1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2018 Nexenta Systems, Inc. 14 * Copyright 2016 Tegile Systems, Inc. All rights reserved. 15 * Copyright (c) 2016 The MathWorks, Inc. All rights reserved. 16 * Copyright 2018 Joyent, Inc. 17 * Copyright 2019 Western Digital Corporation. 18 */ 19 20 /* 21 * blkdev driver for NVMe compliant storage devices 22 * 23 * This driver was written to conform to version 1.2.1 of the NVMe 24 * specification. It may work with newer versions, but that is completely 25 * untested and disabled by default. 26 * 27 * The driver has only been tested on x86 systems and will not work on big- 28 * endian systems without changes to the code accessing registers and data 29 * structures used by the hardware. 30 * 31 * 32 * Interrupt Usage: 33 * 34 * The driver will use a single interrupt while configuring the device as the 35 * specification requires, but contrary to the specification it will try to use 36 * a single-message MSI(-X) or FIXED interrupt. Later in the attach process it 37 * will switch to multiple-message MSI(-X) if supported. The driver wants to 38 * have one interrupt vector per CPU, but it will work correctly if less are 39 * available. Interrupts can be shared by queues, the interrupt handler will 40 * iterate through the I/O queue array by steps of n_intr_cnt. Usually only 41 * the admin queue will share an interrupt with one I/O queue. The interrupt 42 * handler will retrieve completed commands from all queues sharing an interrupt 43 * vector and will post them to a taskq for completion processing. 44 * 45 * 46 * Command Processing: 47 * 48 * NVMe devices can have up to 65535 I/O queue pairs, with each queue holding up 49 * to 65536 I/O commands. The driver will configure one I/O queue pair per 50 * available interrupt vector, with the queue length usually much smaller than 51 * the maximum of 65536. If the hardware doesn't provide enough queues, fewer 52 * interrupt vectors will be used. 53 * 54 * Additionally the hardware provides a single special admin queue pair that can 55 * hold up to 4096 admin commands. 56 * 57 * From the hardware perspective both queues of a queue pair are independent, 58 * but they share some driver state: the command array (holding pointers to 59 * commands currently being processed by the hardware) and the active command 60 * counter. Access to a submission queue and the shared state is protected by 61 * nq_mutex, completion queue is protected by ncq_mutex. 62 * 63 * When a command is submitted to a queue pair the active command counter is 64 * incremented and a pointer to the command is stored in the command array. The 65 * array index is used as command identifier (CID) in the submission queue 66 * entry. Some commands may take a very long time to complete, and if the queue 67 * wraps around in that time a submission may find the next array slot to still 68 * be used by a long-running command. In this case the array is sequentially 69 * searched for the next free slot. The length of the command array is the same 70 * as the configured queue length. Queue overrun is prevented by the semaphore, 71 * so a command submission may block if the queue is full. 72 * 73 * 74 * Polled I/O Support: 75 * 76 * For kernel core dump support the driver can do polled I/O. As interrupts are 77 * turned off while dumping the driver will just submit a command in the regular 78 * way, and then repeatedly attempt a command retrieval until it gets the 79 * command back. 80 * 81 * 82 * Namespace Support: 83 * 84 * NVMe devices can have multiple namespaces, each being a independent data 85 * store. The driver supports multiple namespaces and creates a blkdev interface 86 * for each namespace found. Namespaces can have various attributes to support 87 * protection information. This driver does not support any of this and ignores 88 * namespaces that have these attributes. 89 * 90 * As of NVMe 1.1 namespaces can have an 64bit Extended Unique Identifier 91 * (EUI64). This driver uses the EUI64 if present to generate the devid and 92 * passes it to blkdev to use it in the device node names. As this is currently 93 * untested namespaces with EUI64 are ignored by default. 94 * 95 * We currently support only (2 << NVME_MINOR_INST_SHIFT) - 2 namespaces in a 96 * single controller. This is an artificial limit imposed by the driver to be 97 * able to address a reasonable number of controllers and namespaces using a 98 * 32bit minor node number. 99 * 100 * 101 * Minor nodes: 102 * 103 * For each NVMe device the driver exposes one minor node for the controller and 104 * one minor node for each namespace. The only operations supported by those 105 * minor nodes are open(9E), close(9E), and ioctl(9E). This serves as the 106 * interface for the nvmeadm(1M) utility. 107 * 108 * 109 * Blkdev Interface: 110 * 111 * This driver uses blkdev to do all the heavy lifting involved with presenting 112 * a disk device to the system. As a result, the processing of I/O requests is 113 * relatively simple as blkdev takes care of partitioning, boundary checks, DMA 114 * setup, and splitting of transfers into manageable chunks. 115 * 116 * I/O requests coming in from blkdev are turned into NVM commands and posted to 117 * an I/O queue. The queue is selected by taking the CPU id modulo the number of 118 * queues. There is currently no timeout handling of I/O commands. 119 * 120 * Blkdev also supports querying device/media information and generating a 121 * devid. The driver reports the best block size as determined by the namespace 122 * format back to blkdev as physical block size to support partition and block 123 * alignment. The devid is either based on the namespace EUI64, if present, or 124 * composed using the device vendor ID, model number, serial number, and the 125 * namespace ID. 126 * 127 * 128 * Error Handling: 129 * 130 * Error handling is currently limited to detecting fatal hardware errors, 131 * either by asynchronous events, or synchronously through command status or 132 * admin command timeouts. In case of severe errors the device is fenced off, 133 * all further requests will return EIO. FMA is then called to fault the device. 134 * 135 * The hardware has a limit for outstanding asynchronous event requests. Before 136 * this limit is known the driver assumes it is at least 1 and posts a single 137 * asynchronous request. Later when the limit is known more asynchronous event 138 * requests are posted to allow quicker reception of error information. When an 139 * asynchronous event is posted by the hardware the driver will parse the error 140 * status fields and log information or fault the device, depending on the 141 * severity of the asynchronous event. The asynchronous event request is then 142 * reused and posted to the admin queue again. 143 * 144 * On command completion the command status is checked for errors. In case of 145 * errors indicating a driver bug the driver panics. Almost all other error 146 * status values just cause EIO to be returned. 147 * 148 * Command timeouts are currently detected for all admin commands except 149 * asynchronous event requests. If a command times out and the hardware appears 150 * to be healthy the driver attempts to abort the command. The original command 151 * timeout is also applied to the abort command. If the abort times out too the 152 * driver assumes the device to be dead, fences it off, and calls FMA to retire 153 * it. In all other cases the aborted command should return immediately with a 154 * status indicating it was aborted, and the driver will wait indefinitely for 155 * that to happen. No timeout handling of normal I/O commands is presently done. 156 * 157 * Any command that times out due to the controller dropping dead will be put on 158 * nvme_lost_cmds list if it references DMA memory. This will prevent the DMA 159 * memory being reused by the system and later be written to by a "dead" NVMe 160 * controller. 161 * 162 * 163 * Locking: 164 * 165 * Each queue pair has a nq_mutex and ncq_mutex. The nq_mutex must be held 166 * when accessing shared state and submission queue registers, ncq_mutex 167 * is held when accessing completion queue state and registers. 168 * Callers of nvme_unqueue_cmd() must make sure that nq_mutex is held, while 169 * nvme_submit_{admin,io}_cmd() and nvme_retrieve_cmd() take care of both 170 * mutexes themselves. 171 * 172 * Each command also has its own nc_mutex, which is associated with the 173 * condition variable nc_cv. It is only used on admin commands which are run 174 * synchronously. In that case it must be held across calls to 175 * nvme_submit_{admin,io}_cmd() and nvme_wait_cmd(), which is taken care of by 176 * nvme_admin_cmd(). It must also be held whenever the completion state of the 177 * command is changed or while a admin command timeout is handled. 178 * 179 * If both nc_mutex and nq_mutex must be held, nc_mutex must be acquired first. 180 * More than one nc_mutex may only be held when aborting commands. In this case, 181 * the nc_mutex of the command to be aborted must be held across the call to 182 * nvme_abort_cmd() to prevent the command from completing while the abort is in 183 * progress. 184 * 185 * If both nq_mutex and ncq_mutex need to be held, ncq_mutex must be 186 * acquired first. More than one nq_mutex is never held by a single thread. 187 * The ncq_mutex is only held by nvme_retrieve_cmd() and 188 * nvme_process_iocq(). nvme_process_iocq() is only called from the 189 * interrupt thread and nvme_retrieve_cmd() during polled I/O, so the 190 * mutex is non-contentious but is required for implementation completeness 191 * and safety. 192 * 193 * Each minor node has its own nm_mutex, which protects the open count nm_ocnt 194 * and exclusive-open flag nm_oexcl. 195 * 196 * 197 * Quiesce / Fast Reboot: 198 * 199 * The driver currently does not support fast reboot. A quiesce(9E) entry point 200 * is still provided which is used to send a shutdown notification to the 201 * device. 202 * 203 * 204 * Driver Configuration: 205 * 206 * The following driver properties can be changed to control some aspects of the 207 * drivers operation: 208 * - strict-version: can be set to 0 to allow devices conforming to newer 209 * major versions to be used 210 * - ignore-unknown-vendor-status: can be set to 1 to not handle any vendor 211 * specific command status as a fatal error leading device faulting 212 * - admin-queue-len: the maximum length of the admin queue (16-4096) 213 * - io-squeue-len: the maximum length of the I/O submission queues (16-65536) 214 * - io-cqueue-len: the maximum length of the I/O completion queues (16-65536) 215 * - async-event-limit: the maximum number of asynchronous event requests to be 216 * posted by the driver 217 * - volatile-write-cache-enable: can be set to 0 to disable the volatile write 218 * cache 219 * - min-phys-block-size: the minimum physical block size to report to blkdev, 220 * which is among other things the basis for ZFS vdev ashift 221 * - max-submission-queues: the maximum number of I/O submission queues. 222 * - max-completion-queues: the maximum number of I/O completion queues, 223 * can be less than max-submission-queues, in which case the completion 224 * queues are shared. 225 * 226 * 227 * TODO: 228 * - figure out sane default for I/O queue depth reported to blkdev 229 * - FMA handling of media errors 230 * - support for devices supporting very large I/O requests using chained PRPs 231 * - support for configuring hardware parameters like interrupt coalescing 232 * - support for media formatting and hard partitioning into namespaces 233 * - support for big-endian systems 234 * - support for fast reboot 235 * - support for firmware updates 236 * - support for NVMe Subsystem Reset (1.1) 237 * - support for Scatter/Gather lists (1.1) 238 * - support for Reservations (1.1) 239 * - support for power management 240 */ 241 242 #include <sys/byteorder.h> 243 #ifdef _BIG_ENDIAN 244 #error nvme driver needs porting for big-endian platforms 245 #endif 246 247 #include <sys/modctl.h> 248 #include <sys/conf.h> 249 #include <sys/devops.h> 250 #include <sys/ddi.h> 251 #include <sys/sunddi.h> 252 #include <sys/sunndi.h> 253 #include <sys/bitmap.h> 254 #include <sys/sysmacros.h> 255 #include <sys/param.h> 256 #include <sys/varargs.h> 257 #include <sys/cpuvar.h> 258 #include <sys/disp.h> 259 #include <sys/blkdev.h> 260 #include <sys/atomic.h> 261 #include <sys/archsystm.h> 262 #include <sys/sata/sata_hba.h> 263 #include <sys/stat.h> 264 #include <sys/policy.h> 265 #include <sys/list.h> 266 267 #include <sys/nvme.h> 268 269 #ifdef __x86 270 #include <sys/x86_archext.h> 271 #endif 272 273 #include "nvme_reg.h" 274 #include "nvme_var.h" 275 276 /* 277 * Assertions to make sure that we've properly captured various aspects of the 278 * packed structures and haven't broken them during updates. 279 */ 280 CTASSERT(sizeof (nvme_identify_ctrl_t) == 0x1000); 281 CTASSERT(offsetof(nvme_identify_ctrl_t, id_oacs) == 256); 282 CTASSERT(offsetof(nvme_identify_ctrl_t, id_sqes) == 512); 283 CTASSERT(offsetof(nvme_identify_ctrl_t, id_subnqn) == 768); 284 CTASSERT(offsetof(nvme_identify_ctrl_t, id_nvmof) == 1792); 285 CTASSERT(offsetof(nvme_identify_ctrl_t, id_psd) == 2048); 286 CTASSERT(offsetof(nvme_identify_ctrl_t, id_vs) == 3072); 287 288 CTASSERT(sizeof (nvme_identify_nsid_t) == 0x1000); 289 CTASSERT(offsetof(nvme_identify_nsid_t, id_fpi) == 32); 290 CTASSERT(offsetof(nvme_identify_nsid_t, id_nguid) == 104); 291 CTASSERT(offsetof(nvme_identify_nsid_t, id_lbaf) == 128); 292 CTASSERT(offsetof(nvme_identify_nsid_t, id_vs) == 384); 293 294 CTASSERT(sizeof (nvme_identify_primary_caps_t) == 0x1000); 295 CTASSERT(offsetof(nvme_identify_primary_caps_t, nipc_vqfrt) == 32); 296 CTASSERT(offsetof(nvme_identify_primary_caps_t, nipc_vifrt) == 64); 297 298 299 /* NVMe spec version supported */ 300 static const int nvme_version_major = 1; 301 302 /* tunable for admin command timeout in seconds, default is 1s */ 303 int nvme_admin_cmd_timeout = 1; 304 305 /* tunable for FORMAT NVM command timeout in seconds, default is 600s */ 306 int nvme_format_cmd_timeout = 600; 307 308 static int nvme_attach(dev_info_t *, ddi_attach_cmd_t); 309 static int nvme_detach(dev_info_t *, ddi_detach_cmd_t); 310 static int nvme_quiesce(dev_info_t *); 311 static int nvme_fm_errcb(dev_info_t *, ddi_fm_error_t *, const void *); 312 static int nvme_setup_interrupts(nvme_t *, int, int); 313 static void nvme_release_interrupts(nvme_t *); 314 static uint_t nvme_intr(caddr_t, caddr_t); 315 316 static void nvme_shutdown(nvme_t *, int, boolean_t); 317 static boolean_t nvme_reset(nvme_t *, boolean_t); 318 static int nvme_init(nvme_t *); 319 static nvme_cmd_t *nvme_alloc_cmd(nvme_t *, int); 320 static void nvme_free_cmd(nvme_cmd_t *); 321 static nvme_cmd_t *nvme_create_nvm_cmd(nvme_namespace_t *, uint8_t, 322 bd_xfer_t *); 323 static void nvme_admin_cmd(nvme_cmd_t *, int); 324 static void nvme_submit_admin_cmd(nvme_qpair_t *, nvme_cmd_t *); 325 static int nvme_submit_io_cmd(nvme_qpair_t *, nvme_cmd_t *); 326 static void nvme_submit_cmd_common(nvme_qpair_t *, nvme_cmd_t *); 327 static nvme_cmd_t *nvme_unqueue_cmd(nvme_t *, nvme_qpair_t *, int); 328 static nvme_cmd_t *nvme_retrieve_cmd(nvme_t *, nvme_qpair_t *); 329 static void nvme_wait_cmd(nvme_cmd_t *, uint_t); 330 static void nvme_wakeup_cmd(void *); 331 static void nvme_async_event_task(void *); 332 333 static int nvme_check_unknown_cmd_status(nvme_cmd_t *); 334 static int nvme_check_vendor_cmd_status(nvme_cmd_t *); 335 static int nvme_check_integrity_cmd_status(nvme_cmd_t *); 336 static int nvme_check_specific_cmd_status(nvme_cmd_t *); 337 static int nvme_check_generic_cmd_status(nvme_cmd_t *); 338 static inline int nvme_check_cmd_status(nvme_cmd_t *); 339 340 static int nvme_abort_cmd(nvme_cmd_t *, uint_t); 341 static void nvme_async_event(nvme_t *); 342 static int nvme_format_nvm(nvme_t *, boolean_t, uint32_t, uint8_t, boolean_t, 343 uint8_t, boolean_t, uint8_t); 344 static int nvme_get_logpage(nvme_t *, boolean_t, void **, size_t *, uint8_t, 345 ...); 346 static int nvme_identify(nvme_t *, boolean_t, uint32_t, void **); 347 static int nvme_set_features(nvme_t *, boolean_t, uint32_t, uint8_t, uint32_t, 348 uint32_t *); 349 static int nvme_get_features(nvme_t *, boolean_t, uint32_t, uint8_t, uint32_t *, 350 void **, size_t *); 351 static int nvme_write_cache_set(nvme_t *, boolean_t); 352 static int nvme_set_nqueues(nvme_t *); 353 354 static void nvme_free_dma(nvme_dma_t *); 355 static int nvme_zalloc_dma(nvme_t *, size_t, uint_t, ddi_dma_attr_t *, 356 nvme_dma_t **); 357 static int nvme_zalloc_queue_dma(nvme_t *, uint32_t, uint16_t, uint_t, 358 nvme_dma_t **); 359 static void nvme_free_qpair(nvme_qpair_t *); 360 static int nvme_alloc_qpair(nvme_t *, uint32_t, nvme_qpair_t **, uint_t); 361 static int nvme_create_io_qpair(nvme_t *, nvme_qpair_t *, uint16_t); 362 363 static inline void nvme_put64(nvme_t *, uintptr_t, uint64_t); 364 static inline void nvme_put32(nvme_t *, uintptr_t, uint32_t); 365 static inline uint64_t nvme_get64(nvme_t *, uintptr_t); 366 static inline uint32_t nvme_get32(nvme_t *, uintptr_t); 367 368 static boolean_t nvme_check_regs_hdl(nvme_t *); 369 static boolean_t nvme_check_dma_hdl(nvme_dma_t *); 370 371 static int nvme_fill_prp(nvme_cmd_t *, bd_xfer_t *); 372 373 static void nvme_bd_xfer_done(void *); 374 static void nvme_bd_driveinfo(void *, bd_drive_t *); 375 static int nvme_bd_mediainfo(void *, bd_media_t *); 376 static int nvme_bd_cmd(nvme_namespace_t *, bd_xfer_t *, uint8_t); 377 static int nvme_bd_read(void *, bd_xfer_t *); 378 static int nvme_bd_write(void *, bd_xfer_t *); 379 static int nvme_bd_sync(void *, bd_xfer_t *); 380 static int nvme_bd_devid(void *, dev_info_t *, ddi_devid_t *); 381 382 static int nvme_prp_dma_constructor(void *, void *, int); 383 static void nvme_prp_dma_destructor(void *, void *); 384 385 static void nvme_prepare_devid(nvme_t *, uint32_t); 386 387 static int nvme_open(dev_t *, int, int, cred_t *); 388 static int nvme_close(dev_t, int, int, cred_t *); 389 static int nvme_ioctl(dev_t, int, intptr_t, int, cred_t *, int *); 390 391 #define NVME_MINOR_INST_SHIFT 9 392 #define NVME_MINOR(inst, nsid) (((inst) << NVME_MINOR_INST_SHIFT) | (nsid)) 393 #define NVME_MINOR_INST(minor) ((minor) >> NVME_MINOR_INST_SHIFT) 394 #define NVME_MINOR_NSID(minor) ((minor) & ((1 << NVME_MINOR_INST_SHIFT) - 1)) 395 #define NVME_MINOR_MAX (NVME_MINOR(1, 0) - 2) 396 397 static void *nvme_state; 398 static kmem_cache_t *nvme_cmd_cache; 399 400 /* 401 * DMA attributes for queue DMA memory 402 * 403 * Queue DMA memory must be page aligned. The maximum length of a queue is 404 * 65536 entries, and an entry can be 64 bytes long. 405 */ 406 static ddi_dma_attr_t nvme_queue_dma_attr = { 407 .dma_attr_version = DMA_ATTR_V0, 408 .dma_attr_addr_lo = 0, 409 .dma_attr_addr_hi = 0xffffffffffffffffULL, 410 .dma_attr_count_max = (UINT16_MAX + 1) * sizeof (nvme_sqe_t) - 1, 411 .dma_attr_align = 0x1000, 412 .dma_attr_burstsizes = 0x7ff, 413 .dma_attr_minxfer = 0x1000, 414 .dma_attr_maxxfer = (UINT16_MAX + 1) * sizeof (nvme_sqe_t), 415 .dma_attr_seg = 0xffffffffffffffffULL, 416 .dma_attr_sgllen = 1, 417 .dma_attr_granular = 1, 418 .dma_attr_flags = 0, 419 }; 420 421 /* 422 * DMA attributes for transfers using Physical Region Page (PRP) entries 423 * 424 * A PRP entry describes one page of DMA memory using the page size specified 425 * in the controller configuration's memory page size register (CC.MPS). It uses 426 * a 64bit base address aligned to this page size. There is no limitation on 427 * chaining PRPs together for arbitrarily large DMA transfers. 428 */ 429 static ddi_dma_attr_t nvme_prp_dma_attr = { 430 .dma_attr_version = DMA_ATTR_V0, 431 .dma_attr_addr_lo = 0, 432 .dma_attr_addr_hi = 0xffffffffffffffffULL, 433 .dma_attr_count_max = 0xfff, 434 .dma_attr_align = 0x1000, 435 .dma_attr_burstsizes = 0x7ff, 436 .dma_attr_minxfer = 0x1000, 437 .dma_attr_maxxfer = 0x1000, 438 .dma_attr_seg = 0xfff, 439 .dma_attr_sgllen = -1, 440 .dma_attr_granular = 1, 441 .dma_attr_flags = 0, 442 }; 443 444 /* 445 * DMA attributes for transfers using scatter/gather lists 446 * 447 * A SGL entry describes a chunk of DMA memory using a 64bit base address and a 448 * 32bit length field. SGL Segment and SGL Last Segment entries require the 449 * length to be a multiple of 16 bytes. 450 */ 451 static ddi_dma_attr_t nvme_sgl_dma_attr = { 452 .dma_attr_version = DMA_ATTR_V0, 453 .dma_attr_addr_lo = 0, 454 .dma_attr_addr_hi = 0xffffffffffffffffULL, 455 .dma_attr_count_max = 0xffffffffUL, 456 .dma_attr_align = 1, 457 .dma_attr_burstsizes = 0x7ff, 458 .dma_attr_minxfer = 0x10, 459 .dma_attr_maxxfer = 0xfffffffffULL, 460 .dma_attr_seg = 0xffffffffffffffffULL, 461 .dma_attr_sgllen = -1, 462 .dma_attr_granular = 0x10, 463 .dma_attr_flags = 0 464 }; 465 466 static ddi_device_acc_attr_t nvme_reg_acc_attr = { 467 .devacc_attr_version = DDI_DEVICE_ATTR_V0, 468 .devacc_attr_endian_flags = DDI_STRUCTURE_LE_ACC, 469 .devacc_attr_dataorder = DDI_STRICTORDER_ACC 470 }; 471 472 static struct cb_ops nvme_cb_ops = { 473 .cb_open = nvme_open, 474 .cb_close = nvme_close, 475 .cb_strategy = nodev, 476 .cb_print = nodev, 477 .cb_dump = nodev, 478 .cb_read = nodev, 479 .cb_write = nodev, 480 .cb_ioctl = nvme_ioctl, 481 .cb_devmap = nodev, 482 .cb_mmap = nodev, 483 .cb_segmap = nodev, 484 .cb_chpoll = nochpoll, 485 .cb_prop_op = ddi_prop_op, 486 .cb_str = 0, 487 .cb_flag = D_NEW | D_MP, 488 .cb_rev = CB_REV, 489 .cb_aread = nodev, 490 .cb_awrite = nodev 491 }; 492 493 static struct dev_ops nvme_dev_ops = { 494 .devo_rev = DEVO_REV, 495 .devo_refcnt = 0, 496 .devo_getinfo = ddi_no_info, 497 .devo_identify = nulldev, 498 .devo_probe = nulldev, 499 .devo_attach = nvme_attach, 500 .devo_detach = nvme_detach, 501 .devo_reset = nodev, 502 .devo_cb_ops = &nvme_cb_ops, 503 .devo_bus_ops = NULL, 504 .devo_power = NULL, 505 .devo_quiesce = nvme_quiesce, 506 }; 507 508 static struct modldrv nvme_modldrv = { 509 .drv_modops = &mod_driverops, 510 .drv_linkinfo = "NVMe v1.1b", 511 .drv_dev_ops = &nvme_dev_ops 512 }; 513 514 static struct modlinkage nvme_modlinkage = { 515 .ml_rev = MODREV_1, 516 .ml_linkage = { &nvme_modldrv, NULL } 517 }; 518 519 static bd_ops_t nvme_bd_ops = { 520 .o_version = BD_OPS_VERSION_0, 521 .o_drive_info = nvme_bd_driveinfo, 522 .o_media_info = nvme_bd_mediainfo, 523 .o_devid_init = nvme_bd_devid, 524 .o_sync_cache = nvme_bd_sync, 525 .o_read = nvme_bd_read, 526 .o_write = nvme_bd_write, 527 }; 528 529 /* 530 * This list will hold commands that have timed out and couldn't be aborted. 531 * As we don't know what the hardware may still do with the DMA memory we can't 532 * free them, so we'll keep them forever on this list where we can easily look 533 * at them with mdb. 534 */ 535 static struct list nvme_lost_cmds; 536 static kmutex_t nvme_lc_mutex; 537 538 int 539 _init(void) 540 { 541 int error; 542 543 error = ddi_soft_state_init(&nvme_state, sizeof (nvme_t), 1); 544 if (error != DDI_SUCCESS) 545 return (error); 546 547 nvme_cmd_cache = kmem_cache_create("nvme_cmd_cache", 548 sizeof (nvme_cmd_t), 64, NULL, NULL, NULL, NULL, NULL, 0); 549 550 mutex_init(&nvme_lc_mutex, NULL, MUTEX_DRIVER, NULL); 551 list_create(&nvme_lost_cmds, sizeof (nvme_cmd_t), 552 offsetof(nvme_cmd_t, nc_list)); 553 554 bd_mod_init(&nvme_dev_ops); 555 556 error = mod_install(&nvme_modlinkage); 557 if (error != DDI_SUCCESS) { 558 ddi_soft_state_fini(&nvme_state); 559 mutex_destroy(&nvme_lc_mutex); 560 list_destroy(&nvme_lost_cmds); 561 bd_mod_fini(&nvme_dev_ops); 562 } 563 564 return (error); 565 } 566 567 int 568 _fini(void) 569 { 570 int error; 571 572 if (!list_is_empty(&nvme_lost_cmds)) 573 return (DDI_FAILURE); 574 575 error = mod_remove(&nvme_modlinkage); 576 if (error == DDI_SUCCESS) { 577 ddi_soft_state_fini(&nvme_state); 578 kmem_cache_destroy(nvme_cmd_cache); 579 mutex_destroy(&nvme_lc_mutex); 580 list_destroy(&nvme_lost_cmds); 581 bd_mod_fini(&nvme_dev_ops); 582 } 583 584 return (error); 585 } 586 587 int 588 _info(struct modinfo *modinfop) 589 { 590 return (mod_info(&nvme_modlinkage, modinfop)); 591 } 592 593 static inline void 594 nvme_put64(nvme_t *nvme, uintptr_t reg, uint64_t val) 595 { 596 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x7) == 0); 597 598 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 599 ddi_put64(nvme->n_regh, (uint64_t *)(nvme->n_regs + reg), val); 600 } 601 602 static inline void 603 nvme_put32(nvme_t *nvme, uintptr_t reg, uint32_t val) 604 { 605 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x3) == 0); 606 607 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 608 ddi_put32(nvme->n_regh, (uint32_t *)(nvme->n_regs + reg), val); 609 } 610 611 static inline uint64_t 612 nvme_get64(nvme_t *nvme, uintptr_t reg) 613 { 614 uint64_t val; 615 616 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x7) == 0); 617 618 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 619 val = ddi_get64(nvme->n_regh, (uint64_t *)(nvme->n_regs + reg)); 620 621 return (val); 622 } 623 624 static inline uint32_t 625 nvme_get32(nvme_t *nvme, uintptr_t reg) 626 { 627 uint32_t val; 628 629 ASSERT(((uintptr_t)(nvme->n_regs + reg) & 0x3) == 0); 630 631 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 632 val = ddi_get32(nvme->n_regh, (uint32_t *)(nvme->n_regs + reg)); 633 634 return (val); 635 } 636 637 static boolean_t 638 nvme_check_regs_hdl(nvme_t *nvme) 639 { 640 ddi_fm_error_t error; 641 642 ddi_fm_acc_err_get(nvme->n_regh, &error, DDI_FME_VERSION); 643 644 if (error.fme_status != DDI_FM_OK) 645 return (B_TRUE); 646 647 return (B_FALSE); 648 } 649 650 static boolean_t 651 nvme_check_dma_hdl(nvme_dma_t *dma) 652 { 653 ddi_fm_error_t error; 654 655 if (dma == NULL) 656 return (B_FALSE); 657 658 ddi_fm_dma_err_get(dma->nd_dmah, &error, DDI_FME_VERSION); 659 660 if (error.fme_status != DDI_FM_OK) 661 return (B_TRUE); 662 663 return (B_FALSE); 664 } 665 666 static void 667 nvme_free_dma_common(nvme_dma_t *dma) 668 { 669 if (dma->nd_dmah != NULL) 670 (void) ddi_dma_unbind_handle(dma->nd_dmah); 671 if (dma->nd_acch != NULL) 672 ddi_dma_mem_free(&dma->nd_acch); 673 if (dma->nd_dmah != NULL) 674 ddi_dma_free_handle(&dma->nd_dmah); 675 } 676 677 static void 678 nvme_free_dma(nvme_dma_t *dma) 679 { 680 nvme_free_dma_common(dma); 681 kmem_free(dma, sizeof (*dma)); 682 } 683 684 /* ARGSUSED */ 685 static void 686 nvme_prp_dma_destructor(void *buf, void *private) 687 { 688 nvme_dma_t *dma = (nvme_dma_t *)buf; 689 690 nvme_free_dma_common(dma); 691 } 692 693 static int 694 nvme_alloc_dma_common(nvme_t *nvme, nvme_dma_t *dma, 695 size_t len, uint_t flags, ddi_dma_attr_t *dma_attr) 696 { 697 if (ddi_dma_alloc_handle(nvme->n_dip, dma_attr, DDI_DMA_SLEEP, NULL, 698 &dma->nd_dmah) != DDI_SUCCESS) { 699 /* 700 * Due to DDI_DMA_SLEEP this can't be DDI_DMA_NORESOURCES, and 701 * the only other possible error is DDI_DMA_BADATTR which 702 * indicates a driver bug which should cause a panic. 703 */ 704 dev_err(nvme->n_dip, CE_PANIC, 705 "!failed to get DMA handle, check DMA attributes"); 706 return (DDI_FAILURE); 707 } 708 709 /* 710 * ddi_dma_mem_alloc() can only fail when DDI_DMA_NOSLEEP is specified 711 * or the flags are conflicting, which isn't the case here. 712 */ 713 (void) ddi_dma_mem_alloc(dma->nd_dmah, len, &nvme->n_reg_acc_attr, 714 DDI_DMA_CONSISTENT, DDI_DMA_SLEEP, NULL, &dma->nd_memp, 715 &dma->nd_len, &dma->nd_acch); 716 717 if (ddi_dma_addr_bind_handle(dma->nd_dmah, NULL, dma->nd_memp, 718 dma->nd_len, flags | DDI_DMA_CONSISTENT, DDI_DMA_SLEEP, NULL, 719 &dma->nd_cookie, &dma->nd_ncookie) != DDI_DMA_MAPPED) { 720 dev_err(nvme->n_dip, CE_WARN, 721 "!failed to bind DMA memory"); 722 atomic_inc_32(&nvme->n_dma_bind_err); 723 nvme_free_dma_common(dma); 724 return (DDI_FAILURE); 725 } 726 727 return (DDI_SUCCESS); 728 } 729 730 static int 731 nvme_zalloc_dma(nvme_t *nvme, size_t len, uint_t flags, 732 ddi_dma_attr_t *dma_attr, nvme_dma_t **ret) 733 { 734 nvme_dma_t *dma = kmem_zalloc(sizeof (nvme_dma_t), KM_SLEEP); 735 736 if (nvme_alloc_dma_common(nvme, dma, len, flags, dma_attr) != 737 DDI_SUCCESS) { 738 *ret = NULL; 739 kmem_free(dma, sizeof (nvme_dma_t)); 740 return (DDI_FAILURE); 741 } 742 743 bzero(dma->nd_memp, dma->nd_len); 744 745 *ret = dma; 746 return (DDI_SUCCESS); 747 } 748 749 /* ARGSUSED */ 750 static int 751 nvme_prp_dma_constructor(void *buf, void *private, int flags) 752 { 753 nvme_dma_t *dma = (nvme_dma_t *)buf; 754 nvme_t *nvme = (nvme_t *)private; 755 756 dma->nd_dmah = NULL; 757 dma->nd_acch = NULL; 758 759 if (nvme_alloc_dma_common(nvme, dma, nvme->n_pagesize, 760 DDI_DMA_READ, &nvme->n_prp_dma_attr) != DDI_SUCCESS) { 761 return (-1); 762 } 763 764 ASSERT(dma->nd_ncookie == 1); 765 766 dma->nd_cached = B_TRUE; 767 768 return (0); 769 } 770 771 static int 772 nvme_zalloc_queue_dma(nvme_t *nvme, uint32_t nentry, uint16_t qe_len, 773 uint_t flags, nvme_dma_t **dma) 774 { 775 uint32_t len = nentry * qe_len; 776 ddi_dma_attr_t q_dma_attr = nvme->n_queue_dma_attr; 777 778 len = roundup(len, nvme->n_pagesize); 779 780 if (nvme_zalloc_dma(nvme, len, flags, &q_dma_attr, dma) 781 != DDI_SUCCESS) { 782 dev_err(nvme->n_dip, CE_WARN, 783 "!failed to get DMA memory for queue"); 784 goto fail; 785 } 786 787 if ((*dma)->nd_ncookie != 1) { 788 dev_err(nvme->n_dip, CE_WARN, 789 "!got too many cookies for queue DMA"); 790 goto fail; 791 } 792 793 return (DDI_SUCCESS); 794 795 fail: 796 if (*dma) { 797 nvme_free_dma(*dma); 798 *dma = NULL; 799 } 800 801 return (DDI_FAILURE); 802 } 803 804 static void 805 nvme_free_cq(nvme_cq_t *cq) 806 { 807 mutex_destroy(&cq->ncq_mutex); 808 809 if (cq->ncq_dma != NULL) 810 nvme_free_dma(cq->ncq_dma); 811 812 kmem_free(cq, sizeof (*cq)); 813 } 814 815 static void 816 nvme_free_qpair(nvme_qpair_t *qp) 817 { 818 int i; 819 820 mutex_destroy(&qp->nq_mutex); 821 sema_destroy(&qp->nq_sema); 822 823 if (qp->nq_sqdma != NULL) 824 nvme_free_dma(qp->nq_sqdma); 825 826 if (qp->nq_active_cmds > 0) 827 for (i = 0; i != qp->nq_nentry; i++) 828 if (qp->nq_cmd[i] != NULL) 829 nvme_free_cmd(qp->nq_cmd[i]); 830 831 if (qp->nq_cmd != NULL) 832 kmem_free(qp->nq_cmd, sizeof (nvme_cmd_t *) * qp->nq_nentry); 833 834 kmem_free(qp, sizeof (nvme_qpair_t)); 835 } 836 837 /* 838 * Destroy the pre-allocated cq array, but only free individual completion 839 * queues from the given starting index. 840 */ 841 static void 842 nvme_destroy_cq_array(nvme_t *nvme, uint_t start) 843 { 844 uint_t i; 845 846 for (i = start; i < nvme->n_cq_count; i++) 847 if (nvme->n_cq[i] != NULL) 848 nvme_free_cq(nvme->n_cq[i]); 849 850 kmem_free(nvme->n_cq, sizeof (*nvme->n_cq) * nvme->n_cq_count); 851 } 852 853 static int 854 nvme_alloc_cq(nvme_t *nvme, uint32_t nentry, nvme_cq_t **cqp, uint16_t idx) 855 { 856 nvme_cq_t *cq = kmem_zalloc(sizeof (*cq), KM_SLEEP); 857 858 mutex_init(&cq->ncq_mutex, NULL, MUTEX_DRIVER, 859 DDI_INTR_PRI(nvme->n_intr_pri)); 860 861 if (nvme_zalloc_queue_dma(nvme, nentry, sizeof (nvme_cqe_t), 862 DDI_DMA_READ, &cq->ncq_dma) != DDI_SUCCESS) 863 goto fail; 864 865 cq->ncq_cq = (nvme_cqe_t *)cq->ncq_dma->nd_memp; 866 cq->ncq_nentry = nentry; 867 cq->ncq_id = idx; 868 cq->ncq_hdbl = NVME_REG_CQHDBL(nvme, idx); 869 870 *cqp = cq; 871 return (DDI_SUCCESS); 872 873 fail: 874 nvme_free_cq(cq); 875 *cqp = NULL; 876 877 return (DDI_FAILURE); 878 } 879 880 /* 881 * Create the n_cq array big enough to hold "ncq" completion queues. 882 * If the array already exists it will be re-sized (but only larger). 883 * The admin queue is included in this array, which boosts the 884 * max number of entries to UINT16_MAX + 1. 885 */ 886 static int 887 nvme_create_cq_array(nvme_t *nvme, uint_t ncq, uint32_t nentry) 888 { 889 nvme_cq_t **cq; 890 uint_t i, cq_count; 891 892 ASSERT3U(ncq, >, nvme->n_cq_count); 893 894 cq = nvme->n_cq; 895 cq_count = nvme->n_cq_count; 896 897 nvme->n_cq = kmem_zalloc(sizeof (*nvme->n_cq) * ncq, KM_SLEEP); 898 nvme->n_cq_count = ncq; 899 900 for (i = 0; i < cq_count; i++) 901 nvme->n_cq[i] = cq[i]; 902 903 for (; i < nvme->n_cq_count; i++) 904 if (nvme_alloc_cq(nvme, nentry, &nvme->n_cq[i], i) != 905 DDI_SUCCESS) 906 goto fail; 907 908 if (cq != NULL) 909 kmem_free(cq, sizeof (*cq) * cq_count); 910 911 return (DDI_SUCCESS); 912 913 fail: 914 nvme_destroy_cq_array(nvme, cq_count); 915 /* 916 * Restore the original array 917 */ 918 nvme->n_cq_count = cq_count; 919 nvme->n_cq = cq; 920 921 return (DDI_FAILURE); 922 } 923 924 static int 925 nvme_alloc_qpair(nvme_t *nvme, uint32_t nentry, nvme_qpair_t **nqp, 926 uint_t idx) 927 { 928 nvme_qpair_t *qp = kmem_zalloc(sizeof (*qp), KM_SLEEP); 929 uint_t cq_idx; 930 931 mutex_init(&qp->nq_mutex, NULL, MUTEX_DRIVER, 932 DDI_INTR_PRI(nvme->n_intr_pri)); 933 934 /* 935 * The NVMe spec defines that a full queue has one empty (unused) slot; 936 * initialize the semaphore accordingly. 937 */ 938 sema_init(&qp->nq_sema, nentry - 1, NULL, SEMA_DRIVER, NULL); 939 940 if (nvme_zalloc_queue_dma(nvme, nentry, sizeof (nvme_sqe_t), 941 DDI_DMA_WRITE, &qp->nq_sqdma) != DDI_SUCCESS) 942 goto fail; 943 944 /* 945 * idx == 0 is adminq, those above 0 are shared io completion queues. 946 */ 947 cq_idx = idx == 0 ? 0 : 1 + (idx - 1) % (nvme->n_cq_count - 1); 948 qp->nq_cq = nvme->n_cq[cq_idx]; 949 qp->nq_sq = (nvme_sqe_t *)qp->nq_sqdma->nd_memp; 950 qp->nq_nentry = nentry; 951 952 qp->nq_sqtdbl = NVME_REG_SQTDBL(nvme, idx); 953 954 qp->nq_cmd = kmem_zalloc(sizeof (nvme_cmd_t *) * nentry, KM_SLEEP); 955 qp->nq_next_cmd = 0; 956 957 *nqp = qp; 958 return (DDI_SUCCESS); 959 960 fail: 961 nvme_free_qpair(qp); 962 *nqp = NULL; 963 964 return (DDI_FAILURE); 965 } 966 967 static nvme_cmd_t * 968 nvme_alloc_cmd(nvme_t *nvme, int kmflag) 969 { 970 nvme_cmd_t *cmd = kmem_cache_alloc(nvme_cmd_cache, kmflag); 971 972 if (cmd == NULL) 973 return (cmd); 974 975 bzero(cmd, sizeof (nvme_cmd_t)); 976 977 cmd->nc_nvme = nvme; 978 979 mutex_init(&cmd->nc_mutex, NULL, MUTEX_DRIVER, 980 DDI_INTR_PRI(nvme->n_intr_pri)); 981 cv_init(&cmd->nc_cv, NULL, CV_DRIVER, NULL); 982 983 return (cmd); 984 } 985 986 static void 987 nvme_free_cmd(nvme_cmd_t *cmd) 988 { 989 /* Don't free commands on the lost commands list. */ 990 if (list_link_active(&cmd->nc_list)) 991 return; 992 993 if (cmd->nc_dma) { 994 if (cmd->nc_dma->nd_cached) 995 kmem_cache_free(cmd->nc_nvme->n_prp_cache, 996 cmd->nc_dma); 997 else 998 nvme_free_dma(cmd->nc_dma); 999 cmd->nc_dma = NULL; 1000 } 1001 1002 cv_destroy(&cmd->nc_cv); 1003 mutex_destroy(&cmd->nc_mutex); 1004 1005 kmem_cache_free(nvme_cmd_cache, cmd); 1006 } 1007 1008 static void 1009 nvme_submit_admin_cmd(nvme_qpair_t *qp, nvme_cmd_t *cmd) 1010 { 1011 sema_p(&qp->nq_sema); 1012 nvme_submit_cmd_common(qp, cmd); 1013 } 1014 1015 static int 1016 nvme_submit_io_cmd(nvme_qpair_t *qp, nvme_cmd_t *cmd) 1017 { 1018 if (sema_tryp(&qp->nq_sema) == 0) 1019 return (EAGAIN); 1020 1021 nvme_submit_cmd_common(qp, cmd); 1022 return (0); 1023 } 1024 1025 static void 1026 nvme_submit_cmd_common(nvme_qpair_t *qp, nvme_cmd_t *cmd) 1027 { 1028 nvme_reg_sqtdbl_t tail = { 0 }; 1029 1030 mutex_enter(&qp->nq_mutex); 1031 cmd->nc_completed = B_FALSE; 1032 1033 /* 1034 * Try to insert the cmd into the active cmd array at the nq_next_cmd 1035 * slot. If the slot is already occupied advance to the next slot and 1036 * try again. This can happen for long running commands like async event 1037 * requests. 1038 */ 1039 while (qp->nq_cmd[qp->nq_next_cmd] != NULL) 1040 qp->nq_next_cmd = (qp->nq_next_cmd + 1) % qp->nq_nentry; 1041 qp->nq_cmd[qp->nq_next_cmd] = cmd; 1042 1043 qp->nq_active_cmds++; 1044 1045 cmd->nc_sqe.sqe_cid = qp->nq_next_cmd; 1046 bcopy(&cmd->nc_sqe, &qp->nq_sq[qp->nq_sqtail], sizeof (nvme_sqe_t)); 1047 (void) ddi_dma_sync(qp->nq_sqdma->nd_dmah, 1048 sizeof (nvme_sqe_t) * qp->nq_sqtail, 1049 sizeof (nvme_sqe_t), DDI_DMA_SYNC_FORDEV); 1050 qp->nq_next_cmd = (qp->nq_next_cmd + 1) % qp->nq_nentry; 1051 1052 tail.b.sqtdbl_sqt = qp->nq_sqtail = (qp->nq_sqtail + 1) % qp->nq_nentry; 1053 nvme_put32(cmd->nc_nvme, qp->nq_sqtdbl, tail.r); 1054 1055 mutex_exit(&qp->nq_mutex); 1056 } 1057 1058 static nvme_cmd_t * 1059 nvme_unqueue_cmd(nvme_t *nvme, nvme_qpair_t *qp, int cid) 1060 { 1061 nvme_cmd_t *cmd; 1062 1063 ASSERT(mutex_owned(&qp->nq_mutex)); 1064 ASSERT3S(cid, <, qp->nq_nentry); 1065 1066 cmd = qp->nq_cmd[cid]; 1067 qp->nq_cmd[cid] = NULL; 1068 ASSERT3U(qp->nq_active_cmds, >, 0); 1069 qp->nq_active_cmds--; 1070 sema_v(&qp->nq_sema); 1071 1072 ASSERT3P(cmd, !=, NULL); 1073 ASSERT3P(cmd->nc_nvme, ==, nvme); 1074 ASSERT3S(cmd->nc_sqe.sqe_cid, ==, cid); 1075 1076 return (cmd); 1077 } 1078 1079 /* 1080 * Get the command tied to the next completed cqe and bump along completion 1081 * queue head counter. 1082 */ 1083 static nvme_cmd_t * 1084 nvme_get_completed(nvme_t *nvme, nvme_cq_t *cq) 1085 { 1086 nvme_qpair_t *qp; 1087 nvme_cqe_t *cqe; 1088 nvme_cmd_t *cmd; 1089 1090 ASSERT(mutex_owned(&cq->ncq_mutex)); 1091 1092 cqe = &cq->ncq_cq[cq->ncq_head]; 1093 1094 /* Check phase tag of CQE. Hardware inverts it for new entries. */ 1095 if (cqe->cqe_sf.sf_p == cq->ncq_phase) 1096 return (NULL); 1097 1098 qp = nvme->n_ioq[cqe->cqe_sqid]; 1099 1100 mutex_enter(&qp->nq_mutex); 1101 cmd = nvme_unqueue_cmd(nvme, qp, cqe->cqe_cid); 1102 mutex_exit(&qp->nq_mutex); 1103 1104 ASSERT(cmd->nc_sqid == cqe->cqe_sqid); 1105 bcopy(cqe, &cmd->nc_cqe, sizeof (nvme_cqe_t)); 1106 1107 qp->nq_sqhead = cqe->cqe_sqhd; 1108 1109 cq->ncq_head = (cq->ncq_head + 1) % cq->ncq_nentry; 1110 1111 /* Toggle phase on wrap-around. */ 1112 if (cq->ncq_head == 0) 1113 cq->ncq_phase = cq->ncq_phase ? 0 : 1; 1114 1115 return (cmd); 1116 } 1117 1118 /* 1119 * Process all completed commands on the io completion queue. 1120 */ 1121 static uint_t 1122 nvme_process_iocq(nvme_t *nvme, nvme_cq_t *cq) 1123 { 1124 nvme_reg_cqhdbl_t head = { 0 }; 1125 nvme_cmd_t *cmd; 1126 uint_t completed = 0; 1127 1128 if (ddi_dma_sync(cq->ncq_dma->nd_dmah, 0, 0, DDI_DMA_SYNC_FORKERNEL) != 1129 DDI_SUCCESS) 1130 dev_err(nvme->n_dip, CE_WARN, "!ddi_dma_sync() failed in %s", 1131 __func__); 1132 1133 mutex_enter(&cq->ncq_mutex); 1134 1135 while ((cmd = nvme_get_completed(nvme, cq)) != NULL) { 1136 taskq_dispatch_ent((taskq_t *)cmd->nc_nvme->n_cmd_taskq, 1137 cmd->nc_callback, cmd, TQ_NOSLEEP, &cmd->nc_tqent); 1138 1139 completed++; 1140 } 1141 1142 if (completed > 0) { 1143 /* 1144 * Update the completion queue head doorbell. 1145 */ 1146 head.b.cqhdbl_cqh = cq->ncq_head; 1147 nvme_put32(nvme, cq->ncq_hdbl, head.r); 1148 } 1149 1150 mutex_exit(&cq->ncq_mutex); 1151 1152 return (completed); 1153 } 1154 1155 static nvme_cmd_t * 1156 nvme_retrieve_cmd(nvme_t *nvme, nvme_qpair_t *qp) 1157 { 1158 nvme_cq_t *cq = qp->nq_cq; 1159 nvme_reg_cqhdbl_t head = { 0 }; 1160 nvme_cmd_t *cmd; 1161 1162 if (ddi_dma_sync(cq->ncq_dma->nd_dmah, 0, 0, DDI_DMA_SYNC_FORKERNEL) != 1163 DDI_SUCCESS) 1164 dev_err(nvme->n_dip, CE_WARN, "!ddi_dma_sync() failed in %s", 1165 __func__); 1166 1167 mutex_enter(&cq->ncq_mutex); 1168 1169 if ((cmd = nvme_get_completed(nvme, cq)) != NULL) { 1170 head.b.cqhdbl_cqh = cq->ncq_head; 1171 nvme_put32(nvme, cq->ncq_hdbl, head.r); 1172 } 1173 1174 mutex_exit(&cq->ncq_mutex); 1175 1176 return (cmd); 1177 } 1178 1179 static int 1180 nvme_check_unknown_cmd_status(nvme_cmd_t *cmd) 1181 { 1182 nvme_cqe_t *cqe = &cmd->nc_cqe; 1183 1184 dev_err(cmd->nc_nvme->n_dip, CE_WARN, 1185 "!unknown command status received: opc = %x, sqid = %d, cid = %d, " 1186 "sc = %x, sct = %x, dnr = %d, m = %d", cmd->nc_sqe.sqe_opc, 1187 cqe->cqe_sqid, cqe->cqe_cid, cqe->cqe_sf.sf_sc, cqe->cqe_sf.sf_sct, 1188 cqe->cqe_sf.sf_dnr, cqe->cqe_sf.sf_m); 1189 1190 if (cmd->nc_xfer != NULL) 1191 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ); 1192 1193 if (cmd->nc_nvme->n_strict_version) { 1194 cmd->nc_nvme->n_dead = B_TRUE; 1195 ddi_fm_service_impact(cmd->nc_nvme->n_dip, DDI_SERVICE_LOST); 1196 } 1197 1198 return (EIO); 1199 } 1200 1201 static int 1202 nvme_check_vendor_cmd_status(nvme_cmd_t *cmd) 1203 { 1204 nvme_cqe_t *cqe = &cmd->nc_cqe; 1205 1206 dev_err(cmd->nc_nvme->n_dip, CE_WARN, 1207 "!unknown command status received: opc = %x, sqid = %d, cid = %d, " 1208 "sc = %x, sct = %x, dnr = %d, m = %d", cmd->nc_sqe.sqe_opc, 1209 cqe->cqe_sqid, cqe->cqe_cid, cqe->cqe_sf.sf_sc, cqe->cqe_sf.sf_sct, 1210 cqe->cqe_sf.sf_dnr, cqe->cqe_sf.sf_m); 1211 if (!cmd->nc_nvme->n_ignore_unknown_vendor_status) { 1212 cmd->nc_nvme->n_dead = B_TRUE; 1213 ddi_fm_service_impact(cmd->nc_nvme->n_dip, DDI_SERVICE_LOST); 1214 } 1215 1216 return (EIO); 1217 } 1218 1219 static int 1220 nvme_check_integrity_cmd_status(nvme_cmd_t *cmd) 1221 { 1222 nvme_cqe_t *cqe = &cmd->nc_cqe; 1223 1224 switch (cqe->cqe_sf.sf_sc) { 1225 case NVME_CQE_SC_INT_NVM_WRITE: 1226 /* write fail */ 1227 /* TODO: post ereport */ 1228 if (cmd->nc_xfer != NULL) 1229 bd_error(cmd->nc_xfer, BD_ERR_MEDIA); 1230 return (EIO); 1231 1232 case NVME_CQE_SC_INT_NVM_READ: 1233 /* read fail */ 1234 /* TODO: post ereport */ 1235 if (cmd->nc_xfer != NULL) 1236 bd_error(cmd->nc_xfer, BD_ERR_MEDIA); 1237 return (EIO); 1238 1239 default: 1240 return (nvme_check_unknown_cmd_status(cmd)); 1241 } 1242 } 1243 1244 static int 1245 nvme_check_generic_cmd_status(nvme_cmd_t *cmd) 1246 { 1247 nvme_cqe_t *cqe = &cmd->nc_cqe; 1248 1249 switch (cqe->cqe_sf.sf_sc) { 1250 case NVME_CQE_SC_GEN_SUCCESS: 1251 return (0); 1252 1253 /* 1254 * Errors indicating a bug in the driver should cause a panic. 1255 */ 1256 case NVME_CQE_SC_GEN_INV_OPC: 1257 /* Invalid Command Opcode */ 1258 if (!cmd->nc_dontpanic) 1259 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, 1260 "programming error: invalid opcode in cmd %p", 1261 (void *)cmd); 1262 return (EINVAL); 1263 1264 case NVME_CQE_SC_GEN_INV_FLD: 1265 /* Invalid Field in Command */ 1266 if (!cmd->nc_dontpanic) 1267 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, 1268 "programming error: invalid field in cmd %p", 1269 (void *)cmd); 1270 return (EIO); 1271 1272 case NVME_CQE_SC_GEN_ID_CNFL: 1273 /* Command ID Conflict */ 1274 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: " 1275 "cmd ID conflict in cmd %p", (void *)cmd); 1276 return (0); 1277 1278 case NVME_CQE_SC_GEN_INV_NS: 1279 /* Invalid Namespace or Format */ 1280 if (!cmd->nc_dontpanic) 1281 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, 1282 "programming error: invalid NS/format in cmd %p", 1283 (void *)cmd); 1284 return (EINVAL); 1285 1286 case NVME_CQE_SC_GEN_NVM_LBA_RANGE: 1287 /* LBA Out Of Range */ 1288 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: " 1289 "LBA out of range in cmd %p", (void *)cmd); 1290 return (0); 1291 1292 /* 1293 * Non-fatal errors, handle gracefully. 1294 */ 1295 case NVME_CQE_SC_GEN_DATA_XFR_ERR: 1296 /* Data Transfer Error (DMA) */ 1297 /* TODO: post ereport */ 1298 atomic_inc_32(&cmd->nc_nvme->n_data_xfr_err); 1299 if (cmd->nc_xfer != NULL) 1300 bd_error(cmd->nc_xfer, BD_ERR_NTRDY); 1301 return (EIO); 1302 1303 case NVME_CQE_SC_GEN_INTERNAL_ERR: 1304 /* 1305 * Internal Error. The spec (v1.0, section 4.5.1.2) says 1306 * detailed error information is returned as async event, 1307 * so we pretty much ignore the error here and handle it 1308 * in the async event handler. 1309 */ 1310 atomic_inc_32(&cmd->nc_nvme->n_internal_err); 1311 if (cmd->nc_xfer != NULL) 1312 bd_error(cmd->nc_xfer, BD_ERR_NTRDY); 1313 return (EIO); 1314 1315 case NVME_CQE_SC_GEN_ABORT_REQUEST: 1316 /* 1317 * Command Abort Requested. This normally happens only when a 1318 * command times out. 1319 */ 1320 /* TODO: post ereport or change blkdev to handle this? */ 1321 atomic_inc_32(&cmd->nc_nvme->n_abort_rq_err); 1322 return (ECANCELED); 1323 1324 case NVME_CQE_SC_GEN_ABORT_PWRLOSS: 1325 /* Command Aborted due to Power Loss Notification */ 1326 ddi_fm_service_impact(cmd->nc_nvme->n_dip, DDI_SERVICE_LOST); 1327 cmd->nc_nvme->n_dead = B_TRUE; 1328 return (EIO); 1329 1330 case NVME_CQE_SC_GEN_ABORT_SQ_DEL: 1331 /* Command Aborted due to SQ Deletion */ 1332 atomic_inc_32(&cmd->nc_nvme->n_abort_sq_del); 1333 return (EIO); 1334 1335 case NVME_CQE_SC_GEN_NVM_CAP_EXC: 1336 /* Capacity Exceeded */ 1337 atomic_inc_32(&cmd->nc_nvme->n_nvm_cap_exc); 1338 if (cmd->nc_xfer != NULL) 1339 bd_error(cmd->nc_xfer, BD_ERR_MEDIA); 1340 return (EIO); 1341 1342 case NVME_CQE_SC_GEN_NVM_NS_NOTRDY: 1343 /* Namespace Not Ready */ 1344 atomic_inc_32(&cmd->nc_nvme->n_nvm_ns_notrdy); 1345 if (cmd->nc_xfer != NULL) 1346 bd_error(cmd->nc_xfer, BD_ERR_NTRDY); 1347 return (EIO); 1348 1349 default: 1350 return (nvme_check_unknown_cmd_status(cmd)); 1351 } 1352 } 1353 1354 static int 1355 nvme_check_specific_cmd_status(nvme_cmd_t *cmd) 1356 { 1357 nvme_cqe_t *cqe = &cmd->nc_cqe; 1358 1359 switch (cqe->cqe_sf.sf_sc) { 1360 case NVME_CQE_SC_SPC_INV_CQ: 1361 /* Completion Queue Invalid */ 1362 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE); 1363 atomic_inc_32(&cmd->nc_nvme->n_inv_cq_err); 1364 return (EINVAL); 1365 1366 case NVME_CQE_SC_SPC_INV_QID: 1367 /* Invalid Queue Identifier */ 1368 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE || 1369 cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_SQUEUE || 1370 cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE || 1371 cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_CQUEUE); 1372 atomic_inc_32(&cmd->nc_nvme->n_inv_qid_err); 1373 return (EINVAL); 1374 1375 case NVME_CQE_SC_SPC_MAX_QSZ_EXC: 1376 /* Max Queue Size Exceeded */ 1377 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_SQUEUE || 1378 cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE); 1379 atomic_inc_32(&cmd->nc_nvme->n_max_qsz_exc); 1380 return (EINVAL); 1381 1382 case NVME_CQE_SC_SPC_ABRT_CMD_EXC: 1383 /* Abort Command Limit Exceeded */ 1384 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_ABORT); 1385 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: " 1386 "abort command limit exceeded in cmd %p", (void *)cmd); 1387 return (0); 1388 1389 case NVME_CQE_SC_SPC_ASYNC_EVREQ_EXC: 1390 /* Async Event Request Limit Exceeded */ 1391 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_ASYNC_EVENT); 1392 dev_err(cmd->nc_nvme->n_dip, CE_PANIC, "programming error: " 1393 "async event request limit exceeded in cmd %p", 1394 (void *)cmd); 1395 return (0); 1396 1397 case NVME_CQE_SC_SPC_INV_INT_VECT: 1398 /* Invalid Interrupt Vector */ 1399 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_CREATE_CQUEUE); 1400 atomic_inc_32(&cmd->nc_nvme->n_inv_int_vect); 1401 return (EINVAL); 1402 1403 case NVME_CQE_SC_SPC_INV_LOG_PAGE: 1404 /* Invalid Log Page */ 1405 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_GET_LOG_PAGE); 1406 atomic_inc_32(&cmd->nc_nvme->n_inv_log_page); 1407 return (EINVAL); 1408 1409 case NVME_CQE_SC_SPC_INV_FORMAT: 1410 /* Invalid Format */ 1411 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_FORMAT); 1412 atomic_inc_32(&cmd->nc_nvme->n_inv_format); 1413 if (cmd->nc_xfer != NULL) 1414 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ); 1415 return (EINVAL); 1416 1417 case NVME_CQE_SC_SPC_INV_Q_DEL: 1418 /* Invalid Queue Deletion */ 1419 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_DELETE_CQUEUE); 1420 atomic_inc_32(&cmd->nc_nvme->n_inv_q_del); 1421 return (EINVAL); 1422 1423 case NVME_CQE_SC_SPC_NVM_CNFL_ATTR: 1424 /* Conflicting Attributes */ 1425 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_DSET_MGMT || 1426 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_READ || 1427 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE); 1428 atomic_inc_32(&cmd->nc_nvme->n_cnfl_attr); 1429 if (cmd->nc_xfer != NULL) 1430 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ); 1431 return (EINVAL); 1432 1433 case NVME_CQE_SC_SPC_NVM_INV_PROT: 1434 /* Invalid Protection Information */ 1435 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_COMPARE || 1436 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_READ || 1437 cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE); 1438 atomic_inc_32(&cmd->nc_nvme->n_inv_prot); 1439 if (cmd->nc_xfer != NULL) 1440 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ); 1441 return (EINVAL); 1442 1443 case NVME_CQE_SC_SPC_NVM_READONLY: 1444 /* Write to Read Only Range */ 1445 ASSERT(cmd->nc_sqe.sqe_opc == NVME_OPC_NVM_WRITE); 1446 atomic_inc_32(&cmd->nc_nvme->n_readonly); 1447 if (cmd->nc_xfer != NULL) 1448 bd_error(cmd->nc_xfer, BD_ERR_ILLRQ); 1449 return (EROFS); 1450 1451 default: 1452 return (nvme_check_unknown_cmd_status(cmd)); 1453 } 1454 } 1455 1456 static inline int 1457 nvme_check_cmd_status(nvme_cmd_t *cmd) 1458 { 1459 nvme_cqe_t *cqe = &cmd->nc_cqe; 1460 1461 /* 1462 * Take a shortcut if the controller is dead, or if 1463 * command status indicates no error. 1464 */ 1465 if (cmd->nc_nvme->n_dead) 1466 return (EIO); 1467 1468 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC && 1469 cqe->cqe_sf.sf_sc == NVME_CQE_SC_GEN_SUCCESS) 1470 return (0); 1471 1472 if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC) 1473 return (nvme_check_generic_cmd_status(cmd)); 1474 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_SPECIFIC) 1475 return (nvme_check_specific_cmd_status(cmd)); 1476 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_INTEGRITY) 1477 return (nvme_check_integrity_cmd_status(cmd)); 1478 else if (cqe->cqe_sf.sf_sct == NVME_CQE_SCT_VENDOR) 1479 return (nvme_check_vendor_cmd_status(cmd)); 1480 1481 return (nvme_check_unknown_cmd_status(cmd)); 1482 } 1483 1484 static int 1485 nvme_abort_cmd(nvme_cmd_t *abort_cmd, uint_t sec) 1486 { 1487 nvme_t *nvme = abort_cmd->nc_nvme; 1488 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 1489 nvme_abort_cmd_t ac = { 0 }; 1490 int ret = 0; 1491 1492 sema_p(&nvme->n_abort_sema); 1493 1494 ac.b.ac_cid = abort_cmd->nc_sqe.sqe_cid; 1495 ac.b.ac_sqid = abort_cmd->nc_sqid; 1496 1497 cmd->nc_sqid = 0; 1498 cmd->nc_sqe.sqe_opc = NVME_OPC_ABORT; 1499 cmd->nc_callback = nvme_wakeup_cmd; 1500 cmd->nc_sqe.sqe_cdw10 = ac.r; 1501 1502 /* 1503 * Send the ABORT to the hardware. The ABORT command will return _after_ 1504 * the aborted command has completed (aborted or otherwise), but since 1505 * we still hold the aborted command's mutex its callback hasn't been 1506 * processed yet. 1507 */ 1508 nvme_admin_cmd(cmd, sec); 1509 sema_v(&nvme->n_abort_sema); 1510 1511 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 1512 dev_err(nvme->n_dip, CE_WARN, 1513 "!ABORT failed with sct = %x, sc = %x", 1514 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 1515 atomic_inc_32(&nvme->n_abort_failed); 1516 } else { 1517 dev_err(nvme->n_dip, CE_WARN, 1518 "!ABORT of command %d/%d %ssuccessful", 1519 abort_cmd->nc_sqe.sqe_cid, abort_cmd->nc_sqid, 1520 cmd->nc_cqe.cqe_dw0 & 1 ? "un" : ""); 1521 if ((cmd->nc_cqe.cqe_dw0 & 1) == 0) 1522 atomic_inc_32(&nvme->n_cmd_aborted); 1523 } 1524 1525 nvme_free_cmd(cmd); 1526 return (ret); 1527 } 1528 1529 /* 1530 * nvme_wait_cmd -- wait for command completion or timeout 1531 * 1532 * In case of a serious error or a timeout of the abort command the hardware 1533 * will be declared dead and FMA will be notified. 1534 */ 1535 static void 1536 nvme_wait_cmd(nvme_cmd_t *cmd, uint_t sec) 1537 { 1538 clock_t timeout = ddi_get_lbolt() + drv_usectohz(sec * MICROSEC); 1539 nvme_t *nvme = cmd->nc_nvme; 1540 nvme_reg_csts_t csts; 1541 nvme_qpair_t *qp; 1542 1543 ASSERT(mutex_owned(&cmd->nc_mutex)); 1544 1545 while (!cmd->nc_completed) { 1546 if (cv_timedwait(&cmd->nc_cv, &cmd->nc_mutex, timeout) == -1) 1547 break; 1548 } 1549 1550 if (cmd->nc_completed) 1551 return; 1552 1553 /* 1554 * The command timed out. 1555 * 1556 * Check controller for fatal status, any errors associated with the 1557 * register or DMA handle, or for a double timeout (abort command timed 1558 * out). If necessary log a warning and call FMA. 1559 */ 1560 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 1561 dev_err(nvme->n_dip, CE_WARN, "!command %d/%d timeout, " 1562 "OPC = %x, CFS = %d", cmd->nc_sqe.sqe_cid, cmd->nc_sqid, 1563 cmd->nc_sqe.sqe_opc, csts.b.csts_cfs); 1564 atomic_inc_32(&nvme->n_cmd_timeout); 1565 1566 if (csts.b.csts_cfs || 1567 nvme_check_regs_hdl(nvme) || 1568 nvme_check_dma_hdl(cmd->nc_dma) || 1569 cmd->nc_sqe.sqe_opc == NVME_OPC_ABORT) { 1570 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST); 1571 nvme->n_dead = B_TRUE; 1572 } else if (nvme_abort_cmd(cmd, sec) == 0) { 1573 /* 1574 * If the abort succeeded the command should complete 1575 * immediately with an appropriate status. 1576 */ 1577 while (!cmd->nc_completed) 1578 cv_wait(&cmd->nc_cv, &cmd->nc_mutex); 1579 1580 return; 1581 } 1582 1583 qp = nvme->n_ioq[cmd->nc_sqid]; 1584 1585 mutex_enter(&qp->nq_mutex); 1586 (void) nvme_unqueue_cmd(nvme, qp, cmd->nc_sqe.sqe_cid); 1587 mutex_exit(&qp->nq_mutex); 1588 1589 /* 1590 * As we don't know what the presumed dead hardware might still do with 1591 * the DMA memory, we'll put the command on the lost commands list if it 1592 * has any DMA memory. 1593 */ 1594 if (cmd->nc_dma != NULL) { 1595 mutex_enter(&nvme_lc_mutex); 1596 list_insert_head(&nvme_lost_cmds, cmd); 1597 mutex_exit(&nvme_lc_mutex); 1598 } 1599 } 1600 1601 static void 1602 nvme_wakeup_cmd(void *arg) 1603 { 1604 nvme_cmd_t *cmd = arg; 1605 1606 mutex_enter(&cmd->nc_mutex); 1607 cmd->nc_completed = B_TRUE; 1608 cv_signal(&cmd->nc_cv); 1609 mutex_exit(&cmd->nc_mutex); 1610 } 1611 1612 static void 1613 nvme_async_event_task(void *arg) 1614 { 1615 nvme_cmd_t *cmd = arg; 1616 nvme_t *nvme = cmd->nc_nvme; 1617 nvme_error_log_entry_t *error_log = NULL; 1618 nvme_health_log_t *health_log = NULL; 1619 size_t logsize = 0; 1620 nvme_async_event_t event; 1621 1622 /* 1623 * Check for errors associated with the async request itself. The only 1624 * command-specific error is "async event limit exceeded", which 1625 * indicates a programming error in the driver and causes a panic in 1626 * nvme_check_cmd_status(). 1627 * 1628 * Other possible errors are various scenarios where the async request 1629 * was aborted, or internal errors in the device. Internal errors are 1630 * reported to FMA, the command aborts need no special handling here. 1631 * 1632 * And finally, at least qemu nvme does not support async events, 1633 * and will return NVME_CQE_SC_GEN_INV_OPC | DNR. If so, we 1634 * will avoid posting async events. 1635 */ 1636 1637 if (nvme_check_cmd_status(cmd) != 0) { 1638 dev_err(cmd->nc_nvme->n_dip, CE_WARN, 1639 "!async event request returned failure, sct = %x, " 1640 "sc = %x, dnr = %d, m = %d", cmd->nc_cqe.cqe_sf.sf_sct, 1641 cmd->nc_cqe.cqe_sf.sf_sc, cmd->nc_cqe.cqe_sf.sf_dnr, 1642 cmd->nc_cqe.cqe_sf.sf_m); 1643 1644 if (cmd->nc_cqe.cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC && 1645 cmd->nc_cqe.cqe_sf.sf_sc == NVME_CQE_SC_GEN_INTERNAL_ERR) { 1646 cmd->nc_nvme->n_dead = B_TRUE; 1647 ddi_fm_service_impact(cmd->nc_nvme->n_dip, 1648 DDI_SERVICE_LOST); 1649 } 1650 1651 if (cmd->nc_cqe.cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC && 1652 cmd->nc_cqe.cqe_sf.sf_sc == NVME_CQE_SC_GEN_INV_OPC && 1653 cmd->nc_cqe.cqe_sf.sf_dnr == 1) { 1654 nvme->n_async_event_supported = B_FALSE; 1655 } 1656 1657 nvme_free_cmd(cmd); 1658 return; 1659 } 1660 1661 1662 event.r = cmd->nc_cqe.cqe_dw0; 1663 1664 /* Clear CQE and re-submit the async request. */ 1665 bzero(&cmd->nc_cqe, sizeof (nvme_cqe_t)); 1666 nvme_submit_admin_cmd(nvme->n_adminq, cmd); 1667 1668 switch (event.b.ae_type) { 1669 case NVME_ASYNC_TYPE_ERROR: 1670 if (event.b.ae_logpage == NVME_LOGPAGE_ERROR) { 1671 (void) nvme_get_logpage(nvme, B_FALSE, 1672 (void **)&error_log, &logsize, event.b.ae_logpage); 1673 } else { 1674 dev_err(nvme->n_dip, CE_WARN, "!wrong logpage in " 1675 "async event reply: %d", event.b.ae_logpage); 1676 atomic_inc_32(&nvme->n_wrong_logpage); 1677 } 1678 1679 switch (event.b.ae_info) { 1680 case NVME_ASYNC_ERROR_INV_SQ: 1681 dev_err(nvme->n_dip, CE_PANIC, "programming error: " 1682 "invalid submission queue"); 1683 return; 1684 1685 case NVME_ASYNC_ERROR_INV_DBL: 1686 dev_err(nvme->n_dip, CE_PANIC, "programming error: " 1687 "invalid doorbell write value"); 1688 return; 1689 1690 case NVME_ASYNC_ERROR_DIAGFAIL: 1691 dev_err(nvme->n_dip, CE_WARN, "!diagnostic failure"); 1692 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST); 1693 nvme->n_dead = B_TRUE; 1694 atomic_inc_32(&nvme->n_diagfail_event); 1695 break; 1696 1697 case NVME_ASYNC_ERROR_PERSISTENT: 1698 dev_err(nvme->n_dip, CE_WARN, "!persistent internal " 1699 "device error"); 1700 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST); 1701 nvme->n_dead = B_TRUE; 1702 atomic_inc_32(&nvme->n_persistent_event); 1703 break; 1704 1705 case NVME_ASYNC_ERROR_TRANSIENT: 1706 dev_err(nvme->n_dip, CE_WARN, "!transient internal " 1707 "device error"); 1708 /* TODO: send ereport */ 1709 atomic_inc_32(&nvme->n_transient_event); 1710 break; 1711 1712 case NVME_ASYNC_ERROR_FW_LOAD: 1713 dev_err(nvme->n_dip, CE_WARN, 1714 "!firmware image load error"); 1715 atomic_inc_32(&nvme->n_fw_load_event); 1716 break; 1717 } 1718 break; 1719 1720 case NVME_ASYNC_TYPE_HEALTH: 1721 if (event.b.ae_logpage == NVME_LOGPAGE_HEALTH) { 1722 (void) nvme_get_logpage(nvme, B_FALSE, 1723 (void **)&health_log, &logsize, event.b.ae_logpage, 1724 -1); 1725 } else { 1726 dev_err(nvme->n_dip, CE_WARN, "!wrong logpage in " 1727 "async event reply: %d", event.b.ae_logpage); 1728 atomic_inc_32(&nvme->n_wrong_logpage); 1729 } 1730 1731 switch (event.b.ae_info) { 1732 case NVME_ASYNC_HEALTH_RELIABILITY: 1733 dev_err(nvme->n_dip, CE_WARN, 1734 "!device reliability compromised"); 1735 /* TODO: send ereport */ 1736 atomic_inc_32(&nvme->n_reliability_event); 1737 break; 1738 1739 case NVME_ASYNC_HEALTH_TEMPERATURE: 1740 dev_err(nvme->n_dip, CE_WARN, 1741 "!temperature above threshold"); 1742 /* TODO: send ereport */ 1743 atomic_inc_32(&nvme->n_temperature_event); 1744 break; 1745 1746 case NVME_ASYNC_HEALTH_SPARE: 1747 dev_err(nvme->n_dip, CE_WARN, 1748 "!spare space below threshold"); 1749 /* TODO: send ereport */ 1750 atomic_inc_32(&nvme->n_spare_event); 1751 break; 1752 } 1753 break; 1754 1755 case NVME_ASYNC_TYPE_VENDOR: 1756 dev_err(nvme->n_dip, CE_WARN, "!vendor specific async event " 1757 "received, info = %x, logpage = %x", event.b.ae_info, 1758 event.b.ae_logpage); 1759 atomic_inc_32(&nvme->n_vendor_event); 1760 break; 1761 1762 default: 1763 dev_err(nvme->n_dip, CE_WARN, "!unknown async event received, " 1764 "type = %x, info = %x, logpage = %x", event.b.ae_type, 1765 event.b.ae_info, event.b.ae_logpage); 1766 atomic_inc_32(&nvme->n_unknown_event); 1767 break; 1768 } 1769 1770 if (error_log) 1771 kmem_free(error_log, logsize); 1772 1773 if (health_log) 1774 kmem_free(health_log, logsize); 1775 } 1776 1777 static void 1778 nvme_admin_cmd(nvme_cmd_t *cmd, int sec) 1779 { 1780 mutex_enter(&cmd->nc_mutex); 1781 nvme_submit_admin_cmd(cmd->nc_nvme->n_adminq, cmd); 1782 nvme_wait_cmd(cmd, sec); 1783 mutex_exit(&cmd->nc_mutex); 1784 } 1785 1786 static void 1787 nvme_async_event(nvme_t *nvme) 1788 { 1789 nvme_cmd_t *cmd; 1790 1791 cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 1792 cmd->nc_sqid = 0; 1793 cmd->nc_sqe.sqe_opc = NVME_OPC_ASYNC_EVENT; 1794 cmd->nc_callback = nvme_async_event_task; 1795 cmd->nc_dontpanic = B_TRUE; 1796 1797 nvme_submit_admin_cmd(nvme->n_adminq, cmd); 1798 } 1799 1800 static int 1801 nvme_format_nvm(nvme_t *nvme, boolean_t user, uint32_t nsid, uint8_t lbaf, 1802 boolean_t ms, uint8_t pi, boolean_t pil, uint8_t ses) 1803 { 1804 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 1805 nvme_format_nvm_t format_nvm = { 0 }; 1806 int ret; 1807 1808 format_nvm.b.fm_lbaf = lbaf & 0xf; 1809 format_nvm.b.fm_ms = ms ? 1 : 0; 1810 format_nvm.b.fm_pi = pi & 0x7; 1811 format_nvm.b.fm_pil = pil ? 1 : 0; 1812 format_nvm.b.fm_ses = ses & 0x7; 1813 1814 cmd->nc_sqid = 0; 1815 cmd->nc_callback = nvme_wakeup_cmd; 1816 cmd->nc_sqe.sqe_nsid = nsid; 1817 cmd->nc_sqe.sqe_opc = NVME_OPC_NVM_FORMAT; 1818 cmd->nc_sqe.sqe_cdw10 = format_nvm.r; 1819 1820 /* 1821 * Some devices like Samsung SM951 don't allow formatting of all 1822 * namespaces in one command. Handle that gracefully. 1823 */ 1824 if (nsid == (uint32_t)-1) 1825 cmd->nc_dontpanic = B_TRUE; 1826 /* 1827 * If this format request was initiated by the user, then don't allow a 1828 * programmer error to panic the system. 1829 */ 1830 if (user) 1831 cmd->nc_dontpanic = B_TRUE; 1832 1833 nvme_admin_cmd(cmd, nvme_format_cmd_timeout); 1834 1835 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 1836 dev_err(nvme->n_dip, CE_WARN, 1837 "!FORMAT failed with sct = %x, sc = %x", 1838 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 1839 } 1840 1841 nvme_free_cmd(cmd); 1842 return (ret); 1843 } 1844 1845 static int 1846 nvme_get_logpage(nvme_t *nvme, boolean_t user, void **buf, size_t *bufsize, 1847 uint8_t logpage, ...) 1848 { 1849 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 1850 nvme_getlogpage_t getlogpage = { 0 }; 1851 va_list ap; 1852 int ret; 1853 1854 va_start(ap, logpage); 1855 1856 cmd->nc_sqid = 0; 1857 cmd->nc_callback = nvme_wakeup_cmd; 1858 cmd->nc_sqe.sqe_opc = NVME_OPC_GET_LOG_PAGE; 1859 1860 if (user) 1861 cmd->nc_dontpanic = B_TRUE; 1862 1863 getlogpage.b.lp_lid = logpage; 1864 1865 switch (logpage) { 1866 case NVME_LOGPAGE_ERROR: 1867 cmd->nc_sqe.sqe_nsid = (uint32_t)-1; 1868 /* 1869 * The GET LOG PAGE command can use at most 2 pages to return 1870 * data, PRP lists are not supported. 1871 */ 1872 *bufsize = MIN(2 * nvme->n_pagesize, 1873 nvme->n_error_log_len * sizeof (nvme_error_log_entry_t)); 1874 break; 1875 1876 case NVME_LOGPAGE_HEALTH: 1877 cmd->nc_sqe.sqe_nsid = va_arg(ap, uint32_t); 1878 *bufsize = sizeof (nvme_health_log_t); 1879 break; 1880 1881 case NVME_LOGPAGE_FWSLOT: 1882 cmd->nc_sqe.sqe_nsid = (uint32_t)-1; 1883 *bufsize = sizeof (nvme_fwslot_log_t); 1884 break; 1885 1886 default: 1887 dev_err(nvme->n_dip, CE_WARN, "!unknown log page requested: %d", 1888 logpage); 1889 atomic_inc_32(&nvme->n_unknown_logpage); 1890 ret = EINVAL; 1891 goto fail; 1892 } 1893 1894 va_end(ap); 1895 1896 getlogpage.b.lp_numd = *bufsize / sizeof (uint32_t) - 1; 1897 1898 cmd->nc_sqe.sqe_cdw10 = getlogpage.r; 1899 1900 if (nvme_zalloc_dma(nvme, *bufsize, 1901 DDI_DMA_READ, &nvme->n_prp_dma_attr, &cmd->nc_dma) != DDI_SUCCESS) { 1902 dev_err(nvme->n_dip, CE_WARN, 1903 "!nvme_zalloc_dma failed for GET LOG PAGE"); 1904 ret = ENOMEM; 1905 goto fail; 1906 } 1907 1908 if (cmd->nc_dma->nd_ncookie > 2) { 1909 dev_err(nvme->n_dip, CE_WARN, 1910 "!too many DMA cookies for GET LOG PAGE"); 1911 atomic_inc_32(&nvme->n_too_many_cookies); 1912 ret = ENOMEM; 1913 goto fail; 1914 } 1915 1916 cmd->nc_sqe.sqe_dptr.d_prp[0] = cmd->nc_dma->nd_cookie.dmac_laddress; 1917 if (cmd->nc_dma->nd_ncookie > 1) { 1918 ddi_dma_nextcookie(cmd->nc_dma->nd_dmah, 1919 &cmd->nc_dma->nd_cookie); 1920 cmd->nc_sqe.sqe_dptr.d_prp[1] = 1921 cmd->nc_dma->nd_cookie.dmac_laddress; 1922 } 1923 1924 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 1925 1926 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 1927 dev_err(nvme->n_dip, CE_WARN, 1928 "!GET LOG PAGE failed with sct = %x, sc = %x", 1929 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 1930 goto fail; 1931 } 1932 1933 *buf = kmem_alloc(*bufsize, KM_SLEEP); 1934 bcopy(cmd->nc_dma->nd_memp, *buf, *bufsize); 1935 1936 fail: 1937 nvme_free_cmd(cmd); 1938 1939 return (ret); 1940 } 1941 1942 static int 1943 nvme_identify(nvme_t *nvme, boolean_t user, uint32_t nsid, void **buf) 1944 { 1945 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 1946 int ret; 1947 1948 if (buf == NULL) 1949 return (EINVAL); 1950 1951 cmd->nc_sqid = 0; 1952 cmd->nc_callback = nvme_wakeup_cmd; 1953 cmd->nc_sqe.sqe_opc = NVME_OPC_IDENTIFY; 1954 cmd->nc_sqe.sqe_nsid = nsid; 1955 cmd->nc_sqe.sqe_cdw10 = nsid ? NVME_IDENTIFY_NSID : NVME_IDENTIFY_CTRL; 1956 1957 if (nvme_zalloc_dma(nvme, NVME_IDENTIFY_BUFSIZE, DDI_DMA_READ, 1958 &nvme->n_prp_dma_attr, &cmd->nc_dma) != DDI_SUCCESS) { 1959 dev_err(nvme->n_dip, CE_WARN, 1960 "!nvme_zalloc_dma failed for IDENTIFY"); 1961 ret = ENOMEM; 1962 goto fail; 1963 } 1964 1965 if (cmd->nc_dma->nd_ncookie > 2) { 1966 dev_err(nvme->n_dip, CE_WARN, 1967 "!too many DMA cookies for IDENTIFY"); 1968 atomic_inc_32(&nvme->n_too_many_cookies); 1969 ret = ENOMEM; 1970 goto fail; 1971 } 1972 1973 cmd->nc_sqe.sqe_dptr.d_prp[0] = cmd->nc_dma->nd_cookie.dmac_laddress; 1974 if (cmd->nc_dma->nd_ncookie > 1) { 1975 ddi_dma_nextcookie(cmd->nc_dma->nd_dmah, 1976 &cmd->nc_dma->nd_cookie); 1977 cmd->nc_sqe.sqe_dptr.d_prp[1] = 1978 cmd->nc_dma->nd_cookie.dmac_laddress; 1979 } 1980 1981 if (user) 1982 cmd->nc_dontpanic = B_TRUE; 1983 1984 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 1985 1986 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 1987 dev_err(nvme->n_dip, CE_WARN, 1988 "!IDENTIFY failed with sct = %x, sc = %x", 1989 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 1990 goto fail; 1991 } 1992 1993 *buf = kmem_alloc(NVME_IDENTIFY_BUFSIZE, KM_SLEEP); 1994 bcopy(cmd->nc_dma->nd_memp, *buf, NVME_IDENTIFY_BUFSIZE); 1995 1996 fail: 1997 nvme_free_cmd(cmd); 1998 1999 return (ret); 2000 } 2001 2002 static int 2003 nvme_set_features(nvme_t *nvme, boolean_t user, uint32_t nsid, uint8_t feature, 2004 uint32_t val, uint32_t *res) 2005 { 2006 _NOTE(ARGUNUSED(nsid)); 2007 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 2008 int ret = EINVAL; 2009 2010 ASSERT(res != NULL); 2011 2012 cmd->nc_sqid = 0; 2013 cmd->nc_callback = nvme_wakeup_cmd; 2014 cmd->nc_sqe.sqe_opc = NVME_OPC_SET_FEATURES; 2015 cmd->nc_sqe.sqe_cdw10 = feature; 2016 cmd->nc_sqe.sqe_cdw11 = val; 2017 2018 if (user) 2019 cmd->nc_dontpanic = B_TRUE; 2020 2021 switch (feature) { 2022 case NVME_FEAT_WRITE_CACHE: 2023 if (!nvme->n_write_cache_present) 2024 goto fail; 2025 break; 2026 2027 case NVME_FEAT_NQUEUES: 2028 break; 2029 2030 default: 2031 goto fail; 2032 } 2033 2034 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 2035 2036 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 2037 dev_err(nvme->n_dip, CE_WARN, 2038 "!SET FEATURES %d failed with sct = %x, sc = %x", 2039 feature, cmd->nc_cqe.cqe_sf.sf_sct, 2040 cmd->nc_cqe.cqe_sf.sf_sc); 2041 goto fail; 2042 } 2043 2044 *res = cmd->nc_cqe.cqe_dw0; 2045 2046 fail: 2047 nvme_free_cmd(cmd); 2048 return (ret); 2049 } 2050 2051 static int 2052 nvme_get_features(nvme_t *nvme, boolean_t user, uint32_t nsid, uint8_t feature, 2053 uint32_t *res, void **buf, size_t *bufsize) 2054 { 2055 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 2056 int ret = EINVAL; 2057 2058 ASSERT(res != NULL); 2059 2060 if (bufsize != NULL) 2061 *bufsize = 0; 2062 2063 cmd->nc_sqid = 0; 2064 cmd->nc_callback = nvme_wakeup_cmd; 2065 cmd->nc_sqe.sqe_opc = NVME_OPC_GET_FEATURES; 2066 cmd->nc_sqe.sqe_cdw10 = feature; 2067 cmd->nc_sqe.sqe_cdw11 = *res; 2068 2069 /* 2070 * For some of the optional features there doesn't seem to be a method 2071 * of detecting whether it is supported other than using it. This will 2072 * cause "Invalid Field in Command" error, which is normally considered 2073 * a programming error. Set the nc_dontpanic flag to override the panic 2074 * in nvme_check_generic_cmd_status(). 2075 */ 2076 switch (feature) { 2077 case NVME_FEAT_ARBITRATION: 2078 case NVME_FEAT_POWER_MGMT: 2079 case NVME_FEAT_TEMPERATURE: 2080 case NVME_FEAT_ERROR: 2081 case NVME_FEAT_NQUEUES: 2082 case NVME_FEAT_INTR_COAL: 2083 case NVME_FEAT_INTR_VECT: 2084 case NVME_FEAT_WRITE_ATOM: 2085 case NVME_FEAT_ASYNC_EVENT: 2086 break; 2087 2088 case NVME_FEAT_WRITE_CACHE: 2089 if (!nvme->n_write_cache_present) 2090 goto fail; 2091 break; 2092 2093 case NVME_FEAT_LBA_RANGE: 2094 if (!nvme->n_lba_range_supported) 2095 goto fail; 2096 2097 cmd->nc_dontpanic = B_TRUE; 2098 cmd->nc_sqe.sqe_nsid = nsid; 2099 ASSERT(bufsize != NULL); 2100 *bufsize = NVME_LBA_RANGE_BUFSIZE; 2101 break; 2102 2103 case NVME_FEAT_AUTO_PST: 2104 if (!nvme->n_auto_pst_supported) 2105 goto fail; 2106 2107 ASSERT(bufsize != NULL); 2108 *bufsize = NVME_AUTO_PST_BUFSIZE; 2109 break; 2110 2111 case NVME_FEAT_PROGRESS: 2112 if (!nvme->n_progress_supported) 2113 goto fail; 2114 2115 cmd->nc_dontpanic = B_TRUE; 2116 break; 2117 2118 default: 2119 goto fail; 2120 } 2121 2122 if (user) 2123 cmd->nc_dontpanic = B_TRUE; 2124 2125 if (bufsize != NULL && *bufsize != 0) { 2126 if (nvme_zalloc_dma(nvme, *bufsize, DDI_DMA_READ, 2127 &nvme->n_prp_dma_attr, &cmd->nc_dma) != DDI_SUCCESS) { 2128 dev_err(nvme->n_dip, CE_WARN, 2129 "!nvme_zalloc_dma failed for GET FEATURES"); 2130 ret = ENOMEM; 2131 goto fail; 2132 } 2133 2134 if (cmd->nc_dma->nd_ncookie > 2) { 2135 dev_err(nvme->n_dip, CE_WARN, 2136 "!too many DMA cookies for GET FEATURES"); 2137 atomic_inc_32(&nvme->n_too_many_cookies); 2138 ret = ENOMEM; 2139 goto fail; 2140 } 2141 2142 cmd->nc_sqe.sqe_dptr.d_prp[0] = 2143 cmd->nc_dma->nd_cookie.dmac_laddress; 2144 if (cmd->nc_dma->nd_ncookie > 1) { 2145 ddi_dma_nextcookie(cmd->nc_dma->nd_dmah, 2146 &cmd->nc_dma->nd_cookie); 2147 cmd->nc_sqe.sqe_dptr.d_prp[1] = 2148 cmd->nc_dma->nd_cookie.dmac_laddress; 2149 } 2150 } 2151 2152 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 2153 2154 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 2155 boolean_t known = B_TRUE; 2156 2157 /* Check if this is unsupported optional feature */ 2158 if (cmd->nc_cqe.cqe_sf.sf_sct == NVME_CQE_SCT_GENERIC && 2159 cmd->nc_cqe.cqe_sf.sf_sc == NVME_CQE_SC_GEN_INV_FLD) { 2160 switch (feature) { 2161 case NVME_FEAT_LBA_RANGE: 2162 nvme->n_lba_range_supported = B_FALSE; 2163 break; 2164 case NVME_FEAT_PROGRESS: 2165 nvme->n_progress_supported = B_FALSE; 2166 break; 2167 default: 2168 known = B_FALSE; 2169 break; 2170 } 2171 } else { 2172 known = B_FALSE; 2173 } 2174 2175 /* Report the error otherwise */ 2176 if (!known) { 2177 dev_err(nvme->n_dip, CE_WARN, 2178 "!GET FEATURES %d failed with sct = %x, sc = %x", 2179 feature, cmd->nc_cqe.cqe_sf.sf_sct, 2180 cmd->nc_cqe.cqe_sf.sf_sc); 2181 } 2182 2183 goto fail; 2184 } 2185 2186 if (bufsize != NULL && *bufsize != 0) { 2187 ASSERT(buf != NULL); 2188 *buf = kmem_alloc(*bufsize, KM_SLEEP); 2189 bcopy(cmd->nc_dma->nd_memp, *buf, *bufsize); 2190 } 2191 2192 *res = cmd->nc_cqe.cqe_dw0; 2193 2194 fail: 2195 nvme_free_cmd(cmd); 2196 return (ret); 2197 } 2198 2199 static int 2200 nvme_write_cache_set(nvme_t *nvme, boolean_t enable) 2201 { 2202 nvme_write_cache_t nwc = { 0 }; 2203 2204 if (enable) 2205 nwc.b.wc_wce = 1; 2206 2207 return (nvme_set_features(nvme, B_FALSE, 0, NVME_FEAT_WRITE_CACHE, 2208 nwc.r, &nwc.r)); 2209 } 2210 2211 static int 2212 nvme_set_nqueues(nvme_t *nvme) 2213 { 2214 nvme_nqueues_t nq = { 0 }; 2215 int ret; 2216 2217 /* 2218 * The default is to allocate one completion queue per vector. 2219 */ 2220 if (nvme->n_completion_queues == -1) 2221 nvme->n_completion_queues = nvme->n_intr_cnt; 2222 2223 /* 2224 * There is no point in having more compeletion queues than 2225 * interrupt vectors. 2226 */ 2227 nvme->n_completion_queues = MIN(nvme->n_completion_queues, 2228 nvme->n_intr_cnt); 2229 2230 /* 2231 * The default is to use one submission queue per completion queue. 2232 */ 2233 if (nvme->n_submission_queues == -1) 2234 nvme->n_submission_queues = nvme->n_completion_queues; 2235 2236 /* 2237 * There is no point in having more compeletion queues than 2238 * submission queues. 2239 */ 2240 nvme->n_completion_queues = MIN(nvme->n_completion_queues, 2241 nvme->n_submission_queues); 2242 2243 ASSERT(nvme->n_submission_queues > 0); 2244 ASSERT(nvme->n_completion_queues > 0); 2245 2246 nq.b.nq_nsq = nvme->n_submission_queues - 1; 2247 nq.b.nq_ncq = nvme->n_completion_queues - 1; 2248 2249 ret = nvme_set_features(nvme, B_FALSE, 0, NVME_FEAT_NQUEUES, nq.r, 2250 &nq.r); 2251 2252 if (ret == 0) { 2253 /* 2254 * Never use more than the requested number of queues. 2255 */ 2256 nvme->n_submission_queues = MIN(nvme->n_submission_queues, 2257 nq.b.nq_nsq + 1); 2258 nvme->n_completion_queues = MIN(nvme->n_completion_queues, 2259 nq.b.nq_ncq + 1); 2260 } 2261 2262 return (ret); 2263 } 2264 2265 static int 2266 nvme_create_completion_queue(nvme_t *nvme, nvme_cq_t *cq) 2267 { 2268 nvme_cmd_t *cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 2269 nvme_create_queue_dw10_t dw10 = { 0 }; 2270 nvme_create_cq_dw11_t c_dw11 = { 0 }; 2271 int ret; 2272 2273 dw10.b.q_qid = cq->ncq_id; 2274 dw10.b.q_qsize = cq->ncq_nentry - 1; 2275 2276 c_dw11.b.cq_pc = 1; 2277 c_dw11.b.cq_ien = 1; 2278 c_dw11.b.cq_iv = cq->ncq_id % nvme->n_intr_cnt; 2279 2280 cmd->nc_sqid = 0; 2281 cmd->nc_callback = nvme_wakeup_cmd; 2282 cmd->nc_sqe.sqe_opc = NVME_OPC_CREATE_CQUEUE; 2283 cmd->nc_sqe.sqe_cdw10 = dw10.r; 2284 cmd->nc_sqe.sqe_cdw11 = c_dw11.r; 2285 cmd->nc_sqe.sqe_dptr.d_prp[0] = cq->ncq_dma->nd_cookie.dmac_laddress; 2286 2287 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 2288 2289 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 2290 dev_err(nvme->n_dip, CE_WARN, 2291 "!CREATE CQUEUE failed with sct = %x, sc = %x", 2292 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 2293 } 2294 2295 nvme_free_cmd(cmd); 2296 2297 return (ret); 2298 } 2299 2300 static int 2301 nvme_create_io_qpair(nvme_t *nvme, nvme_qpair_t *qp, uint16_t idx) 2302 { 2303 nvme_cq_t *cq = qp->nq_cq; 2304 nvme_cmd_t *cmd; 2305 nvme_create_queue_dw10_t dw10 = { 0 }; 2306 nvme_create_sq_dw11_t s_dw11 = { 0 }; 2307 int ret; 2308 2309 /* 2310 * It is possible to have more qpairs than completion queues, 2311 * and when the idx > ncq_id, that completion queue is shared 2312 * and has already been created. 2313 */ 2314 if (idx <= cq->ncq_id && 2315 nvme_create_completion_queue(nvme, cq) != DDI_SUCCESS) 2316 return (DDI_FAILURE); 2317 2318 dw10.b.q_qid = idx; 2319 dw10.b.q_qsize = qp->nq_nentry - 1; 2320 2321 s_dw11.b.sq_pc = 1; 2322 s_dw11.b.sq_cqid = cq->ncq_id; 2323 2324 cmd = nvme_alloc_cmd(nvme, KM_SLEEP); 2325 cmd->nc_sqid = 0; 2326 cmd->nc_callback = nvme_wakeup_cmd; 2327 cmd->nc_sqe.sqe_opc = NVME_OPC_CREATE_SQUEUE; 2328 cmd->nc_sqe.sqe_cdw10 = dw10.r; 2329 cmd->nc_sqe.sqe_cdw11 = s_dw11.r; 2330 cmd->nc_sqe.sqe_dptr.d_prp[0] = qp->nq_sqdma->nd_cookie.dmac_laddress; 2331 2332 nvme_admin_cmd(cmd, nvme_admin_cmd_timeout); 2333 2334 if ((ret = nvme_check_cmd_status(cmd)) != 0) { 2335 dev_err(nvme->n_dip, CE_WARN, 2336 "!CREATE SQUEUE failed with sct = %x, sc = %x", 2337 cmd->nc_cqe.cqe_sf.sf_sct, cmd->nc_cqe.cqe_sf.sf_sc); 2338 } 2339 2340 nvme_free_cmd(cmd); 2341 2342 return (ret); 2343 } 2344 2345 static boolean_t 2346 nvme_reset(nvme_t *nvme, boolean_t quiesce) 2347 { 2348 nvme_reg_csts_t csts; 2349 int i; 2350 2351 nvme_put32(nvme, NVME_REG_CC, 0); 2352 2353 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2354 if (csts.b.csts_rdy == 1) { 2355 nvme_put32(nvme, NVME_REG_CC, 0); 2356 for (i = 0; i != nvme->n_timeout * 10; i++) { 2357 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2358 if (csts.b.csts_rdy == 0) 2359 break; 2360 2361 if (quiesce) 2362 drv_usecwait(50000); 2363 else 2364 delay(drv_usectohz(50000)); 2365 } 2366 } 2367 2368 nvme_put32(nvme, NVME_REG_AQA, 0); 2369 nvme_put32(nvme, NVME_REG_ASQ, 0); 2370 nvme_put32(nvme, NVME_REG_ACQ, 0); 2371 2372 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2373 return (csts.b.csts_rdy == 0 ? B_TRUE : B_FALSE); 2374 } 2375 2376 static void 2377 nvme_shutdown(nvme_t *nvme, int mode, boolean_t quiesce) 2378 { 2379 nvme_reg_cc_t cc; 2380 nvme_reg_csts_t csts; 2381 int i; 2382 2383 ASSERT(mode == NVME_CC_SHN_NORMAL || mode == NVME_CC_SHN_ABRUPT); 2384 2385 cc.r = nvme_get32(nvme, NVME_REG_CC); 2386 cc.b.cc_shn = mode & 0x3; 2387 nvme_put32(nvme, NVME_REG_CC, cc.r); 2388 2389 for (i = 0; i != 10; i++) { 2390 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2391 if (csts.b.csts_shst == NVME_CSTS_SHN_COMPLETE) 2392 break; 2393 2394 if (quiesce) 2395 drv_usecwait(100000); 2396 else 2397 delay(drv_usectohz(100000)); 2398 } 2399 } 2400 2401 2402 static void 2403 nvme_prepare_devid(nvme_t *nvme, uint32_t nsid) 2404 { 2405 /* 2406 * Section 7.7 of the spec describes how to get a unique ID for 2407 * the controller: the vendor ID, the model name and the serial 2408 * number shall be unique when combined. 2409 * 2410 * If a namespace has no EUI64 we use the above and add the hex 2411 * namespace ID to get a unique ID for the namespace. 2412 */ 2413 char model[sizeof (nvme->n_idctl->id_model) + 1]; 2414 char serial[sizeof (nvme->n_idctl->id_serial) + 1]; 2415 2416 bcopy(nvme->n_idctl->id_model, model, sizeof (nvme->n_idctl->id_model)); 2417 bcopy(nvme->n_idctl->id_serial, serial, 2418 sizeof (nvme->n_idctl->id_serial)); 2419 2420 model[sizeof (nvme->n_idctl->id_model)] = '\0'; 2421 serial[sizeof (nvme->n_idctl->id_serial)] = '\0'; 2422 2423 nvme->n_ns[nsid - 1].ns_devid = kmem_asprintf("%4X-%s-%s-%X", 2424 nvme->n_idctl->id_vid, model, serial, nsid); 2425 } 2426 2427 static int 2428 nvme_init_ns(nvme_t *nvme, int nsid) 2429 { 2430 nvme_namespace_t *ns = &nvme->n_ns[nsid - 1]; 2431 nvme_identify_nsid_t *idns; 2432 int last_rp; 2433 2434 ns->ns_nvme = nvme; 2435 2436 if (nvme_identify(nvme, B_FALSE, nsid, (void **)&idns) != 0) { 2437 dev_err(nvme->n_dip, CE_WARN, 2438 "!failed to identify namespace %d", nsid); 2439 return (DDI_FAILURE); 2440 } 2441 2442 ns->ns_idns = idns; 2443 ns->ns_id = nsid; 2444 ns->ns_block_count = idns->id_nsize; 2445 ns->ns_block_size = 2446 1 << idns->id_lbaf[idns->id_flbas.lba_format].lbaf_lbads; 2447 ns->ns_best_block_size = ns->ns_block_size; 2448 2449 /* 2450 * Get the EUI64 if present. Use it for devid and device node names. 2451 */ 2452 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 1)) 2453 bcopy(idns->id_eui64, ns->ns_eui64, sizeof (ns->ns_eui64)); 2454 2455 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 2456 if (*(uint64_t *)ns->ns_eui64 != 0) { 2457 uint8_t *eui64 = ns->ns_eui64; 2458 2459 (void) snprintf(ns->ns_name, sizeof (ns->ns_name), 2460 "%02x%02x%02x%02x%02x%02x%02x%02x", 2461 eui64[0], eui64[1], eui64[2], eui64[3], 2462 eui64[4], eui64[5], eui64[6], eui64[7]); 2463 } else { 2464 (void) snprintf(ns->ns_name, sizeof (ns->ns_name), "%d", 2465 ns->ns_id); 2466 2467 nvme_prepare_devid(nvme, ns->ns_id); 2468 } 2469 2470 /* 2471 * Find the LBA format with no metadata and the best relative 2472 * performance. A value of 3 means "degraded", 0 is best. 2473 */ 2474 last_rp = 3; 2475 for (int j = 0; j <= idns->id_nlbaf; j++) { 2476 if (idns->id_lbaf[j].lbaf_lbads == 0) 2477 break; 2478 if (idns->id_lbaf[j].lbaf_ms != 0) 2479 continue; 2480 if (idns->id_lbaf[j].lbaf_rp >= last_rp) 2481 continue; 2482 last_rp = idns->id_lbaf[j].lbaf_rp; 2483 ns->ns_best_block_size = 2484 1 << idns->id_lbaf[j].lbaf_lbads; 2485 } 2486 2487 if (ns->ns_best_block_size < nvme->n_min_block_size) 2488 ns->ns_best_block_size = nvme->n_min_block_size; 2489 2490 /* 2491 * We currently don't support namespaces that use either: 2492 * - protection information 2493 * - illegal block size (< 512) 2494 */ 2495 if (idns->id_dps.dp_pinfo) { 2496 dev_err(nvme->n_dip, CE_WARN, 2497 "!ignoring namespace %d, unsupported feature: " 2498 "pinfo = %d", nsid, idns->id_dps.dp_pinfo); 2499 ns->ns_ignore = B_TRUE; 2500 } else if (ns->ns_block_size < 512) { 2501 dev_err(nvme->n_dip, CE_WARN, 2502 "!ignoring namespace %d, unsupported block size %"PRIu64, 2503 nsid, (uint64_t)ns->ns_block_size); 2504 ns->ns_ignore = B_TRUE; 2505 } else { 2506 ns->ns_ignore = B_FALSE; 2507 } 2508 2509 return (DDI_SUCCESS); 2510 } 2511 2512 static int 2513 nvme_init(nvme_t *nvme) 2514 { 2515 nvme_reg_cc_t cc = { 0 }; 2516 nvme_reg_aqa_t aqa = { 0 }; 2517 nvme_reg_asq_t asq = { 0 }; 2518 nvme_reg_acq_t acq = { 0 }; 2519 nvme_reg_cap_t cap; 2520 nvme_reg_vs_t vs; 2521 nvme_reg_csts_t csts; 2522 int i = 0; 2523 uint16_t nqueues; 2524 char model[sizeof (nvme->n_idctl->id_model) + 1]; 2525 char *vendor, *product; 2526 2527 /* Check controller version */ 2528 vs.r = nvme_get32(nvme, NVME_REG_VS); 2529 nvme->n_version.v_major = vs.b.vs_mjr; 2530 nvme->n_version.v_minor = vs.b.vs_mnr; 2531 dev_err(nvme->n_dip, CE_CONT, "?NVMe spec version %d.%d", 2532 nvme->n_version.v_major, nvme->n_version.v_minor); 2533 2534 if (nvme->n_version.v_major > nvme_version_major) { 2535 dev_err(nvme->n_dip, CE_WARN, "!no support for version > %d.x", 2536 nvme_version_major); 2537 if (nvme->n_strict_version) 2538 goto fail; 2539 } 2540 2541 /* retrieve controller configuration */ 2542 cap.r = nvme_get64(nvme, NVME_REG_CAP); 2543 2544 if ((cap.b.cap_css & NVME_CAP_CSS_NVM) == 0) { 2545 dev_err(nvme->n_dip, CE_WARN, 2546 "!NVM command set not supported by hardware"); 2547 goto fail; 2548 } 2549 2550 nvme->n_nssr_supported = cap.b.cap_nssrs; 2551 nvme->n_doorbell_stride = 4 << cap.b.cap_dstrd; 2552 nvme->n_timeout = cap.b.cap_to; 2553 nvme->n_arbitration_mechanisms = cap.b.cap_ams; 2554 nvme->n_cont_queues_reqd = cap.b.cap_cqr; 2555 nvme->n_max_queue_entries = cap.b.cap_mqes + 1; 2556 2557 /* 2558 * The MPSMIN and MPSMAX fields in the CAP register use 0 to specify 2559 * the base page size of 4k (1<<12), so add 12 here to get the real 2560 * page size value. 2561 */ 2562 nvme->n_pageshift = MIN(MAX(cap.b.cap_mpsmin + 12, PAGESHIFT), 2563 cap.b.cap_mpsmax + 12); 2564 nvme->n_pagesize = 1UL << (nvme->n_pageshift); 2565 2566 /* 2567 * Set up Queue DMA to transfer at least 1 page-aligned page at a time. 2568 */ 2569 nvme->n_queue_dma_attr.dma_attr_align = nvme->n_pagesize; 2570 nvme->n_queue_dma_attr.dma_attr_minxfer = nvme->n_pagesize; 2571 2572 /* 2573 * Set up PRP DMA to transfer 1 page-aligned page at a time. 2574 * Maxxfer may be increased after we identified the controller limits. 2575 */ 2576 nvme->n_prp_dma_attr.dma_attr_maxxfer = nvme->n_pagesize; 2577 nvme->n_prp_dma_attr.dma_attr_minxfer = nvme->n_pagesize; 2578 nvme->n_prp_dma_attr.dma_attr_align = nvme->n_pagesize; 2579 nvme->n_prp_dma_attr.dma_attr_seg = nvme->n_pagesize - 1; 2580 2581 /* 2582 * Reset controller if it's still in ready state. 2583 */ 2584 if (nvme_reset(nvme, B_FALSE) == B_FALSE) { 2585 dev_err(nvme->n_dip, CE_WARN, "!unable to reset controller"); 2586 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST); 2587 nvme->n_dead = B_TRUE; 2588 goto fail; 2589 } 2590 2591 /* 2592 * Create the cq array with one completion queue to be assigned 2593 * to the admin queue pair. 2594 */ 2595 if (nvme_create_cq_array(nvme, 1, nvme->n_admin_queue_len) != 2596 DDI_SUCCESS) { 2597 dev_err(nvme->n_dip, CE_WARN, 2598 "!failed to pre-allocate admin completion queue"); 2599 goto fail; 2600 } 2601 /* 2602 * Create the admin queue pair. 2603 */ 2604 if (nvme_alloc_qpair(nvme, nvme->n_admin_queue_len, &nvme->n_adminq, 0) 2605 != DDI_SUCCESS) { 2606 dev_err(nvme->n_dip, CE_WARN, 2607 "!unable to allocate admin qpair"); 2608 goto fail; 2609 } 2610 nvme->n_ioq = kmem_alloc(sizeof (nvme_qpair_t *), KM_SLEEP); 2611 nvme->n_ioq[0] = nvme->n_adminq; 2612 2613 nvme->n_progress |= NVME_ADMIN_QUEUE; 2614 2615 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, 2616 "admin-queue-len", nvme->n_admin_queue_len); 2617 2618 aqa.b.aqa_asqs = aqa.b.aqa_acqs = nvme->n_admin_queue_len - 1; 2619 asq = nvme->n_adminq->nq_sqdma->nd_cookie.dmac_laddress; 2620 acq = nvme->n_adminq->nq_cq->ncq_dma->nd_cookie.dmac_laddress; 2621 2622 ASSERT((asq & (nvme->n_pagesize - 1)) == 0); 2623 ASSERT((acq & (nvme->n_pagesize - 1)) == 0); 2624 2625 nvme_put32(nvme, NVME_REG_AQA, aqa.r); 2626 nvme_put64(nvme, NVME_REG_ASQ, asq); 2627 nvme_put64(nvme, NVME_REG_ACQ, acq); 2628 2629 cc.b.cc_ams = 0; /* use Round-Robin arbitration */ 2630 cc.b.cc_css = 0; /* use NVM command set */ 2631 cc.b.cc_mps = nvme->n_pageshift - 12; 2632 cc.b.cc_shn = 0; /* no shutdown in progress */ 2633 cc.b.cc_en = 1; /* enable controller */ 2634 cc.b.cc_iosqes = 6; /* submission queue entry is 2^6 bytes long */ 2635 cc.b.cc_iocqes = 4; /* completion queue entry is 2^4 bytes long */ 2636 2637 nvme_put32(nvme, NVME_REG_CC, cc.r); 2638 2639 /* 2640 * Wait for the controller to become ready. 2641 */ 2642 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2643 if (csts.b.csts_rdy == 0) { 2644 for (i = 0; i != nvme->n_timeout * 10; i++) { 2645 delay(drv_usectohz(50000)); 2646 csts.r = nvme_get32(nvme, NVME_REG_CSTS); 2647 2648 if (csts.b.csts_cfs == 1) { 2649 dev_err(nvme->n_dip, CE_WARN, 2650 "!controller fatal status at init"); 2651 ddi_fm_service_impact(nvme->n_dip, 2652 DDI_SERVICE_LOST); 2653 nvme->n_dead = B_TRUE; 2654 goto fail; 2655 } 2656 2657 if (csts.b.csts_rdy == 1) 2658 break; 2659 } 2660 } 2661 2662 if (csts.b.csts_rdy == 0) { 2663 dev_err(nvme->n_dip, CE_WARN, "!controller not ready"); 2664 ddi_fm_service_impact(nvme->n_dip, DDI_SERVICE_LOST); 2665 nvme->n_dead = B_TRUE; 2666 goto fail; 2667 } 2668 2669 /* 2670 * Assume an abort command limit of 1. We'll destroy and re-init 2671 * that later when we know the true abort command limit. 2672 */ 2673 sema_init(&nvme->n_abort_sema, 1, NULL, SEMA_DRIVER, NULL); 2674 2675 /* 2676 * Setup initial interrupt for admin queue. 2677 */ 2678 if ((nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSIX, 1) 2679 != DDI_SUCCESS) && 2680 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSI, 1) 2681 != DDI_SUCCESS) && 2682 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_FIXED, 1) 2683 != DDI_SUCCESS)) { 2684 dev_err(nvme->n_dip, CE_WARN, 2685 "!failed to setup initial interrupt"); 2686 goto fail; 2687 } 2688 2689 /* 2690 * Post an asynchronous event command to catch errors. 2691 * We assume the asynchronous events are supported as required by 2692 * specification (Figure 40 in section 5 of NVMe 1.2). 2693 * However, since at least qemu does not follow the specification, 2694 * we need a mechanism to protect ourselves. 2695 */ 2696 nvme->n_async_event_supported = B_TRUE; 2697 nvme_async_event(nvme); 2698 2699 /* 2700 * Identify Controller 2701 */ 2702 if (nvme_identify(nvme, B_FALSE, 0, (void **)&nvme->n_idctl) != 0) { 2703 dev_err(nvme->n_dip, CE_WARN, 2704 "!failed to identify controller"); 2705 goto fail; 2706 } 2707 2708 /* 2709 * Get Vendor & Product ID 2710 */ 2711 bcopy(nvme->n_idctl->id_model, model, sizeof (nvme->n_idctl->id_model)); 2712 model[sizeof (nvme->n_idctl->id_model)] = '\0'; 2713 sata_split_model(model, &vendor, &product); 2714 2715 if (vendor == NULL) 2716 nvme->n_vendor = strdup("NVMe"); 2717 else 2718 nvme->n_vendor = strdup(vendor); 2719 2720 nvme->n_product = strdup(product); 2721 2722 /* 2723 * Get controller limits. 2724 */ 2725 nvme->n_async_event_limit = MAX(NVME_MIN_ASYNC_EVENT_LIMIT, 2726 MIN(nvme->n_admin_queue_len / 10, 2727 MIN(nvme->n_idctl->id_aerl + 1, nvme->n_async_event_limit))); 2728 2729 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, 2730 "async-event-limit", nvme->n_async_event_limit); 2731 2732 nvme->n_abort_command_limit = nvme->n_idctl->id_acl + 1; 2733 2734 /* 2735 * Reinitialize the semaphore with the true abort command limit 2736 * supported by the hardware. It's not necessary to disable interrupts 2737 * as only command aborts use the semaphore, and no commands are 2738 * executed or aborted while we're here. 2739 */ 2740 sema_destroy(&nvme->n_abort_sema); 2741 sema_init(&nvme->n_abort_sema, nvme->n_abort_command_limit - 1, NULL, 2742 SEMA_DRIVER, NULL); 2743 2744 nvme->n_progress |= NVME_CTRL_LIMITS; 2745 2746 if (nvme->n_idctl->id_mdts == 0) 2747 nvme->n_max_data_transfer_size = nvme->n_pagesize * 65536; 2748 else 2749 nvme->n_max_data_transfer_size = 2750 1ull << (nvme->n_pageshift + nvme->n_idctl->id_mdts); 2751 2752 nvme->n_error_log_len = nvme->n_idctl->id_elpe + 1; 2753 2754 /* 2755 * Limit n_max_data_transfer_size to what we can handle in one PRP. 2756 * Chained PRPs are currently unsupported. 2757 * 2758 * This is a no-op on hardware which doesn't support a transfer size 2759 * big enough to require chained PRPs. 2760 */ 2761 nvme->n_max_data_transfer_size = MIN(nvme->n_max_data_transfer_size, 2762 (nvme->n_pagesize / sizeof (uint64_t) * nvme->n_pagesize)); 2763 2764 nvme->n_prp_dma_attr.dma_attr_maxxfer = nvme->n_max_data_transfer_size; 2765 2766 /* 2767 * Make sure the minimum/maximum queue entry sizes are not 2768 * larger/smaller than the default. 2769 */ 2770 2771 if (((1 << nvme->n_idctl->id_sqes.qes_min) > sizeof (nvme_sqe_t)) || 2772 ((1 << nvme->n_idctl->id_sqes.qes_max) < sizeof (nvme_sqe_t)) || 2773 ((1 << nvme->n_idctl->id_cqes.qes_min) > sizeof (nvme_cqe_t)) || 2774 ((1 << nvme->n_idctl->id_cqes.qes_max) < sizeof (nvme_cqe_t))) 2775 goto fail; 2776 2777 /* 2778 * Check for the presence of a Volatile Write Cache. If present, 2779 * enable or disable based on the value of the property 2780 * volatile-write-cache-enable (default is enabled). 2781 */ 2782 nvme->n_write_cache_present = 2783 nvme->n_idctl->id_vwc.vwc_present == 0 ? B_FALSE : B_TRUE; 2784 2785 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, 2786 "volatile-write-cache-present", 2787 nvme->n_write_cache_present ? 1 : 0); 2788 2789 if (!nvme->n_write_cache_present) { 2790 nvme->n_write_cache_enabled = B_FALSE; 2791 } else if (nvme_write_cache_set(nvme, nvme->n_write_cache_enabled) 2792 != 0) { 2793 dev_err(nvme->n_dip, CE_WARN, 2794 "!failed to %sable volatile write cache", 2795 nvme->n_write_cache_enabled ? "en" : "dis"); 2796 /* 2797 * Assume the cache is (still) enabled. 2798 */ 2799 nvme->n_write_cache_enabled = B_TRUE; 2800 } 2801 2802 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, 2803 "volatile-write-cache-enable", 2804 nvme->n_write_cache_enabled ? 1 : 0); 2805 2806 /* 2807 * Assume LBA Range Type feature is supported. If it isn't this 2808 * will be set to B_FALSE by nvme_get_features(). 2809 */ 2810 nvme->n_lba_range_supported = B_TRUE; 2811 2812 /* 2813 * Check support for Autonomous Power State Transition. 2814 */ 2815 if (NVME_VERSION_ATLEAST(&nvme->n_version, 1, 1)) 2816 nvme->n_auto_pst_supported = 2817 nvme->n_idctl->id_apsta.ap_sup == 0 ? B_FALSE : B_TRUE; 2818 2819 /* 2820 * Assume Software Progress Marker feature is supported. If it isn't 2821 * this will be set to B_FALSE by nvme_get_features(). 2822 */ 2823 nvme->n_progress_supported = B_TRUE; 2824 2825 /* 2826 * Identify Namespaces 2827 */ 2828 nvme->n_namespace_count = nvme->n_idctl->id_nn; 2829 2830 if (nvme->n_namespace_count == 0) { 2831 dev_err(nvme->n_dip, CE_WARN, 2832 "!controllers without namespaces are not supported"); 2833 goto fail; 2834 } 2835 2836 if (nvme->n_namespace_count > NVME_MINOR_MAX) { 2837 dev_err(nvme->n_dip, CE_WARN, 2838 "!too many namespaces: %d, limiting to %d\n", 2839 nvme->n_namespace_count, NVME_MINOR_MAX); 2840 nvme->n_namespace_count = NVME_MINOR_MAX; 2841 } 2842 2843 nvme->n_ns = kmem_zalloc(sizeof (nvme_namespace_t) * 2844 nvme->n_namespace_count, KM_SLEEP); 2845 2846 for (i = 0; i != nvme->n_namespace_count; i++) { 2847 mutex_init(&nvme->n_ns[i].ns_minor.nm_mutex, NULL, MUTEX_DRIVER, 2848 NULL); 2849 if (nvme_init_ns(nvme, i + 1) != DDI_SUCCESS) 2850 goto fail; 2851 } 2852 2853 /* 2854 * Try to set up MSI/MSI-X interrupts. 2855 */ 2856 if ((nvme->n_intr_types & (DDI_INTR_TYPE_MSI | DDI_INTR_TYPE_MSIX)) 2857 != 0) { 2858 nvme_release_interrupts(nvme); 2859 2860 nqueues = MIN(UINT16_MAX, ncpus); 2861 2862 if ((nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSIX, 2863 nqueues) != DDI_SUCCESS) && 2864 (nvme_setup_interrupts(nvme, DDI_INTR_TYPE_MSI, 2865 nqueues) != DDI_SUCCESS)) { 2866 dev_err(nvme->n_dip, CE_WARN, 2867 "!failed to setup MSI/MSI-X interrupts"); 2868 goto fail; 2869 } 2870 } 2871 2872 /* 2873 * Create I/O queue pairs. 2874 */ 2875 2876 if (nvme_set_nqueues(nvme) != 0) { 2877 dev_err(nvme->n_dip, CE_WARN, 2878 "!failed to set number of I/O queues to %d", 2879 nvme->n_intr_cnt); 2880 goto fail; 2881 } 2882 2883 /* 2884 * Reallocate I/O queue array 2885 */ 2886 kmem_free(nvme->n_ioq, sizeof (nvme_qpair_t *)); 2887 nvme->n_ioq = kmem_zalloc(sizeof (nvme_qpair_t *) * 2888 (nvme->n_submission_queues + 1), KM_SLEEP); 2889 nvme->n_ioq[0] = nvme->n_adminq; 2890 2891 /* 2892 * There should always be at least as many submission queues 2893 * as completion queues. 2894 */ 2895 ASSERT(nvme->n_submission_queues >= nvme->n_completion_queues); 2896 2897 nvme->n_ioq_count = nvme->n_submission_queues; 2898 2899 nvme->n_io_squeue_len = 2900 MIN(nvme->n_io_squeue_len, nvme->n_max_queue_entries); 2901 2902 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, "io-squeue-len", 2903 nvme->n_io_squeue_len); 2904 2905 /* 2906 * Pre-allocate completion queues. 2907 * When there are the same number of submission and completion 2908 * queues there is no value in having a larger completion 2909 * queue length. 2910 */ 2911 if (nvme->n_submission_queues == nvme->n_completion_queues) 2912 nvme->n_io_cqueue_len = MIN(nvme->n_io_cqueue_len, 2913 nvme->n_io_squeue_len); 2914 2915 nvme->n_io_cqueue_len = MIN(nvme->n_io_cqueue_len, 2916 nvme->n_max_queue_entries); 2917 2918 (void) ddi_prop_update_int(DDI_DEV_T_NONE, nvme->n_dip, "io-cqueue-len", 2919 nvme->n_io_cqueue_len); 2920 2921 if (nvme_create_cq_array(nvme, nvme->n_completion_queues + 1, 2922 nvme->n_io_cqueue_len) != DDI_SUCCESS) { 2923 dev_err(nvme->n_dip, CE_WARN, 2924 "!failed to pre-allocate completion queues"); 2925 goto fail; 2926 } 2927 2928 /* 2929 * If we use less completion queues than interrupt vectors return 2930 * some of the interrupt vectors back to the system. 2931 */ 2932 if (nvme->n_completion_queues + 1 < nvme->n_intr_cnt) { 2933 nvme_release_interrupts(nvme); 2934 2935 if (nvme_setup_interrupts(nvme, nvme->n_intr_type, 2936 nvme->n_completion_queues + 1) != DDI_SUCCESS) { 2937 dev_err(nvme->n_dip, CE_WARN, 2938 "!failed to reduce number of interrupts"); 2939 goto fail; 2940 } 2941 } 2942 2943 /* 2944 * Alloc & register I/O queue pairs 2945 */ 2946 2947 for (i = 1; i != nvme->n_ioq_count + 1; i++) { 2948 if (nvme_alloc_qpair(nvme, nvme->n_io_squeue_len, 2949 &nvme->n_ioq[i], i) != DDI_SUCCESS) { 2950 dev_err(nvme->n_dip, CE_WARN, 2951 "!unable to allocate I/O qpair %d", i); 2952 goto fail; 2953 } 2954 2955 if (nvme_create_io_qpair(nvme, nvme->n_ioq[i], i) != 0) { 2956 dev_err(nvme->n_dip, CE_WARN, 2957 "!unable to create I/O qpair %d", i); 2958 goto fail; 2959 } 2960 } 2961 2962 /* 2963 * Post more asynchronous events commands to reduce event reporting 2964 * latency as suggested by the spec. 2965 */ 2966 if (nvme->n_async_event_supported) { 2967 for (i = 1; i != nvme->n_async_event_limit; i++) 2968 nvme_async_event(nvme); 2969 } 2970 2971 return (DDI_SUCCESS); 2972 2973 fail: 2974 (void) nvme_reset(nvme, B_FALSE); 2975 return (DDI_FAILURE); 2976 } 2977 2978 static uint_t 2979 nvme_intr(caddr_t arg1, caddr_t arg2) 2980 { 2981 /*LINTED: E_PTR_BAD_CAST_ALIGN*/ 2982 nvme_t *nvme = (nvme_t *)arg1; 2983 int inum = (int)(uintptr_t)arg2; 2984 int ccnt = 0; 2985 int qnum; 2986 2987 if (inum >= nvme->n_intr_cnt) 2988 return (DDI_INTR_UNCLAIMED); 2989 2990 if (nvme->n_dead) 2991 return (nvme->n_intr_type == DDI_INTR_TYPE_FIXED ? 2992 DDI_INTR_UNCLAIMED : DDI_INTR_CLAIMED); 2993 2994 /* 2995 * The interrupt vector a queue uses is calculated as queue_idx % 2996 * intr_cnt in nvme_create_io_qpair(). Iterate through the queue array 2997 * in steps of n_intr_cnt to process all queues using this vector. 2998 */ 2999 for (qnum = inum; 3000 qnum < nvme->n_cq_count && nvme->n_cq[qnum] != NULL; 3001 qnum += nvme->n_intr_cnt) { 3002 ccnt += nvme_process_iocq(nvme, nvme->n_cq[qnum]); 3003 } 3004 3005 return (ccnt > 0 ? DDI_INTR_CLAIMED : DDI_INTR_UNCLAIMED); 3006 } 3007 3008 static void 3009 nvme_release_interrupts(nvme_t *nvme) 3010 { 3011 int i; 3012 3013 for (i = 0; i < nvme->n_intr_cnt; i++) { 3014 if (nvme->n_inth[i] == NULL) 3015 break; 3016 3017 if (nvme->n_intr_cap & DDI_INTR_FLAG_BLOCK) 3018 (void) ddi_intr_block_disable(&nvme->n_inth[i], 1); 3019 else 3020 (void) ddi_intr_disable(nvme->n_inth[i]); 3021 3022 (void) ddi_intr_remove_handler(nvme->n_inth[i]); 3023 (void) ddi_intr_free(nvme->n_inth[i]); 3024 } 3025 3026 kmem_free(nvme->n_inth, nvme->n_inth_sz); 3027 nvme->n_inth = NULL; 3028 nvme->n_inth_sz = 0; 3029 3030 nvme->n_progress &= ~NVME_INTERRUPTS; 3031 } 3032 3033 static int 3034 nvme_setup_interrupts(nvme_t *nvme, int intr_type, int nqpairs) 3035 { 3036 int nintrs, navail, count; 3037 int ret; 3038 int i; 3039 3040 if (nvme->n_intr_types == 0) { 3041 ret = ddi_intr_get_supported_types(nvme->n_dip, 3042 &nvme->n_intr_types); 3043 if (ret != DDI_SUCCESS) { 3044 dev_err(nvme->n_dip, CE_WARN, 3045 "!%s: ddi_intr_get_supported types failed", 3046 __func__); 3047 return (ret); 3048 } 3049 #ifdef __x86 3050 if (get_hwenv() == HW_VMWARE) 3051 nvme->n_intr_types &= ~DDI_INTR_TYPE_MSIX; 3052 #endif 3053 } 3054 3055 if ((nvme->n_intr_types & intr_type) == 0) 3056 return (DDI_FAILURE); 3057 3058 ret = ddi_intr_get_nintrs(nvme->n_dip, intr_type, &nintrs); 3059 if (ret != DDI_SUCCESS) { 3060 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_nintrs failed", 3061 __func__); 3062 return (ret); 3063 } 3064 3065 ret = ddi_intr_get_navail(nvme->n_dip, intr_type, &navail); 3066 if (ret != DDI_SUCCESS) { 3067 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_navail failed", 3068 __func__); 3069 return (ret); 3070 } 3071 3072 /* We want at most one interrupt per queue pair. */ 3073 if (navail > nqpairs) 3074 navail = nqpairs; 3075 3076 nvme->n_inth_sz = sizeof (ddi_intr_handle_t) * navail; 3077 nvme->n_inth = kmem_zalloc(nvme->n_inth_sz, KM_SLEEP); 3078 3079 ret = ddi_intr_alloc(nvme->n_dip, nvme->n_inth, intr_type, 0, navail, 3080 &count, 0); 3081 if (ret != DDI_SUCCESS) { 3082 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_alloc failed", 3083 __func__); 3084 goto fail; 3085 } 3086 3087 nvme->n_intr_cnt = count; 3088 3089 ret = ddi_intr_get_pri(nvme->n_inth[0], &nvme->n_intr_pri); 3090 if (ret != DDI_SUCCESS) { 3091 dev_err(nvme->n_dip, CE_WARN, "!%s: ddi_intr_get_pri failed", 3092 __func__); 3093 goto fail; 3094 } 3095 3096 for (i = 0; i < count; i++) { 3097 ret = ddi_intr_add_handler(nvme->n_inth[i], nvme_intr, 3098 (void *)nvme, (void *)(uintptr_t)i); 3099 if (ret != DDI_SUCCESS) { 3100 dev_err(nvme->n_dip, CE_WARN, 3101 "!%s: ddi_intr_add_handler failed", __func__); 3102 goto fail; 3103 } 3104 } 3105 3106 (void) ddi_intr_get_cap(nvme->n_inth[0], &nvme->n_intr_cap); 3107 3108 for (i = 0; i < count; i++) { 3109 if (nvme->n_intr_cap & DDI_INTR_FLAG_BLOCK) 3110 ret = ddi_intr_block_enable(&nvme->n_inth[i], 1); 3111 else 3112 ret = ddi_intr_enable(nvme->n_inth[i]); 3113 3114 if (ret != DDI_SUCCESS) { 3115 dev_err(nvme->n_dip, CE_WARN, 3116 "!%s: enabling interrupt %d failed", __func__, i); 3117 goto fail; 3118 } 3119 } 3120 3121 nvme->n_intr_type = intr_type; 3122 3123 nvme->n_progress |= NVME_INTERRUPTS; 3124 3125 return (DDI_SUCCESS); 3126 3127 fail: 3128 nvme_release_interrupts(nvme); 3129 3130 return (ret); 3131 } 3132 3133 static int 3134 nvme_fm_errcb(dev_info_t *dip, ddi_fm_error_t *fm_error, const void *arg) 3135 { 3136 _NOTE(ARGUNUSED(arg)); 3137 3138 pci_ereport_post(dip, fm_error, NULL); 3139 return (fm_error->fme_status); 3140 } 3141 3142 static int 3143 nvme_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 3144 { 3145 nvme_t *nvme; 3146 int instance; 3147 int nregs; 3148 off_t regsize; 3149 int i; 3150 char name[32]; 3151 3152 if (cmd != DDI_ATTACH) 3153 return (DDI_FAILURE); 3154 3155 instance = ddi_get_instance(dip); 3156 3157 if (ddi_soft_state_zalloc(nvme_state, instance) != DDI_SUCCESS) 3158 return (DDI_FAILURE); 3159 3160 nvme = ddi_get_soft_state(nvme_state, instance); 3161 ddi_set_driver_private(dip, nvme); 3162 nvme->n_dip = dip; 3163 3164 mutex_init(&nvme->n_minor.nm_mutex, NULL, MUTEX_DRIVER, NULL); 3165 3166 nvme->n_strict_version = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3167 DDI_PROP_DONTPASS, "strict-version", 1) == 1 ? B_TRUE : B_FALSE; 3168 nvme->n_ignore_unknown_vendor_status = ddi_prop_get_int(DDI_DEV_T_ANY, 3169 dip, DDI_PROP_DONTPASS, "ignore-unknown-vendor-status", 0) == 1 ? 3170 B_TRUE : B_FALSE; 3171 nvme->n_admin_queue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3172 DDI_PROP_DONTPASS, "admin-queue-len", NVME_DEFAULT_ADMIN_QUEUE_LEN); 3173 nvme->n_io_squeue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3174 DDI_PROP_DONTPASS, "io-squeue-len", NVME_DEFAULT_IO_QUEUE_LEN); 3175 /* 3176 * Double up the default for completion queues in case of 3177 * queue sharing. 3178 */ 3179 nvme->n_io_cqueue_len = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3180 DDI_PROP_DONTPASS, "io-cqueue-len", 2 * NVME_DEFAULT_IO_QUEUE_LEN); 3181 nvme->n_async_event_limit = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3182 DDI_PROP_DONTPASS, "async-event-limit", 3183 NVME_DEFAULT_ASYNC_EVENT_LIMIT); 3184 nvme->n_write_cache_enabled = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3185 DDI_PROP_DONTPASS, "volatile-write-cache-enable", 1) != 0 ? 3186 B_TRUE : B_FALSE; 3187 nvme->n_min_block_size = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3188 DDI_PROP_DONTPASS, "min-phys-block-size", 3189 NVME_DEFAULT_MIN_BLOCK_SIZE); 3190 nvme->n_submission_queues = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3191 DDI_PROP_DONTPASS, "max-submission-queues", -1); 3192 nvme->n_completion_queues = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 3193 DDI_PROP_DONTPASS, "max-completion-queues", -1); 3194 3195 if (!ISP2(nvme->n_min_block_size) || 3196 (nvme->n_min_block_size < NVME_DEFAULT_MIN_BLOCK_SIZE)) { 3197 dev_err(dip, CE_WARN, "!min-phys-block-size %s, " 3198 "using default %d", ISP2(nvme->n_min_block_size) ? 3199 "too low" : "not a power of 2", 3200 NVME_DEFAULT_MIN_BLOCK_SIZE); 3201 nvme->n_min_block_size = NVME_DEFAULT_MIN_BLOCK_SIZE; 3202 } 3203 3204 if (nvme->n_submission_queues != -1 && 3205 (nvme->n_submission_queues < 1 || 3206 nvme->n_submission_queues > UINT16_MAX)) { 3207 dev_err(dip, CE_WARN, "!\"submission-queues\"=%d is not " 3208 "valid. Must be [1..%d]", nvme->n_submission_queues, 3209 UINT16_MAX); 3210 nvme->n_submission_queues = -1; 3211 } 3212 3213 if (nvme->n_completion_queues != -1 && 3214 (nvme->n_completion_queues < 1 || 3215 nvme->n_completion_queues > UINT16_MAX)) { 3216 dev_err(dip, CE_WARN, "!\"completion-queues\"=%d is not " 3217 "valid. Must be [1..%d]", nvme->n_completion_queues, 3218 UINT16_MAX); 3219 nvme->n_completion_queues = -1; 3220 } 3221 3222 if (nvme->n_admin_queue_len < NVME_MIN_ADMIN_QUEUE_LEN) 3223 nvme->n_admin_queue_len = NVME_MIN_ADMIN_QUEUE_LEN; 3224 else if (nvme->n_admin_queue_len > NVME_MAX_ADMIN_QUEUE_LEN) 3225 nvme->n_admin_queue_len = NVME_MAX_ADMIN_QUEUE_LEN; 3226 3227 if (nvme->n_io_squeue_len < NVME_MIN_IO_QUEUE_LEN) 3228 nvme->n_io_squeue_len = NVME_MIN_IO_QUEUE_LEN; 3229 if (nvme->n_io_cqueue_len < NVME_MIN_IO_QUEUE_LEN) 3230 nvme->n_io_cqueue_len = NVME_MIN_IO_QUEUE_LEN; 3231 3232 if (nvme->n_async_event_limit < 1) 3233 nvme->n_async_event_limit = NVME_DEFAULT_ASYNC_EVENT_LIMIT; 3234 3235 nvme->n_reg_acc_attr = nvme_reg_acc_attr; 3236 nvme->n_queue_dma_attr = nvme_queue_dma_attr; 3237 nvme->n_prp_dma_attr = nvme_prp_dma_attr; 3238 nvme->n_sgl_dma_attr = nvme_sgl_dma_attr; 3239 3240 /* 3241 * Setup FMA support. 3242 */ 3243 nvme->n_fm_cap = ddi_getprop(DDI_DEV_T_ANY, dip, 3244 DDI_PROP_CANSLEEP | DDI_PROP_DONTPASS, "fm-capable", 3245 DDI_FM_EREPORT_CAPABLE | DDI_FM_ACCCHK_CAPABLE | 3246 DDI_FM_DMACHK_CAPABLE | DDI_FM_ERRCB_CAPABLE); 3247 3248 ddi_fm_init(dip, &nvme->n_fm_cap, &nvme->n_fm_ibc); 3249 3250 if (nvme->n_fm_cap) { 3251 if (nvme->n_fm_cap & DDI_FM_ACCCHK_CAPABLE) 3252 nvme->n_reg_acc_attr.devacc_attr_access = 3253 DDI_FLAGERR_ACC; 3254 3255 if (nvme->n_fm_cap & DDI_FM_DMACHK_CAPABLE) { 3256 nvme->n_prp_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR; 3257 nvme->n_sgl_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR; 3258 } 3259 3260 if (DDI_FM_EREPORT_CAP(nvme->n_fm_cap) || 3261 DDI_FM_ERRCB_CAP(nvme->n_fm_cap)) 3262 pci_ereport_setup(dip); 3263 3264 if (DDI_FM_ERRCB_CAP(nvme->n_fm_cap)) 3265 ddi_fm_handler_register(dip, nvme_fm_errcb, 3266 (void *)nvme); 3267 } 3268 3269 nvme->n_progress |= NVME_FMA_INIT; 3270 3271 /* 3272 * The spec defines several register sets. Only the controller 3273 * registers (set 1) are currently used. 3274 */ 3275 if (ddi_dev_nregs(dip, &nregs) == DDI_FAILURE || 3276 nregs < 2 || 3277 ddi_dev_regsize(dip, 1, ®size) == DDI_FAILURE) 3278 goto fail; 3279 3280 if (ddi_regs_map_setup(dip, 1, &nvme->n_regs, 0, regsize, 3281 &nvme->n_reg_acc_attr, &nvme->n_regh) != DDI_SUCCESS) { 3282 dev_err(dip, CE_WARN, "!failed to map regset 1"); 3283 goto fail; 3284 } 3285 3286 nvme->n_progress |= NVME_REGS_MAPPED; 3287 3288 /* 3289 * Create taskq for command completion. 3290 */ 3291 (void) snprintf(name, sizeof (name), "%s%d_cmd_taskq", 3292 ddi_driver_name(dip), ddi_get_instance(dip)); 3293 nvme->n_cmd_taskq = ddi_taskq_create(dip, name, MIN(UINT16_MAX, ncpus), 3294 TASKQ_DEFAULTPRI, 0); 3295 if (nvme->n_cmd_taskq == NULL) { 3296 dev_err(dip, CE_WARN, "!failed to create cmd taskq"); 3297 goto fail; 3298 } 3299 3300 /* 3301 * Create PRP DMA cache 3302 */ 3303 (void) snprintf(name, sizeof (name), "%s%d_prp_cache", 3304 ddi_driver_name(dip), ddi_get_instance(dip)); 3305 nvme->n_prp_cache = kmem_cache_create(name, sizeof (nvme_dma_t), 3306 0, nvme_prp_dma_constructor, nvme_prp_dma_destructor, 3307 NULL, (void *)nvme, NULL, 0); 3308 3309 if (nvme_init(nvme) != DDI_SUCCESS) 3310 goto fail; 3311 3312 /* 3313 * Attach the blkdev driver for each namespace. 3314 */ 3315 for (i = 0; i != nvme->n_namespace_count; i++) { 3316 if (ddi_create_minor_node(nvme->n_dip, nvme->n_ns[i].ns_name, 3317 S_IFCHR, NVME_MINOR(ddi_get_instance(nvme->n_dip), i + 1), 3318 DDI_NT_NVME_ATTACHMENT_POINT, 0) != DDI_SUCCESS) { 3319 dev_err(dip, CE_WARN, 3320 "!failed to create minor node for namespace %d", i); 3321 goto fail; 3322 } 3323 3324 if (nvme->n_ns[i].ns_ignore) 3325 continue; 3326 3327 nvme->n_ns[i].ns_bd_hdl = bd_alloc_handle(&nvme->n_ns[i], 3328 &nvme_bd_ops, &nvme->n_prp_dma_attr, KM_SLEEP); 3329 3330 if (nvme->n_ns[i].ns_bd_hdl == NULL) { 3331 dev_err(dip, CE_WARN, 3332 "!failed to get blkdev handle for namespace %d", i); 3333 goto fail; 3334 } 3335 3336 if (bd_attach_handle(dip, nvme->n_ns[i].ns_bd_hdl) 3337 != DDI_SUCCESS) { 3338 dev_err(dip, CE_WARN, 3339 "!failed to attach blkdev handle for namespace %d", 3340 i); 3341 goto fail; 3342 } 3343 } 3344 3345 if (ddi_create_minor_node(dip, "devctl", S_IFCHR, 3346 NVME_MINOR(ddi_get_instance(dip), 0), DDI_NT_NVME_NEXUS, 0) 3347 != DDI_SUCCESS) { 3348 dev_err(dip, CE_WARN, "nvme_attach: " 3349 "cannot create devctl minor node"); 3350 goto fail; 3351 } 3352 3353 return (DDI_SUCCESS); 3354 3355 fail: 3356 /* attach successful anyway so that FMA can retire the device */ 3357 if (nvme->n_dead) 3358 return (DDI_SUCCESS); 3359 3360 (void) nvme_detach(dip, DDI_DETACH); 3361 3362 return (DDI_FAILURE); 3363 } 3364 3365 static int 3366 nvme_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 3367 { 3368 int instance, i; 3369 nvme_t *nvme; 3370 3371 if (cmd != DDI_DETACH) 3372 return (DDI_FAILURE); 3373 3374 instance = ddi_get_instance(dip); 3375 3376 nvme = ddi_get_soft_state(nvme_state, instance); 3377 3378 if (nvme == NULL) 3379 return (DDI_FAILURE); 3380 3381 ddi_remove_minor_node(dip, "devctl"); 3382 mutex_destroy(&nvme->n_minor.nm_mutex); 3383 3384 if (nvme->n_ns) { 3385 for (i = 0; i != nvme->n_namespace_count; i++) { 3386 ddi_remove_minor_node(dip, nvme->n_ns[i].ns_name); 3387 mutex_destroy(&nvme->n_ns[i].ns_minor.nm_mutex); 3388 3389 if (nvme->n_ns[i].ns_bd_hdl) { 3390 (void) bd_detach_handle( 3391 nvme->n_ns[i].ns_bd_hdl); 3392 bd_free_handle(nvme->n_ns[i].ns_bd_hdl); 3393 } 3394 3395 if (nvme->n_ns[i].ns_idns) 3396 kmem_free(nvme->n_ns[i].ns_idns, 3397 sizeof (nvme_identify_nsid_t)); 3398 if (nvme->n_ns[i].ns_devid) 3399 strfree(nvme->n_ns[i].ns_devid); 3400 } 3401 3402 kmem_free(nvme->n_ns, sizeof (nvme_namespace_t) * 3403 nvme->n_namespace_count); 3404 } 3405 3406 if (nvme->n_progress & NVME_INTERRUPTS) 3407 nvme_release_interrupts(nvme); 3408 3409 if (nvme->n_cmd_taskq) 3410 ddi_taskq_wait(nvme->n_cmd_taskq); 3411 3412 if (nvme->n_ioq_count > 0) { 3413 for (i = 1; i != nvme->n_ioq_count + 1; i++) { 3414 if (nvme->n_ioq[i] != NULL) { 3415 /* TODO: send destroy queue commands */ 3416 nvme_free_qpair(nvme->n_ioq[i]); 3417 } 3418 } 3419 3420 kmem_free(nvme->n_ioq, sizeof (nvme_qpair_t *) * 3421 (nvme->n_ioq_count + 1)); 3422 } 3423 3424 if (nvme->n_prp_cache != NULL) { 3425 kmem_cache_destroy(nvme->n_prp_cache); 3426 } 3427 3428 if (nvme->n_progress & NVME_REGS_MAPPED) { 3429 nvme_shutdown(nvme, NVME_CC_SHN_NORMAL, B_FALSE); 3430 (void) nvme_reset(nvme, B_FALSE); 3431 } 3432 3433 if (nvme->n_cmd_taskq) 3434 ddi_taskq_destroy(nvme->n_cmd_taskq); 3435 3436 if (nvme->n_progress & NVME_CTRL_LIMITS) 3437 sema_destroy(&nvme->n_abort_sema); 3438 3439 if (nvme->n_progress & NVME_ADMIN_QUEUE) 3440 nvme_free_qpair(nvme->n_adminq); 3441 3442 if (nvme->n_cq_count > 0) { 3443 nvme_destroy_cq_array(nvme, 0); 3444 nvme->n_cq = NULL; 3445 nvme->n_cq_count = 0; 3446 } 3447 3448 if (nvme->n_idctl) 3449 kmem_free(nvme->n_idctl, NVME_IDENTIFY_BUFSIZE); 3450 3451 if (nvme->n_progress & NVME_REGS_MAPPED) 3452 ddi_regs_map_free(&nvme->n_regh); 3453 3454 if (nvme->n_progress & NVME_FMA_INIT) { 3455 if (DDI_FM_ERRCB_CAP(nvme->n_fm_cap)) 3456 ddi_fm_handler_unregister(nvme->n_dip); 3457 3458 if (DDI_FM_EREPORT_CAP(nvme->n_fm_cap) || 3459 DDI_FM_ERRCB_CAP(nvme->n_fm_cap)) 3460 pci_ereport_teardown(nvme->n_dip); 3461 3462 ddi_fm_fini(nvme->n_dip); 3463 } 3464 3465 if (nvme->n_vendor != NULL) 3466 strfree(nvme->n_vendor); 3467 3468 if (nvme->n_product != NULL) 3469 strfree(nvme->n_product); 3470 3471 ddi_soft_state_free(nvme_state, instance); 3472 3473 return (DDI_SUCCESS); 3474 } 3475 3476 static int 3477 nvme_quiesce(dev_info_t *dip) 3478 { 3479 int instance; 3480 nvme_t *nvme; 3481 3482 instance = ddi_get_instance(dip); 3483 3484 nvme = ddi_get_soft_state(nvme_state, instance); 3485 3486 if (nvme == NULL) 3487 return (DDI_FAILURE); 3488 3489 nvme_shutdown(nvme, NVME_CC_SHN_ABRUPT, B_TRUE); 3490 3491 (void) nvme_reset(nvme, B_TRUE); 3492 3493 return (DDI_FAILURE); 3494 } 3495 3496 static int 3497 nvme_fill_prp(nvme_cmd_t *cmd, bd_xfer_t *xfer) 3498 { 3499 nvme_t *nvme = cmd->nc_nvme; 3500 int nprp_page, nprp; 3501 uint64_t *prp; 3502 3503 if (xfer->x_ndmac == 0) 3504 return (DDI_FAILURE); 3505 3506 cmd->nc_sqe.sqe_dptr.d_prp[0] = xfer->x_dmac.dmac_laddress; 3507 ddi_dma_nextcookie(xfer->x_dmah, &xfer->x_dmac); 3508 3509 if (xfer->x_ndmac == 1) { 3510 cmd->nc_sqe.sqe_dptr.d_prp[1] = 0; 3511 return (DDI_SUCCESS); 3512 } else if (xfer->x_ndmac == 2) { 3513 cmd->nc_sqe.sqe_dptr.d_prp[1] = xfer->x_dmac.dmac_laddress; 3514 return (DDI_SUCCESS); 3515 } 3516 3517 xfer->x_ndmac--; 3518 3519 nprp_page = nvme->n_pagesize / sizeof (uint64_t); 3520 ASSERT(nprp_page > 0); 3521 nprp = (xfer->x_ndmac + nprp_page - 1) / nprp_page; 3522 3523 /* 3524 * We currently don't support chained PRPs and set up our DMA 3525 * attributes to reflect that. If we still get an I/O request 3526 * that needs a chained PRP something is very wrong. 3527 */ 3528 VERIFY(nprp == 1); 3529 3530 cmd->nc_dma = kmem_cache_alloc(nvme->n_prp_cache, KM_SLEEP); 3531 bzero(cmd->nc_dma->nd_memp, cmd->nc_dma->nd_len); 3532 3533 cmd->nc_sqe.sqe_dptr.d_prp[1] = cmd->nc_dma->nd_cookie.dmac_laddress; 3534 3535 /*LINTED: E_PTR_BAD_CAST_ALIGN*/ 3536 for (prp = (uint64_t *)cmd->nc_dma->nd_memp; 3537 xfer->x_ndmac > 0; 3538 prp++, xfer->x_ndmac--) { 3539 *prp = xfer->x_dmac.dmac_laddress; 3540 ddi_dma_nextcookie(xfer->x_dmah, &xfer->x_dmac); 3541 } 3542 3543 (void) ddi_dma_sync(cmd->nc_dma->nd_dmah, 0, cmd->nc_dma->nd_len, 3544 DDI_DMA_SYNC_FORDEV); 3545 return (DDI_SUCCESS); 3546 } 3547 3548 static nvme_cmd_t * 3549 nvme_create_nvm_cmd(nvme_namespace_t *ns, uint8_t opc, bd_xfer_t *xfer) 3550 { 3551 nvme_t *nvme = ns->ns_nvme; 3552 nvme_cmd_t *cmd; 3553 3554 /* 3555 * Blkdev only sets BD_XFER_POLL when dumping, so don't sleep. 3556 */ 3557 cmd = nvme_alloc_cmd(nvme, (xfer->x_flags & BD_XFER_POLL) ? 3558 KM_NOSLEEP : KM_SLEEP); 3559 3560 if (cmd == NULL) 3561 return (NULL); 3562 3563 cmd->nc_sqe.sqe_opc = opc; 3564 cmd->nc_callback = nvme_bd_xfer_done; 3565 cmd->nc_xfer = xfer; 3566 3567 switch (opc) { 3568 case NVME_OPC_NVM_WRITE: 3569 case NVME_OPC_NVM_READ: 3570 VERIFY(xfer->x_nblks <= 0x10000); 3571 3572 cmd->nc_sqe.sqe_nsid = ns->ns_id; 3573 3574 cmd->nc_sqe.sqe_cdw10 = xfer->x_blkno & 0xffffffffu; 3575 cmd->nc_sqe.sqe_cdw11 = (xfer->x_blkno >> 32); 3576 cmd->nc_sqe.sqe_cdw12 = (uint16_t)(xfer->x_nblks - 1); 3577 3578 if (nvme_fill_prp(cmd, xfer) != DDI_SUCCESS) 3579 goto fail; 3580 break; 3581 3582 case NVME_OPC_NVM_FLUSH: 3583 cmd->nc_sqe.sqe_nsid = ns->ns_id; 3584 break; 3585 3586 default: 3587 goto fail; 3588 } 3589 3590 return (cmd); 3591 3592 fail: 3593 nvme_free_cmd(cmd); 3594 return (NULL); 3595 } 3596 3597 static void 3598 nvme_bd_xfer_done(void *arg) 3599 { 3600 nvme_cmd_t *cmd = arg; 3601 bd_xfer_t *xfer = cmd->nc_xfer; 3602 int error = 0; 3603 3604 error = nvme_check_cmd_status(cmd); 3605 nvme_free_cmd(cmd); 3606 3607 bd_xfer_done(xfer, error); 3608 } 3609 3610 static void 3611 nvme_bd_driveinfo(void *arg, bd_drive_t *drive) 3612 { 3613 nvme_namespace_t *ns = arg; 3614 nvme_t *nvme = ns->ns_nvme; 3615 3616 /* 3617 * blkdev maintains one queue size per instance (namespace), 3618 * but all namespace share the I/O queues. 3619 * TODO: need to figure out a sane default, or use per-NS I/O queues, 3620 * or change blkdev to handle EAGAIN 3621 */ 3622 drive->d_qsize = nvme->n_ioq_count * nvme->n_io_squeue_len 3623 / nvme->n_namespace_count; 3624 3625 /* 3626 * d_maxxfer is not set, which means the value is taken from the DMA 3627 * attributes specified to bd_alloc_handle. 3628 */ 3629 3630 drive->d_removable = B_FALSE; 3631 drive->d_hotpluggable = B_FALSE; 3632 3633 bcopy(ns->ns_eui64, drive->d_eui64, sizeof (drive->d_eui64)); 3634 drive->d_target = ns->ns_id; 3635 drive->d_lun = 0; 3636 3637 drive->d_model = nvme->n_idctl->id_model; 3638 drive->d_model_len = sizeof (nvme->n_idctl->id_model); 3639 drive->d_vendor = nvme->n_vendor; 3640 drive->d_vendor_len = strlen(nvme->n_vendor); 3641 drive->d_product = nvme->n_product; 3642 drive->d_product_len = strlen(nvme->n_product); 3643 drive->d_serial = nvme->n_idctl->id_serial; 3644 drive->d_serial_len = sizeof (nvme->n_idctl->id_serial); 3645 drive->d_revision = nvme->n_idctl->id_fwrev; 3646 drive->d_revision_len = sizeof (nvme->n_idctl->id_fwrev); 3647 } 3648 3649 static int 3650 nvme_bd_mediainfo(void *arg, bd_media_t *media) 3651 { 3652 nvme_namespace_t *ns = arg; 3653 3654 media->m_nblks = ns->ns_block_count; 3655 media->m_blksize = ns->ns_block_size; 3656 media->m_readonly = B_FALSE; 3657 media->m_solidstate = B_TRUE; 3658 3659 media->m_pblksize = ns->ns_best_block_size; 3660 3661 return (0); 3662 } 3663 3664 static int 3665 nvme_bd_cmd(nvme_namespace_t *ns, bd_xfer_t *xfer, uint8_t opc) 3666 { 3667 nvme_t *nvme = ns->ns_nvme; 3668 nvme_cmd_t *cmd; 3669 nvme_qpair_t *ioq; 3670 boolean_t poll; 3671 int ret; 3672 3673 if (nvme->n_dead) 3674 return (EIO); 3675 3676 cmd = nvme_create_nvm_cmd(ns, opc, xfer); 3677 if (cmd == NULL) 3678 return (ENOMEM); 3679 3680 cmd->nc_sqid = (CPU->cpu_id % nvme->n_ioq_count) + 1; 3681 ASSERT(cmd->nc_sqid <= nvme->n_ioq_count); 3682 ioq = nvme->n_ioq[cmd->nc_sqid]; 3683 3684 /* 3685 * Get the polling flag before submitting the command. The command may 3686 * complete immediately after it was submitted, which means we must 3687 * treat both cmd and xfer as if they have been freed already. 3688 */ 3689 poll = (xfer->x_flags & BD_XFER_POLL) != 0; 3690 3691 ret = nvme_submit_io_cmd(ioq, cmd); 3692 3693 if (ret != 0) 3694 return (ret); 3695 3696 if (!poll) 3697 return (0); 3698 3699 do { 3700 cmd = nvme_retrieve_cmd(nvme, ioq); 3701 if (cmd != NULL) 3702 cmd->nc_callback(cmd); 3703 else 3704 drv_usecwait(10); 3705 } while (ioq->nq_active_cmds != 0); 3706 3707 return (0); 3708 } 3709 3710 static int 3711 nvme_bd_read(void *arg, bd_xfer_t *xfer) 3712 { 3713 nvme_namespace_t *ns = arg; 3714 3715 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_READ)); 3716 } 3717 3718 static int 3719 nvme_bd_write(void *arg, bd_xfer_t *xfer) 3720 { 3721 nvme_namespace_t *ns = arg; 3722 3723 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_WRITE)); 3724 } 3725 3726 static int 3727 nvme_bd_sync(void *arg, bd_xfer_t *xfer) 3728 { 3729 nvme_namespace_t *ns = arg; 3730 3731 if (ns->ns_nvme->n_dead) 3732 return (EIO); 3733 3734 /* 3735 * If the volatile write cache is not present or not enabled the FLUSH 3736 * command is a no-op, so we can take a shortcut here. 3737 */ 3738 if (!ns->ns_nvme->n_write_cache_present) { 3739 bd_xfer_done(xfer, ENOTSUP); 3740 return (0); 3741 } 3742 3743 if (!ns->ns_nvme->n_write_cache_enabled) { 3744 bd_xfer_done(xfer, 0); 3745 return (0); 3746 } 3747 3748 return (nvme_bd_cmd(ns, xfer, NVME_OPC_NVM_FLUSH)); 3749 } 3750 3751 static int 3752 nvme_bd_devid(void *arg, dev_info_t *devinfo, ddi_devid_t *devid) 3753 { 3754 nvme_namespace_t *ns = arg; 3755 3756 /*LINTED: E_BAD_PTR_CAST_ALIGN*/ 3757 if (*(uint64_t *)ns->ns_eui64 != 0) { 3758 return (ddi_devid_init(devinfo, DEVID_SCSI3_WWN, 3759 sizeof (ns->ns_eui64), ns->ns_eui64, devid)); 3760 } else { 3761 return (ddi_devid_init(devinfo, DEVID_ENCAP, 3762 strlen(ns->ns_devid), ns->ns_devid, devid)); 3763 } 3764 } 3765 3766 static int 3767 nvme_open(dev_t *devp, int flag, int otyp, cred_t *cred_p) 3768 { 3769 #ifndef __lock_lint 3770 _NOTE(ARGUNUSED(cred_p)); 3771 #endif 3772 minor_t minor = getminor(*devp); 3773 nvme_t *nvme = ddi_get_soft_state(nvme_state, NVME_MINOR_INST(minor)); 3774 int nsid = NVME_MINOR_NSID(minor); 3775 nvme_minor_state_t *nm; 3776 int rv = 0; 3777 3778 if (otyp != OTYP_CHR) 3779 return (EINVAL); 3780 3781 if (nvme == NULL) 3782 return (ENXIO); 3783 3784 if (nsid > nvme->n_namespace_count) 3785 return (ENXIO); 3786 3787 if (nvme->n_dead) 3788 return (EIO); 3789 3790 nm = nsid == 0 ? &nvme->n_minor : &nvme->n_ns[nsid - 1].ns_minor; 3791 3792 mutex_enter(&nm->nm_mutex); 3793 if (nm->nm_oexcl) { 3794 rv = EBUSY; 3795 goto out; 3796 } 3797 3798 if (flag & FEXCL) { 3799 if (nm->nm_ocnt != 0) { 3800 rv = EBUSY; 3801 goto out; 3802 } 3803 nm->nm_oexcl = B_TRUE; 3804 } 3805 3806 nm->nm_ocnt++; 3807 3808 out: 3809 mutex_exit(&nm->nm_mutex); 3810 return (rv); 3811 3812 } 3813 3814 static int 3815 nvme_close(dev_t dev, int flag, int otyp, cred_t *cred_p) 3816 { 3817 #ifndef __lock_lint 3818 _NOTE(ARGUNUSED(cred_p)); 3819 _NOTE(ARGUNUSED(flag)); 3820 #endif 3821 minor_t minor = getminor(dev); 3822 nvme_t *nvme = ddi_get_soft_state(nvme_state, NVME_MINOR_INST(minor)); 3823 int nsid = NVME_MINOR_NSID(minor); 3824 nvme_minor_state_t *nm; 3825 3826 if (otyp != OTYP_CHR) 3827 return (ENXIO); 3828 3829 if (nvme == NULL) 3830 return (ENXIO); 3831 3832 if (nsid > nvme->n_namespace_count) 3833 return (ENXIO); 3834 3835 nm = nsid == 0 ? &nvme->n_minor : &nvme->n_ns[nsid - 1].ns_minor; 3836 3837 mutex_enter(&nm->nm_mutex); 3838 if (nm->nm_oexcl) 3839 nm->nm_oexcl = B_FALSE; 3840 3841 ASSERT(nm->nm_ocnt > 0); 3842 nm->nm_ocnt--; 3843 mutex_exit(&nm->nm_mutex); 3844 3845 return (0); 3846 } 3847 3848 static int 3849 nvme_ioctl_identify(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 3850 cred_t *cred_p) 3851 { 3852 _NOTE(ARGUNUSED(cred_p)); 3853 int rv = 0; 3854 void *idctl; 3855 3856 if ((mode & FREAD) == 0) 3857 return (EPERM); 3858 3859 if (nioc->n_len < NVME_IDENTIFY_BUFSIZE) 3860 return (EINVAL); 3861 3862 if ((rv = nvme_identify(nvme, B_TRUE, nsid, (void **)&idctl)) != 0) 3863 return (rv); 3864 3865 if (ddi_copyout(idctl, (void *)nioc->n_buf, NVME_IDENTIFY_BUFSIZE, mode) 3866 != 0) 3867 rv = EFAULT; 3868 3869 kmem_free(idctl, NVME_IDENTIFY_BUFSIZE); 3870 3871 return (rv); 3872 } 3873 3874 static int 3875 nvme_ioctl_capabilities(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, 3876 int mode, cred_t *cred_p) 3877 { 3878 _NOTE(ARGUNUSED(nsid, cred_p)); 3879 int rv = 0; 3880 nvme_reg_cap_t cap = { 0 }; 3881 nvme_capabilities_t nc; 3882 3883 if ((mode & FREAD) == 0) 3884 return (EPERM); 3885 3886 if (nioc->n_len < sizeof (nc)) 3887 return (EINVAL); 3888 3889 cap.r = nvme_get64(nvme, NVME_REG_CAP); 3890 3891 /* 3892 * The MPSMIN and MPSMAX fields in the CAP register use 0 to 3893 * specify the base page size of 4k (1<<12), so add 12 here to 3894 * get the real page size value. 3895 */ 3896 nc.mpsmax = 1 << (12 + cap.b.cap_mpsmax); 3897 nc.mpsmin = 1 << (12 + cap.b.cap_mpsmin); 3898 3899 if (ddi_copyout(&nc, (void *)nioc->n_buf, sizeof (nc), mode) != 0) 3900 rv = EFAULT; 3901 3902 return (rv); 3903 } 3904 3905 static int 3906 nvme_ioctl_get_logpage(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, 3907 int mode, cred_t *cred_p) 3908 { 3909 _NOTE(ARGUNUSED(cred_p)); 3910 void *log = NULL; 3911 size_t bufsize = 0; 3912 int rv = 0; 3913 3914 if ((mode & FREAD) == 0) 3915 return (EPERM); 3916 3917 switch (nioc->n_arg) { 3918 case NVME_LOGPAGE_ERROR: 3919 if (nsid != 0) 3920 return (EINVAL); 3921 break; 3922 case NVME_LOGPAGE_HEALTH: 3923 if (nsid != 0 && nvme->n_idctl->id_lpa.lp_smart == 0) 3924 return (EINVAL); 3925 3926 if (nsid == 0) 3927 nsid = (uint32_t)-1; 3928 3929 break; 3930 case NVME_LOGPAGE_FWSLOT: 3931 if (nsid != 0) 3932 return (EINVAL); 3933 break; 3934 default: 3935 return (EINVAL); 3936 } 3937 3938 if (nvme_get_logpage(nvme, B_TRUE, &log, &bufsize, nioc->n_arg, nsid) 3939 != DDI_SUCCESS) 3940 return (EIO); 3941 3942 if (nioc->n_len < bufsize) { 3943 kmem_free(log, bufsize); 3944 return (EINVAL); 3945 } 3946 3947 if (ddi_copyout(log, (void *)nioc->n_buf, bufsize, mode) != 0) 3948 rv = EFAULT; 3949 3950 nioc->n_len = bufsize; 3951 kmem_free(log, bufsize); 3952 3953 return (rv); 3954 } 3955 3956 static int 3957 nvme_ioctl_get_features(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, 3958 int mode, cred_t *cred_p) 3959 { 3960 _NOTE(ARGUNUSED(cred_p)); 3961 void *buf = NULL; 3962 size_t bufsize = 0; 3963 uint32_t res = 0; 3964 uint8_t feature; 3965 int rv = 0; 3966 3967 if ((mode & FREAD) == 0) 3968 return (EPERM); 3969 3970 if ((nioc->n_arg >> 32) > 0xff) 3971 return (EINVAL); 3972 3973 feature = (uint8_t)(nioc->n_arg >> 32); 3974 3975 switch (feature) { 3976 case NVME_FEAT_ARBITRATION: 3977 case NVME_FEAT_POWER_MGMT: 3978 case NVME_FEAT_TEMPERATURE: 3979 case NVME_FEAT_ERROR: 3980 case NVME_FEAT_NQUEUES: 3981 case NVME_FEAT_INTR_COAL: 3982 case NVME_FEAT_WRITE_ATOM: 3983 case NVME_FEAT_ASYNC_EVENT: 3984 case NVME_FEAT_PROGRESS: 3985 if (nsid != 0) 3986 return (EINVAL); 3987 break; 3988 3989 case NVME_FEAT_INTR_VECT: 3990 if (nsid != 0) 3991 return (EINVAL); 3992 3993 res = nioc->n_arg & 0xffffffffUL; 3994 if (res >= nvme->n_intr_cnt) 3995 return (EINVAL); 3996 break; 3997 3998 case NVME_FEAT_LBA_RANGE: 3999 if (nvme->n_lba_range_supported == B_FALSE) 4000 return (EINVAL); 4001 4002 if (nsid == 0 || 4003 nsid > nvme->n_namespace_count) 4004 return (EINVAL); 4005 4006 break; 4007 4008 case NVME_FEAT_WRITE_CACHE: 4009 if (nsid != 0) 4010 return (EINVAL); 4011 4012 if (!nvme->n_write_cache_present) 4013 return (EINVAL); 4014 4015 break; 4016 4017 case NVME_FEAT_AUTO_PST: 4018 if (nsid != 0) 4019 return (EINVAL); 4020 4021 if (!nvme->n_auto_pst_supported) 4022 return (EINVAL); 4023 4024 break; 4025 4026 default: 4027 return (EINVAL); 4028 } 4029 4030 rv = nvme_get_features(nvme, B_TRUE, nsid, feature, &res, &buf, 4031 &bufsize); 4032 if (rv != 0) 4033 return (rv); 4034 4035 if (nioc->n_len < bufsize) { 4036 kmem_free(buf, bufsize); 4037 return (EINVAL); 4038 } 4039 4040 if (buf && ddi_copyout(buf, (void*)nioc->n_buf, bufsize, mode) != 0) 4041 rv = EFAULT; 4042 4043 kmem_free(buf, bufsize); 4044 nioc->n_arg = res; 4045 nioc->n_len = bufsize; 4046 4047 return (rv); 4048 } 4049 4050 static int 4051 nvme_ioctl_intr_cnt(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 4052 cred_t *cred_p) 4053 { 4054 _NOTE(ARGUNUSED(nsid, mode, cred_p)); 4055 4056 if ((mode & FREAD) == 0) 4057 return (EPERM); 4058 4059 nioc->n_arg = nvme->n_intr_cnt; 4060 return (0); 4061 } 4062 4063 static int 4064 nvme_ioctl_version(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 4065 cred_t *cred_p) 4066 { 4067 _NOTE(ARGUNUSED(nsid, cred_p)); 4068 int rv = 0; 4069 4070 if ((mode & FREAD) == 0) 4071 return (EPERM); 4072 4073 if (nioc->n_len < sizeof (nvme->n_version)) 4074 return (ENOMEM); 4075 4076 if (ddi_copyout(&nvme->n_version, (void *)nioc->n_buf, 4077 sizeof (nvme->n_version), mode) != 0) 4078 rv = EFAULT; 4079 4080 return (rv); 4081 } 4082 4083 static int 4084 nvme_ioctl_format(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 4085 cred_t *cred_p) 4086 { 4087 _NOTE(ARGUNUSED(mode)); 4088 nvme_format_nvm_t frmt = { 0 }; 4089 int c_nsid = nsid != 0 ? nsid - 1 : 0; 4090 4091 if ((mode & FWRITE) == 0 || secpolicy_sys_config(cred_p, B_FALSE) != 0) 4092 return (EPERM); 4093 4094 frmt.r = nioc->n_arg & 0xffffffff; 4095 4096 /* 4097 * Check whether the FORMAT NVM command is supported. 4098 */ 4099 if (nvme->n_idctl->id_oacs.oa_format == 0) 4100 return (EINVAL); 4101 4102 /* 4103 * Don't allow format or secure erase of individual namespace if that 4104 * would cause a format or secure erase of all namespaces. 4105 */ 4106 if (nsid != 0 && nvme->n_idctl->id_fna.fn_format != 0) 4107 return (EINVAL); 4108 4109 if (nsid != 0 && frmt.b.fm_ses != NVME_FRMT_SES_NONE && 4110 nvme->n_idctl->id_fna.fn_sec_erase != 0) 4111 return (EINVAL); 4112 4113 /* 4114 * Don't allow formatting with Protection Information. 4115 */ 4116 if (frmt.b.fm_pi != 0 || frmt.b.fm_pil != 0 || frmt.b.fm_ms != 0) 4117 return (EINVAL); 4118 4119 /* 4120 * Don't allow formatting using an illegal LBA format, or any LBA format 4121 * that uses metadata. 4122 */ 4123 if (frmt.b.fm_lbaf > nvme->n_ns[c_nsid].ns_idns->id_nlbaf || 4124 nvme->n_ns[c_nsid].ns_idns->id_lbaf[frmt.b.fm_lbaf].lbaf_ms != 0) 4125 return (EINVAL); 4126 4127 /* 4128 * Don't allow formatting using an illegal Secure Erase setting. 4129 */ 4130 if (frmt.b.fm_ses > NVME_FRMT_MAX_SES || 4131 (frmt.b.fm_ses == NVME_FRMT_SES_CRYPTO && 4132 nvme->n_idctl->id_fna.fn_crypt_erase == 0)) 4133 return (EINVAL); 4134 4135 if (nsid == 0) 4136 nsid = (uint32_t)-1; 4137 4138 return (nvme_format_nvm(nvme, B_TRUE, nsid, frmt.b.fm_lbaf, B_FALSE, 0, 4139 B_FALSE, frmt.b.fm_ses)); 4140 } 4141 4142 static int 4143 nvme_ioctl_detach(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 4144 cred_t *cred_p) 4145 { 4146 _NOTE(ARGUNUSED(nioc, mode)); 4147 int rv = 0; 4148 4149 if ((mode & FWRITE) == 0 || secpolicy_sys_config(cred_p, B_FALSE) != 0) 4150 return (EPERM); 4151 4152 if (nsid == 0) 4153 return (EINVAL); 4154 4155 rv = bd_detach_handle(nvme->n_ns[nsid - 1].ns_bd_hdl); 4156 if (rv != DDI_SUCCESS) 4157 rv = EBUSY; 4158 4159 return (rv); 4160 } 4161 4162 static int 4163 nvme_ioctl_attach(nvme_t *nvme, int nsid, nvme_ioctl_t *nioc, int mode, 4164 cred_t *cred_p) 4165 { 4166 _NOTE(ARGUNUSED(nioc, mode)); 4167 nvme_identify_nsid_t *idns; 4168 int rv = 0; 4169 4170 if ((mode & FWRITE) == 0 || secpolicy_sys_config(cred_p, B_FALSE) != 0) 4171 return (EPERM); 4172 4173 if (nsid == 0) 4174 return (EINVAL); 4175 4176 /* 4177 * Identify namespace again, free old identify data. 4178 */ 4179 idns = nvme->n_ns[nsid - 1].ns_idns; 4180 if (nvme_init_ns(nvme, nsid) != DDI_SUCCESS) 4181 return (EIO); 4182 4183 kmem_free(idns, sizeof (nvme_identify_nsid_t)); 4184 4185 rv = bd_attach_handle(nvme->n_dip, nvme->n_ns[nsid - 1].ns_bd_hdl); 4186 if (rv != DDI_SUCCESS) 4187 rv = EBUSY; 4188 4189 return (rv); 4190 } 4191 4192 static int 4193 nvme_ioctl(dev_t dev, int cmd, intptr_t arg, int mode, cred_t *cred_p, 4194 int *rval_p) 4195 { 4196 #ifndef __lock_lint 4197 _NOTE(ARGUNUSED(rval_p)); 4198 #endif 4199 minor_t minor = getminor(dev); 4200 nvme_t *nvme = ddi_get_soft_state(nvme_state, NVME_MINOR_INST(minor)); 4201 int nsid = NVME_MINOR_NSID(minor); 4202 int rv = 0; 4203 nvme_ioctl_t nioc; 4204 4205 int (*nvme_ioctl[])(nvme_t *, int, nvme_ioctl_t *, int, cred_t *) = { 4206 NULL, 4207 nvme_ioctl_identify, 4208 nvme_ioctl_identify, 4209 nvme_ioctl_capabilities, 4210 nvme_ioctl_get_logpage, 4211 nvme_ioctl_get_features, 4212 nvme_ioctl_intr_cnt, 4213 nvme_ioctl_version, 4214 nvme_ioctl_format, 4215 nvme_ioctl_detach, 4216 nvme_ioctl_attach 4217 }; 4218 4219 if (nvme == NULL) 4220 return (ENXIO); 4221 4222 if (nsid > nvme->n_namespace_count) 4223 return (ENXIO); 4224 4225 if (IS_DEVCTL(cmd)) 4226 return (ndi_devctl_ioctl(nvme->n_dip, cmd, arg, mode, 0)); 4227 4228 #ifdef _MULTI_DATAMODEL 4229 switch (ddi_model_convert_from(mode & FMODELS)) { 4230 case DDI_MODEL_ILP32: { 4231 nvme_ioctl32_t nioc32; 4232 if (ddi_copyin((void*)arg, &nioc32, sizeof (nvme_ioctl32_t), 4233 mode) != 0) 4234 return (EFAULT); 4235 nioc.n_len = nioc32.n_len; 4236 nioc.n_buf = nioc32.n_buf; 4237 nioc.n_arg = nioc32.n_arg; 4238 break; 4239 } 4240 case DDI_MODEL_NONE: 4241 #endif 4242 if (ddi_copyin((void*)arg, &nioc, sizeof (nvme_ioctl_t), mode) 4243 != 0) 4244 return (EFAULT); 4245 #ifdef _MULTI_DATAMODEL 4246 break; 4247 } 4248 #endif 4249 4250 if (nvme->n_dead && cmd != NVME_IOC_DETACH) 4251 return (EIO); 4252 4253 4254 if (cmd == NVME_IOC_IDENTIFY_CTRL) { 4255 /* 4256 * This makes NVME_IOC_IDENTIFY_CTRL work the same on devctl and 4257 * attachment point nodes. 4258 */ 4259 nsid = 0; 4260 } else if (cmd == NVME_IOC_IDENTIFY_NSID && nsid == 0) { 4261 /* 4262 * This makes NVME_IOC_IDENTIFY_NSID work on a devctl node, it 4263 * will always return identify data for namespace 1. 4264 */ 4265 nsid = 1; 4266 } 4267 4268 if (IS_NVME_IOC(cmd) && nvme_ioctl[NVME_IOC_CMD(cmd)] != NULL) 4269 rv = nvme_ioctl[NVME_IOC_CMD(cmd)](nvme, nsid, &nioc, mode, 4270 cred_p); 4271 else 4272 rv = EINVAL; 4273 4274 #ifdef _MULTI_DATAMODEL 4275 switch (ddi_model_convert_from(mode & FMODELS)) { 4276 case DDI_MODEL_ILP32: { 4277 nvme_ioctl32_t nioc32; 4278 4279 nioc32.n_len = (size32_t)nioc.n_len; 4280 nioc32.n_buf = (uintptr32_t)nioc.n_buf; 4281 nioc32.n_arg = nioc.n_arg; 4282 4283 if (ddi_copyout(&nioc32, (void *)arg, sizeof (nvme_ioctl32_t), 4284 mode) != 0) 4285 return (EFAULT); 4286 break; 4287 } 4288 case DDI_MODEL_NONE: 4289 #endif 4290 if (ddi_copyout(&nioc, (void *)arg, sizeof (nvme_ioctl_t), mode) 4291 != 0) 4292 return (EFAULT); 4293 #ifdef _MULTI_DATAMODEL 4294 break; 4295 } 4296 #endif 4297 4298 return (rv); 4299 } 4300