1 /*- 2 * Copyright (c) 2009 Yahoo! Inc. 3 * Copyright (c) 2011-2015 LSI Corp. 4 * Copyright (c) 2013-2016 Avago Technologies 5 * Copyright 2000-2020 Broadcom Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD 30 * 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 /* Communications core for Avago Technologies (LSI) MPT3 */ 37 38 /* TODO Move headers to mprvar */ 39 #include <sys/types.h> 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/kernel.h> 43 #include <sys/selinfo.h> 44 #include <sys/module.h> 45 #include <sys/bus.h> 46 #include <sys/conf.h> 47 #include <sys/bio.h> 48 #include <sys/malloc.h> 49 #include <sys/uio.h> 50 #include <sys/sysctl.h> 51 #include <sys/endian.h> 52 #include <sys/queue.h> 53 #include <sys/kthread.h> 54 #include <sys/taskqueue.h> 55 #include <sys/sbuf.h> 56 57 #include <machine/bus.h> 58 #include <machine/resource.h> 59 #include <sys/rman.h> 60 61 #include <machine/stdarg.h> 62 63 #include <cam/cam.h> 64 #include <cam/cam_ccb.h> 65 #include <cam/cam_debug.h> 66 #include <cam/cam_sim.h> 67 #include <cam/cam_xpt_sim.h> 68 #include <cam/cam_xpt_periph.h> 69 #include <cam/cam_periph.h> 70 #include <cam/scsi/scsi_all.h> 71 #include <cam/scsi/scsi_message.h> 72 #include <cam/scsi/smp_all.h> 73 74 #include <dev/nvme/nvme.h> 75 76 #include <dev/mpr/mpi/mpi2_type.h> 77 #include <dev/mpr/mpi/mpi2.h> 78 #include <dev/mpr/mpi/mpi2_ioc.h> 79 #include <dev/mpr/mpi/mpi2_sas.h> 80 #include <dev/mpr/mpi/mpi2_pci.h> 81 #include <dev/mpr/mpi/mpi2_cnfg.h> 82 #include <dev/mpr/mpi/mpi2_init.h> 83 #include <dev/mpr/mpi/mpi2_tool.h> 84 #include <dev/mpr/mpr_ioctl.h> 85 #include <dev/mpr/mprvar.h> 86 #include <dev/mpr/mpr_table.h> 87 #include <dev/mpr/mpr_sas.h> 88 89 #define MPRSAS_DISCOVERY_TIMEOUT 20 90 #define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 91 92 /* 93 * static array to check SCSI OpCode for EEDP protection bits 94 */ 95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 98 static uint8_t op_code_prot[256] = { 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 115 }; 116 117 MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory"); 118 119 static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *); 120 static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *); 121 static void mprsas_action(struct cam_sim *sim, union ccb *ccb); 122 static void mprsas_poll(struct cam_sim *sim); 123 static void mprsas_scsiio_timeout(void *data); 124 static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm); 125 static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *); 126 static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *); 127 static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *); 128 static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *); 129 static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 130 struct mpr_command *cm); 131 static void mprsas_async(void *callback_arg, uint32_t code, 132 struct cam_path *path, void *arg); 133 static int mprsas_send_portenable(struct mpr_softc *sc); 134 static void mprsas_portenable_complete(struct mpr_softc *sc, 135 struct mpr_command *cm); 136 137 static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm); 138 static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, 139 uint64_t sasaddr); 140 static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb); 141 142 struct mprsas_target * 143 mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start, 144 uint16_t handle) 145 { 146 struct mprsas_target *target; 147 int i; 148 149 for (i = start; i < sassc->maxtargets; i++) { 150 target = &sassc->targets[i]; 151 if (target->handle == handle) 152 return (target); 153 } 154 155 return (NULL); 156 } 157 158 /* we need to freeze the simq during attach and diag reset, to avoid failing 159 * commands before device handles have been found by discovery. Since 160 * discovery involves reading config pages and possibly sending commands, 161 * discovery actions may continue even after we receive the end of discovery 162 * event, so refcount discovery actions instead of assuming we can unfreeze 163 * the simq when we get the event. 164 */ 165 void 166 mprsas_startup_increment(struct mprsas_softc *sassc) 167 { 168 MPR_FUNCTRACE(sassc->sc); 169 170 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 171 if (sassc->startup_refcount++ == 0) { 172 /* just starting, freeze the simq */ 173 mpr_dprint(sassc->sc, MPR_INIT, 174 "%s freezing simq\n", __func__); 175 xpt_hold_boot(); 176 xpt_freeze_simq(sassc->sim, 1); 177 } 178 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 179 sassc->startup_refcount); 180 } 181 } 182 183 void 184 mprsas_release_simq_reinit(struct mprsas_softc *sassc) 185 { 186 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 187 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 188 xpt_release_simq(sassc->sim, 1); 189 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n"); 190 } 191 } 192 193 void 194 mprsas_startup_decrement(struct mprsas_softc *sassc) 195 { 196 MPR_FUNCTRACE(sassc->sc); 197 198 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 199 if (--sassc->startup_refcount == 0) { 200 /* finished all discovery-related actions, release 201 * the simq and rescan for the latest topology. 202 */ 203 mpr_dprint(sassc->sc, MPR_INIT, 204 "%s releasing simq\n", __func__); 205 sassc->flags &= ~MPRSAS_IN_STARTUP; 206 xpt_release_simq(sassc->sim, 1); 207 xpt_release_boot(); 208 } 209 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 210 sassc->startup_refcount); 211 } 212 } 213 214 /* 215 * The firmware requires us to stop sending commands when we're doing task 216 * management. 217 * use. 218 * XXX The logic for serializing the device has been made lazy and moved to 219 * mprsas_prepare_for_tm(). 220 */ 221 struct mpr_command * 222 mprsas_alloc_tm(struct mpr_softc *sc) 223 { 224 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 225 struct mpr_command *tm; 226 227 MPR_FUNCTRACE(sc); 228 tm = mpr_alloc_high_priority_command(sc); 229 if (tm == NULL) 230 return (NULL); 231 232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 233 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 234 return tm; 235 } 236 237 void 238 mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm) 239 { 240 int target_id = 0xFFFFFFFF; 241 242 MPR_FUNCTRACE(sc); 243 if (tm == NULL) 244 return; 245 246 /* 247 * For TM's the devq is frozen for the device. Unfreeze it here and 248 * free the resources used for freezing the devq. Must clear the 249 * INRESET flag as well or scsi I/O will not work. 250 */ 251 if (tm->cm_targ != NULL) { 252 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET; 253 target_id = tm->cm_targ->tid; 254 } 255 if (tm->cm_ccb) { 256 mpr_dprint(sc, MPR_INFO, "Unfreezing devq for target ID %d\n", 257 target_id); 258 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 259 xpt_free_path(tm->cm_ccb->ccb_h.path); 260 xpt_free_ccb(tm->cm_ccb); 261 } 262 263 mpr_free_high_priority_command(sc, tm); 264 } 265 266 void 267 mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ) 268 { 269 struct mprsas_softc *sassc = sc->sassc; 270 path_id_t pathid; 271 target_id_t targetid; 272 union ccb *ccb; 273 274 MPR_FUNCTRACE(sc); 275 pathid = cam_sim_path(sassc->sim); 276 if (targ == NULL) 277 targetid = CAM_TARGET_WILDCARD; 278 else 279 targetid = targ - sassc->targets; 280 281 /* 282 * Allocate a CCB and schedule a rescan. 283 */ 284 ccb = xpt_alloc_ccb_nowait(); 285 if (ccb == NULL) { 286 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n"); 287 return; 288 } 289 290 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid, 291 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 292 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n"); 293 xpt_free_ccb(ccb); 294 return; 295 } 296 297 if (targetid == CAM_TARGET_WILDCARD) 298 ccb->ccb_h.func_code = XPT_SCAN_BUS; 299 else 300 ccb->ccb_h.func_code = XPT_SCAN_TGT; 301 302 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid); 303 xpt_rescan(ccb); 304 } 305 306 static void 307 mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...) 308 { 309 struct sbuf sb; 310 va_list ap; 311 char str[224]; 312 char path_str[64]; 313 314 if (cm == NULL) 315 return; 316 317 /* No need to be in here if debugging isn't enabled */ 318 if ((cm->cm_sc->mpr_debug & level) == 0) 319 return; 320 321 sbuf_new(&sb, str, sizeof(str), 0); 322 323 va_start(ap, fmt); 324 325 if (cm->cm_ccb != NULL) { 326 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 327 sizeof(path_str)); 328 sbuf_cat(&sb, path_str); 329 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 330 scsi_command_string(&cm->cm_ccb->csio, &sb); 331 sbuf_printf(&sb, "length %d ", 332 cm->cm_ccb->csio.dxfer_len); 333 } 334 } else { 335 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 336 cam_sim_name(cm->cm_sc->sassc->sim), 337 cam_sim_unit(cm->cm_sc->sassc->sim), 338 cam_sim_bus(cm->cm_sc->sassc->sim), 339 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 340 cm->cm_lun); 341 } 342 343 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 344 sbuf_vprintf(&sb, fmt, ap); 345 sbuf_finish(&sb); 346 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 347 348 va_end(ap); 349 } 350 351 static void 352 mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm) 353 { 354 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 355 struct mprsas_target *targ; 356 uint16_t handle; 357 358 MPR_FUNCTRACE(sc); 359 360 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 361 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 362 targ = tm->cm_targ; 363 364 if (reply == NULL) { 365 /* XXX retry the remove after the diag reset completes? */ 366 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 367 "0x%04x\n", __func__, handle); 368 mprsas_free_tm(sc, tm); 369 return; 370 } 371 372 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 373 MPI2_IOCSTATUS_SUCCESS) { 374 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 375 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 376 } 377 378 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 379 le32toh(reply->TerminationCount)); 380 mpr_free_reply(sc, tm->cm_reply_data); 381 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 382 383 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n", 384 targ->tid, handle); 385 386 /* 387 * Don't clear target if remove fails because things will get confusing. 388 * Leave the devname and sasaddr intact so that we know to avoid reusing 389 * this target id if possible, and so we can assign the same target id 390 * to this device if it comes back in the future. 391 */ 392 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 393 MPI2_IOCSTATUS_SUCCESS) { 394 targ = tm->cm_targ; 395 targ->handle = 0x0; 396 targ->encl_handle = 0x0; 397 targ->encl_level_valid = 0x0; 398 targ->encl_level = 0x0; 399 targ->connector_name[0] = ' '; 400 targ->connector_name[1] = ' '; 401 targ->connector_name[2] = ' '; 402 targ->connector_name[3] = ' '; 403 targ->encl_slot = 0x0; 404 targ->exp_dev_handle = 0x0; 405 targ->phy_num = 0x0; 406 targ->linkrate = 0x0; 407 targ->devinfo = 0x0; 408 targ->flags = 0x0; 409 targ->scsi_req_desc_type = 0; 410 } 411 412 mprsas_free_tm(sc, tm); 413 } 414 415 416 /* 417 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 418 * Otherwise Volume Delete is same as Bare Drive Removal. 419 */ 420 void 421 mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle) 422 { 423 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 424 struct mpr_softc *sc; 425 struct mpr_command *cm; 426 struct mprsas_target *targ = NULL; 427 428 MPR_FUNCTRACE(sassc->sc); 429 sc = sassc->sc; 430 431 targ = mprsas_find_target_by_handle(sassc, 0, handle); 432 if (targ == NULL) { 433 /* FIXME: what is the action? */ 434 /* We don't know about this device? */ 435 mpr_dprint(sc, MPR_ERROR, 436 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 437 return; 438 } 439 440 targ->flags |= MPRSAS_TARGET_INREMOVAL; 441 442 cm = mprsas_alloc_tm(sc); 443 if (cm == NULL) { 444 mpr_dprint(sc, MPR_ERROR, 445 "%s: command alloc failure\n", __func__); 446 return; 447 } 448 449 mprsas_rescan_target(sc, targ); 450 451 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 452 req->DevHandle = targ->handle; 453 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 454 455 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 456 /* SAS Hard Link Reset / SATA Link Reset */ 457 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 458 } else { 459 /* PCIe Protocol Level Reset*/ 460 req->MsgFlags = 461 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 462 } 463 464 cm->cm_targ = targ; 465 cm->cm_data = NULL; 466 cm->cm_complete = mprsas_remove_volume; 467 cm->cm_complete_data = (void *)(uintptr_t)handle; 468 469 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 470 __func__, targ->tid); 471 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 472 473 mpr_map_command(sc, cm); 474 } 475 476 /* 477 * The firmware performs debounce on the link to avoid transient link errors 478 * and false removals. When it does decide that link has been lost and a 479 * device needs to go away, it expects that the host will perform a target reset 480 * and then an op remove. The reset has the side-effect of aborting any 481 * outstanding requests for the device, which is required for the op-remove to 482 * succeed. It's not clear if the host should check for the device coming back 483 * alive after the reset. 484 */ 485 void 486 mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle) 487 { 488 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 489 struct mpr_softc *sc; 490 struct mpr_command *tm; 491 struct mprsas_target *targ = NULL; 492 493 MPR_FUNCTRACE(sassc->sc); 494 495 sc = sassc->sc; 496 497 targ = mprsas_find_target_by_handle(sassc, 0, handle); 498 if (targ == NULL) { 499 /* FIXME: what is the action? */ 500 /* We don't know about this device? */ 501 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n", 502 __func__, handle); 503 return; 504 } 505 506 targ->flags |= MPRSAS_TARGET_INREMOVAL; 507 508 tm = mprsas_alloc_tm(sc); 509 if (tm == NULL) { 510 mpr_dprint(sc, MPR_ERROR, "%s: command alloc failure\n", 511 __func__); 512 return; 513 } 514 515 mprsas_rescan_target(sc, targ); 516 517 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 518 memset(req, 0, sizeof(*req)); 519 req->DevHandle = htole16(targ->handle); 520 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 521 522 /* SAS Hard Link Reset / SATA Link Reset */ 523 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 524 525 tm->cm_targ = targ; 526 tm->cm_data = NULL; 527 tm->cm_complete = mprsas_remove_device; 528 tm->cm_complete_data = (void *)(uintptr_t)handle; 529 530 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 531 __func__, targ->tid); 532 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 533 534 mpr_map_command(sc, tm); 535 } 536 537 static void 538 mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm) 539 { 540 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 541 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 542 struct mprsas_target *targ; 543 uint16_t handle; 544 545 MPR_FUNCTRACE(sc); 546 547 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 548 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 549 targ = tm->cm_targ; 550 551 /* 552 * Currently there should be no way we can hit this case. It only 553 * happens when we have a failure to allocate chain frames, and 554 * task management commands don't have S/G lists. 555 */ 556 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 557 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of " 558 "handle %#04x! This should not happen!\n", __func__, 559 tm->cm_flags, handle); 560 } 561 562 if (reply == NULL) { 563 /* XXX retry the remove after the diag reset completes? */ 564 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 565 "0x%04x\n", __func__, handle); 566 mprsas_free_tm(sc, tm); 567 return; 568 } 569 570 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 571 MPI2_IOCSTATUS_SUCCESS) { 572 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 573 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 574 } 575 576 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 577 le32toh(reply->TerminationCount)); 578 mpr_free_reply(sc, tm->cm_reply_data); 579 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 580 581 /* Reuse the existing command */ 582 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 583 memset(req, 0, sizeof(*req)); 584 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 585 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 586 req->DevHandle = htole16(handle); 587 tm->cm_data = NULL; 588 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 589 tm->cm_complete = mprsas_remove_complete; 590 tm->cm_complete_data = (void *)(uintptr_t)handle; 591 592 /* 593 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 594 * They should be aborted or time out and we'll kick thus off there 595 * if so. 596 */ 597 if (TAILQ_FIRST(&targ->commands) == NULL) { 598 mpr_dprint(sc, MPR_INFO, "No pending commands: starting remove_device\n"); 599 mpr_map_command(sc, tm); 600 targ->pending_remove_tm = NULL; 601 } else { 602 targ->pending_remove_tm = tm; 603 } 604 605 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n", 606 targ->tid, handle); 607 if (targ->encl_level_valid) { 608 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, " 609 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 610 targ->connector_name); 611 } 612 } 613 614 static void 615 mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm) 616 { 617 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 618 uint16_t handle; 619 struct mprsas_target *targ; 620 struct mprsas_lun *lun; 621 622 MPR_FUNCTRACE(sc); 623 624 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 625 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 626 627 targ = tm->cm_targ; 628 629 /* 630 * At this point, we should have no pending commands for the target. 631 * The remove target has just completed. 632 */ 633 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 634 ("%s: no commands should be pending\n", __func__)); 635 636 /* 637 * Currently there should be no way we can hit this case. It only 638 * happens when we have a failure to allocate chain frames, and 639 * task management commands don't have S/G lists. 640 */ 641 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 642 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of " 643 "handle %#04x! This should not happen!\n", __func__, 644 tm->cm_flags, handle); 645 mprsas_free_tm(sc, tm); 646 return; 647 } 648 649 if (reply == NULL) { 650 /* most likely a chip reset */ 651 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device " 652 "0x%04x\n", __func__, handle); 653 mprsas_free_tm(sc, tm); 654 return; 655 } 656 657 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n", 658 __func__, handle, le16toh(reply->IOCStatus)); 659 660 /* 661 * Don't clear target if remove fails because things will get confusing. 662 * Leave the devname and sasaddr intact so that we know to avoid reusing 663 * this target id if possible, and so we can assign the same target id 664 * to this device if it comes back in the future. 665 */ 666 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 667 MPI2_IOCSTATUS_SUCCESS) { 668 targ->handle = 0x0; 669 targ->encl_handle = 0x0; 670 targ->encl_level_valid = 0x0; 671 targ->encl_level = 0x0; 672 targ->connector_name[0] = ' '; 673 targ->connector_name[1] = ' '; 674 targ->connector_name[2] = ' '; 675 targ->connector_name[3] = ' '; 676 targ->encl_slot = 0x0; 677 targ->exp_dev_handle = 0x0; 678 targ->phy_num = 0x0; 679 targ->linkrate = 0x0; 680 targ->devinfo = 0x0; 681 targ->flags = 0x0; 682 targ->scsi_req_desc_type = 0; 683 684 while (!SLIST_EMPTY(&targ->luns)) { 685 lun = SLIST_FIRST(&targ->luns); 686 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 687 free(lun, M_MPR); 688 } 689 } 690 691 mprsas_free_tm(sc, tm); 692 } 693 694 static int 695 mprsas_register_events(struct mpr_softc *sc) 696 { 697 uint8_t events[16]; 698 699 bzero(events, 16); 700 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 701 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 702 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 703 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 704 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 705 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 706 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 707 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 708 setbit(events, MPI2_EVENT_IR_VOLUME); 709 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 710 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 711 setbit(events, MPI2_EVENT_TEMP_THRESHOLD); 712 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR); 713 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) { 714 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION); 715 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 716 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE); 717 setbit(events, MPI2_EVENT_PCIE_ENUMERATION); 718 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST); 719 } 720 } 721 722 mpr_register_events(sc, events, mprsas_evt_handler, NULL, 723 &sc->sassc->mprsas_eh); 724 725 return (0); 726 } 727 728 int 729 mpr_attach_sas(struct mpr_softc *sc) 730 { 731 struct mprsas_softc *sassc; 732 cam_status status; 733 int unit, error = 0, reqs; 734 735 MPR_FUNCTRACE(sc); 736 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__); 737 738 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO); 739 740 /* 741 * XXX MaxTargets could change during a reinit. Since we don't 742 * resize the targets[] array during such an event, cache the value 743 * of MaxTargets here so that we don't get into trouble later. This 744 * should move into the reinit logic. 745 */ 746 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 747 sassc->targets = malloc(sizeof(struct mprsas_target) * 748 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO); 749 sc->sassc = sassc; 750 sassc->sc = sc; 751 752 reqs = sc->num_reqs - sc->num_prireqs - 1; 753 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 754 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n"); 755 error = ENOMEM; 756 goto out; 757 } 758 759 unit = device_get_unit(sc->mpr_dev); 760 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc, 761 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq); 762 if (sassc->sim == NULL) { 763 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n"); 764 error = EINVAL; 765 goto out; 766 } 767 768 TAILQ_INIT(&sassc->ev_queue); 769 770 /* Initialize taskqueue for Event Handling */ 771 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc); 772 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO, 773 taskqueue_thread_enqueue, &sassc->ev_tq); 774 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 775 device_get_nameunit(sc->mpr_dev)); 776 777 mpr_lock(sc); 778 779 /* 780 * XXX There should be a bus for every port on the adapter, but since 781 * we're just going to fake the topology for now, we'll pretend that 782 * everything is just a target on a single bus. 783 */ 784 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) { 785 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 786 "Error %d registering SCSI bus\n", error); 787 mpr_unlock(sc); 788 goto out; 789 } 790 791 /* 792 * Assume that discovery events will start right away. 793 * 794 * Hold off boot until discovery is complete. 795 */ 796 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY; 797 sc->sassc->startup_refcount = 0; 798 mprsas_startup_increment(sassc); 799 800 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/); 801 802 /* 803 * Register for async events so we can determine the EEDP 804 * capabilities of devices. 805 */ 806 status = xpt_create_path(&sassc->path, /*periph*/NULL, 807 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 808 CAM_LUN_WILDCARD); 809 if (status != CAM_REQ_CMP) { 810 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 811 "Error %#x creating sim path\n", status); 812 sassc->path = NULL; 813 } else { 814 int event; 815 816 event = AC_ADVINFO_CHANGED | AC_FOUND_DEVICE; 817 status = xpt_register_async(event, mprsas_async, sc, 818 sassc->path); 819 820 if (status != CAM_REQ_CMP) { 821 mpr_dprint(sc, MPR_ERROR, 822 "Error %#x registering async handler for " 823 "AC_ADVINFO_CHANGED events\n", status); 824 xpt_free_path(sassc->path); 825 sassc->path = NULL; 826 } 827 } 828 if (status != CAM_REQ_CMP) { 829 /* 830 * EEDP use is the exception, not the rule. 831 * Warn the user, but do not fail to attach. 832 */ 833 mpr_printf(sc, "EEDP capabilities disabled.\n"); 834 } 835 836 mpr_unlock(sc); 837 838 mprsas_register_events(sc); 839 out: 840 if (error) 841 mpr_detach_sas(sc); 842 843 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error); 844 return (error); 845 } 846 847 int 848 mpr_detach_sas(struct mpr_softc *sc) 849 { 850 struct mprsas_softc *sassc; 851 struct mprsas_lun *lun, *lun_tmp; 852 struct mprsas_target *targ; 853 int i; 854 855 MPR_FUNCTRACE(sc); 856 857 if (sc->sassc == NULL) 858 return (0); 859 860 sassc = sc->sassc; 861 mpr_deregister_events(sc, sassc->mprsas_eh); 862 863 /* 864 * Drain and free the event handling taskqueue with the lock 865 * unheld so that any parallel processing tasks drain properly 866 * without deadlocking. 867 */ 868 if (sassc->ev_tq != NULL) 869 taskqueue_free(sassc->ev_tq); 870 871 /* Make sure CAM doesn't wedge if we had to bail out early. */ 872 mpr_lock(sc); 873 874 while (sassc->startup_refcount != 0) 875 mprsas_startup_decrement(sassc); 876 877 /* Deregister our async handler */ 878 if (sassc->path != NULL) { 879 xpt_register_async(0, mprsas_async, sc, sassc->path); 880 xpt_free_path(sassc->path); 881 sassc->path = NULL; 882 } 883 884 if (sassc->flags & MPRSAS_IN_STARTUP) 885 xpt_release_simq(sassc->sim, 1); 886 887 if (sassc->sim != NULL) { 888 xpt_bus_deregister(cam_sim_path(sassc->sim)); 889 cam_sim_free(sassc->sim, FALSE); 890 } 891 892 mpr_unlock(sc); 893 894 if (sassc->devq != NULL) 895 cam_simq_free(sassc->devq); 896 897 for (i = 0; i < sassc->maxtargets; i++) { 898 targ = &sassc->targets[i]; 899 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 900 free(lun, M_MPR); 901 } 902 } 903 free(sassc->targets, M_MPR); 904 free(sassc, M_MPR); 905 sc->sassc = NULL; 906 907 return (0); 908 } 909 910 void 911 mprsas_discovery_end(struct mprsas_softc *sassc) 912 { 913 struct mpr_softc *sc = sassc->sc; 914 915 MPR_FUNCTRACE(sc); 916 917 if (sassc->flags & MPRSAS_DISCOVERY_TIMEOUT_PENDING) 918 callout_stop(&sassc->discovery_callout); 919 920 /* 921 * After discovery has completed, check the mapping table for any 922 * missing devices and update their missing counts. Only do this once 923 * whenever the driver is initialized so that missing counts aren't 924 * updated unnecessarily. Note that just because discovery has 925 * completed doesn't mean that events have been processed yet. The 926 * check_devices function is a callout timer that checks if ALL devices 927 * are missing. If so, it will wait a little longer for events to 928 * complete and keep resetting itself until some device in the mapping 929 * table is not missing, meaning that event processing has started. 930 */ 931 if (sc->track_mapping_events) { 932 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has " 933 "completed. Check for missing devices in the mapping " 934 "table.\n"); 935 callout_reset(&sc->device_check_callout, 936 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices, 937 sc); 938 } 939 } 940 941 static void 942 mprsas_action(struct cam_sim *sim, union ccb *ccb) 943 { 944 struct mprsas_softc *sassc; 945 946 sassc = cam_sim_softc(sim); 947 948 MPR_FUNCTRACE(sassc->sc); 949 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n", 950 ccb->ccb_h.func_code); 951 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 952 953 switch (ccb->ccb_h.func_code) { 954 case XPT_PATH_INQ: 955 { 956 struct ccb_pathinq *cpi = &ccb->cpi; 957 struct mpr_softc *sc = sassc->sc; 958 959 cpi->version_num = 1; 960 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 961 cpi->target_sprt = 0; 962 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 963 cpi->hba_eng_cnt = 0; 964 cpi->max_target = sassc->maxtargets - 1; 965 cpi->max_lun = 255; 966 967 /* 968 * initiator_id is set here to an ID outside the set of valid 969 * target IDs (including volumes). 970 */ 971 cpi->initiator_id = sassc->maxtargets; 972 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 973 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 974 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 975 cpi->unit_number = cam_sim_unit(sim); 976 cpi->bus_id = cam_sim_bus(sim); 977 /* 978 * XXXSLM-I think this needs to change based on config page or 979 * something instead of hardcoded to 150000. 980 */ 981 cpi->base_transfer_speed = 150000; 982 cpi->transport = XPORT_SAS; 983 cpi->transport_version = 0; 984 cpi->protocol = PROTO_SCSI; 985 cpi->protocol_version = SCSI_REV_SPC; 986 cpi->maxio = sc->maxio; 987 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 988 break; 989 } 990 case XPT_GET_TRAN_SETTINGS: 991 { 992 struct ccb_trans_settings *cts; 993 struct ccb_trans_settings_sas *sas; 994 struct ccb_trans_settings_scsi *scsi; 995 struct mprsas_target *targ; 996 997 cts = &ccb->cts; 998 sas = &cts->xport_specific.sas; 999 scsi = &cts->proto_specific.scsi; 1000 1001 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 1002 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n", 1003 cts->ccb_h.target_id)); 1004 targ = &sassc->targets[cts->ccb_h.target_id]; 1005 if (targ->handle == 0x0) { 1006 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1007 break; 1008 } 1009 1010 cts->protocol_version = SCSI_REV_SPC2; 1011 cts->transport = XPORT_SAS; 1012 cts->transport_version = 0; 1013 1014 sas->valid = CTS_SAS_VALID_SPEED; 1015 switch (targ->linkrate) { 1016 case 0x08: 1017 sas->bitrate = 150000; 1018 break; 1019 case 0x09: 1020 sas->bitrate = 300000; 1021 break; 1022 case 0x0a: 1023 sas->bitrate = 600000; 1024 break; 1025 case 0x0b: 1026 sas->bitrate = 1200000; 1027 break; 1028 default: 1029 sas->valid = 0; 1030 } 1031 1032 cts->protocol = PROTO_SCSI; 1033 scsi->valid = CTS_SCSI_VALID_TQ; 1034 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1035 1036 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1037 break; 1038 } 1039 case XPT_CALC_GEOMETRY: 1040 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1041 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1042 break; 1043 case XPT_RESET_DEV: 1044 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action " 1045 "XPT_RESET_DEV\n"); 1046 mprsas_action_resetdev(sassc, ccb); 1047 return; 1048 case XPT_RESET_BUS: 1049 case XPT_ABORT: 1050 case XPT_TERM_IO: 1051 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success " 1052 "for abort or reset\n"); 1053 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1054 break; 1055 case XPT_SCSI_IO: 1056 mprsas_action_scsiio(sassc, ccb); 1057 return; 1058 case XPT_SMP_IO: 1059 mprsas_action_smpio(sassc, ccb); 1060 return; 1061 default: 1062 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1063 break; 1064 } 1065 xpt_done(ccb); 1066 1067 } 1068 1069 static void 1070 mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code, 1071 target_id_t target_id, lun_id_t lun_id) 1072 { 1073 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1074 struct cam_path *path; 1075 1076 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__, 1077 ac_code, target_id, (uintmax_t)lun_id); 1078 1079 if (xpt_create_path(&path, NULL, 1080 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1081 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset " 1082 "notification\n"); 1083 return; 1084 } 1085 1086 xpt_async(ac_code, path, NULL); 1087 xpt_free_path(path); 1088 } 1089 1090 static void 1091 mprsas_complete_all_commands(struct mpr_softc *sc) 1092 { 1093 struct mpr_command *cm; 1094 int i; 1095 int completed; 1096 1097 MPR_FUNCTRACE(sc); 1098 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1099 1100 /* complete all commands with a NULL reply */ 1101 for (i = 1; i < sc->num_reqs; i++) { 1102 cm = &sc->commands[i]; 1103 if (cm->cm_state == MPR_CM_STATE_FREE) 1104 continue; 1105 1106 cm->cm_state = MPR_CM_STATE_BUSY; 1107 cm->cm_reply = NULL; 1108 completed = 0; 1109 1110 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) { 1111 MPASS(cm->cm_data); 1112 free(cm->cm_data, M_MPR); 1113 cm->cm_data = NULL; 1114 } 1115 1116 if (cm->cm_flags & MPR_CM_FLAGS_POLLED) 1117 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE; 1118 1119 if (cm->cm_complete != NULL) { 1120 mprsas_log_command(cm, MPR_RECOVERY, 1121 "completing cm %p state %x ccb %p for diag reset\n", 1122 cm, cm->cm_state, cm->cm_ccb); 1123 cm->cm_complete(sc, cm); 1124 completed = 1; 1125 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) { 1126 mprsas_log_command(cm, MPR_RECOVERY, 1127 "waking up cm %p state %x ccb %p for diag reset\n", 1128 cm, cm->cm_state, cm->cm_ccb); 1129 wakeup(cm); 1130 completed = 1; 1131 } 1132 1133 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) { 1134 /* this should never happen, but if it does, log */ 1135 mprsas_log_command(cm, MPR_RECOVERY, 1136 "cm %p state %x flags 0x%x ccb %p during diag " 1137 "reset\n", cm, cm->cm_state, cm->cm_flags, 1138 cm->cm_ccb); 1139 } 1140 } 1141 1142 sc->io_cmds_active = 0; 1143 } 1144 1145 void 1146 mprsas_handle_reinit(struct mpr_softc *sc) 1147 { 1148 int i; 1149 1150 /* Go back into startup mode and freeze the simq, so that CAM 1151 * doesn't send any commands until after we've rediscovered all 1152 * targets and found the proper device handles for them. 1153 * 1154 * After the reset, portenable will trigger discovery, and after all 1155 * discovery-related activities have finished, the simq will be 1156 * released. 1157 */ 1158 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__); 1159 sc->sassc->flags |= MPRSAS_IN_STARTUP; 1160 sc->sassc->flags |= MPRSAS_IN_DISCOVERY; 1161 mprsas_startup_increment(sc->sassc); 1162 1163 /* notify CAM of a bus reset */ 1164 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1165 CAM_LUN_WILDCARD); 1166 1167 /* complete and cleanup after all outstanding commands */ 1168 mprsas_complete_all_commands(sc); 1169 1170 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n", 1171 __func__, sc->sassc->startup_refcount); 1172 1173 /* zero all the target handles, since they may change after the 1174 * reset, and we have to rediscover all the targets and use the new 1175 * handles. 1176 */ 1177 for (i = 0; i < sc->sassc->maxtargets; i++) { 1178 if (sc->sassc->targets[i].outstanding != 0) 1179 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n", 1180 i, sc->sassc->targets[i].outstanding); 1181 sc->sassc->targets[i].handle = 0x0; 1182 sc->sassc->targets[i].exp_dev_handle = 0x0; 1183 sc->sassc->targets[i].outstanding = 0; 1184 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET; 1185 } 1186 } 1187 static void 1188 mprsas_tm_timeout(void *data) 1189 { 1190 struct mpr_command *tm = data; 1191 struct mpr_softc *sc = tm->cm_sc; 1192 1193 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1194 1195 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed " 1196 "out\n", tm); 1197 1198 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE, 1199 ("command not inqueue\n")); 1200 1201 tm->cm_state = MPR_CM_STATE_BUSY; 1202 mpr_reinit(sc); 1203 } 1204 1205 static void 1206 mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1207 { 1208 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1209 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1210 unsigned int cm_count = 0; 1211 struct mpr_command *cm; 1212 struct mprsas_target *targ; 1213 1214 callout_stop(&tm->cm_callout); 1215 1216 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1217 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1218 targ = tm->cm_targ; 1219 1220 /* 1221 * Currently there should be no way we can hit this case. It only 1222 * happens when we have a failure to allocate chain frames, and 1223 * task management commands don't have S/G lists. 1224 */ 1225 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1226 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1227 "%s: cm_flags = %#x for LUN reset! " 1228 "This should not happen!\n", __func__, tm->cm_flags); 1229 mprsas_free_tm(sc, tm); 1230 return; 1231 } 1232 1233 if (reply == NULL) { 1234 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n", 1235 tm); 1236 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1237 /* this completion was due to a reset, just cleanup */ 1238 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1239 "reset, ignoring NULL LUN reset reply\n"); 1240 targ->tm = NULL; 1241 mprsas_free_tm(sc, tm); 1242 } 1243 else { 1244 /* we should have gotten a reply. */ 1245 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1246 "LUN reset attempt, resetting controller\n"); 1247 mpr_reinit(sc); 1248 } 1249 return; 1250 } 1251 1252 mpr_dprint(sc, MPR_RECOVERY, 1253 "logical unit reset status 0x%x code 0x%x count %u\n", 1254 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1255 le32toh(reply->TerminationCount)); 1256 1257 /* 1258 * See if there are any outstanding commands for this LUN. 1259 * This could be made more efficient by using a per-LU data 1260 * structure of some sort. 1261 */ 1262 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1263 if (cm->cm_lun == tm->cm_lun) 1264 cm_count++; 1265 } 1266 1267 if (cm_count == 0) { 1268 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1269 "Finished recovery after LUN reset for target %u\n", 1270 targ->tid); 1271 1272 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid, 1273 tm->cm_lun); 1274 1275 /* 1276 * We've finished recovery for this logical unit. check and 1277 * see if some other logical unit has a timedout command 1278 * that needs to be processed. 1279 */ 1280 cm = TAILQ_FIRST(&targ->timedout_commands); 1281 if (cm) { 1282 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1283 "More commands to abort for target %u\n", targ->tid); 1284 mprsas_send_abort(sc, tm, cm); 1285 } else { 1286 targ->tm = NULL; 1287 mprsas_free_tm(sc, tm); 1288 } 1289 } else { 1290 /* if we still have commands for this LUN, the reset 1291 * effectively failed, regardless of the status reported. 1292 * Escalate to a target reset. 1293 */ 1294 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1295 "logical unit reset complete for target %u, but still " 1296 "have %u command(s), sending target reset\n", targ->tid, 1297 cm_count); 1298 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1299 mprsas_send_reset(sc, tm, 1300 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1301 else 1302 mpr_reinit(sc); 1303 } 1304 } 1305 1306 static void 1307 mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1308 { 1309 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1310 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1311 struct mprsas_target *targ; 1312 1313 callout_stop(&tm->cm_callout); 1314 1315 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1316 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1317 targ = tm->cm_targ; 1318 1319 /* 1320 * Currently there should be no way we can hit this case. It only 1321 * happens when we have a failure to allocate chain frames, and 1322 * task management commands don't have S/G lists. 1323 */ 1324 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1325 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target " 1326 "reset! This should not happen!\n", __func__, tm->cm_flags); 1327 mprsas_free_tm(sc, tm); 1328 return; 1329 } 1330 1331 if (reply == NULL) { 1332 mpr_dprint(sc, MPR_RECOVERY, 1333 "NULL target reset reply for tm %p TaskMID %u\n", 1334 tm, le16toh(req->TaskMID)); 1335 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1336 /* this completion was due to a reset, just cleanup */ 1337 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1338 "reset, ignoring NULL target reset reply\n"); 1339 targ->tm = NULL; 1340 mprsas_free_tm(sc, tm); 1341 } 1342 else { 1343 /* we should have gotten a reply. */ 1344 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1345 "target reset attempt, resetting controller\n"); 1346 mpr_reinit(sc); 1347 } 1348 return; 1349 } 1350 1351 mpr_dprint(sc, MPR_RECOVERY, 1352 "target reset status 0x%x code 0x%x count %u\n", 1353 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1354 le32toh(reply->TerminationCount)); 1355 1356 if (targ->outstanding == 0) { 1357 /* 1358 * We've finished recovery for this target and all 1359 * of its logical units. 1360 */ 1361 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1362 "Finished reset recovery for target %u\n", targ->tid); 1363 1364 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1365 CAM_LUN_WILDCARD); 1366 1367 targ->tm = NULL; 1368 mprsas_free_tm(sc, tm); 1369 } else { 1370 /* 1371 * After a target reset, if this target still has 1372 * outstanding commands, the reset effectively failed, 1373 * regardless of the status reported. escalate. 1374 */ 1375 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1376 "Target reset complete for target %u, but still have %u " 1377 "command(s), resetting controller\n", targ->tid, 1378 targ->outstanding); 1379 mpr_reinit(sc); 1380 } 1381 } 1382 1383 #define MPR_RESET_TIMEOUT 30 1384 1385 int 1386 mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type) 1387 { 1388 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1389 struct mprsas_target *target; 1390 int err, timeout; 1391 1392 target = tm->cm_targ; 1393 if (target->handle == 0) { 1394 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id " 1395 "%d\n", __func__, target->tid); 1396 return -1; 1397 } 1398 1399 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1400 req->DevHandle = htole16(target->handle); 1401 req->TaskType = type; 1402 1403 if (!target->is_nvme || sc->custom_nvme_tm_handling) { 1404 timeout = MPR_RESET_TIMEOUT; 1405 /* 1406 * Target reset method = 1407 * SAS Hard Link Reset / SATA Link Reset 1408 */ 1409 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1410 } else { 1411 timeout = (target->controller_reset_timeout) ? ( 1412 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT); 1413 /* PCIe Protocol Level Reset*/ 1414 req->MsgFlags = 1415 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 1416 } 1417 1418 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1419 /* XXX Need to handle invalid LUNs */ 1420 MPR_SET_LUN(req->LUN, tm->cm_lun); 1421 tm->cm_targ->logical_unit_resets++; 1422 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1423 "Sending logical unit reset to target %u lun %d\n", 1424 target->tid, tm->cm_lun); 1425 tm->cm_complete = mprsas_logical_unit_reset_complete; 1426 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1427 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1428 tm->cm_targ->target_resets++; 1429 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1430 "Sending target reset to target %u\n", target->tid); 1431 tm->cm_complete = mprsas_target_reset_complete; 1432 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1433 } 1434 else { 1435 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type); 1436 return -1; 1437 } 1438 1439 if (target->encl_level_valid) { 1440 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1441 "At enclosure level %d, slot %d, connector name (%4s)\n", 1442 target->encl_level, target->encl_slot, 1443 target->connector_name); 1444 } 1445 1446 tm->cm_data = NULL; 1447 tm->cm_complete_data = (void *)tm; 1448 1449 callout_reset(&tm->cm_callout, timeout * hz, 1450 mprsas_tm_timeout, tm); 1451 1452 err = mpr_map_command(sc, tm); 1453 if (err) 1454 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1455 "error %d sending reset type %u\n", err, type); 1456 1457 return err; 1458 } 1459 1460 1461 static void 1462 mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm) 1463 { 1464 struct mpr_command *cm; 1465 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1466 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1467 struct mprsas_target *targ; 1468 1469 callout_stop(&tm->cm_callout); 1470 1471 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1472 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1473 targ = tm->cm_targ; 1474 1475 /* 1476 * Currently there should be no way we can hit this case. It only 1477 * happens when we have a failure to allocate chain frames, and 1478 * task management commands don't have S/G lists. 1479 */ 1480 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1481 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1482 "cm_flags = %#x for abort %p TaskMID %u!\n", 1483 tm->cm_flags, tm, le16toh(req->TaskMID)); 1484 mprsas_free_tm(sc, tm); 1485 return; 1486 } 1487 1488 if (reply == NULL) { 1489 mpr_dprint(sc, MPR_RECOVERY, 1490 "NULL abort reply for tm %p TaskMID %u\n", 1491 tm, le16toh(req->TaskMID)); 1492 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1493 /* this completion was due to a reset, just cleanup */ 1494 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1495 "reset, ignoring NULL abort reply\n"); 1496 targ->tm = NULL; 1497 mprsas_free_tm(sc, tm); 1498 } else { 1499 /* we should have gotten a reply. */ 1500 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1501 "abort attempt, resetting controller\n"); 1502 mpr_reinit(sc); 1503 } 1504 return; 1505 } 1506 1507 mpr_dprint(sc, MPR_RECOVERY, 1508 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1509 le16toh(req->TaskMID), 1510 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1511 le32toh(reply->TerminationCount)); 1512 1513 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1514 if (cm == NULL) { 1515 /* 1516 * if there are no more timedout commands, we're done with 1517 * error recovery for this target. 1518 */ 1519 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1520 "Finished abort recovery for target %u\n", targ->tid); 1521 targ->tm = NULL; 1522 mprsas_free_tm(sc, tm); 1523 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1524 /* abort success, but we have more timedout commands to abort */ 1525 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1526 "Continuing abort recovery for target %u\n", targ->tid); 1527 mprsas_send_abort(sc, tm, cm); 1528 } else { 1529 /* 1530 * we didn't get a command completion, so the abort 1531 * failed as far as we're concerned. escalate. 1532 */ 1533 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1534 "Abort failed for target %u, sending logical unit reset\n", 1535 targ->tid); 1536 1537 mprsas_send_reset(sc, tm, 1538 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1539 } 1540 } 1541 1542 #define MPR_ABORT_TIMEOUT 5 1543 1544 static int 1545 mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 1546 struct mpr_command *cm) 1547 { 1548 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1549 struct mprsas_target *targ; 1550 int err, timeout; 1551 1552 targ = cm->cm_targ; 1553 if (targ->handle == 0) { 1554 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1555 "%s null devhandle for target_id %d\n", 1556 __func__, cm->cm_ccb->ccb_h.target_id); 1557 return -1; 1558 } 1559 1560 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO, 1561 "Aborting command %p\n", cm); 1562 1563 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1564 req->DevHandle = htole16(targ->handle); 1565 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1566 1567 /* XXX Need to handle invalid LUNs */ 1568 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1569 1570 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1571 1572 tm->cm_data = NULL; 1573 tm->cm_complete = mprsas_abort_complete; 1574 tm->cm_complete_data = (void *)tm; 1575 tm->cm_targ = cm->cm_targ; 1576 tm->cm_lun = cm->cm_lun; 1577 1578 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1579 timeout = MPR_ABORT_TIMEOUT; 1580 else 1581 timeout = sc->nvme_abort_timeout; 1582 1583 callout_reset(&tm->cm_callout, timeout * hz, 1584 mprsas_tm_timeout, tm); 1585 1586 targ->aborts++; 1587 1588 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1589 1590 err = mpr_map_command(sc, tm); 1591 if (err) 1592 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1593 "error %d sending abort for cm %p SMID %u\n", 1594 err, cm, req->TaskMID); 1595 return err; 1596 } 1597 1598 static void 1599 mprsas_scsiio_timeout(void *data) 1600 { 1601 sbintime_t elapsed, now; 1602 union ccb *ccb; 1603 struct mpr_softc *sc; 1604 struct mpr_command *cm; 1605 struct mprsas_target *targ; 1606 1607 cm = (struct mpr_command *)data; 1608 sc = cm->cm_sc; 1609 ccb = cm->cm_ccb; 1610 now = sbinuptime(); 1611 1612 MPR_FUNCTRACE(sc); 1613 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1614 1615 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm); 1616 1617 /* 1618 * Run the interrupt handler to make sure it's not pending. This 1619 * isn't perfect because the command could have already completed 1620 * and been re-used, though this is unlikely. 1621 */ 1622 mpr_intr_locked(sc); 1623 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 1624 mprsas_log_command(cm, MPR_XINFO, 1625 "SCSI command %p almost timed out\n", cm); 1626 return; 1627 } 1628 1629 if (cm->cm_ccb == NULL) { 1630 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n"); 1631 return; 1632 } 1633 1634 targ = cm->cm_targ; 1635 targ->timeouts++; 1636 1637 elapsed = now - ccb->ccb_h.qos.sim_data; 1638 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY, 1639 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n", 1640 targ->tid, targ->handle, ccb->ccb_h.timeout, 1641 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1642 if (targ->encl_level_valid) { 1643 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1644 "At enclosure level %d, slot %d, connector name (%4s)\n", 1645 targ->encl_level, targ->encl_slot, targ->connector_name); 1646 } 1647 1648 /* XXX first, check the firmware state, to see if it's still 1649 * operational. if not, do a diag reset. 1650 */ 1651 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1652 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT; 1653 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1654 1655 if (targ->tm != NULL) { 1656 /* target already in recovery, just queue up another 1657 * timedout command to be processed later. 1658 */ 1659 mpr_dprint(sc, MPR_RECOVERY, "queued timedout cm %p for " 1660 "processing by tm %p\n", cm, targ->tm); 1661 } 1662 else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) { 1663 1664 /* start recovery by aborting the first timedout command */ 1665 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1666 "Sending abort to target %u for SMID %d\n", targ->tid, 1667 cm->cm_desc.Default.SMID); 1668 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n", 1669 cm, targ->tm); 1670 mprsas_send_abort(sc, targ->tm, cm); 1671 } 1672 else { 1673 /* XXX queue this target up for recovery once a TM becomes 1674 * available. The firmware only has a limited number of 1675 * HighPriority credits for the high priority requests used 1676 * for task management, and we ran out. 1677 * 1678 * Isilon: don't worry about this for now, since we have 1679 * more credits than disks in an enclosure, and limit 1680 * ourselves to one TM per target for recovery. 1681 */ 1682 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1683 "timedout cm %p failed to allocate a tm\n", cm); 1684 } 1685 } 1686 1687 /** 1688 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent 1689 * to SCSI Unmap. 1690 * Return 0 - for success, 1691 * 1 - to immediately return back the command with success status to CAM 1692 * negative value - to fallback to firmware path i.e. issue scsi unmap 1693 * to FW without any translation. 1694 */ 1695 static int 1696 mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm, 1697 union ccb *ccb, struct mprsas_target *targ) 1698 { 1699 Mpi26NVMeEncapsulatedRequest_t *req = NULL; 1700 struct ccb_scsiio *csio; 1701 struct unmap_parm_list *plist; 1702 struct nvme_dsm_range *nvme_dsm_ranges = NULL; 1703 struct nvme_command *c; 1704 int i, res; 1705 uint16_t ndesc, list_len, data_length; 1706 struct mpr_prp_page *prp_page_info; 1707 uint64_t nvme_dsm_ranges_dma_handle; 1708 1709 csio = &ccb->csio; 1710 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]); 1711 if (!list_len) { 1712 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n"); 1713 return -EINVAL; 1714 } 1715 1716 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT); 1717 if (!plist) { 1718 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to " 1719 "save UNMAP data\n"); 1720 return -ENOMEM; 1721 } 1722 1723 /* Copy SCSI unmap data to a local buffer */ 1724 bcopy(csio->data_ptr, plist, csio->dxfer_len); 1725 1726 /* return back the unmap command to CAM with success status, 1727 * if number of descripts is zero. 1728 */ 1729 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4; 1730 if (!ndesc) { 1731 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in " 1732 "UNMAP cmd is Zero\n"); 1733 res = 1; 1734 goto out; 1735 } 1736 1737 data_length = ndesc * sizeof(struct nvme_dsm_range); 1738 if (data_length > targ->MDTS) { 1739 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than " 1740 "Device's MDTS: %d\n", data_length, targ->MDTS); 1741 res = -EINVAL; 1742 goto out; 1743 } 1744 1745 prp_page_info = mpr_alloc_prp_page(sc); 1746 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for " 1747 "UNMAP command.\n", __func__)); 1748 1749 /* 1750 * Insert the allocated PRP page into the command's PRP page list. This 1751 * will be freed when the command is freed. 1752 */ 1753 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link); 1754 1755 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page; 1756 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr; 1757 1758 bzero(nvme_dsm_ranges, data_length); 1759 1760 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data 1761 * for each descriptors contained in SCSI UNMAP data. 1762 */ 1763 for (i = 0; i < ndesc; i++) { 1764 nvme_dsm_ranges[i].length = 1765 htole32(be32toh(plist->desc[i].nlb)); 1766 nvme_dsm_ranges[i].starting_lba = 1767 htole64(be64toh(plist->desc[i].slba)); 1768 nvme_dsm_ranges[i].attributes = 0; 1769 } 1770 1771 /* Build MPI2.6's NVMe Encapsulated Request Message */ 1772 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req; 1773 bzero(req, sizeof(*req)); 1774 req->DevHandle = htole16(targ->handle); 1775 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED; 1776 req->Flags = MPI26_NVME_FLAGS_WRITE; 1777 req->ErrorResponseBaseAddress.High = 1778 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32)); 1779 req->ErrorResponseBaseAddress.Low = 1780 htole32(cm->cm_sense_busaddr); 1781 req->ErrorResponseAllocationLength = 1782 htole16(sizeof(struct nvme_completion)); 1783 req->EncapsulatedCommandLength = 1784 htole16(sizeof(struct nvme_command)); 1785 req->DataLength = htole32(data_length); 1786 1787 /* Build NVMe DSM command */ 1788 c = (struct nvme_command *) req->NVMe_Command; 1789 c->opc = NVME_OPC_DATASET_MANAGEMENT; 1790 c->nsid = htole32(csio->ccb_h.target_lun + 1); 1791 c->cdw10 = htole32(ndesc - 1); 1792 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE); 1793 1794 cm->cm_length = data_length; 1795 cm->cm_data = NULL; 1796 1797 cm->cm_complete = mprsas_scsiio_complete; 1798 cm->cm_complete_data = ccb; 1799 cm->cm_targ = targ; 1800 cm->cm_lun = csio->ccb_h.target_lun; 1801 cm->cm_ccb = ccb; 1802 1803 cm->cm_desc.Default.RequestFlags = 1804 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED; 1805 1806 csio->ccb_h.qos.sim_data = sbinuptime(); 1807 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1808 mprsas_scsiio_timeout, cm, 0); 1809 1810 targ->issued++; 1811 targ->outstanding++; 1812 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1813 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1814 1815 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 1816 __func__, cm, ccb, targ->outstanding); 1817 1818 mpr_build_nvme_prp(sc, cm, req, 1819 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length); 1820 mpr_map_command(sc, cm); 1821 1822 out: 1823 free(plist, M_MPR); 1824 return 0; 1825 } 1826 1827 static void 1828 mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb) 1829 { 1830 MPI2_SCSI_IO_REQUEST *req; 1831 struct ccb_scsiio *csio; 1832 struct mpr_softc *sc; 1833 struct mprsas_target *targ; 1834 struct mprsas_lun *lun; 1835 struct mpr_command *cm; 1836 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode; 1837 uint16_t eedp_flags; 1838 uint32_t mpi_control; 1839 int rc; 1840 1841 sc = sassc->sc; 1842 MPR_FUNCTRACE(sc); 1843 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1844 1845 csio = &ccb->csio; 1846 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1847 ("Target %d out of bounds in XPT_SCSI_IO\n", 1848 csio->ccb_h.target_id)); 1849 targ = &sassc->targets[csio->ccb_h.target_id]; 1850 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1851 if (targ->handle == 0x0) { 1852 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n", 1853 __func__, csio->ccb_h.target_id); 1854 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1855 xpt_done(ccb); 1856 return; 1857 } 1858 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) { 1859 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO " 1860 "supported %u\n", __func__, csio->ccb_h.target_id); 1861 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1862 xpt_done(ccb); 1863 return; 1864 } 1865 /* 1866 * Sometimes, it is possible to get a command that is not "In 1867 * Progress" and was actually aborted by the upper layer. Check for 1868 * this here and complete the command without error. 1869 */ 1870 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1871 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for " 1872 "target %u\n", __func__, csio->ccb_h.target_id); 1873 xpt_done(ccb); 1874 return; 1875 } 1876 /* 1877 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1878 * that the volume has timed out. We want volumes to be enumerated 1879 * until they are deleted/removed, not just failed. In either event, 1880 * we're removing the target due to a firmware event telling us 1881 * the device is now gone (as opposed to some transient event). Since 1882 * we're opting to remove failed devices from the OS's view, we need 1883 * to propagate that status up the stack. 1884 */ 1885 if (targ->flags & MPRSAS_TARGET_INREMOVAL) { 1886 if (targ->devinfo == 0) 1887 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1888 else 1889 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1890 xpt_done(ccb); 1891 return; 1892 } 1893 1894 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) { 1895 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__); 1896 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1897 xpt_done(ccb); 1898 return; 1899 } 1900 1901 /* 1902 * If target has a reset in progress, freeze the devq and return. The 1903 * devq will be released when the TM reset is finished. 1904 */ 1905 if (targ->flags & MPRSAS_TARGET_INRESET) { 1906 ccb->ccb_h.status = CAM_BUSY | CAM_DEV_QFRZN; 1907 mpr_dprint(sc, MPR_INFO, "%s: Freezing devq for target ID %d\n", 1908 __func__, targ->tid); 1909 xpt_freeze_devq(ccb->ccb_h.path, 1); 1910 xpt_done(ccb); 1911 return; 1912 } 1913 1914 cm = mpr_alloc_command(sc); 1915 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) { 1916 if (cm != NULL) { 1917 mpr_free_command(sc, cm); 1918 } 1919 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 1920 xpt_freeze_simq(sassc->sim, 1); 1921 sassc->flags |= MPRSAS_QUEUE_FROZEN; 1922 } 1923 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1924 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1925 xpt_done(ccb); 1926 return; 1927 } 1928 1929 /* For NVME device's issue UNMAP command directly to NVME drives by 1930 * constructing equivalent native NVMe DataSetManagement command. 1931 */ 1932 scsi_opcode = scsiio_cdb_ptr(csio)[0]; 1933 if (scsi_opcode == UNMAP && 1934 targ->is_nvme && 1935 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 1936 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ); 1937 if (rc == 1) { /* return command to CAM with success status */ 1938 mpr_free_command(sc, cm); 1939 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1940 xpt_done(ccb); 1941 return; 1942 } else if (!rc) /* Issued NVMe Encapsulated Request Message */ 1943 return; 1944 } 1945 1946 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1947 bzero(req, sizeof(*req)); 1948 req->DevHandle = htole16(targ->handle); 1949 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1950 req->MsgFlags = 0; 1951 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1952 req->SenseBufferLength = MPR_SENSE_LEN; 1953 req->SGLFlags = 0; 1954 req->ChainOffset = 0; 1955 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1956 req->SGLOffset1= 0; 1957 req->SGLOffset2= 0; 1958 req->SGLOffset3= 0; 1959 req->SkipCount = 0; 1960 req->DataLength = htole32(csio->dxfer_len); 1961 req->BidirectionalDataLength = 0; 1962 req->IoFlags = htole16(csio->cdb_len); 1963 req->EEDPFlags = 0; 1964 1965 /* Note: BiDirectional transfers are not supported */ 1966 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1967 case CAM_DIR_IN: 1968 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1969 cm->cm_flags |= MPR_CM_FLAGS_DATAIN; 1970 break; 1971 case CAM_DIR_OUT: 1972 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1973 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT; 1974 break; 1975 case CAM_DIR_NONE: 1976 default: 1977 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 1978 break; 1979 } 1980 1981 if (csio->cdb_len == 32) 1982 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 1983 /* 1984 * It looks like the hardware doesn't require an explicit tag 1985 * number for each transaction. SAM Task Management not supported 1986 * at the moment. 1987 */ 1988 switch (csio->tag_action) { 1989 case MSG_HEAD_OF_Q_TAG: 1990 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 1991 break; 1992 case MSG_ORDERED_Q_TAG: 1993 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 1994 break; 1995 case MSG_ACA_TASK: 1996 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 1997 break; 1998 case CAM_TAG_ACTION_NONE: 1999 case MSG_SIMPLE_Q_TAG: 2000 default: 2001 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 2002 break; 2003 } 2004 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 2005 req->Control = htole32(mpi_control); 2006 2007 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 2008 mpr_free_command(sc, cm); 2009 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID); 2010 xpt_done(ccb); 2011 return; 2012 } 2013 2014 if (csio->ccb_h.flags & CAM_CDB_POINTER) 2015 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 2016 else { 2017 KASSERT(csio->cdb_len <= IOCDBLEN, 2018 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER " 2019 "is not set", csio->cdb_len)); 2020 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 2021 } 2022 req->IoFlags = htole16(csio->cdb_len); 2023 2024 /* 2025 * Check if EEDP is supported and enabled. If it is then check if the 2026 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 2027 * is formatted for EEDP support. If all of this is true, set CDB up 2028 * for EEDP transfer. 2029 */ 2030 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 2031 if (sc->eedp_enabled && eedp_flags) { 2032 SLIST_FOREACH(lun, &targ->luns, lun_link) { 2033 if (lun->lun_id == csio->ccb_h.target_lun) { 2034 break; 2035 } 2036 } 2037 2038 if ((lun != NULL) && (lun->eedp_formatted)) { 2039 req->EEDPBlockSize = htole16(lun->eedp_block_size); 2040 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 2041 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 2042 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 2043 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 2044 eedp_flags |= 2045 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE; 2046 } 2047 req->EEDPFlags = htole16(eedp_flags); 2048 2049 /* 2050 * If CDB less than 32, fill in Primary Ref Tag with 2051 * low 4 bytes of LBA. If CDB is 32, tag stuff is 2052 * already there. Also, set protection bit. FreeBSD 2053 * currently does not support CDBs bigger than 16, but 2054 * the code doesn't hurt, and will be here for the 2055 * future. 2056 */ 2057 if (csio->cdb_len != 32) { 2058 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 2059 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 2060 PrimaryReferenceTag; 2061 for (i = 0; i < 4; i++) { 2062 *ref_tag_addr = 2063 req->CDB.CDB32[lba_byte + i]; 2064 ref_tag_addr++; 2065 } 2066 req->CDB.EEDP32.PrimaryReferenceTag = 2067 htole32(req-> 2068 CDB.EEDP32.PrimaryReferenceTag); 2069 req->CDB.EEDP32.PrimaryApplicationTagMask = 2070 0xFFFF; 2071 req->CDB.CDB32[1] = 2072 (req->CDB.CDB32[1] & 0x1F) | 0x20; 2073 } else { 2074 eedp_flags |= 2075 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 2076 req->EEDPFlags = htole16(eedp_flags); 2077 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 2078 0x1F) | 0x20; 2079 } 2080 } 2081 } 2082 2083 cm->cm_length = csio->dxfer_len; 2084 if (cm->cm_length != 0) { 2085 cm->cm_data = ccb; 2086 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB; 2087 } else { 2088 cm->cm_data = NULL; 2089 } 2090 cm->cm_sge = &req->SGL; 2091 cm->cm_sglsize = (32 - 24) * 4; 2092 cm->cm_complete = mprsas_scsiio_complete; 2093 cm->cm_complete_data = ccb; 2094 cm->cm_targ = targ; 2095 cm->cm_lun = csio->ccb_h.target_lun; 2096 cm->cm_ccb = ccb; 2097 /* 2098 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0) 2099 * and set descriptor type. 2100 */ 2101 if (targ->scsi_req_desc_type == 2102 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) { 2103 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH; 2104 cm->cm_desc.FastPathSCSIIO.RequestFlags = 2105 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO; 2106 if (!sc->atomic_desc_capable) { 2107 cm->cm_desc.FastPathSCSIIO.DevHandle = 2108 htole16(targ->handle); 2109 } 2110 } else { 2111 cm->cm_desc.SCSIIO.RequestFlags = 2112 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 2113 if (!sc->atomic_desc_capable) 2114 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 2115 } 2116 2117 csio->ccb_h.qos.sim_data = sbinuptime(); 2118 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 2119 mprsas_scsiio_timeout, cm, 0); 2120 2121 targ->issued++; 2122 targ->outstanding++; 2123 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 2124 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2125 2126 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 2127 __func__, cm, ccb, targ->outstanding); 2128 2129 mpr_map_command(sc, cm); 2130 return; 2131 } 2132 2133 /** 2134 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request 2135 */ 2136 static void 2137 mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio, 2138 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ) 2139 { 2140 u32 response_info; 2141 u8 *response_bytes; 2142 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 2143 MPI2_IOCSTATUS_MASK; 2144 u8 scsi_state = mpi_reply->SCSIState; 2145 u8 scsi_status = mpi_reply->SCSIStatus; 2146 char *desc_ioc_state = NULL; 2147 char *desc_scsi_status = NULL; 2148 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 2149 2150 if (log_info == 0x31170000) 2151 return; 2152 2153 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string, 2154 ioc_status); 2155 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string, 2156 scsi_status); 2157 2158 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 2159 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 2160 if (targ->encl_level_valid) { 2161 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, " 2162 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 2163 targ->connector_name); 2164 } 2165 2166 /* 2167 * We can add more detail about underflow data here 2168 * TO-DO 2169 */ 2170 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), " 2171 "scsi_state %b\n", desc_scsi_status, scsi_status, 2172 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 2173 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 2174 2175 if (sc->mpr_debug & MPR_XINFO && 2176 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2177 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n"); 2178 scsi_sense_print(csio); 2179 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n"); 2180 } 2181 2182 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 2183 response_info = le32toh(mpi_reply->ResponseInfo); 2184 response_bytes = (u8 *)&response_info; 2185 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n", 2186 response_bytes[0], 2187 mpr_describe_table(mpr_scsi_taskmgmt_string, 2188 response_bytes[0])); 2189 } 2190 } 2191 2192 /** mprsas_nvme_trans_status_code 2193 * 2194 * Convert Native NVMe command error status to 2195 * equivalent SCSI error status. 2196 * 2197 * Returns appropriate scsi_status 2198 */ 2199 static u8 2200 mprsas_nvme_trans_status_code(uint16_t nvme_status, 2201 struct mpr_command *cm) 2202 { 2203 u8 status = MPI2_SCSI_STATUS_GOOD; 2204 int skey, asc, ascq; 2205 union ccb *ccb = cm->cm_complete_data; 2206 int returned_sense_len; 2207 uint8_t sct, sc; 2208 2209 sct = NVME_STATUS_GET_SCT(nvme_status); 2210 sc = NVME_STATUS_GET_SC(nvme_status); 2211 2212 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2213 skey = SSD_KEY_ILLEGAL_REQUEST; 2214 asc = SCSI_ASC_NO_SENSE; 2215 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2216 2217 switch (sct) { 2218 case NVME_SCT_GENERIC: 2219 switch (sc) { 2220 case NVME_SC_SUCCESS: 2221 status = MPI2_SCSI_STATUS_GOOD; 2222 skey = SSD_KEY_NO_SENSE; 2223 asc = SCSI_ASC_NO_SENSE; 2224 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2225 break; 2226 case NVME_SC_INVALID_OPCODE: 2227 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2228 skey = SSD_KEY_ILLEGAL_REQUEST; 2229 asc = SCSI_ASC_ILLEGAL_COMMAND; 2230 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2231 break; 2232 case NVME_SC_INVALID_FIELD: 2233 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2234 skey = SSD_KEY_ILLEGAL_REQUEST; 2235 asc = SCSI_ASC_INVALID_CDB; 2236 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2237 break; 2238 case NVME_SC_DATA_TRANSFER_ERROR: 2239 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2240 skey = SSD_KEY_MEDIUM_ERROR; 2241 asc = SCSI_ASC_NO_SENSE; 2242 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2243 break; 2244 case NVME_SC_ABORTED_POWER_LOSS: 2245 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2246 skey = SSD_KEY_ABORTED_COMMAND; 2247 asc = SCSI_ASC_WARNING; 2248 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED; 2249 break; 2250 case NVME_SC_INTERNAL_DEVICE_ERROR: 2251 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2252 skey = SSD_KEY_HARDWARE_ERROR; 2253 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE; 2254 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2255 break; 2256 case NVME_SC_ABORTED_BY_REQUEST: 2257 case NVME_SC_ABORTED_SQ_DELETION: 2258 case NVME_SC_ABORTED_FAILED_FUSED: 2259 case NVME_SC_ABORTED_MISSING_FUSED: 2260 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2261 skey = SSD_KEY_ABORTED_COMMAND; 2262 asc = SCSI_ASC_NO_SENSE; 2263 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2264 break; 2265 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT: 2266 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2267 skey = SSD_KEY_ILLEGAL_REQUEST; 2268 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2269 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2270 break; 2271 case NVME_SC_LBA_OUT_OF_RANGE: 2272 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2273 skey = SSD_KEY_ILLEGAL_REQUEST; 2274 asc = SCSI_ASC_ILLEGAL_BLOCK; 2275 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2276 break; 2277 case NVME_SC_CAPACITY_EXCEEDED: 2278 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2279 skey = SSD_KEY_MEDIUM_ERROR; 2280 asc = SCSI_ASC_NO_SENSE; 2281 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2282 break; 2283 case NVME_SC_NAMESPACE_NOT_READY: 2284 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2285 skey = SSD_KEY_NOT_READY; 2286 asc = SCSI_ASC_LUN_NOT_READY; 2287 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2288 break; 2289 } 2290 break; 2291 case NVME_SCT_COMMAND_SPECIFIC: 2292 switch (sc) { 2293 case NVME_SC_INVALID_FORMAT: 2294 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2295 skey = SSD_KEY_ILLEGAL_REQUEST; 2296 asc = SCSI_ASC_FORMAT_COMMAND_FAILED; 2297 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED; 2298 break; 2299 case NVME_SC_CONFLICTING_ATTRIBUTES: 2300 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2301 skey = SSD_KEY_ILLEGAL_REQUEST; 2302 asc = SCSI_ASC_INVALID_CDB; 2303 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2304 break; 2305 } 2306 break; 2307 case NVME_SCT_MEDIA_ERROR: 2308 switch (sc) { 2309 case NVME_SC_WRITE_FAULTS: 2310 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2311 skey = SSD_KEY_MEDIUM_ERROR; 2312 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT; 2313 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2314 break; 2315 case NVME_SC_UNRECOVERED_READ_ERROR: 2316 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2317 skey = SSD_KEY_MEDIUM_ERROR; 2318 asc = SCSI_ASC_UNRECOVERED_READ_ERROR; 2319 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2320 break; 2321 case NVME_SC_GUARD_CHECK_ERROR: 2322 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2323 skey = SSD_KEY_MEDIUM_ERROR; 2324 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED; 2325 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED; 2326 break; 2327 case NVME_SC_APPLICATION_TAG_CHECK_ERROR: 2328 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2329 skey = SSD_KEY_MEDIUM_ERROR; 2330 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED; 2331 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED; 2332 break; 2333 case NVME_SC_REFERENCE_TAG_CHECK_ERROR: 2334 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2335 skey = SSD_KEY_MEDIUM_ERROR; 2336 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED; 2337 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED; 2338 break; 2339 case NVME_SC_COMPARE_FAILURE: 2340 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2341 skey = SSD_KEY_MISCOMPARE; 2342 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY; 2343 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2344 break; 2345 case NVME_SC_ACCESS_DENIED: 2346 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2347 skey = SSD_KEY_ILLEGAL_REQUEST; 2348 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2349 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2350 break; 2351 } 2352 break; 2353 } 2354 2355 returned_sense_len = sizeof(struct scsi_sense_data); 2356 if (returned_sense_len < ccb->csio.sense_len) 2357 ccb->csio.sense_resid = ccb->csio.sense_len - 2358 returned_sense_len; 2359 else 2360 ccb->csio.sense_resid = 0; 2361 2362 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED, 2363 1, skey, asc, ascq, SSD_ELEM_NONE); 2364 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2365 2366 return status; 2367 } 2368 2369 /** mprsas_complete_nvme_unmap 2370 * 2371 * Complete native NVMe command issued using NVMe Encapsulated 2372 * Request Message. 2373 */ 2374 static u8 2375 mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm) 2376 { 2377 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply; 2378 struct nvme_completion *nvme_completion = NULL; 2379 u8 scsi_status = MPI2_SCSI_STATUS_GOOD; 2380 2381 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply; 2382 if (le16toh(mpi_reply->ErrorResponseCount)){ 2383 nvme_completion = (struct nvme_completion *)cm->cm_sense; 2384 scsi_status = mprsas_nvme_trans_status_code( 2385 nvme_completion->status, cm); 2386 } 2387 return scsi_status; 2388 } 2389 2390 static void 2391 mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2392 { 2393 MPI2_SCSI_IO_REPLY *rep; 2394 union ccb *ccb; 2395 struct ccb_scsiio *csio; 2396 struct mprsas_softc *sassc; 2397 struct scsi_vpd_supported_page_list *vpd_list = NULL; 2398 u8 *TLR_bits, TLR_on, *scsi_cdb; 2399 int dir = 0, i; 2400 u16 alloc_len; 2401 struct mprsas_target *target; 2402 target_id_t target_id; 2403 2404 MPR_FUNCTRACE(sc); 2405 mpr_dprint(sc, MPR_TRACE, 2406 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm, 2407 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 2408 cm->cm_targ->outstanding); 2409 2410 callout_stop(&cm->cm_callout); 2411 mtx_assert(&sc->mpr_mtx, MA_OWNED); 2412 2413 sassc = sc->sassc; 2414 ccb = cm->cm_complete_data; 2415 csio = &ccb->csio; 2416 target_id = csio->ccb_h.target_id; 2417 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 2418 /* 2419 * XXX KDM if the chain allocation fails, does it matter if we do 2420 * the sync and unload here? It is simpler to do it in every case, 2421 * assuming it doesn't cause problems. 2422 */ 2423 if (cm->cm_data != NULL) { 2424 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN) 2425 dir = BUS_DMASYNC_POSTREAD; 2426 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT) 2427 dir = BUS_DMASYNC_POSTWRITE; 2428 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2429 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2430 } 2431 2432 cm->cm_targ->completed++; 2433 cm->cm_targ->outstanding--; 2434 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2435 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2436 2437 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 2438 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2439 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY, 2440 ("Not busy for CM_FLAGS_TIMEDOUT: %d\n", cm->cm_state)); 2441 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY; 2442 if (cm->cm_reply != NULL) 2443 mprsas_log_command(cm, MPR_RECOVERY, 2444 "completed timedout cm %p ccb %p during recovery " 2445 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb, 2446 le16toh(rep->IOCStatus), rep->SCSIStatus, 2447 rep->SCSIState, le32toh(rep->TransferCount)); 2448 else 2449 mprsas_log_command(cm, MPR_RECOVERY, 2450 "completed timedout cm %p ccb %p during recovery\n", 2451 cm, cm->cm_ccb); 2452 } else if (cm->cm_targ->tm != NULL) { 2453 if (cm->cm_reply != NULL) 2454 mprsas_log_command(cm, MPR_RECOVERY, 2455 "completed cm %p ccb %p during recovery " 2456 "ioc %x scsi %x state %x xfer %u\n", 2457 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2458 rep->SCSIStatus, rep->SCSIState, 2459 le32toh(rep->TransferCount)); 2460 else 2461 mprsas_log_command(cm, MPR_RECOVERY, 2462 "completed cm %p ccb %p during recovery\n", 2463 cm, cm->cm_ccb); 2464 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 2465 mprsas_log_command(cm, MPR_RECOVERY, 2466 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb); 2467 } 2468 2469 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2470 /* 2471 * We ran into an error after we tried to map the command, 2472 * so we're getting a callback without queueing the command 2473 * to the hardware. So we set the status here, and it will 2474 * be retained below. We'll go through the "fast path", 2475 * because there can be no reply when we haven't actually 2476 * gone out to the hardware. 2477 */ 2478 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2479 2480 /* 2481 * Currently the only error included in the mask is 2482 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of 2483 * chain frames. We need to freeze the queue until we get 2484 * a command that completed without this error, which will 2485 * hopefully have some chain frames attached that we can 2486 * use. If we wanted to get smarter about it, we would 2487 * only unfreeze the queue in this condition when we're 2488 * sure that we're getting some chain frames back. That's 2489 * probably unnecessary. 2490 */ 2491 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 2492 xpt_freeze_simq(sassc->sim, 1); 2493 sassc->flags |= MPRSAS_QUEUE_FROZEN; 2494 mpr_dprint(sc, MPR_XINFO, "Error sending command, " 2495 "freezing SIM queue\n"); 2496 } 2497 } 2498 2499 /* 2500 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER 2501 * flag, and use it in a few places in the rest of this function for 2502 * convenience. Use the macro if available. 2503 */ 2504 scsi_cdb = scsiio_cdb_ptr(csio); 2505 2506 /* 2507 * If this is a Start Stop Unit command and it was issued by the driver 2508 * during shutdown, decrement the refcount to account for all of the 2509 * commands that were sent. All SSU commands should be completed before 2510 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2511 * is TRUE. 2512 */ 2513 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) { 2514 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n"); 2515 sc->SSU_refcount--; 2516 } 2517 2518 /* Take the fast path to completion */ 2519 if (cm->cm_reply == NULL) { 2520 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2521 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) 2522 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2523 else { 2524 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2525 csio->scsi_status = SCSI_STATUS_OK; 2526 } 2527 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2528 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2529 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2530 mpr_dprint(sc, MPR_XINFO, 2531 "Unfreezing SIM queue\n"); 2532 } 2533 } 2534 2535 /* 2536 * There are two scenarios where the status won't be 2537 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is 2538 * set, the second is in the MPR_FLAGS_DIAGRESET above. 2539 */ 2540 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2541 /* 2542 * Freeze the dev queue so that commands are 2543 * executed in the correct order after error 2544 * recovery. 2545 */ 2546 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2547 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2548 } 2549 mpr_free_command(sc, cm); 2550 xpt_done(ccb); 2551 return; 2552 } 2553 2554 target = &sassc->targets[target_id]; 2555 if (scsi_cdb[0] == UNMAP && 2556 target->is_nvme && 2557 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 2558 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm); 2559 csio->scsi_status = rep->SCSIStatus; 2560 } 2561 2562 mprsas_log_command(cm, MPR_XINFO, 2563 "ioc %x scsi %x state %x xfer %u\n", 2564 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2565 le32toh(rep->TransferCount)); 2566 2567 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2568 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2569 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2570 /* FALLTHROUGH */ 2571 case MPI2_IOCSTATUS_SUCCESS: 2572 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2573 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2574 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2575 mprsas_log_command(cm, MPR_XINFO, "recovered error\n"); 2576 2577 /* Completion failed at the transport level. */ 2578 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2579 MPI2_SCSI_STATE_TERMINATED)) { 2580 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2581 break; 2582 } 2583 2584 /* In a modern packetized environment, an autosense failure 2585 * implies that there's not much else that can be done to 2586 * recover the command. 2587 */ 2588 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2589 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2590 break; 2591 } 2592 2593 /* 2594 * CAM doesn't care about SAS Response Info data, but if this is 2595 * the state check if TLR should be done. If not, clear the 2596 * TLR_bits for the target. 2597 */ 2598 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2599 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE) 2600 == MPR_SCSI_RI_INVALID_FRAME)) { 2601 sc->mapping_table[target_id].TLR_bits = 2602 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2603 } 2604 2605 /* 2606 * Intentionally override the normal SCSI status reporting 2607 * for these two cases. These are likely to happen in a 2608 * multi-initiator environment, and we want to make sure that 2609 * CAM retries these commands rather than fail them. 2610 */ 2611 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2612 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2613 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2614 break; 2615 } 2616 2617 /* Handle normal status and sense */ 2618 csio->scsi_status = rep->SCSIStatus; 2619 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2620 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2621 else 2622 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2623 2624 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2625 int sense_len, returned_sense_len; 2626 2627 returned_sense_len = min(le32toh(rep->SenseCount), 2628 sizeof(struct scsi_sense_data)); 2629 if (returned_sense_len < csio->sense_len) 2630 csio->sense_resid = csio->sense_len - 2631 returned_sense_len; 2632 else 2633 csio->sense_resid = 0; 2634 2635 sense_len = min(returned_sense_len, 2636 csio->sense_len - csio->sense_resid); 2637 bzero(&csio->sense_data, sizeof(csio->sense_data)); 2638 bcopy(cm->cm_sense, &csio->sense_data, sense_len); 2639 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2640 } 2641 2642 /* 2643 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2644 * and it's page code 0 (Supported Page List), and there is 2645 * inquiry data, and this is for a sequential access device, and 2646 * the device is an SSP target, and TLR is supported by the 2647 * controller, turn the TLR_bits value ON if page 0x90 is 2648 * supported. 2649 */ 2650 if ((scsi_cdb[0] == INQUIRY) && 2651 (scsi_cdb[1] & SI_EVPD) && 2652 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) && 2653 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2654 (csio->data_ptr != NULL) && 2655 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2656 (sc->control_TLR) && 2657 (sc->mapping_table[target_id].device_info & 2658 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2659 vpd_list = (struct scsi_vpd_supported_page_list *) 2660 csio->data_ptr; 2661 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2662 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2663 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2664 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4]; 2665 alloc_len -= csio->resid; 2666 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2667 if (vpd_list->list[i] == 0x90) { 2668 *TLR_bits = TLR_on; 2669 break; 2670 } 2671 } 2672 } 2673 2674 /* 2675 * If this is a SATA direct-access end device, mark it so that 2676 * a SCSI StartStopUnit command will be sent to it when the 2677 * driver is being shutdown. 2678 */ 2679 if ((scsi_cdb[0] == INQUIRY) && 2680 (csio->data_ptr != NULL) && 2681 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2682 (sc->mapping_table[target_id].device_info & 2683 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2684 ((sc->mapping_table[target_id].device_info & 2685 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2686 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2687 target = &sassc->targets[target_id]; 2688 target->supports_SSU = TRUE; 2689 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n", 2690 target_id); 2691 } 2692 break; 2693 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2694 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2695 /* 2696 * If devinfo is 0 this will be a volume. In that case don't 2697 * tell CAM that the volume is not there. We want volumes to 2698 * be enumerated until they are deleted/removed, not just 2699 * failed. 2700 */ 2701 if (cm->cm_targ->devinfo == 0) 2702 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2703 else 2704 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2705 break; 2706 case MPI2_IOCSTATUS_INVALID_SGL: 2707 mpr_print_scsiio_cmd(sc, cm); 2708 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2709 break; 2710 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2711 /* 2712 * This is one of the responses that comes back when an I/O 2713 * has been aborted. If it is because of a timeout that we 2714 * initiated, just set the status to CAM_CMD_TIMEOUT. 2715 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2716 * command is the same (it gets retried, subject to the 2717 * retry counter), the only difference is what gets printed 2718 * on the console. 2719 */ 2720 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT) 2721 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2722 else 2723 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2724 break; 2725 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2726 /* resid is ignored for this condition */ 2727 csio->resid = 0; 2728 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2729 break; 2730 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2731 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2732 /* 2733 * These can sometimes be transient transport-related 2734 * errors, and sometimes persistent drive-related errors. 2735 * We used to retry these without decrementing the retry 2736 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2737 * we hit a persistent drive problem that returns one of 2738 * these error codes, we would retry indefinitely. So, 2739 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2740 * count and avoid infinite retries. We're taking the 2741 * potential risk of flagging false failures in the event 2742 * of a topology-related error (e.g. a SAS expander problem 2743 * causes a command addressed to a drive to fail), but 2744 * avoiding getting into an infinite retry loop. However, 2745 * if we get them while were moving a device, we should 2746 * fail the request as 'not there' because the device 2747 * is effectively gone. 2748 */ 2749 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) 2750 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2751 else 2752 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2753 mpr_dprint(sc, MPR_INFO, 2754 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2755 mpr_describe_table(mpr_iocstatus_string, 2756 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2757 target_id, cm->cm_desc.Default.SMID, 2758 le32toh(rep->IOCLogInfo), 2759 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : ""); 2760 mpr_dprint(sc, MPR_XINFO, 2761 "SCSIStatus %x SCSIState %x xfercount %u\n", 2762 rep->SCSIStatus, rep->SCSIState, 2763 le32toh(rep->TransferCount)); 2764 break; 2765 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2766 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2767 case MPI2_IOCSTATUS_INVALID_VPID: 2768 case MPI2_IOCSTATUS_INVALID_FIELD: 2769 case MPI2_IOCSTATUS_INVALID_STATE: 2770 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2771 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2772 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2773 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2774 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2775 default: 2776 mprsas_log_command(cm, MPR_XINFO, 2777 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2778 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2779 rep->SCSIStatus, rep->SCSIState, 2780 le32toh(rep->TransferCount)); 2781 csio->resid = cm->cm_length; 2782 2783 if (scsi_cdb[0] == UNMAP && 2784 target->is_nvme && 2785 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) 2786 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2787 else 2788 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2789 2790 break; 2791 } 2792 2793 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ); 2794 2795 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2796 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2797 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2798 mpr_dprint(sc, MPR_XINFO, "Command completed, unfreezing SIM " 2799 "queue\n"); 2800 } 2801 2802 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2803 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2804 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2805 } 2806 2807 /* 2808 * Check to see if we're removing the device. If so, and this is the 2809 * last command on the queue, proceed with the deferred removal of the 2810 * device. Note, for removing a volume, this won't trigger because 2811 * pending_remove_tm will be NULL. 2812 */ 2813 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) { 2814 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2815 cm->cm_targ->pending_remove_tm != NULL) { 2816 mpr_dprint(sc, MPR_INFO, "Last pending command complete: starting remove_device\n"); 2817 mpr_map_command(sc, cm->cm_targ->pending_remove_tm); 2818 cm->cm_targ->pending_remove_tm = NULL; 2819 } 2820 } 2821 2822 mpr_free_command(sc, cm); 2823 xpt_done(ccb); 2824 } 2825 2826 static void 2827 mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2828 { 2829 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2830 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2831 uint64_t sasaddr; 2832 union ccb *ccb; 2833 2834 ccb = cm->cm_complete_data; 2835 2836 /* 2837 * Currently there should be no way we can hit this case. It only 2838 * happens when we have a failure to allocate chain frames, and SMP 2839 * commands require two S/G elements only. That should be handled 2840 * in the standard request size. 2841 */ 2842 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2843 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP " 2844 "request!\n", __func__, cm->cm_flags); 2845 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2846 goto bailout; 2847 } 2848 2849 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2850 if (rpl == NULL) { 2851 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__); 2852 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2853 goto bailout; 2854 } 2855 2856 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2857 sasaddr = le32toh(req->SASAddress.Low); 2858 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2859 2860 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2861 MPI2_IOCSTATUS_SUCCESS || 2862 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2863 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2864 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2865 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2866 goto bailout; 2867 } 2868 2869 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx " 2870 "completed successfully\n", __func__, (uintmax_t)sasaddr); 2871 2872 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2873 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2874 else 2875 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2876 2877 bailout: 2878 /* 2879 * We sync in both directions because we had DMAs in the S/G list 2880 * in both directions. 2881 */ 2882 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2883 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2884 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2885 mpr_free_command(sc, cm); 2886 xpt_done(ccb); 2887 } 2888 2889 static void 2890 mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2891 { 2892 struct mpr_command *cm; 2893 uint8_t *request, *response; 2894 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2895 struct mpr_softc *sc; 2896 struct sglist *sg; 2897 int error; 2898 2899 sc = sassc->sc; 2900 sg = NULL; 2901 error = 0; 2902 2903 switch (ccb->ccb_h.flags & CAM_DATA_MASK) { 2904 case CAM_DATA_PADDR: 2905 case CAM_DATA_SG_PADDR: 2906 /* 2907 * XXX We don't yet support physical addresses here. 2908 */ 2909 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not " 2910 "supported\n", __func__); 2911 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2912 xpt_done(ccb); 2913 return; 2914 case CAM_DATA_SG: 2915 /* 2916 * The chip does not support more than one buffer for the 2917 * request or response. 2918 */ 2919 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2920 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2921 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or " 2922 "response buffer segments not supported for SMP\n", 2923 __func__); 2924 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2925 xpt_done(ccb); 2926 return; 2927 } 2928 2929 /* 2930 * The CAM_SCATTER_VALID flag was originally implemented 2931 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2932 * We have two. So, just take that flag to mean that we 2933 * might have S/G lists, and look at the S/G segment count 2934 * to figure out whether that is the case for each individual 2935 * buffer. 2936 */ 2937 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2938 bus_dma_segment_t *req_sg; 2939 2940 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2941 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2942 } else 2943 request = ccb->smpio.smp_request; 2944 2945 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2946 bus_dma_segment_t *rsp_sg; 2947 2948 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2949 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2950 } else 2951 response = ccb->smpio.smp_response; 2952 break; 2953 case CAM_DATA_VADDR: 2954 request = ccb->smpio.smp_request; 2955 response = ccb->smpio.smp_response; 2956 break; 2957 default: 2958 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2959 xpt_done(ccb); 2960 return; 2961 } 2962 2963 cm = mpr_alloc_command(sc); 2964 if (cm == NULL) { 2965 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n", 2966 __func__); 2967 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2968 xpt_done(ccb); 2969 return; 2970 } 2971 2972 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2973 bzero(req, sizeof(*req)); 2974 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 2975 2976 /* Allow the chip to use any route to this SAS address. */ 2977 req->PhysicalPort = 0xff; 2978 2979 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 2980 req->SGLFlags = 2981 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 2982 2983 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address " 2984 "%#jx\n", __func__, (uintmax_t)sasaddr); 2985 2986 mpr_init_sge(cm, req, &req->SGL); 2987 2988 /* 2989 * Set up a uio to pass into mpr_map_command(). This allows us to 2990 * do one map command, and one busdma call in there. 2991 */ 2992 cm->cm_uio.uio_iov = cm->cm_iovec; 2993 cm->cm_uio.uio_iovcnt = 2; 2994 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 2995 2996 /* 2997 * The read/write flag isn't used by busdma, but set it just in 2998 * case. This isn't exactly accurate, either, since we're going in 2999 * both directions. 3000 */ 3001 cm->cm_uio.uio_rw = UIO_WRITE; 3002 3003 cm->cm_iovec[0].iov_base = request; 3004 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 3005 cm->cm_iovec[1].iov_base = response; 3006 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 3007 3008 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 3009 cm->cm_iovec[1].iov_len; 3010 3011 /* 3012 * Trigger a warning message in mpr_data_cb() for the user if we 3013 * wind up exceeding two S/G segments. The chip expects one 3014 * segment for the request and another for the response. 3015 */ 3016 cm->cm_max_segs = 2; 3017 3018 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3019 cm->cm_complete = mprsas_smpio_complete; 3020 cm->cm_complete_data = ccb; 3021 3022 /* 3023 * Tell the mapping code that we're using a uio, and that this is 3024 * an SMP passthrough request. There is a little special-case 3025 * logic there (in mpr_data_cb()) to handle the bidirectional 3026 * transfer. 3027 */ 3028 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS | 3029 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT; 3030 3031 /* The chip data format is little endian. */ 3032 req->SASAddress.High = htole32(sasaddr >> 32); 3033 req->SASAddress.Low = htole32(sasaddr); 3034 3035 /* 3036 * XXX Note that we don't have a timeout/abort mechanism here. 3037 * From the manual, it looks like task management requests only 3038 * work for SCSI IO and SATA passthrough requests. We may need to 3039 * have a mechanism to retry requests in the event of a chip reset 3040 * at least. Hopefully the chip will insure that any errors short 3041 * of that are relayed back to the driver. 3042 */ 3043 error = mpr_map_command(sc, cm); 3044 if ((error != 0) && (error != EINPROGRESS)) { 3045 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from " 3046 "mpr_map_command()\n", __func__, error); 3047 goto bailout_error; 3048 } 3049 3050 return; 3051 3052 bailout_error: 3053 mpr_free_command(sc, cm); 3054 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3055 xpt_done(ccb); 3056 return; 3057 } 3058 3059 static void 3060 mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb) 3061 { 3062 struct mpr_softc *sc; 3063 struct mprsas_target *targ; 3064 uint64_t sasaddr = 0; 3065 3066 sc = sassc->sc; 3067 3068 /* 3069 * Make sure the target exists. 3070 */ 3071 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3072 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 3073 targ = &sassc->targets[ccb->ccb_h.target_id]; 3074 if (targ->handle == 0x0) { 3075 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n", 3076 __func__, ccb->ccb_h.target_id); 3077 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 3078 xpt_done(ccb); 3079 return; 3080 } 3081 3082 /* 3083 * If this device has an embedded SMP target, we'll talk to it 3084 * directly. 3085 * figure out what the expander's address is. 3086 */ 3087 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 3088 sasaddr = targ->sasaddr; 3089 3090 /* 3091 * If we don't have a SAS address for the expander yet, try 3092 * grabbing it from the page 0x83 information cached in the 3093 * transport layer for this target. LSI expanders report the 3094 * expander SAS address as the port-associated SAS address in 3095 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 3096 * 0x83. 3097 * 3098 * XXX KDM disable this for now, but leave it commented out so that 3099 * it is obvious that this is another possible way to get the SAS 3100 * address. 3101 * 3102 * The parent handle method below is a little more reliable, and 3103 * the other benefit is that it works for devices other than SES 3104 * devices. So you can send a SMP request to a da(4) device and it 3105 * will get routed to the expander that device is attached to. 3106 * (Assuming the da(4) device doesn't contain an SMP target...) 3107 */ 3108 #if 0 3109 if (sasaddr == 0) 3110 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 3111 #endif 3112 3113 /* 3114 * If we still don't have a SAS address for the expander, look for 3115 * the parent device of this device, which is probably the expander. 3116 */ 3117 if (sasaddr == 0) { 3118 #ifdef OLD_MPR_PROBE 3119 struct mprsas_target *parent_target; 3120 #endif 3121 3122 if (targ->parent_handle == 0x0) { 3123 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3124 "a valid parent handle!\n", __func__, targ->handle); 3125 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3126 goto bailout; 3127 } 3128 #ifdef OLD_MPR_PROBE 3129 parent_target = mprsas_find_target_by_handle(sassc, 0, 3130 targ->parent_handle); 3131 3132 if (parent_target == NULL) { 3133 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3134 "a valid parent target!\n", __func__, targ->handle); 3135 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3136 goto bailout; 3137 } 3138 3139 if ((parent_target->devinfo & 3140 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3141 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3142 "does not have an SMP target!\n", __func__, 3143 targ->handle, parent_target->handle); 3144 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3145 goto bailout; 3146 } 3147 3148 sasaddr = parent_target->sasaddr; 3149 #else /* OLD_MPR_PROBE */ 3150 if ((targ->parent_devinfo & 3151 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3152 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3153 "does not have an SMP target!\n", __func__, 3154 targ->handle, targ->parent_handle); 3155 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3156 goto bailout; 3157 3158 } 3159 if (targ->parent_sasaddr == 0x0) { 3160 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle " 3161 "%d does not have a valid SAS address!\n", __func__, 3162 targ->handle, targ->parent_handle); 3163 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3164 goto bailout; 3165 } 3166 3167 sasaddr = targ->parent_sasaddr; 3168 #endif /* OLD_MPR_PROBE */ 3169 3170 } 3171 3172 if (sasaddr == 0) { 3173 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for " 3174 "handle %d\n", __func__, targ->handle); 3175 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3176 goto bailout; 3177 } 3178 mprsas_send_smpcmd(sassc, ccb, sasaddr); 3179 3180 return; 3181 3182 bailout: 3183 xpt_done(ccb); 3184 3185 } 3186 3187 static void 3188 mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb) 3189 { 3190 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3191 struct mpr_softc *sc; 3192 struct mpr_command *tm; 3193 struct mprsas_target *targ; 3194 3195 MPR_FUNCTRACE(sassc->sc); 3196 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 3197 3198 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of " 3199 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id)); 3200 sc = sassc->sc; 3201 tm = mprsas_alloc_tm(sc); 3202 if (tm == NULL) { 3203 mpr_dprint(sc, MPR_ERROR, "command alloc failure in " 3204 "mprsas_action_resetdev\n"); 3205 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3206 xpt_done(ccb); 3207 return; 3208 } 3209 3210 targ = &sassc->targets[ccb->ccb_h.target_id]; 3211 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3212 req->DevHandle = htole16(targ->handle); 3213 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3214 3215 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 3216 /* SAS Hard Link Reset / SATA Link Reset */ 3217 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3218 } else { 3219 /* PCIe Protocol Level Reset*/ 3220 req->MsgFlags = 3221 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 3222 } 3223 3224 tm->cm_data = NULL; 3225 tm->cm_complete = mprsas_resetdev_complete; 3226 tm->cm_complete_data = ccb; 3227 3228 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 3229 __func__, targ->tid); 3230 tm->cm_targ = targ; 3231 3232 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3233 mpr_map_command(sc, tm); 3234 } 3235 3236 static void 3237 mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm) 3238 { 3239 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3240 union ccb *ccb; 3241 3242 MPR_FUNCTRACE(sc); 3243 mtx_assert(&sc->mpr_mtx, MA_OWNED); 3244 3245 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3246 ccb = tm->cm_complete_data; 3247 3248 /* 3249 * Currently there should be no way we can hit this case. It only 3250 * happens when we have a failure to allocate chain frames, and 3251 * task management commands don't have S/G lists. 3252 */ 3253 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3254 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3255 3256 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3257 3258 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of " 3259 "handle %#04x! This should not happen!\n", __func__, 3260 tm->cm_flags, req->DevHandle); 3261 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3262 goto bailout; 3263 } 3264 3265 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", 3266 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3267 3268 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3269 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 3270 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3271 CAM_LUN_WILDCARD); 3272 } 3273 else 3274 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3275 3276 bailout: 3277 3278 mprsas_free_tm(sc, tm); 3279 xpt_done(ccb); 3280 } 3281 3282 static void 3283 mprsas_poll(struct cam_sim *sim) 3284 { 3285 struct mprsas_softc *sassc; 3286 3287 sassc = cam_sim_softc(sim); 3288 3289 if (sassc->sc->mpr_debug & MPR_TRACE) { 3290 /* frequent debug messages during a panic just slow 3291 * everything down too much. 3292 */ 3293 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n", 3294 __func__); 3295 sassc->sc->mpr_debug &= ~MPR_TRACE; 3296 } 3297 3298 mpr_intr_locked(sassc->sc); 3299 } 3300 3301 static void 3302 mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3303 void *arg) 3304 { 3305 struct mpr_softc *sc; 3306 3307 sc = (struct mpr_softc *)callback_arg; 3308 3309 switch (code) { 3310 case AC_ADVINFO_CHANGED: { 3311 struct mprsas_target *target; 3312 struct mprsas_softc *sassc; 3313 struct scsi_read_capacity_data_long rcap_buf; 3314 struct ccb_dev_advinfo cdai; 3315 struct mprsas_lun *lun; 3316 lun_id_t lunid; 3317 int found_lun; 3318 uintptr_t buftype; 3319 3320 buftype = (uintptr_t)arg; 3321 3322 found_lun = 0; 3323 sassc = sc->sassc; 3324 3325 /* 3326 * We're only interested in read capacity data changes. 3327 */ 3328 if (buftype != CDAI_TYPE_RCAPLONG) 3329 break; 3330 3331 /* 3332 * We should have a handle for this, but check to make sure. 3333 */ 3334 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3335 ("Target %d out of bounds in mprsas_async\n", 3336 xpt_path_target_id(path))); 3337 target = &sassc->targets[xpt_path_target_id(path)]; 3338 if (target->handle == 0) 3339 break; 3340 3341 lunid = xpt_path_lun_id(path); 3342 3343 SLIST_FOREACH(lun, &target->luns, lun_link) { 3344 if (lun->lun_id == lunid) { 3345 found_lun = 1; 3346 break; 3347 } 3348 } 3349 3350 if (found_lun == 0) { 3351 lun = malloc(sizeof(struct mprsas_lun), M_MPR, 3352 M_NOWAIT | M_ZERO); 3353 if (lun == NULL) { 3354 mpr_dprint(sc, MPR_ERROR, "Unable to alloc " 3355 "LUN for EEDP support.\n"); 3356 break; 3357 } 3358 lun->lun_id = lunid; 3359 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3360 } 3361 3362 bzero(&rcap_buf, sizeof(rcap_buf)); 3363 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3364 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3365 cdai.ccb_h.flags = CAM_DIR_IN; 3366 cdai.buftype = CDAI_TYPE_RCAPLONG; 3367 cdai.flags = CDAI_FLAG_NONE; 3368 cdai.bufsiz = sizeof(rcap_buf); 3369 cdai.buf = (uint8_t *)&rcap_buf; 3370 xpt_action((union ccb *)&cdai); 3371 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3372 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE); 3373 3374 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3375 && (rcap_buf.prot & SRC16_PROT_EN)) { 3376 switch (rcap_buf.prot & SRC16_P_TYPE) { 3377 case SRC16_PTYPE_1: 3378 case SRC16_PTYPE_3: 3379 lun->eedp_formatted = TRUE; 3380 lun->eedp_block_size = 3381 scsi_4btoul(rcap_buf.length); 3382 break; 3383 case SRC16_PTYPE_2: 3384 default: 3385 lun->eedp_formatted = FALSE; 3386 lun->eedp_block_size = 0; 3387 break; 3388 } 3389 } else { 3390 lun->eedp_formatted = FALSE; 3391 lun->eedp_block_size = 0; 3392 } 3393 break; 3394 } 3395 case AC_FOUND_DEVICE: 3396 default: 3397 break; 3398 } 3399 } 3400 3401 /* 3402 * Set the INRESET flag for this target so that no I/O will be sent to 3403 * the target until the reset has completed. If an I/O request does 3404 * happen, the devq will be frozen. The CCB holds the path which is 3405 * used to release the devq. The devq is released and the CCB is freed 3406 * when the TM completes. 3407 */ 3408 void 3409 mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm, 3410 struct mprsas_target *target, lun_id_t lun_id) 3411 { 3412 union ccb *ccb; 3413 path_id_t path_id; 3414 3415 ccb = xpt_alloc_ccb_nowait(); 3416 if (ccb) { 3417 path_id = cam_sim_path(sc->sassc->sim); 3418 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3419 target->tid, lun_id) != CAM_REQ_CMP) { 3420 xpt_free_ccb(ccb); 3421 } else { 3422 tm->cm_ccb = ccb; 3423 tm->cm_targ = target; 3424 target->flags |= MPRSAS_TARGET_INRESET; 3425 } 3426 } 3427 } 3428 3429 int 3430 mprsas_startup(struct mpr_softc *sc) 3431 { 3432 /* 3433 * Send the port enable message and set the wait_for_port_enable flag. 3434 * This flag helps to keep the simq frozen until all discovery events 3435 * are processed. 3436 */ 3437 sc->wait_for_port_enable = 1; 3438 mprsas_send_portenable(sc); 3439 return (0); 3440 } 3441 3442 static int 3443 mprsas_send_portenable(struct mpr_softc *sc) 3444 { 3445 MPI2_PORT_ENABLE_REQUEST *request; 3446 struct mpr_command *cm; 3447 3448 MPR_FUNCTRACE(sc); 3449 3450 if ((cm = mpr_alloc_command(sc)) == NULL) 3451 return (EBUSY); 3452 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3453 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3454 request->MsgFlags = 0; 3455 request->VP_ID = 0; 3456 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3457 cm->cm_complete = mprsas_portenable_complete; 3458 cm->cm_data = NULL; 3459 cm->cm_sge = NULL; 3460 3461 mpr_map_command(sc, cm); 3462 mpr_dprint(sc, MPR_XINFO, 3463 "mpr_send_portenable finished cm %p req %p complete %p\n", 3464 cm, cm->cm_req, cm->cm_complete); 3465 return (0); 3466 } 3467 3468 static void 3469 mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm) 3470 { 3471 MPI2_PORT_ENABLE_REPLY *reply; 3472 struct mprsas_softc *sassc; 3473 3474 MPR_FUNCTRACE(sc); 3475 sassc = sc->sassc; 3476 3477 /* 3478 * Currently there should be no way we can hit this case. It only 3479 * happens when we have a failure to allocate chain frames, and 3480 * port enable commands don't have S/G lists. 3481 */ 3482 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3483 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! " 3484 "This should not happen!\n", __func__, cm->cm_flags); 3485 } 3486 3487 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3488 if (reply == NULL) 3489 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n"); 3490 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) != 3491 MPI2_IOCSTATUS_SUCCESS) 3492 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n"); 3493 3494 mpr_free_command(sc, cm); 3495 /* 3496 * Done waiting for port enable to complete. Decrement the refcount. 3497 * If refcount is 0, discovery is complete and a rescan of the bus can 3498 * take place. 3499 */ 3500 sc->wait_for_port_enable = 0; 3501 sc->port_enable_complete = 1; 3502 wakeup(&sc->port_enable_complete); 3503 mprsas_startup_decrement(sassc); 3504 } 3505 3506 int 3507 mprsas_check_id(struct mprsas_softc *sassc, int id) 3508 { 3509 struct mpr_softc *sc = sassc->sc; 3510 char *ids; 3511 char *name; 3512 3513 ids = &sc->exclude_ids[0]; 3514 while((name = strsep(&ids, ",")) != NULL) { 3515 if (name[0] == '\0') 3516 continue; 3517 if (strtol(name, NULL, 0) == (long)id) 3518 return (1); 3519 } 3520 3521 return (0); 3522 } 3523 3524 void 3525 mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets) 3526 { 3527 struct mprsas_softc *sassc; 3528 struct mprsas_lun *lun, *lun_tmp; 3529 struct mprsas_target *targ; 3530 int i; 3531 3532 sassc = sc->sassc; 3533 /* 3534 * The number of targets is based on IOC Facts, so free all of 3535 * the allocated LUNs for each target and then the target buffer 3536 * itself. 3537 */ 3538 for (i=0; i< maxtargets; i++) { 3539 targ = &sassc->targets[i]; 3540 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3541 free(lun, M_MPR); 3542 } 3543 } 3544 free(sassc->targets, M_MPR); 3545 3546 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets, 3547 M_MPR, M_WAITOK|M_ZERO); 3548 } 3549