xref: /freebsd/sys/dev/nvme/nvme_ctrlr.c (revision e9e8876a4d6afc1ad5315faaa191b25121a813d7)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (C) 2012-2016 Intel Corporation
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
31 
32 #include "opt_cam.h"
33 #include "opt_nvme.h"
34 
35 #include <sys/param.h>
36 #include <sys/systm.h>
37 #include <sys/buf.h>
38 #include <sys/bus.h>
39 #include <sys/conf.h>
40 #include <sys/ioccom.h>
41 #include <sys/proc.h>
42 #include <sys/smp.h>
43 #include <sys/uio.h>
44 #include <sys/sbuf.h>
45 #include <sys/endian.h>
46 #include <machine/stdarg.h>
47 #include <vm/vm.h>
48 
49 #include "nvme_private.h"
50 
51 #define B4_CHK_RDY_DELAY_MS	2300		/* work around controller bug */
52 
53 static void nvme_ctrlr_construct_and_submit_aer(struct nvme_controller *ctrlr,
54 						struct nvme_async_event_request *aer);
55 
56 static void
57 nvme_ctrlr_barrier(struct nvme_controller *ctrlr, int flags)
58 {
59 	bus_barrier(ctrlr->resource, 0, rman_get_size(ctrlr->resource), flags);
60 }
61 
62 static void
63 nvme_ctrlr_devctl_log(struct nvme_controller *ctrlr, const char *type, const char *msg, ...)
64 {
65 	struct sbuf sb;
66 	va_list ap;
67 	int error;
68 
69 	if (sbuf_new(&sb, NULL, 0, SBUF_AUTOEXTEND | SBUF_NOWAIT) == NULL)
70 		return;
71 	sbuf_printf(&sb, "%s: ", device_get_nameunit(ctrlr->dev));
72 	va_start(ap, msg);
73 	sbuf_vprintf(&sb, msg, ap);
74 	va_end(ap);
75 	error = sbuf_finish(&sb);
76 	if (error == 0)
77 		printf("%s\n", sbuf_data(&sb));
78 
79 	sbuf_clear(&sb);
80 	sbuf_printf(&sb, "name=\"%s\" reason=\"", device_get_nameunit(ctrlr->dev));
81 	va_start(ap, msg);
82 	sbuf_vprintf(&sb, msg, ap);
83 	va_end(ap);
84 	sbuf_printf(&sb, "\"");
85 	error = sbuf_finish(&sb);
86 	if (error == 0)
87 		devctl_notify("nvme", "controller", type, sbuf_data(&sb));
88 	sbuf_delete(&sb);
89 }
90 
91 static int
92 nvme_ctrlr_construct_admin_qpair(struct nvme_controller *ctrlr)
93 {
94 	struct nvme_qpair	*qpair;
95 	uint32_t		num_entries;
96 	int			error;
97 
98 	qpair = &ctrlr->adminq;
99 	qpair->id = 0;
100 	qpair->cpu = CPU_FFS(&cpuset_domain[ctrlr->domain]) - 1;
101 	qpair->domain = ctrlr->domain;
102 
103 	num_entries = NVME_ADMIN_ENTRIES;
104 	TUNABLE_INT_FETCH("hw.nvme.admin_entries", &num_entries);
105 	/*
106 	 * If admin_entries was overridden to an invalid value, revert it
107 	 *  back to our default value.
108 	 */
109 	if (num_entries < NVME_MIN_ADMIN_ENTRIES ||
110 	    num_entries > NVME_MAX_ADMIN_ENTRIES) {
111 		nvme_printf(ctrlr, "invalid hw.nvme.admin_entries=%d "
112 		    "specified\n", num_entries);
113 		num_entries = NVME_ADMIN_ENTRIES;
114 	}
115 
116 	/*
117 	 * The admin queue's max xfer size is treated differently than the
118 	 *  max I/O xfer size.  16KB is sufficient here - maybe even less?
119 	 */
120 	error = nvme_qpair_construct(qpair, num_entries, NVME_ADMIN_TRACKERS,
121 	     ctrlr);
122 	return (error);
123 }
124 
125 #define QP(ctrlr, c)	((c) * (ctrlr)->num_io_queues / mp_ncpus)
126 
127 static int
128 nvme_ctrlr_construct_io_qpairs(struct nvme_controller *ctrlr)
129 {
130 	struct nvme_qpair	*qpair;
131 	uint32_t		cap_lo;
132 	uint16_t		mqes;
133 	int			c, error, i, n;
134 	int			num_entries, num_trackers, max_entries;
135 
136 	/*
137 	 * NVMe spec sets a hard limit of 64K max entries, but devices may
138 	 * specify a smaller limit, so we need to check the MQES field in the
139 	 * capabilities register. We have to cap the number of entries to the
140 	 * current stride allows for in BAR 0/1, otherwise the remainder entries
141 	 * are inaccessable. MQES should reflect this, and this is just a
142 	 * fail-safe.
143 	 */
144 	max_entries =
145 	    (rman_get_size(ctrlr->resource) - nvme_mmio_offsetof(doorbell[0])) /
146 	    (1 << (ctrlr->dstrd + 1));
147 	num_entries = NVME_IO_ENTRIES;
148 	TUNABLE_INT_FETCH("hw.nvme.io_entries", &num_entries);
149 	cap_lo = nvme_mmio_read_4(ctrlr, cap_lo);
150 	mqes = NVME_CAP_LO_MQES(cap_lo);
151 	num_entries = min(num_entries, mqes + 1);
152 	num_entries = min(num_entries, max_entries);
153 
154 	num_trackers = NVME_IO_TRACKERS;
155 	TUNABLE_INT_FETCH("hw.nvme.io_trackers", &num_trackers);
156 
157 	num_trackers = max(num_trackers, NVME_MIN_IO_TRACKERS);
158 	num_trackers = min(num_trackers, NVME_MAX_IO_TRACKERS);
159 	/*
160 	 * No need to have more trackers than entries in the submit queue.  Note
161 	 * also that for a queue size of N, we can only have (N-1) commands
162 	 * outstanding, hence the "-1" here.
163 	 */
164 	num_trackers = min(num_trackers, (num_entries-1));
165 
166 	/*
167 	 * Our best estimate for the maximum number of I/Os that we should
168 	 * normally have in flight at one time. This should be viewed as a hint,
169 	 * not a hard limit and will need to be revisited when the upper layers
170 	 * of the storage system grows multi-queue support.
171 	 */
172 	ctrlr->max_hw_pend_io = num_trackers * ctrlr->num_io_queues * 3 / 4;
173 
174 	ctrlr->ioq = malloc(ctrlr->num_io_queues * sizeof(struct nvme_qpair),
175 	    M_NVME, M_ZERO | M_WAITOK);
176 
177 	for (i = c = n = 0; i < ctrlr->num_io_queues; i++, c += n) {
178 		qpair = &ctrlr->ioq[i];
179 
180 		/*
181 		 * Admin queue has ID=0. IO queues start at ID=1 -
182 		 *  hence the 'i+1' here.
183 		 */
184 		qpair->id = i + 1;
185 		if (ctrlr->num_io_queues > 1) {
186 			/* Find number of CPUs served by this queue. */
187 			for (n = 1; QP(ctrlr, c + n) == i; n++)
188 				;
189 			/* Shuffle multiple NVMe devices between CPUs. */
190 			qpair->cpu = c + (device_get_unit(ctrlr->dev)+n/2) % n;
191 			qpair->domain = pcpu_find(qpair->cpu)->pc_domain;
192 		} else {
193 			qpair->cpu = CPU_FFS(&cpuset_domain[ctrlr->domain]) - 1;
194 			qpair->domain = ctrlr->domain;
195 		}
196 
197 		/*
198 		 * For I/O queues, use the controller-wide max_xfer_size
199 		 *  calculated in nvme_attach().
200 		 */
201 		error = nvme_qpair_construct(qpair, num_entries, num_trackers,
202 		    ctrlr);
203 		if (error)
204 			return (error);
205 
206 		/*
207 		 * Do not bother binding interrupts if we only have one I/O
208 		 *  interrupt thread for this controller.
209 		 */
210 		if (ctrlr->num_io_queues > 1)
211 			bus_bind_intr(ctrlr->dev, qpair->res, qpair->cpu);
212 	}
213 
214 	return (0);
215 }
216 
217 static void
218 nvme_ctrlr_fail(struct nvme_controller *ctrlr)
219 {
220 	int i;
221 
222 	ctrlr->is_failed = true;
223 	nvme_admin_qpair_disable(&ctrlr->adminq);
224 	nvme_qpair_fail(&ctrlr->adminq);
225 	if (ctrlr->ioq != NULL) {
226 		for (i = 0; i < ctrlr->num_io_queues; i++) {
227 			nvme_io_qpair_disable(&ctrlr->ioq[i]);
228 			nvme_qpair_fail(&ctrlr->ioq[i]);
229 		}
230 	}
231 	nvme_notify_fail_consumers(ctrlr);
232 }
233 
234 void
235 nvme_ctrlr_post_failed_request(struct nvme_controller *ctrlr,
236     struct nvme_request *req)
237 {
238 
239 	mtx_lock(&ctrlr->lock);
240 	STAILQ_INSERT_TAIL(&ctrlr->fail_req, req, stailq);
241 	mtx_unlock(&ctrlr->lock);
242 	if (!ctrlr->is_dying)
243 		taskqueue_enqueue(ctrlr->taskqueue, &ctrlr->fail_req_task);
244 }
245 
246 static void
247 nvme_ctrlr_fail_req_task(void *arg, int pending)
248 {
249 	struct nvme_controller	*ctrlr = arg;
250 	struct nvme_request	*req;
251 
252 	mtx_lock(&ctrlr->lock);
253 	while ((req = STAILQ_FIRST(&ctrlr->fail_req)) != NULL) {
254 		STAILQ_REMOVE_HEAD(&ctrlr->fail_req, stailq);
255 		mtx_unlock(&ctrlr->lock);
256 		nvme_qpair_manual_complete_request(req->qpair, req,
257 		    NVME_SCT_GENERIC, NVME_SC_ABORTED_BY_REQUEST);
258 		mtx_lock(&ctrlr->lock);
259 	}
260 	mtx_unlock(&ctrlr->lock);
261 }
262 
263 /*
264  * Wait for RDY to change.
265  *
266  * Starts sleeping for 1us and geometrically increases it the longer we wait,
267  * capped at 1ms.
268  */
269 static int
270 nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val)
271 {
272 	int timeout = ticks + MSEC_2_TICKS(ctrlr->ready_timeout_in_ms);
273 	sbintime_t delta_t = SBT_1US;
274 	uint32_t csts;
275 
276 	while (1) {
277 		csts = nvme_mmio_read_4(ctrlr, csts);
278 		if (csts == NVME_GONE)		/* Hot unplug. */
279 			return (ENXIO);
280 		if (((csts >> NVME_CSTS_REG_RDY_SHIFT) & NVME_CSTS_REG_RDY_MASK)
281 		    == desired_val)
282 			break;
283 		if (timeout - ticks < 0) {
284 			nvme_printf(ctrlr, "controller ready did not become %d "
285 			    "within %d ms\n", desired_val, ctrlr->ready_timeout_in_ms);
286 			return (ENXIO);
287 		}
288 
289 		pause_sbt("nvmerdy", delta_t, 0, C_PREL(1));
290 		delta_t = min(SBT_1MS, delta_t * 3 / 2);
291 	}
292 
293 	return (0);
294 }
295 
296 static int
297 nvme_ctrlr_disable(struct nvme_controller *ctrlr)
298 {
299 	uint32_t cc;
300 	uint32_t csts;
301 	uint8_t  en, rdy;
302 	int err;
303 
304 	cc = nvme_mmio_read_4(ctrlr, cc);
305 	csts = nvme_mmio_read_4(ctrlr, csts);
306 
307 	en = (cc >> NVME_CC_REG_EN_SHIFT) & NVME_CC_REG_EN_MASK;
308 	rdy = (csts >> NVME_CSTS_REG_RDY_SHIFT) & NVME_CSTS_REG_RDY_MASK;
309 
310 	/*
311 	 * Per 3.1.5 in NVME 1.3 spec, transitioning CC.EN from 0 to 1
312 	 * when CSTS.RDY is 1 or transitioning CC.EN from 1 to 0 when
313 	 * CSTS.RDY is 0 "has undefined results" So make sure that CSTS.RDY
314 	 * isn't the desired value. Short circuit if we're already disabled.
315 	 */
316 	if (en == 0) {
317 		/* Wait for RDY == 0 or timeout & fail */
318 		if (rdy == 0)
319 			return (0);
320 		return (nvme_ctrlr_wait_for_ready(ctrlr, 0));
321 	}
322 	if (rdy == 0) {
323 		/* EN == 1, wait for  RDY == 1 or timeout & fail */
324 		err = nvme_ctrlr_wait_for_ready(ctrlr, 1);
325 		if (err != 0)
326 			return (err);
327 	}
328 
329 	cc &= ~NVME_CC_REG_EN_MASK;
330 	nvme_mmio_write_4(ctrlr, cc, cc);
331 
332 	/*
333 	 * A few drives have firmware bugs that freeze the drive if we access
334 	 * the mmio too soon after we disable.
335 	 */
336 	if (ctrlr->quirks & QUIRK_DELAY_B4_CHK_RDY)
337 		pause("nvmeR", MSEC_2_TICKS(B4_CHK_RDY_DELAY_MS));
338 	return (nvme_ctrlr_wait_for_ready(ctrlr, 0));
339 }
340 
341 static int
342 nvme_ctrlr_enable(struct nvme_controller *ctrlr)
343 {
344 	uint32_t	cc;
345 	uint32_t	csts;
346 	uint32_t	aqa;
347 	uint32_t	qsize;
348 	uint8_t		en, rdy;
349 	int		err;
350 
351 	cc = nvme_mmio_read_4(ctrlr, cc);
352 	csts = nvme_mmio_read_4(ctrlr, csts);
353 
354 	en = (cc >> NVME_CC_REG_EN_SHIFT) & NVME_CC_REG_EN_MASK;
355 	rdy = (csts >> NVME_CSTS_REG_RDY_SHIFT) & NVME_CSTS_REG_RDY_MASK;
356 
357 	/*
358 	 * See note in nvme_ctrlr_disable. Short circuit if we're already enabled.
359 	 */
360 	if (en == 1) {
361 		if (rdy == 1)
362 			return (0);
363 		return (nvme_ctrlr_wait_for_ready(ctrlr, 1));
364 	}
365 
366 	/* EN == 0 already wait for RDY == 0 or timeout & fail */
367 	err = nvme_ctrlr_wait_for_ready(ctrlr, 0);
368 	if (err != 0)
369 		return (err);
370 
371 	nvme_mmio_write_8(ctrlr, asq, ctrlr->adminq.cmd_bus_addr);
372 	nvme_mmio_write_8(ctrlr, acq, ctrlr->adminq.cpl_bus_addr);
373 
374 	/* acqs and asqs are 0-based. */
375 	qsize = ctrlr->adminq.num_entries - 1;
376 
377 	aqa = 0;
378 	aqa = (qsize & NVME_AQA_REG_ACQS_MASK) << NVME_AQA_REG_ACQS_SHIFT;
379 	aqa |= (qsize & NVME_AQA_REG_ASQS_MASK) << NVME_AQA_REG_ASQS_SHIFT;
380 	nvme_mmio_write_4(ctrlr, aqa, aqa);
381 
382 	/* Initialization values for CC */
383 	cc = 0;
384 	cc |= 1 << NVME_CC_REG_EN_SHIFT;
385 	cc |= 0 << NVME_CC_REG_CSS_SHIFT;
386 	cc |= 0 << NVME_CC_REG_AMS_SHIFT;
387 	cc |= 0 << NVME_CC_REG_SHN_SHIFT;
388 	cc |= 6 << NVME_CC_REG_IOSQES_SHIFT; /* SQ entry size == 64 == 2^6 */
389 	cc |= 4 << NVME_CC_REG_IOCQES_SHIFT; /* CQ entry size == 16 == 2^4 */
390 
391 	/* This evaluates to 0, which is according to spec. */
392 	cc |= (PAGE_SIZE >> 13) << NVME_CC_REG_MPS_SHIFT;
393 
394 	nvme_ctrlr_barrier(ctrlr, BUS_SPACE_BARRIER_WRITE);
395 	nvme_mmio_write_4(ctrlr, cc, cc);
396 
397 	return (nvme_ctrlr_wait_for_ready(ctrlr, 1));
398 }
399 
400 static void
401 nvme_ctrlr_disable_qpairs(struct nvme_controller *ctrlr)
402 {
403 	int i;
404 
405 	nvme_admin_qpair_disable(&ctrlr->adminq);
406 	/*
407 	 * I/O queues are not allocated before the initial HW
408 	 *  reset, so do not try to disable them.  Use is_initialized
409 	 *  to determine if this is the initial HW reset.
410 	 */
411 	if (ctrlr->is_initialized) {
412 		for (i = 0; i < ctrlr->num_io_queues; i++)
413 			nvme_io_qpair_disable(&ctrlr->ioq[i]);
414 	}
415 }
416 
417 static int
418 nvme_ctrlr_hw_reset(struct nvme_controller *ctrlr)
419 {
420 	int err;
421 
422 	TSENTER();
423 
424 	nvme_ctrlr_disable_qpairs(ctrlr);
425 
426 	err = nvme_ctrlr_disable(ctrlr);
427 	if (err != 0)
428 		return err;
429 
430 	err = nvme_ctrlr_enable(ctrlr);
431 	TSEXIT();
432 	return (err);
433 }
434 
435 void
436 nvme_ctrlr_reset(struct nvme_controller *ctrlr)
437 {
438 	int cmpset;
439 
440 	cmpset = atomic_cmpset_32(&ctrlr->is_resetting, 0, 1);
441 
442 	if (cmpset == 0 || ctrlr->is_failed)
443 		/*
444 		 * Controller is already resetting or has failed.  Return
445 		 *  immediately since there is no need to kick off another
446 		 *  reset in these cases.
447 		 */
448 		return;
449 
450 	if (!ctrlr->is_dying)
451 		taskqueue_enqueue(ctrlr->taskqueue, &ctrlr->reset_task);
452 }
453 
454 static int
455 nvme_ctrlr_identify(struct nvme_controller *ctrlr)
456 {
457 	struct nvme_completion_poll_status	status;
458 
459 	status.done = 0;
460 	nvme_ctrlr_cmd_identify_controller(ctrlr, &ctrlr->cdata,
461 	    nvme_completion_poll_cb, &status);
462 	nvme_completion_poll(&status);
463 	if (nvme_completion_is_error(&status.cpl)) {
464 		nvme_printf(ctrlr, "nvme_identify_controller failed!\n");
465 		return (ENXIO);
466 	}
467 
468 	/* Convert data to host endian */
469 	nvme_controller_data_swapbytes(&ctrlr->cdata);
470 
471 	/*
472 	 * Use MDTS to ensure our default max_xfer_size doesn't exceed what the
473 	 *  controller supports.
474 	 */
475 	if (ctrlr->cdata.mdts > 0)
476 		ctrlr->max_xfer_size = min(ctrlr->max_xfer_size,
477 		    ctrlr->min_page_size * (1 << (ctrlr->cdata.mdts)));
478 
479 	return (0);
480 }
481 
482 static int
483 nvme_ctrlr_set_num_qpairs(struct nvme_controller *ctrlr)
484 {
485 	struct nvme_completion_poll_status	status;
486 	int					cq_allocated, sq_allocated;
487 
488 	status.done = 0;
489 	nvme_ctrlr_cmd_set_num_queues(ctrlr, ctrlr->num_io_queues,
490 	    nvme_completion_poll_cb, &status);
491 	nvme_completion_poll(&status);
492 	if (nvme_completion_is_error(&status.cpl)) {
493 		nvme_printf(ctrlr, "nvme_ctrlr_set_num_qpairs failed!\n");
494 		return (ENXIO);
495 	}
496 
497 	/*
498 	 * Data in cdw0 is 0-based.
499 	 * Lower 16-bits indicate number of submission queues allocated.
500 	 * Upper 16-bits indicate number of completion queues allocated.
501 	 */
502 	sq_allocated = (status.cpl.cdw0 & 0xFFFF) + 1;
503 	cq_allocated = (status.cpl.cdw0 >> 16) + 1;
504 
505 	/*
506 	 * Controller may allocate more queues than we requested,
507 	 *  so use the minimum of the number requested and what was
508 	 *  actually allocated.
509 	 */
510 	ctrlr->num_io_queues = min(ctrlr->num_io_queues, sq_allocated);
511 	ctrlr->num_io_queues = min(ctrlr->num_io_queues, cq_allocated);
512 	if (ctrlr->num_io_queues > vm_ndomains)
513 		ctrlr->num_io_queues -= ctrlr->num_io_queues % vm_ndomains;
514 
515 	return (0);
516 }
517 
518 static int
519 nvme_ctrlr_create_qpairs(struct nvme_controller *ctrlr)
520 {
521 	struct nvme_completion_poll_status	status;
522 	struct nvme_qpair			*qpair;
523 	int					i;
524 
525 	for (i = 0; i < ctrlr->num_io_queues; i++) {
526 		qpair = &ctrlr->ioq[i];
527 
528 		status.done = 0;
529 		nvme_ctrlr_cmd_create_io_cq(ctrlr, qpair,
530 		    nvme_completion_poll_cb, &status);
531 		nvme_completion_poll(&status);
532 		if (nvme_completion_is_error(&status.cpl)) {
533 			nvme_printf(ctrlr, "nvme_create_io_cq failed!\n");
534 			return (ENXIO);
535 		}
536 
537 		status.done = 0;
538 		nvme_ctrlr_cmd_create_io_sq(ctrlr, qpair,
539 		    nvme_completion_poll_cb, &status);
540 		nvme_completion_poll(&status);
541 		if (nvme_completion_is_error(&status.cpl)) {
542 			nvme_printf(ctrlr, "nvme_create_io_sq failed!\n");
543 			return (ENXIO);
544 		}
545 	}
546 
547 	return (0);
548 }
549 
550 static int
551 nvme_ctrlr_delete_qpairs(struct nvme_controller *ctrlr)
552 {
553 	struct nvme_completion_poll_status	status;
554 	struct nvme_qpair			*qpair;
555 
556 	for (int i = 0; i < ctrlr->num_io_queues; i++) {
557 		qpair = &ctrlr->ioq[i];
558 
559 		status.done = 0;
560 		nvme_ctrlr_cmd_delete_io_sq(ctrlr, qpair,
561 		    nvme_completion_poll_cb, &status);
562 		nvme_completion_poll(&status);
563 		if (nvme_completion_is_error(&status.cpl)) {
564 			nvme_printf(ctrlr, "nvme_destroy_io_sq failed!\n");
565 			return (ENXIO);
566 		}
567 
568 		status.done = 0;
569 		nvme_ctrlr_cmd_delete_io_cq(ctrlr, qpair,
570 		    nvme_completion_poll_cb, &status);
571 		nvme_completion_poll(&status);
572 		if (nvme_completion_is_error(&status.cpl)) {
573 			nvme_printf(ctrlr, "nvme_destroy_io_cq failed!\n");
574 			return (ENXIO);
575 		}
576 	}
577 
578 	return (0);
579 }
580 
581 static int
582 nvme_ctrlr_construct_namespaces(struct nvme_controller *ctrlr)
583 {
584 	struct nvme_namespace	*ns;
585 	uint32_t 		i;
586 
587 	for (i = 0; i < min(ctrlr->cdata.nn, NVME_MAX_NAMESPACES); i++) {
588 		ns = &ctrlr->ns[i];
589 		nvme_ns_construct(ns, i+1, ctrlr);
590 	}
591 
592 	return (0);
593 }
594 
595 static bool
596 is_log_page_id_valid(uint8_t page_id)
597 {
598 
599 	switch (page_id) {
600 	case NVME_LOG_ERROR:
601 	case NVME_LOG_HEALTH_INFORMATION:
602 	case NVME_LOG_FIRMWARE_SLOT:
603 	case NVME_LOG_CHANGED_NAMESPACE:
604 	case NVME_LOG_COMMAND_EFFECT:
605 	case NVME_LOG_RES_NOTIFICATION:
606 	case NVME_LOG_SANITIZE_STATUS:
607 		return (true);
608 	}
609 
610 	return (false);
611 }
612 
613 static uint32_t
614 nvme_ctrlr_get_log_page_size(struct nvme_controller *ctrlr, uint8_t page_id)
615 {
616 	uint32_t	log_page_size;
617 
618 	switch (page_id) {
619 	case NVME_LOG_ERROR:
620 		log_page_size = min(
621 		    sizeof(struct nvme_error_information_entry) *
622 		    (ctrlr->cdata.elpe + 1), NVME_MAX_AER_LOG_SIZE);
623 		break;
624 	case NVME_LOG_HEALTH_INFORMATION:
625 		log_page_size = sizeof(struct nvme_health_information_page);
626 		break;
627 	case NVME_LOG_FIRMWARE_SLOT:
628 		log_page_size = sizeof(struct nvme_firmware_page);
629 		break;
630 	case NVME_LOG_CHANGED_NAMESPACE:
631 		log_page_size = sizeof(struct nvme_ns_list);
632 		break;
633 	case NVME_LOG_COMMAND_EFFECT:
634 		log_page_size = sizeof(struct nvme_command_effects_page);
635 		break;
636 	case NVME_LOG_RES_NOTIFICATION:
637 		log_page_size = sizeof(struct nvme_res_notification_page);
638 		break;
639 	case NVME_LOG_SANITIZE_STATUS:
640 		log_page_size = sizeof(struct nvme_sanitize_status_page);
641 		break;
642 	default:
643 		log_page_size = 0;
644 		break;
645 	}
646 
647 	return (log_page_size);
648 }
649 
650 static void
651 nvme_ctrlr_log_critical_warnings(struct nvme_controller *ctrlr,
652     uint8_t state)
653 {
654 
655 	if (state & NVME_CRIT_WARN_ST_AVAILABLE_SPARE)
656 		nvme_ctrlr_devctl_log(ctrlr, "critical",
657 		    "available spare space below threshold");
658 
659 	if (state & NVME_CRIT_WARN_ST_TEMPERATURE)
660 		nvme_ctrlr_devctl_log(ctrlr, "critical",
661 		    "temperature above threshold");
662 
663 	if (state & NVME_CRIT_WARN_ST_DEVICE_RELIABILITY)
664 		nvme_ctrlr_devctl_log(ctrlr, "critical",
665 		    "device reliability degraded");
666 
667 	if (state & NVME_CRIT_WARN_ST_READ_ONLY)
668 		nvme_ctrlr_devctl_log(ctrlr, "critical",
669 		    "media placed in read only mode");
670 
671 	if (state & NVME_CRIT_WARN_ST_VOLATILE_MEMORY_BACKUP)
672 		nvme_ctrlr_devctl_log(ctrlr, "critical",
673 		    "volatile memory backup device failed");
674 
675 	if (state & NVME_CRIT_WARN_ST_RESERVED_MASK)
676 		nvme_ctrlr_devctl_log(ctrlr, "critical",
677 		    "unknown critical warning(s): state = 0x%02x", state);
678 }
679 
680 static void
681 nvme_ctrlr_async_event_log_page_cb(void *arg, const struct nvme_completion *cpl)
682 {
683 	struct nvme_async_event_request		*aer = arg;
684 	struct nvme_health_information_page	*health_info;
685 	struct nvme_ns_list			*nsl;
686 	struct nvme_error_information_entry	*err;
687 	int i;
688 
689 	/*
690 	 * If the log page fetch for some reason completed with an error,
691 	 *  don't pass log page data to the consumers.  In practice, this case
692 	 *  should never happen.
693 	 */
694 	if (nvme_completion_is_error(cpl))
695 		nvme_notify_async_consumers(aer->ctrlr, &aer->cpl,
696 		    aer->log_page_id, NULL, 0);
697 	else {
698 		/* Convert data to host endian */
699 		switch (aer->log_page_id) {
700 		case NVME_LOG_ERROR:
701 			err = (struct nvme_error_information_entry *)aer->log_page_buffer;
702 			for (i = 0; i < (aer->ctrlr->cdata.elpe + 1); i++)
703 				nvme_error_information_entry_swapbytes(err++);
704 			break;
705 		case NVME_LOG_HEALTH_INFORMATION:
706 			nvme_health_information_page_swapbytes(
707 			    (struct nvme_health_information_page *)aer->log_page_buffer);
708 			break;
709 		case NVME_LOG_FIRMWARE_SLOT:
710 			nvme_firmware_page_swapbytes(
711 			    (struct nvme_firmware_page *)aer->log_page_buffer);
712 			break;
713 		case NVME_LOG_CHANGED_NAMESPACE:
714 			nvme_ns_list_swapbytes(
715 			    (struct nvme_ns_list *)aer->log_page_buffer);
716 			break;
717 		case NVME_LOG_COMMAND_EFFECT:
718 			nvme_command_effects_page_swapbytes(
719 			    (struct nvme_command_effects_page *)aer->log_page_buffer);
720 			break;
721 		case NVME_LOG_RES_NOTIFICATION:
722 			nvme_res_notification_page_swapbytes(
723 			    (struct nvme_res_notification_page *)aer->log_page_buffer);
724 			break;
725 		case NVME_LOG_SANITIZE_STATUS:
726 			nvme_sanitize_status_page_swapbytes(
727 			    (struct nvme_sanitize_status_page *)aer->log_page_buffer);
728 			break;
729 		case INTEL_LOG_TEMP_STATS:
730 			intel_log_temp_stats_swapbytes(
731 			    (struct intel_log_temp_stats *)aer->log_page_buffer);
732 			break;
733 		default:
734 			break;
735 		}
736 
737 		if (aer->log_page_id == NVME_LOG_HEALTH_INFORMATION) {
738 			health_info = (struct nvme_health_information_page *)
739 			    aer->log_page_buffer;
740 			nvme_ctrlr_log_critical_warnings(aer->ctrlr,
741 			    health_info->critical_warning);
742 			/*
743 			 * Critical warnings reported through the
744 			 *  SMART/health log page are persistent, so
745 			 *  clear the associated bits in the async event
746 			 *  config so that we do not receive repeated
747 			 *  notifications for the same event.
748 			 */
749 			aer->ctrlr->async_event_config &=
750 			    ~health_info->critical_warning;
751 			nvme_ctrlr_cmd_set_async_event_config(aer->ctrlr,
752 			    aer->ctrlr->async_event_config, NULL, NULL);
753 		} else if (aer->log_page_id == NVME_LOG_CHANGED_NAMESPACE &&
754 		    !nvme_use_nvd) {
755 			nsl = (struct nvme_ns_list *)aer->log_page_buffer;
756 			for (i = 0; i < nitems(nsl->ns) && nsl->ns[i] != 0; i++) {
757 				if (nsl->ns[i] > NVME_MAX_NAMESPACES)
758 					break;
759 				nvme_notify_ns(aer->ctrlr, nsl->ns[i]);
760 			}
761 		}
762 
763 		/*
764 		 * Pass the cpl data from the original async event completion,
765 		 *  not the log page fetch.
766 		 */
767 		nvme_notify_async_consumers(aer->ctrlr, &aer->cpl,
768 		    aer->log_page_id, aer->log_page_buffer, aer->log_page_size);
769 	}
770 
771 	/*
772 	 * Repost another asynchronous event request to replace the one
773 	 *  that just completed.
774 	 */
775 	nvme_ctrlr_construct_and_submit_aer(aer->ctrlr, aer);
776 }
777 
778 static void
779 nvme_ctrlr_async_event_cb(void *arg, const struct nvme_completion *cpl)
780 {
781 	struct nvme_async_event_request	*aer = arg;
782 
783 	if (nvme_completion_is_error(cpl)) {
784 		/*
785 		 *  Do not retry failed async event requests.  This avoids
786 		 *  infinite loops where a new async event request is submitted
787 		 *  to replace the one just failed, only to fail again and
788 		 *  perpetuate the loop.
789 		 */
790 		return;
791 	}
792 
793 	/* Associated log page is in bits 23:16 of completion entry dw0. */
794 	aer->log_page_id = (cpl->cdw0 & 0xFF0000) >> 16;
795 
796 	nvme_printf(aer->ctrlr, "async event occurred (type 0x%x, info 0x%02x,"
797 	    " page 0x%02x)\n", (cpl->cdw0 & 0x07), (cpl->cdw0 & 0xFF00) >> 8,
798 	    aer->log_page_id);
799 
800 	if (is_log_page_id_valid(aer->log_page_id)) {
801 		aer->log_page_size = nvme_ctrlr_get_log_page_size(aer->ctrlr,
802 		    aer->log_page_id);
803 		memcpy(&aer->cpl, cpl, sizeof(*cpl));
804 		nvme_ctrlr_cmd_get_log_page(aer->ctrlr, aer->log_page_id,
805 		    NVME_GLOBAL_NAMESPACE_TAG, aer->log_page_buffer,
806 		    aer->log_page_size, nvme_ctrlr_async_event_log_page_cb,
807 		    aer);
808 		/* Wait to notify consumers until after log page is fetched. */
809 	} else {
810 		nvme_notify_async_consumers(aer->ctrlr, cpl, aer->log_page_id,
811 		    NULL, 0);
812 
813 		/*
814 		 * Repost another asynchronous event request to replace the one
815 		 *  that just completed.
816 		 */
817 		nvme_ctrlr_construct_and_submit_aer(aer->ctrlr, aer);
818 	}
819 }
820 
821 static void
822 nvme_ctrlr_construct_and_submit_aer(struct nvme_controller *ctrlr,
823     struct nvme_async_event_request *aer)
824 {
825 	struct nvme_request *req;
826 
827 	aer->ctrlr = ctrlr;
828 	req = nvme_allocate_request_null(nvme_ctrlr_async_event_cb, aer);
829 	aer->req = req;
830 
831 	/*
832 	 * Disable timeout here, since asynchronous event requests should by
833 	 *  nature never be timed out.
834 	 */
835 	req->timeout = false;
836 	req->cmd.opc = NVME_OPC_ASYNC_EVENT_REQUEST;
837 	nvme_ctrlr_submit_admin_request(ctrlr, req);
838 }
839 
840 static void
841 nvme_ctrlr_configure_aer(struct nvme_controller *ctrlr)
842 {
843 	struct nvme_completion_poll_status	status;
844 	struct nvme_async_event_request		*aer;
845 	uint32_t				i;
846 
847 	ctrlr->async_event_config = NVME_CRIT_WARN_ST_AVAILABLE_SPARE |
848 	    NVME_CRIT_WARN_ST_DEVICE_RELIABILITY |
849 	    NVME_CRIT_WARN_ST_READ_ONLY |
850 	    NVME_CRIT_WARN_ST_VOLATILE_MEMORY_BACKUP;
851 	if (ctrlr->cdata.ver >= NVME_REV(1, 2))
852 		ctrlr->async_event_config |= NVME_ASYNC_EVENT_NS_ATTRIBUTE |
853 		    NVME_ASYNC_EVENT_FW_ACTIVATE;
854 
855 	status.done = 0;
856 	nvme_ctrlr_cmd_get_feature(ctrlr, NVME_FEAT_TEMPERATURE_THRESHOLD,
857 	    0, NULL, 0, nvme_completion_poll_cb, &status);
858 	nvme_completion_poll(&status);
859 	if (nvme_completion_is_error(&status.cpl) ||
860 	    (status.cpl.cdw0 & 0xFFFF) == 0xFFFF ||
861 	    (status.cpl.cdw0 & 0xFFFF) == 0x0000) {
862 		nvme_printf(ctrlr, "temperature threshold not supported\n");
863 	} else
864 		ctrlr->async_event_config |= NVME_CRIT_WARN_ST_TEMPERATURE;
865 
866 	nvme_ctrlr_cmd_set_async_event_config(ctrlr,
867 	    ctrlr->async_event_config, NULL, NULL);
868 
869 	/* aerl is a zero-based value, so we need to add 1 here. */
870 	ctrlr->num_aers = min(NVME_MAX_ASYNC_EVENTS, (ctrlr->cdata.aerl+1));
871 
872 	for (i = 0; i < ctrlr->num_aers; i++) {
873 		aer = &ctrlr->aer[i];
874 		nvme_ctrlr_construct_and_submit_aer(ctrlr, aer);
875 	}
876 }
877 
878 static void
879 nvme_ctrlr_configure_int_coalescing(struct nvme_controller *ctrlr)
880 {
881 
882 	ctrlr->int_coal_time = 0;
883 	TUNABLE_INT_FETCH("hw.nvme.int_coal_time",
884 	    &ctrlr->int_coal_time);
885 
886 	ctrlr->int_coal_threshold = 0;
887 	TUNABLE_INT_FETCH("hw.nvme.int_coal_threshold",
888 	    &ctrlr->int_coal_threshold);
889 
890 	nvme_ctrlr_cmd_set_interrupt_coalescing(ctrlr, ctrlr->int_coal_time,
891 	    ctrlr->int_coal_threshold, NULL, NULL);
892 }
893 
894 static void
895 nvme_ctrlr_hmb_free(struct nvme_controller *ctrlr)
896 {
897 	struct nvme_hmb_chunk *hmbc;
898 	int i;
899 
900 	if (ctrlr->hmb_desc_paddr) {
901 		bus_dmamap_unload(ctrlr->hmb_desc_tag, ctrlr->hmb_desc_map);
902 		bus_dmamem_free(ctrlr->hmb_desc_tag, ctrlr->hmb_desc_vaddr,
903 		    ctrlr->hmb_desc_map);
904 		ctrlr->hmb_desc_paddr = 0;
905 	}
906 	if (ctrlr->hmb_desc_tag) {
907 		bus_dma_tag_destroy(ctrlr->hmb_desc_tag);
908 		ctrlr->hmb_desc_tag = NULL;
909 	}
910 	for (i = 0; i < ctrlr->hmb_nchunks; i++) {
911 		hmbc = &ctrlr->hmb_chunks[i];
912 		bus_dmamap_unload(ctrlr->hmb_tag, hmbc->hmbc_map);
913 		bus_dmamem_free(ctrlr->hmb_tag, hmbc->hmbc_vaddr,
914 		    hmbc->hmbc_map);
915 	}
916 	ctrlr->hmb_nchunks = 0;
917 	if (ctrlr->hmb_tag) {
918 		bus_dma_tag_destroy(ctrlr->hmb_tag);
919 		ctrlr->hmb_tag = NULL;
920 	}
921 	if (ctrlr->hmb_chunks) {
922 		free(ctrlr->hmb_chunks, M_NVME);
923 		ctrlr->hmb_chunks = NULL;
924 	}
925 }
926 
927 static void
928 nvme_ctrlr_hmb_alloc(struct nvme_controller *ctrlr)
929 {
930 	struct nvme_hmb_chunk *hmbc;
931 	size_t pref, min, minc, size;
932 	int err, i;
933 	uint64_t max;
934 
935 	/* Limit HMB to 5% of RAM size per device by default. */
936 	max = (uint64_t)physmem * PAGE_SIZE / 20;
937 	TUNABLE_UINT64_FETCH("hw.nvme.hmb_max", &max);
938 
939 	min = (long long unsigned)ctrlr->cdata.hmmin * 4096;
940 	if (max == 0 || max < min)
941 		return;
942 	pref = MIN((long long unsigned)ctrlr->cdata.hmpre * 4096, max);
943 	minc = MAX(ctrlr->cdata.hmminds * 4096, PAGE_SIZE);
944 	if (min > 0 && ctrlr->cdata.hmmaxd > 0)
945 		minc = MAX(minc, min / ctrlr->cdata.hmmaxd);
946 	ctrlr->hmb_chunk = pref;
947 
948 again:
949 	ctrlr->hmb_chunk = roundup2(ctrlr->hmb_chunk, PAGE_SIZE);
950 	ctrlr->hmb_nchunks = howmany(pref, ctrlr->hmb_chunk);
951 	if (ctrlr->cdata.hmmaxd > 0 && ctrlr->hmb_nchunks > ctrlr->cdata.hmmaxd)
952 		ctrlr->hmb_nchunks = ctrlr->cdata.hmmaxd;
953 	ctrlr->hmb_chunks = malloc(sizeof(struct nvme_hmb_chunk) *
954 	    ctrlr->hmb_nchunks, M_NVME, M_WAITOK);
955 	err = bus_dma_tag_create(bus_get_dma_tag(ctrlr->dev),
956 	    PAGE_SIZE, 0, BUS_SPACE_MAXADDR, BUS_SPACE_MAXADDR, NULL, NULL,
957 	    ctrlr->hmb_chunk, 1, ctrlr->hmb_chunk, 0, NULL, NULL, &ctrlr->hmb_tag);
958 	if (err != 0) {
959 		nvme_printf(ctrlr, "HMB tag create failed %d\n", err);
960 		nvme_ctrlr_hmb_free(ctrlr);
961 		return;
962 	}
963 
964 	for (i = 0; i < ctrlr->hmb_nchunks; i++) {
965 		hmbc = &ctrlr->hmb_chunks[i];
966 		if (bus_dmamem_alloc(ctrlr->hmb_tag,
967 		    (void **)&hmbc->hmbc_vaddr, BUS_DMA_NOWAIT,
968 		    &hmbc->hmbc_map)) {
969 			nvme_printf(ctrlr, "failed to alloc HMB\n");
970 			break;
971 		}
972 		if (bus_dmamap_load(ctrlr->hmb_tag, hmbc->hmbc_map,
973 		    hmbc->hmbc_vaddr, ctrlr->hmb_chunk, nvme_single_map,
974 		    &hmbc->hmbc_paddr, BUS_DMA_NOWAIT) != 0) {
975 			bus_dmamem_free(ctrlr->hmb_tag, hmbc->hmbc_vaddr,
976 			    hmbc->hmbc_map);
977 			nvme_printf(ctrlr, "failed to load HMB\n");
978 			break;
979 		}
980 		bus_dmamap_sync(ctrlr->hmb_tag, hmbc->hmbc_map,
981 		    BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE);
982 	}
983 
984 	if (i < ctrlr->hmb_nchunks && i * ctrlr->hmb_chunk < min &&
985 	    ctrlr->hmb_chunk / 2 >= minc) {
986 		ctrlr->hmb_nchunks = i;
987 		nvme_ctrlr_hmb_free(ctrlr);
988 		ctrlr->hmb_chunk /= 2;
989 		goto again;
990 	}
991 	ctrlr->hmb_nchunks = i;
992 	if (ctrlr->hmb_nchunks * ctrlr->hmb_chunk < min) {
993 		nvme_ctrlr_hmb_free(ctrlr);
994 		return;
995 	}
996 
997 	size = sizeof(struct nvme_hmb_desc) * ctrlr->hmb_nchunks;
998 	err = bus_dma_tag_create(bus_get_dma_tag(ctrlr->dev),
999 	    16, 0, BUS_SPACE_MAXADDR, BUS_SPACE_MAXADDR, NULL, NULL,
1000 	    size, 1, size, 0, NULL, NULL, &ctrlr->hmb_desc_tag);
1001 	if (err != 0) {
1002 		nvme_printf(ctrlr, "HMB desc tag create failed %d\n", err);
1003 		nvme_ctrlr_hmb_free(ctrlr);
1004 		return;
1005 	}
1006 	if (bus_dmamem_alloc(ctrlr->hmb_desc_tag,
1007 	    (void **)&ctrlr->hmb_desc_vaddr, BUS_DMA_WAITOK,
1008 	    &ctrlr->hmb_desc_map)) {
1009 		nvme_printf(ctrlr, "failed to alloc HMB desc\n");
1010 		nvme_ctrlr_hmb_free(ctrlr);
1011 		return;
1012 	}
1013 	if (bus_dmamap_load(ctrlr->hmb_desc_tag, ctrlr->hmb_desc_map,
1014 	    ctrlr->hmb_desc_vaddr, size, nvme_single_map,
1015 	    &ctrlr->hmb_desc_paddr, BUS_DMA_NOWAIT) != 0) {
1016 		bus_dmamem_free(ctrlr->hmb_desc_tag, ctrlr->hmb_desc_vaddr,
1017 		    ctrlr->hmb_desc_map);
1018 		nvme_printf(ctrlr, "failed to load HMB desc\n");
1019 		nvme_ctrlr_hmb_free(ctrlr);
1020 		return;
1021 	}
1022 
1023 	for (i = 0; i < ctrlr->hmb_nchunks; i++) {
1024 		ctrlr->hmb_desc_vaddr[i].addr =
1025 		    htole64(ctrlr->hmb_chunks[i].hmbc_paddr);
1026 		ctrlr->hmb_desc_vaddr[i].size = htole32(ctrlr->hmb_chunk / 4096);
1027 	}
1028 	bus_dmamap_sync(ctrlr->hmb_desc_tag, ctrlr->hmb_desc_map,
1029 	    BUS_DMASYNC_PREWRITE);
1030 
1031 	nvme_printf(ctrlr, "Allocated %lluMB host memory buffer\n",
1032 	    (long long unsigned)ctrlr->hmb_nchunks * ctrlr->hmb_chunk
1033 	    / 1024 / 1024);
1034 }
1035 
1036 static void
1037 nvme_ctrlr_hmb_enable(struct nvme_controller *ctrlr, bool enable, bool memret)
1038 {
1039 	struct nvme_completion_poll_status	status;
1040 	uint32_t cdw11;
1041 
1042 	cdw11 = 0;
1043 	if (enable)
1044 		cdw11 |= 1;
1045 	if (memret)
1046 		cdw11 |= 2;
1047 	status.done = 0;
1048 	nvme_ctrlr_cmd_set_feature(ctrlr, NVME_FEAT_HOST_MEMORY_BUFFER, cdw11,
1049 	    ctrlr->hmb_nchunks * ctrlr->hmb_chunk / 4096, ctrlr->hmb_desc_paddr,
1050 	    ctrlr->hmb_desc_paddr >> 32, ctrlr->hmb_nchunks, NULL, 0,
1051 	    nvme_completion_poll_cb, &status);
1052 	nvme_completion_poll(&status);
1053 	if (nvme_completion_is_error(&status.cpl))
1054 		nvme_printf(ctrlr, "nvme_ctrlr_hmb_enable failed!\n");
1055 }
1056 
1057 static void
1058 nvme_ctrlr_start(void *ctrlr_arg, bool resetting)
1059 {
1060 	struct nvme_controller *ctrlr = ctrlr_arg;
1061 	uint32_t old_num_io_queues;
1062 	int i;
1063 
1064 	TSENTER();
1065 
1066 	/*
1067 	 * Only reset adminq here when we are restarting the
1068 	 *  controller after a reset.  During initialization,
1069 	 *  we have already submitted admin commands to get
1070 	 *  the number of I/O queues supported, so cannot reset
1071 	 *  the adminq again here.
1072 	 */
1073 	if (resetting) {
1074 		nvme_qpair_reset(&ctrlr->adminq);
1075 		nvme_admin_qpair_enable(&ctrlr->adminq);
1076 	}
1077 
1078 	if (ctrlr->ioq != NULL) {
1079 		for (i = 0; i < ctrlr->num_io_queues; i++)
1080 			nvme_qpair_reset(&ctrlr->ioq[i]);
1081 	}
1082 
1083 	/*
1084 	 * If it was a reset on initialization command timeout, just
1085 	 * return here, letting initialization code fail gracefully.
1086 	 */
1087 	if (resetting && !ctrlr->is_initialized)
1088 		return;
1089 
1090 	if (resetting && nvme_ctrlr_identify(ctrlr) != 0) {
1091 		nvme_ctrlr_fail(ctrlr);
1092 		return;
1093 	}
1094 
1095 	/*
1096 	 * The number of qpairs are determined during controller initialization,
1097 	 *  including using NVMe SET_FEATURES/NUMBER_OF_QUEUES to determine the
1098 	 *  HW limit.  We call SET_FEATURES again here so that it gets called
1099 	 *  after any reset for controllers that depend on the driver to
1100 	 *  explicit specify how many queues it will use.  This value should
1101 	 *  never change between resets, so panic if somehow that does happen.
1102 	 */
1103 	if (resetting) {
1104 		old_num_io_queues = ctrlr->num_io_queues;
1105 		if (nvme_ctrlr_set_num_qpairs(ctrlr) != 0) {
1106 			nvme_ctrlr_fail(ctrlr);
1107 			return;
1108 		}
1109 
1110 		if (old_num_io_queues != ctrlr->num_io_queues) {
1111 			panic("num_io_queues changed from %u to %u",
1112 			      old_num_io_queues, ctrlr->num_io_queues);
1113 		}
1114 	}
1115 
1116 	if (ctrlr->cdata.hmpre > 0 && ctrlr->hmb_nchunks == 0) {
1117 		nvme_ctrlr_hmb_alloc(ctrlr);
1118 		if (ctrlr->hmb_nchunks > 0)
1119 			nvme_ctrlr_hmb_enable(ctrlr, true, false);
1120 	} else if (ctrlr->hmb_nchunks > 0)
1121 		nvme_ctrlr_hmb_enable(ctrlr, true, true);
1122 
1123 	if (nvme_ctrlr_create_qpairs(ctrlr) != 0) {
1124 		nvme_ctrlr_fail(ctrlr);
1125 		return;
1126 	}
1127 
1128 	if (nvme_ctrlr_construct_namespaces(ctrlr) != 0) {
1129 		nvme_ctrlr_fail(ctrlr);
1130 		return;
1131 	}
1132 
1133 	nvme_ctrlr_configure_aer(ctrlr);
1134 	nvme_ctrlr_configure_int_coalescing(ctrlr);
1135 
1136 	for (i = 0; i < ctrlr->num_io_queues; i++)
1137 		nvme_io_qpair_enable(&ctrlr->ioq[i]);
1138 	TSEXIT();
1139 }
1140 
1141 void
1142 nvme_ctrlr_start_config_hook(void *arg)
1143 {
1144 	struct nvme_controller *ctrlr = arg;
1145 
1146 	TSENTER();
1147 
1148 	if (nvme_ctrlr_hw_reset(ctrlr) != 0) {
1149 fail:
1150 		nvme_ctrlr_fail(ctrlr);
1151 		config_intrhook_disestablish(&ctrlr->config_hook);
1152 		return;
1153 	}
1154 
1155 #ifdef NVME_2X_RESET
1156 	/*
1157 	 * Reset controller twice to ensure we do a transition from cc.en==1 to
1158 	 * cc.en==0.  This is because we don't really know what status the
1159 	 * controller was left in when boot handed off to OS.  Linux doesn't do
1160 	 * this, however, and when the controller is in state cc.en == 0, no
1161 	 * I/O can happen.
1162 	 */
1163 	if (nvme_ctrlr_hw_reset(ctrlr) != 0)
1164 		goto fail;
1165 #endif
1166 
1167 	nvme_qpair_reset(&ctrlr->adminq);
1168 	nvme_admin_qpair_enable(&ctrlr->adminq);
1169 
1170 	if (nvme_ctrlr_identify(ctrlr) == 0 &&
1171 	    nvme_ctrlr_set_num_qpairs(ctrlr) == 0 &&
1172 	    nvme_ctrlr_construct_io_qpairs(ctrlr) == 0)
1173 		nvme_ctrlr_start(ctrlr, false);
1174 	else
1175 		goto fail;
1176 
1177 	nvme_sysctl_initialize_ctrlr(ctrlr);
1178 	config_intrhook_disestablish(&ctrlr->config_hook);
1179 
1180 	ctrlr->is_initialized = 1;
1181 	nvme_notify_new_controller(ctrlr);
1182 	TSEXIT();
1183 }
1184 
1185 static void
1186 nvme_ctrlr_reset_task(void *arg, int pending)
1187 {
1188 	struct nvme_controller	*ctrlr = arg;
1189 	int			status;
1190 
1191 	nvme_ctrlr_devctl_log(ctrlr, "RESET", "resetting controller");
1192 	status = nvme_ctrlr_hw_reset(ctrlr);
1193 	/*
1194 	 * Use pause instead of DELAY, so that we yield to any nvme interrupt
1195 	 *  handlers on this CPU that were blocked on a qpair lock. We want
1196 	 *  all nvme interrupts completed before proceeding with restarting the
1197 	 *  controller.
1198 	 *
1199 	 * XXX - any way to guarantee the interrupt handlers have quiesced?
1200 	 */
1201 	pause("nvmereset", hz / 10);
1202 	if (status == 0)
1203 		nvme_ctrlr_start(ctrlr, true);
1204 	else
1205 		nvme_ctrlr_fail(ctrlr);
1206 
1207 	atomic_cmpset_32(&ctrlr->is_resetting, 1, 0);
1208 }
1209 
1210 /*
1211  * Poll all the queues enabled on the device for completion.
1212  */
1213 void
1214 nvme_ctrlr_poll(struct nvme_controller *ctrlr)
1215 {
1216 	int i;
1217 
1218 	nvme_qpair_process_completions(&ctrlr->adminq);
1219 
1220 	for (i = 0; i < ctrlr->num_io_queues; i++)
1221 		if (ctrlr->ioq && ctrlr->ioq[i].cpl)
1222 			nvme_qpair_process_completions(&ctrlr->ioq[i]);
1223 }
1224 
1225 /*
1226  * Poll the single-vector interrupt case: num_io_queues will be 1 and
1227  * there's only a single vector. While we're polling, we mask further
1228  * interrupts in the controller.
1229  */
1230 void
1231 nvme_ctrlr_shared_handler(void *arg)
1232 {
1233 	struct nvme_controller *ctrlr = arg;
1234 
1235 	nvme_mmio_write_4(ctrlr, intms, 1);
1236 	nvme_ctrlr_poll(ctrlr);
1237 	nvme_mmio_write_4(ctrlr, intmc, 1);
1238 }
1239 
1240 static void
1241 nvme_pt_done(void *arg, const struct nvme_completion *cpl)
1242 {
1243 	struct nvme_pt_command *pt = arg;
1244 	struct mtx *mtx = pt->driver_lock;
1245 	uint16_t status;
1246 
1247 	bzero(&pt->cpl, sizeof(pt->cpl));
1248 	pt->cpl.cdw0 = cpl->cdw0;
1249 
1250 	status = cpl->status;
1251 	status &= ~NVME_STATUS_P_MASK;
1252 	pt->cpl.status = status;
1253 
1254 	mtx_lock(mtx);
1255 	pt->driver_lock = NULL;
1256 	wakeup(pt);
1257 	mtx_unlock(mtx);
1258 }
1259 
1260 int
1261 nvme_ctrlr_passthrough_cmd(struct nvme_controller *ctrlr,
1262     struct nvme_pt_command *pt, uint32_t nsid, int is_user_buffer,
1263     int is_admin_cmd)
1264 {
1265 	struct nvme_request	*req;
1266 	struct mtx		*mtx;
1267 	struct buf		*buf = NULL;
1268 	int			ret = 0;
1269 
1270 	if (pt->len > 0) {
1271 		if (pt->len > ctrlr->max_xfer_size) {
1272 			nvme_printf(ctrlr, "pt->len (%d) "
1273 			    "exceeds max_xfer_size (%d)\n", pt->len,
1274 			    ctrlr->max_xfer_size);
1275 			return EIO;
1276 		}
1277 		if (is_user_buffer) {
1278 			/*
1279 			 * Ensure the user buffer is wired for the duration of
1280 			 *  this pass-through command.
1281 			 */
1282 			PHOLD(curproc);
1283 			buf = uma_zalloc(pbuf_zone, M_WAITOK);
1284 			buf->b_iocmd = pt->is_read ? BIO_READ : BIO_WRITE;
1285 			if (vmapbuf(buf, pt->buf, pt->len, 1) < 0) {
1286 				ret = EFAULT;
1287 				goto err;
1288 			}
1289 			req = nvme_allocate_request_vaddr(buf->b_data, pt->len,
1290 			    nvme_pt_done, pt);
1291 		} else
1292 			req = nvme_allocate_request_vaddr(pt->buf, pt->len,
1293 			    nvme_pt_done, pt);
1294 	} else
1295 		req = nvme_allocate_request_null(nvme_pt_done, pt);
1296 
1297 	/* Assume user space already converted to little-endian */
1298 	req->cmd.opc = pt->cmd.opc;
1299 	req->cmd.fuse = pt->cmd.fuse;
1300 	req->cmd.rsvd2 = pt->cmd.rsvd2;
1301 	req->cmd.rsvd3 = pt->cmd.rsvd3;
1302 	req->cmd.cdw10 = pt->cmd.cdw10;
1303 	req->cmd.cdw11 = pt->cmd.cdw11;
1304 	req->cmd.cdw12 = pt->cmd.cdw12;
1305 	req->cmd.cdw13 = pt->cmd.cdw13;
1306 	req->cmd.cdw14 = pt->cmd.cdw14;
1307 	req->cmd.cdw15 = pt->cmd.cdw15;
1308 
1309 	req->cmd.nsid = htole32(nsid);
1310 
1311 	mtx = mtx_pool_find(mtxpool_sleep, pt);
1312 	pt->driver_lock = mtx;
1313 
1314 	if (is_admin_cmd)
1315 		nvme_ctrlr_submit_admin_request(ctrlr, req);
1316 	else
1317 		nvme_ctrlr_submit_io_request(ctrlr, req);
1318 
1319 	mtx_lock(mtx);
1320 	while (pt->driver_lock != NULL)
1321 		mtx_sleep(pt, mtx, PRIBIO, "nvme_pt", 0);
1322 	mtx_unlock(mtx);
1323 
1324 err:
1325 	if (buf != NULL) {
1326 		uma_zfree(pbuf_zone, buf);
1327 		PRELE(curproc);
1328 	}
1329 
1330 	return (ret);
1331 }
1332 
1333 static int
1334 nvme_ctrlr_ioctl(struct cdev *cdev, u_long cmd, caddr_t arg, int flag,
1335     struct thread *td)
1336 {
1337 	struct nvme_controller			*ctrlr;
1338 	struct nvme_pt_command			*pt;
1339 
1340 	ctrlr = cdev->si_drv1;
1341 
1342 	switch (cmd) {
1343 	case NVME_RESET_CONTROLLER:
1344 		nvme_ctrlr_reset(ctrlr);
1345 		break;
1346 	case NVME_PASSTHROUGH_CMD:
1347 		pt = (struct nvme_pt_command *)arg;
1348 		return (nvme_ctrlr_passthrough_cmd(ctrlr, pt, le32toh(pt->cmd.nsid),
1349 		    1 /* is_user_buffer */, 1 /* is_admin_cmd */));
1350 	case NVME_GET_NSID:
1351 	{
1352 		struct nvme_get_nsid *gnsid = (struct nvme_get_nsid *)arg;
1353 		strncpy(gnsid->cdev, device_get_nameunit(ctrlr->dev),
1354 		    sizeof(gnsid->cdev));
1355 		gnsid->cdev[sizeof(gnsid->cdev) - 1] = '\0';
1356 		gnsid->nsid = 0;
1357 		break;
1358 	}
1359 	case NVME_GET_MAX_XFER_SIZE:
1360 		*(uint64_t *)arg = ctrlr->max_xfer_size;
1361 		break;
1362 	default:
1363 		return (ENOTTY);
1364 	}
1365 
1366 	return (0);
1367 }
1368 
1369 static struct cdevsw nvme_ctrlr_cdevsw = {
1370 	.d_version =	D_VERSION,
1371 	.d_flags =	0,
1372 	.d_ioctl =	nvme_ctrlr_ioctl
1373 };
1374 
1375 int
1376 nvme_ctrlr_construct(struct nvme_controller *ctrlr, device_t dev)
1377 {
1378 	struct make_dev_args	md_args;
1379 	uint32_t	cap_lo;
1380 	uint32_t	cap_hi;
1381 	uint32_t	to, vs, pmrcap;
1382 	uint8_t		mpsmin;
1383 	int		status, timeout_period;
1384 
1385 	ctrlr->dev = dev;
1386 
1387 	mtx_init(&ctrlr->lock, "nvme ctrlr lock", NULL, MTX_DEF);
1388 	if (bus_get_domain(dev, &ctrlr->domain) != 0)
1389 		ctrlr->domain = 0;
1390 
1391 	cap_lo = nvme_mmio_read_4(ctrlr, cap_lo);
1392 	if (bootverbose) {
1393 		device_printf(dev, "CapLo: 0x%08x: MQES %u%s%s%s%s, TO %u\n",
1394 		    cap_lo, NVME_CAP_LO_MQES(cap_lo),
1395 		    NVME_CAP_LO_CQR(cap_lo) ? ", CQR" : "",
1396 		    NVME_CAP_LO_AMS(cap_lo) ? ", AMS" : "",
1397 		    (NVME_CAP_LO_AMS(cap_lo) & 0x1) ? " WRRwUPC" : "",
1398 		    (NVME_CAP_LO_AMS(cap_lo) & 0x2) ? " VS" : "",
1399 		    NVME_CAP_LO_TO(cap_lo));
1400 	}
1401 	cap_hi = nvme_mmio_read_4(ctrlr, cap_hi);
1402 	if (bootverbose) {
1403 		device_printf(dev, "CapHi: 0x%08x: DSTRD %u%s, CSS %x%s, "
1404 		    "MPSMIN %u, MPSMAX %u%s%s\n", cap_hi,
1405 		    NVME_CAP_HI_DSTRD(cap_hi),
1406 		    NVME_CAP_HI_NSSRS(cap_hi) ? ", NSSRS" : "",
1407 		    NVME_CAP_HI_CSS(cap_hi),
1408 		    NVME_CAP_HI_BPS(cap_hi) ? ", BPS" : "",
1409 		    NVME_CAP_HI_MPSMIN(cap_hi),
1410 		    NVME_CAP_HI_MPSMAX(cap_hi),
1411 		    NVME_CAP_HI_PMRS(cap_hi) ? ", PMRS" : "",
1412 		    NVME_CAP_HI_CMBS(cap_hi) ? ", CMBS" : "");
1413 	}
1414 	if (bootverbose) {
1415 		vs = nvme_mmio_read_4(ctrlr, vs);
1416 		device_printf(dev, "Version: 0x%08x: %d.%d\n", vs,
1417 		    NVME_MAJOR(vs), NVME_MINOR(vs));
1418 	}
1419 	if (bootverbose && NVME_CAP_HI_PMRS(cap_hi)) {
1420 		pmrcap = nvme_mmio_read_4(ctrlr, pmrcap);
1421 		device_printf(dev, "PMRCap: 0x%08x: BIR %u%s%s, PMRTU %u, "
1422 		    "PMRWBM %x, PMRTO %u%s\n", pmrcap,
1423 		    NVME_PMRCAP_BIR(pmrcap),
1424 		    NVME_PMRCAP_RDS(pmrcap) ? ", RDS" : "",
1425 		    NVME_PMRCAP_WDS(pmrcap) ? ", WDS" : "",
1426 		    NVME_PMRCAP_PMRTU(pmrcap),
1427 		    NVME_PMRCAP_PMRWBM(pmrcap),
1428 		    NVME_PMRCAP_PMRTO(pmrcap),
1429 		    NVME_PMRCAP_CMSS(pmrcap) ? ", CMSS" : "");
1430 	}
1431 
1432 	ctrlr->dstrd = NVME_CAP_HI_DSTRD(cap_hi) + 2;
1433 
1434 	mpsmin = NVME_CAP_HI_MPSMIN(cap_hi);
1435 	ctrlr->min_page_size = 1 << (12 + mpsmin);
1436 
1437 	/* Get ready timeout value from controller, in units of 500ms. */
1438 	to = NVME_CAP_LO_TO(cap_lo) + 1;
1439 	ctrlr->ready_timeout_in_ms = to * 500;
1440 
1441 	timeout_period = NVME_DEFAULT_TIMEOUT_PERIOD;
1442 	TUNABLE_INT_FETCH("hw.nvme.timeout_period", &timeout_period);
1443 	timeout_period = min(timeout_period, NVME_MAX_TIMEOUT_PERIOD);
1444 	timeout_period = max(timeout_period, NVME_MIN_TIMEOUT_PERIOD);
1445 	ctrlr->timeout_period = timeout_period;
1446 
1447 	nvme_retry_count = NVME_DEFAULT_RETRY_COUNT;
1448 	TUNABLE_INT_FETCH("hw.nvme.retry_count", &nvme_retry_count);
1449 
1450 	ctrlr->enable_aborts = 0;
1451 	TUNABLE_INT_FETCH("hw.nvme.enable_aborts", &ctrlr->enable_aborts);
1452 
1453 	ctrlr->max_xfer_size = NVME_MAX_XFER_SIZE;
1454 	if (nvme_ctrlr_construct_admin_qpair(ctrlr) != 0)
1455 		return (ENXIO);
1456 
1457 	/*
1458 	 * Create 2 threads for the taskqueue. The reset thread will block when
1459 	 * it detects that the controller has failed until all I/O has been
1460 	 * failed up the stack. The fail_req task needs to be able to run in
1461 	 * this case to finish the request failure for some cases.
1462 	 *
1463 	 * We could partially solve this race by draining the failed requeust
1464 	 * queue before proceding to free the sim, though nothing would stop
1465 	 * new I/O from coming in after we do that drain, but before we reach
1466 	 * cam_sim_free, so this big hammer is used instead.
1467 	 */
1468 	ctrlr->taskqueue = taskqueue_create("nvme_taskq", M_WAITOK,
1469 	    taskqueue_thread_enqueue, &ctrlr->taskqueue);
1470 	taskqueue_start_threads(&ctrlr->taskqueue, 2, PI_DISK, "nvme taskq");
1471 
1472 	ctrlr->is_resetting = 0;
1473 	ctrlr->is_initialized = 0;
1474 	ctrlr->notification_sent = 0;
1475 	TASK_INIT(&ctrlr->reset_task, 0, nvme_ctrlr_reset_task, ctrlr);
1476 	TASK_INIT(&ctrlr->fail_req_task, 0, nvme_ctrlr_fail_req_task, ctrlr);
1477 	STAILQ_INIT(&ctrlr->fail_req);
1478 	ctrlr->is_failed = false;
1479 
1480 	make_dev_args_init(&md_args);
1481 	md_args.mda_devsw = &nvme_ctrlr_cdevsw;
1482 	md_args.mda_uid = UID_ROOT;
1483 	md_args.mda_gid = GID_WHEEL;
1484 	md_args.mda_mode = 0600;
1485 	md_args.mda_unit = device_get_unit(dev);
1486 	md_args.mda_si_drv1 = (void *)ctrlr;
1487 	status = make_dev_s(&md_args, &ctrlr->cdev, "nvme%d",
1488 	    device_get_unit(dev));
1489 	if (status != 0)
1490 		return (ENXIO);
1491 
1492 	return (0);
1493 }
1494 
1495 void
1496 nvme_ctrlr_destruct(struct nvme_controller *ctrlr, device_t dev)
1497 {
1498 	int	gone, i;
1499 
1500 	ctrlr->is_dying = true;
1501 
1502 	if (ctrlr->resource == NULL)
1503 		goto nores;
1504 	if (!mtx_initialized(&ctrlr->adminq.lock))
1505 		goto noadminq;
1506 
1507 	/*
1508 	 * Check whether it is a hot unplug or a clean driver detach.
1509 	 * If device is not there any more, skip any shutdown commands.
1510 	 */
1511 	gone = (nvme_mmio_read_4(ctrlr, csts) == NVME_GONE);
1512 	if (gone)
1513 		nvme_ctrlr_fail(ctrlr);
1514 	else
1515 		nvme_notify_fail_consumers(ctrlr);
1516 
1517 	for (i = 0; i < NVME_MAX_NAMESPACES; i++)
1518 		nvme_ns_destruct(&ctrlr->ns[i]);
1519 
1520 	if (ctrlr->cdev)
1521 		destroy_dev(ctrlr->cdev);
1522 
1523 	if (ctrlr->is_initialized) {
1524 		if (!gone) {
1525 			if (ctrlr->hmb_nchunks > 0)
1526 				nvme_ctrlr_hmb_enable(ctrlr, false, false);
1527 			nvme_ctrlr_delete_qpairs(ctrlr);
1528 		}
1529 		nvme_ctrlr_hmb_free(ctrlr);
1530 	}
1531 	if (ctrlr->ioq != NULL) {
1532 		for (i = 0; i < ctrlr->num_io_queues; i++)
1533 			nvme_io_qpair_destroy(&ctrlr->ioq[i]);
1534 		free(ctrlr->ioq, M_NVME);
1535 	}
1536 	nvme_admin_qpair_destroy(&ctrlr->adminq);
1537 
1538 	/*
1539 	 *  Notify the controller of a shutdown, even though this is due to
1540 	 *   a driver unload, not a system shutdown (this path is not invoked
1541 	 *   during shutdown).  This ensures the controller receives a
1542 	 *   shutdown notification in case the system is shutdown before
1543 	 *   reloading the driver.
1544 	 */
1545 	if (!gone)
1546 		nvme_ctrlr_shutdown(ctrlr);
1547 
1548 	if (!gone)
1549 		nvme_ctrlr_disable(ctrlr);
1550 
1551 noadminq:
1552 	if (ctrlr->taskqueue)
1553 		taskqueue_free(ctrlr->taskqueue);
1554 
1555 	if (ctrlr->tag)
1556 		bus_teardown_intr(ctrlr->dev, ctrlr->res, ctrlr->tag);
1557 
1558 	if (ctrlr->res)
1559 		bus_release_resource(ctrlr->dev, SYS_RES_IRQ,
1560 		    rman_get_rid(ctrlr->res), ctrlr->res);
1561 
1562 	if (ctrlr->bar4_resource != NULL) {
1563 		bus_release_resource(dev, SYS_RES_MEMORY,
1564 		    ctrlr->bar4_resource_id, ctrlr->bar4_resource);
1565 	}
1566 
1567 	bus_release_resource(dev, SYS_RES_MEMORY,
1568 	    ctrlr->resource_id, ctrlr->resource);
1569 
1570 nores:
1571 	mtx_destroy(&ctrlr->lock);
1572 }
1573 
1574 void
1575 nvme_ctrlr_shutdown(struct nvme_controller *ctrlr)
1576 {
1577 	uint32_t	cc;
1578 	uint32_t	csts;
1579 	int		timeout;
1580 
1581 	cc = nvme_mmio_read_4(ctrlr, cc);
1582 	cc &= ~(NVME_CC_REG_SHN_MASK << NVME_CC_REG_SHN_SHIFT);
1583 	cc |= NVME_SHN_NORMAL << NVME_CC_REG_SHN_SHIFT;
1584 	nvme_mmio_write_4(ctrlr, cc, cc);
1585 
1586 	timeout = ticks + (ctrlr->cdata.rtd3e == 0 ? 5 * hz :
1587 	    ((uint64_t)ctrlr->cdata.rtd3e * hz + 999999) / 1000000);
1588 	while (1) {
1589 		csts = nvme_mmio_read_4(ctrlr, csts);
1590 		if (csts == NVME_GONE)		/* Hot unplug. */
1591 			break;
1592 		if (NVME_CSTS_GET_SHST(csts) == NVME_SHST_COMPLETE)
1593 			break;
1594 		if (timeout - ticks < 0) {
1595 			nvme_printf(ctrlr, "shutdown timeout\n");
1596 			break;
1597 		}
1598 		pause("nvmeshut", 1);
1599 	}
1600 }
1601 
1602 void
1603 nvme_ctrlr_submit_admin_request(struct nvme_controller *ctrlr,
1604     struct nvme_request *req)
1605 {
1606 
1607 	nvme_qpair_submit_request(&ctrlr->adminq, req);
1608 }
1609 
1610 void
1611 nvme_ctrlr_submit_io_request(struct nvme_controller *ctrlr,
1612     struct nvme_request *req)
1613 {
1614 	struct nvme_qpair       *qpair;
1615 
1616 	qpair = &ctrlr->ioq[QP(ctrlr, curcpu)];
1617 	nvme_qpair_submit_request(qpair, req);
1618 }
1619 
1620 device_t
1621 nvme_ctrlr_get_device(struct nvme_controller *ctrlr)
1622 {
1623 
1624 	return (ctrlr->dev);
1625 }
1626 
1627 const struct nvme_controller_data *
1628 nvme_ctrlr_get_data(struct nvme_controller *ctrlr)
1629 {
1630 
1631 	return (&ctrlr->cdata);
1632 }
1633 
1634 int
1635 nvme_ctrlr_suspend(struct nvme_controller *ctrlr)
1636 {
1637 	int to = hz;
1638 
1639 	/*
1640 	 * Can't touch failed controllers, so it's already suspended.
1641 	 */
1642 	if (ctrlr->is_failed)
1643 		return (0);
1644 
1645 	/*
1646 	 * We don't want the reset taskqueue running, since it does similar
1647 	 * things, so prevent it from running after we start. Wait for any reset
1648 	 * that may have been started to complete. The reset process we follow
1649 	 * will ensure that any new I/O will queue and be given to the hardware
1650 	 * after we resume (though there should be none).
1651 	 */
1652 	while (atomic_cmpset_32(&ctrlr->is_resetting, 0, 1) == 0 && to-- > 0)
1653 		pause("nvmesusp", 1);
1654 	if (to <= 0) {
1655 		nvme_printf(ctrlr,
1656 		    "Competing reset task didn't finish. Try again later.\n");
1657 		return (EWOULDBLOCK);
1658 	}
1659 
1660 	if (ctrlr->hmb_nchunks > 0)
1661 		nvme_ctrlr_hmb_enable(ctrlr, false, false);
1662 
1663 	/*
1664 	 * Per Section 7.6.2 of NVMe spec 1.4, to properly suspend, we need to
1665 	 * delete the hardware I/O queues, and then shutdown. This properly
1666 	 * flushes any metadata the drive may have stored so it can survive
1667 	 * having its power removed and prevents the unsafe shutdown count from
1668 	 * incriminating. Once we delete the qpairs, we have to disable them
1669 	 * before shutting down.
1670 	 */
1671 	nvme_ctrlr_delete_qpairs(ctrlr);
1672 	nvme_ctrlr_disable_qpairs(ctrlr);
1673 	nvme_ctrlr_shutdown(ctrlr);
1674 
1675 	return (0);
1676 }
1677 
1678 int
1679 nvme_ctrlr_resume(struct nvme_controller *ctrlr)
1680 {
1681 
1682 	/*
1683 	 * Can't touch failed controllers, so nothing to do to resume.
1684 	 */
1685 	if (ctrlr->is_failed)
1686 		return (0);
1687 
1688 	if (nvme_ctrlr_hw_reset(ctrlr) != 0)
1689 		goto fail;
1690 #ifdef NVME_2X_RESET
1691 	/*
1692 	 * Prior to FreeBSD 13.1, FreeBSD's nvme driver reset the hardware twice
1693 	 * to get it into a known good state. However, the hardware's state is
1694 	 * good and we don't need to do this for proper functioning.
1695 	 */
1696 	if (nvme_ctrlr_hw_reset(ctrlr) != 0)
1697 		goto fail;
1698 #endif
1699 
1700 	/*
1701 	 * Now that we've reset the hardware, we can restart the controller. Any
1702 	 * I/O that was pending is requeued. Any admin commands are aborted with
1703 	 * an error. Once we've restarted, take the controller out of reset.
1704 	 */
1705 	nvme_ctrlr_start(ctrlr, true);
1706 	(void)atomic_cmpset_32(&ctrlr->is_resetting, 1, 0);
1707 
1708 	return (0);
1709 fail:
1710 	/*
1711 	 * Since we can't bring the controller out of reset, announce and fail
1712 	 * the controller. However, we have to return success for the resume
1713 	 * itself, due to questionable APIs.
1714 	 */
1715 	nvme_printf(ctrlr, "Failed to reset on resume, failing.\n");
1716 	nvme_ctrlr_fail(ctrlr);
1717 	(void)atomic_cmpset_32(&ctrlr->is_resetting, 1, 0);
1718 	return (0);
1719 }
1720