log_command(cm, MPR_RECOVERY, 2451 "completed cm %p ccb %p during recovery " 2452 "ioc %x scsi %x state %x xfer %u\n", 2453 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2454 rep->SCSIStatus, rep->SCSIState, 2455 le32toh(rep->TransferCount)); 2456 else 2457 mprsas_log_command(cm, MPR_RECOVERY, 2458 "completed cm %p ccb %p during recovery\n", 2459 cm, cm->cm_ccb); 2460 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 2461 mprsas_log_command(cm, MPR_RECOVERY, 2462 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb); 2463 } 2464 2465 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2466 /* 2467 * We ran into an error after we tried to map the command, 2468 * so we're getting a callback without queueing the command 2469 * to the hardware. So we set the status here, and it will 2470 * be retained below. We'll go through the "fast path", 2471 * because there can be no reply when we haven't actually 2472 * gone out to the hardware. 2473 */ 2474 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2475 2476 /* 2477 * Currently the only error included in the mask is 2478 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of 2479 * chain frames. We need to freeze the queue until we get 2480 * a command that completed without this error, which will 2481 * hopefully have some chain frames attached that we can 2482 * use. If we wanted to get smarter about it, we would 2483 * only unfreeze the queue in this condition when we're 2484 * sure that we're getting some chain frames back. That's 2485 * probably unnecessary. 2486 */ 2487 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 2488 xpt_freeze_simq(sassc->sim, 1); 2489 sassc->flags |= MPRSAS_QUEUE_FROZEN; 2490 mpr_dprint(sc, MPR_XINFO, "Error sending command, " 2491 "freezing SIM queue\n"); 2492 } 2493 } 2494 2495 /* 2496 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER 2497 * flag, and use it in a few places in the rest of this function for 2498 * convenience. Use the macro if available. 2499 */ 2500 scsi_cdb = scsiio_cdb_ptr(csio); 2501 2502 /* 2503 * If this is a Start Stop Unit command and it was issued by the driver 2504 * during shutdown, decrement the refcount to account for all of the 2505 * commands that were sent. All SSU commands should be completed before 2506 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2507 * is TRUE. 2508 */ 2509 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) { 2510 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n"); 2511 sc->SSU_refcount--; 2512 } 2513 2514 /* Take the fast path to completion */ 2515 if (cm->cm_reply == NULL) { 2516 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2517 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) 2518 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2519 else { 2520 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2521 csio->scsi_status = SCSI_STATUS_OK; 2522 } 2523 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2524 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2525 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2526 mpr_dprint(sc, MPR_XINFO, 2527 "Unfreezing SIM queue\n"); 2528 } 2529 } 2530 2531 /* 2532 * There are two scenarios where the status won't be 2533 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is 2534 * set, the second is in the MPR_FLAGS_DIAGRESET above. 2535 */ 2536 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2537 /* 2538 * Freeze the dev queue so that commands are 2539 * executed in the correct order after error 2540 * recovery. 2541 */ 2542 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2543 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2544 } 2545 mpr_free_command(sc, cm); 2546 xpt_done(ccb); 2547 return; 2548 } 2549 2550 target = &sassc->targets[target_id]; 2551 if (scsi_cdb[0] == UNMAP && 2552 target->is_nvme && 2553 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 2554 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm); 2555 csio->scsi_status = rep->SCSIStatus; 2556 } 2557 2558 mprsas_log_command(cm, MPR_XINFO, 2559 "ioc %x scsi %x state %x xfer %u\n", 2560 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2561 le32toh(rep->TransferCount)); 2562 2563 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2564 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2565 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2566 /* FALLTHROUGH */ 2567 case MPI2_IOCSTATUS_SUCCESS: 2568 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2569 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2570 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2571 mprsas_log_command(cm, MPR_XINFO, "recovered error\n"); 2572 2573 /* Completion failed at the transport level. */ 2574 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2575 MPI2_SCSI_STATE_TERMINATED)) { 2576 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2577 break; 2578 } 2579 2580 /* In a modern packetized environment, an autosense failure 2581 * implies that there's not much else that can be done to 2582 * recover the command. 2583 */ 2584 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2585 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2586 break; 2587 } 2588 2589 /* 2590 * CAM doesn't care about SAS Response Info data, but if this is 2591 * the state check if TLR should be done. If not, clear the 2592 * TLR_bits for the target. 2593 */ 2594 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2595 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE) 2596 == MPR_SCSI_RI_INVALID_FRAME)) { 2597 sc->mapping_table[target_id].TLR_bits = 2598 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2599 } 2600 2601 /* 2602 * Intentionally override the normal SCSI status reporting 2603 * for these two cases. These are likely to happen in a 2604 * multi-initiator environment, and we want to make sure that 2605 * CAM retries these commands rather than fail them. 2606 */ 2607 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2608 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2609 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2610 break; 2611 } 2612 2613 /* Handle normal status and sense */ 2614 csio->scsi_status = rep->SCSIStatus; 2615 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2616 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2617 else 2618 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2619 2620 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2621 int sense_len, returned_sense_len; 2622 2623 returned_sense_len = min(le32toh(rep->SenseCount), 2624 sizeof(struct scsi_sense_data)); 2625 if (returned_sense_len < csio->sense_len) 2626 csio->sense_resid = csio->sense_len - 2627 returned_sense_len; 2628 else 2629 csio->sense_resid = 0; 2630 2631 sense_len = min(returned_sense_len, 2632 csio->sense_len - csio->sense_resid); 2633 bzero(&csio->sense_data, sizeof(csio->sense_data)); 2634 bcopy(cm->cm_sense, &csio->sense_data, sense_len); 2635 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2636 } 2637 2638 /* 2639 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2640 * and it's page code 0 (Supported Page List), and there is 2641 * inquiry data, and this is for a sequential access device, and 2642 * the device is an SSP target, and TLR is supported by the 2643 * controller, turn the TLR_bits value ON if page 0x90 is 2644 * supported. 2645 */ 2646 if ((scsi_cdb[0] == INQUIRY) && 2647 (scsi_cdb[1] & SI_EVPD) && 2648 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) && 2649 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2650 (csio->data_ptr != NULL) && 2651 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2652 (sc->control_TLR) && 2653 (sc->mapping_table[target_id].device_info & 2654 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2655 vpd_list = (struct scsi_vpd_supported_page_list *) 2656 csio->data_ptr; 2657 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2658 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2659 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2660 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4]; 2661 alloc_len -= csio->resid; 2662 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2663 if (vpd_list->list[i] == 0x90) { 2664 *TLR_bits = TLR_on; 2665 break; 2666 } 2667 } 2668 } 2669 2670 /* 2671 * If this is a SATA direct-access end device, mark it so that 2672 * a SCSI StartStopUnit command will be sent to it when the 2673 * driver is being shutdown. 2674 */ 2675 if ((scsi_cdb[0] == INQUIRY) && 2676 (csio->data_ptr != NULL) && 2677 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2678 (sc->mapping_table[target_id].device_info & 2679 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2680 ((sc->mapping_table[target_id].device_info & 2681 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2682 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2683 target = &sassc->targets[target_id]; 2684 target->supports_SSU = TRUE; 2685 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n", 2686 target_id); 2687 } 2688 break; 2689 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2690 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2691 /* 2692 * If devinfo is 0 this will be a volume. In that case don't 2693 * tell CAM that the volume is not there. We want volumes to 2694 * be enumerated until they are deleted/removed, not just 2695 * failed. 2696 */ 2697 if (cm->cm_targ->devinfo == 0) 2698 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2699 else 2700 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2701 break; 2702 case MPI2_IOCSTATUS_INVALID_SGL: 2703 mpr_print_scsiio_cmd(sc, cm); 2704 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2705 break; 2706 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2707 /* 2708 * This is one of the responses that comes back when an I/O 2709 * has been aborted. If it is because of a timeout that we 2710 * initiated, just set the status to CAM_CMD_TIMEOUT. 2711 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2712 * command is the same (it gets retried, subject to the 2713 * retry counter), the only difference is what gets printed 2714 * on the console. 2715 */ 2716 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT) 2717 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2718 else 2719 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2720 break; 2721 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2722 /* resid is ignored for this condition */ 2723 csio->resid = 0; 2724 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2725 break; 2726 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2727 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2728 /* 2729 * These can sometimes be transient transport-related 2730 * errors, and sometimes persistent drive-related errors. 2731 * We used to retry these without decrementing the retry 2732 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2733 * we hit a persistent drive problem that returns one of 2734 * these error codes, we would retry indefinitely. So, 2735 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2736 * count and avoid infinite retries. We're taking the 2737 * potential risk of flagging false failures in the event 2738 * of a topology-related error (e.g. a SAS expander problem 2739 * causes a command addressed to a drive to fail), but 2740 * avoiding getting into an infinite retry loop. However, 2741 * if we get them while were moving a device, we should 2742 * fail the request as 'not there' because the device 2743 * is effectively gone. 2744 */ 2745 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) 2746 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2747 else 2748 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2749 mpr_dprint(sc, MPR_INFO, 2750 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2751 mpr_describe_table(mpr_iocstatus_string, 2752 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2753 target_id, cm->cm_desc.Default.SMID, 2754 le32toh(rep->IOCLogInfo), 2755 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : ""); 2756 mpr_dprint(sc, MPR_XINFO, 2757 "SCSIStatus %x SCSIState %x xfercount %u\n", 2758 rep->SCSIStatus, rep->SCSIState, 2759 le32toh(rep->TransferCount)); 2760 break; 2761 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2762 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2763 case MPI2_IOCSTATUS_INVALID_VPID: 2764 case MPI2_IOCSTATUS_INVALID_FIELD: 2765 case MPI2_IOCSTATUS_INVALID_STATE: 2766 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2767 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2768 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2769 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2770 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2771 default: 2772 mprsas_log_command(cm, MPR_XINFO, 2773 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2774 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2775 rep->SCSIStatus, rep->SCSIState, 2776 le32toh(rep->TransferCount)); 2777 csio->resid = cm->cm_length; 2778 2779 if (scsi_cdb[0] == UNMAP && 2780 target->is_nvme && 2781 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) 2782 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2783 else 2784 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2785 2786 break; 2787 } 2788 2789 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ); 2790 2791 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2792 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2793 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2794 mpr_dprint(sc, MPR_XINFO, "Command completed, unfreezing SIM " 2795 "queue\n"); 2796 } 2797 2798 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2799 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2800 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2801 } 2802 2803 /* 2804 * Check to see if we're removing the device. If so, and this is the 2805 * last command on the queue, proceed with the deferred removal of the 2806 * device. Note, for removing a volume, this won't trigger because 2807 * pending_remove_tm will be NULL. 2808 */ 2809 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) { 2810 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2811 cm->cm_targ->pending_remove_tm != NULL) { 2812 mpr_dprint(sc, MPR_INFO, "Last pending command complete: starting remove_device\n"); 2813 mpr_map_command(sc, cm->cm_targ->pending_remove_tm); 2814 cm->cm_targ->pending_remove_tm = NULL; 2815 } 2816 } 2817 2818 mpr_free_command(sc, cm); 2819 xpt_done(ccb); 2820 } 2821 2822 static void 2823 mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2824 { 2825 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2826 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2827 uint64_t sasaddr; 2828 union ccb *ccb; 2829 2830 ccb = cm->cm_complete_data; 2831 2832 /* 2833 * Currently there should be no way we can hit this case. It only 2834 * happens when we have a failure to allocate chain frames, and SMP 2835 * commands require two S/G elements only. That should be handled 2836 * in the standard request size. 2837 */ 2838 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2839 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP " 2840 "request!\n", __func__, cm->cm_flags); 2841 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2842 goto bailout; 2843 } 2844 2845 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2846 if (rpl == NULL) { 2847 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__); 2848 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2849 goto bailout; 2850 } 2851 2852 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2853 sasaddr = le32toh(req->SASAddress.Low); 2854 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2855 2856 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2857 MPI2_IOCSTATUS_SUCCESS || 2858 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2859 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2860 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2861 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2862 goto bailout; 2863 } 2864 2865 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx " 2866 "completed successfully\n", __func__, (uintmax_t)sasaddr); 2867 2868 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2869 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2870 else 2871 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2872 2873 bailout: 2874 /* 2875 * We sync in both directions because we had DMAs in the S/G list 2876 * in both directions. 2877 */ 2878 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2879 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2880 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2881 mpr_free_command(sc, cm); 2882 xpt_done(ccb); 2883 } 2884 2885 static void 2886 mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2887 { 2888 struct mpr_command *cm; 2889 uint8_t *request, *response; 2890 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2891 struct mpr_softc *sc; 2892 struct sglist *sg; 2893 int error; 2894 2895 sc = sassc->sc; 2896 sg = NULL; 2897 error = 0; 2898 2899 switch (ccb->ccb_h.flags & CAM_DATA_MASK) { 2900 case CAM_DATA_PADDR: 2901 case CAM_DATA_SG_PADDR: 2902 /* 2903 * XXX We don't yet support physical addresses here. 2904 */ 2905 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not " 2906 "supported\n", __func__); 2907 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2908 xpt_done(ccb); 2909 return; 2910 case CAM_DATA_SG: 2911 /* 2912 * The chip does not support more than one buffer for the 2913 * request or response. 2914 */ 2915 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2916 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2917 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or " 2918 "response buffer segments not supported for SMP\n", 2919 __func__); 2920 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2921 xpt_done(ccb); 2922 return; 2923 } 2924 2925 /* 2926 * The CAM_SCATTER_VALID flag was originally implemented 2927 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2928 * We have two. So, just take that flag to mean that we 2929 * might have S/G lists, and look at the S/G segment count 2930 * to figure out whether that is the case for each individual 2931 * buffer. 2932 */ 2933 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2934 bus_dma_segment_t *req_sg; 2935 2936 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2937 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2938 } else 2939 request = ccb->smpio.smp_request; 2940 2941 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2942 bus_dma_segment_t *rsp_sg; 2943 2944 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2945 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2946 } else 2947 response = ccb->smpio.smp_response; 2948 break; 2949 case CAM_DATA_VADDR: 2950 request = ccb->smpio.smp_request; 2951 response = ccb->smpio.smp_response; 2952 break; 2953 default: 2954 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2955 xpt_done(ccb); 2956 return; 2957 } 2958 2959 cm = mpr_alloc_command(sc); 2960 if (cm == NULL) { 2961 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n", 2962 __func__); 2963 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2964 xpt_done(ccb); 2965 return; 2966 } 2967 2968 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2969 bzero(req, sizeof(*req)); 2970 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 2971 2972 /* Allow the chip to use any route to this SAS address. */ 2973 req->PhysicalPort = 0xff; 2974 2975 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 2976 req->SGLFlags = 2977 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 2978 2979 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address " 2980 "%#jx\n", __func__, (uintmax_t)sasaddr); 2981 2982 mpr_init_sge(cm, req, &req->SGL); 2983 2984 /* 2985 * Set up a uio to pass into mpr_map_command(). This allows us to 2986 * do one map command, and one busdma call in there. 2987 */ 2988 cm->cm_uio.uio_iov = cm->cm_iovec; 2989 cm->cm_uio.uio_iovcnt = 2; 2990 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 2991 2992 /* 2993 * The read/write flag isn't used by busdma, but set it just in 2994 * case. This isn't exactly accurate, either, since we're going in 2995 * both directions. 2996 */ 2997 cm->cm_uio.uio_rw = UIO_WRITE; 2998 2999 cm->cm_iovec[0].iov_base = request; 3000 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 3001 cm->cm_iovec[1].iov_base = response; 3002 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 3003 3004 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 3005 cm->cm_iovec[1].iov_len; 3006 3007 /* 3008 * Trigger a warning message in mpr_data_cb() for the user if we 3009 * wind up exceeding two S/G segments. The chip expects one 3010 * segment for the request and another for the response. 3011 */ 3012 cm->cm_max_segs = 2; 3013 3014 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3015 cm->cm_complete = mprsas_smpio_complete; 3016 cm->cm_complete_data = ccb; 3017 3018 /* 3019 * Tell the mapping code that we're using a uio, and that this is 3020 * an SMP passthrough request. There is a little special-case 3021 * logic there (in mpr_data_cb()) to handle the bidirectional 3022 * transfer. 3023 */ 3024 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS | 3025 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT; 3026 3027 /* The chip data format is little endian. */ 3028 req->SASAddress.High = htole32(sasaddr >> 32); 3029 req->SASAddress.Low = htole32(sasaddr); 3030 3031 /* 3032 * XXX Note that we don't have a timeout/abort mechanism here. 3033 * From the manual, it looks like task management requests only 3034 * work for SCSI IO and SATA passthrough requests. We may need to 3035 * have a mechanism to retry requests in the event of a chip reset 3036 * at least. Hopefully the chip will insure that any errors short 3037 * of that are relayed back to the driver. 3038 */ 3039 error = mpr_map_command(sc, cm); 3040 if ((error != 0) && (error != EINPROGRESS)) { 3041 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from " 3042 "mpr_map_command()\n", __func__, error); 3043 goto bailout_error; 3044 } 3045 3046 return; 3047 3048 bailout_error: 3049 mpr_free_command(sc, cm); 3050 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3051 xpt_done(ccb); 3052 return; 3053 } 3054 3055 static void 3056 mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb) 3057 { 3058 struct mpr_softc *sc; 3059 struct mprsas_target *targ; 3060 uint64_t sasaddr = 0; 3061 3062 sc = sassc->sc; 3063 3064 /* 3065 * Make sure the target exists. 3066 */ 3067 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3068 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 3069 targ = &sassc->targets[ccb->ccb_h.target_id]; 3070 if (targ->handle == 0x0) { 3071 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n", 3072 __func__, ccb->ccb_h.target_id); 3073 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 3074 xpt_done(ccb); 3075 return; 3076 } 3077 3078 /* 3079 * If this device has an embedded SMP target, we'll talk to it 3080 * directly. 3081 * figure out what the expander's address is. 3082 */ 3083 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 3084 sasaddr = targ->sasaddr; 3085 3086 /* 3087 * If we don't have a SAS address for the expander yet, try 3088 * grabbing it from the page 0x83 information cached in the 3089 * transport layer for this target. LSI expanders report the 3090 * expander SAS address as the port-associated SAS address in 3091 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 3092 * 0x83. 3093 * 3094 * XXX KDM disable this for now, but leave it commented out so that 3095 * it is obvious that this is another possible way to get the SAS 3096 * address. 3097 * 3098 * The parent handle method below is a little more reliable, and 3099 * the other benefit is that it works for devices other than SES 3100 * devices. So you can send a SMP request to a da(4) device and it 3101 * will get routed to the expander that device is attached to. 3102 * (Assuming the da(4) device doesn't contain an SMP target...) 3103 */ 3104 #if 0 3105 if (sasaddr == 0) 3106 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 3107 #endif 3108 3109 /* 3110 * If we still don't have a SAS address for the expander, look for 3111 * the parent device of this device, which is probably the expander. 3112 */ 3113 if (sasaddr == 0) { 3114 #ifdef OLD_MPR_PROBE 3115 struct mprsas_target *parent_target; 3116 #endif 3117 3118 if (targ->parent_handle == 0x0) { 3119 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3120 "a valid parent handle!\n", __func__, targ->handle); 3121 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3122 goto bailout; 3123 } 3124 #ifdef OLD_MPR_PROBE 3125 parent_target = mprsas_find_target_by_handle(sassc, 0, 3126 targ->parent_handle); 3127 3128 if (parent_target == NULL) { 3129 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3130 "a valid parent target!\n", __func__, targ->handle); 3131 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3132 goto bailout; 3133 } 3134 3135 if ((parent_target->devinfo & 3136 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3137 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3138 "does not have an SMP target!\n", __func__, 3139 targ->handle, parent_target->handle); 3140 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3141 goto bailout; 3142 } 3143 3144 sasaddr = parent_target->sasaddr; 3145 #else /* OLD_MPR_PROBE */ 3146 if ((targ->parent_devinfo & 3147 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3148 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3149 "does not have an SMP target!\n", __func__, 3150 targ->handle, targ->parent_handle); 3151 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3152 goto bailout; 3153 } 3154 if (targ->parent_sasaddr == 0x0) { 3155 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle " 3156 "%d does not have a valid SAS address!\n", __func__, 3157 targ->handle, targ->parent_handle); 3158 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3159 goto bailout; 3160 } 3161 3162 sasaddr = targ->parent_sasaddr; 3163 #endif /* OLD_MPR_PROBE */ 3164 } 3165 3166 if (sasaddr == 0) { 3167 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for " 3168 "handle %d\n", __func__, targ->handle); 3169 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3170 goto bailout; 3171 } 3172 mprsas_send_smpcmd(sassc, ccb, sasaddr); 3173 3174 return; 3175 3176 bailout: 3177 xpt_done(ccb); 3178 3179 } 3180 3181 static void 3182 mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb) 3183 { 3184 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3185 struct mpr_softc *sc; 3186 struct mpr_command *tm; 3187 struct mprsas_target *targ; 3188 3189 MPR_FUNCTRACE(sassc->sc); 3190 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 3191 3192 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of " 3193 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id)); 3194 sc = sassc->sc; 3195 tm = mprsas_alloc_tm(sc); 3196 if (tm == NULL) { 3197 mpr_dprint(sc, MPR_ERROR, "command alloc failure in " 3198 "mprsas_action_resetdev\n"); 3199 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3200 xpt_done(ccb); 3201 return; 3202 } 3203 3204 targ = &sassc->targets[ccb->ccb_h.target_id]; 3205 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3206 req->DevHandle = htole16(targ->handle); 3207 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3208 3209 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 3210 /* SAS Hard Link Reset / SATA Link Reset */ 3211 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3212 } else { 3213 /* PCIe Protocol Level Reset*/ 3214 req->MsgFlags = 3215 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 3216 } 3217 3218 tm->cm_data = NULL; 3219 tm->cm_complete = mprsas_resetdev_complete; 3220 tm->cm_complete_data = ccb; 3221 3222 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 3223 __func__, targ->tid); 3224 tm->cm_targ = targ; 3225 3226 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3227 mpr_map_command(sc, tm); 3228 } 3229 3230 static void 3231 mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm) 3232 { 3233 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3234 union ccb *ccb; 3235 3236 MPR_FUNCTRACE(sc); 3237 mtx_assert(&sc->mpr_mtx, MA_OWNED); 3238 3239 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3240 ccb = tm->cm_complete_data; 3241 3242 /* 3243 * Currently there should be no way we can hit this case. It only 3244 * happens when we have a failure to allocate chain frames, and 3245 * task management commands don't have S/G lists. 3246 */ 3247 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3248 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3249 3250 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3251 3252 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of " 3253 "handle %#04x! This should not happen!\n", __func__, 3254 tm->cm_flags, req->DevHandle); 3255 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3256 goto bailout; 3257 } 3258 3259 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", 3260 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3261 3262 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3263 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 3264 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3265 CAM_LUN_WILDCARD); 3266 } 3267 else 3268 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3269 3270 bailout: 3271 3272 mprsas_free_tm(sc, tm); 3273 xpt_done(ccb); 3274 } 3275 3276 static void 3277 mprsas_poll(struct cam_sim *sim) 3278 { 3279 struct mprsas_softc *sassc; 3280 3281 sassc = cam_sim_softc(sim); 3282 3283 if (sassc->sc->mpr_debug & MPR_TRACE) { 3284 /* frequent debug messages during a panic just slow 3285 * everything down too much. 3286 */ 3287 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n", 3288 __func__); 3289 sassc->sc->mpr_debug &= ~MPR_TRACE; 3290 } 3291 3292 mpr_intr_locked(sassc->sc); 3293 } 3294 3295 static void 3296 mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3297 void *arg) 3298 { 3299 struct mpr_softc *sc; 3300 3301 sc = (struct mpr_softc *)callback_arg; 3302 3303 switch (code) { 3304 case AC_ADVINFO_CHANGED: { 3305 struct mprsas_target *target; 3306 struct mprsas_softc *sassc; 3307 struct scsi_read_capacity_data_long rcap_buf; 3308 struct ccb_dev_advinfo cdai; 3309 struct mprsas_lun *lun; 3310 lun_id_t lunid; 3311 int found_lun; 3312 uintptr_t buftype; 3313 3314 buftype = (uintptr_t)arg; 3315 3316 found_lun = 0; 3317 sassc = sc->sassc; 3318 3319 /* 3320 * We're only interested in read capacity data changes. 3321 */ 3322 if (buftype != CDAI_TYPE_RCAPLONG) 3323 break; 3324 3325 /* 3326 * We should have a handle for this, but check to make sure. 3327 */ 3328 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3329 ("Target %d out of bounds in mprsas_async\n", 3330 xpt_path_target_id(path))); 3331 target = &sassc->targets[xpt_path_target_id(path)]; 3332 if (target->handle == 0) 3333 break; 3334 3335 lunid = xpt_path_lun_id(path); 3336 3337 SLIST_FOREACH(lun, &target->luns, lun_link) { 3338 if (lun->lun_id == lunid) { 3339 found_lun = 1; 3340 break; 3341 } 3342 } 3343 3344 if (found_lun == 0) { 3345 lun = malloc(sizeof(struct mprsas_lun), M_MPR, 3346 M_NOWAIT | M_ZERO); 3347 if (lun == NULL) { 3348 mpr_dprint(sc, MPR_ERROR, "Unable to alloc " 3349 "LUN for EEDP support.\n"); 3350 break; 3351 } 3352 lun->lun_id = lunid; 3353 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3354 } 3355 3356 bzero(&rcap_buf, sizeof(rcap_buf)); 3357 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3358 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3359 cdai.ccb_h.flags = CAM_DIR_IN; 3360 cdai.buftype = CDAI_TYPE_RCAPLONG; 3361 cdai.flags = CDAI_FLAG_NONE; 3362 cdai.bufsiz = sizeof(rcap_buf); 3363 cdai.buf = (uint8_t *)&rcap_buf; 3364 xpt_action((union ccb *)&cdai); 3365 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3366 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE); 3367 3368 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3369 && (rcap_buf.prot & SRC16_PROT_EN)) { 3370 switch (rcap_buf.prot & SRC16_P_TYPE) { 3371 case SRC16_PTYPE_1: 3372 case SRC16_PTYPE_3: 3373 lun->eedp_formatted = TRUE; 3374 lun->eedp_block_size = 3375 scsi_4btoul(rcap_buf.length); 3376 break; 3377 case SRC16_PTYPE_2: 3378 default: 3379 lun->eedp_formatted = FALSE; 3380 lun->eedp_block_size = 0; 3381 break; 3382 } 3383 } else { 3384 lun->eedp_formatted = FALSE; 3385 lun->eedp_block_size = 0; 3386 } 3387 break; 3388 } 3389 case AC_FOUND_DEVICE: 3390 default: 3391 break; 3392 } 3393 } 3394 3395 /* 3396 * Set the INRESET flag for this target so that no I/O will be sent to 3397 * the target until the reset has completed. If an I/O request does 3398 * happen, the devq will be frozen. The CCB holds the path which is 3399 * used to release the devq. The devq is released and the CCB is freed 3400 * when the TM completes. 3401 */ 3402 void 3403 mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm, 3404 struct mprsas_target *target, lun_id_t lun_id) 3405 { 3406 union ccb *ccb; 3407 path_id_t path_id; 3408 3409 ccb = xpt_alloc_ccb_nowait(); 3410 if (ccb) { 3411 path_id = cam_sim_path(sc->sassc->sim); 3412 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3413 target->tid, lun_id) != CAM_REQ_CMP) { 3414 xpt_free_ccb(ccb); 3415 } else { 3416 tm->cm_ccb = ccb; 3417 tm->cm_targ = target; 3418 target->flags |= MPRSAS_TARGET_INRESET; 3419 } 3420 } 3421 } 3422 3423 int 3424 mprsas_startup(struct mpr_softc *sc) 3425 { 3426 /* 3427 * Send the port enable message and set the wait_for_port_enable flag. 3428 * This flag helps to keep the simq frozen until all discovery events 3429 * are processed. 3430 */ 3431 sc->wait_for_port_enable = 1; 3432 mprsas_send_portenable(sc); 3433 return (0); 3434 } 3435 3436 static int 3437 mprsas_send_portenable(struct mpr_softc *sc) 3438 { 3439 MPI2_PORT_ENABLE_REQUEST *request; 3440 struct mpr_command *cm; 3441 3442 MPR_FUNCTRACE(sc); 3443 3444 if ((cm = mpr_alloc_command(sc)) == NULL) 3445 return (EBUSY); 3446 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3447 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3448 request->MsgFlags = 0; 3449 request->VP_ID = 0; 3450 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3451 cm->cm_complete = mprsas_portenable_complete; 3452 cm->cm_data = NULL; 3453 cm->cm_sge = NULL; 3454 3455 mpr_map_command(sc, cm); 3456 mpr_dprint(sc, MPR_XINFO, 3457 "mpr_send_portenable finished cm %p req %p complete %p\n", 3458 cm, cm->cm_req, cm->cm_complete); 3459 return (0); 3460 } 3461 3462 static void 3463 mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm) 3464 { 3465 MPI2_PORT_ENABLE_REPLY *reply; 3466 struct mprsas_softc *sassc; 3467 3468 MPR_FUNCTRACE(sc); 3469 sassc = sc->sassc; 3470 3471 /* 3472 * Currently there should be no way we can hit this case. It only 3473 * happens when we have a failure to allocate chain frames, and 3474 * port enable commands don't have S/G lists. 3475 */ 3476 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3477 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! " 3478 "This should not happen!\n", __func__, cm->cm_flags); 3479 } 3480 3481 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3482 if (reply == NULL) 3483 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n"); 3484 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) != 3485 MPI2_IOCSTATUS_SUCCESS) 3486 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n"); 3487 3488 mpr_free_command(sc, cm); 3489 /* 3490 * Done waiting for port enable to complete. Decrement the refcount. 3491 * If refcount is 0, discovery is complete and a rescan of the bus can 3492 * take place. 3493 */ 3494 sc->wait_for_port_enable = 0; 3495 sc->port_enable_complete = 1; 3496 wakeup(&sc->port_enable_complete); 3497 mprsas_startup_decrement(sassc); 3498 } 3499 3500 int 3501 mprsas_check_id(struct mprsas_softc *sassc, int id) 3502 { 3503 struct mpr_softc *sc = sassc->sc; 3504 char *ids; 3505 char *name; 3506 3507 ids = &sc->exclude_ids[0]; 3508 while((name = strsep(&ids, ",")) != NULL) { 3509 if (name[0] == '\0') 3510 continue; 3511 if (strtol(name, NULL, 0) == (long)id) 3512 return (1); 3513 } 3514 3515 return (0); 3516 } 3517 3518 void 3519 mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets) 3520 { 3521 struct mprsas_softc *sassc; 3522 struct mprsas_lun *lun, *lun_tmp; 3523 struct mprsas_target *targ; 3524 int i; 3525 3526 sassc = sc->sassc; 3527 /* 3528 * The number of targets is based on IOC Facts, so free all of 3529 * the allocated LUNs for each target and then the target buffer 3530 * itself. 3531 */ 3532 for (i=0; i< maxtargets; i++) { 3533 targ = &sassc->targets[i]; 3534 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3535 free(lun, M_MPR); 3536 } 3537 } 3538 free(sassc->targets, M_MPR); 3539 3540 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets, 3541 M_MPR, M_WAITOK|M_ZERO); 3542 } 3543