1 /* 2 * This file is provided under a dual BSD/GPLv2 license. When using or 3 * redistributing this file, you may do so under either license. 4 * 5 * GPL LICENSE SUMMARY 6 * 7 * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved. 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of version 2 of the GNU General Public License as 11 * published by the Free Software Foundation. 12 * 13 * This program is distributed in the hope that it will be useful, but 14 * WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * General Public License for more details. 17 * 18 * You should have received a copy of the GNU General Public License 19 * along with this program; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. 21 * The full GNU General Public License is included in this distribution 22 * in the file called LICENSE.GPL. 23 * 24 * BSD LICENSE 25 * 26 * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved. 27 * All rights reserved. 28 * 29 * Redistribution and use in source and binary forms, with or without 30 * modification, are permitted provided that the following conditions 31 * are met: 32 * 33 * * Redistributions of source code must retain the above copyright 34 * notice, this list of conditions and the following disclaimer. 35 * * Redistributions in binary form must reproduce the above copyright 36 * notice, this list of conditions and the following disclaimer in 37 * the documentation and/or other materials provided with the 38 * distribution. 39 * * Neither the name of Intel Corporation nor the names of its 40 * contributors may be used to endorse or promote products derived 41 * from this software without specific prior written permission. 42 * 43 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 44 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 45 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 46 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 47 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 48 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 49 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 50 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 51 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 52 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 53 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 54 */ 55 56 #include <linux/completion.h> 57 #include <linux/irqflags.h> 58 #include "sas.h" 59 #include <scsi/libsas.h> 60 #include "remote_device.h" 61 #include "remote_node_context.h" 62 #include "isci.h" 63 #include "request.h" 64 #include "task.h" 65 #include "host.h" 66 67 /** 68 * isci_task_refuse() - complete the request to the upper layer driver in 69 * the case where an I/O needs to be completed back in the submit path. 70 * @ihost: host on which the the request was queued 71 * @task: request to complete 72 * @response: response code for the completed task. 73 * @status: status code for the completed task. 74 * 75 */ 76 static void isci_task_refuse(struct isci_host *ihost, struct sas_task *task, 77 enum service_response response, 78 enum exec_status status) 79 80 { 81 enum isci_completion_selection disposition; 82 83 disposition = isci_perform_normal_io_completion; 84 disposition = isci_task_set_completion_status(task, response, status, 85 disposition); 86 87 /* Tasks aborted specifically by a call to the lldd_abort_task 88 * function should not be completed to the host in the regular path. 89 */ 90 switch (disposition) { 91 case isci_perform_normal_io_completion: 92 /* Normal notification (task_done) */ 93 dev_dbg(&ihost->pdev->dev, 94 "%s: Normal - task = %p, response=%d, " 95 "status=%d\n", 96 __func__, task, response, status); 97 98 task->lldd_task = NULL; 99 100 isci_execpath_callback(ihost, task, task->task_done); 101 break; 102 103 case isci_perform_aborted_io_completion: 104 /* No notification because this request is already in the 105 * abort path. 106 */ 107 dev_warn(&ihost->pdev->dev, 108 "%s: Aborted - task = %p, response=%d, " 109 "status=%d\n", 110 __func__, task, response, status); 111 break; 112 113 case isci_perform_error_io_completion: 114 /* Use sas_task_abort */ 115 dev_warn(&ihost->pdev->dev, 116 "%s: Error - task = %p, response=%d, " 117 "status=%d\n", 118 __func__, task, response, status); 119 120 isci_execpath_callback(ihost, task, sas_task_abort); 121 break; 122 123 default: 124 dev_warn(&ihost->pdev->dev, 125 "%s: isci task notification default case!", 126 __func__); 127 sas_task_abort(task); 128 break; 129 } 130 } 131 132 #define for_each_sas_task(num, task) \ 133 for (; num > 0; num--,\ 134 task = list_entry(task->list.next, struct sas_task, list)) 135 136 137 static inline int isci_device_io_ready(struct isci_remote_device *idev, 138 struct sas_task *task) 139 { 140 return idev ? test_bit(IDEV_IO_READY, &idev->flags) || 141 (test_bit(IDEV_IO_NCQERROR, &idev->flags) && 142 isci_task_is_ncq_recovery(task)) 143 : 0; 144 } 145 /** 146 * isci_task_execute_task() - This function is one of the SAS Domain Template 147 * functions. This function is called by libsas to send a task down to 148 * hardware. 149 * @task: This parameter specifies the SAS task to send. 150 * @num: This parameter specifies the number of tasks to queue. 151 * @gfp_flags: This parameter specifies the context of this call. 152 * 153 * status, zero indicates success. 154 */ 155 int isci_task_execute_task(struct sas_task *task, int num, gfp_t gfp_flags) 156 { 157 struct isci_host *ihost = dev_to_ihost(task->dev); 158 struct isci_remote_device *idev; 159 unsigned long flags; 160 bool io_ready; 161 u16 tag; 162 163 dev_dbg(&ihost->pdev->dev, "%s: num=%d\n", __func__, num); 164 165 for_each_sas_task(num, task) { 166 enum sci_status status = SCI_FAILURE; 167 168 spin_lock_irqsave(&ihost->scic_lock, flags); 169 idev = isci_lookup_device(task->dev); 170 io_ready = isci_device_io_ready(idev, task); 171 tag = isci_alloc_tag(ihost); 172 spin_unlock_irqrestore(&ihost->scic_lock, flags); 173 174 dev_dbg(&ihost->pdev->dev, 175 "task: %p, num: %d dev: %p idev: %p:%#lx cmd = %p\n", 176 task, num, task->dev, idev, idev ? idev->flags : 0, 177 task->uldd_task); 178 179 if (!idev) { 180 isci_task_refuse(ihost, task, SAS_TASK_UNDELIVERED, 181 SAS_DEVICE_UNKNOWN); 182 } else if (!io_ready || tag == SCI_CONTROLLER_INVALID_IO_TAG) { 183 /* Indicate QUEUE_FULL so that the scsi midlayer 184 * retries. 185 */ 186 isci_task_refuse(ihost, task, SAS_TASK_COMPLETE, 187 SAS_QUEUE_FULL); 188 } else { 189 /* There is a device and it's ready for I/O. */ 190 spin_lock_irqsave(&task->task_state_lock, flags); 191 192 if (task->task_state_flags & SAS_TASK_STATE_ABORTED) { 193 /* The I/O was aborted. */ 194 spin_unlock_irqrestore(&task->task_state_lock, 195 flags); 196 197 isci_task_refuse(ihost, task, 198 SAS_TASK_UNDELIVERED, 199 SAM_STAT_TASK_ABORTED); 200 } else { 201 task->task_state_flags |= SAS_TASK_AT_INITIATOR; 202 spin_unlock_irqrestore(&task->task_state_lock, flags); 203 204 /* build and send the request. */ 205 status = isci_request_execute(ihost, idev, task, tag); 206 207 if (status != SCI_SUCCESS) { 208 209 spin_lock_irqsave(&task->task_state_lock, flags); 210 /* Did not really start this command. */ 211 task->task_state_flags &= ~SAS_TASK_AT_INITIATOR; 212 spin_unlock_irqrestore(&task->task_state_lock, flags); 213 214 /* Indicate QUEUE_FULL so that the scsi 215 * midlayer retries. if the request 216 * failed for remote device reasons, 217 * it gets returned as 218 * SAS_TASK_UNDELIVERED next time 219 * through. 220 */ 221 isci_task_refuse(ihost, task, 222 SAS_TASK_COMPLETE, 223 SAS_QUEUE_FULL); 224 } 225 } 226 } 227 if (status != SCI_SUCCESS && tag != SCI_CONTROLLER_INVALID_IO_TAG) { 228 spin_lock_irqsave(&ihost->scic_lock, flags); 229 /* command never hit the device, so just free 230 * the tci and skip the sequence increment 231 */ 232 isci_tci_free(ihost, ISCI_TAG_TCI(tag)); 233 spin_unlock_irqrestore(&ihost->scic_lock, flags); 234 } 235 isci_put_device(idev); 236 } 237 return 0; 238 } 239 240 static enum sci_status isci_sata_management_task_request_build(struct isci_request *ireq) 241 { 242 struct isci_tmf *isci_tmf; 243 enum sci_status status; 244 245 if (tmf_task != ireq->ttype) 246 return SCI_FAILURE; 247 248 isci_tmf = isci_request_access_tmf(ireq); 249 250 switch (isci_tmf->tmf_code) { 251 252 case isci_tmf_sata_srst_high: 253 case isci_tmf_sata_srst_low: { 254 struct host_to_dev_fis *fis = &ireq->stp.cmd; 255 256 memset(fis, 0, sizeof(*fis)); 257 258 fis->fis_type = 0x27; 259 fis->flags &= ~0x80; 260 fis->flags &= 0xF0; 261 if (isci_tmf->tmf_code == isci_tmf_sata_srst_high) 262 fis->control |= ATA_SRST; 263 else 264 fis->control &= ~ATA_SRST; 265 break; 266 } 267 /* other management commnd go here... */ 268 default: 269 return SCI_FAILURE; 270 } 271 272 /* core builds the protocol specific request 273 * based on the h2d fis. 274 */ 275 status = sci_task_request_construct_sata(ireq); 276 277 return status; 278 } 279 280 static struct isci_request *isci_task_request_build(struct isci_host *ihost, 281 struct isci_remote_device *idev, 282 u16 tag, struct isci_tmf *isci_tmf) 283 { 284 enum sci_status status = SCI_FAILURE; 285 struct isci_request *ireq = NULL; 286 struct domain_device *dev; 287 288 dev_dbg(&ihost->pdev->dev, 289 "%s: isci_tmf = %p\n", __func__, isci_tmf); 290 291 dev = idev->domain_dev; 292 293 /* do common allocation and init of request object. */ 294 ireq = isci_tmf_request_from_tag(ihost, isci_tmf, tag); 295 if (!ireq) 296 return NULL; 297 298 /* let the core do it's construct. */ 299 status = sci_task_request_construct(ihost, idev, tag, 300 ireq); 301 302 if (status != SCI_SUCCESS) { 303 dev_warn(&ihost->pdev->dev, 304 "%s: sci_task_request_construct failed - " 305 "status = 0x%x\n", 306 __func__, 307 status); 308 return NULL; 309 } 310 311 /* XXX convert to get this from task->tproto like other drivers */ 312 if (dev->dev_type == SAS_END_DEV) { 313 isci_tmf->proto = SAS_PROTOCOL_SSP; 314 status = sci_task_request_construct_ssp(ireq); 315 if (status != SCI_SUCCESS) 316 return NULL; 317 } 318 319 if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP)) { 320 isci_tmf->proto = SAS_PROTOCOL_SATA; 321 status = isci_sata_management_task_request_build(ireq); 322 323 if (status != SCI_SUCCESS) 324 return NULL; 325 } 326 return ireq; 327 } 328 329 static int isci_task_execute_tmf(struct isci_host *ihost, 330 struct isci_remote_device *idev, 331 struct isci_tmf *tmf, unsigned long timeout_ms) 332 { 333 DECLARE_COMPLETION_ONSTACK(completion); 334 enum sci_task_status status = SCI_TASK_FAILURE; 335 struct isci_request *ireq; 336 int ret = TMF_RESP_FUNC_FAILED; 337 unsigned long flags; 338 unsigned long timeleft; 339 u16 tag; 340 341 spin_lock_irqsave(&ihost->scic_lock, flags); 342 tag = isci_alloc_tag(ihost); 343 spin_unlock_irqrestore(&ihost->scic_lock, flags); 344 345 if (tag == SCI_CONTROLLER_INVALID_IO_TAG) 346 return ret; 347 348 /* sanity check, return TMF_RESP_FUNC_FAILED 349 * if the device is not there and ready. 350 */ 351 if (!idev || 352 (!test_bit(IDEV_IO_READY, &idev->flags) && 353 !test_bit(IDEV_IO_NCQERROR, &idev->flags))) { 354 dev_dbg(&ihost->pdev->dev, 355 "%s: idev = %p not ready (%#lx)\n", 356 __func__, 357 idev, idev ? idev->flags : 0); 358 goto err_tci; 359 } else 360 dev_dbg(&ihost->pdev->dev, 361 "%s: idev = %p\n", 362 __func__, idev); 363 364 /* Assign the pointer to the TMF's completion kernel wait structure. */ 365 tmf->complete = &completion; 366 367 ireq = isci_task_request_build(ihost, idev, tag, tmf); 368 if (!ireq) 369 goto err_tci; 370 371 spin_lock_irqsave(&ihost->scic_lock, flags); 372 373 /* start the TMF io. */ 374 status = sci_controller_start_task(ihost, idev, ireq); 375 376 if (status != SCI_TASK_SUCCESS) { 377 dev_warn(&ihost->pdev->dev, 378 "%s: start_io failed - status = 0x%x, request = %p\n", 379 __func__, 380 status, 381 ireq); 382 spin_unlock_irqrestore(&ihost->scic_lock, flags); 383 goto err_tci; 384 } 385 386 if (tmf->cb_state_func != NULL) 387 tmf->cb_state_func(isci_tmf_started, tmf, tmf->cb_data); 388 389 isci_request_change_state(ireq, started); 390 391 /* add the request to the remote device request list. */ 392 list_add(&ireq->dev_node, &idev->reqs_in_process); 393 394 spin_unlock_irqrestore(&ihost->scic_lock, flags); 395 396 /* Wait for the TMF to complete, or a timeout. */ 397 timeleft = wait_for_completion_timeout(&completion, 398 msecs_to_jiffies(timeout_ms)); 399 400 if (timeleft == 0) { 401 spin_lock_irqsave(&ihost->scic_lock, flags); 402 403 if (tmf->cb_state_func != NULL) 404 tmf->cb_state_func(isci_tmf_timed_out, tmf, tmf->cb_data); 405 406 sci_controller_terminate_request(ihost, 407 idev, 408 ireq); 409 410 spin_unlock_irqrestore(&ihost->scic_lock, flags); 411 412 wait_for_completion(tmf->complete); 413 } 414 415 isci_print_tmf(tmf); 416 417 if (tmf->status == SCI_SUCCESS) 418 ret = TMF_RESP_FUNC_COMPLETE; 419 else if (tmf->status == SCI_FAILURE_IO_RESPONSE_VALID) { 420 dev_dbg(&ihost->pdev->dev, 421 "%s: tmf.status == " 422 "SCI_FAILURE_IO_RESPONSE_VALID\n", 423 __func__); 424 ret = TMF_RESP_FUNC_COMPLETE; 425 } 426 /* Else - leave the default "failed" status alone. */ 427 428 dev_dbg(&ihost->pdev->dev, 429 "%s: completed request = %p\n", 430 __func__, 431 ireq); 432 433 return ret; 434 435 err_tci: 436 spin_lock_irqsave(&ihost->scic_lock, flags); 437 isci_tci_free(ihost, ISCI_TAG_TCI(tag)); 438 spin_unlock_irqrestore(&ihost->scic_lock, flags); 439 440 return ret; 441 } 442 443 static void isci_task_build_tmf(struct isci_tmf *tmf, 444 enum isci_tmf_function_codes code, 445 void (*tmf_sent_cb)(enum isci_tmf_cb_state, 446 struct isci_tmf *, 447 void *), 448 void *cb_data) 449 { 450 memset(tmf, 0, sizeof(*tmf)); 451 452 tmf->tmf_code = code; 453 tmf->cb_state_func = tmf_sent_cb; 454 tmf->cb_data = cb_data; 455 } 456 457 static void isci_task_build_abort_task_tmf(struct isci_tmf *tmf, 458 enum isci_tmf_function_codes code, 459 void (*tmf_sent_cb)(enum isci_tmf_cb_state, 460 struct isci_tmf *, 461 void *), 462 struct isci_request *old_request) 463 { 464 isci_task_build_tmf(tmf, code, tmf_sent_cb, old_request); 465 tmf->io_tag = old_request->io_tag; 466 } 467 468 /** 469 * isci_task_validate_request_to_abort() - This function checks the given I/O 470 * against the "started" state. If the request is still "started", it's 471 * state is changed to aborted. NOTE: isci_host->scic_lock MUST BE HELD 472 * BEFORE CALLING THIS FUNCTION. 473 * @isci_request: This parameter specifies the request object to control. 474 * @isci_host: This parameter specifies the ISCI host object 475 * @isci_device: This is the device to which the request is pending. 476 * @aborted_io_completion: This is a completion structure that will be added to 477 * the request in case it is changed to aborting; this completion is 478 * triggered when the request is fully completed. 479 * 480 * Either "started" on successful change of the task status to "aborted", or 481 * "unallocated" if the task cannot be controlled. 482 */ 483 static enum isci_request_status isci_task_validate_request_to_abort( 484 struct isci_request *isci_request, 485 struct isci_host *isci_host, 486 struct isci_remote_device *isci_device, 487 struct completion *aborted_io_completion) 488 { 489 enum isci_request_status old_state = unallocated; 490 491 /* Only abort the task if it's in the 492 * device's request_in_process list 493 */ 494 if (isci_request && !list_empty(&isci_request->dev_node)) { 495 old_state = isci_request_change_started_to_aborted( 496 isci_request, aborted_io_completion); 497 498 } 499 500 return old_state; 501 } 502 503 /** 504 * isci_request_cleanup_completed_loiterer() - This function will take care of 505 * the final cleanup on any request which has been explicitly terminated. 506 * @isci_host: This parameter specifies the ISCI host object 507 * @isci_device: This is the device to which the request is pending. 508 * @isci_request: This parameter specifies the terminated request object. 509 * @task: This parameter is the libsas I/O request. 510 */ 511 static void isci_request_cleanup_completed_loiterer( 512 struct isci_host *isci_host, 513 struct isci_remote_device *isci_device, 514 struct isci_request *isci_request, 515 struct sas_task *task) 516 { 517 unsigned long flags; 518 519 dev_dbg(&isci_host->pdev->dev, 520 "%s: isci_device=%p, request=%p, task=%p\n", 521 __func__, isci_device, isci_request, task); 522 523 if (task != NULL) { 524 525 spin_lock_irqsave(&task->task_state_lock, flags); 526 task->lldd_task = NULL; 527 528 task->task_state_flags &= ~SAS_TASK_NEED_DEV_RESET; 529 530 isci_set_task_doneflags(task); 531 532 /* If this task is not in the abort path, call task_done. */ 533 if (!(task->task_state_flags & SAS_TASK_STATE_ABORTED)) { 534 535 spin_unlock_irqrestore(&task->task_state_lock, flags); 536 task->task_done(task); 537 } else 538 spin_unlock_irqrestore(&task->task_state_lock, flags); 539 } 540 541 if (isci_request != NULL) { 542 spin_lock_irqsave(&isci_host->scic_lock, flags); 543 list_del_init(&isci_request->dev_node); 544 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 545 } 546 } 547 548 /** 549 * isci_terminate_request_core() - This function will terminate the given 550 * request, and wait for it to complete. This function must only be called 551 * from a thread that can wait. Note that the request is terminated and 552 * completed (back to the host, if started there). 553 * @ihost: This SCU. 554 * @idev: The target. 555 * @isci_request: The I/O request to be terminated. 556 * 557 */ 558 static void isci_terminate_request_core(struct isci_host *ihost, 559 struct isci_remote_device *idev, 560 struct isci_request *isci_request) 561 { 562 enum sci_status status = SCI_SUCCESS; 563 bool was_terminated = false; 564 bool needs_cleanup_handling = false; 565 enum isci_request_status request_status; 566 unsigned long flags; 567 unsigned long termination_completed = 1; 568 struct completion *io_request_completion; 569 struct sas_task *task; 570 571 dev_dbg(&ihost->pdev->dev, 572 "%s: device = %p; request = %p\n", 573 __func__, idev, isci_request); 574 575 spin_lock_irqsave(&ihost->scic_lock, flags); 576 577 io_request_completion = isci_request->io_request_completion; 578 579 task = (isci_request->ttype == io_task) 580 ? isci_request_access_task(isci_request) 581 : NULL; 582 583 /* Note that we are not going to control 584 * the target to abort the request. 585 */ 586 set_bit(IREQ_COMPLETE_IN_TARGET, &isci_request->flags); 587 588 /* Make sure the request wasn't just sitting around signalling 589 * device condition (if the request handle is NULL, then the 590 * request completed but needed additional handling here). 591 */ 592 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) { 593 was_terminated = true; 594 needs_cleanup_handling = true; 595 status = sci_controller_terminate_request(ihost, 596 idev, 597 isci_request); 598 } 599 spin_unlock_irqrestore(&ihost->scic_lock, flags); 600 601 /* 602 * The only time the request to terminate will 603 * fail is when the io request is completed and 604 * being aborted. 605 */ 606 if (status != SCI_SUCCESS) { 607 dev_err(&ihost->pdev->dev, 608 "%s: sci_controller_terminate_request" 609 " returned = 0x%x\n", 610 __func__, status); 611 612 isci_request->io_request_completion = NULL; 613 614 } else { 615 if (was_terminated) { 616 dev_dbg(&ihost->pdev->dev, 617 "%s: before completion wait (%p/%p)\n", 618 __func__, isci_request, io_request_completion); 619 620 /* Wait here for the request to complete. */ 621 #define TERMINATION_TIMEOUT_MSEC 500 622 termination_completed 623 = wait_for_completion_timeout( 624 io_request_completion, 625 msecs_to_jiffies(TERMINATION_TIMEOUT_MSEC)); 626 627 if (!termination_completed) { 628 629 /* The request to terminate has timed out. */ 630 spin_lock_irqsave(&ihost->scic_lock, 631 flags); 632 633 /* Check for state changes. */ 634 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) { 635 636 /* The best we can do is to have the 637 * request die a silent death if it 638 * ever really completes. 639 * 640 * Set the request state to "dead", 641 * and clear the task pointer so that 642 * an actual completion event callback 643 * doesn't do anything. 644 */ 645 isci_request->status = dead; 646 isci_request->io_request_completion 647 = NULL; 648 649 if (isci_request->ttype == io_task) { 650 651 /* Break links with the 652 * sas_task. 653 */ 654 isci_request->ttype_ptr.io_task_ptr 655 = NULL; 656 } 657 } else 658 termination_completed = 1; 659 660 spin_unlock_irqrestore(&ihost->scic_lock, 661 flags); 662 663 if (!termination_completed) { 664 665 dev_err(&ihost->pdev->dev, 666 "%s: *** Timeout waiting for " 667 "termination(%p/%p)\n", 668 __func__, io_request_completion, 669 isci_request); 670 671 /* The request can no longer be referenced 672 * safely since it may go away if the 673 * termination every really does complete. 674 */ 675 isci_request = NULL; 676 } 677 } 678 if (termination_completed) 679 dev_dbg(&ihost->pdev->dev, 680 "%s: after completion wait (%p/%p)\n", 681 __func__, isci_request, io_request_completion); 682 } 683 684 if (termination_completed) { 685 686 isci_request->io_request_completion = NULL; 687 688 /* Peek at the status of the request. This will tell 689 * us if there was special handling on the request such that it 690 * needs to be detached and freed here. 691 */ 692 spin_lock_irqsave(&isci_request->state_lock, flags); 693 request_status = isci_request->status; 694 695 if ((isci_request->ttype == io_task) /* TMFs are in their own thread */ 696 && ((request_status == aborted) 697 || (request_status == aborting) 698 || (request_status == terminating) 699 || (request_status == completed) 700 || (request_status == dead) 701 ) 702 ) { 703 704 /* The completion routine won't free a request in 705 * the aborted/aborting/etc. states, so we do 706 * it here. 707 */ 708 needs_cleanup_handling = true; 709 } 710 spin_unlock_irqrestore(&isci_request->state_lock, flags); 711 712 } 713 if (needs_cleanup_handling) 714 isci_request_cleanup_completed_loiterer( 715 ihost, idev, isci_request, task); 716 } 717 } 718 719 /** 720 * isci_terminate_pending_requests() - This function will change the all of the 721 * requests on the given device's state to "aborting", will terminate the 722 * requests, and wait for them to complete. This function must only be 723 * called from a thread that can wait. Note that the requests are all 724 * terminated and completed (back to the host, if started there). 725 * @isci_host: This parameter specifies SCU. 726 * @idev: This parameter specifies the target. 727 * 728 */ 729 void isci_terminate_pending_requests(struct isci_host *ihost, 730 struct isci_remote_device *idev) 731 { 732 struct completion request_completion; 733 enum isci_request_status old_state; 734 unsigned long flags; 735 LIST_HEAD(list); 736 737 spin_lock_irqsave(&ihost->scic_lock, flags); 738 list_splice_init(&idev->reqs_in_process, &list); 739 740 /* assumes that isci_terminate_request_core deletes from the list */ 741 while (!list_empty(&list)) { 742 struct isci_request *ireq = list_entry(list.next, typeof(*ireq), dev_node); 743 744 /* Change state to "terminating" if it is currently 745 * "started". 746 */ 747 old_state = isci_request_change_started_to_newstate(ireq, 748 &request_completion, 749 terminating); 750 switch (old_state) { 751 case started: 752 case completed: 753 case aborting: 754 break; 755 default: 756 /* termination in progress, or otherwise dispositioned. 757 * We know the request was on 'list' so should be safe 758 * to move it back to reqs_in_process 759 */ 760 list_move(&ireq->dev_node, &idev->reqs_in_process); 761 ireq = NULL; 762 break; 763 } 764 765 if (!ireq) 766 continue; 767 spin_unlock_irqrestore(&ihost->scic_lock, flags); 768 769 init_completion(&request_completion); 770 771 dev_dbg(&ihost->pdev->dev, 772 "%s: idev=%p request=%p; task=%p old_state=%d\n", 773 __func__, idev, ireq, 774 ireq->ttype == io_task ? isci_request_access_task(ireq) : NULL, 775 old_state); 776 777 /* If the old_state is started: 778 * This request was not already being aborted. If it had been, 779 * then the aborting I/O (ie. the TMF request) would not be in 780 * the aborting state, and thus would be terminated here. Note 781 * that since the TMF completion's call to the kernel function 782 * "complete()" does not happen until the pending I/O request 783 * terminate fully completes, we do not have to implement a 784 * special wait here for already aborting requests - the 785 * termination of the TMF request will force the request 786 * to finish it's already started terminate. 787 * 788 * If old_state == completed: 789 * This request completed from the SCU hardware perspective 790 * and now just needs cleaning up in terms of freeing the 791 * request and potentially calling up to libsas. 792 * 793 * If old_state == aborting: 794 * This request has already gone through a TMF timeout, but may 795 * not have been terminated; needs cleaning up at least. 796 */ 797 isci_terminate_request_core(ihost, idev, ireq); 798 spin_lock_irqsave(&ihost->scic_lock, flags); 799 } 800 spin_unlock_irqrestore(&ihost->scic_lock, flags); 801 } 802 803 /** 804 * isci_task_send_lu_reset_sas() - This function is called by of the SAS Domain 805 * Template functions. 806 * @lun: This parameter specifies the lun to be reset. 807 * 808 * status, zero indicates success. 809 */ 810 static int isci_task_send_lu_reset_sas( 811 struct isci_host *isci_host, 812 struct isci_remote_device *isci_device, 813 u8 *lun) 814 { 815 struct isci_tmf tmf; 816 int ret = TMF_RESP_FUNC_FAILED; 817 818 dev_dbg(&isci_host->pdev->dev, 819 "%s: isci_host = %p, isci_device = %p\n", 820 __func__, isci_host, isci_device); 821 /* Send the LUN reset to the target. By the time the call returns, 822 * the TMF has fully exected in the target (in which case the return 823 * value is "TMF_RESP_FUNC_COMPLETE", or the request timed-out (or 824 * was otherwise unable to be executed ("TMF_RESP_FUNC_FAILED"). 825 */ 826 isci_task_build_tmf(&tmf, isci_tmf_ssp_lun_reset, NULL, NULL); 827 828 #define ISCI_LU_RESET_TIMEOUT_MS 2000 /* 2 second timeout. */ 829 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, ISCI_LU_RESET_TIMEOUT_MS); 830 831 if (ret == TMF_RESP_FUNC_COMPLETE) 832 dev_dbg(&isci_host->pdev->dev, 833 "%s: %p: TMF_LU_RESET passed\n", 834 __func__, isci_device); 835 else 836 dev_dbg(&isci_host->pdev->dev, 837 "%s: %p: TMF_LU_RESET failed (%x)\n", 838 __func__, isci_device, ret); 839 840 return ret; 841 } 842 843 static int isci_task_send_lu_reset_sata(struct isci_host *ihost, 844 struct isci_remote_device *idev, u8 *lun) 845 { 846 int ret = TMF_RESP_FUNC_FAILED; 847 struct isci_tmf tmf; 848 849 /* Send the soft reset to the target */ 850 #define ISCI_SRST_TIMEOUT_MS 25000 /* 25 second timeout. */ 851 isci_task_build_tmf(&tmf, isci_tmf_sata_srst_high, NULL, NULL); 852 853 ret = isci_task_execute_tmf(ihost, idev, &tmf, ISCI_SRST_TIMEOUT_MS); 854 855 if (ret != TMF_RESP_FUNC_COMPLETE) { 856 dev_warn(&ihost->pdev->dev, 857 "%s: Assert SRST failed (%p) = %x", 858 __func__, idev, ret); 859 860 /* Return the failure so that the LUN reset is escalated 861 * to a target reset. 862 */ 863 } 864 return ret; 865 } 866 867 /** 868 * isci_task_lu_reset() - This function is one of the SAS Domain Template 869 * functions. This is one of the Task Management functoins called by libsas, 870 * to reset the given lun. Note the assumption that while this call is 871 * executing, no I/O will be sent by the host to the device. 872 * @lun: This parameter specifies the lun to be reset. 873 * 874 * status, zero indicates success. 875 */ 876 int isci_task_lu_reset(struct domain_device *domain_device, u8 *lun) 877 { 878 struct isci_host *isci_host = dev_to_ihost(domain_device); 879 struct isci_remote_device *isci_device; 880 unsigned long flags; 881 int ret; 882 883 spin_lock_irqsave(&isci_host->scic_lock, flags); 884 isci_device = isci_lookup_device(domain_device); 885 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 886 887 dev_dbg(&isci_host->pdev->dev, 888 "%s: domain_device=%p, isci_host=%p; isci_device=%p\n", 889 __func__, domain_device, isci_host, isci_device); 890 891 if (isci_device) 892 set_bit(IDEV_EH, &isci_device->flags); 893 894 /* If there is a device reset pending on any request in the 895 * device's list, fail this LUN reset request in order to 896 * escalate to the device reset. 897 */ 898 if (!isci_device || 899 isci_device_is_reset_pending(isci_host, isci_device)) { 900 dev_warn(&isci_host->pdev->dev, 901 "%s: No dev (%p), or " 902 "RESET PENDING: domain_device=%p\n", 903 __func__, isci_device, domain_device); 904 ret = TMF_RESP_FUNC_FAILED; 905 goto out; 906 } 907 908 /* Send the task management part of the reset. */ 909 if (sas_protocol_ata(domain_device->tproto)) { 910 ret = isci_task_send_lu_reset_sata(isci_host, isci_device, lun); 911 } else 912 ret = isci_task_send_lu_reset_sas(isci_host, isci_device, lun); 913 914 /* If the LUN reset worked, all the I/O can now be terminated. */ 915 if (ret == TMF_RESP_FUNC_COMPLETE) 916 /* Terminate all I/O now. */ 917 isci_terminate_pending_requests(isci_host, 918 isci_device); 919 920 out: 921 isci_put_device(isci_device); 922 return ret; 923 } 924 925 926 /* int (*lldd_clear_nexus_port)(struct asd_sas_port *); */ 927 int isci_task_clear_nexus_port(struct asd_sas_port *port) 928 { 929 return TMF_RESP_FUNC_FAILED; 930 } 931 932 933 934 int isci_task_clear_nexus_ha(struct sas_ha_struct *ha) 935 { 936 return TMF_RESP_FUNC_FAILED; 937 } 938 939 /* Task Management Functions. Must be called from process context. */ 940 941 /** 942 * isci_abort_task_process_cb() - This is a helper function for the abort task 943 * TMF command. It manages the request state with respect to the successful 944 * transmission / completion of the abort task request. 945 * @cb_state: This parameter specifies when this function was called - after 946 * the TMF request has been started and after it has timed-out. 947 * @tmf: This parameter specifies the TMF in progress. 948 * 949 * 950 */ 951 static void isci_abort_task_process_cb( 952 enum isci_tmf_cb_state cb_state, 953 struct isci_tmf *tmf, 954 void *cb_data) 955 { 956 struct isci_request *old_request; 957 958 old_request = (struct isci_request *)cb_data; 959 960 dev_dbg(&old_request->isci_host->pdev->dev, 961 "%s: tmf=%p, old_request=%p\n", 962 __func__, tmf, old_request); 963 964 switch (cb_state) { 965 966 case isci_tmf_started: 967 /* The TMF has been started. Nothing to do here, since the 968 * request state was already set to "aborted" by the abort 969 * task function. 970 */ 971 if ((old_request->status != aborted) 972 && (old_request->status != completed)) 973 dev_err(&old_request->isci_host->pdev->dev, 974 "%s: Bad request status (%d): tmf=%p, old_request=%p\n", 975 __func__, old_request->status, tmf, old_request); 976 break; 977 978 case isci_tmf_timed_out: 979 980 /* Set the task's state to "aborting", since the abort task 981 * function thread set it to "aborted" (above) in anticipation 982 * of the task management request working correctly. Since the 983 * timeout has now fired, the TMF request failed. We set the 984 * state such that the request completion will indicate the 985 * device is no longer present. 986 */ 987 isci_request_change_state(old_request, aborting); 988 break; 989 990 default: 991 dev_err(&old_request->isci_host->pdev->dev, 992 "%s: Bad cb_state (%d): tmf=%p, old_request=%p\n", 993 __func__, cb_state, tmf, old_request); 994 break; 995 } 996 } 997 998 /** 999 * isci_task_abort_task() - This function is one of the SAS Domain Template 1000 * functions. This function is called by libsas to abort a specified task. 1001 * @task: This parameter specifies the SAS task to abort. 1002 * 1003 * status, zero indicates success. 1004 */ 1005 int isci_task_abort_task(struct sas_task *task) 1006 { 1007 struct isci_host *isci_host = dev_to_ihost(task->dev); 1008 DECLARE_COMPLETION_ONSTACK(aborted_io_completion); 1009 struct isci_request *old_request = NULL; 1010 enum isci_request_status old_state; 1011 struct isci_remote_device *isci_device = NULL; 1012 struct isci_tmf tmf; 1013 int ret = TMF_RESP_FUNC_FAILED; 1014 unsigned long flags; 1015 bool any_dev_reset = false; 1016 1017 /* Get the isci_request reference from the task. Note that 1018 * this check does not depend on the pending request list 1019 * in the device, because tasks driving resets may land here 1020 * after completion in the core. 1021 */ 1022 spin_lock_irqsave(&isci_host->scic_lock, flags); 1023 spin_lock(&task->task_state_lock); 1024 1025 old_request = task->lldd_task; 1026 1027 /* If task is already done, the request isn't valid */ 1028 if (!(task->task_state_flags & SAS_TASK_STATE_DONE) && 1029 (task->task_state_flags & SAS_TASK_AT_INITIATOR) && 1030 old_request) 1031 isci_device = isci_lookup_device(task->dev); 1032 1033 spin_unlock(&task->task_state_lock); 1034 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1035 1036 dev_dbg(&isci_host->pdev->dev, 1037 "%s: task = %p\n", __func__, task); 1038 1039 if (!isci_device || !old_request) 1040 goto out; 1041 1042 set_bit(IDEV_EH, &isci_device->flags); 1043 1044 /* This version of the driver will fail abort requests for 1045 * SATA/STP. Failing the abort request this way will cause the 1046 * SCSI error handler thread to escalate to LUN reset 1047 */ 1048 if (sas_protocol_ata(task->task_proto)) { 1049 dev_warn(&isci_host->pdev->dev, 1050 " task %p is for a STP/SATA device;" 1051 " returning TMF_RESP_FUNC_FAILED\n" 1052 " to cause a LUN reset...\n", task); 1053 goto out; 1054 } 1055 1056 dev_dbg(&isci_host->pdev->dev, 1057 "%s: old_request == %p\n", __func__, old_request); 1058 1059 any_dev_reset = isci_device_is_reset_pending(isci_host,isci_device); 1060 1061 spin_lock_irqsave(&task->task_state_lock, flags); 1062 1063 any_dev_reset = any_dev_reset || (task->task_state_flags & SAS_TASK_NEED_DEV_RESET); 1064 1065 /* If the extraction of the request reference from the task 1066 * failed, then the request has been completed (or if there is a 1067 * pending reset then this abort request function must be failed 1068 * in order to escalate to the target reset). 1069 */ 1070 if ((old_request == NULL) || any_dev_reset) { 1071 1072 /* If the device reset task flag is set, fail the task 1073 * management request. Otherwise, the original request 1074 * has completed. 1075 */ 1076 if (any_dev_reset) { 1077 1078 /* Turn off the task's DONE to make sure this 1079 * task is escalated to a target reset. 1080 */ 1081 task->task_state_flags &= ~SAS_TASK_STATE_DONE; 1082 1083 /* Make the reset happen as soon as possible. */ 1084 task->task_state_flags |= SAS_TASK_NEED_DEV_RESET; 1085 1086 spin_unlock_irqrestore(&task->task_state_lock, flags); 1087 1088 /* Fail the task management request in order to 1089 * escalate to the target reset. 1090 */ 1091 ret = TMF_RESP_FUNC_FAILED; 1092 1093 dev_dbg(&isci_host->pdev->dev, 1094 "%s: Failing task abort in order to " 1095 "escalate to target reset because\n" 1096 "SAS_TASK_NEED_DEV_RESET is set for " 1097 "task %p on dev %p\n", 1098 __func__, task, isci_device); 1099 1100 1101 } else { 1102 /* The request has already completed and there 1103 * is nothing to do here other than to set the task 1104 * done bit, and indicate that the task abort function 1105 * was sucessful. 1106 */ 1107 isci_set_task_doneflags(task); 1108 1109 spin_unlock_irqrestore(&task->task_state_lock, flags); 1110 1111 ret = TMF_RESP_FUNC_COMPLETE; 1112 1113 dev_dbg(&isci_host->pdev->dev, 1114 "%s: abort task not needed for %p\n", 1115 __func__, task); 1116 } 1117 goto out; 1118 } 1119 else 1120 spin_unlock_irqrestore(&task->task_state_lock, flags); 1121 1122 spin_lock_irqsave(&isci_host->scic_lock, flags); 1123 1124 /* Check the request status and change to "aborted" if currently 1125 * "starting"; if true then set the I/O kernel completion 1126 * struct that will be triggered when the request completes. 1127 */ 1128 old_state = isci_task_validate_request_to_abort( 1129 old_request, isci_host, isci_device, 1130 &aborted_io_completion); 1131 if ((old_state != started) && 1132 (old_state != completed) && 1133 (old_state != aborting)) { 1134 1135 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1136 1137 /* The request was already being handled by someone else (because 1138 * they got to set the state away from started). 1139 */ 1140 dev_dbg(&isci_host->pdev->dev, 1141 "%s: device = %p; old_request %p already being aborted\n", 1142 __func__, 1143 isci_device, old_request); 1144 ret = TMF_RESP_FUNC_COMPLETE; 1145 goto out; 1146 } 1147 if (task->task_proto == SAS_PROTOCOL_SMP || 1148 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) { 1149 1150 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1151 1152 dev_dbg(&isci_host->pdev->dev, 1153 "%s: SMP request (%d)" 1154 " or complete_in_target (%d), thus no TMF\n", 1155 __func__, (task->task_proto == SAS_PROTOCOL_SMP), 1156 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)); 1157 1158 /* Set the state on the task. */ 1159 isci_task_all_done(task); 1160 1161 ret = TMF_RESP_FUNC_COMPLETE; 1162 1163 /* Stopping and SMP devices are not sent a TMF, and are not 1164 * reset, but the outstanding I/O request is terminated below. 1165 */ 1166 } else { 1167 /* Fill in the tmf stucture */ 1168 isci_task_build_abort_task_tmf(&tmf, isci_tmf_ssp_task_abort, 1169 isci_abort_task_process_cb, 1170 old_request); 1171 1172 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1173 1174 #define ISCI_ABORT_TASK_TIMEOUT_MS 500 /* half second timeout. */ 1175 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, 1176 ISCI_ABORT_TASK_TIMEOUT_MS); 1177 1178 if (ret != TMF_RESP_FUNC_COMPLETE) 1179 dev_err(&isci_host->pdev->dev, 1180 "%s: isci_task_send_tmf failed\n", 1181 __func__); 1182 } 1183 if (ret == TMF_RESP_FUNC_COMPLETE) { 1184 set_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags); 1185 1186 /* Clean up the request on our side, and wait for the aborted 1187 * I/O to complete. 1188 */ 1189 isci_terminate_request_core(isci_host, isci_device, old_request); 1190 } 1191 1192 /* Make sure we do not leave a reference to aborted_io_completion */ 1193 old_request->io_request_completion = NULL; 1194 out: 1195 isci_put_device(isci_device); 1196 return ret; 1197 } 1198 1199 /** 1200 * isci_task_abort_task_set() - This function is one of the SAS Domain Template 1201 * functions. This is one of the Task Management functoins called by libsas, 1202 * to abort all task for the given lun. 1203 * @d_device: This parameter specifies the domain device associated with this 1204 * request. 1205 * @lun: This parameter specifies the lun associated with this request. 1206 * 1207 * status, zero indicates success. 1208 */ 1209 int isci_task_abort_task_set( 1210 struct domain_device *d_device, 1211 u8 *lun) 1212 { 1213 return TMF_RESP_FUNC_FAILED; 1214 } 1215 1216 1217 /** 1218 * isci_task_clear_aca() - This function is one of the SAS Domain Template 1219 * functions. This is one of the Task Management functoins called by libsas. 1220 * @d_device: This parameter specifies the domain device associated with this 1221 * request. 1222 * @lun: This parameter specifies the lun associated with this request. 1223 * 1224 * status, zero indicates success. 1225 */ 1226 int isci_task_clear_aca( 1227 struct domain_device *d_device, 1228 u8 *lun) 1229 { 1230 return TMF_RESP_FUNC_FAILED; 1231 } 1232 1233 1234 1235 /** 1236 * isci_task_clear_task_set() - This function is one of the SAS Domain Template 1237 * functions. This is one of the Task Management functoins called by libsas. 1238 * @d_device: This parameter specifies the domain device associated with this 1239 * request. 1240 * @lun: This parameter specifies the lun associated with this request. 1241 * 1242 * status, zero indicates success. 1243 */ 1244 int isci_task_clear_task_set( 1245 struct domain_device *d_device, 1246 u8 *lun) 1247 { 1248 return TMF_RESP_FUNC_FAILED; 1249 } 1250 1251 1252 /** 1253 * isci_task_query_task() - This function is implemented to cause libsas to 1254 * correctly escalate the failed abort to a LUN or target reset (this is 1255 * because sas_scsi_find_task libsas function does not correctly interpret 1256 * all return codes from the abort task call). When TMF_RESP_FUNC_SUCC is 1257 * returned, libsas turns this into a LUN reset; when FUNC_FAILED is 1258 * returned, libsas will turn this into a target reset 1259 * @task: This parameter specifies the sas task being queried. 1260 * @lun: This parameter specifies the lun associated with this request. 1261 * 1262 * status, zero indicates success. 1263 */ 1264 int isci_task_query_task( 1265 struct sas_task *task) 1266 { 1267 /* See if there is a pending device reset for this device. */ 1268 if (task->task_state_flags & SAS_TASK_NEED_DEV_RESET) 1269 return TMF_RESP_FUNC_FAILED; 1270 else 1271 return TMF_RESP_FUNC_SUCC; 1272 } 1273 1274 /* 1275 * isci_task_request_complete() - This function is called by the sci core when 1276 * an task request completes. 1277 * @ihost: This parameter specifies the ISCI host object 1278 * @ireq: This parameter is the completed isci_request object. 1279 * @completion_status: This parameter specifies the completion status from the 1280 * sci core. 1281 * 1282 * none. 1283 */ 1284 void 1285 isci_task_request_complete(struct isci_host *ihost, 1286 struct isci_request *ireq, 1287 enum sci_task_status completion_status) 1288 { 1289 struct isci_tmf *tmf = isci_request_access_tmf(ireq); 1290 struct completion *tmf_complete; 1291 1292 dev_dbg(&ihost->pdev->dev, 1293 "%s: request = %p, status=%d\n", 1294 __func__, ireq, completion_status); 1295 1296 isci_request_change_state(ireq, completed); 1297 1298 tmf->status = completion_status; 1299 set_bit(IREQ_COMPLETE_IN_TARGET, &ireq->flags); 1300 1301 if (tmf->proto == SAS_PROTOCOL_SSP) { 1302 memcpy(&tmf->resp.resp_iu, 1303 &ireq->ssp.rsp, 1304 SSP_RESP_IU_MAX_SIZE); 1305 } else if (tmf->proto == SAS_PROTOCOL_SATA) { 1306 memcpy(&tmf->resp.d2h_fis, 1307 &ireq->stp.rsp, 1308 sizeof(struct dev_to_host_fis)); 1309 } 1310 1311 /* PRINT_TMF( ((struct isci_tmf *)request->task)); */ 1312 tmf_complete = tmf->complete; 1313 1314 sci_controller_complete_io(ihost, ireq->target_device, ireq); 1315 /* set the 'terminated' flag handle to make sure it cannot be terminated 1316 * or completed again. 1317 */ 1318 set_bit(IREQ_TERMINATED, &ireq->flags); 1319 1320 isci_request_change_state(ireq, unallocated); 1321 list_del_init(&ireq->dev_node); 1322 1323 /* The task management part completes last. */ 1324 complete(tmf_complete); 1325 } 1326 1327 static void isci_smp_task_timedout(unsigned long _task) 1328 { 1329 struct sas_task *task = (void *) _task; 1330 unsigned long flags; 1331 1332 spin_lock_irqsave(&task->task_state_lock, flags); 1333 if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) 1334 task->task_state_flags |= SAS_TASK_STATE_ABORTED; 1335 spin_unlock_irqrestore(&task->task_state_lock, flags); 1336 1337 complete(&task->completion); 1338 } 1339 1340 static void isci_smp_task_done(struct sas_task *task) 1341 { 1342 if (!del_timer(&task->timer)) 1343 return; 1344 complete(&task->completion); 1345 } 1346 1347 static struct sas_task *isci_alloc_task(void) 1348 { 1349 struct sas_task *task = kzalloc(sizeof(*task), GFP_KERNEL); 1350 1351 if (task) { 1352 INIT_LIST_HEAD(&task->list); 1353 spin_lock_init(&task->task_state_lock); 1354 task->task_state_flags = SAS_TASK_STATE_PENDING; 1355 init_timer(&task->timer); 1356 init_completion(&task->completion); 1357 } 1358 1359 return task; 1360 } 1361 1362 static void isci_free_task(struct isci_host *ihost, struct sas_task *task) 1363 { 1364 if (task) { 1365 BUG_ON(!list_empty(&task->list)); 1366 kfree(task); 1367 } 1368 } 1369 1370 static int isci_smp_execute_task(struct isci_host *ihost, 1371 struct domain_device *dev, void *req, 1372 int req_size, void *resp, int resp_size) 1373 { 1374 int res, retry; 1375 struct sas_task *task = NULL; 1376 1377 for (retry = 0; retry < 3; retry++) { 1378 task = isci_alloc_task(); 1379 if (!task) 1380 return -ENOMEM; 1381 1382 task->dev = dev; 1383 task->task_proto = dev->tproto; 1384 sg_init_one(&task->smp_task.smp_req, req, req_size); 1385 sg_init_one(&task->smp_task.smp_resp, resp, resp_size); 1386 1387 task->task_done = isci_smp_task_done; 1388 1389 task->timer.data = (unsigned long) task; 1390 task->timer.function = isci_smp_task_timedout; 1391 task->timer.expires = jiffies + 10*HZ; 1392 add_timer(&task->timer); 1393 1394 res = isci_task_execute_task(task, 1, GFP_KERNEL); 1395 1396 if (res) { 1397 del_timer(&task->timer); 1398 dev_err(&ihost->pdev->dev, 1399 "%s: executing SMP task failed:%d\n", 1400 __func__, res); 1401 goto ex_err; 1402 } 1403 1404 wait_for_completion(&task->completion); 1405 res = -ECOMM; 1406 if ((task->task_state_flags & SAS_TASK_STATE_ABORTED)) { 1407 dev_err(&ihost->pdev->dev, 1408 "%s: smp task timed out or aborted\n", 1409 __func__); 1410 isci_task_abort_task(task); 1411 if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) { 1412 dev_err(&ihost->pdev->dev, 1413 "%s: SMP task aborted and not done\n", 1414 __func__); 1415 goto ex_err; 1416 } 1417 } 1418 if (task->task_status.resp == SAS_TASK_COMPLETE && 1419 task->task_status.stat == SAM_STAT_GOOD) { 1420 res = 0; 1421 break; 1422 } 1423 if (task->task_status.resp == SAS_TASK_COMPLETE && 1424 task->task_status.stat == SAS_DATA_UNDERRUN) { 1425 /* no error, but return the number of bytes of 1426 * underrun */ 1427 res = task->task_status.residual; 1428 break; 1429 } 1430 if (task->task_status.resp == SAS_TASK_COMPLETE && 1431 task->task_status.stat == SAS_DATA_OVERRUN) { 1432 res = -EMSGSIZE; 1433 break; 1434 } else { 1435 dev_err(&ihost->pdev->dev, 1436 "%s: task to dev %016llx response: 0x%x " 1437 "status 0x%x\n", __func__, 1438 SAS_ADDR(dev->sas_addr), 1439 task->task_status.resp, 1440 task->task_status.stat); 1441 isci_free_task(ihost, task); 1442 task = NULL; 1443 } 1444 } 1445 ex_err: 1446 BUG_ON(retry == 3 && task != NULL); 1447 isci_free_task(ihost, task); 1448 return res; 1449 } 1450 1451 #define DISCOVER_REQ_SIZE 16 1452 #define DISCOVER_RESP_SIZE 56 1453 1454 int isci_smp_get_phy_attached_dev_type(struct isci_host *ihost, 1455 struct domain_device *dev, 1456 int phy_id, int *adt) 1457 { 1458 struct smp_resp *disc_resp; 1459 u8 *disc_req; 1460 int res; 1461 1462 disc_resp = kzalloc(DISCOVER_RESP_SIZE, GFP_KERNEL); 1463 if (!disc_resp) 1464 return -ENOMEM; 1465 1466 disc_req = kzalloc(DISCOVER_REQ_SIZE, GFP_KERNEL); 1467 if (disc_req) { 1468 disc_req[0] = SMP_REQUEST; 1469 disc_req[1] = SMP_DISCOVER; 1470 disc_req[9] = phy_id; 1471 } else { 1472 kfree(disc_resp); 1473 return -ENOMEM; 1474 } 1475 res = isci_smp_execute_task(ihost, dev, disc_req, DISCOVER_REQ_SIZE, 1476 disc_resp, DISCOVER_RESP_SIZE); 1477 if (!res) { 1478 if (disc_resp->result != SMP_RESP_FUNC_ACC) 1479 res = disc_resp->result; 1480 else 1481 *adt = disc_resp->disc.attached_dev_type; 1482 } 1483 kfree(disc_req); 1484 kfree(disc_resp); 1485 1486 return res; 1487 } 1488 1489 static void isci_wait_for_smp_phy_reset(struct isci_remote_device *idev, int phy_num) 1490 { 1491 struct domain_device *dev = idev->domain_dev; 1492 struct isci_port *iport = idev->isci_port; 1493 struct isci_host *ihost = iport->isci_host; 1494 int res, iteration = 0, attached_device_type; 1495 #define STP_WAIT_MSECS 25000 1496 unsigned long tmo = msecs_to_jiffies(STP_WAIT_MSECS); 1497 unsigned long deadline = jiffies + tmo; 1498 enum { 1499 SMP_PHYWAIT_PHYDOWN, 1500 SMP_PHYWAIT_PHYUP, 1501 SMP_PHYWAIT_DONE 1502 } phy_state = SMP_PHYWAIT_PHYDOWN; 1503 1504 /* While there is time, wait for the phy to go away and come back */ 1505 while (time_is_after_jiffies(deadline) && phy_state != SMP_PHYWAIT_DONE) { 1506 int event = atomic_read(&iport->event); 1507 1508 ++iteration; 1509 1510 tmo = wait_event_timeout(ihost->eventq, 1511 event != atomic_read(&iport->event) || 1512 !test_bit(IPORT_BCN_BLOCKED, &iport->flags), 1513 tmo); 1514 /* link down, stop polling */ 1515 if (!test_bit(IPORT_BCN_BLOCKED, &iport->flags)) 1516 break; 1517 1518 dev_dbg(&ihost->pdev->dev, 1519 "%s: iport %p, iteration %d," 1520 " phase %d: time_remaining %lu, bcns = %d\n", 1521 __func__, iport, iteration, phy_state, 1522 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags)); 1523 1524 res = isci_smp_get_phy_attached_dev_type(ihost, dev, phy_num, 1525 &attached_device_type); 1526 tmo = deadline - jiffies; 1527 1528 if (res) { 1529 dev_warn(&ihost->pdev->dev, 1530 "%s: iteration %d, phase %d:" 1531 " SMP error=%d, time_remaining=%lu\n", 1532 __func__, iteration, phy_state, res, tmo); 1533 break; 1534 } 1535 dev_dbg(&ihost->pdev->dev, 1536 "%s: iport %p, iteration %d," 1537 " phase %d: time_remaining %lu, bcns = %d, " 1538 "attdevtype = %x\n", 1539 __func__, iport, iteration, phy_state, 1540 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags), 1541 attached_device_type); 1542 1543 switch (phy_state) { 1544 case SMP_PHYWAIT_PHYDOWN: 1545 /* Has the device gone away? */ 1546 if (!attached_device_type) 1547 phy_state = SMP_PHYWAIT_PHYUP; 1548 1549 break; 1550 1551 case SMP_PHYWAIT_PHYUP: 1552 /* Has the device come back? */ 1553 if (attached_device_type) 1554 phy_state = SMP_PHYWAIT_DONE; 1555 break; 1556 1557 case SMP_PHYWAIT_DONE: 1558 break; 1559 } 1560 1561 } 1562 dev_dbg(&ihost->pdev->dev, "%s: done\n", __func__); 1563 } 1564 1565 static int isci_reset_device(struct isci_host *ihost, 1566 struct isci_remote_device *idev, int hard_reset) 1567 { 1568 struct sas_phy *phy = sas_find_local_phy(idev->domain_dev); 1569 struct isci_port *iport = idev->isci_port; 1570 enum sci_status status; 1571 unsigned long flags; 1572 int rc; 1573 1574 dev_dbg(&ihost->pdev->dev, "%s: idev %p\n", __func__, idev); 1575 1576 spin_lock_irqsave(&ihost->scic_lock, flags); 1577 status = sci_remote_device_reset(idev); 1578 if (status != SCI_SUCCESS) { 1579 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1580 1581 dev_warn(&ihost->pdev->dev, 1582 "%s: sci_remote_device_reset(%p) returned %d!\n", 1583 __func__, idev, status); 1584 1585 return TMF_RESP_FUNC_FAILED; 1586 } 1587 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1588 1589 /* Make sure all pending requests are able to be fully terminated. */ 1590 isci_device_clear_reset_pending(ihost, idev); 1591 1592 /* If this is a device on an expander, disable BCN processing. */ 1593 if (!scsi_is_sas_phy_local(phy)) 1594 set_bit(IPORT_BCN_BLOCKED, &iport->flags); 1595 1596 rc = sas_phy_reset(phy, hard_reset); 1597 1598 /* Terminate in-progress I/O now. */ 1599 isci_remote_device_nuke_requests(ihost, idev); 1600 1601 /* Since all pending TCs have been cleaned, resume the RNC. */ 1602 spin_lock_irqsave(&ihost->scic_lock, flags); 1603 status = sci_remote_device_reset_complete(idev); 1604 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1605 1606 /* If this is a device on an expander, bring the phy back up. */ 1607 if (!scsi_is_sas_phy_local(phy)) { 1608 /* A phy reset will cause the device to go away then reappear. 1609 * Since libsas will take action on incoming BCNs (eg. remove 1610 * a device going through an SMP phy-control driven reset), 1611 * we need to wait until the phy comes back up before letting 1612 * discovery proceed in libsas. 1613 */ 1614 isci_wait_for_smp_phy_reset(idev, phy->number); 1615 1616 spin_lock_irqsave(&ihost->scic_lock, flags); 1617 isci_port_bcn_enable(ihost, idev->isci_port); 1618 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1619 } 1620 1621 if (status != SCI_SUCCESS) { 1622 dev_warn(&ihost->pdev->dev, 1623 "%s: sci_remote_device_reset_complete(%p) " 1624 "returned %d!\n", __func__, idev, status); 1625 } 1626 1627 dev_dbg(&ihost->pdev->dev, "%s: idev %p complete.\n", __func__, idev); 1628 1629 return rc; 1630 } 1631 1632 int isci_task_I_T_nexus_reset(struct domain_device *dev) 1633 { 1634 struct isci_host *ihost = dev_to_ihost(dev); 1635 struct isci_remote_device *idev; 1636 int ret, hard_reset = 1; 1637 unsigned long flags; 1638 1639 spin_lock_irqsave(&ihost->scic_lock, flags); 1640 idev = isci_lookup_device(dev); 1641 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1642 1643 if (!idev || !test_bit(IDEV_EH, &idev->flags)) { 1644 ret = TMF_RESP_FUNC_COMPLETE; 1645 goto out; 1646 } 1647 1648 if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP)) 1649 hard_reset = 0; 1650 1651 ret = isci_reset_device(ihost, idev, hard_reset); 1652 out: 1653 isci_put_device(idev); 1654 return ret; 1655 } 1656 1657 int isci_bus_reset_handler(struct scsi_cmnd *cmd) 1658 { 1659 struct domain_device *dev = sdev_to_domain_dev(cmd->device); 1660 struct isci_host *ihost = dev_to_ihost(dev); 1661 struct isci_remote_device *idev; 1662 int ret, hard_reset = 1; 1663 unsigned long flags; 1664 1665 if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP)) 1666 hard_reset = 0; 1667 1668 spin_lock_irqsave(&ihost->scic_lock, flags); 1669 idev = isci_lookup_device(dev); 1670 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1671 1672 if (!idev) { 1673 ret = TMF_RESP_FUNC_COMPLETE; 1674 goto out; 1675 } 1676 1677 ret = isci_reset_device(ihost, idev, hard_reset); 1678 out: 1679 isci_put_device(idev); 1680 return ret; 1681 } 1682