1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2009 Yahoo! Inc. 5 * Copyright (c) 2011-2015 LSI Corp. 6 * Copyright (c) 2013-2015 Avago Technologies 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD 31 * 32 * $FreeBSD$ 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 /* Communications core for Avago Technologies (LSI) MPT2 */ 39 40 /* TODO Move headers to mpsvar */ 41 #include <sys/types.h> 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/kernel.h> 45 #include <sys/selinfo.h> 46 #include <sys/module.h> 47 #include <sys/bus.h> 48 #include <sys/conf.h> 49 #include <sys/bio.h> 50 #include <sys/malloc.h> 51 #include <sys/uio.h> 52 #include <sys/sysctl.h> 53 #include <sys/endian.h> 54 #include <sys/queue.h> 55 #include <sys/kthread.h> 56 #include <sys/taskqueue.h> 57 #include <sys/sbuf.h> 58 59 #include <machine/bus.h> 60 #include <machine/resource.h> 61 #include <sys/rman.h> 62 63 #include <machine/stdarg.h> 64 65 #include <cam/cam.h> 66 #include <cam/cam_ccb.h> 67 #include <cam/cam_xpt.h> 68 #include <cam/cam_debug.h> 69 #include <cam/cam_sim.h> 70 #include <cam/cam_xpt_sim.h> 71 #include <cam/cam_xpt_periph.h> 72 #include <cam/cam_periph.h> 73 #include <cam/scsi/scsi_all.h> 74 #include <cam/scsi/scsi_message.h> 75 #include <cam/scsi/smp_all.h> 76 77 #include <dev/mps/mpi/mpi2_type.h> 78 #include <dev/mps/mpi/mpi2.h> 79 #include <dev/mps/mpi/mpi2_ioc.h> 80 #include <dev/mps/mpi/mpi2_sas.h> 81 #include <dev/mps/mpi/mpi2_cnfg.h> 82 #include <dev/mps/mpi/mpi2_init.h> 83 #include <dev/mps/mpi/mpi2_tool.h> 84 #include <dev/mps/mps_ioctl.h> 85 #include <dev/mps/mpsvar.h> 86 #include <dev/mps/mps_table.h> 87 #include <dev/mps/mps_sas.h> 88 89 #define MPSSAS_DISCOVERY_TIMEOUT 20 90 #define MPSSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 91 92 /* 93 * static array to check SCSI OpCode for EEDP protection bits 94 */ 95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 98 static uint8_t op_code_prot[256] = { 99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 115 }; 116 117 MALLOC_DEFINE(M_MPSSAS, "MPSSAS", "MPS SAS memory"); 118 119 static void mpssas_remove_device(struct mps_softc *, struct mps_command *); 120 static void mpssas_remove_complete(struct mps_softc *, struct mps_command *); 121 static void mpssas_action(struct cam_sim *sim, union ccb *ccb); 122 static void mpssas_poll(struct cam_sim *sim); 123 static int mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, 124 struct mps_command *cm); 125 static void mpssas_scsiio_timeout(void *data); 126 static void mpssas_abort_complete(struct mps_softc *sc, struct mps_command *cm); 127 static void mpssas_direct_drive_io(struct mpssas_softc *sassc, 128 struct mps_command *cm, union ccb *ccb); 129 static void mpssas_action_scsiio(struct mpssas_softc *, union ccb *); 130 static void mpssas_scsiio_complete(struct mps_softc *, struct mps_command *); 131 static void mpssas_action_resetdev(struct mpssas_softc *, union ccb *); 132 static void mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm); 133 static void mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, 134 uint64_t sasaddr); 135 static void mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb); 136 static void mpssas_resetdev_complete(struct mps_softc *, struct mps_command *); 137 static void mpssas_async(void *callback_arg, uint32_t code, 138 struct cam_path *path, void *arg); 139 static int mpssas_send_portenable(struct mps_softc *sc); 140 static void mpssas_portenable_complete(struct mps_softc *sc, 141 struct mps_command *cm); 142 143 struct mpssas_target * 144 mpssas_find_target_by_handle(struct mpssas_softc *sassc, int start, uint16_t handle) 145 { 146 struct mpssas_target *target; 147 int i; 148 149 for (i = start; i < sassc->maxtargets; i++) { 150 target = &sassc->targets[i]; 151 if (target->handle == handle) 152 return (target); 153 } 154 155 return (NULL); 156 } 157 158 /* we need to freeze the simq during attach and diag reset, to avoid failing 159 * commands before device handles have been found by discovery. Since 160 * discovery involves reading config pages and possibly sending commands, 161 * discovery actions may continue even after we receive the end of discovery 162 * event, so refcount discovery actions instead of assuming we can unfreeze 163 * the simq when we get the event. 164 */ 165 void 166 mpssas_startup_increment(struct mpssas_softc *sassc) 167 { 168 MPS_FUNCTRACE(sassc->sc); 169 170 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) { 171 if (sassc->startup_refcount++ == 0) { 172 /* just starting, freeze the simq */ 173 mps_dprint(sassc->sc, MPS_INIT, 174 "%s freezing simq\n", __func__); 175 xpt_hold_boot(); 176 xpt_freeze_simq(sassc->sim, 1); 177 } 178 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__, 179 sassc->startup_refcount); 180 } 181 } 182 183 void 184 mpssas_release_simq_reinit(struct mpssas_softc *sassc) 185 { 186 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 187 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 188 xpt_release_simq(sassc->sim, 1); 189 mps_dprint(sassc->sc, MPS_INFO, "Unfreezing SIM queue\n"); 190 } 191 } 192 193 void 194 mpssas_startup_decrement(struct mpssas_softc *sassc) 195 { 196 MPS_FUNCTRACE(sassc->sc); 197 198 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) { 199 if (--sassc->startup_refcount == 0) { 200 /* finished all discovery-related actions, release 201 * the simq and rescan for the latest topology. 202 */ 203 mps_dprint(sassc->sc, MPS_INIT, 204 "%s releasing simq\n", __func__); 205 sassc->flags &= ~MPSSAS_IN_STARTUP; 206 xpt_release_simq(sassc->sim, 1); 207 xpt_release_boot(); 208 } 209 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__, 210 sassc->startup_refcount); 211 } 212 } 213 214 /* 215 * The firmware requires us to stop sending commands when we're doing task 216 * management. 217 * XXX The logic for serializing the device has been made lazy and moved to 218 * mpssas_prepare_for_tm(). 219 */ 220 struct mps_command * 221 mpssas_alloc_tm(struct mps_softc *sc) 222 { 223 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 224 struct mps_command *tm; 225 226 tm = mps_alloc_high_priority_command(sc); 227 if (tm == NULL) 228 return (NULL); 229 230 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 231 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 232 return tm; 233 } 234 235 void 236 mpssas_free_tm(struct mps_softc *sc, struct mps_command *tm) 237 { 238 int target_id = 0xFFFFFFFF; 239 240 if (tm == NULL) 241 return; 242 243 /* 244 * For TM's the devq is frozen for the device. Unfreeze it here and 245 * free the resources used for freezing the devq. Must clear the 246 * INRESET flag as well or scsi I/O will not work. 247 */ 248 if (tm->cm_targ != NULL) { 249 tm->cm_targ->flags &= ~MPSSAS_TARGET_INRESET; 250 target_id = tm->cm_targ->tid; 251 } 252 if (tm->cm_ccb) { 253 mps_dprint(sc, MPS_INFO, "Unfreezing devq for target ID %d\n", 254 target_id); 255 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 256 xpt_free_path(tm->cm_ccb->ccb_h.path); 257 xpt_free_ccb(tm->cm_ccb); 258 } 259 260 mps_free_high_priority_command(sc, tm); 261 } 262 263 void 264 mpssas_rescan_target(struct mps_softc *sc, struct mpssas_target *targ) 265 { 266 struct mpssas_softc *sassc = sc->sassc; 267 path_id_t pathid; 268 target_id_t targetid; 269 union ccb *ccb; 270 271 MPS_FUNCTRACE(sc); 272 pathid = cam_sim_path(sassc->sim); 273 if (targ == NULL) 274 targetid = CAM_TARGET_WILDCARD; 275 else 276 targetid = targ - sassc->targets; 277 278 /* 279 * Allocate a CCB and schedule a rescan. 280 */ 281 ccb = xpt_alloc_ccb_nowait(); 282 if (ccb == NULL) { 283 mps_dprint(sc, MPS_ERROR, "unable to alloc CCB for rescan\n"); 284 return; 285 } 286 287 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, 288 targetid, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 289 mps_dprint(sc, MPS_ERROR, "unable to create path for rescan\n"); 290 xpt_free_ccb(ccb); 291 return; 292 } 293 294 if (targetid == CAM_TARGET_WILDCARD) 295 ccb->ccb_h.func_code = XPT_SCAN_BUS; 296 else 297 ccb->ccb_h.func_code = XPT_SCAN_TGT; 298 299 mps_dprint(sc, MPS_TRACE, "%s targetid %u\n", __func__, targetid); 300 xpt_rescan(ccb); 301 } 302 303 static void 304 mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...) 305 { 306 struct sbuf sb; 307 va_list ap; 308 char str[224]; 309 char path_str[64]; 310 311 if (cm == NULL) 312 return; 313 314 /* No need to be in here if debugging isn't enabled */ 315 if ((cm->cm_sc->mps_debug & level) == 0) 316 return; 317 318 sbuf_new(&sb, str, sizeof(str), 0); 319 320 va_start(ap, fmt); 321 322 if (cm->cm_ccb != NULL) { 323 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str, 324 sizeof(path_str)); 325 sbuf_cat(&sb, path_str); 326 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 327 scsi_command_string(&cm->cm_ccb->csio, &sb); 328 sbuf_printf(&sb, "length %d ", 329 cm->cm_ccb->csio.dxfer_len); 330 } 331 } 332 else { 333 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 334 cam_sim_name(cm->cm_sc->sassc->sim), 335 cam_sim_unit(cm->cm_sc->sassc->sim), 336 cam_sim_bus(cm->cm_sc->sassc->sim), 337 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 338 cm->cm_lun); 339 } 340 341 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 342 sbuf_vprintf(&sb, fmt, ap); 343 sbuf_finish(&sb); 344 mps_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 345 346 va_end(ap); 347 } 348 349 350 static void 351 mpssas_remove_volume(struct mps_softc *sc, struct mps_command *tm) 352 { 353 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 354 struct mpssas_target *targ; 355 uint16_t handle; 356 357 MPS_FUNCTRACE(sc); 358 359 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 360 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 361 targ = tm->cm_targ; 362 363 if (reply == NULL) { 364 /* XXX retry the remove after the diag reset completes? */ 365 mps_dprint(sc, MPS_FAULT, 366 "%s NULL reply resetting device 0x%04x\n", __func__, 367 handle); 368 mpssas_free_tm(sc, tm); 369 return; 370 } 371 372 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 373 MPI2_IOCSTATUS_SUCCESS) { 374 mps_dprint(sc, MPS_ERROR, 375 "IOCStatus = 0x%x while resetting device 0x%x\n", 376 le16toh(reply->IOCStatus), handle); 377 } 378 379 mps_dprint(sc, MPS_XINFO, 380 "Reset aborted %u commands\n", reply->TerminationCount); 381 mps_free_reply(sc, tm->cm_reply_data); 382 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 383 384 mps_dprint(sc, MPS_XINFO, 385 "clearing target %u handle 0x%04x\n", targ->tid, handle); 386 387 /* 388 * Don't clear target if remove fails because things will get confusing. 389 * Leave the devname and sasaddr intact so that we know to avoid reusing 390 * this target id if possible, and so we can assign the same target id 391 * to this device if it comes back in the future. 392 */ 393 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 394 MPI2_IOCSTATUS_SUCCESS) { 395 targ = tm->cm_targ; 396 targ->handle = 0x0; 397 targ->encl_handle = 0x0; 398 targ->encl_slot = 0x0; 399 targ->exp_dev_handle = 0x0; 400 targ->phy_num = 0x0; 401 targ->linkrate = 0x0; 402 targ->devinfo = 0x0; 403 targ->flags = 0x0; 404 } 405 406 mpssas_free_tm(sc, tm); 407 } 408 409 410 /* 411 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 412 * Otherwise Volume Delete is same as Bare Drive Removal. 413 */ 414 void 415 mpssas_prepare_volume_remove(struct mpssas_softc *sassc, uint16_t handle) 416 { 417 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 418 struct mps_softc *sc; 419 struct mps_command *tm; 420 struct mpssas_target *targ = NULL; 421 422 MPS_FUNCTRACE(sassc->sc); 423 sc = sassc->sc; 424 425 #ifdef WD_SUPPORT 426 /* 427 * If this is a WD controller, determine if the disk should be exposed 428 * to the OS or not. If disk should be exposed, return from this 429 * function without doing anything. 430 */ 431 if (sc->WD_available && (sc->WD_hide_expose == 432 MPS_WD_EXPOSE_ALWAYS)) { 433 return; 434 } 435 #endif //WD_SUPPORT 436 437 targ = mpssas_find_target_by_handle(sassc, 0, handle); 438 if (targ == NULL) { 439 /* FIXME: what is the action? */ 440 /* We don't know about this device? */ 441 mps_dprint(sc, MPS_ERROR, 442 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 443 return; 444 } 445 446 targ->flags |= MPSSAS_TARGET_INREMOVAL; 447 448 tm = mpssas_alloc_tm(sc); 449 if (tm == NULL) { 450 mps_dprint(sc, MPS_ERROR, 451 "%s: command alloc failure\n", __func__); 452 return; 453 } 454 455 mpssas_rescan_target(sc, targ); 456 457 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 458 req->DevHandle = targ->handle; 459 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 460 461 /* SAS Hard Link Reset / SATA Link Reset */ 462 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 463 464 tm->cm_targ = targ; 465 tm->cm_data = NULL; 466 tm->cm_complete = mpssas_remove_volume; 467 tm->cm_complete_data = (void *)(uintptr_t)handle; 468 469 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n", 470 __func__, targ->tid); 471 mpssas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 472 473 mps_map_command(sc, tm); 474 } 475 476 /* 477 * The MPT2 firmware performs debounce on the link to avoid transient link 478 * errors and false removals. When it does decide that link has been lost 479 * and a device need to go away, it expects that the host will perform a 480 * target reset and then an op remove. The reset has the side-effect of 481 * aborting any outstanding requests for the device, which is required for 482 * the op-remove to succeed. It's not clear if the host should check for 483 * the device coming back alive after the reset. 484 */ 485 void 486 mpssas_prepare_remove(struct mpssas_softc *sassc, uint16_t handle) 487 { 488 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 489 struct mps_softc *sc; 490 struct mps_command *cm; 491 struct mpssas_target *targ = NULL; 492 493 MPS_FUNCTRACE(sassc->sc); 494 495 sc = sassc->sc; 496 497 targ = mpssas_find_target_by_handle(sassc, 0, handle); 498 if (targ == NULL) { 499 /* FIXME: what is the action? */ 500 /* We don't know about this device? */ 501 mps_dprint(sc, MPS_ERROR, 502 "%s : invalid handle 0x%x \n", __func__, handle); 503 return; 504 } 505 506 targ->flags |= MPSSAS_TARGET_INREMOVAL; 507 508 cm = mpssas_alloc_tm(sc); 509 if (cm == NULL) { 510 mps_dprint(sc, MPS_ERROR, 511 "%s: command alloc failure\n", __func__); 512 return; 513 } 514 515 mpssas_rescan_target(sc, targ); 516 517 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 518 req->DevHandle = htole16(targ->handle); 519 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 520 521 /* SAS Hard Link Reset / SATA Link Reset */ 522 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 523 524 cm->cm_targ = targ; 525 cm->cm_data = NULL; 526 cm->cm_complete = mpssas_remove_device; 527 cm->cm_complete_data = (void *)(uintptr_t)handle; 528 529 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n", 530 __func__, targ->tid); 531 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 532 533 mps_map_command(sc, cm); 534 } 535 536 static void 537 mpssas_remove_device(struct mps_softc *sc, struct mps_command *tm) 538 { 539 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 540 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 541 struct mpssas_target *targ; 542 uint16_t handle; 543 544 MPS_FUNCTRACE(sc); 545 546 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 547 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 548 targ = tm->cm_targ; 549 550 /* 551 * Currently there should be no way we can hit this case. It only 552 * happens when we have a failure to allocate chain frames, and 553 * task management commands don't have S/G lists. 554 */ 555 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 556 mps_dprint(sc, MPS_ERROR, 557 "%s: cm_flags = %#x for remove of handle %#04x! " 558 "This should not happen!\n", __func__, tm->cm_flags, 559 handle); 560 } 561 562 if (reply == NULL) { 563 /* XXX retry the remove after the diag reset completes? */ 564 mps_dprint(sc, MPS_FAULT, 565 "%s NULL reply resetting device 0x%04x\n", __func__, 566 handle); 567 mpssas_free_tm(sc, tm); 568 return; 569 } 570 571 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 572 MPI2_IOCSTATUS_SUCCESS) { 573 mps_dprint(sc, MPS_ERROR, 574 "IOCStatus = 0x%x while resetting device 0x%x\n", 575 le16toh(reply->IOCStatus), handle); 576 } 577 578 mps_dprint(sc, MPS_XINFO, "Reset aborted %u commands\n", 579 le32toh(reply->TerminationCount)); 580 mps_free_reply(sc, tm->cm_reply_data); 581 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 582 583 /* Reuse the existing command */ 584 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 585 memset(req, 0, sizeof(*req)); 586 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 587 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 588 req->DevHandle = htole16(handle); 589 tm->cm_data = NULL; 590 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 591 tm->cm_complete = mpssas_remove_complete; 592 tm->cm_complete_data = (void *)(uintptr_t)handle; 593 594 /* 595 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 596 * They should be aborted or time out and we'll kick thus off there 597 * if so. 598 */ 599 if (TAILQ_FIRST(&targ->commands) == NULL) { 600 mps_dprint(sc, MPS_INFO, "No pending commands: starting remove_device\n"); 601 mps_map_command(sc, tm); 602 targ->pending_remove_tm = NULL; 603 } else { 604 targ->pending_remove_tm = tm; 605 } 606 607 608 mps_dprint(sc, MPS_XINFO, "clearing target %u handle 0x%04x\n", 609 targ->tid, handle); 610 } 611 612 static void 613 mpssas_remove_complete(struct mps_softc *sc, struct mps_command *tm) 614 { 615 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 616 uint16_t handle; 617 struct mpssas_target *targ; 618 struct mpssas_lun *lun; 619 620 MPS_FUNCTRACE(sc); 621 622 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 623 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 624 targ = tm->cm_targ; 625 626 /* 627 * At this point, we should have no pending commands for the target. 628 * The remove target has just completed. 629 */ 630 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 631 ("%s: no commands should be pending\n", __func__)); 632 633 634 /* 635 * Currently there should be no way we can hit this case. It only 636 * happens when we have a failure to allocate chain frames, and 637 * task management commands don't have S/G lists. 638 */ 639 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 640 mps_dprint(sc, MPS_XINFO, 641 "%s: cm_flags = %#x for remove of handle %#04x! " 642 "This should not happen!\n", __func__, tm->cm_flags, 643 handle); 644 mpssas_free_tm(sc, tm); 645 return; 646 } 647 648 if (reply == NULL) { 649 /* most likely a chip reset */ 650 mps_dprint(sc, MPS_FAULT, 651 "%s NULL reply removing device 0x%04x\n", __func__, handle); 652 mpssas_free_tm(sc, tm); 653 return; 654 } 655 656 mps_dprint(sc, MPS_XINFO, 657 "%s on handle 0x%04x, IOCStatus= 0x%x\n", __func__, 658 handle, le16toh(reply->IOCStatus)); 659 660 /* 661 * Don't clear target if remove fails because things will get confusing. 662 * Leave the devname and sasaddr intact so that we know to avoid reusing 663 * this target id if possible, and so we can assign the same target id 664 * to this device if it comes back in the future. 665 */ 666 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 667 MPI2_IOCSTATUS_SUCCESS) { 668 targ->handle = 0x0; 669 targ->encl_handle = 0x0; 670 targ->encl_slot = 0x0; 671 targ->exp_dev_handle = 0x0; 672 targ->phy_num = 0x0; 673 targ->linkrate = 0x0; 674 targ->devinfo = 0x0; 675 targ->flags = 0x0; 676 677 while(!SLIST_EMPTY(&targ->luns)) { 678 lun = SLIST_FIRST(&targ->luns); 679 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 680 free(lun, M_MPT2); 681 } 682 } 683 684 685 mpssas_free_tm(sc, tm); 686 } 687 688 static int 689 mpssas_register_events(struct mps_softc *sc) 690 { 691 u32 events[MPI2_EVENT_NOTIFY_EVENTMASK_WORDS]; 692 693 bzero(events, 16); 694 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 695 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 696 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 697 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 698 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 699 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 700 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 701 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 702 setbit(events, MPI2_EVENT_IR_VOLUME); 703 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 704 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 705 setbit(events, MPI2_EVENT_LOG_ENTRY_ADDED); 706 707 mps_register_events(sc, events, mpssas_evt_handler, NULL, 708 &sc->sassc->mpssas_eh); 709 710 return (0); 711 } 712 713 int 714 mps_attach_sas(struct mps_softc *sc) 715 { 716 struct mpssas_softc *sassc; 717 cam_status status; 718 int unit, error = 0, reqs; 719 720 MPS_FUNCTRACE(sc); 721 mps_dprint(sc, MPS_INIT, "%s entered\n", __func__); 722 723 sassc = malloc(sizeof(struct mpssas_softc), M_MPT2, M_WAITOK|M_ZERO); 724 725 /* 726 * XXX MaxTargets could change during a reinit. Since we don't 727 * resize the targets[] array during such an event, cache the value 728 * of MaxTargets here so that we don't get into trouble later. This 729 * should move into the reinit logic. 730 */ 731 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 732 sassc->targets = malloc(sizeof(struct mpssas_target) * 733 sassc->maxtargets, M_MPT2, M_WAITOK|M_ZERO); 734 sc->sassc = sassc; 735 sassc->sc = sc; 736 737 reqs = sc->num_reqs - sc->num_prireqs - 1; 738 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 739 mps_dprint(sc, MPS_ERROR, "Cannot allocate SIMQ\n"); 740 error = ENOMEM; 741 goto out; 742 } 743 744 unit = device_get_unit(sc->mps_dev); 745 sassc->sim = cam_sim_alloc(mpssas_action, mpssas_poll, "mps", sassc, 746 unit, &sc->mps_mtx, reqs, reqs, sassc->devq); 747 if (sassc->sim == NULL) { 748 mps_dprint(sc, MPS_INIT|MPS_ERROR, "Cannot allocate SIM\n"); 749 error = EINVAL; 750 goto out; 751 } 752 753 TAILQ_INIT(&sassc->ev_queue); 754 755 /* Initialize taskqueue for Event Handling */ 756 TASK_INIT(&sassc->ev_task, 0, mpssas_firmware_event_work, sc); 757 sassc->ev_tq = taskqueue_create("mps_taskq", M_NOWAIT | M_ZERO, 758 taskqueue_thread_enqueue, &sassc->ev_tq); 759 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 760 device_get_nameunit(sc->mps_dev)); 761 762 mps_lock(sc); 763 764 /* 765 * XXX There should be a bus for every port on the adapter, but since 766 * we're just going to fake the topology for now, we'll pretend that 767 * everything is just a target on a single bus. 768 */ 769 if ((error = xpt_bus_register(sassc->sim, sc->mps_dev, 0)) != 0) { 770 mps_dprint(sc, MPS_INIT|MPS_ERROR, 771 "Error %d registering SCSI bus\n", error); 772 mps_unlock(sc); 773 goto out; 774 } 775 776 /* 777 * Assume that discovery events will start right away. 778 * 779 * Hold off boot until discovery is complete. 780 */ 781 sassc->flags |= MPSSAS_IN_STARTUP | MPSSAS_IN_DISCOVERY; 782 sc->sassc->startup_refcount = 0; 783 mpssas_startup_increment(sassc); 784 785 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/); 786 787 /* 788 * Register for async events so we can determine the EEDP 789 * capabilities of devices. 790 */ 791 status = xpt_create_path(&sassc->path, /*periph*/NULL, 792 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 793 CAM_LUN_WILDCARD); 794 if (status != CAM_REQ_CMP) { 795 mps_dprint(sc, MPS_ERROR|MPS_INIT, 796 "Error %#x creating sim path\n", status); 797 sassc->path = NULL; 798 } else { 799 int event; 800 801 event = AC_ADVINFO_CHANGED; 802 status = xpt_register_async(event, mpssas_async, sc, 803 sassc->path); 804 if (status != CAM_REQ_CMP) { 805 mps_dprint(sc, MPS_ERROR, 806 "Error %#x registering async handler for " 807 "AC_ADVINFO_CHANGED events\n", status); 808 xpt_free_path(sassc->path); 809 sassc->path = NULL; 810 } 811 } 812 if (status != CAM_REQ_CMP) { 813 /* 814 * EEDP use is the exception, not the rule. 815 * Warn the user, but do not fail to attach. 816 */ 817 mps_printf(sc, "EEDP capabilities disabled.\n"); 818 } 819 820 mps_unlock(sc); 821 822 mpssas_register_events(sc); 823 out: 824 if (error) 825 mps_detach_sas(sc); 826 827 mps_dprint(sc, MPS_INIT, "%s exit error= %d\n", __func__, error); 828 return (error); 829 } 830 831 int 832 mps_detach_sas(struct mps_softc *sc) 833 { 834 struct mpssas_softc *sassc; 835 struct mpssas_lun *lun, *lun_tmp; 836 struct mpssas_target *targ; 837 int i; 838 839 MPS_FUNCTRACE(sc); 840 841 if (sc->sassc == NULL) 842 return (0); 843 844 sassc = sc->sassc; 845 mps_deregister_events(sc, sassc->mpssas_eh); 846 847 /* 848 * Drain and free the event handling taskqueue with the lock 849 * unheld so that any parallel processing tasks drain properly 850 * without deadlocking. 851 */ 852 if (sassc->ev_tq != NULL) 853 taskqueue_free(sassc->ev_tq); 854 855 /* Make sure CAM doesn't wedge if we had to bail out early. */ 856 mps_lock(sc); 857 858 while (sassc->startup_refcount != 0) 859 mpssas_startup_decrement(sassc); 860 861 /* Deregister our async handler */ 862 if (sassc->path != NULL) { 863 xpt_register_async(0, mpssas_async, sc, sassc->path); 864 xpt_free_path(sassc->path); 865 sassc->path = NULL; 866 } 867 868 if (sassc->flags & MPSSAS_IN_STARTUP) 869 xpt_release_simq(sassc->sim, 1); 870 871 if (sassc->sim != NULL) { 872 xpt_bus_deregister(cam_sim_path(sassc->sim)); 873 cam_sim_free(sassc->sim, FALSE); 874 } 875 876 mps_unlock(sc); 877 878 if (sassc->devq != NULL) 879 cam_simq_free(sassc->devq); 880 881 for(i=0; i< sassc->maxtargets ;i++) { 882 targ = &sassc->targets[i]; 883 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 884 free(lun, M_MPT2); 885 } 886 } 887 free(sassc->targets, M_MPT2); 888 free(sassc, M_MPT2); 889 sc->sassc = NULL; 890 891 return (0); 892 } 893 894 void 895 mpssas_discovery_end(struct mpssas_softc *sassc) 896 { 897 struct mps_softc *sc = sassc->sc; 898 899 MPS_FUNCTRACE(sc); 900 901 if (sassc->flags & MPSSAS_DISCOVERY_TIMEOUT_PENDING) 902 callout_stop(&sassc->discovery_callout); 903 904 /* 905 * After discovery has completed, check the mapping table for any 906 * missing devices and update their missing counts. Only do this once 907 * whenever the driver is initialized so that missing counts aren't 908 * updated unnecessarily. Note that just because discovery has 909 * completed doesn't mean that events have been processed yet. The 910 * check_devices function is a callout timer that checks if ALL devices 911 * are missing. If so, it will wait a little longer for events to 912 * complete and keep resetting itself until some device in the mapping 913 * table is not missing, meaning that event processing has started. 914 */ 915 if (sc->track_mapping_events) { 916 mps_dprint(sc, MPS_XINFO | MPS_MAPPING, "Discovery has " 917 "completed. Check for missing devices in the mapping " 918 "table.\n"); 919 callout_reset(&sc->device_check_callout, 920 MPS_MISSING_CHECK_DELAY * hz, mps_mapping_check_devices, 921 sc); 922 } 923 } 924 925 static void 926 mpssas_action(struct cam_sim *sim, union ccb *ccb) 927 { 928 struct mpssas_softc *sassc; 929 930 sassc = cam_sim_softc(sim); 931 932 MPS_FUNCTRACE(sassc->sc); 933 mps_dprint(sassc->sc, MPS_TRACE, "ccb func_code 0x%x\n", 934 ccb->ccb_h.func_code); 935 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED); 936 937 switch (ccb->ccb_h.func_code) { 938 case XPT_PATH_INQ: 939 { 940 struct ccb_pathinq *cpi = &ccb->cpi; 941 struct mps_softc *sc = sassc->sc; 942 943 cpi->version_num = 1; 944 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 945 cpi->target_sprt = 0; 946 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 947 cpi->hba_eng_cnt = 0; 948 cpi->max_target = sassc->maxtargets - 1; 949 cpi->max_lun = 255; 950 951 /* 952 * initiator_id is set here to an ID outside the set of valid 953 * target IDs (including volumes). 954 */ 955 cpi->initiator_id = sassc->maxtargets; 956 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 957 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 958 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 959 cpi->unit_number = cam_sim_unit(sim); 960 cpi->bus_id = cam_sim_bus(sim); 961 cpi->base_transfer_speed = 150000; 962 cpi->transport = XPORT_SAS; 963 cpi->transport_version = 0; 964 cpi->protocol = PROTO_SCSI; 965 cpi->protocol_version = SCSI_REV_SPC; 966 cpi->maxio = sc->maxio; 967 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 968 break; 969 } 970 case XPT_GET_TRAN_SETTINGS: 971 { 972 struct ccb_trans_settings *cts; 973 struct ccb_trans_settings_sas *sas; 974 struct ccb_trans_settings_scsi *scsi; 975 struct mpssas_target *targ; 976 977 cts = &ccb->cts; 978 sas = &cts->xport_specific.sas; 979 scsi = &cts->proto_specific.scsi; 980 981 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 982 ("Target %d out of bounds in XPT_GET_TRANS_SETTINGS\n", 983 cts->ccb_h.target_id)); 984 targ = &sassc->targets[cts->ccb_h.target_id]; 985 if (targ->handle == 0x0) { 986 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 987 break; 988 } 989 990 cts->protocol_version = SCSI_REV_SPC2; 991 cts->transport = XPORT_SAS; 992 cts->transport_version = 0; 993 994 sas->valid = CTS_SAS_VALID_SPEED; 995 switch (targ->linkrate) { 996 case 0x08: 997 sas->bitrate = 150000; 998 break; 999 case 0x09: 1000 sas->bitrate = 300000; 1001 break; 1002 case 0x0a: 1003 sas->bitrate = 600000; 1004 break; 1005 default: 1006 sas->valid = 0; 1007 } 1008 1009 cts->protocol = PROTO_SCSI; 1010 scsi->valid = CTS_SCSI_VALID_TQ; 1011 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1012 1013 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1014 break; 1015 } 1016 case XPT_CALC_GEOMETRY: 1017 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1018 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1019 break; 1020 case XPT_RESET_DEV: 1021 mps_dprint(sassc->sc, MPS_XINFO, "mpssas_action XPT_RESET_DEV\n"); 1022 mpssas_action_resetdev(sassc, ccb); 1023 return; 1024 case XPT_RESET_BUS: 1025 case XPT_ABORT: 1026 case XPT_TERM_IO: 1027 mps_dprint(sassc->sc, MPS_XINFO, 1028 "mpssas_action faking success for abort or reset\n"); 1029 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1030 break; 1031 case XPT_SCSI_IO: 1032 mpssas_action_scsiio(sassc, ccb); 1033 return; 1034 case XPT_SMP_IO: 1035 mpssas_action_smpio(sassc, ccb); 1036 return; 1037 default: 1038 mpssas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1039 break; 1040 } 1041 xpt_done(ccb); 1042 1043 } 1044 1045 static void 1046 mpssas_announce_reset(struct mps_softc *sc, uint32_t ac_code, 1047 target_id_t target_id, lun_id_t lun_id) 1048 { 1049 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1050 struct cam_path *path; 1051 1052 mps_dprint(sc, MPS_XINFO, "%s code %x target %d lun %jx\n", __func__, 1053 ac_code, target_id, (uintmax_t)lun_id); 1054 1055 if (xpt_create_path(&path, NULL, 1056 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1057 mps_dprint(sc, MPS_ERROR, "unable to create path for reset " 1058 "notification\n"); 1059 return; 1060 } 1061 1062 xpt_async(ac_code, path, NULL); 1063 xpt_free_path(path); 1064 } 1065 1066 static void 1067 mpssas_complete_all_commands(struct mps_softc *sc) 1068 { 1069 struct mps_command *cm; 1070 int i; 1071 int completed; 1072 1073 MPS_FUNCTRACE(sc); 1074 mtx_assert(&sc->mps_mtx, MA_OWNED); 1075 1076 /* complete all commands with a NULL reply */ 1077 for (i = 1; i < sc->num_reqs; i++) { 1078 cm = &sc->commands[i]; 1079 if (cm->cm_state == MPS_CM_STATE_FREE) 1080 continue; 1081 1082 cm->cm_state = MPS_CM_STATE_BUSY; 1083 cm->cm_reply = NULL; 1084 completed = 0; 1085 1086 if (cm->cm_flags & MPS_CM_FLAGS_SATA_ID_TIMEOUT) { 1087 MPASS(cm->cm_data); 1088 free(cm->cm_data, M_MPT2); 1089 cm->cm_data = NULL; 1090 } 1091 1092 if (cm->cm_flags & MPS_CM_FLAGS_POLLED) 1093 cm->cm_flags |= MPS_CM_FLAGS_COMPLETE; 1094 1095 if (cm->cm_complete != NULL) { 1096 mpssas_log_command(cm, MPS_RECOVERY, 1097 "completing cm %p state %x ccb %p for diag reset\n", 1098 cm, cm->cm_state, cm->cm_ccb); 1099 1100 cm->cm_complete(sc, cm); 1101 completed = 1; 1102 } else if (cm->cm_flags & MPS_CM_FLAGS_WAKEUP) { 1103 mpssas_log_command(cm, MPS_RECOVERY, 1104 "waking up cm %p state %x ccb %p for diag reset\n", 1105 cm, cm->cm_state, cm->cm_ccb); 1106 wakeup(cm); 1107 completed = 1; 1108 } 1109 1110 if ((completed == 0) && (cm->cm_state != MPS_CM_STATE_FREE)) { 1111 /* this should never happen, but if it does, log */ 1112 mpssas_log_command(cm, MPS_RECOVERY, 1113 "cm %p state %x flags 0x%x ccb %p during diag " 1114 "reset\n", cm, cm->cm_state, cm->cm_flags, 1115 cm->cm_ccb); 1116 } 1117 } 1118 1119 sc->io_cmds_active = 0; 1120 } 1121 1122 void 1123 mpssas_handle_reinit(struct mps_softc *sc) 1124 { 1125 int i; 1126 1127 /* Go back into startup mode and freeze the simq, so that CAM 1128 * doesn't send any commands until after we've rediscovered all 1129 * targets and found the proper device handles for them. 1130 * 1131 * After the reset, portenable will trigger discovery, and after all 1132 * discovery-related activities have finished, the simq will be 1133 * released. 1134 */ 1135 mps_dprint(sc, MPS_INIT, "%s startup\n", __func__); 1136 sc->sassc->flags |= MPSSAS_IN_STARTUP; 1137 sc->sassc->flags |= MPSSAS_IN_DISCOVERY; 1138 mpssas_startup_increment(sc->sassc); 1139 1140 /* notify CAM of a bus reset */ 1141 mpssas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1142 CAM_LUN_WILDCARD); 1143 1144 /* complete and cleanup after all outstanding commands */ 1145 mpssas_complete_all_commands(sc); 1146 1147 mps_dprint(sc, MPS_INIT, 1148 "%s startup %u after command completion\n", __func__, 1149 sc->sassc->startup_refcount); 1150 1151 /* zero all the target handles, since they may change after the 1152 * reset, and we have to rediscover all the targets and use the new 1153 * handles. 1154 */ 1155 for (i = 0; i < sc->sassc->maxtargets; i++) { 1156 if (sc->sassc->targets[i].outstanding != 0) 1157 mps_dprint(sc, MPS_INIT, "target %u outstanding %u\n", 1158 i, sc->sassc->targets[i].outstanding); 1159 sc->sassc->targets[i].handle = 0x0; 1160 sc->sassc->targets[i].exp_dev_handle = 0x0; 1161 sc->sassc->targets[i].outstanding = 0; 1162 sc->sassc->targets[i].flags = MPSSAS_TARGET_INDIAGRESET; 1163 } 1164 } 1165 1166 static void 1167 mpssas_tm_timeout(void *data) 1168 { 1169 struct mps_command *tm = data; 1170 struct mps_softc *sc = tm->cm_sc; 1171 1172 mtx_assert(&sc->mps_mtx, MA_OWNED); 1173 1174 mpssas_log_command(tm, MPS_INFO|MPS_RECOVERY, 1175 "task mgmt %p timed out\n", tm); 1176 1177 KASSERT(tm->cm_state == MPS_CM_STATE_INQUEUE, 1178 ("command not inqueue\n")); 1179 1180 tm->cm_state = MPS_CM_STATE_BUSY; 1181 mps_reinit(sc); 1182 } 1183 1184 static void 1185 mpssas_logical_unit_reset_complete(struct mps_softc *sc, struct mps_command *tm) 1186 { 1187 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1188 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1189 unsigned int cm_count = 0; 1190 struct mps_command *cm; 1191 struct mpssas_target *targ; 1192 1193 callout_stop(&tm->cm_callout); 1194 1195 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1196 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1197 targ = tm->cm_targ; 1198 1199 /* 1200 * Currently there should be no way we can hit this case. It only 1201 * happens when we have a failure to allocate chain frames, and 1202 * task management commands don't have S/G lists. 1203 * XXXSL So should it be an assertion? 1204 */ 1205 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1206 mps_dprint(sc, MPS_RECOVERY|MPS_ERROR, 1207 "%s: cm_flags = %#x for LUN reset! " 1208 "This should not happen!\n", __func__, tm->cm_flags); 1209 mpssas_free_tm(sc, tm); 1210 return; 1211 } 1212 1213 if (reply == NULL) { 1214 mps_dprint(sc, MPS_RECOVERY, "NULL reset reply for tm %p\n", 1215 tm); 1216 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1217 /* this completion was due to a reset, just cleanup */ 1218 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1219 "reset, ignoring NULL LUN reset reply\n"); 1220 targ->tm = NULL; 1221 mpssas_free_tm(sc, tm); 1222 } 1223 else { 1224 /* we should have gotten a reply. */ 1225 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1226 "LUN reset attempt, resetting controller\n"); 1227 mps_reinit(sc); 1228 } 1229 return; 1230 } 1231 1232 mps_dprint(sc, MPS_RECOVERY, 1233 "logical unit reset status 0x%x code 0x%x count %u\n", 1234 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1235 le32toh(reply->TerminationCount)); 1236 1237 /* 1238 * See if there are any outstanding commands for this LUN. 1239 * This could be made more efficient by using a per-LU data 1240 * structure of some sort. 1241 */ 1242 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1243 if (cm->cm_lun == tm->cm_lun) 1244 cm_count++; 1245 } 1246 1247 if (cm_count == 0) { 1248 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1249 "Finished recovery after LUN reset for target %u\n", 1250 targ->tid); 1251 1252 mpssas_announce_reset(sc, AC_SENT_BDR, targ->tid, tm->cm_lun); 1253 1254 /* 1255 * We've finished recovery for this logical unit. check and 1256 * see if some other logical unit has a timedout command 1257 * that needs to be processed. 1258 */ 1259 cm = TAILQ_FIRST(&targ->timedout_commands); 1260 if (cm) { 1261 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1262 "More commands to abort for target %u\n", 1263 targ->tid); 1264 mpssas_send_abort(sc, tm, cm); 1265 } else { 1266 targ->tm = NULL; 1267 mpssas_free_tm(sc, tm); 1268 } 1269 } else { 1270 /* 1271 * If we still have commands for this LUN, the reset 1272 * effectively failed, regardless of the status reported. 1273 * Escalate to a target reset. 1274 */ 1275 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1276 "logical unit reset complete for target %u, but still " 1277 "have %u command(s), sending target reset\n", targ->tid, 1278 cm_count); 1279 mpssas_send_reset(sc, tm, 1280 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1281 } 1282 } 1283 1284 static void 1285 mpssas_target_reset_complete(struct mps_softc *sc, struct mps_command *tm) 1286 { 1287 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1288 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1289 struct mpssas_target *targ; 1290 1291 callout_stop(&tm->cm_callout); 1292 1293 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1294 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1295 targ = tm->cm_targ; 1296 1297 /* 1298 * Currently there should be no way we can hit this case. It only 1299 * happens when we have a failure to allocate chain frames, and 1300 * task management commands don't have S/G lists. 1301 */ 1302 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1303 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x for target reset! " 1304 "This should not happen!\n", __func__, tm->cm_flags); 1305 mpssas_free_tm(sc, tm); 1306 return; 1307 } 1308 1309 if (reply == NULL) { 1310 mps_dprint(sc, MPS_RECOVERY, 1311 "NULL target reset reply for tm %pi TaskMID %u\n", 1312 tm, le16toh(req->TaskMID)); 1313 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1314 /* this completion was due to a reset, just cleanup */ 1315 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1316 "reset, ignoring NULL target reset reply\n"); 1317 targ->tm = NULL; 1318 mpssas_free_tm(sc, tm); 1319 } else { 1320 /* we should have gotten a reply. */ 1321 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1322 "target reset attempt, resetting controller\n"); 1323 mps_reinit(sc); 1324 } 1325 return; 1326 } 1327 1328 mps_dprint(sc, MPS_RECOVERY, 1329 "target reset status 0x%x code 0x%x count %u\n", 1330 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1331 le32toh(reply->TerminationCount)); 1332 1333 if (targ->outstanding == 0) { 1334 /* we've finished recovery for this target and all 1335 * of its logical units. 1336 */ 1337 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1338 "Finished reset recovery for target %u\n", targ->tid); 1339 1340 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1341 CAM_LUN_WILDCARD); 1342 1343 targ->tm = NULL; 1344 mpssas_free_tm(sc, tm); 1345 } else { 1346 /* 1347 * After a target reset, if this target still has 1348 * outstanding commands, the reset effectively failed, 1349 * regardless of the status reported. escalate. 1350 */ 1351 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1352 "Target reset complete for target %u, but still have %u " 1353 "command(s), resetting controller\n", targ->tid, 1354 targ->outstanding); 1355 mps_reinit(sc); 1356 } 1357 } 1358 1359 #define MPS_RESET_TIMEOUT 30 1360 1361 int 1362 mpssas_send_reset(struct mps_softc *sc, struct mps_command *tm, uint8_t type) 1363 { 1364 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1365 struct mpssas_target *target; 1366 int err; 1367 1368 target = tm->cm_targ; 1369 if (target->handle == 0) { 1370 mps_dprint(sc, MPS_ERROR,"%s null devhandle for target_id %d\n", 1371 __func__, target->tid); 1372 return -1; 1373 } 1374 1375 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1376 req->DevHandle = htole16(target->handle); 1377 req->TaskType = type; 1378 1379 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1380 /* XXX Need to handle invalid LUNs */ 1381 MPS_SET_LUN(req->LUN, tm->cm_lun); 1382 tm->cm_targ->logical_unit_resets++; 1383 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1384 "Sending logical unit reset to target %u lun %d\n", 1385 target->tid, tm->cm_lun); 1386 tm->cm_complete = mpssas_logical_unit_reset_complete; 1387 mpssas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1388 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1389 /* 1390 * Target reset method = 1391 * SAS Hard Link Reset / SATA Link Reset 1392 */ 1393 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1394 tm->cm_targ->target_resets++; 1395 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1396 "Sending target reset to target %u\n", target->tid); 1397 tm->cm_complete = mpssas_target_reset_complete; 1398 mpssas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1399 } else { 1400 mps_dprint(sc, MPS_ERROR, "unexpected reset type 0x%x\n", type); 1401 return -1; 1402 } 1403 1404 tm->cm_data = NULL; 1405 tm->cm_complete_data = (void *)tm; 1406 1407 callout_reset(&tm->cm_callout, MPS_RESET_TIMEOUT * hz, 1408 mpssas_tm_timeout, tm); 1409 1410 err = mps_map_command(sc, tm); 1411 if (err) 1412 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1413 "error %d sending reset type %u\n", 1414 err, type); 1415 1416 return err; 1417 } 1418 1419 1420 static void 1421 mpssas_abort_complete(struct mps_softc *sc, struct mps_command *tm) 1422 { 1423 struct mps_command *cm; 1424 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1425 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1426 struct mpssas_target *targ; 1427 1428 callout_stop(&tm->cm_callout); 1429 1430 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1431 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1432 targ = tm->cm_targ; 1433 1434 /* 1435 * Currently there should be no way we can hit this case. It only 1436 * happens when we have a failure to allocate chain frames, and 1437 * task management commands don't have S/G lists. 1438 */ 1439 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 1440 mps_dprint(sc, MPS_RECOVERY, 1441 "cm_flags = %#x for abort %p TaskMID %u!\n", 1442 tm->cm_flags, tm, le16toh(req->TaskMID)); 1443 mpssas_free_tm(sc, tm); 1444 return; 1445 } 1446 1447 if (reply == NULL) { 1448 mps_dprint(sc, MPS_RECOVERY, 1449 "NULL abort reply for tm %p TaskMID %u\n", 1450 tm, le16toh(req->TaskMID)); 1451 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 1452 /* this completion was due to a reset, just cleanup */ 1453 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing " 1454 "reset, ignoring NULL abort reply\n"); 1455 targ->tm = NULL; 1456 mpssas_free_tm(sc, tm); 1457 } else { 1458 /* we should have gotten a reply. */ 1459 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on " 1460 "abort attempt, resetting controller\n"); 1461 mps_reinit(sc); 1462 } 1463 return; 1464 } 1465 1466 mps_dprint(sc, MPS_RECOVERY, 1467 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1468 le16toh(req->TaskMID), 1469 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1470 le32toh(reply->TerminationCount)); 1471 1472 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1473 if (cm == NULL) { 1474 /* 1475 * If there are no more timedout commands, we're done with 1476 * error recovery for this target. 1477 */ 1478 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1479 "Finished abort recovery for target %u\n", targ->tid); 1480 1481 targ->tm = NULL; 1482 mpssas_free_tm(sc, tm); 1483 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1484 /* abort success, but we have more timedout commands to abort */ 1485 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, 1486 "Continuing abort recovery for target %u\n", targ->tid); 1487 1488 mpssas_send_abort(sc, tm, cm); 1489 } else { 1490 /* we didn't get a command completion, so the abort 1491 * failed as far as we're concerned. escalate. 1492 */ 1493 mps_dprint(sc, MPS_RECOVERY, 1494 "Abort failed for target %u, sending logical unit reset\n", 1495 targ->tid); 1496 1497 mpssas_send_reset(sc, tm, 1498 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1499 } 1500 } 1501 1502 #define MPS_ABORT_TIMEOUT 5 1503 1504 static int 1505 mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, struct mps_command *cm) 1506 { 1507 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1508 struct mpssas_target *targ; 1509 int err; 1510 1511 targ = cm->cm_targ; 1512 if (targ->handle == 0) { 1513 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1514 "%s null devhandle for target_id %d\n", 1515 __func__, cm->cm_ccb->ccb_h.target_id); 1516 return -1; 1517 } 1518 1519 mpssas_log_command(cm, MPS_RECOVERY|MPS_INFO, 1520 "Aborting command %p\n", cm); 1521 1522 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1523 req->DevHandle = htole16(targ->handle); 1524 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1525 1526 /* XXX Need to handle invalid LUNs */ 1527 MPS_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1528 1529 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1530 1531 tm->cm_data = NULL; 1532 tm->cm_complete = mpssas_abort_complete; 1533 tm->cm_complete_data = (void *)tm; 1534 tm->cm_targ = cm->cm_targ; 1535 tm->cm_lun = cm->cm_lun; 1536 1537 callout_reset(&tm->cm_callout, MPS_ABORT_TIMEOUT * hz, 1538 mpssas_tm_timeout, tm); 1539 1540 targ->aborts++; 1541 1542 mpssas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1543 1544 err = mps_map_command(sc, tm); 1545 if (err) 1546 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1547 "error %d sending abort for cm %p SMID %u\n", 1548 err, cm, req->TaskMID); 1549 return err; 1550 } 1551 1552 static void 1553 mpssas_scsiio_timeout(void *data) 1554 { 1555 sbintime_t elapsed, now; 1556 union ccb *ccb; 1557 struct mps_softc *sc; 1558 struct mps_command *cm; 1559 struct mpssas_target *targ; 1560 1561 cm = (struct mps_command *)data; 1562 sc = cm->cm_sc; 1563 ccb = cm->cm_ccb; 1564 now = sbinuptime(); 1565 1566 MPS_FUNCTRACE(sc); 1567 mtx_assert(&sc->mps_mtx, MA_OWNED); 1568 1569 mps_dprint(sc, MPS_XINFO|MPS_RECOVERY, "Timeout checking cm %p\n", sc); 1570 1571 /* 1572 * Run the interrupt handler to make sure it's not pending. This 1573 * isn't perfect because the command could have already completed 1574 * and been re-used, though this is unlikely. 1575 */ 1576 mps_intr_locked(sc); 1577 if (cm->cm_flags & MPS_CM_FLAGS_ON_RECOVERY) { 1578 mpssas_log_command(cm, MPS_XINFO, 1579 "SCSI command %p almost timed out\n", cm); 1580 return; 1581 } 1582 1583 if (cm->cm_ccb == NULL) { 1584 mps_dprint(sc, MPS_ERROR, "command timeout with NULL ccb\n"); 1585 return; 1586 } 1587 1588 targ = cm->cm_targ; 1589 targ->timeouts++; 1590 1591 elapsed = now - ccb->ccb_h.qos.sim_data; 1592 mpssas_log_command(cm, MPS_INFO|MPS_RECOVERY, 1593 "Command timeout on target %u(0x%04x) %d set, %d.%d elapsed\n", 1594 targ->tid, targ->handle, ccb->ccb_h.timeout, 1595 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1596 1597 /* XXX first, check the firmware state, to see if it's still 1598 * operational. if not, do a diag reset. 1599 */ 1600 mpssas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1601 cm->cm_flags |= MPS_CM_FLAGS_ON_RECOVERY | MPS_CM_FLAGS_TIMEDOUT; 1602 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1603 1604 if (targ->tm != NULL) { 1605 /* target already in recovery, just queue up another 1606 * timedout command to be processed later. 1607 */ 1608 mps_dprint(sc, MPS_RECOVERY, 1609 "queued timedout cm %p for processing by tm %p\n", 1610 cm, targ->tm); 1611 } else if ((targ->tm = mpssas_alloc_tm(sc)) != NULL) { 1612 mps_dprint(sc, MPS_RECOVERY|MPS_INFO, 1613 "Sending abort to target %u for SMID %d\n", targ->tid, 1614 cm->cm_desc.Default.SMID); 1615 mps_dprint(sc, MPS_RECOVERY, "timedout cm %p allocated tm %p\n", 1616 cm, targ->tm); 1617 1618 /* start recovery by aborting the first timedout command */ 1619 mpssas_send_abort(sc, targ->tm, cm); 1620 } else { 1621 /* XXX queue this target up for recovery once a TM becomes 1622 * available. The firmware only has a limited number of 1623 * HighPriority credits for the high priority requests used 1624 * for task management, and we ran out. 1625 * 1626 * Isilon: don't worry about this for now, since we have 1627 * more credits than disks in an enclosure, and limit 1628 * ourselves to one TM per target for recovery. 1629 */ 1630 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY, 1631 "timedout cm %p failed to allocate a tm\n", cm); 1632 } 1633 1634 } 1635 1636 static void 1637 mpssas_action_scsiio(struct mpssas_softc *sassc, union ccb *ccb) 1638 { 1639 MPI2_SCSI_IO_REQUEST *req; 1640 struct ccb_scsiio *csio; 1641 struct mps_softc *sc; 1642 struct mpssas_target *targ; 1643 struct mpssas_lun *lun; 1644 struct mps_command *cm; 1645 uint8_t i, lba_byte, *ref_tag_addr; 1646 uint16_t eedp_flags; 1647 uint32_t mpi_control; 1648 1649 sc = sassc->sc; 1650 MPS_FUNCTRACE(sc); 1651 mtx_assert(&sc->mps_mtx, MA_OWNED); 1652 1653 csio = &ccb->csio; 1654 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1655 ("Target %d out of bounds in XPT_SCSI_IO\n", 1656 csio->ccb_h.target_id)); 1657 targ = &sassc->targets[csio->ccb_h.target_id]; 1658 mps_dprint(sc, MPS_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1659 if (targ->handle == 0x0) { 1660 mps_dprint(sc, MPS_ERROR, "%s NULL handle for target %u\n", 1661 __func__, csio->ccb_h.target_id); 1662 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1663 xpt_done(ccb); 1664 return; 1665 } 1666 if (targ->flags & MPS_TARGET_FLAGS_RAID_COMPONENT) { 1667 mps_dprint(sc, MPS_ERROR, "%s Raid component no SCSI IO " 1668 "supported %u\n", __func__, csio->ccb_h.target_id); 1669 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1670 xpt_done(ccb); 1671 return; 1672 } 1673 /* 1674 * Sometimes, it is possible to get a command that is not "In 1675 * Progress" and was actually aborted by the upper layer. Check for 1676 * this here and complete the command without error. 1677 */ 1678 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1679 mps_dprint(sc, MPS_TRACE, "%s Command is not in progress for " 1680 "target %u\n", __func__, csio->ccb_h.target_id); 1681 xpt_done(ccb); 1682 return; 1683 } 1684 /* 1685 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1686 * that the volume has timed out. We want volumes to be enumerated 1687 * until they are deleted/removed, not just failed. In either event, 1688 * we're removing the target due to a firmware event telling us 1689 * the device is now gone (as opposed to some transient event). Since 1690 * we're opting to remove failed devices from the OS's view, we need 1691 * to propagate that status up the stack. 1692 */ 1693 if (targ->flags & MPSSAS_TARGET_INREMOVAL) { 1694 if (targ->devinfo == 0) 1695 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 1696 else 1697 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1698 xpt_done(ccb); 1699 return; 1700 } 1701 1702 if ((sc->mps_flags & MPS_FLAGS_SHUTDOWN) != 0) { 1703 mps_dprint(sc, MPS_INFO, "%s shutting down\n", __func__); 1704 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1705 xpt_done(ccb); 1706 return; 1707 } 1708 1709 /* 1710 * If target has a reset in progress, freeze the devq and return. The 1711 * devq will be released when the TM reset is finished. 1712 */ 1713 if (targ->flags & MPSSAS_TARGET_INRESET) { 1714 ccb->ccb_h.status = CAM_BUSY | CAM_DEV_QFRZN; 1715 mps_dprint(sc, MPS_INFO, "%s: Freezing devq for target ID %d\n", 1716 __func__, targ->tid); 1717 xpt_freeze_devq(ccb->ccb_h.path, 1); 1718 xpt_done(ccb); 1719 return; 1720 } 1721 1722 cm = mps_alloc_command(sc); 1723 if (cm == NULL || (sc->mps_flags & MPS_FLAGS_DIAGRESET)) { 1724 if (cm != NULL) { 1725 mps_free_command(sc, cm); 1726 } 1727 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) { 1728 xpt_freeze_simq(sassc->sim, 1); 1729 sassc->flags |= MPSSAS_QUEUE_FROZEN; 1730 } 1731 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1732 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1733 xpt_done(ccb); 1734 return; 1735 } 1736 1737 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1738 bzero(req, sizeof(*req)); 1739 req->DevHandle = htole16(targ->handle); 1740 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1741 req->MsgFlags = 0; 1742 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1743 req->SenseBufferLength = MPS_SENSE_LEN; 1744 req->SGLFlags = 0; 1745 req->ChainOffset = 0; 1746 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1747 req->SGLOffset1= 0; 1748 req->SGLOffset2= 0; 1749 req->SGLOffset3= 0; 1750 req->SkipCount = 0; 1751 req->DataLength = htole32(csio->dxfer_len); 1752 req->BidirectionalDataLength = 0; 1753 req->IoFlags = htole16(csio->cdb_len); 1754 req->EEDPFlags = 0; 1755 1756 /* Note: BiDirectional transfers are not supported */ 1757 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1758 case CAM_DIR_IN: 1759 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1760 cm->cm_flags |= MPS_CM_FLAGS_DATAIN; 1761 break; 1762 case CAM_DIR_OUT: 1763 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1764 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT; 1765 break; 1766 case CAM_DIR_NONE: 1767 default: 1768 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 1769 break; 1770 } 1771 1772 if (csio->cdb_len == 32) 1773 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 1774 /* 1775 * It looks like the hardware doesn't require an explicit tag 1776 * number for each transaction. SAM Task Management not supported 1777 * at the moment. 1778 */ 1779 switch (csio->tag_action) { 1780 case MSG_HEAD_OF_Q_TAG: 1781 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 1782 break; 1783 case MSG_ORDERED_Q_TAG: 1784 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 1785 break; 1786 case MSG_ACA_TASK: 1787 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 1788 break; 1789 case CAM_TAG_ACTION_NONE: 1790 case MSG_SIMPLE_Q_TAG: 1791 default: 1792 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 1793 break; 1794 } 1795 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 1796 req->Control = htole32(mpi_control); 1797 if (MPS_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 1798 mps_free_command(sc, cm); 1799 mpssas_set_ccbstatus(ccb, CAM_LUN_INVALID); 1800 xpt_done(ccb); 1801 return; 1802 } 1803 1804 if (csio->ccb_h.flags & CAM_CDB_POINTER) 1805 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 1806 else 1807 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 1808 req->IoFlags = htole16(csio->cdb_len); 1809 1810 /* 1811 * Check if EEDP is supported and enabled. If it is then check if the 1812 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 1813 * is formatted for EEDP support. If all of this is true, set CDB up 1814 * for EEDP transfer. 1815 */ 1816 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 1817 if (sc->eedp_enabled && eedp_flags) { 1818 SLIST_FOREACH(lun, &targ->luns, lun_link) { 1819 if (lun->lun_id == csio->ccb_h.target_lun) { 1820 break; 1821 } 1822 } 1823 1824 if ((lun != NULL) && (lun->eedp_formatted)) { 1825 req->EEDPBlockSize = htole16(lun->eedp_block_size); 1826 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 1827 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 1828 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 1829 req->EEDPFlags = htole16(eedp_flags); 1830 1831 /* 1832 * If CDB less than 32, fill in Primary Ref Tag with 1833 * low 4 bytes of LBA. If CDB is 32, tag stuff is 1834 * already there. Also, set protection bit. FreeBSD 1835 * currently does not support CDBs bigger than 16, but 1836 * the code doesn't hurt, and will be here for the 1837 * future. 1838 */ 1839 if (csio->cdb_len != 32) { 1840 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 1841 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 1842 PrimaryReferenceTag; 1843 for (i = 0; i < 4; i++) { 1844 *ref_tag_addr = 1845 req->CDB.CDB32[lba_byte + i]; 1846 ref_tag_addr++; 1847 } 1848 req->CDB.EEDP32.PrimaryReferenceTag = 1849 htole32(req->CDB.EEDP32.PrimaryReferenceTag); 1850 req->CDB.EEDP32.PrimaryApplicationTagMask = 1851 0xFFFF; 1852 req->CDB.CDB32[1] = (req->CDB.CDB32[1] & 0x1F) | 1853 0x20; 1854 } else { 1855 eedp_flags |= 1856 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 1857 req->EEDPFlags = htole16(eedp_flags); 1858 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 1859 0x1F) | 0x20; 1860 } 1861 } 1862 } 1863 1864 cm->cm_length = csio->dxfer_len; 1865 if (cm->cm_length != 0) { 1866 cm->cm_data = ccb; 1867 cm->cm_flags |= MPS_CM_FLAGS_USE_CCB; 1868 } else { 1869 cm->cm_data = NULL; 1870 } 1871 cm->cm_sge = &req->SGL; 1872 cm->cm_sglsize = (32 - 24) * 4; 1873 cm->cm_desc.SCSIIO.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 1874 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 1875 cm->cm_complete = mpssas_scsiio_complete; 1876 cm->cm_complete_data = ccb; 1877 cm->cm_targ = targ; 1878 cm->cm_lun = csio->ccb_h.target_lun; 1879 cm->cm_ccb = ccb; 1880 1881 /* 1882 * If HBA is a WD and the command is not for a retry, try to build a 1883 * direct I/O message. If failed, or the command is for a retry, send 1884 * the I/O to the IR volume itself. 1885 */ 1886 if (sc->WD_valid_config) { 1887 if (ccb->ccb_h.sim_priv.entries[0].field == MPS_WD_RETRY) { 1888 mpssas_direct_drive_io(sassc, cm, ccb); 1889 } else { 1890 mpssas_set_ccbstatus(ccb, CAM_REQ_INPROG); 1891 } 1892 } 1893 1894 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING) 1895 if (csio->bio != NULL) 1896 biotrack(csio->bio, __func__); 1897 #endif 1898 csio->ccb_h.qos.sim_data = sbinuptime(); 1899 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1900 mpssas_scsiio_timeout, cm, 0); 1901 1902 targ->issued++; 1903 targ->outstanding++; 1904 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1905 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1906 1907 mpssas_log_command(cm, MPS_XINFO, "%s cm %p ccb %p outstanding %u\n", 1908 __func__, cm, ccb, targ->outstanding); 1909 1910 mps_map_command(sc, cm); 1911 return; 1912 } 1913 1914 /** 1915 * mps_sc_failed_io_info - translated non-succesfull SCSI_IO request 1916 */ 1917 static void 1918 mps_sc_failed_io_info(struct mps_softc *sc, struct ccb_scsiio *csio, 1919 Mpi2SCSIIOReply_t *mpi_reply) 1920 { 1921 u32 response_info; 1922 u8 *response_bytes; 1923 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 1924 MPI2_IOCSTATUS_MASK; 1925 u8 scsi_state = mpi_reply->SCSIState; 1926 u8 scsi_status = mpi_reply->SCSIStatus; 1927 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 1928 const char *desc_ioc_state, *desc_scsi_status; 1929 1930 if (log_info == 0x31170000) 1931 return; 1932 1933 desc_ioc_state = mps_describe_table(mps_iocstatus_string, 1934 ioc_status); 1935 desc_scsi_status = mps_describe_table(mps_scsi_status_string, 1936 scsi_status); 1937 1938 mps_dprint(sc, MPS_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 1939 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 1940 1941 /* 1942 *We can add more detail about underflow data here 1943 * TO-DO 1944 */ 1945 mps_dprint(sc, MPS_XINFO, "\tscsi_status(%s)(0x%02x), " 1946 "scsi_state %b\n", desc_scsi_status, scsi_status, 1947 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 1948 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 1949 1950 if (sc->mps_debug & MPS_XINFO && 1951 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 1952 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : Start :\n"); 1953 scsi_sense_print(csio); 1954 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : End :\n"); 1955 } 1956 1957 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 1958 response_info = le32toh(mpi_reply->ResponseInfo); 1959 response_bytes = (u8 *)&response_info; 1960 mps_dprint(sc, MPS_XINFO, "response code(0x%1x): %s\n", 1961 response_bytes[0], 1962 mps_describe_table(mps_scsi_taskmgmt_string, 1963 response_bytes[0])); 1964 } 1965 } 1966 1967 static void 1968 mpssas_scsiio_complete(struct mps_softc *sc, struct mps_command *cm) 1969 { 1970 MPI2_SCSI_IO_REPLY *rep; 1971 union ccb *ccb; 1972 struct ccb_scsiio *csio; 1973 struct mpssas_softc *sassc; 1974 struct scsi_vpd_supported_page_list *vpd_list = NULL; 1975 u8 *TLR_bits, TLR_on; 1976 int dir = 0, i; 1977 u16 alloc_len; 1978 struct mpssas_target *target; 1979 target_id_t target_id; 1980 1981 MPS_FUNCTRACE(sc); 1982 mps_dprint(sc, MPS_TRACE, 1983 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm, 1984 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 1985 cm->cm_targ->outstanding); 1986 1987 callout_stop(&cm->cm_callout); 1988 mtx_assert(&sc->mps_mtx, MA_OWNED); 1989 1990 sassc = sc->sassc; 1991 ccb = cm->cm_complete_data; 1992 csio = &ccb->csio; 1993 target_id = csio->ccb_h.target_id; 1994 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 1995 /* 1996 * XXX KDM if the chain allocation fails, does it matter if we do 1997 * the sync and unload here? It is simpler to do it in every case, 1998 * assuming it doesn't cause problems. 1999 */ 2000 if (cm->cm_data != NULL) { 2001 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN) 2002 dir = BUS_DMASYNC_POSTREAD; 2003 else if (cm->cm_flags & MPS_CM_FLAGS_DATAOUT) 2004 dir = BUS_DMASYNC_POSTWRITE; 2005 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2006 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2007 } 2008 2009 cm->cm_targ->completed++; 2010 cm->cm_targ->outstanding--; 2011 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2012 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2013 2014 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING) 2015 if (ccb->csio.bio != NULL) 2016 biotrack(ccb->csio.bio, __func__); 2017 #endif 2018 2019 if (cm->cm_flags & MPS_CM_FLAGS_ON_RECOVERY) { 2020 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2021 KASSERT(cm->cm_state == MPS_CM_STATE_BUSY, 2022 ("Not busy for CM_FLAGS_TIMEDOUT: %d\n", cm->cm_state)); 2023 cm->cm_flags &= ~MPS_CM_FLAGS_ON_RECOVERY; 2024 if (cm->cm_reply != NULL) 2025 mpssas_log_command(cm, MPS_RECOVERY, 2026 "completed timedout cm %p ccb %p during recovery " 2027 "ioc %x scsi %x state %x xfer %u\n", 2028 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2029 rep->SCSIStatus, rep->SCSIState, 2030 le32toh(rep->TransferCount)); 2031 else 2032 mpssas_log_command(cm, MPS_RECOVERY, 2033 "completed timedout cm %p ccb %p during recovery\n", 2034 cm, cm->cm_ccb); 2035 } else if (cm->cm_targ->tm != NULL) { 2036 if (cm->cm_reply != NULL) 2037 mpssas_log_command(cm, MPS_RECOVERY, 2038 "completed cm %p ccb %p during recovery " 2039 "ioc %x scsi %x state %x xfer %u\n", 2040 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2041 rep->SCSIStatus, rep->SCSIState, 2042 le32toh(rep->TransferCount)); 2043 else 2044 mpssas_log_command(cm, MPS_RECOVERY, 2045 "completed cm %p ccb %p during recovery\n", 2046 cm, cm->cm_ccb); 2047 } else if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) { 2048 mpssas_log_command(cm, MPS_RECOVERY, 2049 "reset completed cm %p ccb %p\n", 2050 cm, cm->cm_ccb); 2051 } 2052 2053 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 2054 /* 2055 * We ran into an error after we tried to map the command, 2056 * so we're getting a callback without queueing the command 2057 * to the hardware. So we set the status here, and it will 2058 * be retained below. We'll go through the "fast path", 2059 * because there can be no reply when we haven't actually 2060 * gone out to the hardware. 2061 */ 2062 mpssas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2063 2064 /* 2065 * Currently the only error included in the mask is 2066 * MPS_CM_FLAGS_CHAIN_FAILED, which means we're out of 2067 * chain frames. We need to freeze the queue until we get 2068 * a command that completed without this error, which will 2069 * hopefully have some chain frames attached that we can 2070 * use. If we wanted to get smarter about it, we would 2071 * only unfreeze the queue in this condition when we're 2072 * sure that we're getting some chain frames back. That's 2073 * probably unnecessary. 2074 */ 2075 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) { 2076 xpt_freeze_simq(sassc->sim, 1); 2077 sassc->flags |= MPSSAS_QUEUE_FROZEN; 2078 mps_dprint(sc, MPS_XINFO, "Error sending command, " 2079 "freezing SIM queue\n"); 2080 } 2081 } 2082 2083 /* 2084 * If this is a Start Stop Unit command and it was issued by the driver 2085 * during shutdown, decrement the refcount to account for all of the 2086 * commands that were sent. All SSU commands should be completed before 2087 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2088 * is TRUE. 2089 */ 2090 if (sc->SSU_started && (csio->cdb_io.cdb_bytes[0] == START_STOP_UNIT)) { 2091 mps_dprint(sc, MPS_INFO, "Decrementing SSU count.\n"); 2092 sc->SSU_refcount--; 2093 } 2094 2095 /* Take the fast path to completion */ 2096 if (cm->cm_reply == NULL) { 2097 if (mpssas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2098 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) 2099 mpssas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2100 else { 2101 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2102 ccb->csio.scsi_status = SCSI_STATUS_OK; 2103 } 2104 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 2105 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2106 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 2107 mps_dprint(sc, MPS_XINFO, 2108 "Unfreezing SIM queue\n"); 2109 } 2110 } 2111 2112 /* 2113 * There are two scenarios where the status won't be 2114 * CAM_REQ_CMP. The first is if MPS_CM_FLAGS_ERROR_MASK is 2115 * set, the second is in the MPS_FLAGS_DIAGRESET above. 2116 */ 2117 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2118 /* 2119 * Freeze the dev queue so that commands are 2120 * executed in the correct order after error 2121 * recovery. 2122 */ 2123 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2124 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2125 } 2126 mps_free_command(sc, cm); 2127 xpt_done(ccb); 2128 return; 2129 } 2130 2131 mpssas_log_command(cm, MPS_XINFO, 2132 "ioc %x scsi %x state %x xfer %u\n", 2133 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2134 le32toh(rep->TransferCount)); 2135 2136 /* 2137 * If this is a Direct Drive I/O, reissue the I/O to the original IR 2138 * Volume if an error occurred (normal I/O retry). Use the original 2139 * CCB, but set a flag that this will be a retry so that it's sent to 2140 * the original volume. Free the command but reuse the CCB. 2141 */ 2142 if (cm->cm_flags & MPS_CM_FLAGS_DD_IO) { 2143 mps_free_command(sc, cm); 2144 ccb->ccb_h.sim_priv.entries[0].field = MPS_WD_RETRY; 2145 mpssas_action_scsiio(sassc, ccb); 2146 return; 2147 } else 2148 ccb->ccb_h.sim_priv.entries[0].field = 0; 2149 2150 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2151 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2152 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2153 /* FALLTHROUGH */ 2154 case MPI2_IOCSTATUS_SUCCESS: 2155 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2156 2157 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2158 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2159 mpssas_log_command(cm, MPS_XINFO, "recovered error\n"); 2160 2161 /* Completion failed at the transport level. */ 2162 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2163 MPI2_SCSI_STATE_TERMINATED)) { 2164 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2165 break; 2166 } 2167 2168 /* In a modern packetized environment, an autosense failure 2169 * implies that there's not much else that can be done to 2170 * recover the command. 2171 */ 2172 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2173 mpssas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2174 break; 2175 } 2176 2177 /* 2178 * CAM doesn't care about SAS Response Info data, but if this is 2179 * the state check if TLR should be done. If not, clear the 2180 * TLR_bits for the target. 2181 */ 2182 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2183 ((le32toh(rep->ResponseInfo) & 2184 MPI2_SCSI_RI_MASK_REASONCODE) == 2185 MPS_SCSI_RI_INVALID_FRAME)) { 2186 sc->mapping_table[target_id].TLR_bits = 2187 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2188 } 2189 2190 /* 2191 * Intentionally override the normal SCSI status reporting 2192 * for these two cases. These are likely to happen in a 2193 * multi-initiator environment, and we want to make sure that 2194 * CAM retries these commands rather than fail them. 2195 */ 2196 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2197 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2198 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2199 break; 2200 } 2201 2202 /* Handle normal status and sense */ 2203 csio->scsi_status = rep->SCSIStatus; 2204 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2205 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2206 else 2207 mpssas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2208 2209 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2210 int sense_len, returned_sense_len; 2211 2212 returned_sense_len = min(le32toh(rep->SenseCount), 2213 sizeof(struct scsi_sense_data)); 2214 if (returned_sense_len < ccb->csio.sense_len) 2215 ccb->csio.sense_resid = ccb->csio.sense_len - 2216 returned_sense_len; 2217 else 2218 ccb->csio.sense_resid = 0; 2219 2220 sense_len = min(returned_sense_len, 2221 ccb->csio.sense_len - ccb->csio.sense_resid); 2222 bzero(&ccb->csio.sense_data, 2223 sizeof(ccb->csio.sense_data)); 2224 bcopy(cm->cm_sense, &ccb->csio.sense_data, sense_len); 2225 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2226 } 2227 2228 /* 2229 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2230 * and it's page code 0 (Supported Page List), and there is 2231 * inquiry data, and this is for a sequential access device, and 2232 * the device is an SSP target, and TLR is supported by the 2233 * controller, turn the TLR_bits value ON if page 0x90 is 2234 * supported. 2235 */ 2236 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) && 2237 (csio->cdb_io.cdb_bytes[1] & SI_EVPD) && 2238 (csio->cdb_io.cdb_bytes[2] == SVPD_SUPPORTED_PAGE_LIST) && 2239 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2240 (csio->data_ptr != NULL) && 2241 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2242 (sc->control_TLR) && 2243 (sc->mapping_table[target_id].device_info & 2244 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2245 vpd_list = (struct scsi_vpd_supported_page_list *) 2246 csio->data_ptr; 2247 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2248 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2249 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2250 alloc_len = ((u16)csio->cdb_io.cdb_bytes[3] << 8) + 2251 csio->cdb_io.cdb_bytes[4]; 2252 alloc_len -= csio->resid; 2253 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2254 if (vpd_list->list[i] == 0x90) { 2255 *TLR_bits = TLR_on; 2256 break; 2257 } 2258 } 2259 } 2260 2261 /* 2262 * If this is a SATA direct-access end device, mark it so that 2263 * a SCSI StartStopUnit command will be sent to it when the 2264 * driver is being shutdown. 2265 */ 2266 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) && 2267 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2268 (sc->mapping_table[target_id].device_info & 2269 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2270 ((sc->mapping_table[target_id].device_info & 2271 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2272 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2273 target = &sassc->targets[target_id]; 2274 target->supports_SSU = TRUE; 2275 mps_dprint(sc, MPS_XINFO, "Target %d supports SSU\n", 2276 target_id); 2277 } 2278 break; 2279 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2280 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2281 /* 2282 * If devinfo is 0 this will be a volume. In that case don't 2283 * tell CAM that the volume is not there. We want volumes to 2284 * be enumerated until they are deleted/removed, not just 2285 * failed. 2286 */ 2287 if (cm->cm_targ->devinfo == 0) 2288 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2289 else 2290 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2291 break; 2292 case MPI2_IOCSTATUS_INVALID_SGL: 2293 mps_print_scsiio_cmd(sc, cm); 2294 mpssas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2295 break; 2296 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2297 /* 2298 * This is one of the responses that comes back when an I/O 2299 * has been aborted. If it is because of a timeout that we 2300 * initiated, just set the status to CAM_CMD_TIMEOUT. 2301 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2302 * command is the same (it gets retried, subject to the 2303 * retry counter), the only difference is what gets printed 2304 * on the console. 2305 */ 2306 if (cm->cm_flags & MPS_CM_FLAGS_TIMEDOUT) 2307 mpssas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2308 else 2309 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2310 break; 2311 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2312 /* resid is ignored for this condition */ 2313 csio->resid = 0; 2314 mpssas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2315 break; 2316 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2317 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2318 /* 2319 * These can sometimes be transient transport-related 2320 * errors, and sometimes persistent drive-related errors. 2321 * We used to retry these without decrementing the retry 2322 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2323 * we hit a persistent drive problem that returns one of 2324 * these error codes, we would retry indefinitely. So, 2325 * return CAM_REQ_CMP_ERROR so that we decrement the retry 2326 * count and avoid infinite retries. We're taking the 2327 * potential risk of flagging false failures in the event 2328 * of a topology-related error (e.g. a SAS expander problem 2329 * causes a command addressed to a drive to fail), but 2330 * avoiding getting into an infinite retry loop. However, 2331 * if we get them while were moving a device, we should 2332 * fail the request as 'not there' because the device 2333 * is effectively gone. 2334 */ 2335 if (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) 2336 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2337 else 2338 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2339 mps_dprint(sc, MPS_INFO, 2340 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2341 mps_describe_table(mps_iocstatus_string, 2342 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2343 target_id, cm->cm_desc.Default.SMID, 2344 le32toh(rep->IOCLogInfo), 2345 (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) ? " departing" : ""); 2346 mps_dprint(sc, MPS_XINFO, 2347 "SCSIStatus %x SCSIState %x xfercount %u\n", 2348 rep->SCSIStatus, rep->SCSIState, 2349 le32toh(rep->TransferCount)); 2350 break; 2351 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2352 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2353 case MPI2_IOCSTATUS_INVALID_VPID: 2354 case MPI2_IOCSTATUS_INVALID_FIELD: 2355 case MPI2_IOCSTATUS_INVALID_STATE: 2356 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2357 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2358 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2359 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2360 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2361 default: 2362 mpssas_log_command(cm, MPS_XINFO, 2363 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2364 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2365 rep->SCSIStatus, rep->SCSIState, 2366 le32toh(rep->TransferCount)); 2367 csio->resid = cm->cm_length; 2368 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2369 break; 2370 } 2371 2372 mps_sc_failed_io_info(sc,csio,rep); 2373 2374 if (sassc->flags & MPSSAS_QUEUE_FROZEN) { 2375 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2376 sassc->flags &= ~MPSSAS_QUEUE_FROZEN; 2377 mps_dprint(sc, MPS_XINFO, "Command completed, " 2378 "unfreezing SIM queue\n"); 2379 } 2380 2381 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2382 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2383 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2384 } 2385 2386 /* 2387 * Check to see if we're removing the device. If so, and this is the 2388 * last command on the queue, proceed with the deferred removal of the 2389 * device. Note, for removing a volume, this won't trigger because 2390 * pending_remove_tm will be NULL. 2391 */ 2392 if (cm->cm_targ->flags & MPSSAS_TARGET_INREMOVAL) { 2393 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2394 cm->cm_targ->pending_remove_tm != NULL) { 2395 mps_dprint(sc, MPS_INFO, "Last pending command complete: starting remove_device\n"); 2396 mps_map_command(sc, cm->cm_targ->pending_remove_tm); 2397 cm->cm_targ->pending_remove_tm = NULL; 2398 } 2399 } 2400 2401 mps_free_command(sc, cm); 2402 xpt_done(ccb); 2403 } 2404 2405 /* All Request reached here are Endian safe */ 2406 static void 2407 mpssas_direct_drive_io(struct mpssas_softc *sassc, struct mps_command *cm, 2408 union ccb *ccb) { 2409 pMpi2SCSIIORequest_t pIO_req; 2410 struct mps_softc *sc = sassc->sc; 2411 uint64_t virtLBA; 2412 uint32_t physLBA, stripe_offset, stripe_unit; 2413 uint32_t io_size, column; 2414 uint8_t *ptrLBA, lba_idx, physLBA_byte, *CDB; 2415 2416 /* 2417 * If this is a valid SCSI command (Read6, Read10, Read16, Write6, 2418 * Write10, or Write16), build a direct I/O message. Otherwise, the I/O 2419 * will be sent to the IR volume itself. Since Read6 and Write6 are a 2420 * bit different than the 10/16 CDBs, handle them separately. 2421 */ 2422 pIO_req = (pMpi2SCSIIORequest_t)cm->cm_req; 2423 CDB = pIO_req->CDB.CDB32; 2424 2425 /* 2426 * Handle 6 byte CDBs. 2427 */ 2428 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_6) || 2429 (CDB[0] == WRITE_6))) { 2430 /* 2431 * Get the transfer size in blocks. 2432 */ 2433 io_size = (cm->cm_length >> sc->DD_block_exponent); 2434 2435 /* 2436 * Get virtual LBA given in the CDB. 2437 */ 2438 virtLBA = ((uint64_t)(CDB[1] & 0x1F) << 16) | 2439 ((uint64_t)CDB[2] << 8) | (uint64_t)CDB[3]; 2440 2441 /* 2442 * Check that LBA range for I/O does not exceed volume's 2443 * MaxLBA. 2444 */ 2445 if ((virtLBA + (uint64_t)io_size - 1) <= 2446 sc->DD_max_lba) { 2447 /* 2448 * Check if the I/O crosses a stripe boundary. If not, 2449 * translate the virtual LBA to a physical LBA and set 2450 * the DevHandle for the PhysDisk to be used. If it 2451 * does cross a boundary, do normal I/O. To get the 2452 * right DevHandle to use, get the map number for the 2453 * column, then use that map number to look up the 2454 * DevHandle of the PhysDisk. 2455 */ 2456 stripe_offset = (uint32_t)virtLBA & 2457 (sc->DD_stripe_size - 1); 2458 if ((stripe_offset + io_size) <= sc->DD_stripe_size) { 2459 physLBA = (uint32_t)virtLBA >> 2460 sc->DD_stripe_exponent; 2461 stripe_unit = physLBA / sc->DD_num_phys_disks; 2462 column = physLBA % sc->DD_num_phys_disks; 2463 pIO_req->DevHandle = 2464 htole16(sc->DD_column_map[column].dev_handle); 2465 /* ???? Is this endian safe*/ 2466 cm->cm_desc.SCSIIO.DevHandle = 2467 pIO_req->DevHandle; 2468 2469 physLBA = (stripe_unit << 2470 sc->DD_stripe_exponent) + stripe_offset; 2471 ptrLBA = &pIO_req->CDB.CDB32[1]; 2472 physLBA_byte = (uint8_t)(physLBA >> 16); 2473 *ptrLBA = physLBA_byte; 2474 ptrLBA = &pIO_req->CDB.CDB32[2]; 2475 physLBA_byte = (uint8_t)(physLBA >> 8); 2476 *ptrLBA = physLBA_byte; 2477 ptrLBA = &pIO_req->CDB.CDB32[3]; 2478 physLBA_byte = (uint8_t)physLBA; 2479 *ptrLBA = physLBA_byte; 2480 2481 /* 2482 * Set flag that Direct Drive I/O is 2483 * being done. 2484 */ 2485 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2486 } 2487 } 2488 return; 2489 } 2490 2491 /* 2492 * Handle 10, 12 or 16 byte CDBs. 2493 */ 2494 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_10) || 2495 (CDB[0] == WRITE_10) || (CDB[0] == READ_16) || 2496 (CDB[0] == WRITE_16) || (CDB[0] == READ_12) || 2497 (CDB[0] == WRITE_12))) { 2498 /* 2499 * For 16-byte CDB's, verify that the upper 4 bytes of the CDB 2500 * are 0. If not, this is accessing beyond 2TB so handle it in 2501 * the else section. 10-byte and 12-byte CDB's are OK. 2502 * FreeBSD sends very rare 12 byte READ/WRITE, but driver is 2503 * ready to accept 12byte CDB for Direct IOs. 2504 */ 2505 if ((CDB[0] == READ_10 || CDB[0] == WRITE_10) || 2506 (CDB[0] == READ_12 || CDB[0] == WRITE_12) || 2507 !(CDB[2] | CDB[3] | CDB[4] | CDB[5])) { 2508 /* 2509 * Get the transfer size in blocks. 2510 */ 2511 io_size = (cm->cm_length >> sc->DD_block_exponent); 2512 2513 /* 2514 * Get virtual LBA. Point to correct lower 4 bytes of 2515 * LBA in the CDB depending on command. 2516 */ 2517 lba_idx = ((CDB[0] == READ_12) || 2518 (CDB[0] == WRITE_12) || 2519 (CDB[0] == READ_10) || 2520 (CDB[0] == WRITE_10))? 2 : 6; 2521 virtLBA = ((uint64_t)CDB[lba_idx] << 24) | 2522 ((uint64_t)CDB[lba_idx + 1] << 16) | 2523 ((uint64_t)CDB[lba_idx + 2] << 8) | 2524 (uint64_t)CDB[lba_idx + 3]; 2525 2526 /* 2527 * Check that LBA range for I/O does not exceed volume's 2528 * MaxLBA. 2529 */ 2530 if ((virtLBA + (uint64_t)io_size - 1) <= 2531 sc->DD_max_lba) { 2532 /* 2533 * Check if the I/O crosses a stripe boundary. 2534 * If not, translate the virtual LBA to a 2535 * physical LBA and set the DevHandle for the 2536 * PhysDisk to be used. If it does cross a 2537 * boundary, do normal I/O. To get the right 2538 * DevHandle to use, get the map number for the 2539 * column, then use that map number to look up 2540 * the DevHandle of the PhysDisk. 2541 */ 2542 stripe_offset = (uint32_t)virtLBA & 2543 (sc->DD_stripe_size - 1); 2544 if ((stripe_offset + io_size) <= 2545 sc->DD_stripe_size) { 2546 physLBA = (uint32_t)virtLBA >> 2547 sc->DD_stripe_exponent; 2548 stripe_unit = physLBA / 2549 sc->DD_num_phys_disks; 2550 column = physLBA % 2551 sc->DD_num_phys_disks; 2552 pIO_req->DevHandle = 2553 htole16(sc->DD_column_map[column]. 2554 dev_handle); 2555 cm->cm_desc.SCSIIO.DevHandle = 2556 pIO_req->DevHandle; 2557 2558 physLBA = (stripe_unit << 2559 sc->DD_stripe_exponent) + 2560 stripe_offset; 2561 ptrLBA = 2562 &pIO_req->CDB.CDB32[lba_idx]; 2563 physLBA_byte = (uint8_t)(physLBA >> 24); 2564 *ptrLBA = physLBA_byte; 2565 ptrLBA = 2566 &pIO_req->CDB.CDB32[lba_idx + 1]; 2567 physLBA_byte = (uint8_t)(physLBA >> 16); 2568 *ptrLBA = physLBA_byte; 2569 ptrLBA = 2570 &pIO_req->CDB.CDB32[lba_idx + 2]; 2571 physLBA_byte = (uint8_t)(physLBA >> 8); 2572 *ptrLBA = physLBA_byte; 2573 ptrLBA = 2574 &pIO_req->CDB.CDB32[lba_idx + 3]; 2575 physLBA_byte = (uint8_t)physLBA; 2576 *ptrLBA = physLBA_byte; 2577 2578 /* 2579 * Set flag that Direct Drive I/O is 2580 * being done. 2581 */ 2582 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2583 } 2584 } 2585 } else { 2586 /* 2587 * 16-byte CDB and the upper 4 bytes of the CDB are not 2588 * 0. Get the transfer size in blocks. 2589 */ 2590 io_size = (cm->cm_length >> sc->DD_block_exponent); 2591 2592 /* 2593 * Get virtual LBA. 2594 */ 2595 virtLBA = ((uint64_t)CDB[2] << 54) | 2596 ((uint64_t)CDB[3] << 48) | 2597 ((uint64_t)CDB[4] << 40) | 2598 ((uint64_t)CDB[5] << 32) | 2599 ((uint64_t)CDB[6] << 24) | 2600 ((uint64_t)CDB[7] << 16) | 2601 ((uint64_t)CDB[8] << 8) | 2602 (uint64_t)CDB[9]; 2603 2604 /* 2605 * Check that LBA range for I/O does not exceed volume's 2606 * MaxLBA. 2607 */ 2608 if ((virtLBA + (uint64_t)io_size - 1) <= 2609 sc->DD_max_lba) { 2610 /* 2611 * Check if the I/O crosses a stripe boundary. 2612 * If not, translate the virtual LBA to a 2613 * physical LBA and set the DevHandle for the 2614 * PhysDisk to be used. If it does cross a 2615 * boundary, do normal I/O. To get the right 2616 * DevHandle to use, get the map number for the 2617 * column, then use that map number to look up 2618 * the DevHandle of the PhysDisk. 2619 */ 2620 stripe_offset = (uint32_t)virtLBA & 2621 (sc->DD_stripe_size - 1); 2622 if ((stripe_offset + io_size) <= 2623 sc->DD_stripe_size) { 2624 physLBA = (uint32_t)(virtLBA >> 2625 sc->DD_stripe_exponent); 2626 stripe_unit = physLBA / 2627 sc->DD_num_phys_disks; 2628 column = physLBA % 2629 sc->DD_num_phys_disks; 2630 pIO_req->DevHandle = 2631 htole16(sc->DD_column_map[column]. 2632 dev_handle); 2633 cm->cm_desc.SCSIIO.DevHandle = 2634 pIO_req->DevHandle; 2635 2636 physLBA = (stripe_unit << 2637 sc->DD_stripe_exponent) + 2638 stripe_offset; 2639 2640 /* 2641 * Set upper 4 bytes of LBA to 0. We 2642 * assume that the phys disks are less 2643 * than 2 TB's in size. Then, set the 2644 * lower 4 bytes. 2645 */ 2646 pIO_req->CDB.CDB32[2] = 0; 2647 pIO_req->CDB.CDB32[3] = 0; 2648 pIO_req->CDB.CDB32[4] = 0; 2649 pIO_req->CDB.CDB32[5] = 0; 2650 ptrLBA = &pIO_req->CDB.CDB32[6]; 2651 physLBA_byte = (uint8_t)(physLBA >> 24); 2652 *ptrLBA = physLBA_byte; 2653 ptrLBA = &pIO_req->CDB.CDB32[7]; 2654 physLBA_byte = (uint8_t)(physLBA >> 16); 2655 *ptrLBA = physLBA_byte; 2656 ptrLBA = &pIO_req->CDB.CDB32[8]; 2657 physLBA_byte = (uint8_t)(physLBA >> 8); 2658 *ptrLBA = physLBA_byte; 2659 ptrLBA = &pIO_req->CDB.CDB32[9]; 2660 physLBA_byte = (uint8_t)physLBA; 2661 *ptrLBA = physLBA_byte; 2662 2663 /* 2664 * Set flag that Direct Drive I/O is 2665 * being done. 2666 */ 2667 cm->cm_flags |= MPS_CM_FLAGS_DD_IO; 2668 } 2669 } 2670 } 2671 } 2672 } 2673 2674 static void 2675 mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm) 2676 { 2677 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2678 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2679 uint64_t sasaddr; 2680 union ccb *ccb; 2681 2682 ccb = cm->cm_complete_data; 2683 2684 /* 2685 * Currently there should be no way we can hit this case. It only 2686 * happens when we have a failure to allocate chain frames, and SMP 2687 * commands require two S/G elements only. That should be handled 2688 * in the standard request size. 2689 */ 2690 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 2691 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x on SMP request!\n", 2692 __func__, cm->cm_flags); 2693 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2694 goto bailout; 2695 } 2696 2697 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2698 if (rpl == NULL) { 2699 mps_dprint(sc, MPS_ERROR, "%s: NULL cm_reply!\n", __func__); 2700 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2701 goto bailout; 2702 } 2703 2704 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2705 sasaddr = le32toh(req->SASAddress.Low); 2706 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2707 2708 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2709 MPI2_IOCSTATUS_SUCCESS || 2710 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2711 mps_dprint(sc, MPS_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2712 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2713 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2714 goto bailout; 2715 } 2716 2717 mps_dprint(sc, MPS_XINFO, "%s: SMP request to SAS address " 2718 "%#jx completed successfully\n", __func__, 2719 (uintmax_t)sasaddr); 2720 2721 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2722 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 2723 else 2724 mpssas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2725 2726 bailout: 2727 /* 2728 * We sync in both directions because we had DMAs in the S/G list 2729 * in both directions. 2730 */ 2731 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2732 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2733 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2734 mps_free_command(sc, cm); 2735 xpt_done(ccb); 2736 } 2737 2738 static void 2739 mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2740 { 2741 struct mps_command *cm; 2742 uint8_t *request, *response; 2743 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2744 struct mps_softc *sc; 2745 int error; 2746 2747 sc = sassc->sc; 2748 error = 0; 2749 2750 /* 2751 * XXX We don't yet support physical addresses here. 2752 */ 2753 switch ((ccb->ccb_h.flags & CAM_DATA_MASK)) { 2754 case CAM_DATA_PADDR: 2755 case CAM_DATA_SG_PADDR: 2756 mps_dprint(sc, MPS_ERROR, 2757 "%s: physical addresses not supported\n", __func__); 2758 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2759 xpt_done(ccb); 2760 return; 2761 case CAM_DATA_SG: 2762 /* 2763 * The chip does not support more than one buffer for the 2764 * request or response. 2765 */ 2766 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2767 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2768 mps_dprint(sc, MPS_ERROR, 2769 "%s: multiple request or response " 2770 "buffer segments not supported for SMP\n", 2771 __func__); 2772 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2773 xpt_done(ccb); 2774 return; 2775 } 2776 2777 /* 2778 * The CAM_SCATTER_VALID flag was originally implemented 2779 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2780 * We have two. So, just take that flag to mean that we 2781 * might have S/G lists, and look at the S/G segment count 2782 * to figure out whether that is the case for each individual 2783 * buffer. 2784 */ 2785 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2786 bus_dma_segment_t *req_sg; 2787 2788 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2789 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2790 } else 2791 request = ccb->smpio.smp_request; 2792 2793 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2794 bus_dma_segment_t *rsp_sg; 2795 2796 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2797 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2798 } else 2799 response = ccb->smpio.smp_response; 2800 break; 2801 case CAM_DATA_VADDR: 2802 request = ccb->smpio.smp_request; 2803 response = ccb->smpio.smp_response; 2804 break; 2805 default: 2806 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2807 xpt_done(ccb); 2808 return; 2809 } 2810 2811 cm = mps_alloc_command(sc); 2812 if (cm == NULL) { 2813 mps_dprint(sc, MPS_ERROR, 2814 "%s: cannot allocate command\n", __func__); 2815 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2816 xpt_done(ccb); 2817 return; 2818 } 2819 2820 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2821 bzero(req, sizeof(*req)); 2822 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 2823 2824 /* Allow the chip to use any route to this SAS address. */ 2825 req->PhysicalPort = 0xff; 2826 2827 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 2828 req->SGLFlags = 2829 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 2830 2831 mps_dprint(sc, MPS_XINFO, "%s: sending SMP request to SAS " 2832 "address %#jx\n", __func__, (uintmax_t)sasaddr); 2833 2834 mpi_init_sge(cm, req, &req->SGL); 2835 2836 /* 2837 * Set up a uio to pass into mps_map_command(). This allows us to 2838 * do one map command, and one busdma call in there. 2839 */ 2840 cm->cm_uio.uio_iov = cm->cm_iovec; 2841 cm->cm_uio.uio_iovcnt = 2; 2842 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 2843 2844 /* 2845 * The read/write flag isn't used by busdma, but set it just in 2846 * case. This isn't exactly accurate, either, since we're going in 2847 * both directions. 2848 */ 2849 cm->cm_uio.uio_rw = UIO_WRITE; 2850 2851 cm->cm_iovec[0].iov_base = request; 2852 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 2853 cm->cm_iovec[1].iov_base = response; 2854 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 2855 2856 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 2857 cm->cm_iovec[1].iov_len; 2858 2859 /* 2860 * Trigger a warning message in mps_data_cb() for the user if we 2861 * wind up exceeding two S/G segments. The chip expects one 2862 * segment for the request and another for the response. 2863 */ 2864 cm->cm_max_segs = 2; 2865 2866 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 2867 cm->cm_complete = mpssas_smpio_complete; 2868 cm->cm_complete_data = ccb; 2869 2870 /* 2871 * Tell the mapping code that we're using a uio, and that this is 2872 * an SMP passthrough request. There is a little special-case 2873 * logic there (in mps_data_cb()) to handle the bidirectional 2874 * transfer. 2875 */ 2876 cm->cm_flags |= MPS_CM_FLAGS_USE_UIO | MPS_CM_FLAGS_SMP_PASS | 2877 MPS_CM_FLAGS_DATAIN | MPS_CM_FLAGS_DATAOUT; 2878 2879 /* The chip data format is little endian. */ 2880 req->SASAddress.High = htole32(sasaddr >> 32); 2881 req->SASAddress.Low = htole32(sasaddr); 2882 2883 /* 2884 * XXX Note that we don't have a timeout/abort mechanism here. 2885 * From the manual, it looks like task management requests only 2886 * work for SCSI IO and SATA passthrough requests. We may need to 2887 * have a mechanism to retry requests in the event of a chip reset 2888 * at least. Hopefully the chip will insure that any errors short 2889 * of that are relayed back to the driver. 2890 */ 2891 error = mps_map_command(sc, cm); 2892 if ((error != 0) && (error != EINPROGRESS)) { 2893 mps_dprint(sc, MPS_ERROR, 2894 "%s: error %d returned from mps_map_command()\n", 2895 __func__, error); 2896 goto bailout_error; 2897 } 2898 2899 return; 2900 2901 bailout_error: 2902 mps_free_command(sc, cm); 2903 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2904 xpt_done(ccb); 2905 return; 2906 2907 } 2908 2909 static void 2910 mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb) 2911 { 2912 struct mps_softc *sc; 2913 struct mpssas_target *targ; 2914 uint64_t sasaddr = 0; 2915 2916 sc = sassc->sc; 2917 2918 /* 2919 * Make sure the target exists. 2920 */ 2921 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 2922 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 2923 targ = &sassc->targets[ccb->ccb_h.target_id]; 2924 if (targ->handle == 0x0) { 2925 mps_dprint(sc, MPS_ERROR, 2926 "%s: target %d does not exist!\n", __func__, 2927 ccb->ccb_h.target_id); 2928 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 2929 xpt_done(ccb); 2930 return; 2931 } 2932 2933 /* 2934 * If this device has an embedded SMP target, we'll talk to it 2935 * directly. 2936 * figure out what the expander's address is. 2937 */ 2938 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 2939 sasaddr = targ->sasaddr; 2940 2941 /* 2942 * If we don't have a SAS address for the expander yet, try 2943 * grabbing it from the page 0x83 information cached in the 2944 * transport layer for this target. LSI expanders report the 2945 * expander SAS address as the port-associated SAS address in 2946 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 2947 * 0x83. 2948 * 2949 * XXX KDM disable this for now, but leave it commented out so that 2950 * it is obvious that this is another possible way to get the SAS 2951 * address. 2952 * 2953 * The parent handle method below is a little more reliable, and 2954 * the other benefit is that it works for devices other than SES 2955 * devices. So you can send a SMP request to a da(4) device and it 2956 * will get routed to the expander that device is attached to. 2957 * (Assuming the da(4) device doesn't contain an SMP target...) 2958 */ 2959 #if 0 2960 if (sasaddr == 0) 2961 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 2962 #endif 2963 2964 /* 2965 * If we still don't have a SAS address for the expander, look for 2966 * the parent device of this device, which is probably the expander. 2967 */ 2968 if (sasaddr == 0) { 2969 #ifdef OLD_MPS_PROBE 2970 struct mpssas_target *parent_target; 2971 #endif 2972 2973 if (targ->parent_handle == 0x0) { 2974 mps_dprint(sc, MPS_ERROR, 2975 "%s: handle %d does not have a valid " 2976 "parent handle!\n", __func__, targ->handle); 2977 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2978 goto bailout; 2979 } 2980 #ifdef OLD_MPS_PROBE 2981 parent_target = mpssas_find_target_by_handle(sassc, 0, 2982 targ->parent_handle); 2983 2984 if (parent_target == NULL) { 2985 mps_dprint(sc, MPS_ERROR, 2986 "%s: handle %d does not have a valid " 2987 "parent target!\n", __func__, targ->handle); 2988 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2989 goto bailout; 2990 } 2991 2992 if ((parent_target->devinfo & 2993 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 2994 mps_dprint(sc, MPS_ERROR, 2995 "%s: handle %d parent %d does not " 2996 "have an SMP target!\n", __func__, 2997 targ->handle, parent_target->handle); 2998 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2999 goto bailout; 3000 3001 } 3002 3003 sasaddr = parent_target->sasaddr; 3004 #else /* OLD_MPS_PROBE */ 3005 if ((targ->parent_devinfo & 3006 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3007 mps_dprint(sc, MPS_ERROR, 3008 "%s: handle %d parent %d does not " 3009 "have an SMP target!\n", __func__, 3010 targ->handle, targ->parent_handle); 3011 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3012 goto bailout; 3013 3014 } 3015 if (targ->parent_sasaddr == 0x0) { 3016 mps_dprint(sc, MPS_ERROR, 3017 "%s: handle %d parent handle %d does " 3018 "not have a valid SAS address!\n", 3019 __func__, targ->handle, targ->parent_handle); 3020 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3021 goto bailout; 3022 } 3023 3024 sasaddr = targ->parent_sasaddr; 3025 #endif /* OLD_MPS_PROBE */ 3026 3027 } 3028 3029 if (sasaddr == 0) { 3030 mps_dprint(sc, MPS_INFO, 3031 "%s: unable to find SAS address for handle %d\n", 3032 __func__, targ->handle); 3033 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3034 goto bailout; 3035 } 3036 mpssas_send_smpcmd(sassc, ccb, sasaddr); 3037 3038 return; 3039 3040 bailout: 3041 xpt_done(ccb); 3042 3043 } 3044 3045 static void 3046 mpssas_action_resetdev(struct mpssas_softc *sassc, union ccb *ccb) 3047 { 3048 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3049 struct mps_softc *sc; 3050 struct mps_command *tm; 3051 struct mpssas_target *targ; 3052 3053 MPS_FUNCTRACE(sassc->sc); 3054 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED); 3055 3056 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3057 ("Target %d out of bounds in XPT_RESET_DEV\n", 3058 ccb->ccb_h.target_id)); 3059 sc = sassc->sc; 3060 tm = mpssas_alloc_tm(sc); 3061 if (tm == NULL) { 3062 mps_dprint(sc, MPS_ERROR, 3063 "command alloc failure in mpssas_action_resetdev\n"); 3064 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3065 xpt_done(ccb); 3066 return; 3067 } 3068 3069 targ = &sassc->targets[ccb->ccb_h.target_id]; 3070 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3071 req->DevHandle = htole16(targ->handle); 3072 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3073 3074 /* SAS Hard Link Reset / SATA Link Reset */ 3075 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3076 3077 tm->cm_data = NULL; 3078 tm->cm_complete = mpssas_resetdev_complete; 3079 tm->cm_complete_data = ccb; 3080 tm->cm_targ = targ; 3081 3082 mpssas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3083 mps_map_command(sc, tm); 3084 } 3085 3086 static void 3087 mpssas_resetdev_complete(struct mps_softc *sc, struct mps_command *tm) 3088 { 3089 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3090 union ccb *ccb; 3091 3092 MPS_FUNCTRACE(sc); 3093 mtx_assert(&sc->mps_mtx, MA_OWNED); 3094 3095 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3096 ccb = tm->cm_complete_data; 3097 3098 /* 3099 * Currently there should be no way we can hit this case. It only 3100 * happens when we have a failure to allocate chain frames, and 3101 * task management commands don't have S/G lists. 3102 */ 3103 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 3104 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3105 3106 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3107 3108 mps_dprint(sc, MPS_ERROR, 3109 "%s: cm_flags = %#x for reset of handle %#04x! " 3110 "This should not happen!\n", __func__, tm->cm_flags, 3111 req->DevHandle); 3112 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3113 goto bailout; 3114 } 3115 3116 mps_dprint(sc, MPS_XINFO, 3117 "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", __func__, 3118 le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3119 3120 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3121 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP); 3122 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3123 CAM_LUN_WILDCARD); 3124 } 3125 else 3126 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3127 3128 bailout: 3129 3130 mpssas_free_tm(sc, tm); 3131 xpt_done(ccb); 3132 } 3133 3134 static void 3135 mpssas_poll(struct cam_sim *sim) 3136 { 3137 struct mpssas_softc *sassc; 3138 3139 sassc = cam_sim_softc(sim); 3140 3141 if (sassc->sc->mps_debug & MPS_TRACE) { 3142 /* frequent debug messages during a panic just slow 3143 * everything down too much. 3144 */ 3145 mps_printf(sassc->sc, "%s clearing MPS_TRACE\n", __func__); 3146 sassc->sc->mps_debug &= ~MPS_TRACE; 3147 } 3148 3149 mps_intr_locked(sassc->sc); 3150 } 3151 3152 static void 3153 mpssas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3154 void *arg) 3155 { 3156 struct mps_softc *sc; 3157 3158 sc = (struct mps_softc *)callback_arg; 3159 3160 switch (code) { 3161 case AC_ADVINFO_CHANGED: { 3162 struct mpssas_target *target; 3163 struct mpssas_softc *sassc; 3164 struct scsi_read_capacity_data_long rcap_buf; 3165 struct ccb_dev_advinfo cdai; 3166 struct mpssas_lun *lun; 3167 lun_id_t lunid; 3168 int found_lun; 3169 uintptr_t buftype; 3170 3171 buftype = (uintptr_t)arg; 3172 3173 found_lun = 0; 3174 sassc = sc->sassc; 3175 3176 /* 3177 * We're only interested in read capacity data changes. 3178 */ 3179 if (buftype != CDAI_TYPE_RCAPLONG) 3180 break; 3181 3182 /* 3183 * We should have a handle for this, but check to make sure. 3184 */ 3185 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3186 ("Target %d out of bounds in mpssas_async\n", 3187 xpt_path_target_id(path))); 3188 target = &sassc->targets[xpt_path_target_id(path)]; 3189 if (target->handle == 0) 3190 break; 3191 3192 lunid = xpt_path_lun_id(path); 3193 3194 SLIST_FOREACH(lun, &target->luns, lun_link) { 3195 if (lun->lun_id == lunid) { 3196 found_lun = 1; 3197 break; 3198 } 3199 } 3200 3201 if (found_lun == 0) { 3202 lun = malloc(sizeof(struct mpssas_lun), M_MPT2, 3203 M_NOWAIT | M_ZERO); 3204 if (lun == NULL) { 3205 mps_dprint(sc, MPS_ERROR, "Unable to alloc " 3206 "LUN for EEDP support.\n"); 3207 break; 3208 } 3209 lun->lun_id = lunid; 3210 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3211 } 3212 3213 bzero(&rcap_buf, sizeof(rcap_buf)); 3214 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3215 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3216 cdai.ccb_h.flags = CAM_DIR_IN; 3217 cdai.buftype = CDAI_TYPE_RCAPLONG; 3218 cdai.flags = CDAI_FLAG_NONE; 3219 cdai.bufsiz = sizeof(rcap_buf); 3220 cdai.buf = (uint8_t *)&rcap_buf; 3221 xpt_action((union ccb *)&cdai); 3222 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3223 cam_release_devq(cdai.ccb_h.path, 3224 0, 0, 0, FALSE); 3225 3226 if ((mpssas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3227 && (rcap_buf.prot & SRC16_PROT_EN)) { 3228 switch (rcap_buf.prot & SRC16_P_TYPE) { 3229 case SRC16_PTYPE_1: 3230 case SRC16_PTYPE_3: 3231 lun->eedp_formatted = TRUE; 3232 lun->eedp_block_size = 3233 scsi_4btoul(rcap_buf.length); 3234 break; 3235 case SRC16_PTYPE_2: 3236 default: 3237 lun->eedp_formatted = FALSE; 3238 lun->eedp_block_size = 0; 3239 break; 3240 } 3241 } else { 3242 lun->eedp_formatted = FALSE; 3243 lun->eedp_block_size = 0; 3244 } 3245 break; 3246 } 3247 default: 3248 break; 3249 } 3250 } 3251 3252 /* 3253 * Set the INRESET flag for this target so that no I/O will be sent to 3254 * the target until the reset has completed. If an I/O request does 3255 * happen, the devq will be frozen. The CCB holds the path which is 3256 * used to release the devq. The devq is released and the CCB is freed 3257 * when the TM completes. 3258 */ 3259 void 3260 mpssas_prepare_for_tm(struct mps_softc *sc, struct mps_command *tm, 3261 struct mpssas_target *target, lun_id_t lun_id) 3262 { 3263 union ccb *ccb; 3264 path_id_t path_id; 3265 3266 ccb = xpt_alloc_ccb_nowait(); 3267 if (ccb) { 3268 path_id = cam_sim_path(sc->sassc->sim); 3269 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3270 target->tid, lun_id) != CAM_REQ_CMP) { 3271 xpt_free_ccb(ccb); 3272 } else { 3273 tm->cm_ccb = ccb; 3274 tm->cm_targ = target; 3275 target->flags |= MPSSAS_TARGET_INRESET; 3276 } 3277 } 3278 } 3279 3280 int 3281 mpssas_startup(struct mps_softc *sc) 3282 { 3283 3284 /* 3285 * Send the port enable message and set the wait_for_port_enable flag. 3286 * This flag helps to keep the simq frozen until all discovery events 3287 * are processed. 3288 */ 3289 sc->wait_for_port_enable = 1; 3290 mpssas_send_portenable(sc); 3291 return (0); 3292 } 3293 3294 static int 3295 mpssas_send_portenable(struct mps_softc *sc) 3296 { 3297 MPI2_PORT_ENABLE_REQUEST *request; 3298 struct mps_command *cm; 3299 3300 MPS_FUNCTRACE(sc); 3301 3302 if ((cm = mps_alloc_command(sc)) == NULL) 3303 return (EBUSY); 3304 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3305 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3306 request->MsgFlags = 0; 3307 request->VP_ID = 0; 3308 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3309 cm->cm_complete = mpssas_portenable_complete; 3310 cm->cm_data = NULL; 3311 cm->cm_sge = NULL; 3312 3313 mps_map_command(sc, cm); 3314 mps_dprint(sc, MPS_XINFO, 3315 "mps_send_portenable finished cm %p req %p complete %p\n", 3316 cm, cm->cm_req, cm->cm_complete); 3317 return (0); 3318 } 3319 3320 static void 3321 mpssas_portenable_complete(struct mps_softc *sc, struct mps_command *cm) 3322 { 3323 MPI2_PORT_ENABLE_REPLY *reply; 3324 struct mpssas_softc *sassc; 3325 3326 MPS_FUNCTRACE(sc); 3327 sassc = sc->sassc; 3328 3329 /* 3330 * Currently there should be no way we can hit this case. It only 3331 * happens when we have a failure to allocate chain frames, and 3332 * port enable commands don't have S/G lists. 3333 */ 3334 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) { 3335 mps_dprint(sc, MPS_ERROR, "%s: cm_flags = %#x for port enable! " 3336 "This should not happen!\n", __func__, cm->cm_flags); 3337 } 3338 3339 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3340 if (reply == NULL) 3341 mps_dprint(sc, MPS_FAULT, "Portenable NULL reply\n"); 3342 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) != 3343 MPI2_IOCSTATUS_SUCCESS) 3344 mps_dprint(sc, MPS_FAULT, "Portenable failed\n"); 3345 3346 mps_free_command(sc, cm); 3347 3348 /* 3349 * Get WarpDrive info after discovery is complete but before the scan 3350 * starts. At this point, all devices are ready to be exposed to the 3351 * OS. If devices should be hidden instead, take them out of the 3352 * 'targets' array before the scan. The devinfo for a disk will have 3353 * some info and a volume's will be 0. Use that to remove disks. 3354 */ 3355 mps_wd_config_pages(sc); 3356 3357 /* 3358 * Done waiting for port enable to complete. Decrement the refcount. 3359 * If refcount is 0, discovery is complete and a rescan of the bus can 3360 * take place. Since the simq was explicitly frozen before port 3361 * enable, it must be explicitly released here to keep the 3362 * freeze/release count in sync. 3363 */ 3364 sc->wait_for_port_enable = 0; 3365 sc->port_enable_complete = 1; 3366 wakeup(&sc->port_enable_complete); 3367 mpssas_startup_decrement(sassc); 3368 } 3369 3370 int 3371 mpssas_check_id(struct mpssas_softc *sassc, int id) 3372 { 3373 struct mps_softc *sc = sassc->sc; 3374 char *ids; 3375 char *name; 3376 3377 ids = &sc->exclude_ids[0]; 3378 while((name = strsep(&ids, ",")) != NULL) { 3379 if (name[0] == '\0') 3380 continue; 3381 if (strtol(name, NULL, 0) == (long)id) 3382 return (1); 3383 } 3384 3385 return (0); 3386 } 3387 3388 void 3389 mpssas_realloc_targets(struct mps_softc *sc, int maxtargets) 3390 { 3391 struct mpssas_softc *sassc; 3392 struct mpssas_lun *lun, *lun_tmp; 3393 struct mpssas_target *targ; 3394 int i; 3395 3396 sassc = sc->sassc; 3397 /* 3398 * The number of targets is based on IOC Facts, so free all of 3399 * the allocated LUNs for each target and then the target buffer 3400 * itself. 3401 */ 3402 for (i=0; i< maxtargets; i++) { 3403 targ = &sassc->targets[i]; 3404 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3405 free(lun, M_MPT2); 3406 } 3407 } 3408 free(sassc->targets, M_MPT2); 3409 3410 sassc->targets = malloc(sizeof(struct mpssas_target) * maxtargets, 3411 M_MPT2, M_WAITOK|M_ZERO); 3412 } 3413