1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * RDMA channel interface for Solaris SCSI RDMA Protocol Target (SRP) 29 * transport port provider module for the COMSTAR framework. 30 */ 31 32 #include <sys/cpuvar.h> 33 #include <sys/types.h> 34 #include <sys/conf.h> 35 #include <sys/stat.h> 36 #include <sys/file.h> 37 #include <sys/ddi.h> 38 #include <sys/sunddi.h> 39 #include <sys/modctl.h> 40 #include <sys/sysmacros.h> 41 #include <sys/sdt.h> 42 #include <sys/taskq.h> 43 #include <sys/scsi/scsi.h> 44 #include <sys/ib/ibtl/ibti.h> 45 46 #include <stmf.h> 47 #include <stmf_ioctl.h> 48 #include <portif.h> 49 50 #include "srp.h" 51 #include "srpt_impl.h" 52 #include "srpt_ioc.h" 53 #include "srpt_stp.h" 54 #include "srpt_ch.h" 55 56 extern srpt_ctxt_t *srpt_ctxt; 57 extern uint16_t srpt_send_msg_depth; 58 59 /* 60 * Prototypes. 61 */ 62 static void srpt_ch_scq_hdlr(ibt_cq_hdl_t cq_dhl, void *arg); 63 static void srpt_ch_rcq_hdlr(ibt_cq_hdl_t cq_dhl, void *arg); 64 static void srpt_ch_process_iu(srpt_channel_t *ch, srpt_iu_t *iu); 65 66 /* 67 * srpt_ch_alloc() 68 */ 69 srpt_channel_t * 70 srpt_ch_alloc(srpt_target_port_t *tgt, uint8_t port) 71 { 72 ibt_status_t status; 73 srpt_channel_t *ch; 74 ibt_cq_attr_t cq_attr; 75 ibt_rc_chan_alloc_args_t ch_args; 76 uint32_t cq_real_size; 77 srpt_ioc_t *ioc; 78 79 ASSERT(tgt != NULL); 80 ioc = tgt->tp_ioc; 81 ASSERT(ioc != NULL); 82 83 ch = kmem_zalloc(sizeof (*ch), KM_SLEEP); 84 rw_init(&ch->ch_rwlock, NULL, RW_DRIVER, NULL); 85 mutex_init(&ch->ch_reflock, NULL, MUTEX_DRIVER, NULL); 86 cv_init(&ch->ch_cv_complete, NULL, CV_DRIVER, NULL); 87 ch->ch_refcnt = 1; 88 ch->ch_cv_waiters = 0; 89 90 ch->ch_state = SRPT_CHANNEL_CONNECTING; 91 ch->ch_tgt = tgt; 92 ch->ch_req_lim_delta = 0; 93 ch->ch_ti_iu_len = 0; 94 95 cq_attr.cq_size = srpt_send_msg_depth * 2; 96 cq_attr.cq_sched = 0; 97 cq_attr.cq_flags = IBT_CQ_NO_FLAGS; 98 99 status = ibt_alloc_cq(ioc->ioc_ibt_hdl, &cq_attr, &ch->ch_scq_hdl, 100 &cq_real_size); 101 if (status != IBT_SUCCESS) { 102 SRPT_DPRINTF_L1("ch_alloc, send CQ alloc error (%d)", 103 status); 104 goto scq_alloc_err; 105 } 106 107 cq_attr.cq_size = srpt_send_msg_depth + 1; 108 cq_attr.cq_sched = 0; 109 cq_attr.cq_flags = IBT_CQ_NO_FLAGS; 110 111 status = ibt_alloc_cq(ioc->ioc_ibt_hdl, &cq_attr, &ch->ch_rcq_hdl, 112 &cq_real_size); 113 if (status != IBT_SUCCESS) { 114 SRPT_DPRINTF_L2("ch_alloc, receive CQ alloc error (%d)", 115 status); 116 goto rcq_alloc_err; 117 } 118 119 ibt_set_cq_handler(ch->ch_scq_hdl, srpt_ch_scq_hdlr, ch); 120 ibt_set_cq_handler(ch->ch_rcq_hdl, srpt_ch_rcq_hdlr, ch); 121 ibt_enable_cq_notify(ch->ch_scq_hdl, IBT_NEXT_COMPLETION); 122 ibt_enable_cq_notify(ch->ch_rcq_hdl, IBT_NEXT_COMPLETION); 123 124 ch_args.rc_flags = IBT_WR_SIGNALED; 125 126 /* Maker certain initiator can not read/write our memory */ 127 ch_args.rc_control = 0; 128 129 ch_args.rc_hca_port_num = port; 130 131 /* 132 * Any SRP IU can result in a number of STMF data buffer transfers 133 * and those transfers themselves could span multiple initiator 134 * buffers. Therefore, the number of send WQE's actually required 135 * can vary. Here we assume that on average an I/O will require 136 * no more than SRPT_MAX_OUT_IO_PER_CMD send WQE's. In practice 137 * this will prevent send work queue overrun, but we will also 138 * inform STMF to throttle I/O should the work queue become full. 139 * 140 * If the HCA tells us the max outstanding WRs for a channel is 141 * lower than our default, use the HCA value. 142 */ 143 ch_args.rc_sizes.cs_sq = min(ioc->ioc_attr.hca_max_chan_sz, 144 (srpt_send_msg_depth * SRPT_MAX_OUT_IO_PER_CMD)); 145 ch_args.rc_sizes.cs_rq = 0; 146 ch_args.rc_sizes.cs_sq_sgl = 2; 147 ch_args.rc_sizes.cs_rq_sgl = 0; 148 149 ch_args.rc_scq = ch->ch_scq_hdl; 150 ch_args.rc_rcq = ch->ch_rcq_hdl; 151 ch_args.rc_pd = ioc->ioc_pd_hdl; 152 ch_args.rc_clone_chan = NULL; 153 ch_args.rc_srq = ioc->ioc_srq_hdl; 154 155 status = ibt_alloc_rc_channel(ioc->ioc_ibt_hdl, IBT_ACHAN_USES_SRQ, 156 &ch_args, &ch->ch_chan_hdl, &ch->ch_sizes); 157 if (status != IBT_SUCCESS) { 158 SRPT_DPRINTF_L2("ch_alloc, IBT channel alloc error (%d)", 159 status); 160 goto qp_alloc_err; 161 } 162 163 /* 164 * Create pool of send WQE entries to map send wqe work IDs 165 * to various types (specifically in error cases where OP 166 * is not known). 167 */ 168 ch->ch_num_swqe = ch->ch_sizes.cs_sq; 169 SRPT_DPRINTF_L2("ch_alloc, number of SWQEs = %u", ch->ch_num_swqe); 170 ch->ch_swqe = kmem_zalloc(sizeof (srpt_swqe_t) * ch->ch_num_swqe, 171 KM_SLEEP); 172 if (ch->ch_swqe == NULL) { 173 SRPT_DPRINTF_L2("ch_alloc, SWQE alloc error"); 174 ibt_free_channel(ch->ch_chan_hdl); 175 goto qp_alloc_err; 176 } 177 mutex_init(&ch->ch_swqe_lock, NULL, MUTEX_DRIVER, NULL); 178 ch->ch_head = 1; 179 for (ch->ch_tail = 1; ch->ch_tail < ch->ch_num_swqe -1; ch->ch_tail++) { 180 ch->ch_swqe[ch->ch_tail].sw_next = ch->ch_tail + 1; 181 } 182 ch->ch_swqe[ch->ch_tail].sw_next = 0; 183 184 ibt_set_chan_private(ch->ch_chan_hdl, ch); 185 return (ch); 186 187 qp_alloc_err: 188 ibt_free_cq(ch->ch_rcq_hdl); 189 190 rcq_alloc_err: 191 ibt_free_cq(ch->ch_scq_hdl); 192 193 scq_alloc_err: 194 cv_destroy(&ch->ch_cv_complete); 195 mutex_destroy(&ch->ch_reflock); 196 rw_destroy(&ch->ch_rwlock); 197 kmem_free(ch, sizeof (*ch)); 198 199 return (NULL); 200 } 201 202 /* 203 * srpt_ch_add_ref() 204 */ 205 void 206 srpt_ch_add_ref(srpt_channel_t *ch) 207 { 208 mutex_enter(&ch->ch_reflock); 209 ch->ch_refcnt++; 210 SRPT_DPRINTF_L4("ch_add_ref, ch (%p), refcnt (%d)", 211 (void *)ch, ch->ch_refcnt); 212 ASSERT(ch->ch_refcnt != 0); 213 mutex_exit(&ch->ch_reflock); 214 } 215 216 /* 217 * srpt_ch_release_ref() 218 * 219 * A non-zero value for wait causes thread to block until all references 220 * to channel are released. 221 */ 222 void 223 srpt_ch_release_ref(srpt_channel_t *ch, uint_t wait) 224 { 225 mutex_enter(&ch->ch_reflock); 226 227 SRPT_DPRINTF_L4("ch_release_ref, ch (%p), refcnt (%d), wait (%d)", 228 (void *)ch, ch->ch_refcnt, wait); 229 230 ASSERT(ch->ch_refcnt != 0); 231 232 ch->ch_refcnt--; 233 234 if (ch->ch_refcnt != 0) { 235 if (wait) { 236 ch->ch_cv_waiters++; 237 while (ch->ch_refcnt != 0) { 238 cv_wait(&ch->ch_cv_complete, &ch->ch_reflock); 239 } 240 ch->ch_cv_waiters--; 241 } else { 242 mutex_exit(&ch->ch_reflock); 243 return; 244 } 245 } 246 247 /* 248 * Last thread out frees the IB resources, locks/conditions and memory 249 */ 250 if (ch->ch_cv_waiters > 0) { 251 /* we're not last, wake someone else up */ 252 cv_signal(&ch->ch_cv_complete); 253 mutex_exit(&ch->ch_reflock); 254 return; 255 } 256 257 SRPT_DPRINTF_L3("ch_release_ref - release resources"); 258 if (ch->ch_chan_hdl) { 259 SRPT_DPRINTF_L3("ch_release_ref - free channel"); 260 ibt_free_channel(ch->ch_chan_hdl); 261 } 262 263 if (ch->ch_scq_hdl) { 264 ibt_free_cq(ch->ch_scq_hdl); 265 } 266 267 if (ch->ch_rcq_hdl) { 268 ibt_free_cq(ch->ch_rcq_hdl); 269 } 270 271 /* 272 * There should be no IU's associated with this 273 * channel on the SCSI session. 274 */ 275 if (ch->ch_session != NULL) { 276 ASSERT(list_is_empty(&ch->ch_session->ss_task_list)); 277 278 /* 279 * Currently only have one channel per session, we will 280 * need to release a reference when support is added 281 * for multi-channel target login. 282 */ 283 srpt_stp_free_session(ch->ch_session); 284 ch->ch_session = NULL; 285 } 286 287 kmem_free(ch->ch_swqe, sizeof (srpt_swqe_t) * ch->ch_num_swqe); 288 mutex_destroy(&ch->ch_swqe_lock); 289 mutex_exit(&ch->ch_reflock); 290 mutex_destroy(&ch->ch_reflock); 291 rw_destroy(&ch->ch_rwlock); 292 kmem_free(ch, sizeof (srpt_channel_t)); 293 } 294 295 /* 296 * srpt_ch_disconnect() 297 */ 298 void 299 srpt_ch_disconnect(srpt_channel_t *ch) 300 { 301 ibt_status_t status; 302 303 SRPT_DPRINTF_L3("ch_disconnect, invoked for ch (%p)", 304 (void *)ch); 305 306 rw_enter(&ch->ch_rwlock, RW_WRITER); 307 308 /* 309 * If we are already in the process of disconnecting then 310 * nothing need be done, CM will call-back into us when done. 311 */ 312 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 313 SRPT_DPRINTF_L2("ch_disconnect, called when" 314 " disconnect in progress"); 315 rw_exit(&ch->ch_rwlock); 316 return; 317 } 318 ch->ch_state = SRPT_CHANNEL_DISCONNECTING; 319 rw_exit(&ch->ch_rwlock); 320 321 /* 322 * Initiate the sending of the CM DREQ message, the private data 323 * should be the SRP Target logout IU. We don't really care about 324 * the remote CM DREP message returned. We issue this in an 325 * asynchronous manner and will cleanup when called back by CM. 326 */ 327 status = ibt_close_rc_channel(ch->ch_chan_hdl, IBT_NONBLOCKING, 328 NULL, 0, NULL, NULL, 0); 329 330 if (status != IBT_SUCCESS) { 331 SRPT_DPRINTF_L2("ch_disconnect, close RC channel" 332 " err(%d)", status); 333 } 334 } 335 336 /* 337 * srpt_ch_cleanup() 338 */ 339 void 340 srpt_ch_cleanup(srpt_channel_t *ch) 341 { 342 srpt_iu_t *iu; 343 srpt_iu_t *next; 344 ibt_wc_t wc; 345 srpt_target_port_t *tgt; 346 srpt_channel_t *tgt_ch; 347 scsi_task_t *iutask; 348 349 SRPT_DPRINTF_L3("ch_cleanup, invoked for ch(%p), state(%d)", 350 (void *)ch, ch->ch_state); 351 352 /* add a ref for the channel until we're done */ 353 srpt_ch_add_ref(ch); 354 355 tgt = ch->ch_tgt; 356 ASSERT(tgt != NULL); 357 358 /* 359 * Make certain the channel is in the target ports list of 360 * known channels and remove it (releasing the target 361 * ports reference to the channel). 362 */ 363 mutex_enter(&tgt->tp_ch_list_lock); 364 tgt_ch = list_head(&tgt->tp_ch_list); 365 while (tgt_ch != NULL) { 366 if (tgt_ch == ch) { 367 list_remove(&tgt->tp_ch_list, tgt_ch); 368 srpt_ch_release_ref(tgt_ch, 0); 369 break; 370 } 371 tgt_ch = list_next(&tgt->tp_ch_list, tgt_ch); 372 } 373 mutex_exit(&tgt->tp_ch_list_lock); 374 375 if (tgt_ch == NULL) { 376 SRPT_DPRINTF_L2("ch_cleanup, target channel no" 377 "longer known to target"); 378 srpt_ch_release_ref(ch, 0); 379 return; 380 } 381 382 rw_enter(&ch->ch_rwlock, RW_WRITER); 383 ch->ch_state = SRPT_CHANNEL_DISCONNECTING; 384 rw_exit(&ch->ch_rwlock); 385 386 387 /* 388 * Generally the IB CQ's will have been drained prior to 389 * getting to this call; but we check here to make certain. 390 */ 391 if (ch->ch_scq_hdl) { 392 SRPT_DPRINTF_L4("ch_cleanup, start drain (%d)", 393 ch->ch_swqe_posted); 394 while ((int)ch->ch_swqe_posted > 0) { 395 delay(drv_usectohz(1000)); 396 } 397 ibt_set_cq_handler(ch->ch_scq_hdl, NULL, NULL); 398 } 399 400 if (ch->ch_rcq_hdl) { 401 ibt_set_cq_handler(ch->ch_rcq_hdl, NULL, NULL); 402 403 while (ibt_poll_cq(ch->ch_rcq_hdl, &wc, 1, NULL) == 404 IBT_SUCCESS) { 405 iu = (srpt_iu_t *)(uintptr_t)wc.wc_id; 406 SRPT_DPRINTF_L4("ch_cleanup, recovering" 407 " outstanding RX iu(%p)", (void *)iu); 408 mutex_enter(&iu->iu_lock); 409 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 410 /* 411 * Channel reference has not yet been added for this 412 * IU, so do not decrement. 413 */ 414 mutex_exit(&iu->iu_lock); 415 } 416 } 417 418 /* 419 * Go through the list of outstanding IU for the channel's SCSI 420 * session and for each either abort or complete an abort. 421 */ 422 rw_enter(&ch->ch_rwlock, RW_READER); 423 if (ch->ch_session != NULL) { 424 rw_enter(&ch->ch_session->ss_rwlock, RW_READER); 425 iu = list_head(&ch->ch_session->ss_task_list); 426 while (iu != NULL) { 427 next = list_next(&ch->ch_session->ss_task_list, iu); 428 429 mutex_enter(&iu->iu_lock); 430 if (ch == iu->iu_ch) { 431 if (iu->iu_stmf_task == NULL) { 432 cmn_err(CE_NOTE, 433 "ch_cleanup, NULL stmf task"); 434 ASSERT(0); 435 } 436 iutask = iu->iu_stmf_task; 437 } else { 438 iutask = NULL; 439 } 440 mutex_exit(&iu->iu_lock); 441 442 if (iutask != NULL) { 443 SRPT_DPRINTF_L4("ch_cleanup, aborting " 444 "task(%p)", (void *)iutask); 445 stmf_abort(STMF_QUEUE_TASK_ABORT, iutask, 446 STMF_ABORTED, NULL); 447 } 448 iu = next; 449 } 450 rw_exit(&ch->ch_session->ss_rwlock); 451 } 452 rw_exit(&ch->ch_rwlock); 453 454 srpt_ch_release_ref(ch, 0); 455 } 456 457 /* 458 * srpt_ch_rsp_comp() 459 * 460 * Process a completion for an IB SEND message. A SEND completion 461 * is for a SRP response packet sent back to the initiator. It 462 * will not have a STMF SCSI task associated with it if it was 463 * sent for a rejected IU, or was a task management abort response. 464 */ 465 static void 466 srpt_ch_rsp_comp(srpt_channel_t *ch, srpt_iu_t *iu, 467 ibt_wc_status_t wc_status) 468 { 469 ASSERT(iu->iu_ch == ch); 470 471 /* 472 * If work completion indicates failure, decrement the 473 * send posted count. If it is a flush error, we are 474 * done; for all other errors start a channel disconnect. 475 */ 476 if (wc_status != IBT_SUCCESS) { 477 SRPT_DPRINTF_L2("ch_rsp_comp, WC status err(%d)", 478 wc_status); 479 atomic_dec_32(&iu->iu_sq_posted_cnt); 480 481 if (wc_status != IBT_WC_WR_FLUSHED_ERR) { 482 srpt_ch_disconnect(ch); 483 } 484 485 mutex_enter(&iu->iu_lock); 486 if (iu->iu_stmf_task == NULL) { 487 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 488 mutex_exit(&iu->iu_lock); 489 srpt_ch_release_ref(ch, 0); 490 } else { 491 /* cleanup handled in task_free */ 492 mutex_exit(&iu->iu_lock); 493 } 494 return; 495 } 496 497 /* 498 * If the IU response completion is not associated with 499 * with a SCSI task, release the IU to return the resource 500 * and the reference to the channel it holds. 501 */ 502 mutex_enter(&iu->iu_lock); 503 atomic_dec_32(&iu->iu_sq_posted_cnt); 504 505 if (iu->iu_stmf_task == NULL) { 506 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 507 mutex_exit(&iu->iu_lock); 508 srpt_ch_release_ref(ch, 0); 509 return; 510 } 511 512 /* 513 * If STMF has requested the IU task be aborted, then notify STMF 514 * the command is now aborted. 515 */ 516 if ((iu->iu_flags & SRPT_IU_STMF_ABORTING) != 0) { 517 scsi_task_t *abort_task = iu->iu_stmf_task; 518 519 mutex_exit(&iu->iu_lock); 520 stmf_abort(STMF_REQUEUE_TASK_ABORT_LPORT, abort_task, 521 STMF_ABORTED, NULL); 522 return; 523 } 524 525 /* 526 * We should not get a SEND completion where the task has already 527 * completed aborting and STMF has been informed. 528 */ 529 ASSERT((iu->iu_flags & SRPT_IU_ABORTED) == 0); 530 531 /* 532 * Successful status response completion for SCSI task. 533 * Let STMF know we are done. 534 */ 535 mutex_exit(&iu->iu_lock); 536 537 stmf_send_status_done(iu->iu_stmf_task, STMF_SUCCESS, 538 STMF_IOF_LPORT_DONE); 539 } 540 541 /* 542 * srpt_ch_data_comp() 543 * 544 * Process an IB completion for a RDMA operation. This completion 545 * should be associated with the last RDMA operation for any 546 * data buffer transfer. 547 */ 548 static void 549 srpt_ch_data_comp(srpt_channel_t *ch, stmf_data_buf_t *stmf_dbuf, 550 ibt_wc_status_t wc_status) 551 { 552 srpt_ds_dbuf_t *dbuf; 553 srpt_iu_t *iu; 554 stmf_status_t status; 555 556 ASSERT(stmf_dbuf != NULL); 557 558 dbuf = (srpt_ds_dbuf_t *)stmf_dbuf->db_port_private; 559 560 ASSERT(dbuf != NULL); 561 562 iu = dbuf->db_iu; 563 564 ASSERT(iu != NULL); 565 ASSERT(iu->iu_ch == ch); 566 567 /* 568 * If work completion indicates non-flush failure, then 569 * start a channel disconnect (asynchronous) and release 570 * the reference to the IU. The task will be cleaned 571 * up with STMF during channel shutdown processing. 572 */ 573 if (wc_status != IBT_SUCCESS) { 574 SRPT_DPRINTF_L2("ch_data_comp, WC status err(%d)", 575 wc_status); 576 if (wc_status != IBT_WC_WR_FLUSHED_ERR) { 577 srpt_ch_disconnect(ch); 578 } 579 atomic_dec_32(&iu->iu_sq_posted_cnt); 580 return; 581 } 582 583 /* 584 * If STMF has requested this task be aborted, then if this is the 585 * last I/O operation outstanding, notify STMF the task has been 586 * aborted and ignore the completion. 587 */ 588 mutex_enter(&iu->iu_lock); 589 atomic_dec_32(&iu->iu_sq_posted_cnt); 590 591 if ((iu->iu_flags & SRPT_IU_STMF_ABORTING) != 0) { 592 scsi_task_t *abort_task = iu->iu_stmf_task; 593 594 mutex_exit(&iu->iu_lock); 595 stmf_abort(STMF_REQUEUE_TASK_ABORT_LPORT, abort_task, 596 STMF_ABORTED, NULL); 597 return; 598 } 599 600 /* 601 * We should not get an RDMA completion where the task has already 602 * completed aborting and STMF has been informed. 603 */ 604 ASSERT((iu->iu_flags & SRPT_IU_ABORTED) == 0); 605 606 /* 607 * Good completion for last RDMA op associated with a data buffer 608 * I/O, if specified initiate status otherwise let STMF know we are 609 * done. 610 */ 611 stmf_dbuf->db_xfer_status = STMF_SUCCESS; 612 mutex_exit(&iu->iu_lock); 613 if ((stmf_dbuf->db_flags & DB_SEND_STATUS_GOOD) != 0) { 614 status = srpt_stp_send_status(dbuf->db_iu->iu_stmf_task, 0); 615 if (status == STMF_SUCCESS) { 616 return; 617 } 618 stmf_dbuf->db_xfer_status = STMF_FAILURE; 619 } 620 621 stmf_data_xfer_done(dbuf->db_iu->iu_stmf_task, stmf_dbuf, 0); 622 } 623 624 /* 625 * srpt_ch_scq_hdlr() 626 */ 627 static void 628 srpt_ch_scq_hdlr(ibt_cq_hdl_t cq_hdl, void *arg) 629 { 630 ibt_status_t status; 631 srpt_channel_t *ch = arg; 632 ibt_wc_t wc[SRPT_SEND_WC_POLL_SIZE]; 633 ibt_wc_t *wcp; 634 int i; 635 uint32_t cq_rearmed = 0; 636 uint32_t entries; 637 srpt_swqe_t *swqe; 638 639 ASSERT(ch != NULL); 640 641 /* Reference channel for the duration of this call */ 642 srpt_ch_add_ref(ch); 643 644 for (;;) { 645 status = ibt_poll_cq(cq_hdl, &wc[0], SRPT_SEND_WC_POLL_SIZE, 646 &entries); 647 if (status == IBT_CQ_EMPTY) { 648 /* 649 * CQ drained, if we have not rearmed the CQ 650 * do so and poll to eliminate race; otherwise 651 * we are done. 652 */ 653 if (cq_rearmed == 0) { 654 ibt_enable_cq_notify(ch->ch_scq_hdl, 655 IBT_NEXT_COMPLETION); 656 cq_rearmed = 1; 657 continue; 658 } else { 659 break; 660 } 661 } else if (status != IBT_SUCCESS) { 662 /* 663 * This error should not happen, it indicates something 664 * abnormal has gone wrong and represents either a 665 * hardware or programming logic coding error. 666 */ 667 SRPT_DPRINTF_L2("ch_scq_hdlr, unexpected CQ err(%d)", 668 status); 669 srpt_ch_disconnect(ch); 670 break; 671 } 672 673 for (wcp = wc, i = 0; i < entries; i++, wcp++) { 674 675 /* 676 * A zero work ID indicates this CQE is associated 677 * with an intermediate post of a RDMA data transfer 678 * operation. Since intermediate data requests are 679 * unsignaled, we should only get these if there was 680 * an error. No action is required. 681 */ 682 if (wcp->wc_id == 0) { 683 continue; 684 } 685 swqe = ch->ch_swqe + wcp->wc_id; 686 687 switch (swqe->sw_type) { 688 case SRPT_SWQE_TYPE_RESP: 689 srpt_ch_rsp_comp(ch, (srpt_iu_t *) 690 swqe->sw_addr, wcp->wc_status); 691 break; 692 693 case SRPT_SWQE_TYPE_DATA: 694 srpt_ch_data_comp(ch, (stmf_data_buf_t *) 695 swqe->sw_addr, wcp->wc_status); 696 break; 697 698 default: 699 SRPT_DPRINTF_L2("ch_scq_hdlr, bad type(%d)", 700 swqe->sw_type); 701 ASSERT(0); 702 } 703 704 srpt_ch_free_swqe_wrid(ch, wcp->wc_id); 705 } 706 } 707 708 srpt_ch_release_ref(ch, 0); 709 } 710 711 /* 712 * srpt_ch_rcq_hdlr() 713 */ 714 static void 715 srpt_ch_rcq_hdlr(ibt_cq_hdl_t cq_hdl, void *arg) 716 { 717 ibt_status_t status; 718 srpt_channel_t *ch = arg; 719 ibt_wc_t wc[SRPT_RECV_WC_POLL_SIZE]; 720 ibt_wc_t *wcp; 721 int i; 722 uint32_t entries; 723 srpt_iu_t *iu; 724 uint_t cq_rearmed = 0; 725 726 /* 727 * The channel object will exists while the CQ handler call-back 728 * is installed. 729 */ 730 ASSERT(ch != NULL); 731 srpt_ch_add_ref(ch); 732 733 /* 734 * If we know a channel disconnect has started do nothing 735 * and let channel cleanup code recover resources from the CQ. 736 * We are not concerned about races with the state transition 737 * since the code will do the correct thing either way. This 738 * is simply to circumvent rearming the CQ, and it will 739 * catch the state next time. 740 */ 741 rw_enter(&ch->ch_rwlock, RW_READER); 742 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 743 SRPT_DPRINTF_L2("ch_rcq_hdlr, channel disconnecting"); 744 rw_exit(&ch->ch_rwlock); 745 srpt_ch_release_ref(ch, 0); 746 return; 747 } 748 rw_exit(&ch->ch_rwlock); 749 750 for (;;) { 751 status = ibt_poll_cq(cq_hdl, &wc[0], SRPT_RECV_WC_POLL_SIZE, 752 &entries); 753 if (status == IBT_CQ_EMPTY) { 754 /* 755 * OK, empty, if we have not rearmed the CQ 756 * do so, and poll to eliminate race; otherwise 757 * we are done. 758 */ 759 if (cq_rearmed == 0) { 760 ibt_enable_cq_notify(ch->ch_rcq_hdl, 761 IBT_NEXT_COMPLETION); 762 cq_rearmed = 1; 763 continue; 764 } else { 765 break; 766 } 767 } else if (status != IBT_SUCCESS) { 768 /* 769 * This error should not happen, it indicates something 770 * abnormal has gone wrong and represents either a 771 * hardware or programming logic coding error. 772 */ 773 SRPT_DPRINTF_L2("ch_rcq_hdlr, unexpected CQ err(%d)", 774 status); 775 srpt_ch_disconnect(ch); 776 break; 777 } 778 779 for (wcp = wc, i = 0; i < entries; i++, wcp++) { 780 781 /* 782 * Check wc_status before proceeding. If the 783 * status indicates a channel problem, stop processing. 784 */ 785 if (wcp->wc_status != IBT_WC_SUCCESS) { 786 if (wcp->wc_status == IBT_WC_WR_FLUSHED_ERR) { 787 SRPT_DPRINTF_L2( 788 "ch_rcq, unexpected" 789 " wc_status err(%d)", 790 wcp->wc_status); 791 srpt_ch_disconnect(ch); 792 /* XXX - verify not leaking IUs */ 793 goto done; 794 } else { 795 /* skip IUs with errors */ 796 SRPT_DPRINTF_L2( 797 "ch_rcq, ERROR comp(%d)", 798 wcp->wc_status); 799 /* XXX - verify not leaking IUs */ 800 continue; 801 } 802 } 803 804 iu = (srpt_iu_t *)(uintptr_t)wcp->wc_id; 805 ASSERT(iu != NULL); 806 807 /* 808 * Process the IU. 809 */ 810 ASSERT(wcp->wc_type == IBT_WRC_RECV); 811 srpt_ch_process_iu(ch, iu); 812 } 813 } 814 815 done: 816 srpt_ch_release_ref(ch, 0); 817 } 818 819 /* 820 * srpt_ch_srp_cmd() 821 */ 822 static int 823 srpt_ch_srp_cmd(srpt_channel_t *ch, srpt_iu_t *iu) 824 { 825 srp_cmd_req_t *cmd = (srp_cmd_req_t *)iu->iu_buf; 826 srp_indirect_desc_t *i_desc; 827 uint_t i_di_cnt; 828 uint_t i_do_cnt; 829 uint8_t do_fmt; 830 uint8_t di_fmt; 831 uint32_t *cur_desc_off; 832 int i; 833 ibt_status_t status; 834 uint8_t addlen; 835 836 iu->iu_ch = ch; 837 iu->iu_tag = cmd->cr_tag; 838 839 /* 840 * The SRP specification and SAM require support for bi-directional 841 * data transfer, so we create a single buffer descriptor list that 842 * in the IU buffer that covers the data-in and data-out buffers. 843 * In practice we will just see unidirectional transfers with either 844 * data-in or data out descriptors. If we were to take that as fact, 845 * we could reduce overhead slightly. 846 */ 847 848 /* 849 * additional length is a 6-bit number in 4-byte words, so multiply by 4 850 * to get bytes. 851 */ 852 addlen = cmd->cr_add_cdb_len & 0x3f; /* mask off 6 bits */ 853 854 cur_desc_off = (uint32_t *)(void *)&cmd->cr_add_data; 855 cur_desc_off += addlen; /* 32-bit arithmetic */ 856 iu->iu_num_rdescs = 0; 857 iu->iu_rdescs = (srp_direct_desc_t *)(void *)cur_desc_off; 858 859 /* 860 * Examine buffer description for Data In (i.e. data flows 861 * to the initiator). 862 */ 863 i_do_cnt = i_di_cnt = 0; 864 di_fmt = cmd->cr_buf_fmt >> 4; 865 if (di_fmt == SRP_DATA_DESC_DIRECT) { 866 iu->iu_num_rdescs = 1; 867 cur_desc_off = (uint32_t *)(void *)&iu->iu_rdescs[1]; 868 } else if (di_fmt == SRP_DATA_DESC_INDIRECT) { 869 i_desc = (srp_indirect_desc_t *)iu->iu_rdescs; 870 i_di_cnt = b2h32(i_desc->id_table.dd_len) / 871 sizeof (srp_direct_desc_t); 872 873 /* 874 * Some initiators like OFED occasionally use the wrong counts, 875 * so check total to allow for this. NOTE: we do not support 876 * reading of the descriptor table from the initiator, so if 877 * not all descriptors are in the IU we drop the task. 878 */ 879 if (i_di_cnt > (cmd->cr_dicnt + cmd->cr_docnt)) { 880 SRPT_DPRINTF_L2("ch_srp_cmd, remote RDMA of" 881 " descriptors not supported"); 882 SRPT_DPRINTF_L2("ch_srp_cmd, sizeof entry (%d)," 883 " i_di_cnt(%d), cr_dicnt(%d)", 884 (uint_t)sizeof (srp_direct_desc_t), 885 i_di_cnt, cmd->cr_dicnt); 886 iu->iu_rdescs = NULL; 887 return (1); 888 } 889 bcopy(&i_desc->id_desc[0], iu->iu_rdescs, 890 sizeof (srp_direct_desc_t) * i_di_cnt); 891 iu->iu_num_rdescs += i_di_cnt; 892 cur_desc_off = (uint32_t *)(void *)&i_desc->id_desc[i_di_cnt]; 893 } 894 895 /* 896 * Examine buffer description for Data Out (i.e. data flows 897 * from the initiator). 898 */ 899 do_fmt = cmd->cr_buf_fmt & 0x0F; 900 if (do_fmt == SRP_DATA_DESC_DIRECT) { 901 if (di_fmt == SRP_DATA_DESC_DIRECT) { 902 bcopy(cur_desc_off, &iu->iu_rdescs[iu->iu_num_rdescs], 903 sizeof (srp_direct_desc_t)); 904 } 905 iu->iu_num_rdescs++; 906 } else if (do_fmt == SRP_DATA_DESC_INDIRECT) { 907 i_desc = (srp_indirect_desc_t *)cur_desc_off; 908 i_do_cnt = b2h32(i_desc->id_table.dd_len) / 909 sizeof (srp_direct_desc_t); 910 911 /* 912 * Some initiators like OFED occasionally use the wrong counts, 913 * so check total to allow for this. NOTE: we do not support 914 * reading of the descriptor table from the initiator, so if 915 * not all descriptors are in the IU we drop the task. 916 */ 917 if ((i_di_cnt + i_do_cnt) > (cmd->cr_dicnt + cmd->cr_docnt)) { 918 SRPT_DPRINTF_L2("ch_srp_cmd, remote RDMA of" 919 " descriptors not supported"); 920 SRPT_DPRINTF_L2("ch_srp_cmd, sizeof entry (%d)," 921 " i_do_cnt(%d), cr_docnt(%d)", 922 (uint_t)sizeof (srp_direct_desc_t), 923 i_do_cnt, cmd->cr_docnt); 924 iu->iu_rdescs = 0; 925 return (1); 926 } 927 bcopy(&i_desc->id_desc[0], &iu->iu_rdescs[iu->iu_num_rdescs], 928 sizeof (srp_direct_desc_t) * i_do_cnt); 929 iu->iu_num_rdescs += i_do_cnt; 930 } 931 932 iu->iu_tot_xfer_len = 0; 933 for (i = 0; i < iu->iu_num_rdescs; i++) { 934 iu->iu_rdescs[i].dd_vaddr = b2h64(iu->iu_rdescs[i].dd_vaddr); 935 iu->iu_rdescs[i].dd_hdl = b2h32(iu->iu_rdescs[i].dd_hdl); 936 iu->iu_rdescs[i].dd_len = b2h32(iu->iu_rdescs[i].dd_len); 937 iu->iu_tot_xfer_len += iu->iu_rdescs[i].dd_len; 938 } 939 940 #ifdef DEBUG 941 if (srpt_errlevel >= SRPT_LOG_L4) { 942 SRPT_DPRINTF_L4("ch_srp_cmd, iu->iu_tot_xfer_len (%d)", 943 iu->iu_tot_xfer_len); 944 for (i = 0; i < iu->iu_num_rdescs; i++) { 945 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_vaddr" 946 " (0x%08llx)", 947 i, (u_longlong_t)iu->iu_rdescs[i].dd_vaddr); 948 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_hdl" 949 " (0x%08x)", i, iu->iu_rdescs[i].dd_hdl); 950 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_len (%d)", 951 i, iu->iu_rdescs[i].dd_len); 952 } 953 SRPT_DPRINTF_L4("ch_srp_cmd, LUN (0x%08lx)", 954 (unsigned long int) *((uint64_t *)(void *) cmd->cr_lun)); 955 } 956 #endif 957 rw_enter(&ch->ch_rwlock, RW_READER); 958 959 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 960 /* 961 * The channel has begun disconnecting, so ignore the 962 * the command returning the IU resources. 963 */ 964 rw_exit(&ch->ch_rwlock); 965 return (1); 966 } 967 968 /* 969 * Once a SCSI task is allocated and assigned to the IU, it 970 * owns those IU resources, which will be held until STMF 971 * is notified the task is done (from a lport perspective). 972 */ 973 iu->iu_stmf_task = stmf_task_alloc(ch->ch_tgt->tp_lport, 974 ch->ch_session->ss_ss, cmd->cr_lun, 975 SRP_CDB_SIZE + (addlen * 4), 0); 976 if (iu->iu_stmf_task == NULL) { 977 /* 978 * Could not allocate, return status to the initiator 979 * indicating that we are temporarily unable to process 980 * commands. If unable to send, immediately return IU 981 * resource. 982 */ 983 SRPT_DPRINTF_L2("ch_srp_cmd, SCSI task allocation failure"); 984 rw_exit(&ch->ch_rwlock); 985 mutex_enter(&iu->iu_lock); 986 status = srpt_stp_send_response(iu, STATUS_BUSY, 0, 0, 0, 987 NULL, SRPT_NO_FENCE_SEND); 988 mutex_exit(&iu->iu_lock); 989 if (status != IBT_SUCCESS) { 990 SRPT_DPRINTF_L2("ch_srp_cmd, error(%d) posting error" 991 " response", status); 992 return (1); 993 } else { 994 return (0); 995 } 996 } 997 998 iu->iu_stmf_task->task_port_private = iu; 999 iu->iu_stmf_task->task_flags = 0; 1000 1001 if (di_fmt != 0) { 1002 iu->iu_stmf_task->task_flags |= TF_WRITE_DATA; 1003 } 1004 if (do_fmt != 0) { 1005 iu->iu_stmf_task->task_flags |= TF_READ_DATA; 1006 } 1007 1008 switch (cmd->cr_task_attr) { 1009 case SRP_TSK_ATTR_QTYPE_SIMPLE: 1010 iu->iu_stmf_task->task_flags |= TF_ATTR_SIMPLE_QUEUE; 1011 break; 1012 1013 case SRP_TSK_ATTR_QTYPE_HEAD_OF_Q: 1014 iu->iu_stmf_task->task_flags |= TF_ATTR_HEAD_OF_QUEUE; 1015 break; 1016 1017 case SRP_TSK_ATTR_QTYPE_ORDERED: 1018 iu->iu_stmf_task->task_flags |= TF_ATTR_ORDERED_QUEUE; 1019 break; 1020 1021 case SRP_TSK_ATTR_QTYPE_ACA_Q_TAG: 1022 iu->iu_stmf_task->task_flags |= TF_ATTR_ACA; 1023 break; 1024 1025 default: 1026 SRPT_DPRINTF_L2("ch_srp_cmd, reserved task attr (%d)", 1027 cmd->cr_task_attr); 1028 iu->iu_stmf_task->task_flags |= TF_ATTR_ORDERED_QUEUE; 1029 break; 1030 } 1031 iu->iu_stmf_task->task_additional_flags = 0; 1032 iu->iu_stmf_task->task_priority = 0; 1033 iu->iu_stmf_task->task_mgmt_function = TM_NONE; 1034 iu->iu_stmf_task->task_max_nbufs = STMF_BUFS_MAX; 1035 iu->iu_stmf_task->task_expected_xfer_length = iu->iu_tot_xfer_len; 1036 iu->iu_stmf_task->task_csn_size = 0; 1037 1038 bcopy(cmd->cr_cdb, iu->iu_stmf_task->task_cdb, 1039 SRP_CDB_SIZE); 1040 if (addlen != 0) { 1041 bcopy(&cmd->cr_add_data, 1042 iu->iu_stmf_task->task_cdb + SRP_CDB_SIZE, 1043 addlen * 4); 1044 } 1045 1046 /* 1047 * Add the IU/task to the session and post to STMF. The task will 1048 * remain in the session's list until STMF is informed by SRP that 1049 * it is done with the task. 1050 */ 1051 srpt_stp_add_task(ch->ch_session, iu); 1052 1053 SRPT_DPRINTF_L3("ch_srp_cmd, new task (%p) posted", 1054 (void *)iu->iu_stmf_task); 1055 stmf_post_task(iu->iu_stmf_task, NULL); 1056 rw_exit(&ch->ch_rwlock); 1057 1058 return (0); 1059 } 1060 1061 /* 1062 * srpt_ch_task_mgmt_abort() 1063 * 1064 * Returns 0 on success, indicating we've sent a management response. 1065 * Returns !0 to indicate failure; the IU should be reposted. 1066 */ 1067 static ibt_status_t 1068 srpt_ch_task_mgmt_abort(srpt_channel_t *ch, srpt_iu_t *iu, 1069 uint64_t tag_to_abort) 1070 { 1071 srpt_session_t *session = ch->ch_session; 1072 srpt_iu_t *ss_iu; 1073 ibt_status_t status; 1074 1075 /* 1076 * Locate the associated task (tag_to_abort) in the 1077 * session's active task list. 1078 */ 1079 rw_enter(&session->ss_rwlock, RW_READER); 1080 ss_iu = list_head(&session->ss_task_list); 1081 while (ss_iu != NULL) { 1082 mutex_enter(&ss_iu->iu_lock); 1083 if ((tag_to_abort == ss_iu->iu_tag)) { 1084 mutex_exit(&ss_iu->iu_lock); 1085 break; 1086 } 1087 mutex_exit(&ss_iu->iu_lock); 1088 ss_iu = list_next(&session->ss_task_list, ss_iu); 1089 } 1090 rw_exit(&session->ss_rwlock); 1091 1092 /* 1093 * Take appropriate action based on state of task 1094 * to be aborted: 1095 * 1) No longer exists - do nothing. 1096 * 2) Previously aborted or status queued - do nothing. 1097 * 3) Otherwise - initiate abort. 1098 */ 1099 if (ss_iu == NULL) { 1100 goto send_mgmt_resp; 1101 } 1102 1103 mutex_enter(&ss_iu->iu_lock); 1104 if ((ss_iu->iu_flags & (SRPT_IU_STMF_ABORTING | 1105 SRPT_IU_ABORTED | SRPT_IU_RESP_SENT)) != 0) { 1106 mutex_exit(&ss_iu->iu_lock); 1107 goto send_mgmt_resp; 1108 } 1109 1110 /* 1111 * Set aborting flag and notify STMF of abort request. No 1112 * additional I/O will be queued for this IU. 1113 */ 1114 SRPT_DPRINTF_L3("ch_task_mgmt_abort, task found"); 1115 ss_iu->iu_flags |= SRPT_IU_SRP_ABORTING; 1116 mutex_exit(&ss_iu->iu_lock); 1117 stmf_abort(STMF_QUEUE_TASK_ABORT, 1118 ss_iu->iu_stmf_task, STMF_ABORTED, NULL); 1119 1120 send_mgmt_resp: 1121 mutex_enter(&iu->iu_lock); 1122 status = srpt_stp_send_mgmt_response(iu, SRP_TM_SUCCESS, 1123 SRPT_FENCE_SEND); 1124 mutex_exit(&iu->iu_lock); 1125 1126 if (status != IBT_SUCCESS) { 1127 SRPT_DPRINTF_L2("ch_task_mgmt_abort, err(%d)" 1128 " posting abort response", status); 1129 } 1130 1131 return (status); 1132 } 1133 1134 /* 1135 * srpt_ch_srp_task_mgmt() 1136 */ 1137 static int 1138 srpt_ch_srp_task_mgmt(srpt_channel_t *ch, srpt_iu_t *iu) 1139 { 1140 srp_tsk_mgmt_t *tsk = (srp_tsk_mgmt_t *)iu->iu_buf; 1141 uint8_t tm_fn; 1142 ibt_status_t status; 1143 1144 SRPT_DPRINTF_L3("ch_srp_task_mgmt, SRP TASK MGMT func(%d)", 1145 tsk->tm_function); 1146 1147 iu->iu_ch = ch; 1148 iu->iu_tag = tsk->tm_tag; 1149 1150 /* 1151 * Task management aborts are processed directly by the SRP driver; 1152 * all other task management requests are handed off to STMF. 1153 */ 1154 switch (tsk->tm_function) { 1155 case SRP_TSK_MGMT_ABORT_TASK: 1156 /* 1157 * Initiate SCSI transport protocol specific task abort 1158 * logic. 1159 */ 1160 status = srpt_ch_task_mgmt_abort(ch, iu, tsk->tm_task_tag); 1161 if (status != IBT_SUCCESS) { 1162 /* repost this IU */ 1163 return (1); 1164 } else { 1165 return (0); 1166 } 1167 1168 case SRP_TSK_MGMT_ABORT_TASK_SET: 1169 tm_fn = TM_ABORT_TASK_SET; 1170 break; 1171 1172 case SRP_TSK_MGMT_CLEAR_TASK_SET: 1173 tm_fn = TM_CLEAR_TASK_SET; 1174 break; 1175 1176 case SRP_TSK_MGMT_LUN_RESET: 1177 tm_fn = TM_LUN_RESET; 1178 break; 1179 1180 case SRP_TSK_MGMT_CLEAR_ACA: 1181 tm_fn = TM_CLEAR_ACA; 1182 break; 1183 1184 default: 1185 /* 1186 * SRP does not support the requested task management 1187 * function; return a not supported status in the response. 1188 */ 1189 SRPT_DPRINTF_L2("ch_srp_task_mgmt, SRP task mgmt fn(%d)" 1190 " not supported", tsk->tm_function); 1191 mutex_enter(&iu->iu_lock); 1192 status = srpt_stp_send_mgmt_response(iu, 1193 SRP_TM_NOT_SUPPORTED, SRPT_NO_FENCE_SEND); 1194 mutex_exit(&iu->iu_lock); 1195 if (status != IBT_SUCCESS) { 1196 SRPT_DPRINTF_L2("ch_srp_task_mgmt, err(%d) posting" 1197 " response", status); 1198 return (1); 1199 } 1200 return (0); 1201 } 1202 1203 rw_enter(&ch->ch_rwlock, RW_READER); 1204 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1205 /* 1206 * The channel has begun disconnecting, so ignore the 1207 * the command returning the IU resources. 1208 */ 1209 rw_exit(&ch->ch_rwlock); 1210 return (1); 1211 } 1212 1213 /* 1214 * Once a SCSI mgmt task is allocated and assigned to the IU, it 1215 * owns those IU resources, which will be held until we inform 1216 * STMF that we are done with the task (from an lports perspective). 1217 */ 1218 iu->iu_stmf_task = stmf_task_alloc(ch->ch_tgt->tp_lport, 1219 ch->ch_session->ss_ss, tsk->tm_lun, 0, STMF_TASK_EXT_NONE); 1220 if (iu->iu_stmf_task == NULL) { 1221 /* 1222 * Could not allocate, return status to the initiator 1223 * indicating that we are temporarily unable to process 1224 * commands. If unable to send, immediately return IU 1225 * resource. 1226 */ 1227 SRPT_DPRINTF_L2("ch_srp_task_mgmt, SCSI task allocation" 1228 " failure"); 1229 rw_exit(&ch->ch_rwlock); 1230 mutex_enter(&iu->iu_lock); 1231 status = srpt_stp_send_response(iu, STATUS_BUSY, 0, 0, 0, 1232 NULL, SRPT_NO_FENCE_SEND); 1233 mutex_exit(&iu->iu_lock); 1234 if (status != IBT_SUCCESS) { 1235 SRPT_DPRINTF_L2("ch_srp_task_mgmt, err(%d) posting" 1236 "busy response", status); 1237 /* repost the IU */ 1238 return (1); 1239 } 1240 return (0); 1241 } 1242 1243 iu->iu_stmf_task->task_port_private = iu; 1244 iu->iu_stmf_task->task_flags = 0; 1245 iu->iu_stmf_task->task_additional_flags = 1246 TASK_AF_NO_EXPECTED_XFER_LENGTH; 1247 iu->iu_stmf_task->task_priority = 0; 1248 iu->iu_stmf_task->task_mgmt_function = tm_fn; 1249 iu->iu_stmf_task->task_max_nbufs = STMF_BUFS_MAX; 1250 iu->iu_stmf_task->task_expected_xfer_length = 0; 1251 iu->iu_stmf_task->task_csn_size = 0; 1252 1253 /* 1254 * Add the IU/task to the session and post to STMF. The task will 1255 * remain in the session's list until STMF is informed by SRP that 1256 * it is done with the task. 1257 */ 1258 srpt_stp_add_task(ch->ch_session, iu); 1259 1260 SRPT_DPRINTF_L3("ch_srp_task_mgmt, new mgmt task(%p) posted", 1261 (void *)iu->iu_stmf_task); 1262 stmf_post_task(iu->iu_stmf_task, NULL); 1263 rw_exit(&ch->ch_rwlock); 1264 1265 return (0); 1266 } 1267 1268 /* 1269 * srpt_ch_process_iu() 1270 */ 1271 static void 1272 srpt_ch_process_iu(srpt_channel_t *ch, srpt_iu_t *iu) 1273 { 1274 srpt_iu_data_t *iud; 1275 int status = 1; 1276 1277 /* 1278 * IU adds reference to channel which will represent a 1279 * a reference by STMF. If for whatever reason the IU 1280 * is not handed off to STMF, then this reference will be 1281 * released. Otherwise, the reference will be released when 1282 * SRP informs STMF that the associated SCSI task is done. 1283 */ 1284 srpt_ch_add_ref(ch); 1285 1286 /* 1287 * Validate login RC channel state. Normally active, if 1288 * not active then we need to handle a possible race between the 1289 * receipt of a implied RTU and CM calling back to notify of the 1290 * state transition. 1291 */ 1292 rw_enter(&ch->ch_rwlock, RW_READER); 1293 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1294 rw_exit(&ch->ch_rwlock); 1295 goto repost_iu; 1296 } 1297 rw_exit(&ch->ch_rwlock); 1298 1299 iud = iu->iu_buf; 1300 1301 switch (iud->rx_iu.srp_op) { 1302 case SRP_IU_CMD: 1303 status = srpt_ch_srp_cmd(ch, iu); 1304 break; 1305 1306 case SRP_IU_TASK_MGMT: 1307 status = srpt_ch_srp_task_mgmt(ch, iu); 1308 return; 1309 1310 case SRP_IU_I_LOGOUT: 1311 SRPT_DPRINTF_L3("ch_process_iu, SRP INITIATOR LOGOUT"); 1312 /* 1313 * Initiators should logout by issuing a CM disconnect 1314 * request (DREQ) with the logout IU in the private data; 1315 * however some initiators have been known to send the 1316 * IU in-band, if this happens just initiate the logout. 1317 * Note that we do not return a response as per the 1318 * specification. 1319 */ 1320 srpt_stp_logout(ch); 1321 break; 1322 1323 case SRP_IU_AER_RSP: 1324 case SRP_IU_CRED_RSP: 1325 default: 1326 /* 1327 * We don't send asynchronous events or ask for credit 1328 * adjustments, so nothing need be done. Log we got an 1329 * unexpected IU but then just repost the IU to the SRQ. 1330 */ 1331 SRPT_DPRINTF_L2("ch_process_iu, invalid IU from initiator," 1332 " IU opcode(%d)", iud->rx_iu.srp_op); 1333 break; 1334 } 1335 1336 if (status == 0) { 1337 return; 1338 } 1339 1340 repost_iu: 1341 SRPT_DPRINTF_L4("process_iu: reposting iu %p", (void *)iu); 1342 mutex_enter(&iu->iu_lock); 1343 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 1344 mutex_exit(&iu->iu_lock); 1345 srpt_ch_release_ref(ch, 0); 1346 } 1347 1348 /* 1349 * srpt_ch_post_send 1350 */ 1351 ibt_status_t 1352 srpt_ch_post_send(srpt_channel_t *ch, srpt_iu_t *iu, uint32_t len, 1353 uint_t fence) 1354 { 1355 ibt_status_t status; 1356 ibt_send_wr_t wr; 1357 ibt_wr_ds_t ds; 1358 uint_t posted; 1359 1360 ASSERT(ch != NULL); 1361 ASSERT(iu != NULL); 1362 ASSERT(mutex_owned(&iu->iu_lock)); 1363 1364 rw_enter(&ch->ch_rwlock, RW_READER); 1365 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1366 rw_exit(&ch->ch_rwlock); 1367 SRPT_DPRINTF_L2("ch_post_send, bad ch state (%d)", 1368 ch->ch_state); 1369 return (IBT_FAILURE); 1370 } 1371 rw_exit(&ch->ch_rwlock); 1372 1373 wr.wr_id = srpt_ch_alloc_swqe_wrid(ch, SRPT_SWQE_TYPE_RESP, 1374 (void *)iu); 1375 if (wr.wr_id == 0) { 1376 SRPT_DPRINTF_L2("ch_post_send, queue full"); 1377 return (IBT_FAILURE); 1378 } 1379 1380 atomic_inc_32(&iu->iu_sq_posted_cnt); 1381 1382 wr.wr_flags = IBT_WR_SEND_SIGNAL; 1383 if (fence == SRPT_FENCE_SEND) { 1384 wr.wr_flags |= IBT_WR_SEND_FENCE; 1385 } 1386 wr.wr_opcode = IBT_WRC_SEND; 1387 wr.wr_trans = IBT_RC_SRV; 1388 wr.wr_nds = 1; 1389 wr.wr_sgl = &ds; 1390 1391 ds.ds_va = iu->iu_sge.ds_va; 1392 ds.ds_key = iu->iu_sge.ds_key; 1393 ds.ds_len = len; 1394 1395 SRPT_DPRINTF_L4("ch_post_send, posting SRP response to channel" 1396 " ds.ds_va (0x%16llx), ds.ds_key (0x%08x), " 1397 " ds.ds_len (%d)", 1398 (u_longlong_t)ds.ds_va, ds.ds_key, ds.ds_len); 1399 1400 status = ibt_post_send(ch->ch_chan_hdl, &wr, 1, &posted); 1401 if (status != IBT_SUCCESS) { 1402 SRPT_DPRINTF_L2("ch_post_send, post_send failed (%d)", 1403 status); 1404 atomic_dec_32(&iu->iu_sq_posted_cnt); 1405 srpt_ch_free_swqe_wrid(ch, wr.wr_id); 1406 return (status); 1407 } 1408 1409 return (IBT_SUCCESS); 1410 } 1411 1412 /* 1413 * srpt_ch_alloc_swqe_wrid() 1414 */ 1415 ibt_wrid_t 1416 srpt_ch_alloc_swqe_wrid(srpt_channel_t *ch, 1417 srpt_swqe_type_t wqe_type, void *addr) 1418 { 1419 ibt_wrid_t wrid; 1420 1421 mutex_enter(&ch->ch_swqe_lock); 1422 if (ch->ch_head == ch->ch_tail) { 1423 mutex_exit(&ch->ch_swqe_lock); 1424 return ((ibt_wrid_t)0); 1425 } 1426 wrid = (ibt_wrid_t)ch->ch_head; 1427 ch->ch_swqe[ch->ch_head].sw_type = wqe_type; 1428 ch->ch_swqe[ch->ch_head].sw_addr = addr; 1429 ch->ch_head = ch->ch_swqe[ch->ch_head].sw_next; 1430 ch->ch_swqe_posted++; 1431 mutex_exit(&ch->ch_swqe_lock); 1432 return (wrid); 1433 } 1434 1435 /* 1436 * srpt_ch_free_swqe_wrid() 1437 */ 1438 void 1439 srpt_ch_free_swqe_wrid(srpt_channel_t *ch, ibt_wrid_t id) 1440 { 1441 mutex_enter(&ch->ch_swqe_lock); 1442 ch->ch_swqe[ch->ch_tail].sw_next = id; 1443 ch->ch_tail = (uint32_t)id; 1444 ch->ch_swqe_posted--; 1445 mutex_exit(&ch->ch_swqe_lock); 1446 } 1447