1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2009 Yahoo! Inc. 5 * Copyright (c) 2011-2015 LSI Corp. 6 * Copyright (c) 2013-2015 Avago Technologies 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD 31 */ 32 33 #include <sys/cdefs.h> 34 /* Communications core for Avago Technologies (LSI) MPT2 */ 35 36 /* TODO Move headers to mpsvar */ 37 #include <sys/types.h> 38 #include <sys/param.h> 39 #include <sys/systm.h> 40 #include <sys/kernel.h> 41 #include <sys/selinfo.h> 42 #include <sys/module.h> 43 #include <sys/bus.h> 44 #include <sys/conf.h> 45 #include <sys/bio.h> 46 #include <sys/malloc.h> 47 #include <sys/uio.h> 48 #include <sys/sysctl.h> 49 #include <sys/endian.h> 50 #include <sys/queue.h> 51 #include <sys/kthread.h> 52 #include <sys/taskqueue.h> 53 #include <sys/sbuf.h> 54 55 #include <machine/bus.h> 56 #include <machine/resource.h> 57 #include <sys/rman.h> 58 59 #include <machine/stdarg.h> 60 61 #include <cam/cam.h> 62 #include <cam/cam_ccb.h> 63 #include <cam/cam_xpt.h> 64 #include <cam/cam_debug.h> 65 #include <cam/cam_sim.h> 66 #include <cam/cam_xpt_sim.h> 67 #include <cam/cam_xpt_periph.h> 68 #include <cam/cam_periph.h> 69 #include <cam/scsi/scsi_all.h> 70 #include <cam/scsi/scsi_message.h> 71 #include <cam/scsi/smp_all.h> 72 73 #include <dev/mps/mpi/mpi2_type.h> 74 #include <dev/mps/mpi/mpi2.h> 75 #include <dev/mps/mpi/mpi2_ioc.h> 76 #include <dev/mps/mpi/mpi2_sas.h> 77 #include <dev/mps/mpi/mpi2_cnfg.h> 78 #include <dev/mps/mpi/mpi2_init.h> 79 #include <dev/mps/mpi/mpi2_tool.h> 80 #include <dev/mps/mps_ioctl.h> 81 #include <dev/mps/mpsvar.h> 82 #include <dev/mps/mps_table.h> 83 #include <dev/mps/mps_sas.h> 84 85 /* 86 * static array to check SCSI OpCode for EEDP protection bits 87 */ 88 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 89 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 90 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 91 static uint8_t op_code_prot[256] = { 92 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 93 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 94 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 95 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 96 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 97 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 98 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 101 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 102 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 103 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 108 }; 109 110 MALLOC_DEFINE(M_MPSSAS, "MPSSAS", "MPS SAS memory"); 111 112 static void mpssas_remove_device(struct mps_softc *, struct mps_command *); 113 static void mpssas_remove_complete(struct mps_softc *, struct mps_command *); 114 static void mpssas_action(struct cam_sim *sim, union ccb *ccb); 115 static void mpssas_poll(struct cam_sim *sim); 116 static int mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, 117 struct mps_command *cm); 118 static void mpssas_scsiio_timeout(void *data); 119 static void mpssas_abort_complete(struct mps_softc *sc, struct mps_command *cm); 120 static void mpssas_direct_drive_io(struct mpssas_softc *sassc, 121 struct mps_command *cm, union ccb *ccb); 122 static void mpssas_action_scsiio(struct mpssas_softc *, union ccb *); 123 static void mpssas_scsiio_complete(struct mps_softc *, struct mps_command *); 124 static void mpssas_action_resetdev(struct mpssas_softc *, union ccb *); 125 static void mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm); 126 static void mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, 127 uint64_t sasaddr); 128 static void mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb); 129 static void mpssas_resetdev_complete(struct mps_softc *, struct mps_command *); 130 static void mpssas_async(void *callback_arg, uint32_t code, 131 struct cam_path *path, void *arg); 132 static int mpssas_send_portenable(struct mps_softc *sc); 133 static void mpssas_portenable_complete(struct mps_softc *sc, 134 struct mps_command *cm); 135 136 struct mpssas_target * 137 mpssas_find_target_by_handle(struct mpssas_softc *sassc, int start, uint16_t handle) 138 { 139 struct mpssas_target *target; 140 int i; 141 142 for (i = start; i < sassc->maxtargets; i++) { 143 target = &sassc->targets[i]; 144 if (target->handle == handle) 145 return (target); 146 } 147 148 return (NULL); 149 } 150 151 /* we need to freeze the simq during attach and diag reset, to avoid failing 152 * commands before device handles have been found by discovery. Since 153 * discovery involves reading config pages and possibly sending commands, 154 * discovery actions may continue even after we receive the end of discovery 155 * event, so refcount discovery actions instead of assuming we can unfreeze 156 * the simq when we get the event. 157 */ 158 void 159 mpssas_startup_increment(struct mpssas_softc *sassc) 160 { 161 MPS_FUNCTRACE(sassc->sc); 162 163 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) { 164 if (sassc->startup_refcount++ == 0) { 165 /* just starting, freeze the simq */ 166 mps_dprint(sassc->sc, MPS_INIT, 167 "%s freezing simq\n", __func__); 168 xpt_hold_boot(); 169 xpt_freeze_simq(sassc->sim, 1); 170 } 171 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__, 172 sassc->startup_refcount); 173 } 174 } 175 176 void 177 mpssas_release_simq_reinit(struct mpssas_softc *sassc) 178 { 179 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 180 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 181 xpt_release_simq(sassc->sim, 1); 182 mps_dprint(sassc->sc, MPS_INFO, "Unfreezing SIM queue\n"); 183 } 184 } 185 186 void 187 mpssas_startup_decrement(struct mpssas_softc *sassc) 188 { 189 MPS_FUNCTRACE(sassc->sc); 190 191 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) { 192 if (--sassc->startup_refcount == 0) { 193 /* finished all discovery-related actions, release 194 * the simq and rescan for the latest topology. 195 */ 196 mps_dprint(sassc->sc, MPS_INIT, 197 "%s releasing simq\n", __func__); 198 sassc->flags &= ~MPSSAS_IN_STARTUP; 199 xpt_release_simq(sassc->sim, 1); 200 xpt_release_boot(); 201 } 202 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__, 203 sassc->startup_refcount); 204 } 205 } 206 207 /* 208 * The firmware requires us to stop sending commands when we're doing task 209 * management. 210 * XXX The logic for serializing the device has been made lazy and moved to 211 * mpssas_prepare_for_tm(). 212 */ 213 struct mps_command * 214 mpssas_alloc_tm(struct mps_softc *sc) 215 { 216 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 217 struct mps_command *tm; 218 219 tm = mps_alloc_high_priority_command(sc); 220 if (tm == NULL) 221 return (NULL); 222 223 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 224 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 225 return tm; 226 } 227 228 void 229 mpssas_free_tm(struct mps_softc *sc, struct mps_command *tm) 230 { 231 if (tm == NULL) 232 return; 233 234 /* 235 * For TM's the devq is frozen for the device. Unfreeze it here and 236 * free the resources used for freezing the devq. Must clear the 237 * INRESET flag as well or scsi I/O will not work. 238 */ 239 if (tm->cm_ccb) { 240 mps_dprint(sc, MPS_XINFO | MPS_RECOVERY, 241 "Unfreezing devq for target ID %d\n", 242 tm->cm_targ->tid); 243 tm->cm_targ->flags &= ~MPSSAS_TARGET_INRESET; 244 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 245 xpt_free_path(tm->cm_ccb->ccb_h.path); 246 xpt_free_ccb(tm->cm_ccb); 247 } 248 249 mps_free_high_priority_command(sc, tm); 250 } 251 252 void 253 mpssas_rescan_target(struct mps_softc *sc, struct mpssas_target *targ) 254 { 255 struct mpssas_softc *sassc = sc->sassc; 256 path_id_t pathid; 257 target_id_t targetid; 258 union ccb *ccb; 259 260 MPS_FUNCTRACE(sc); 261 pathid = cam_sim_path(sassc->sim); 262 if (targ == NULL) 263 targetid = CAM_TARGET_WILDCARD; 264 else 265 targetid = targ - sassc->targets; 266 267 /* 268 * Allocate a CCB and schedule a rescan. 269 */ 270 ccb = xpt_alloc_ccb_nowait(); 271 if (ccb == NULL) { 272 mps_dprint(sc, MPS_ERROR, "unable to alloc CCB for rescan\n"); 273 return; 274 } 275 276 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, 277 targetid, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 278 mps_dprint(sc, MPS_ERROR, "unable to create path for rescan\n"); 279 xpt_free_ccb(ccb); 280 return; 281 } 282 283 if (targetid == CAM_TARGET_WILDCARD) 284 ccb->ccb_h.func_code = XPT_SCAN_BUS; 285 else 286 ccb->ccb_h.func_code = XPT_SCAN_TGT; 287 288 mps_dprint(sc, MPS_TRACE, "%s targetid %u\n", __func__, targetid); 289 xpt_rescan(ccb); 290 } 291 292 static void 293 mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...) 294 { 295 struct sbuf sb; 296 va_list ap; 297 char str[224]; 298 char path_str[64]; 299 300 if (cm == NULL) 301 return; 302 303 /* No need to be in here if debugging isn't enabled */ 304 if ((cm->cm_sc->mps_debug & level) == 0) 305 return; 306 307 sbuf_new(&sb, str, sizeof(str), 0); 308 309 va_start(ap, fmt); 310 311 if (cm->cm_ccb != NULL) { 312 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 313 sizeof(path_str)); 314 sbuf_cat(&sb, path_str); 315 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 316 scsi_command_string(&cm->cm_ccb->csio, &sb); 317 sbuf_printf(&sb, "length %d ", 318 cm->cm_ccb->csio.dxfer_len); 319 } 320 } 321 else { 322 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 323 cam_sim_name(cm->cm_sc->sassc->sim), 324 cam_sim_unit(cm->cm_sc->sassc->sim), 325 cam_sim_bus(cm->cm_sc->sassc->sim), 326 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 327 cm->cm_lun); 328 } 329 330 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 331 sbuf_vprintf(&sb, fmt, ap); 332 sbuf_finish(&sb); 333 mps_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 334 335 va_end(ap); 336 } 337 338 static void 339 mpssas_remove_volume(struct mps_softc *sc, struct mps_command *tm) 340 { 341 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 342 struct mpssas_target *targ; 343 uint16_t handle; 344 345 MPS_FUNCTRACE(sc); 346 347 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 348 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 349 targ = tm->cm_targ; 350 351 if (reply == NULL) { 352 /* XXX retry the remove after the diag reset completes? */ 353 mps_dprint(sc, MPS_FAULT, 354 "%s NULL reply resetting device 0x%04x\n", __func__, 355 handle); 356 mpssas_free_tm(sc, tm); 357 return; 358 } 359 360 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 361 MPI2_IOCSTATUS_SUCCESS) { 362 mps_dprint(sc, MPS_ERROR, 363 "IOCStatus = 0x%x while resetting device 0x%x\n", 364 le16toh(reply->IOCStatus), handle); 365 } 366 367 mps_dprint(sc, MPS_XINFO, 368 "Reset aborted %u commands\n", reply->TerminationCount); 369 mps_free_reply(sc, tm->cm_reply_data); 370 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 371 372 mps_dprint(sc, MPS_XINFO, 373 "clearing target %u handle 0x%04x\n", targ->tid, handle); 374 375 /* 376 * Don't clear target if remove fails because things will get confusing. 377 * Leave the devname and sasaddr intact so that we know to avoid reusing 378 * this target id if possible, and so we can assign the same target id 379 * to this device if it comes back in the future. 380 */ 381 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 382 MPI2_IOCSTATUS_SUCCESS) { 383 targ = tm->cm_targ; 384 targ->handle = 0x0; 385 targ->encl_handle = 0x0; 386 targ->encl_slot = 0x0; 387 targ->exp_dev_handle = 0x0; 388 targ->phy_num = 0x0; 389 targ->linkrate = 0x0; 390 targ->devinfo = 0x0; 391 targ->flags = 0x0; 392 } 393 394 mpssas_free_tm(sc, tm); 395 } 396 397 /* 398 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 399 * Otherwise Volume Delete is same as Bare Drive Removal. 400 */ 401 void 402 mpssas_prepare_volume_remove(struct mpssas_softc *sassc, uint16_t handle) 403 { 404 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 405 struct mps_softc *sc; 406 struct mps_command *tm; 407 struct mpssas_target *targ = NULL; 408 409 MPS_FUNCTRACE(sassc->sc); 410 sc = sassc->sc; 411 412 #ifdef WD_SUPPORT 413 /* 414 * If this is a WD controller, determine if the disk should be exposed 415 * to the OS or not. If disk should be exposed, return from this 416 * function without doing anything. 417 */ 418 if (sc->WD_available && (sc->WD_hide_expose == 419 MPS_WD_EXPOSE_ALWAYS)) { 420 return; 421 } 422 #endif //WD_SUPPORT 423 424 targ = mpssas_find_target_by_handle(sassc, 0, handle); 425 if (targ == NULL) { 426 /* FIXME: what is the action? */ 427 /* We don't know about this device? */ 428 mps_dprint(sc, MPS_ERROR, 429 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 430 return; 431 } 432 433 targ->flags |= MPSSAS_TARGET_INREMOVAL; 434 435 tm = mpssas_alloc_tm(sc); 436 if (tm == NULL) { 437 mps_dprint(sc, MPS_ERROR, 438 "%s: command alloc failure\n", __func__); 439 return; 440 } 441 442 mpssas_rescan_target(sc, targ); 443 444 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 445 req->DevHandle = targ->handle; 446 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 447 448 /* SAS Hard Link Reset / SATA Link Reset */ 449 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 450 451 tm->cm_targ = targ; 452 tm->cm_data = NULL; 453 tm->cm_complete = mpssas_remove_volume; 454 tm->cm_complete_data = (void *)(uintptr_t)handle; 455 456 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n", 457 __func__, targ->tid); 458 mpssas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 459 460 mps_map_command(sc, tm); 461 } 462 463 /* 464 * The MPT2 firmware performs debounce on the link to avoid transient link 465 * errors and false removals. When it does decide that link has been lost 466 * and a device need to go away, it expects that the host will perform a 467 * target reset and then an op remove. The reset has the side-effect of 468 * aborting any outstanding requests for the device, which is required for 469 * the op-remove to succeed. It's not clear if the host should check for 470 * the device coming back alive after the reset. 471 */ 472 void 473 mpssas_prepare_remove(struct mpssas_softc *sassc, uint16_t handle) 474 { 475 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 476 struct mps_softc *sc; 477 struct mps_command *cm; 478 struct mpssas_target *targ = NULL; 479 480 MPS_FUNCTRACE(sassc->sc); 481 482 sc = sassc->sc; 483 484 targ = mpssas_find_target_by_handle(sassc, 0, handle); 485 if (targ == NULL) { 486 /* FIXME: what is the action? */ 487 /* We don't know about this device? */ 488 mps_dprint(sc, MPS_ERROR, 489 "%s : invalid handle 0x%x \n", __func__, handle); 490 return; 491 } 492 493 targ->flags |= MPSSAS_TARGET_INREMOVAL; 494 495 cm = mpssas_alloc_tm(sc); 496 if (cm == NULL) { 497 mps_dprint(sc, MPS_ERROR, 498 "%s: command alloc failure\n", __func__); 499 return; 500 } 501 502 mpssas_rescan_target(sc, targ); 503 504 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 505 req->DevHandle = htole16(targ->handle); 506 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 507 508 /* SAS Hard Link Reset / SATA Link Reset */ 509 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 510 511 cm->cm_targ = targ; 512 cm->cm_data = NULL; 513 cm->cm_complete = mpssas_remove_device; 514 cm->cm_complete_data = (void *)(uintptr_t)handle; 515 516 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n", 517 __func__, targ->tid); 518 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 519 520 mps_map_command(sc, cm); 521 } 522 523 static void 524 mpssas_remove_device(struct mps_softc *sc, struct mps_command *tm) 525 { 526 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 527 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 528 struct mpssas_target *targ; 529 uint16_t handle; 530 531 MPS_FUNCTRACE(sc); 532 533 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 534 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 535 targ = tm->cm_targ; 536 537 /* 538 * Currently there should be no way we can hit this case. It only 539 * happens when we have a failure to allocate chain frames, and 540 * task management commands don't have S/G lists. 541 */ 542 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 543 mps_dprint(sc, MPS_ERROR, 544 "%s: cm_flags = %#x for remove of handle %#04x! " 545 "This should not happen!\n", __func__, tm->cm_flags, 546 handle); 547 } 548 549 if (reply == NULL) { 550 /* XXX retry the remove after the diag reset completes? */ 551 mps_dprint(sc, MPS_FAULT, 552 "%s NULL reply resetting device 0x%04x\n", __func__, 553 handle); 554 mpssas_free_tm(sc, tm); 555 return; 556 } 557 558 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 559 MPI2_IOCSTATUS_SUCCESS) { 560 mps_dprint(sc, MPS_ERROR, 561 "IOCStatus = 0x%x while resetting device 0x%x\n", 562 le16toh(reply->IOCStatus), handle); 563 } 564 565 mps_dprint(sc, MPS_XINFO, "Reset aborted %u commands\n", 566 le32toh(reply->TerminationCount)); 567 mps_free_reply(sc, tm->cm_reply_data); 568 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 569 570 /* Reuse the existing command */ 571 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 572 memset(req, 0, sizeof(*req)); 573 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 574 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 575 req->DevHandle = htole16(handle); 576 tm->cm_data = NULL; 577 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 578 tm->cm_complete = mpssas_remove_complete; 579 tm->cm_complete_data = (void *)(uintptr_t)handle; 580 581 /* 582 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 583 * They should be aborted or time out and we'll kick thus off there 584 * if so. 585 */ 586 if (TAILQ_FIRST(&targ->commands) == NULL) { 587 mps_dprint(sc, MPS_INFO, 588 "No pending commands: starting remove_device target %u handle 0x%04x\n", 589 targ->tid, handle); 590 mps_map_command(sc, tm); 591 targ->pending_remove_tm = NULL; 592 } else { 593 targ->pending_remove_tm = tm; 594 } 595 596 mps_dprint(sc, MPS_XINFO, "clearing target %u handle 0x%04x\n", 597 targ->tid, handle); 598 } 599 600 static void 601 mpssas_remove_complete(struct mps_softc *sc, struct mps_command *tm) 602 { 603 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 604 uint16_t handle; 605 struct mpssas_target *targ; 606 struct mpssas_lun *lun; 607 608 MPS_FUNCTRACE(sc); 609 610 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 611 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 612 targ = tm->cm_targ; 613 614 /* 615 * At this point, we should have no pending commands for the target. 616 * The remove target has just completed. 617 */ 618 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 619 ("%s: no commands should be pending\n", __func__)); 620 621 /* 622 * Currently there should be no way we can hit this case. It only 623 * happens when we have a failure to allocate chain frames, and 624 * task management commands don't have S/G lists. 625 */ 626 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 627 mps_dprint(sc, MPS_XINFO, 628 "%s: cm_flags = %#x for remove of handle %#04x! " 629 "This should not happen!\n", __func__, tm->cm_flags, 630 handle); 631 mpssas_free_tm(sc, tm); 632 return; 633 } 634 635 if (reply == NULL) { 636 /* most likely a chip reset */ 637 mps_dprint(sc, MPS_FAULT, 638 "%s NULL reply removing device 0x%04x\n", __func__, handle); 639 mpssas_free_tm(sc, tm); 640 return; 641 } 642 643 mps_dprint(sc, MPS_XINFO, 644 "%s on handle 0x%04x, IOCStatus= 0x%x\n", __func__, 645 handle, le16toh(reply->IOCStatus)); 646 647 /* 648 * Don't clear target if remove fails because things will get confusing. 649 * Leave the devname and sasaddr intact so that we know to avoid reusing 650 * this target id if possible, and so we can assign the same target id 651 * to this device if it comes back in the future. 652 */ 653 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 654 MPI2_IOCSTATUS_SUCCESS) { 655 targ->handle = 0x0; 656 targ->encl_handle = 0x0; 657 targ->encl_slot = 0x0; 658 targ->exp_dev_handle = 0x0; 659 targ->phy_num = 0x0; 660 targ->linkrate = 0x0; 661 targ->devinfo = 0x0; 662 targ->flags = 0x0; 663 664 while(!SLIST_EMPTY(&targ->luns)) { 665 lun = SLIST_FIRST(&targ->luns); 666 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 667 free(lun, M_MPT2); 668 } 669 } 670 671 mpssas_free_tm(sc, tm); 672 } 673 674 static int 675 mpssas_register_events(struct mps_softc *sc) 676 { 677 u32 events[MPI2_EVENT_NOTIFY_EVENTMASK_WORDS]; 678 679 bzero(events, 16); 680 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 681 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 682 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 683 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 684 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 685 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 686 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 687 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 688 setbit(events, MPI2_EVENT_IR_VOLUME); 689 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 690 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 691 setbit(events, MPI2_EVENT_LOG_ENTRY_ADDED); 692 693 mps_register_events(sc, events, mpssas_evt_handler, NULL, 694 &sc->sassc->mpssas_eh); 695 696 return (0); 697 } 698 699 int 700 mps_attach_sas(struct mps_softc *sc) 701 { 702 struct mpssas_softc *sassc; 703 cam_status status; 704 int unit, error = 0, reqs; 705 706 MPS_FUNCTRACE(sc); 707 mps_dprint(sc, MPS_INIT, "%s entered\n", __func__); 708 709 sassc = malloc(sizeof(struct mpssas_softc), M_MPT2, M_WAITOK|M_ZERO); 710 711 /* 712 * XXX MaxTargets could change during a reinit. Since we don't 713 * resize the targets[] array during such an event, cache the value 714 * of MaxTargets here so that we don't get into trouble later. This 715 * should move into the reinit logic. 716 */ 717 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 718 sassc->targets = malloc(sizeof(struct mpssas_target) * 719 sassc->maxtargets, M_MPT2, M_WAITOK|M_ZERO); 720 sc->sassc = sassc; 721 sassc->sc = sc; 722 723 reqs = sc->num_reqs - sc->num_prireqs - 1; 724 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 725 mps_dprint(sc, MPS_ERROR, "Cannot allocate SIMQ\n"); 726 error = ENOMEM; 727 goto out; 728 } 729 730 unit = device_get_unit(sc->mps_dev); 731 sassc->sim = cam_sim_alloc(mpssas_action, mpssas_poll, "mps", sassc, 732 unit, &sc->mps_mtx, reqs, reqs, sassc->devq); 733 if (sassc->sim == NULL) { 734 mps_dprint(sc, MPS_INIT|MPS_ERROR, "Cannot allocate SIM\n"); 735 error = EINVAL; 736 goto out; 737 } 738 739 TAILQ_INIT(&sassc->ev_queue); 740 741 /* Initialize taskqueue for Event Handling */ 742 TASK_INIT(&sassc->ev_task, 0, mpssas_firmware_event_work, sc); 743 sassc->ev_tq = taskqueue_create("mps_taskq", M_NOWAIT | M_ZERO, 744 taskqueue_thread_enqueue, &sassc->ev_tq); 745 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 746 device_get_nameunit(sc->mps_dev)); 747 748 mps_lock(sc); 749 750 /* 751 * XXX There should be a bus for every port on the adapter, but since 752 * we're just going to fake the topology for now, we'll pretend that 753 * everything is just a target on a single bus. 754 */ 755 if ((error = xpt_bus_register(sassc->sim, sc->mps_dev, 0)) != 0) { 756 mps_dprint(sc, MPS_INIT|MPS_ERROR, 757 "Error %d registering SCSI bus\n", error); 758 mps_unlock(sc); 759 goto out; 760 } 761 762 /* 763 * Assume that discovery events will start right away. 764 * 765 * Hold off boot until discovery is complete. 766 */ 767 sassc->flags |= MPSSAS_IN_STARTUP | MPSSAS_IN_DISCOVERY; 768 sc->sassc->startup_refcount = 0; 769 mpssas_startup_increment(sassc); 770 771 mps_unlock(sc); 772 773 /* 774 * Register for async events so we can determine the EEDP 775 * capabilities of devices. 776 */ 777 status = xpt_create_path(&sassc->path, /*periph*/NULL, 778 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 779 CAM_LUN_WILDCARD); 780 if (status != CAM_REQ_CMP) { 781 mps_dprint(sc, MPS_ERROR|MPS_INIT, 782 "Error %#x creating sim path\n", status); 783 sassc->path = NULL; 784 } else { 785 int event; 786 787 event = AC_ADVINFO_CHANGED; 788 status = xpt_register_async(event, mpssas_async, sc, 789 sassc->path); 790 if (status != CAM_REQ_CMP) { 791 mps_dprint(sc, MPS_ERROR, 792 "Error %#x registering async handler for " 793 "AC_ADVINFO_CHANGED events\n", status); 794 xpt_free_path(sassc->path); 795 sassc->path = NULL; 796 } 797 } 798 if (status != CAM_REQ_CMP) { 799 /* 800 * EEDP use is the exception, not the rule. 801 * Warn the user, but do not fail to attach. 802 */ 803 mps_printf(sc, "EEDP capabilities disabled.\n"); 804 } 805 806 mpssas_register_events(sc); 807 out: 808 if (error) 809 mps_detach_sas(sc); 810 811 mps_dprint(sc, MPS_INIT, "%s exit error= %d\n", __func__, error); 812 return (error); 813 } 814 815 int 816 mps_detach_sas(struct mps_softc *sc) 817 { 818 struct mpssas_softc *sassc; 819 struct mpssas_lun *lun, *lun_tmp; 820 struct mpssas_target *targ; 821 int i; 822 823 MPS_FUNCTRACE(sc); 824 825 if (sc->sassc == NULL) 826 return (0); 827 828 sassc = sc->sassc; 829 mps_deregister_events(sc, sassc->mpssas_eh); 830 831 /* 832 * Drain and free the event handling taskqueue with the lock 833 * unheld so that any parallel processing tasks drain properly 834 * without deadlocking. 835 */ 836 if (sassc->ev_tq != NULL) 837 taskqueue_free(sassc->ev_tq); 838 839 /* Deregister our async handler */ 840 if (sassc->path != NULL) { 841 xpt_register_async(0, mpssas_async, sc, sassc->path); 842 xpt_free_path(sassc->path); 843 sassc->path = NULL; 844 } 845 846 /* Make sure CAM doesn't wedge if we had to bail out early. */ 847 mps_lock(sc); 848 849 while (sassc->startup_refcount != 0) 850 mpssas_startup_decrement(sassc); 851 852 if (sassc->flags & MPSSAS_IN_STARTUP) 853 xpt_release_simq(sassc->sim, 1); 854 855 if (sassc->sim != NULL) { 856 xpt_bus_deregister(cam_sim_path(sassc->sim)); 857 cam_sim_free(sassc->sim, FALSE); 858 } 859 860 mps_unlock(sc); 861 862 if (sassc->devq != NULL) 863 cam_simq_free(sassc->devq); 864 865 for(i=0; i< sassc->maxtargets ;i++) { 866 targ = &sassc->targets[i]; 867 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 868 free(lun, M_MPT2); 869 } 870 } 871 free(sassc->targets, M_MPT2); 872 free(sassc, M_MPT2); 873 sc->sassc = NULL; 874 875 return (0); 876 } 877 878 void 879 mpssas_discovery_end(struct mpssas_softc *sassc) 880 { 881 struct mps_softc *sc = sassc->sc; 882 883 MPS_FUNCTRACE(sc); 884 885 /* 886 * After discovery has completed, check the mapping table for any 887 * missing devices and update their missing counts. Only do this once 888 * whenever the driver is initialized so that missing counts aren't 889 * updated unnecessarily. Note that just because discovery has 890 * completed doesn't mean that events have been processed yet. The 891 * check_devices function is a callout timer that checks if ALL devices 892 * are missing. If so, it will wait a little longer for events to 893 * complete and keep resetting itself until some device in the mapping 894 * table is not missing, meaning that event processing has started. 895 */ 896 if (sc->track_mapping_events) { 897 mps_dprint(sc, MPS_XINFO | MPS_MAPPING, "Discovery has " 898 "completed. Check for missing devices in the mapping " 899 "table.\n"); 900 callout_reset(&sc->device_check_callout, 901 MPS_MISSING_CHECK_DELAY * hz, mps_mapping_check_devices, 902 sc); 903 } 904 } 905 906 static void 907 mpssas_action(struct cam_sim *sim, union ccb *ccb) 908 { 909 struct mpssas_softc *sassc; 910 911 sassc = cam_sim_softc(sim); 912 913 MPS_FUNCTRACE(sassc->sc); 914 mps_dprint(sassc->sc, MPS_TRACE, "ccb func_code 0x%x\n", 915 ccb->ccb_h.func_code); 916 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED); 917 918 switch (ccb->ccb_h.func_code) { 919 case XPT_PATH_INQ: 920 { 921 struct ccb_pathinq *cpi = &ccb->cpi; 922 struct mps_softc *sc = sassc->sc; 923 924 cpi->version_num = 1; 925 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 926 cpi->target_sprt = 0; 927 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 928 cpi->hba_eng_cnt = 0; 929 cpi->max_target = sassc->maxtargets - 1; 930 cpi->max_lun = 255; 931 932 /* 933 * initiator_id is set here to an ID outside the set of valid 934 * target IDs (including volumes). 935 */ 936 cpi->initiator_id = sassc->maxtargets; 937 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 938 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 939 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 940 cpi->unit_number = cam_sim_unit(sim); 941 cpi->bus_id = cam_sim_bus(sim); 942 cpi->base_transfer_speed = 150000; 943 cpi->transport = XPORT_SAS; 944 cpi->transport_version = 0; 945 cpi->protocol = PROTO_SCSI; 946 cpi->protocol_version = SCSI_REV_SPC; 947 cpi->maxio = sc->maxio; 948 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 949 break; 950 } 951 case XPT_GET_TRAN_SETTINGS: 952 { 953 struct ccb_trans_settings *cts; 954 struct ccb_trans_settings_sas *sas; 955 struct ccb_trans_settings_scsi *scsi; 956 struct mpssas_target *targ; 957 958 cts = &ccb->cts; 959 sas = &cts->xport_specific.sas; 960 scsi = &cts->proto_specific.scsi; 961 962 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 963 ("Target %d out of bounds in XPT_GET_TRANS_SETTINGS\n", 964 cts->ccb_h.target_id)); 965 targ = &sassc->targets[cts->ccb_h.target_id]; 966 if (targ->handle == 0x0) { 967 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 968 break; 969 } 970 971 cts->protocol_version = SCSI_REV_SPC2; 972 cts->transport = XPORT_SAS; 973 cts->transport_version = 0; 974 975 sas->valid = CTS_SAS_VALID_SPEED; 976 switch (targ->linkrate) { 977 case 0x08: 978 sas->bitrate = 150000; 979 break; 980 case 0x09: 981 sas->bitrate = 300000; 982 break; 983 case 0x0a: 984 sas->bitrate = 600000; 985 break; 986 default: 987 sas->valid = 0; 988 } 989 990 cts->protocol = PROTO_SCSI; 991 scsi->valid = CTS_SCSI_VALID_TQ; 992 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 993 994 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 995 break; 996 } 997 case XPT_CALC_GEOMETRY: 998 cam_calc_geometry(&ccb->ccg, /*extended*/1); 999 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1000 break; 1001 case XPT_RESET_DEV: 1002 mps_dprint(sassc->sc, MPS_XINFO, "mpssas_action XPT_RESET_DEV\n"); 1003 mpssas_action_resetdev(sassc, ccb); 1004 return; 1005 case XPT_RESET_BUS: 1006 case XPT_ABORT: 1007 case XPT_TERM_IO: 1008 mps_dprint(sassc->sc, MPS_XINFO, 1009 "mpssas_action faking success for abort or reset\n"); 1010 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1011 break; 1012 case XPT_SCSI_IO: 1013 mpssas_action_scsiio(sassc, ccb); 1014 return; 1015 case XPT_SMP_IO: 1016 mpssas_action_smpio(sassc, ccb); 1017 return; 1018 default: 1019 mpssas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1020 break; 1021 } 1022 xpt_done(ccb); 1023 1024 } 1025 1026 static void 1027 mpssas_announce_reset(struct mps_softc *sc, uint32_t ac_code, 1028 target_id_t target_id, lun_id_t lun_id) 1029 { 1030 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1031 struct cam_path *path; 1032 1033 mps_dprint(sc, MPS_XINFO, "%s code %x target %d lun %jx\n", __func__, 1034 ac_code, target_id, (uintmax_t)lun_id); 1035 1036 if (xpt_create_path(&path, NULL, 1037 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1038 mps_dprint(sc, MPS_ERROR, "unable to create path for reset " 1039 "notification\n"); 1040 return; 1041 } 1042 1043 xpt_async(ac_code, path, NULL); 1044 xpt_free_path(path); 1045 } 1046 1047 static void 1048 mpssas_complete_all_commands(struct mps_softc *sc) 1049 { 1050 struct mps_command *cm; 1051 int i; 1052 int completed; 1053 1054 MPS_FUNCTRACE(sc); 1055 mtx_assert(&sc->mps_mtx, MA_OWNED); 1056 1057 /* complete all commands with a NULL reply */ 1058 for (i = 1; i < sc->num_reqs; i++) { 1059 cm = &sc->commands[i]; 1060 if (cm->cm_state == MPS_CM_STATE_FREE) 1061 continue; 1062 1063 cm->cm_state = MPS_CM_STATE_BUSY; 1064 cm->cm_reply = NULL; 1065 completed = 0; 1066 1067 if (cm->cm_flags & MPS_CM_FLAGS_SATA_ID_TIMEOUT) { 1068 MPASS(cm->cm_data); 1069 free(cm->cm_data, M_MPT2); 1070 cm->cm_data = NULL; 1071 } 1072 1073 if (cm->cm_flags & MPS_CM_FLAGS_POLLED) 1074 cm->cm_flags |= MPS_CM_FLAGS_COMPLETE; 1075 1076 if (cm->cm_complete != NULL) { 1077 mpssas_log_command(cm, MPS_RECOVERY, 1078 "completing cm %p state %x ccb %p for diag reset\n", 1079 cm, cm->cm_state, cm->cm_ccb); 1080 1081 cm->cm_complete(sc, cm); 1082 completed = 1; 1083 } else if (cm->cm_flags & MPS_CM_FLAGS_WAKEUP) { 1084 mpssas_log_command(cm, MPS_RECOVERY, 1085 "waking up cm %p state %x ccb %p for diag reset\n", 1086 cm, cm->cm_state, cm->cm_ccb); 1087 wakeup(cm); 1088 completed = 1; 1089 } 1090 1091 if ((completed == 0) && (cm->cm_state != MPS_CM_STATE_FREE)) { 1092 /* this should never happen, but if it does, log */ 1093 mpssas_log_command(cm, MPS_RECOVERY, 1094 "cm %p state %x flags 0x%x ccb %p during diag " 1095 "reset\n", cm, cm->cm_state, cm->cm_flags, 1096 cm->cm_ccb); 1097 } 1098 } 1099 1100 sc->io_cmds_active = 0; 1101 } 1102 1103 void 1104 mpssas_handle_reinit(struct mps_softc *sc) 1105 { 1106 int i; 1107 1108 /* Go back into startup mode and freeze the simq, so that CAM 1109 * doesn't send any commands until after we've rediscovered all 1110 * targets and found the proper device handles for them. 1111 * 1112 * After the reset, portenable will trigger discovery, and after all 1113 * discovery-related activities have finished, the simq will be 1114 * released. 1115 */ 1116 mps_dprint(sc, MPS_INIT, "%s startup\n", __func__); 1117 sc->sassc->flags |= MPSSAS_IN_STARTUP; 1118 sc->sassc->flags |= MPSSAS_IN_DISCOVERY; 1119 mpssas_startup_increment(sc->sassc); 1120 1121 /* notify CAM of a bus reset */ 1122 mpssas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1123 CAM_LUN_WILDCARD); 1124 1125 /* complete and cleanup after all outstanding commands */ 1126 mpssas_complete_all_commands(sc); 1127 1128 mps_dprint(sc, MPS_INIT, 1129 "%s startup %u after command completion\n", __func__, 1130 sc->sassc->startup_refcount); 1131 1132 /* zero all the target handles, since they may change after the 1133 * reset, and we have to rediscover all the targets and use the new 1134 * handles. 1135 */ 1136 for (i = 0; i < sc->sassc->maxtargets; i++) { 1137 if (sc->sassc->targets[i].outstanding != 0) 1138 mps_dprint(sc, MPS_INIT, "target %u outstanding %u\n", 1139 i, sc->sassc->targets[i].outstanding); 1140 sc->sassc->targets[i].handle = 0x0; 1141 sc->sassc->targets[i].exp_dev_handle = 0x0; 1142 sc->sassc->targets[i].outstanding = 0; 1143 sc->sassc->targets[i].flags = MPSSAS_TARGET_INDIAGRESET; 1144 } 1145 } 1146 1147 static void 1148 mpssas_tm_timeout(void *data) 1149 { 1150 struct mps_command *tm = data; 1151 struct mps_softc *sc = tm->cm_sc; 1152 1153 mtx_assert(&sc->mps_mtx, MA_OWNED); 1154 1155 mpssas_log_command(tm, MPS_INFO|MPS_RECOVERY, 1156 "task mgmt %p timed out\n", tm); 1157 1158 KASSERT(tm->cm_state == MPS_CM_STATE_INQUEUE, 1159 ("command not inqueue, state = %u\n", tm->cm_state)); 1160 1161 tm->cm_state = MPS_CM_STATE_BUSY; 1162 mps_reinit(sc); 1163 } 1164 1165 static void 1166 mpssas_logical_unit_reset_complete(struct mps_softc *sc, struct mps_command *tm) 1167 { 1168 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1169 unsigned int cm_count = 0; 1170 struct mps_command *cm; 1171 struct mpssas_target *targ; 1172 1173 callout_stop(&tm->cm_callout); 1174 1175 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1176 targ = tm->cm_targ; 1177 1178 /* 1179 * Currently there should be no way we can hit this case. It only 1180 * happens when we have a failure to allocate chain frames, and 1181 * task management commands don't have S/G lists. 1182 * XXXSL So should it be an assertion? 1183 */ 1184 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1185 mps_dprint(sc, MPS_RECOVERY|MPS_ERROR, 1186 "%s: cm_flags = %#x for LUN reset! " 1187 "This should not happen!\n", __func__, tm->cm_flags); 1188 mpssas_free_tm(sc, tm); 1189 return; 1190 } 1191 1192 if (reply == NULL) { 1193 mps_dprint(sc, MPS_RECOVERY, "NULL reset reply for tm %p\n", 1194 tm); 1195 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1196 /* this completion was due to a reset, just cleanup */ 1197 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1198 "reset, ignoring NULL LUN reset reply\n"); 1199 targ->tm = NULL; 1200 mpssas_free_tm(sc, tm); 1201 } 1202 else { 1203 /* we should have gotten a reply. */ 1204 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1205 "LUN reset attempt, resetting controller\n"); 1206 mps_reinit(sc); 1207 } 1208 return; 1209 } 1210 1211 mps_dprint(sc, MPS_RECOVERY, 1212 "logical unit reset status 0x%x code 0x%x count %u\n", 1213 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1214 le32toh(reply->TerminationCount)); 1215 1216 /* 1217 * See if there are any outstanding commands for this LUN. 1218 * This could be made more efficient by using a per-LU data 1219 * structure of some sort. 1220 */ 1221 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1222 if (cm->cm_lun == tm->cm_lun) 1223 cm_count++; 1224 } 1225 1226 if (cm_count == 0) { 1227 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1228 "Finished recovery after LUN reset for target %u\n", 1229 targ->tid); 1230 1231 mpssas_announce_reset(sc, AC_SENT_BDR, targ->tid, tm->cm_lun); 1232 1233 /* 1234 * We've finished recovery for this logical unit. check and 1235 * see if some other logical unit has a timedout command 1236 * that needs to be processed. 1237 */ 1238 cm = TAILQ_FIRST(&targ->timedout_commands); 1239 if (cm) { 1240 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1241 "More commands to abort for target %u\n", 1242 targ->tid); 1243 mpssas_send_abort(sc, tm, cm); 1244 } else { 1245 targ->tm = NULL; 1246 mpssas_free_tm(sc, tm); 1247 } 1248 } else { 1249 /* 1250 * If we still have commands for this LUN, the reset 1251 * effectively failed, regardless of the status reported. 1252 * Escalate to a target reset. 1253 */ 1254 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1255 "logical unit reset complete for target %u, but still " 1256 "have %u command(s), sending target reset\n", targ->tid, 1257 cm_count); 1258 mpssas_send_reset(sc, tm, 1259 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1260 } 1261 } 1262 1263 static void 1264 mpssas_target_reset_complete(struct mps_softc *sc, struct mps_command *tm) 1265 { 1266 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1267 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1268 struct mpssas_target *targ; 1269 1270 callout_stop(&tm->cm_callout); 1271 1272 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1273 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1274 targ = tm->cm_targ; 1275 1276 /* 1277 * Currently there should be no way we can hit this case. It only 1278 * happens when we have a failure to allocate chain frames, and 1279 * task management commands don't have S/G lists. 1280 */ 1281 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1282 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x for target reset! " 1283 "This should not happen!\n", __func__, tm->cm_flags); 1284 mpssas_free_tm(sc, tm); 1285 return; 1286 } 1287 1288 if (reply == NULL) { 1289 mps_dprint(sc, MPS_RECOVERY, 1290 "NULL target reset reply for tm %pi TaskMID %u\n", 1291 tm, le16toh(req->TaskMID)); 1292 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1293 /* this completion was due to a reset, just cleanup */ 1294 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1295 "reset, ignoring NULL target reset reply\n"); 1296 targ->tm = NULL; 1297 mpssas_free_tm(sc, tm); 1298 } else { 1299 /* we should have gotten a reply. */ 1300 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1301 "target reset attempt, resetting controller\n"); 1302 mps_reinit(sc); 1303 } 1304 return; 1305 } 1306 1307 mps_dprint(sc, MPS_RECOVERY, 1308 "target reset status 0x%x code 0x%x count %u\n", 1309 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1310 le32toh(reply->TerminationCount)); 1311 1312 if (targ->outstanding == 0) { 1313 /* we've finished recovery for this target and all 1314 * of its logical units. 1315 */ 1316 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1317 "Finished reset recovery for target %u\n", targ->tid); 1318 1319 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1320 CAM_LUN_WILDCARD); 1321 1322 targ->tm = NULL; 1323 mpssas_free_tm(sc, tm); 1324 } else { 1325 /* 1326 * After a target reset, if this target still has 1327 * outstanding commands, the reset effectively failed, 1328 * regardless of the status reported. escalate. 1329 */ 1330 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1331 "Target reset complete for target %u, but still have %u " 1332 "command(s), resetting controller\n", targ->tid, 1333 targ->outstanding); 1334 mps_reinit(sc); 1335 } 1336 } 1337 1338 #define MPS_RESET_TIMEOUT 30 1339 1340 int 1341 mpssas_send_reset(struct mps_softc *sc, struct mps_command *tm, uint8_t type) 1342 { 1343 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1344 struct mpssas_target *target; 1345 int err; 1346 1347 target = tm->cm_targ; 1348 if (target->handle == 0) { 1349 mps_dprint(sc, MPS_ERROR,"%s null devhandle for target_id %d\n", 1350 __func__, target->tid); 1351 return -1; 1352 } 1353 1354 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1355 req->DevHandle = htole16(target->handle); 1356 req->TaskType = type; 1357 1358 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1359 /* XXX Need to handle invalid LUNs */ 1360 MPS_SET_LUN(req->LUN, tm->cm_lun); 1361 tm->cm_targ->logical_unit_resets++; 1362 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1363 "Sending logical unit reset to target %u lun %d\n", 1364 target->tid, tm->cm_lun); 1365 tm->cm_complete = mpssas_logical_unit_reset_complete; 1366 mpssas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1367 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1368 /* 1369 * Target reset method = 1370 * SAS Hard Link Reset / SATA Link Reset 1371 */ 1372 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1373 tm->cm_targ->target_resets++; 1374 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1375 "Sending target reset to target %u\n", target->tid); 1376 tm->cm_complete = mpssas_target_reset_complete; 1377 mpssas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1378 } else { 1379 mps_dprint(sc, MPS_ERROR, "unexpected reset type 0x%x\n", type); 1380 return -1; 1381 } 1382 1383 tm->cm_data = NULL; 1384 tm->cm_complete_data = (void *)tm; 1385 1386 callout_reset(&tm->cm_callout, MPS_RESET_TIMEOUT * hz, 1387 mpssas_tm_timeout, tm); 1388 1389 err = mps_map_command(sc, tm); 1390 if (err) 1391 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1392 "error %d sending reset type %u\n", 1393 err, type); 1394 1395 return err; 1396 } 1397 1398 static void 1399 mpssas_abort_complete(struct mps_softc *sc, struct mps_command *tm) 1400 { 1401 struct mps_command *cm; 1402 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1403 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1404 struct mpssas_target *targ; 1405 1406 callout_stop(&tm->cm_callout); 1407 1408 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1409 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1410 targ = tm->cm_targ; 1411 1412 /* 1413 * Currently there should be no way we can hit this case. It only 1414 * happens when we have a failure to allocate chain frames, and 1415 * task management commands don't have S/G lists. 1416 */ 1417 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1418 mps_dprint(sc, MPS_RECOVERY, 1419 "cm_flags = %#x for abort %p TaskMID %u!\n", 1420 tm->cm_flags, tm, le16toh(req->TaskMID)); 1421 mpssas_free_tm(sc, tm); 1422 return; 1423 } 1424 1425 if (reply == NULL) { 1426 mps_dprint(sc, MPS_RECOVERY, 1427 "NULL abort reply for tm %p TaskMID %u\n", 1428 tm, le16toh(req->TaskMID)); 1429 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1430 /* this completion was due to a reset, just cleanup */ 1431 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1432 "reset, ignoring NULL abort reply\n"); 1433 targ->tm = NULL; 1434 mpssas_free_tm(sc, tm); 1435 } else { 1436 /* we should have gotten a reply. */ 1437 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1438 "abort attempt, resetting controller\n"); 1439 mps_reinit(sc); 1440 } 1441 return; 1442 } 1443 1444 mps_dprint(sc, MPS_RECOVERY, 1445 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1446 le16toh(req->TaskMID), 1447 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1448 le32toh(reply->TerminationCount)); 1449 1450 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1451 if (cm == NULL) { 1452 /* 1453 * If there are no more timedout commands, we're done with 1454 * error recovery for this target. 1455 */ 1456 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1457 "Finished abort recovery for target %u\n", targ->tid); 1458 1459 targ->tm = NULL; 1460 mpssas_free_tm(sc, tm); 1461 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1462 /* abort success, but we have more timedout commands to abort */ 1463 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1464 "Continuing abort recovery for target %u\n", targ->tid); 1465 1466 mpssas_send_abort(sc, tm, cm); 1467 } else { 1468 /* we didn't get a command completion, so the abort 1469 * failed as far as we're concerned. escalate. 1470 */ 1471 mps_dprint(sc, MPS_RECOVERY, 1472 "Abort failed for target %u, sending logical unit reset\n", 1473 targ->tid); 1474 1475 mpssas_send_reset(sc, tm, 1476 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1477 } 1478 } 1479 1480 #define MPS_ABORT_TIMEOUT 5 1481 1482 static int 1483 mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, struct mps_command *cm) 1484 { 1485 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1486 struct mpssas_target *targ; 1487 int err; 1488 1489 targ = cm->cm_targ; 1490 if (targ->handle == 0) { 1491 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1492 "%s null devhandle for target_id %d\n", 1493 __func__, cm->cm_ccb->ccb_h.target_id); 1494 return -1; 1495 } 1496 1497 mpssas_log_command(cm, MPS_RECOVERY|MPS_INFO, 1498 "Aborting command %p\n", cm); 1499 1500 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1501 req->DevHandle = htole16(targ->handle); 1502 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1503 1504 /* XXX Need to handle invalid LUNs */ 1505 MPS_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1506 1507 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1508 1509 tm->cm_data = NULL; 1510 tm->cm_complete = mpssas_abort_complete; 1511 tm->cm_complete_data = (void *)tm; 1512 tm->cm_targ = cm->cm_targ; 1513 tm->cm_lun = cm->cm_lun; 1514 1515 callout_reset(&tm->cm_callout, MPS_ABORT_TIMEOUT * hz, 1516 mpssas_tm_timeout, tm); 1517 1518 targ->aborts++; 1519 1520 mpssas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1521 1522 err = mps_map_command(sc, tm); 1523 if (err) 1524 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1525 "error %d sending abort for cm %p SMID %u\n", 1526 err, cm, req->TaskMID); 1527 return err; 1528 } 1529 1530 static void 1531 mpssas_scsiio_timeout(void *data) 1532 { 1533 sbintime_t elapsed, now; 1534 union ccb *ccb; 1535 struct mps_softc *sc; 1536 struct mps_command *cm; 1537 struct mpssas_target *targ; 1538 1539 cm = (struct mps_command *)data; 1540 sc = cm->cm_sc; 1541 ccb = cm->cm_ccb; 1542 now = sbinuptime(); 1543 1544 MPS_FUNCTRACE(sc); 1545 mtx_assert(&sc->mps_mtx, MA_OWNED); 1546 1547 mps_dprint(sc, MPS_XINFO|MPS_RECOVERY, "Timeout checking cm %p\n", cm); 1548 1549 /* 1550 * Run the interrupt handler to make sure it's not pending. This 1551 * isn't perfect because the command could have already completed 1552 * and been re-used, though this is unlikely. 1553 */ 1554 mps_intr_locked(sc); 1555 if (cm->cm_flags & MPS_CM_FLAGS_ON_RECOVERY) { 1556 mpssas_log_command(cm, MPS_XINFO, 1557 "SCSI command %p almost timed out\n", cm); 1558 return; 1559 } 1560 1561 if (cm->cm_ccb == NULL) { 1562 mps_dprint(sc, MPS_ERROR, "command timeout with NULL ccb\n"); 1563 return; 1564 } 1565 1566 targ = cm->cm_targ; 1567 targ->timeouts++; 1568 1569 elapsed = now - ccb->ccb_h.qos.sim_data; 1570 mpssas_log_command(cm, MPS_INFO|MPS_RECOVERY, 1571 "Command timeout on target %u(0x%04x) %d set, %d.%d elapsed\n", 1572 targ->tid, targ->handle, ccb->ccb_h.timeout, 1573 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1574 1575 /* XXX first, check the firmware state, to see if it's still 1576 * operational. if not, do a diag reset. 1577 */ 1578 mpssas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1579 cm->cm_flags |= MPS_CM_FLAGS_ON_RECOVERY | MPS_CM_FLAGS_TIMEDOUT; 1580 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1581 1582 if (targ->tm != NULL) { 1583 /* target already in recovery, just queue up another 1584 * timedout command to be processed later. 1585 */ 1586 mps_dprint(sc, MPS_RECOVERY, 1587 "queued timedout cm %p for processing by tm %p\n", 1588 cm, targ->tm); 1589 } else if ((targ->tm = mpssas_alloc_tm(sc)) != NULL) { 1590 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1591 "Sending abort to target %u for SMID %d\n", targ->tid, 1592 cm->cm_desc.Default.SMID); 1593 mps_dprint(sc, MPS_RECOVERY, "timedout cm %p allocated tm %p\n", 1594 cm, targ->tm); 1595 1596 /* start recovery by aborting the first timedout command */ 1597 mpssas_send_abort(sc, targ->tm, cm); 1598 } else { 1599 /* XXX queue this target up for recovery once a TM becomes 1600 * available. The firmware only has a limited number of 1601 * HighPriority credits for the high priority requests used 1602 * for task management, and we ran out. 1603 * 1604 * Isilon: don't worry about this for now, since we have 1605 * more credits than disks in an enclosure, and limit 1606 * ourselves to one TM per target for recovery. 1607 */ 1608 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1609 "timedout cm %p failed to allocate a tm\n", cm); 1610 } 1611 1612 } 1613 1614 static void 1615 mpssas_action_scsiio(struct mpssas_softc *sassc, union ccb *ccb) 1616 { 1617 MPI2_SCSI_IO_REQUEST *req; 1618 struct ccb_scsiio *csio; 1619 struct mps_softc *sc; 1620 struct mpssas_target *targ; 1621 struct mpssas_lun *lun; 1622 struct mps_command *cm; 1623 uint8_t i, lba_byte, *ref_tag_addr; 1624 uint16_t eedp_flags; 1625 uint32_t mpi_control; 1626 1627 sc = sassc->sc; 1628 MPS_FUNCTRACE(sc); 1629 mtx_assert(&sc->mps_mtx, MA_OWNED); 1630 1631 csio = &ccb->csio; 1632 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1633 ("Target %d out of bounds in XPT_SCSI_IO\n", 1634 csio->ccb_h.target_id)); 1635 targ = &sassc->targets[csio->ccb_h.target_id]; 1636 mps_dprint(sc, MPS_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1637 if (targ->handle == 0x0) { 1638 if (targ->flags & MPSSAS_TARGET_INDIAGRESET) { 1639 mps_dprint(sc, MPS_ERROR, 1640 "%s NULL handle for target %u in diag reset freezing queue\n", 1641 __func__, csio->ccb_h.target_id); 1642 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1643 xpt_freeze_devq(ccb->ccb_h.path, 1); 1644 xpt_done(ccb); 1645 return; 1646 } 1647 mps_dprint(sc, MPS_ERROR, "%s NULL handle for target %u\n", 1648 __func__, csio->ccb_h.target_id); 1649 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1650 xpt_done(ccb); 1651 return; 1652 } 1653 if (targ->flags & MPS_TARGET_FLAGS_RAID_COMPONENT) { 1654 mps_dprint(sc, MPS_ERROR, "%s Raid component no SCSI IO " 1655 "supported %u\n", __func__, csio->ccb_h.target_id); 1656 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1657 xpt_done(ccb); 1658 return; 1659 } 1660 /* 1661 * Sometimes, it is possible to get a command that is not "In 1662 * Progress" and was actually aborted by the upper layer. Check for 1663 * this here and complete the command without error. 1664 */ 1665 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1666 mps_dprint(sc, MPS_TRACE, "%s Command is not in progress for " 1667 "target %u\n", __func__, csio->ccb_h.target_id); 1668 xpt_done(ccb); 1669 return; 1670 } 1671 /* 1672 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1673 * that the volume has timed out. We want volumes to be enumerated 1674 * until they are deleted/removed, not just failed. In either event, 1675 * we're removing the target due to a firmware event telling us 1676 * the device is now gone (as opposed to some transient event). Since 1677 * we're opting to remove failed devices from the OS's view, we need 1678 * to propagate that status up the stack. 1679 */ 1680 if (targ->flags & MPSSAS_TARGET_INREMOVAL) { 1681 if (targ->devinfo == 0) 1682 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1683 else 1684 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1685 xpt_done(ccb); 1686 return; 1687 } 1688 1689 if ((sc->mps_flags & MPS_FLAGS_SHUTDOWN) != 0) { 1690 mps_dprint(sc, MPS_INFO, "%s shutting down\n", __func__); 1691 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1692 xpt_done(ccb); 1693 return; 1694 } 1695 1696 /* 1697 * If target has a reset in progress, the devq should be frozen. 1698 * Geting here we likely hit a race, so just requeue. 1699 */ 1700 if (targ->flags & MPSSAS_TARGET_INRESET) { 1701 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1702 mps_dprint(sc, MPS_INFO, "%s: Freezing devq for target ID %d\n", 1703 __func__, targ->tid); 1704 xpt_freeze_devq(ccb->ccb_h.path, 1); 1705 xpt_done(ccb); 1706 return; 1707 } 1708 1709 cm = mps_alloc_command(sc); 1710 if (cm == NULL || (sc->mps_flags & MPS_FLAGS_DIAGRESET)) { 1711 if (cm != NULL) { 1712 mps_free_command(sc, cm); 1713 } 1714 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) { 1715 xpt_freeze_simq(sassc->sim, 1); 1716 sassc->flags |= MPSSAS_QUEUE_FROZEN; 1717 } 1718 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1719 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1720 xpt_done(ccb); 1721 return; 1722 } 1723 1724 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1725 bzero(req, sizeof(*req)); 1726 req->DevHandle = htole16(targ->handle); 1727 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1728 req->MsgFlags = 0; 1729 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1730 req->SenseBufferLength = MPS_SENSE_LEN; 1731 req->SGLFlags = 0; 1732 req->ChainOffset = 0; 1733 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1734 req->SGLOffset1= 0; 1735 req->SGLOffset2= 0; 1736 req->SGLOffset3= 0; 1737 req->SkipCount = 0; 1738 req->DataLength = htole32(csio->dxfer_len); 1739 req->BidirectionalDataLength = 0; 1740 req->IoFlags = htole16(csio->cdb_len); 1741 req->EEDPFlags = 0; 1742 1743 /* Note: BiDirectional transfers are not supported */ 1744 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1745 case CAM_DIR_IN: 1746 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1747 cm->cm_flags |= MPS_CM_FLAGS_DATAIN; 1748 break; 1749 case CAM_DIR_OUT: 1750 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1751 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT; 1752 break; 1753 case CAM_DIR_NONE: 1754 default: 1755 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 1756 break; 1757 } 1758 1759 if (csio->cdb_len == 32) 1760 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 1761 /* 1762 * It looks like the hardware doesn't require an explicit tag 1763 * number for each transaction. SAM Task Management not supported 1764 * at the moment. 1765 */ 1766 switch (csio->tag_action) { 1767 case MSG_HEAD_OF_Q_TAG: 1768 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 1769 break; 1770 case MSG_ORDERED_Q_TAG: 1771 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 1772 break; 1773 case MSG_ACA_TASK: 1774 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 1775 break; 1776 case CAM_TAG_ACTION_NONE: 1777 case MSG_SIMPLE_Q_TAG: 1778 default: 1779 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 1780 break; 1781 } 1782 mpi_control |= (csio->priority << MPI2_SCSIIO_CONTROL_TASKPRI_SHIFT) & 1783 MPI2_SCSIIO_CONTROL_TASKPRI_MASK; 1784 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 1785 req->Control = htole32(mpi_control); 1786 if (MPS_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 1787 mps_free_command(sc, cm); 1788 mpssas_set_ccbstatus(ccb, CAM_LUN_INVALID); 1789 xpt_done(ccb); 1790 return; 1791 } 1792 1793 if (csio->ccb_h.flags & CAM_CDB_POINTER) 1794 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 1795 else 1796 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 1797 req->IoFlags = htole16(csio->cdb_len); 1798 1799 /* 1800 * Check if EEDP is supported and enabled. If it is then check if the 1801 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 1802 * is formatted for EEDP support. If all of this is true, set CDB up 1803 * for EEDP transfer. 1804 */ 1805 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 1806 if (sc->eedp_enabled && eedp_flags) { 1807 SLIST_FOREACH(lun, &targ->luns, lun_link) { 1808 if (lun->lun_id == csio->ccb_h.target_lun) { 1809 break; 1810 } 1811 } 1812 1813 if ((lun != NULL) && (lun->eedp_formatted)) { 1814 req->EEDPBlockSize = htole16(lun->eedp_block_size); 1815 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 1816 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 1817 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 1818 req->EEDPFlags = htole16(eedp_flags); 1819 1820 /* 1821 * If CDB less than 32, fill in Primary Ref Tag with 1822 * low 4 bytes of LBA. If CDB is 32, tag stuff is 1823 * already there. Also, set protection bit. FreeBSD 1824 * currently does not support CDBs bigger than 16, but 1825 * the code doesn't hurt, and will be here for the 1826 * future. 1827 */ 1828 if (csio->cdb_len != 32) { 1829 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 1830 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 1831 PrimaryReferenceTag; 1832 for (i = 0; i < 4; i++) { 1833 *ref_tag_addr = 1834 req->CDB.CDB32[lba_byte + i]; 1835 ref_tag_addr++; 1836 } 1837 req->CDB.EEDP32.PrimaryReferenceTag = 1838 htole32(req->CDB.EEDP32.PrimaryReferenceTag); 1839 req->CDB.EEDP32.PrimaryApplicationTagMask = 1840 0xFFFF; 1841 req->CDB.CDB32[1] = (req->CDB.CDB32[1] & 0x1F) | 1842 0x20; 1843 } else { 1844 eedp_flags |= 1845 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 1846 req->EEDPFlags = htole16(eedp_flags); 1847 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 1848 0x1F) | 0x20; 1849 } 1850 } 1851 } 1852 1853 cm->cm_length = csio->dxfer_len; 1854 if (cm->cm_length != 0) { 1855 cm->cm_data = ccb; 1856 cm->cm_flags |= MPS_CM_FLAGS_USE_CCB; 1857 } else { 1858 cm->cm_data = NULL; 1859 } 1860 cm->cm_sge = &req->SGL; 1861 cm->cm_sglsize = (32 - 24) * 4; 1862 cm->cm_desc.SCSIIO.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 1863 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 1864 cm->cm_complete = mpssas_scsiio_complete; 1865 cm->cm_complete_data = ccb; 1866 cm->cm_targ = targ; 1867 cm->cm_lun = csio->ccb_h.target_lun; 1868 cm->cm_ccb = ccb; 1869 1870 /* 1871 * If HBA is a WD and the command is not for a retry, try to build a 1872 * direct I/O message. If failed, or the command is for a retry, send 1873 * the I/O to the IR volume itself. 1874 */ 1875 if (sc->WD_valid_config) { 1876 if (ccb->ccb_h.sim_priv.entries[0].field == MPS_WD_RETRY) { 1877 mpssas_direct_drive_io(sassc, cm, ccb); 1878 } else { 1879 mpssas_set_ccbstatus(ccb, CAM_REQ_INPROG); 1880 } 1881 } 1882 1883 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING) 1884 if (csio->bio != NULL) 1885 biotrack(csio->bio, __func__); 1886 #endif 1887 csio->ccb_h.qos.sim_data = sbinuptime(); 1888 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1889 mpssas_scsiio_timeout, cm, 0); 1890 1891 targ->issued++; 1892 targ->outstanding++; 1893 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1894 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1895 1896 mpssas_log_command(cm, MPS_XINFO, "%s cm %p ccb %p outstanding %u\n", 1897 __func__, cm, ccb, targ->outstanding); 1898 1899 mps_map_command(sc, cm); 1900 return; 1901 } 1902 1903 /** 1904 * mps_sc_failed_io_info - translated non-succesfull SCSI_IO request 1905 */ 1906 static void 1907 mps_sc_failed_io_info(struct mps_softc *sc, struct ccb_scsiio *csio, 1908 Mpi2SCSIIOReply_t *mpi_reply) 1909 { 1910 u32 response_info; 1911 u8 *response_bytes; 1912 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 1913 MPI2_IOCSTATUS_MASK; 1914 u8 scsi_state = mpi_reply->SCSIState; 1915 u8 scsi_status = mpi_reply->SCSIStatus; 1916 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 1917 const char *desc_ioc_state, *desc_scsi_status; 1918 1919 if (log_info == 0x31170000) 1920 return; 1921 1922 desc_ioc_state = mps_describe_table(mps_iocstatus_string, 1923 ioc_status); 1924 desc_scsi_status = mps_describe_table(mps_scsi_status_string, 1925 scsi_status); 1926 1927 mps_dprint(sc, MPS_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 1928 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 1929 1930 /* 1931 *We can add more detail about underflow data here 1932 * TO-DO 1933 */ 1934 mps_dprint(sc, MPS_XINFO, "\tscsi_status(%s)(0x%02x), " 1935 "scsi_state %b\n", desc_scsi_status, scsi_status, 1936 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 1937 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 1938 1939 if (sc->mps_debug & MPS_XINFO && 1940 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 1941 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : Start :\n"); 1942 scsi_sense_print(csio); 1943 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : End :\n"); 1944 } 1945 1946 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 1947 response_info = le32toh(mpi_reply->ResponseInfo); 1948 response_bytes = (u8 *)&response_info; 1949 mps_dprint(sc, MPS_XINFO, "response code(0x%1x): %s\n", 1950 response_bytes[0], 1951 mps_describe_table(mps_scsi_taskmgmt_string, 1952 response_bytes[0])); 1953 } 1954 } 1955 1956 static void 1957 mpssas_scsiio_complete(struct mps_softc *sc, struct mps_command *cm) 1958 { 1959 MPI2_SCSI_IO_REPLY *rep; 1960 union ccb *ccb; 1961 struct ccb_scsiio *csio; 1962 struct mpssas_softc *sassc; 1963 struct scsi_vpd_supported_page_list *vpd_list = NULL; 1964 u8 *TLR_bits, TLR_on; 1965 int dir = 0, i; 1966 u16 alloc_len; 1967 struct mpssas_target *target; 1968 target_id_t target_id; 1969 1970 MPS_FUNCTRACE(sc); 1971 mps_dprint(sc, MPS_TRACE, 1972 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm, 1973 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 1974 cm->cm_targ->outstanding); 1975 1976 callout_stop(&cm->cm_callout); 1977 mtx_assert(&sc->mps_mtx, MA_OWNED); 1978 1979 sassc = sc->sassc; 1980 ccb = cm->cm_complete_data; 1981 csio = &ccb->csio; 1982 target_id = csio->ccb_h.target_id; 1983 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 1984 /* 1985 * XXX KDM if the chain allocation fails, does it matter if we do 1986 * the sync and unload here? It is simpler to do it in every case, 1987 * assuming it doesn't cause problems. 1988 */ 1989 if (cm->cm_data != NULL) { 1990 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN) 1991 dir = BUS_DMASYNC_POSTREAD; 1992 else if (cm->cm_flags & MPS_CM_FLAGS_DATAOUT) 1993 dir = BUS_DMASYNC_POSTWRITE; 1994 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 1995 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 1996 } 1997 1998 cm->cm_targ->completed++; 1999 cm->cm_targ->outstanding--; 2000 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2001 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2002 2003 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING) 2004 if (ccb->csio.bio != NULL) 2005 biotrack(ccb->csio.bio, __func__); 2006 #endif 2007 2008 if (cm->cm_flags & MPS_CM_FLAGS_ON_RECOVERY) { 2009 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2010 KASSERT(cm->cm_state == MPS_CM_STATE_BUSY, 2011 ("Not busy for CM_FLAGS_TIMEDOUT: %u\n", cm->cm_state)); 2012 cm->cm_flags &= ~MPS_CM_FLAGS_ON_RECOVERY; 2013 if (cm->cm_reply != NULL) 2014 mpssas_log_command(cm, MPS_RECOVERY, 2015 "completed timedout cm %p ccb %p during recovery " 2016 "ioc %x scsi %x state %x xfer %u\n", 2017 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2018 rep->SCSIStatus, rep->SCSIState, 2019 le32toh(rep->TransferCount)); 2020 else 2021 mpssas_log_command(cm, MPS_RECOVERY, 2022 "completed timedout cm %p ccb %p during recovery\n", 2023 cm, cm->cm_ccb); 2024 } else if (cm->cm_targ->tm != NULL) { 2025 if (cm->cm_reply != NULL) 2026 mpssas_log_command(cm, MPS_RECOVERY, 2027 "completed cm %p ccb %p during recovery " 2028 "ioc %x scsi %x state %x xfer %u\n", 2029 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2030 rep->SCSIStatus, rep->SCSIState, 2031 le32toh(rep->TransferCount)); 2032 else 2033 mpssas_log_command(cm, MPS_RECOVERY, 2034 "completed cm %p ccb %p during recovery\n", 2035 cm, cm->cm_ccb); 2036 } else if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 2037 mpssas_log_command(cm, MPS_RECOVERY, 2038 "reset completed cm %p ccb %p\n", 2039 cm, cm->cm_ccb); 2040 } 2041 2042 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 2043 /* 2044 * We ran into an error after we tried to map the command, 2045 * so we're getting a callback without queueing the command 2046 * to the hardware. So we set the status here, and it will 2047 * be retained below. We'll go through the "fast path", 2048 * because there can be no reply when we haven't actually 2049 * gone out to the hardware. 2050 */ 2051 mpssas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2052 2053 /* 2054 * Currently the only error included in the mask is 2055 * MPS_CM_FLAGS_CHAIN_FAILED, which means we're out of 2056 * chain frames. We need to freeze the queue until we get 2057 * a command that completed without this error, which will 2058 * hopefully have some chain frames attached that we can 2059 * use. If we wanted to get smarter about it, we would 2060 * only unfreeze the queue in this condition when we're 2061 * sure that we're getting some chain frames back. That's 2062 * probably unnecessary. 2063 */ 2064 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) { 2065 xpt_freeze_simq(sassc->sim, 1); 2066 sassc->flags |= MPSSAS_QUEUE_FROZEN; 2067 mps_dprint(sc, MPS_XINFO, "Error sending command, " 2068 "freezing SIM queue\n"); 2069 } 2070 } 2071 2072 /* 2073 * If this is a Start Stop Unit command and it was issued by the driver 2074 * during shutdown, decrement the refcount to account for all of the 2075 * commands that were sent. All SSU commands should be completed before 2076 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2077 * is TRUE. 2078 */ 2079 if (sc->SSU_started && (csio->cdb_io.cdb_bytes[0] == START_STOP_UNIT)) { 2080 mps_dprint(sc, MPS_INFO, "Decrementing SSU count.\n"); 2081 sc->SSU_refcount--; 2082 } 2083 2084 /* Take the fast path to completion */ 2085 if (cm->cm_reply == NULL) { 2086 if (mpssas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2087 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) 2088 mpssas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2089 else { 2090 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2091 ccb->csio.scsi_status = SCSI_STATUS_OK; 2092 } 2093 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 2094 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2095 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 2096 mps_dprint(sc, MPS_XINFO, 2097 "Unfreezing SIM queue\n"); 2098 } 2099 } 2100 2101 /* 2102 * There are two scenarios where the status won't be 2103 * CAM_REQ_CMP. The first is if MPS_CM_FLAGS_ERROR_MASK is 2104 * set, the second is in the MPS_FLAGS_DIAGRESET above. 2105 */ 2106 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2107 /* 2108 * Freeze the dev queue so that commands are 2109 * executed in the correct order after error 2110 * recovery. 2111 */ 2112 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2113 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2114 } 2115 mps_free_command(sc, cm); 2116 xpt_done(ccb); 2117 return; 2118 } 2119 2120 mpssas_log_command(cm, MPS_XINFO, 2121 "ioc %x scsi %x state %x xfer %u\n", 2122 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2123 le32toh(rep->TransferCount)); 2124 2125 /* 2126 * If this is a Direct Drive I/O, reissue the I/O to the original IR 2127 * Volume if an error occurred (normal I/O retry). Use the original 2128 * CCB, but set a flag that this will be a retry so that it's sent to 2129 * the original volume. Free the command but reuse the CCB. 2130 */ 2131 if (cm->cm_flags & MPS_CM_FLAGS_DD_IO) { 2132 mps_free_command(sc, cm); 2133 ccb->ccb_h.sim_priv.entries[0].field = MPS_WD_RETRY; 2134 mpssas_action_scsiio(sassc, ccb); 2135 return; 2136 } else 2137 ccb->ccb_h.sim_priv.entries[0].field = 0; 2138 2139 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2140 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2141 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2142 /* FALLTHROUGH */ 2143 case MPI2_IOCSTATUS_SUCCESS: 2144 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2145 2146 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2147 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2148 mpssas_log_command(cm, MPS_XINFO, "recovered error\n"); 2149 2150 /* Completion failed at the transport level. */ 2151 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2152 MPI2_SCSI_STATE_TERMINATED)) { 2153 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2154 break; 2155 } 2156 2157 /* In a modern packetized environment, an autosense failure 2158 * implies that there's not much else that can be done to 2159 * recover the command. 2160 */ 2161 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2162 mpssas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2163 break; 2164 } 2165 2166 /* 2167 * CAM doesn't care about SAS Response Info data, but if this is 2168 * the state check if TLR should be done. If not, clear the 2169 * TLR_bits for the target. 2170 */ 2171 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2172 ((le32toh(rep->ResponseInfo) & 2173 MPI2_SCSI_RI_MASK_REASONCODE) == 2174 MPS_SCSI_RI_INVALID_FRAME)) { 2175 sc->mapping_table[target_id].TLR_bits = 2176 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2177 } 2178 2179 /* 2180 * Intentionally override the normal SCSI status reporting 2181 * for these two cases. These are likely to happen in a 2182 * multi-initiator environment, and we want to make sure that 2183 * CAM retries these commands rather than fail them. 2184 */ 2185 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2186 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2187 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2188 break; 2189 } 2190 2191 /* Handle normal status and sense */ 2192 csio->scsi_status = rep->SCSIStatus; 2193 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2194 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2195 else 2196 mpssas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2197 2198 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2199 int sense_len, returned_sense_len; 2200 2201 returned_sense_len = min(le32toh(rep->SenseCount), 2202 sizeof(struct scsi_sense_data)); 2203 if (returned_sense_len < ccb->csio.sense_len) 2204 ccb->csio.sense_resid = ccb->csio.sense_len - 2205 returned_sense_len; 2206 else 2207 ccb->csio.sense_resid = 0; 2208 2209 sense_len = min(returned_sense_len, 2210 ccb->csio.sense_len - ccb->csio.sense_resid); 2211 bzero(&ccb->csio.sense_data, 2212 sizeof(ccb->csio.sense_data)); 2213 bcopy(cm->cm_sense, &ccb->csio.sense_data, sense_len); 2214 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2215 } 2216 2217 /* 2218 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2219 * and it's page code 0 (Supported Page List), and there is 2220 * inquiry data, and this is for a sequential access device, and 2221 * the device is an SSP target, and TLR is supported by the 2222 * controller, turn the TLR_bits value ON if page 0x90 is 2223 * supported. 2224 */ 2225 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) && 2226 (csio->cdb_io.cdb_bytes[1] & SI_EVPD) && 2227 (csio->cdb_io.cdb_bytes[2] == SVPD_SUPPORTED_PAGE_LIST) && 2228 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2229 (csio->data_ptr != NULL) && 2230 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2231 (sc->control_TLR) && 2232 (sc->mapping_table[target_id].device_info & 2233 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2234 vpd_list = (struct scsi_vpd_supported_page_list *) 2235 csio->data_ptr; 2236 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2237 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2238 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2239 alloc_len = ((u16)csio->cdb_io.cdb_bytes[3] << 8) + 2240 csio->cdb_io.cdb_bytes[4]; 2241 alloc_len -= csio->resid; 2242 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2243 if (vpd_list->list[i] == 0x90) { 2244 *TLR_bits = TLR_on; 2245 break; 2246 } 2247 } 2248 } 2249 2250 /* 2251 * If this is a SATA direct-access end device, mark it so that 2252 * a SCSI StartStopUnit command will be sent to it when the 2253 * driver is being shutdown. 2254 */ 2255 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) && 2256 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2257 (sc->mapping_table[target_id].device_info & 2258 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2259 ((sc->mapping_table[target_id].device_info & 2260 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2261 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2262 target = &sassc->targets[target_id]; 2263 target->supports_SSU = TRUE; 2264 mps_dprint(sc, MPS_XINFO, "Target %d supports SSU\n", 2265 target_id); 2266 } 2267 break; 2268 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2269 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2270 /* 2271 * If devinfo is 0 this will be a volume. In that case don't 2272 * tell CAM that the volume is not there. We want volumes to 2273 * be enumerated until they are deleted/removed, not just 2274 * failed. 2275 */ 2276 if (cm->cm_targ->devinfo == 0) 2277 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2278 else 2279 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2280 break; 2281 case MPI2_IOCSTATUS_INVALID_SGL: 2282 mps_print_scsiio_cmd(sc, cm); 2283 mpssas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2284 break; 2285 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2286 /* 2287 * This is one of the responses that comes back when an I/O 2288 * has been aborted. If it is because of a timeout that we 2289 * initiated, just set the status to CAM_CMD_TIMEOUT. 2290 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2291 * command is the same (it gets retried, subject to the 2292 * retry counter), the only difference is what gets printed 2293 * on the console. 2294 */ 2295 if (cm->cm_flags & MPS_CM_FLAGS_TIMEDOUT) 2296 mpssas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2297 else 2298 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2299 break; 2300 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2301 /* resid is ignored for this condition */ 2302 csio->resid = 0; 2303 mpssas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2304 break; 2305 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2306 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2307 /* 2308 * These can sometimes be transient transport-related 2309 * errors, and sometimes persistent drive-related errors. 2310 * We used to retry these without decrementing the retry 2311 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2312 * we hit a persistent drive problem that returns one of 2313 * these error codes, we would retry indefinitely. So, 2314 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2315 * count and avoid infinite retries. We're taking the 2316 * potential risk of flagging false failures in the event 2317 * of a topology-related error (e.g. a SAS expander problem 2318 * causes a command addressed to a drive to fail), but 2319 * avoiding getting into an infinite retry loop. However, 2320 * if we get them while were moving a device, we should 2321 * fail the request as 'not there' because the device 2322 * is effectively gone. 2323 */ 2324 if (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) 2325 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2326 else 2327 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2328 mps_dprint(sc, MPS_INFO, 2329 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2330 mps_describe_table(mps_iocstatus_string, 2331 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2332 target_id, cm->cm_desc.Default.SMID, 2333 le32toh(rep->IOCLogInfo), 2334 (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) ? " departing" : ""); 2335 mps_dprint(sc, MPS_XINFO, 2336 "SCSIStatus %x SCSIState %x xfercount %u\n", 2337 rep->SCSIStatus, rep->SCSIState, 2338 le32toh(rep->TransferCount)); 2339 break; 2340 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2341 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2342 case MPI2_IOCSTATUS_INVALID_VPID: 2343 case MPI2_IOCSTATUS_INVALID_FIELD: 2344 case MPI2_IOCSTATUS_INVALID_STATE: 2345 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2346 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2347 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2348 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2349 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2350 default: 2351 mpssas_log_command(cm, MPS_XINFO, 2352 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2353 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2354 rep->SCSIStatus, rep->SCSIState, 2355 le32toh(rep->TransferCount)); 2356 csio->resid = cm->cm_length; 2357 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2358 break; 2359 } 2360 2361 mps_sc_failed_io_info(sc,csio,rep); 2362 2363 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 2364 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2365 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 2366 mps_dprint(sc, MPS_XINFO, "Command completed, " 2367 "unfreezing SIM queue\n"); 2368 } 2369 2370 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2371 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2372 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2373 } 2374 2375 /* 2376 * Check to see if we're removing the device. If so, and this is the 2377 * last command on the queue, proceed with the deferred removal of the 2378 * device. Note, for removing a volume, this won't trigger because 2379 * pending_remove_tm will be NULL. 2380 */ 2381 if (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) { 2382 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2383 cm->cm_targ->pending_remove_tm != NULL) { 2384 mps_dprint(sc, MPS_INFO, 2385 "Last pending command complete: starting remove_device target %u handle 0x%04x\n", 2386 cm->cm_targ->tid, cm->cm_targ->handle); 2387 mps_map_command(sc, cm->cm_targ->pending_remove_tm); 2388 cm->cm_targ->pending_remove_tm = NULL; 2389 } 2390 } 2391 2392 mps_free_command(sc, cm); 2393 xpt_done(ccb); 2394 } 2395 2396 /* All Request reached here are Endian safe */ 2397 static void 2398 mpssas_direct_drive_io(struct mpssas_softc *sassc, struct mps_command *cm, 2399 union ccb *ccb) { 2400 pMpi2SCSIIORequest_t pIO_req; 2401 struct mps_softc *sc = sassc->sc; 2402 uint64_t virtLBA; 2403 uint32_t physLBA, stripe_offset, stripe_unit; 2404 uint32_t io_size, column; 2405 uint8_t *ptrLBA, lba_idx, physLBA_byte, *CDB; 2406 2407 /* 2408 * If this is a valid SCSI command (Read6, Read10, Read16, Write6, 2409 * Write10, or Write16), build a direct I/O message. Otherwise, the I/O 2410 * will be sent to the IR volume itself. Since Read6 and Write6 are a 2411 * bit different than the 10/16 CDBs, handle them separately. 2412 */ 2413 pIO_req = (pMpi2SCSIIORequest_t)cm->cm_req; 2414 CDB = pIO_req->CDB.CDB32; 2415 2416 /* 2417 * Handle 6 byte CDBs. 2418 */ 2419 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_6) || 2420 (CDB[0] == WRITE_6))) { 2421 /* 2422 * Get the transfer size in blocks. 2423 */ 2424 io_size = (cm->cm_length >> sc->DD_block_exponent); 2425 2426 /* 2427 * Get virtual LBA given in the CDB. 2428 */ 2429 virtLBA = ((uint64_t)(CDB[1] & 0x1F) << 16) | 2430 ((uint64_t)CDB[2] << 8) | (uint64_t)CDB[3]; 2431 2432 /* 2433 * Check that LBA range for I/O does not exceed volume's 2434 * MaxLBA. 2435 */ 2436 if ((virtLBA + (uint64_t)io_size - 1) <= 2437 sc->DD_max_lba) { 2438 /* 2439 * Check if the I/O crosses a stripe boundary. If not, 2440 * translate the virtual LBA to a physical LBA and set 2441 * the DevHandle for the PhysDisk to be used. If it 2442 * does cross a boundary, do normal I/O. To get the 2443 * right DevHandle to use, get the map number for the 2444 * column, then use that map number to look up the 2445 * DevHandle of the PhysDisk. 2446 */ 2447 stripe_offset = (uint32_t)virtLBA & 2448 (sc->DD_stripe_size - 1); 2449 if ((stripe_offset + io_size) <= sc->DD_stripe_size) { 2450 physLBA = (uint32_t)virtLBA >> 2451 sc->DD_stripe_exponent; 2452 stripe_unit = physLBA / sc->DD_num_phys_disks; 2453 column = physLBA % sc->DD_num_phys_disks; 2454 pIO_req->DevHandle = 2455 htole16(sc->DD_column_map[column].dev_handle); 2456 /* ???? Is this endian safe*/ 2457 cm->cm_desc.SCSIIO.DevHandle = 2458 pIO_req->DevHandle; 2459 2460 physLBA = (stripe_unit << 2461 sc->DD_stripe_exponent) + stripe_offset; 2462 ptrLBA = &pIO_req->CDB.CDB32[1]; 2463 physLBA_byte = (uint8_t)(physLBA >> 16); 2464 *ptrLBA = physLBA_byte; 2465 ptrLBA = &pIO_req->CDB.CDB32[2]; 2466 physLBA_byte = (uint8_t)(physLBA >> 8); 2467 *ptrLBA = physLBA_byte; 2468 ptrLBA = &pIO_req->CDB.CDB32[3]; 2469 physLBA_byte = (uint8_t)physLBA; 2470 *ptrLBA = physLBA_byte; 2471 2472 /* 2473 * Set flag that Direct Drive I/O is 2474 * being done. 2475 */ 2476 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2477 } 2478 } 2479 return; 2480 } 2481 2482 /* 2483 * Handle 10, 12 or 16 byte CDBs. 2484 */ 2485 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_10) || 2486 (CDB[0] == WRITE_10) || (CDB[0] == READ_16) || 2487 (CDB[0] == WRITE_16) || (CDB[0] == READ_12) || 2488 (CDB[0] == WRITE_12))) { 2489 /* 2490 * For 16-byte CDB's, verify that the upper 4 bytes of the CDB 2491 * are 0. If not, this is accessing beyond 2TB so handle it in 2492 * the else section. 10-byte and 12-byte CDB's are OK. 2493 * FreeBSD sends very rare 12 byte READ/WRITE, but driver is 2494 * ready to accept 12byte CDB for Direct IOs. 2495 */ 2496 if ((CDB[0] == READ_10 || CDB[0] == WRITE_10) || 2497 (CDB[0] == READ_12 || CDB[0] == WRITE_12) || 2498 !(CDB[2] | CDB[3] | CDB[4] | CDB[5])) { 2499 /* 2500 * Get the transfer size in blocks. 2501 */ 2502 io_size = (cm->cm_length >> sc->DD_block_exponent); 2503 2504 /* 2505 * Get virtual LBA. Point to correct lower 4 bytes of 2506 * LBA in the CDB depending on command. 2507 */ 2508 lba_idx = ((CDB[0] == READ_12) || 2509 (CDB[0] == WRITE_12) || 2510 (CDB[0] == READ_10) || 2511 (CDB[0] == WRITE_10))? 2 : 6; 2512 virtLBA = ((uint64_t)CDB[lba_idx] << 24) | 2513 ((uint64_t)CDB[lba_idx + 1] << 16) | 2514 ((uint64_t)CDB[lba_idx + 2] << 8) | 2515 (uint64_t)CDB[lba_idx + 3]; 2516 2517 /* 2518 * Check that LBA range for I/O does not exceed volume's 2519 * MaxLBA. 2520 */ 2521 if ((virtLBA + (uint64_t)io_size - 1) <= 2522 sc->DD_max_lba) { 2523 /* 2524 * Check if the I/O crosses a stripe boundary. 2525 * If not, translate the virtual LBA to a 2526 * physical LBA and set the DevHandle for the 2527 * PhysDisk to be used. If it does cross a 2528 * boundary, do normal I/O. To get the right 2529 * DevHandle to use, get the map number for the 2530 * column, then use that map number to look up 2531 * the DevHandle of the PhysDisk. 2532 */ 2533 stripe_offset = (uint32_t)virtLBA & 2534 (sc->DD_stripe_size - 1); 2535 if ((stripe_offset + io_size) <= 2536 sc->DD_stripe_size) { 2537 physLBA = (uint32_t)virtLBA >> 2538 sc->DD_stripe_exponent; 2539 stripe_unit = physLBA / 2540 sc->DD_num_phys_disks; 2541 column = physLBA % 2542 sc->DD_num_phys_disks; 2543 pIO_req->DevHandle = 2544 htole16(sc->DD_column_map[column]. 2545 dev_handle); 2546 cm->cm_desc.SCSIIO.DevHandle = 2547 pIO_req->DevHandle; 2548 2549 physLBA = (stripe_unit << 2550 sc->DD_stripe_exponent) + 2551 stripe_offset; 2552 ptrLBA = 2553 &pIO_req->CDB.CDB32[lba_idx]; 2554 physLBA_byte = (uint8_t)(physLBA >> 24); 2555 *ptrLBA = physLBA_byte; 2556 ptrLBA = 2557 &pIO_req->CDB.CDB32[lba_idx + 1]; 2558 physLBA_byte = (uint8_t)(physLBA >> 16); 2559 *ptrLBA = physLBA_byte; 2560 ptrLBA = 2561 &pIO_req->CDB.CDB32[lba_idx + 2]; 2562 physLBA_byte = (uint8_t)(physLBA >> 8); 2563 *ptrLBA = physLBA_byte; 2564 ptrLBA = 2565 &pIO_req->CDB.CDB32[lba_idx + 3]; 2566 physLBA_byte = (uint8_t)physLBA; 2567 *ptrLBA = physLBA_byte; 2568 2569 /* 2570 * Set flag that Direct Drive I/O is 2571 * being done. 2572 */ 2573 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2574 } 2575 } 2576 } else { 2577 /* 2578 * 16-byte CDB and the upper 4 bytes of the CDB are not 2579 * 0. Get the transfer size in blocks. 2580 */ 2581 io_size = (cm->cm_length >> sc->DD_block_exponent); 2582 2583 /* 2584 * Get virtual LBA. 2585 */ 2586 virtLBA = ((uint64_t)CDB[2] << 54) | 2587 ((uint64_t)CDB[3] << 48) | 2588 ((uint64_t)CDB[4] << 40) | 2589 ((uint64_t)CDB[5] << 32) | 2590 ((uint64_t)CDB[6] << 24) | 2591 ((uint64_t)CDB[7] << 16) | 2592 ((uint64_t)CDB[8] << 8) | 2593 (uint64_t)CDB[9]; 2594 2595 /* 2596 * Check that LBA range for I/O does not exceed volume's 2597 * MaxLBA. 2598 */ 2599 if ((virtLBA + (uint64_t)io_size - 1) <= 2600 sc->DD_max_lba) { 2601 /* 2602 * Check if the I/O crosses a stripe boundary. 2603 * If not, translate the virtual LBA to a 2604 * physical LBA and set the DevHandle for the 2605 * PhysDisk to be used. If it does cross a 2606 * boundary, do normal I/O. To get the right 2607 * DevHandle to use, get the map number for the 2608 * column, then use that map number to look up 2609 * the DevHandle of the PhysDisk. 2610 */ 2611 stripe_offset = (uint32_t)virtLBA & 2612 (sc->DD_stripe_size - 1); 2613 if ((stripe_offset + io_size) <= 2614 sc->DD_stripe_size) { 2615 physLBA = (uint32_t)(virtLBA >> 2616 sc->DD_stripe_exponent); 2617 stripe_unit = physLBA / 2618 sc->DD_num_phys_disks; 2619 column = physLBA % 2620 sc->DD_num_phys_disks; 2621 pIO_req->DevHandle = 2622 htole16(sc->DD_column_map[column]. 2623 dev_handle); 2624 cm->cm_desc.SCSIIO.DevHandle = 2625 pIO_req->DevHandle; 2626 2627 physLBA = (stripe_unit << 2628 sc->DD_stripe_exponent) + 2629 stripe_offset; 2630 2631 /* 2632 * Set upper 4 bytes of LBA to 0. We 2633 * assume that the phys disks are less 2634 * than 2 TB's in size. Then, set the 2635 * lower 4 bytes. 2636 */ 2637 pIO_req->CDB.CDB32[2] = 0; 2638 pIO_req->CDB.CDB32[3] = 0; 2639 pIO_req->CDB.CDB32[4] = 0; 2640 pIO_req->CDB.CDB32[5] = 0; 2641 ptrLBA = &pIO_req->CDB.CDB32[6]; 2642 physLBA_byte = (uint8_t)(physLBA >> 24); 2643 *ptrLBA = physLBA_byte; 2644 ptrLBA = &pIO_req->CDB.CDB32[7]; 2645 physLBA_byte = (uint8_t)(physLBA >> 16); 2646 *ptrLBA = physLBA_byte; 2647 ptrLBA = &pIO_req->CDB.CDB32[8]; 2648 physLBA_byte = (uint8_t)(physLBA >> 8); 2649 *ptrLBA = physLBA_byte; 2650 ptrLBA = &pIO_req->CDB.CDB32[9]; 2651 physLBA_byte = (uint8_t)physLBA; 2652 *ptrLBA = physLBA_byte; 2653 2654 /* 2655 * Set flag that Direct Drive I/O is 2656 * being done. 2657 */ 2658 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2659 } 2660 } 2661 } 2662 } 2663 } 2664 2665 static void 2666 mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm) 2667 { 2668 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2669 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2670 uint64_t sasaddr; 2671 union ccb *ccb; 2672 2673 ccb = cm->cm_complete_data; 2674 2675 /* 2676 * Currently there should be no way we can hit this case. It only 2677 * happens when we have a failure to allocate chain frames, and SMP 2678 * commands require two S/G elements only. That should be handled 2679 * in the standard request size. 2680 */ 2681 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 2682 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x on SMP request!\n", 2683 __func__, cm->cm_flags); 2684 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2685 goto bailout; 2686 } 2687 2688 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2689 if (rpl == NULL) { 2690 mps_dprint(sc, MPS_ERROR, "%s: NULL cm_reply!\n", __func__); 2691 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2692 goto bailout; 2693 } 2694 2695 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2696 sasaddr = le32toh(req->SASAddress.Low); 2697 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2698 2699 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2700 MPI2_IOCSTATUS_SUCCESS || 2701 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2702 mps_dprint(sc, MPS_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2703 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2704 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2705 goto bailout; 2706 } 2707 2708 mps_dprint(sc, MPS_XINFO, "%s: SMP request to SAS address " 2709 "%#jx completed successfully\n", __func__, 2710 (uintmax_t)sasaddr); 2711 2712 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2713 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2714 else 2715 mpssas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2716 2717 bailout: 2718 /* 2719 * We sync in both directions because we had DMAs in the S/G list 2720 * in both directions. 2721 */ 2722 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2723 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2724 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2725 mps_free_command(sc, cm); 2726 xpt_done(ccb); 2727 } 2728 2729 static void 2730 mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2731 { 2732 struct mps_command *cm; 2733 uint8_t *request, *response; 2734 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2735 struct mps_softc *sc; 2736 int error; 2737 2738 sc = sassc->sc; 2739 error = 0; 2740 2741 /* 2742 * XXX We don't yet support physical addresses here. 2743 */ 2744 switch ((ccb->ccb_h.flags & CAM_DATA_MASK)) { 2745 case CAM_DATA_PADDR: 2746 case CAM_DATA_SG_PADDR: 2747 mps_dprint(sc, MPS_ERROR, 2748 "%s: physical addresses not supported\n", __func__); 2749 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2750 xpt_done(ccb); 2751 return; 2752 case CAM_DATA_SG: 2753 /* 2754 * The chip does not support more than one buffer for the 2755 * request or response. 2756 */ 2757 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2758 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2759 mps_dprint(sc, MPS_ERROR, 2760 "%s: multiple request or response " 2761 "buffer segments not supported for SMP\n", 2762 __func__); 2763 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2764 xpt_done(ccb); 2765 return; 2766 } 2767 2768 /* 2769 * The CAM_SCATTER_VALID flag was originally implemented 2770 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2771 * We have two. So, just take that flag to mean that we 2772 * might have S/G lists, and look at the S/G segment count 2773 * to figure out whether that is the case for each individual 2774 * buffer. 2775 */ 2776 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2777 bus_dma_segment_t *req_sg; 2778 2779 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2780 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2781 } else 2782 request = ccb->smpio.smp_request; 2783 2784 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2785 bus_dma_segment_t *rsp_sg; 2786 2787 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2788 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2789 } else 2790 response = ccb->smpio.smp_response; 2791 break; 2792 case CAM_DATA_VADDR: 2793 request = ccb->smpio.smp_request; 2794 response = ccb->smpio.smp_response; 2795 break; 2796 default: 2797 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2798 xpt_done(ccb); 2799 return; 2800 } 2801 2802 cm = mps_alloc_command(sc); 2803 if (cm == NULL) { 2804 mps_dprint(sc, MPS_ERROR, 2805 "%s: cannot allocate command\n", __func__); 2806 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2807 xpt_done(ccb); 2808 return; 2809 } 2810 2811 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2812 bzero(req, sizeof(*req)); 2813 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 2814 2815 /* Allow the chip to use any route to this SAS address. */ 2816 req->PhysicalPort = 0xff; 2817 2818 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 2819 req->SGLFlags = 2820 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 2821 2822 mps_dprint(sc, MPS_XINFO, "%s: sending SMP request to SAS " 2823 "address %#jx\n", __func__, (uintmax_t)sasaddr); 2824 2825 mpi_init_sge(cm, req, &req->SGL); 2826 2827 /* 2828 * Set up a uio to pass into mps_map_command(). This allows us to 2829 * do one map command, and one busdma call in there. 2830 */ 2831 cm->cm_uio.uio_iov = cm->cm_iovec; 2832 cm->cm_uio.uio_iovcnt = 2; 2833 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 2834 2835 /* 2836 * The read/write flag isn't used by busdma, but set it just in 2837 * case. This isn't exactly accurate, either, since we're going in 2838 * both directions. 2839 */ 2840 cm->cm_uio.uio_rw = UIO_WRITE; 2841 2842 cm->cm_iovec[0].iov_base = request; 2843 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 2844 cm->cm_iovec[1].iov_base = response; 2845 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 2846 2847 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 2848 cm->cm_iovec[1].iov_len; 2849 2850 /* 2851 * Trigger a warning message in mps_data_cb() for the user if we 2852 * wind up exceeding two S/G segments. The chip expects one 2853 * segment for the request and another for the response. 2854 */ 2855 cm->cm_max_segs = 2; 2856 2857 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 2858 cm->cm_complete = mpssas_smpio_complete; 2859 cm->cm_complete_data = ccb; 2860 2861 /* 2862 * Tell the mapping code that we're using a uio, and that this is 2863 * an SMP passthrough request. There is a little special-case 2864 * logic there (in mps_data_cb()) to handle the bidirectional 2865 * transfer. 2866 */ 2867 cm->cm_flags |= MPS_CM_FLAGS_USE_UIO | MPS_CM_FLAGS_SMP_PASS | 2868 MPS_CM_FLAGS_DATAIN | MPS_CM_FLAGS_DATAOUT; 2869 2870 /* The chip data format is little endian. */ 2871 req->SASAddress.High = htole32(sasaddr >> 32); 2872 req->SASAddress.Low = htole32(sasaddr); 2873 2874 /* 2875 * XXX Note that we don't have a timeout/abort mechanism here. 2876 * From the manual, it looks like task management requests only 2877 * work for SCSI IO and SATA passthrough requests. We may need to 2878 * have a mechanism to retry requests in the event of a chip reset 2879 * at least. Hopefully the chip will insure that any errors short 2880 * of that are relayed back to the driver. 2881 */ 2882 error = mps_map_command(sc, cm); 2883 if ((error != 0) && (error != EINPROGRESS)) { 2884 mps_dprint(sc, MPS_ERROR, 2885 "%s: error %d returned from mps_map_command()\n", 2886 __func__, error); 2887 goto bailout_error; 2888 } 2889 2890 return; 2891 2892 bailout_error: 2893 mps_free_command(sc, cm); 2894 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2895 xpt_done(ccb); 2896 return; 2897 2898 } 2899 2900 static void 2901 mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb) 2902 { 2903 struct mps_softc *sc; 2904 struct mpssas_target *targ; 2905 uint64_t sasaddr = 0; 2906 2907 sc = sassc->sc; 2908 2909 /* 2910 * Make sure the target exists. 2911 */ 2912 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 2913 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 2914 targ = &sassc->targets[ccb->ccb_h.target_id]; 2915 if (targ->handle == 0x0) { 2916 mps_dprint(sc, MPS_ERROR, 2917 "%s: target %d does not exist!\n", __func__, 2918 ccb->ccb_h.target_id); 2919 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 2920 xpt_done(ccb); 2921 return; 2922 } 2923 2924 /* 2925 * If this device has an embedded SMP target, we'll talk to it 2926 * directly. 2927 * figure out what the expander's address is. 2928 */ 2929 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 2930 sasaddr = targ->sasaddr; 2931 2932 /* 2933 * If we don't have a SAS address for the expander yet, try 2934 * grabbing it from the page 0x83 information cached in the 2935 * transport layer for this target. LSI expanders report the 2936 * expander SAS address as the port-associated SAS address in 2937 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 2938 * 0x83. 2939 * 2940 * XXX KDM disable this for now, but leave it commented out so that 2941 * it is obvious that this is another possible way to get the SAS 2942 * address. 2943 * 2944 * The parent handle method below is a little more reliable, and 2945 * the other benefit is that it works for devices other than SES 2946 * devices. So you can send a SMP request to a da(4) device and it 2947 * will get routed to the expander that device is attached to. 2948 * (Assuming the da(4) device doesn't contain an SMP target...) 2949 */ 2950 #if 0 2951 if (sasaddr == 0) 2952 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 2953 #endif 2954 2955 /* 2956 * If we still don't have a SAS address for the expander, look for 2957 * the parent device of this device, which is probably the expander. 2958 */ 2959 if (sasaddr == 0) { 2960 #ifdef OLD_MPS_PROBE 2961 struct mpssas_target *parent_target; 2962 #endif 2963 2964 if (targ->parent_handle == 0x0) { 2965 mps_dprint(sc, MPS_ERROR, 2966 "%s: handle %d does not have a valid " 2967 "parent handle!\n", __func__, targ->handle); 2968 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2969 goto bailout; 2970 } 2971 #ifdef OLD_MPS_PROBE 2972 parent_target = mpssas_find_target_by_handle(sassc, 0, 2973 targ->parent_handle); 2974 2975 if (parent_target == NULL) { 2976 mps_dprint(sc, MPS_ERROR, 2977 "%s: handle %d does not have a valid " 2978 "parent target!\n", __func__, targ->handle); 2979 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2980 goto bailout; 2981 } 2982 2983 if ((parent_target->devinfo & 2984 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 2985 mps_dprint(sc, MPS_ERROR, 2986 "%s: handle %d parent %d does not " 2987 "have an SMP target!\n", __func__, 2988 targ->handle, parent_target->handle); 2989 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2990 goto bailout; 2991 } 2992 2993 sasaddr = parent_target->sasaddr; 2994 #else /* OLD_MPS_PROBE */ 2995 if ((targ->parent_devinfo & 2996 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 2997 mps_dprint(sc, MPS_ERROR, 2998 "%s: handle %d parent %d does not " 2999 "have an SMP target!\n", __func__, 3000 targ->handle, targ->parent_handle); 3001 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3002 goto bailout; 3003 } 3004 if (targ->parent_sasaddr == 0x0) { 3005 mps_dprint(sc, MPS_ERROR, 3006 "%s: handle %d parent handle %d does " 3007 "not have a valid SAS address!\n", 3008 __func__, targ->handle, targ->parent_handle); 3009 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3010 goto bailout; 3011 } 3012 3013 sasaddr = targ->parent_sasaddr; 3014 #endif /* OLD_MPS_PROBE */ 3015 } 3016 3017 if (sasaddr == 0) { 3018 mps_dprint(sc, MPS_INFO, 3019 "%s: unable to find SAS address for handle %d\n", 3020 __func__, targ->handle); 3021 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3022 goto bailout; 3023 } 3024 mpssas_send_smpcmd(sassc, ccb, sasaddr); 3025 3026 return; 3027 3028 bailout: 3029 xpt_done(ccb); 3030 3031 } 3032 3033 static void 3034 mpssas_action_resetdev(struct mpssas_softc *sassc, union ccb *ccb) 3035 { 3036 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3037 struct mps_softc *sc; 3038 struct mps_command *tm; 3039 struct mpssas_target *targ; 3040 3041 MPS_FUNCTRACE(sassc->sc); 3042 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED); 3043 3044 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3045 ("Target %d out of bounds in XPT_RESET_DEV\n", 3046 ccb->ccb_h.target_id)); 3047 sc = sassc->sc; 3048 tm = mpssas_alloc_tm(sc); 3049 if (tm == NULL) { 3050 mps_dprint(sc, MPS_ERROR, 3051 "command alloc failure in mpssas_action_resetdev\n"); 3052 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3053 xpt_done(ccb); 3054 return; 3055 } 3056 3057 targ = &sassc->targets[ccb->ccb_h.target_id]; 3058 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3059 req->DevHandle = htole16(targ->handle); 3060 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3061 3062 /* SAS Hard Link Reset / SATA Link Reset */ 3063 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3064 3065 tm->cm_data = NULL; 3066 tm->cm_complete = mpssas_resetdev_complete; 3067 tm->cm_complete_data = ccb; 3068 tm->cm_targ = targ; 3069 3070 mpssas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3071 mps_map_command(sc, tm); 3072 } 3073 3074 static void 3075 mpssas_resetdev_complete(struct mps_softc *sc, struct mps_command *tm) 3076 { 3077 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3078 union ccb *ccb; 3079 3080 MPS_FUNCTRACE(sc); 3081 mtx_assert(&sc->mps_mtx, MA_OWNED); 3082 3083 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3084 ccb = tm->cm_complete_data; 3085 3086 /* 3087 * Currently there should be no way we can hit this case. It only 3088 * happens when we have a failure to allocate chain frames, and 3089 * task management commands don't have S/G lists. 3090 */ 3091 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 3092 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3093 3094 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3095 3096 mps_dprint(sc, MPS_ERROR, 3097 "%s: cm_flags = %#x for reset of handle %#04x! " 3098 "This should not happen!\n", __func__, tm->cm_flags, 3099 req->DevHandle); 3100 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3101 goto bailout; 3102 } 3103 3104 mps_dprint(sc, MPS_XINFO, 3105 "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", __func__, 3106 le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3107 3108 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3109 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 3110 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3111 CAM_LUN_WILDCARD); 3112 } 3113 else 3114 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3115 3116 bailout: 3117 3118 mpssas_free_tm(sc, tm); 3119 xpt_done(ccb); 3120 } 3121 3122 static void 3123 mpssas_poll(struct cam_sim *sim) 3124 { 3125 struct mpssas_softc *sassc; 3126 3127 sassc = cam_sim_softc(sim); 3128 3129 if (sassc->sc->mps_debug & MPS_TRACE) { 3130 /* frequent debug messages during a panic just slow 3131 * everything down too much. 3132 */ 3133 mps_printf(sassc->sc, "%s clearing MPS_TRACE\n", __func__); 3134 sassc->sc->mps_debug &= ~MPS_TRACE; 3135 } 3136 3137 mps_intr_locked(sassc->sc); 3138 } 3139 3140 static void 3141 mpssas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3142 void *arg) 3143 { 3144 struct mps_softc *sc; 3145 3146 sc = (struct mps_softc *)callback_arg; 3147 3148 mps_lock(sc); 3149 switch (code) { 3150 case AC_ADVINFO_CHANGED: { 3151 struct mpssas_target *target; 3152 struct mpssas_softc *sassc; 3153 struct scsi_read_capacity_data_long rcap_buf; 3154 struct ccb_dev_advinfo cdai; 3155 struct mpssas_lun *lun; 3156 lun_id_t lunid; 3157 int found_lun; 3158 uintptr_t buftype; 3159 3160 buftype = (uintptr_t)arg; 3161 3162 found_lun = 0; 3163 sassc = sc->sassc; 3164 3165 /* 3166 * We're only interested in read capacity data changes. 3167 */ 3168 if (buftype != CDAI_TYPE_RCAPLONG) 3169 break; 3170 3171 /* 3172 * We should have a handle for this, but check to make sure. 3173 */ 3174 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3175 ("Target %d out of bounds in mpssas_async\n", 3176 xpt_path_target_id(path))); 3177 target = &sassc->targets[xpt_path_target_id(path)]; 3178 if (target->handle == 0) 3179 break; 3180 3181 lunid = xpt_path_lun_id(path); 3182 3183 SLIST_FOREACH(lun, &target->luns, lun_link) { 3184 if (lun->lun_id == lunid) { 3185 found_lun = 1; 3186 break; 3187 } 3188 } 3189 3190 if (found_lun == 0) { 3191 lun = malloc(sizeof(struct mpssas_lun), M_MPT2, 3192 M_NOWAIT | M_ZERO); 3193 if (lun == NULL) { 3194 mps_dprint(sc, MPS_ERROR, "Unable to alloc " 3195 "LUN for EEDP support.\n"); 3196 break; 3197 } 3198 lun->lun_id = lunid; 3199 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3200 } 3201 3202 bzero(&rcap_buf, sizeof(rcap_buf)); 3203 bzero(&cdai, sizeof(cdai)); 3204 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3205 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3206 cdai.ccb_h.flags = CAM_DIR_IN; 3207 cdai.buftype = CDAI_TYPE_RCAPLONG; 3208 cdai.flags = CDAI_FLAG_NONE; 3209 cdai.bufsiz = sizeof(rcap_buf); 3210 cdai.buf = (uint8_t *)&rcap_buf; 3211 xpt_action((union ccb *)&cdai); 3212 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3213 cam_release_devq(cdai.ccb_h.path, 3214 0, 0, 0, FALSE); 3215 3216 if ((mpssas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3217 && (rcap_buf.prot & SRC16_PROT_EN)) { 3218 switch (rcap_buf.prot & SRC16_P_TYPE) { 3219 case SRC16_PTYPE_1: 3220 case SRC16_PTYPE_3: 3221 lun->eedp_formatted = TRUE; 3222 lun->eedp_block_size = 3223 scsi_4btoul(rcap_buf.length); 3224 break; 3225 case SRC16_PTYPE_2: 3226 default: 3227 lun->eedp_formatted = FALSE; 3228 lun->eedp_block_size = 0; 3229 break; 3230 } 3231 } else { 3232 lun->eedp_formatted = FALSE; 3233 lun->eedp_block_size = 0; 3234 } 3235 break; 3236 } 3237 default: 3238 break; 3239 } 3240 mps_unlock(sc); 3241 } 3242 3243 /* 3244 * Freeze the devq and set the INRESET flag so that no I/O will be sent to 3245 * the target until the reset has completed. The CCB holds the path which 3246 * is used to release the devq. The devq is released and the CCB is freed 3247 * when the TM completes. 3248 * We only need to do this when we're entering reset, not at each time we 3249 * need to send an abort (which will happen if multiple commands timeout 3250 * while we're sending the abort). We do not release the queue for each 3251 * command we complete (just at the end when we free the tm), so freezing 3252 * it each time doesn't make sense. 3253 */ 3254 void 3255 mpssas_prepare_for_tm(struct mps_softc *sc, struct mps_command *tm, 3256 struct mpssas_target *target, lun_id_t lun_id) 3257 { 3258 union ccb *ccb; 3259 path_id_t path_id; 3260 3261 ccb = xpt_alloc_ccb_nowait(); 3262 if (ccb) { 3263 path_id = cam_sim_path(sc->sassc->sim); 3264 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3265 target->tid, lun_id) != CAM_REQ_CMP) { 3266 xpt_free_ccb(ccb); 3267 } else { 3268 tm->cm_ccb = ccb; 3269 tm->cm_targ = target; 3270 if ((target->flags & MPSSAS_TARGET_INRESET) == 0) { 3271 mps_dprint(sc, MPS_XINFO | MPS_RECOVERY, 3272 "%s: Freezing devq for target ID %d\n", 3273 __func__, target->tid); 3274 xpt_freeze_devq(ccb->ccb_h.path, 1); 3275 target->flags |= MPSSAS_TARGET_INRESET; 3276 } 3277 } 3278 } 3279 } 3280 3281 int 3282 mpssas_startup(struct mps_softc *sc) 3283 { 3284 3285 /* 3286 * Send the port enable message and set the wait_for_port_enable flag. 3287 * This flag helps to keep the simq frozen until all discovery events 3288 * are processed. 3289 */ 3290 sc->wait_for_port_enable = 1; 3291 mpssas_send_portenable(sc); 3292 return (0); 3293 } 3294 3295 static int 3296 mpssas_send_portenable(struct mps_softc *sc) 3297 { 3298 MPI2_PORT_ENABLE_REQUEST *request; 3299 struct mps_command *cm; 3300 3301 MPS_FUNCTRACE(sc); 3302 3303 if ((cm = mps_alloc_command(sc)) == NULL) 3304 return (EBUSY); 3305 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3306 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3307 request->MsgFlags = 0; 3308 request->VP_ID = 0; 3309 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3310 cm->cm_complete = mpssas_portenable_complete; 3311 cm->cm_data = NULL; 3312 cm->cm_sge = NULL; 3313 3314 mps_map_command(sc, cm); 3315 mps_dprint(sc, MPS_XINFO, 3316 "mps_send_portenable finished cm %p req %p complete %p\n", 3317 cm, cm->cm_req, cm->cm_complete); 3318 return (0); 3319 } 3320 3321 static void 3322 mpssas_portenable_complete(struct mps_softc *sc, struct mps_command *cm) 3323 { 3324 MPI2_PORT_ENABLE_REPLY *reply; 3325 struct mpssas_softc *sassc; 3326 3327 MPS_FUNCTRACE(sc); 3328 sassc = sc->sassc; 3329 3330 /* 3331 * Currently there should be no way we can hit this case. It only 3332 * happens when we have a failure to allocate chain frames, and 3333 * port enable commands don't have S/G lists. 3334 */ 3335 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 3336 mps_dprint(sc, MPS_ERROR, "%s: cm_flags = %#x for port enable! " 3337 "This should not happen!\n", __func__, cm->cm_flags); 3338 } 3339 3340 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3341 if (reply == NULL) 3342 mps_dprint(sc, MPS_FAULT, "Portenable NULL reply\n"); 3343 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) != 3344 MPI2_IOCSTATUS_SUCCESS) 3345 mps_dprint(sc, MPS_FAULT, "Portenable failed\n"); 3346 3347 mps_free_command(sc, cm); 3348 3349 /* 3350 * Get WarpDrive info after discovery is complete but before the scan 3351 * starts. At this point, all devices are ready to be exposed to the 3352 * OS. If devices should be hidden instead, take them out of the 3353 * 'targets' array before the scan. The devinfo for a disk will have 3354 * some info and a volume's will be 0. Use that to remove disks. 3355 */ 3356 mps_wd_config_pages(sc); 3357 3358 /* 3359 * Done waiting for port enable to complete. Decrement the refcount. 3360 * If refcount is 0, discovery is complete and a rescan of the bus can 3361 * take place. Since the simq was explicitly frozen before port 3362 * enable, it must be explicitly released here to keep the 3363 * freeze/release count in sync. 3364 */ 3365 sc->wait_for_port_enable = 0; 3366 sc->port_enable_complete = 1; 3367 wakeup(&sc->port_enable_complete); 3368 mpssas_startup_decrement(sassc); 3369 } 3370 3371 int 3372 mpssas_check_id(struct mpssas_softc *sassc, int id) 3373 { 3374 struct mps_softc *sc = sassc->sc; 3375 char *ids; 3376 char *name; 3377 3378 ids = &sc->exclude_ids[0]; 3379 while((name = strsep(&ids, ",")) != NULL) { 3380 if (name[0] == '\0') 3381 continue; 3382 if (strtol(name, NULL, 0) == (long)id) 3383 return (1); 3384 } 3385 3386 return (0); 3387 } 3388 3389 void 3390 mpssas_realloc_targets(struct mps_softc *sc, int maxtargets) 3391 { 3392 struct mpssas_softc *sassc; 3393 struct mpssas_lun *lun, *lun_tmp; 3394 struct mpssas_target *targ; 3395 int i; 3396 3397 sassc = sc->sassc; 3398 /* 3399 * The number of targets is based on IOC Facts, so free all of 3400 * the allocated LUNs for each target and then the target buffer 3401 * itself. 3402 */ 3403 for (i=0; i< maxtargets; i++) { 3404 targ = &sassc->targets[i]; 3405 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3406 free(lun, M_MPT2); 3407 } 3408 } 3409 free(sassc->targets, M_MPT2); 3410 3411 sassc->targets = malloc(sizeof(struct mpssas_target) * maxtargets, 3412 M_MPT2, M_WAITOK|M_ZERO); 3413 } 3414