1 /******************************************************************* 2 * This file is part of the Emulex Linux Device Driver for * 3 * Fibre Channel Host Bus Adapters. * 4 * Copyright (C) 2009-2010 Emulex. All rights reserved. * 5 * EMULEX and SLI are trademarks of Emulex. * 6 * www.emulex.com * 7 * * 8 * This program is free software; you can redistribute it and/or * 9 * modify it under the terms of version 2 of the GNU General * 10 * Public License as published by the Free Software Foundation. * 11 * This program is distributed in the hope that it will be useful. * 12 * ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND * 13 * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, * 14 * FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE * 15 * DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD * 16 * TO BE LEGALLY INVALID. See the GNU General Public License for * 17 * more details, a copy of which can be found in the file COPYING * 18 * included with this package. * 19 *******************************************************************/ 20 21 #include <linux/interrupt.h> 22 #include <linux/mempool.h> 23 #include <linux/pci.h> 24 #include <linux/slab.h> 25 #include <linux/delay.h> 26 27 #include <scsi/scsi.h> 28 #include <scsi/scsi_host.h> 29 #include <scsi/scsi_transport_fc.h> 30 #include <scsi/scsi_bsg_fc.h> 31 #include <scsi/fc/fc_fs.h> 32 33 #include "lpfc_hw4.h" 34 #include "lpfc_hw.h" 35 #include "lpfc_sli.h" 36 #include "lpfc_sli4.h" 37 #include "lpfc_nl.h" 38 #include "lpfc_bsg.h" 39 #include "lpfc_disc.h" 40 #include "lpfc_scsi.h" 41 #include "lpfc.h" 42 #include "lpfc_logmsg.h" 43 #include "lpfc_crtn.h" 44 #include "lpfc_vport.h" 45 #include "lpfc_version.h" 46 47 struct lpfc_bsg_event { 48 struct list_head node; 49 struct kref kref; 50 wait_queue_head_t wq; 51 52 /* Event type and waiter identifiers */ 53 uint32_t type_mask; 54 uint32_t req_id; 55 uint32_t reg_id; 56 57 /* next two flags are here for the auto-delete logic */ 58 unsigned long wait_time_stamp; 59 int waiting; 60 61 /* seen and not seen events */ 62 struct list_head events_to_get; 63 struct list_head events_to_see; 64 65 /* job waiting for this event to finish */ 66 struct fc_bsg_job *set_job; 67 }; 68 69 struct lpfc_bsg_iocb { 70 struct lpfc_iocbq *cmdiocbq; 71 struct lpfc_iocbq *rspiocbq; 72 struct lpfc_dmabuf *bmp; 73 struct lpfc_nodelist *ndlp; 74 75 /* job waiting for this iocb to finish */ 76 struct fc_bsg_job *set_job; 77 }; 78 79 struct lpfc_bsg_mbox { 80 LPFC_MBOXQ_t *pmboxq; 81 MAILBOX_t *mb; 82 struct lpfc_dmabuf *rxbmp; /* for BIU diags */ 83 struct lpfc_dmabufext *dmp; /* for BIU diags */ 84 uint8_t *ext; /* extended mailbox data */ 85 uint32_t mbOffset; /* from app */ 86 uint32_t inExtWLen; /* from app */ 87 uint32_t outExtWLen; /* from app */ 88 89 /* job waiting for this mbox command to finish */ 90 struct fc_bsg_job *set_job; 91 }; 92 93 #define MENLO_DID 0x0000FC0E 94 95 struct lpfc_bsg_menlo { 96 struct lpfc_iocbq *cmdiocbq; 97 struct lpfc_iocbq *rspiocbq; 98 struct lpfc_dmabuf *bmp; 99 100 /* job waiting for this iocb to finish */ 101 struct fc_bsg_job *set_job; 102 }; 103 104 #define TYPE_EVT 1 105 #define TYPE_IOCB 2 106 #define TYPE_MBOX 3 107 #define TYPE_MENLO 4 108 struct bsg_job_data { 109 uint32_t type; 110 union { 111 struct lpfc_bsg_event *evt; 112 struct lpfc_bsg_iocb iocb; 113 struct lpfc_bsg_mbox mbox; 114 struct lpfc_bsg_menlo menlo; 115 } context_un; 116 }; 117 118 struct event_data { 119 struct list_head node; 120 uint32_t type; 121 uint32_t immed_dat; 122 void *data; 123 uint32_t len; 124 }; 125 126 #define BUF_SZ_4K 4096 127 #define SLI_CT_ELX_LOOPBACK 0x10 128 129 enum ELX_LOOPBACK_CMD { 130 ELX_LOOPBACK_XRI_SETUP, 131 ELX_LOOPBACK_DATA, 132 }; 133 134 #define ELX_LOOPBACK_HEADER_SZ \ 135 (size_t)(&((struct lpfc_sli_ct_request *)NULL)->un) 136 137 struct lpfc_dmabufext { 138 struct lpfc_dmabuf dma; 139 uint32_t size; 140 uint32_t flag; 141 }; 142 143 /** 144 * lpfc_bsg_send_mgmt_cmd_cmp - lpfc_bsg_send_mgmt_cmd's completion handler 145 * @phba: Pointer to HBA context object. 146 * @cmdiocbq: Pointer to command iocb. 147 * @rspiocbq: Pointer to response iocb. 148 * 149 * This function is the completion handler for iocbs issued using 150 * lpfc_bsg_send_mgmt_cmd function. This function is called by the 151 * ring event handler function without any lock held. This function 152 * can be called from both worker thread context and interrupt 153 * context. This function also can be called from another thread which 154 * cleans up the SLI layer objects. 155 * This function copies the contents of the response iocb to the 156 * response iocb memory object provided by the caller of 157 * lpfc_sli_issue_iocb_wait and then wakes up the thread which 158 * sleeps for the iocb completion. 159 **/ 160 static void 161 lpfc_bsg_send_mgmt_cmd_cmp(struct lpfc_hba *phba, 162 struct lpfc_iocbq *cmdiocbq, 163 struct lpfc_iocbq *rspiocbq) 164 { 165 unsigned long iflags; 166 struct bsg_job_data *dd_data; 167 struct fc_bsg_job *job; 168 IOCB_t *rsp; 169 struct lpfc_dmabuf *bmp; 170 struct lpfc_nodelist *ndlp; 171 struct lpfc_bsg_iocb *iocb; 172 unsigned long flags; 173 int rc = 0; 174 175 spin_lock_irqsave(&phba->ct_ev_lock, flags); 176 dd_data = cmdiocbq->context1; 177 if (!dd_data) { 178 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 179 return; 180 } 181 182 iocb = &dd_data->context_un.iocb; 183 job = iocb->set_job; 184 job->dd_data = NULL; /* so timeout handler does not reply */ 185 186 spin_lock_irqsave(&phba->hbalock, iflags); 187 cmdiocbq->iocb_flag |= LPFC_IO_WAKE; 188 if (cmdiocbq->context2 && rspiocbq) 189 memcpy(&((struct lpfc_iocbq *)cmdiocbq->context2)->iocb, 190 &rspiocbq->iocb, sizeof(IOCB_t)); 191 spin_unlock_irqrestore(&phba->hbalock, iflags); 192 193 bmp = iocb->bmp; 194 rspiocbq = iocb->rspiocbq; 195 rsp = &rspiocbq->iocb; 196 ndlp = iocb->ndlp; 197 198 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 199 job->request_payload.sg_cnt, DMA_TO_DEVICE); 200 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 201 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 202 203 if (rsp->ulpStatus) { 204 if (rsp->ulpStatus == IOSTAT_LOCAL_REJECT) { 205 switch (rsp->un.ulpWord[4] & 0xff) { 206 case IOERR_SEQUENCE_TIMEOUT: 207 rc = -ETIMEDOUT; 208 break; 209 case IOERR_INVALID_RPI: 210 rc = -EFAULT; 211 break; 212 default: 213 rc = -EACCES; 214 break; 215 } 216 } else 217 rc = -EACCES; 218 } else 219 job->reply->reply_payload_rcv_len = 220 rsp->un.genreq64.bdl.bdeSize; 221 222 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 223 lpfc_sli_release_iocbq(phba, rspiocbq); 224 lpfc_sli_release_iocbq(phba, cmdiocbq); 225 lpfc_nlp_put(ndlp); 226 kfree(bmp); 227 kfree(dd_data); 228 /* make error code available to userspace */ 229 job->reply->result = rc; 230 /* complete the job back to userspace */ 231 job->job_done(job); 232 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 233 return; 234 } 235 236 /** 237 * lpfc_bsg_send_mgmt_cmd - send a CT command from a bsg request 238 * @job: fc_bsg_job to handle 239 **/ 240 static int 241 lpfc_bsg_send_mgmt_cmd(struct fc_bsg_job *job) 242 { 243 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 244 struct lpfc_hba *phba = vport->phba; 245 struct lpfc_rport_data *rdata = job->rport->dd_data; 246 struct lpfc_nodelist *ndlp = rdata->pnode; 247 struct ulp_bde64 *bpl = NULL; 248 uint32_t timeout; 249 struct lpfc_iocbq *cmdiocbq = NULL; 250 struct lpfc_iocbq *rspiocbq = NULL; 251 IOCB_t *cmd; 252 IOCB_t *rsp; 253 struct lpfc_dmabuf *bmp = NULL; 254 int request_nseg; 255 int reply_nseg; 256 struct scatterlist *sgel = NULL; 257 int numbde; 258 dma_addr_t busaddr; 259 struct bsg_job_data *dd_data; 260 uint32_t creg_val; 261 int rc = 0; 262 263 /* in case no data is transferred */ 264 job->reply->reply_payload_rcv_len = 0; 265 266 /* allocate our bsg tracking structure */ 267 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 268 if (!dd_data) { 269 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 270 "2733 Failed allocation of dd_data\n"); 271 rc = -ENOMEM; 272 goto no_dd_data; 273 } 274 275 if (!lpfc_nlp_get(ndlp)) { 276 rc = -ENODEV; 277 goto no_ndlp; 278 } 279 280 bmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 281 if (!bmp) { 282 rc = -ENOMEM; 283 goto free_ndlp; 284 } 285 286 if (ndlp->nlp_flag & NLP_ELS_SND_MASK) { 287 rc = -ENODEV; 288 goto free_bmp; 289 } 290 291 cmdiocbq = lpfc_sli_get_iocbq(phba); 292 if (!cmdiocbq) { 293 rc = -ENOMEM; 294 goto free_bmp; 295 } 296 297 cmd = &cmdiocbq->iocb; 298 rspiocbq = lpfc_sli_get_iocbq(phba); 299 if (!rspiocbq) { 300 rc = -ENOMEM; 301 goto free_cmdiocbq; 302 } 303 304 rsp = &rspiocbq->iocb; 305 bmp->virt = lpfc_mbuf_alloc(phba, 0, &bmp->phys); 306 if (!bmp->virt) { 307 rc = -ENOMEM; 308 goto free_rspiocbq; 309 } 310 311 INIT_LIST_HEAD(&bmp->list); 312 bpl = (struct ulp_bde64 *) bmp->virt; 313 request_nseg = pci_map_sg(phba->pcidev, job->request_payload.sg_list, 314 job->request_payload.sg_cnt, DMA_TO_DEVICE); 315 for_each_sg(job->request_payload.sg_list, sgel, request_nseg, numbde) { 316 busaddr = sg_dma_address(sgel); 317 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64; 318 bpl->tus.f.bdeSize = sg_dma_len(sgel); 319 bpl->tus.w = cpu_to_le32(bpl->tus.w); 320 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 321 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 322 bpl++; 323 } 324 325 reply_nseg = pci_map_sg(phba->pcidev, job->reply_payload.sg_list, 326 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 327 for_each_sg(job->reply_payload.sg_list, sgel, reply_nseg, numbde) { 328 busaddr = sg_dma_address(sgel); 329 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64I; 330 bpl->tus.f.bdeSize = sg_dma_len(sgel); 331 bpl->tus.w = cpu_to_le32(bpl->tus.w); 332 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 333 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 334 bpl++; 335 } 336 337 cmd->un.genreq64.bdl.ulpIoTag32 = 0; 338 cmd->un.genreq64.bdl.addrHigh = putPaddrHigh(bmp->phys); 339 cmd->un.genreq64.bdl.addrLow = putPaddrLow(bmp->phys); 340 cmd->un.genreq64.bdl.bdeFlags = BUFF_TYPE_BLP_64; 341 cmd->un.genreq64.bdl.bdeSize = 342 (request_nseg + reply_nseg) * sizeof(struct ulp_bde64); 343 cmd->ulpCommand = CMD_GEN_REQUEST64_CR; 344 cmd->un.genreq64.w5.hcsw.Fctl = (SI | LA); 345 cmd->un.genreq64.w5.hcsw.Dfctl = 0; 346 cmd->un.genreq64.w5.hcsw.Rctl = FC_RCTL_DD_UNSOL_CTL; 347 cmd->un.genreq64.w5.hcsw.Type = FC_TYPE_CT; 348 cmd->ulpBdeCount = 1; 349 cmd->ulpLe = 1; 350 cmd->ulpClass = CLASS3; 351 cmd->ulpContext = ndlp->nlp_rpi; 352 cmd->ulpOwner = OWN_CHIP; 353 cmdiocbq->vport = phba->pport; 354 cmdiocbq->context3 = bmp; 355 cmdiocbq->iocb_flag |= LPFC_IO_LIBDFC; 356 timeout = phba->fc_ratov * 2; 357 cmd->ulpTimeout = timeout; 358 359 cmdiocbq->iocb_cmpl = lpfc_bsg_send_mgmt_cmd_cmp; 360 cmdiocbq->context1 = dd_data; 361 cmdiocbq->context2 = rspiocbq; 362 dd_data->type = TYPE_IOCB; 363 dd_data->context_un.iocb.cmdiocbq = cmdiocbq; 364 dd_data->context_un.iocb.rspiocbq = rspiocbq; 365 dd_data->context_un.iocb.set_job = job; 366 dd_data->context_un.iocb.bmp = bmp; 367 dd_data->context_un.iocb.ndlp = ndlp; 368 369 if (phba->cfg_poll & DISABLE_FCP_RING_INT) { 370 creg_val = readl(phba->HCregaddr); 371 creg_val |= (HC_R0INT_ENA << LPFC_FCP_RING); 372 writel(creg_val, phba->HCregaddr); 373 readl(phba->HCregaddr); /* flush */ 374 } 375 376 rc = lpfc_sli_issue_iocb(phba, LPFC_ELS_RING, cmdiocbq, 0); 377 378 if (rc == IOCB_SUCCESS) 379 return 0; /* done for now */ 380 else if (rc == IOCB_BUSY) 381 rc = EAGAIN; 382 else 383 rc = EIO; 384 385 386 /* iocb failed so cleanup */ 387 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 388 job->request_payload.sg_cnt, DMA_TO_DEVICE); 389 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 390 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 391 392 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 393 394 free_rspiocbq: 395 lpfc_sli_release_iocbq(phba, rspiocbq); 396 free_cmdiocbq: 397 lpfc_sli_release_iocbq(phba, cmdiocbq); 398 free_bmp: 399 kfree(bmp); 400 free_ndlp: 401 lpfc_nlp_put(ndlp); 402 no_ndlp: 403 kfree(dd_data); 404 no_dd_data: 405 /* make error code available to userspace */ 406 job->reply->result = rc; 407 job->dd_data = NULL; 408 return rc; 409 } 410 411 /** 412 * lpfc_bsg_rport_els_cmp - lpfc_bsg_rport_els's completion handler 413 * @phba: Pointer to HBA context object. 414 * @cmdiocbq: Pointer to command iocb. 415 * @rspiocbq: Pointer to response iocb. 416 * 417 * This function is the completion handler for iocbs issued using 418 * lpfc_bsg_rport_els_cmp function. This function is called by the 419 * ring event handler function without any lock held. This function 420 * can be called from both worker thread context and interrupt 421 * context. This function also can be called from other thread which 422 * cleans up the SLI layer objects. 423 * This function copies the contents of the response iocb to the 424 * response iocb memory object provided by the caller of 425 * lpfc_sli_issue_iocb_wait and then wakes up the thread which 426 * sleeps for the iocb completion. 427 **/ 428 static void 429 lpfc_bsg_rport_els_cmp(struct lpfc_hba *phba, 430 struct lpfc_iocbq *cmdiocbq, 431 struct lpfc_iocbq *rspiocbq) 432 { 433 struct bsg_job_data *dd_data; 434 struct fc_bsg_job *job; 435 IOCB_t *rsp; 436 struct lpfc_nodelist *ndlp; 437 struct lpfc_dmabuf *pbuflist = NULL; 438 struct fc_bsg_ctels_reply *els_reply; 439 uint8_t *rjt_data; 440 unsigned long flags; 441 int rc = 0; 442 443 spin_lock_irqsave(&phba->ct_ev_lock, flags); 444 dd_data = cmdiocbq->context1; 445 /* normal completion and timeout crossed paths, already done */ 446 if (!dd_data) { 447 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 448 return; 449 } 450 451 cmdiocbq->iocb_flag |= LPFC_IO_WAKE; 452 if (cmdiocbq->context2 && rspiocbq) 453 memcpy(&((struct lpfc_iocbq *)cmdiocbq->context2)->iocb, 454 &rspiocbq->iocb, sizeof(IOCB_t)); 455 456 job = dd_data->context_un.iocb.set_job; 457 cmdiocbq = dd_data->context_un.iocb.cmdiocbq; 458 rspiocbq = dd_data->context_un.iocb.rspiocbq; 459 rsp = &rspiocbq->iocb; 460 ndlp = dd_data->context_un.iocb.ndlp; 461 462 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 463 job->request_payload.sg_cnt, DMA_TO_DEVICE); 464 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 465 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 466 467 if (job->reply->result == -EAGAIN) 468 rc = -EAGAIN; 469 else if (rsp->ulpStatus == IOSTAT_SUCCESS) 470 job->reply->reply_payload_rcv_len = 471 rsp->un.elsreq64.bdl.bdeSize; 472 else if (rsp->ulpStatus == IOSTAT_LS_RJT) { 473 job->reply->reply_payload_rcv_len = 474 sizeof(struct fc_bsg_ctels_reply); 475 /* LS_RJT data returned in word 4 */ 476 rjt_data = (uint8_t *)&rsp->un.ulpWord[4]; 477 els_reply = &job->reply->reply_data.ctels_reply; 478 els_reply->status = FC_CTELS_STATUS_REJECT; 479 els_reply->rjt_data.action = rjt_data[3]; 480 els_reply->rjt_data.reason_code = rjt_data[2]; 481 els_reply->rjt_data.reason_explanation = rjt_data[1]; 482 els_reply->rjt_data.vendor_unique = rjt_data[0]; 483 } else 484 rc = -EIO; 485 486 pbuflist = (struct lpfc_dmabuf *) cmdiocbq->context3; 487 lpfc_mbuf_free(phba, pbuflist->virt, pbuflist->phys); 488 lpfc_sli_release_iocbq(phba, rspiocbq); 489 lpfc_sli_release_iocbq(phba, cmdiocbq); 490 lpfc_nlp_put(ndlp); 491 kfree(dd_data); 492 /* make error code available to userspace */ 493 job->reply->result = rc; 494 job->dd_data = NULL; 495 /* complete the job back to userspace */ 496 job->job_done(job); 497 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 498 return; 499 } 500 501 /** 502 * lpfc_bsg_rport_els - send an ELS command from a bsg request 503 * @job: fc_bsg_job to handle 504 **/ 505 static int 506 lpfc_bsg_rport_els(struct fc_bsg_job *job) 507 { 508 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 509 struct lpfc_hba *phba = vport->phba; 510 struct lpfc_rport_data *rdata = job->rport->dd_data; 511 struct lpfc_nodelist *ndlp = rdata->pnode; 512 uint32_t elscmd; 513 uint32_t cmdsize; 514 uint32_t rspsize; 515 struct lpfc_iocbq *rspiocbq; 516 struct lpfc_iocbq *cmdiocbq; 517 IOCB_t *rsp; 518 uint16_t rpi = 0; 519 struct lpfc_dmabuf *pcmd; 520 struct lpfc_dmabuf *prsp; 521 struct lpfc_dmabuf *pbuflist = NULL; 522 struct ulp_bde64 *bpl; 523 int request_nseg; 524 int reply_nseg; 525 struct scatterlist *sgel = NULL; 526 int numbde; 527 dma_addr_t busaddr; 528 struct bsg_job_data *dd_data; 529 uint32_t creg_val; 530 int rc = 0; 531 532 /* in case no data is transferred */ 533 job->reply->reply_payload_rcv_len = 0; 534 535 /* allocate our bsg tracking structure */ 536 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 537 if (!dd_data) { 538 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 539 "2735 Failed allocation of dd_data\n"); 540 rc = -ENOMEM; 541 goto no_dd_data; 542 } 543 544 if (!lpfc_nlp_get(ndlp)) { 545 rc = -ENODEV; 546 goto free_dd_data; 547 } 548 549 elscmd = job->request->rqst_data.r_els.els_code; 550 cmdsize = job->request_payload.payload_len; 551 rspsize = job->reply_payload.payload_len; 552 rspiocbq = lpfc_sli_get_iocbq(phba); 553 if (!rspiocbq) { 554 lpfc_nlp_put(ndlp); 555 rc = -ENOMEM; 556 goto free_dd_data; 557 } 558 559 rsp = &rspiocbq->iocb; 560 rpi = ndlp->nlp_rpi; 561 562 cmdiocbq = lpfc_prep_els_iocb(vport, 1, cmdsize, 0, ndlp, 563 ndlp->nlp_DID, elscmd); 564 if (!cmdiocbq) { 565 rc = -EIO; 566 goto free_rspiocbq; 567 } 568 569 /* prep els iocb set context1 to the ndlp, context2 to the command 570 * dmabuf, context3 holds the data dmabuf 571 */ 572 pcmd = (struct lpfc_dmabuf *) cmdiocbq->context2; 573 prsp = (struct lpfc_dmabuf *) pcmd->list.next; 574 lpfc_mbuf_free(phba, pcmd->virt, pcmd->phys); 575 kfree(pcmd); 576 lpfc_mbuf_free(phba, prsp->virt, prsp->phys); 577 kfree(prsp); 578 cmdiocbq->context2 = NULL; 579 580 pbuflist = (struct lpfc_dmabuf *) cmdiocbq->context3; 581 bpl = (struct ulp_bde64 *) pbuflist->virt; 582 583 request_nseg = pci_map_sg(phba->pcidev, job->request_payload.sg_list, 584 job->request_payload.sg_cnt, DMA_TO_DEVICE); 585 for_each_sg(job->request_payload.sg_list, sgel, request_nseg, numbde) { 586 busaddr = sg_dma_address(sgel); 587 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64; 588 bpl->tus.f.bdeSize = sg_dma_len(sgel); 589 bpl->tus.w = cpu_to_le32(bpl->tus.w); 590 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 591 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 592 bpl++; 593 } 594 595 reply_nseg = pci_map_sg(phba->pcidev, job->reply_payload.sg_list, 596 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 597 for_each_sg(job->reply_payload.sg_list, sgel, reply_nseg, numbde) { 598 busaddr = sg_dma_address(sgel); 599 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64I; 600 bpl->tus.f.bdeSize = sg_dma_len(sgel); 601 bpl->tus.w = cpu_to_le32(bpl->tus.w); 602 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 603 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 604 bpl++; 605 } 606 cmdiocbq->iocb.un.elsreq64.bdl.bdeSize = 607 (request_nseg + reply_nseg) * sizeof(struct ulp_bde64); 608 cmdiocbq->iocb.ulpContext = rpi; 609 cmdiocbq->iocb_flag |= LPFC_IO_LIBDFC; 610 cmdiocbq->context1 = NULL; 611 cmdiocbq->context2 = NULL; 612 613 cmdiocbq->iocb_cmpl = lpfc_bsg_rport_els_cmp; 614 cmdiocbq->context1 = dd_data; 615 cmdiocbq->context2 = rspiocbq; 616 dd_data->type = TYPE_IOCB; 617 dd_data->context_un.iocb.cmdiocbq = cmdiocbq; 618 dd_data->context_un.iocb.rspiocbq = rspiocbq; 619 dd_data->context_un.iocb.set_job = job; 620 dd_data->context_un.iocb.bmp = NULL;; 621 dd_data->context_un.iocb.ndlp = ndlp; 622 623 if (phba->cfg_poll & DISABLE_FCP_RING_INT) { 624 creg_val = readl(phba->HCregaddr); 625 creg_val |= (HC_R0INT_ENA << LPFC_FCP_RING); 626 writel(creg_val, phba->HCregaddr); 627 readl(phba->HCregaddr); /* flush */ 628 } 629 rc = lpfc_sli_issue_iocb(phba, LPFC_ELS_RING, cmdiocbq, 0); 630 lpfc_nlp_put(ndlp); 631 if (rc == IOCB_SUCCESS) 632 return 0; /* done for now */ 633 else if (rc == IOCB_BUSY) 634 rc = EAGAIN; 635 else 636 rc = EIO; 637 638 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 639 job->request_payload.sg_cnt, DMA_TO_DEVICE); 640 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 641 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 642 643 lpfc_mbuf_free(phba, pbuflist->virt, pbuflist->phys); 644 645 lpfc_sli_release_iocbq(phba, cmdiocbq); 646 647 free_rspiocbq: 648 lpfc_sli_release_iocbq(phba, rspiocbq); 649 650 free_dd_data: 651 kfree(dd_data); 652 653 no_dd_data: 654 /* make error code available to userspace */ 655 job->reply->result = rc; 656 job->dd_data = NULL; 657 return rc; 658 } 659 660 /** 661 * lpfc_bsg_event_free - frees an allocated event structure 662 * @kref: Pointer to a kref. 663 * 664 * Called from kref_put. Back cast the kref into an event structure address. 665 * Free any events to get, delete associated nodes, free any events to see, 666 * free any data then free the event itself. 667 **/ 668 static void 669 lpfc_bsg_event_free(struct kref *kref) 670 { 671 struct lpfc_bsg_event *evt = container_of(kref, struct lpfc_bsg_event, 672 kref); 673 struct event_data *ed; 674 675 list_del(&evt->node); 676 677 while (!list_empty(&evt->events_to_get)) { 678 ed = list_entry(evt->events_to_get.next, typeof(*ed), node); 679 list_del(&ed->node); 680 kfree(ed->data); 681 kfree(ed); 682 } 683 684 while (!list_empty(&evt->events_to_see)) { 685 ed = list_entry(evt->events_to_see.next, typeof(*ed), node); 686 list_del(&ed->node); 687 kfree(ed->data); 688 kfree(ed); 689 } 690 691 kfree(evt); 692 } 693 694 /** 695 * lpfc_bsg_event_ref - increments the kref for an event 696 * @evt: Pointer to an event structure. 697 **/ 698 static inline void 699 lpfc_bsg_event_ref(struct lpfc_bsg_event *evt) 700 { 701 kref_get(&evt->kref); 702 } 703 704 /** 705 * lpfc_bsg_event_unref - Uses kref_put to free an event structure 706 * @evt: Pointer to an event structure. 707 **/ 708 static inline void 709 lpfc_bsg_event_unref(struct lpfc_bsg_event *evt) 710 { 711 kref_put(&evt->kref, lpfc_bsg_event_free); 712 } 713 714 /** 715 * lpfc_bsg_event_new - allocate and initialize a event structure 716 * @ev_mask: Mask of events. 717 * @ev_reg_id: Event reg id. 718 * @ev_req_id: Event request id. 719 **/ 720 static struct lpfc_bsg_event * 721 lpfc_bsg_event_new(uint32_t ev_mask, int ev_reg_id, uint32_t ev_req_id) 722 { 723 struct lpfc_bsg_event *evt = kzalloc(sizeof(*evt), GFP_KERNEL); 724 725 if (!evt) 726 return NULL; 727 728 INIT_LIST_HEAD(&evt->events_to_get); 729 INIT_LIST_HEAD(&evt->events_to_see); 730 evt->type_mask = ev_mask; 731 evt->req_id = ev_req_id; 732 evt->reg_id = ev_reg_id; 733 evt->wait_time_stamp = jiffies; 734 init_waitqueue_head(&evt->wq); 735 kref_init(&evt->kref); 736 return evt; 737 } 738 739 /** 740 * diag_cmd_data_free - Frees an lpfc dma buffer extension 741 * @phba: Pointer to HBA context object. 742 * @mlist: Pointer to an lpfc dma buffer extension. 743 **/ 744 static int 745 diag_cmd_data_free(struct lpfc_hba *phba, struct lpfc_dmabufext *mlist) 746 { 747 struct lpfc_dmabufext *mlast; 748 struct pci_dev *pcidev; 749 struct list_head head, *curr, *next; 750 751 if ((!mlist) || (!lpfc_is_link_up(phba) && 752 (phba->link_flag & LS_LOOPBACK_MODE))) { 753 return 0; 754 } 755 756 pcidev = phba->pcidev; 757 list_add_tail(&head, &mlist->dma.list); 758 759 list_for_each_safe(curr, next, &head) { 760 mlast = list_entry(curr, struct lpfc_dmabufext , dma.list); 761 if (mlast->dma.virt) 762 dma_free_coherent(&pcidev->dev, 763 mlast->size, 764 mlast->dma.virt, 765 mlast->dma.phys); 766 kfree(mlast); 767 } 768 return 0; 769 } 770 771 /** 772 * lpfc_bsg_ct_unsol_event - process an unsolicited CT command 773 * @phba: 774 * @pring: 775 * @piocbq: 776 * 777 * This function is called when an unsolicited CT command is received. It 778 * forwards the event to any processes registered to receive CT events. 779 **/ 780 int 781 lpfc_bsg_ct_unsol_event(struct lpfc_hba *phba, struct lpfc_sli_ring *pring, 782 struct lpfc_iocbq *piocbq) 783 { 784 uint32_t evt_req_id = 0; 785 uint32_t cmd; 786 uint32_t len; 787 struct lpfc_dmabuf *dmabuf = NULL; 788 struct lpfc_bsg_event *evt; 789 struct event_data *evt_dat = NULL; 790 struct lpfc_iocbq *iocbq; 791 size_t offset = 0; 792 struct list_head head; 793 struct ulp_bde64 *bde; 794 dma_addr_t dma_addr; 795 int i; 796 struct lpfc_dmabuf *bdeBuf1 = piocbq->context2; 797 struct lpfc_dmabuf *bdeBuf2 = piocbq->context3; 798 struct lpfc_hbq_entry *hbqe; 799 struct lpfc_sli_ct_request *ct_req; 800 struct fc_bsg_job *job = NULL; 801 unsigned long flags; 802 int size = 0; 803 804 INIT_LIST_HEAD(&head); 805 list_add_tail(&head, &piocbq->list); 806 807 if (piocbq->iocb.ulpBdeCount == 0 || 808 piocbq->iocb.un.cont64[0].tus.f.bdeSize == 0) 809 goto error_ct_unsol_exit; 810 811 if (phba->link_state == LPFC_HBA_ERROR || 812 (!(phba->sli.sli_flag & LPFC_SLI_ACTIVE))) 813 goto error_ct_unsol_exit; 814 815 if (phba->sli3_options & LPFC_SLI3_HBQ_ENABLED) 816 dmabuf = bdeBuf1; 817 else { 818 dma_addr = getPaddr(piocbq->iocb.un.cont64[0].addrHigh, 819 piocbq->iocb.un.cont64[0].addrLow); 820 dmabuf = lpfc_sli_ringpostbuf_get(phba, pring, dma_addr); 821 } 822 if (dmabuf == NULL) 823 goto error_ct_unsol_exit; 824 ct_req = (struct lpfc_sli_ct_request *)dmabuf->virt; 825 evt_req_id = ct_req->FsType; 826 cmd = ct_req->CommandResponse.bits.CmdRsp; 827 len = ct_req->CommandResponse.bits.Size; 828 if (!(phba->sli3_options & LPFC_SLI3_HBQ_ENABLED)) 829 lpfc_sli_ringpostbuf_put(phba, pring, dmabuf); 830 831 spin_lock_irqsave(&phba->ct_ev_lock, flags); 832 list_for_each_entry(evt, &phba->ct_ev_waiters, node) { 833 if (!(evt->type_mask & FC_REG_CT_EVENT) || 834 evt->req_id != evt_req_id) 835 continue; 836 837 lpfc_bsg_event_ref(evt); 838 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 839 evt_dat = kzalloc(sizeof(*evt_dat), GFP_KERNEL); 840 if (evt_dat == NULL) { 841 spin_lock_irqsave(&phba->ct_ev_lock, flags); 842 lpfc_bsg_event_unref(evt); 843 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 844 "2614 Memory allocation failed for " 845 "CT event\n"); 846 break; 847 } 848 849 if (phba->sli3_options & LPFC_SLI3_HBQ_ENABLED) { 850 /* take accumulated byte count from the last iocbq */ 851 iocbq = list_entry(head.prev, typeof(*iocbq), list); 852 evt_dat->len = iocbq->iocb.unsli3.rcvsli3.acc_len; 853 } else { 854 list_for_each_entry(iocbq, &head, list) { 855 for (i = 0; i < iocbq->iocb.ulpBdeCount; i++) 856 evt_dat->len += 857 iocbq->iocb.un.cont64[i].tus.f.bdeSize; 858 } 859 } 860 861 evt_dat->data = kzalloc(evt_dat->len, GFP_KERNEL); 862 if (evt_dat->data == NULL) { 863 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 864 "2615 Memory allocation failed for " 865 "CT event data, size %d\n", 866 evt_dat->len); 867 kfree(evt_dat); 868 spin_lock_irqsave(&phba->ct_ev_lock, flags); 869 lpfc_bsg_event_unref(evt); 870 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 871 goto error_ct_unsol_exit; 872 } 873 874 list_for_each_entry(iocbq, &head, list) { 875 size = 0; 876 if (phba->sli3_options & LPFC_SLI3_HBQ_ENABLED) { 877 bdeBuf1 = iocbq->context2; 878 bdeBuf2 = iocbq->context3; 879 } 880 for (i = 0; i < iocbq->iocb.ulpBdeCount; i++) { 881 if (phba->sli3_options & 882 LPFC_SLI3_HBQ_ENABLED) { 883 if (i == 0) { 884 hbqe = (struct lpfc_hbq_entry *) 885 &iocbq->iocb.un.ulpWord[0]; 886 size = hbqe->bde.tus.f.bdeSize; 887 dmabuf = bdeBuf1; 888 } else if (i == 1) { 889 hbqe = (struct lpfc_hbq_entry *) 890 &iocbq->iocb.unsli3. 891 sli3Words[4]; 892 size = hbqe->bde.tus.f.bdeSize; 893 dmabuf = bdeBuf2; 894 } 895 if ((offset + size) > evt_dat->len) 896 size = evt_dat->len - offset; 897 } else { 898 size = iocbq->iocb.un.cont64[i]. 899 tus.f.bdeSize; 900 bde = &iocbq->iocb.un.cont64[i]; 901 dma_addr = getPaddr(bde->addrHigh, 902 bde->addrLow); 903 dmabuf = lpfc_sli_ringpostbuf_get(phba, 904 pring, dma_addr); 905 } 906 if (!dmabuf) { 907 lpfc_printf_log(phba, KERN_ERR, 908 LOG_LIBDFC, "2616 No dmabuf " 909 "found for iocbq 0x%p\n", 910 iocbq); 911 kfree(evt_dat->data); 912 kfree(evt_dat); 913 spin_lock_irqsave(&phba->ct_ev_lock, 914 flags); 915 lpfc_bsg_event_unref(evt); 916 spin_unlock_irqrestore( 917 &phba->ct_ev_lock, flags); 918 goto error_ct_unsol_exit; 919 } 920 memcpy((char *)(evt_dat->data) + offset, 921 dmabuf->virt, size); 922 offset += size; 923 if (evt_req_id != SLI_CT_ELX_LOOPBACK && 924 !(phba->sli3_options & 925 LPFC_SLI3_HBQ_ENABLED)) { 926 lpfc_sli_ringpostbuf_put(phba, pring, 927 dmabuf); 928 } else { 929 switch (cmd) { 930 case ELX_LOOPBACK_DATA: 931 diag_cmd_data_free(phba, 932 (struct lpfc_dmabufext *) 933 dmabuf); 934 break; 935 case ELX_LOOPBACK_XRI_SETUP: 936 if ((phba->sli_rev == 937 LPFC_SLI_REV2) || 938 (phba->sli3_options & 939 LPFC_SLI3_HBQ_ENABLED 940 )) { 941 lpfc_in_buf_free(phba, 942 dmabuf); 943 } else { 944 lpfc_post_buffer(phba, 945 pring, 946 1); 947 } 948 break; 949 default: 950 if (!(phba->sli3_options & 951 LPFC_SLI3_HBQ_ENABLED)) 952 lpfc_post_buffer(phba, 953 pring, 954 1); 955 break; 956 } 957 } 958 } 959 } 960 961 spin_lock_irqsave(&phba->ct_ev_lock, flags); 962 if (phba->sli_rev == LPFC_SLI_REV4) { 963 evt_dat->immed_dat = phba->ctx_idx; 964 phba->ctx_idx = (phba->ctx_idx + 1) % 64; 965 /* Provide warning for over-run of the ct_ctx array */ 966 if (phba->ct_ctx[evt_dat->immed_dat].flags & 967 UNSOL_VALID) 968 lpfc_printf_log(phba, KERN_WARNING, LOG_ELS, 969 "2717 CT context array entry " 970 "[%d] over-run: oxid:x%x, " 971 "sid:x%x\n", phba->ctx_idx, 972 phba->ct_ctx[ 973 evt_dat->immed_dat].oxid, 974 phba->ct_ctx[ 975 evt_dat->immed_dat].SID); 976 phba->ct_ctx[evt_dat->immed_dat].oxid = 977 piocbq->iocb.ulpContext; 978 phba->ct_ctx[evt_dat->immed_dat].SID = 979 piocbq->iocb.un.rcvels.remoteID; 980 phba->ct_ctx[evt_dat->immed_dat].flags = UNSOL_VALID; 981 } else 982 evt_dat->immed_dat = piocbq->iocb.ulpContext; 983 984 evt_dat->type = FC_REG_CT_EVENT; 985 list_add(&evt_dat->node, &evt->events_to_see); 986 if (evt_req_id == SLI_CT_ELX_LOOPBACK) { 987 wake_up_interruptible(&evt->wq); 988 lpfc_bsg_event_unref(evt); 989 break; 990 } 991 992 list_move(evt->events_to_see.prev, &evt->events_to_get); 993 lpfc_bsg_event_unref(evt); 994 995 job = evt->set_job; 996 evt->set_job = NULL; 997 if (job) { 998 job->reply->reply_payload_rcv_len = size; 999 /* make error code available to userspace */ 1000 job->reply->result = 0; 1001 job->dd_data = NULL; 1002 /* complete the job back to userspace */ 1003 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1004 job->job_done(job); 1005 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1006 } 1007 } 1008 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1009 1010 error_ct_unsol_exit: 1011 if (!list_empty(&head)) 1012 list_del(&head); 1013 if (evt_req_id == SLI_CT_ELX_LOOPBACK) 1014 return 0; 1015 return 1; 1016 } 1017 1018 /** 1019 * lpfc_bsg_hba_set_event - process a SET_EVENT bsg vendor command 1020 * @job: SET_EVENT fc_bsg_job 1021 **/ 1022 static int 1023 lpfc_bsg_hba_set_event(struct fc_bsg_job *job) 1024 { 1025 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 1026 struct lpfc_hba *phba = vport->phba; 1027 struct set_ct_event *event_req; 1028 struct lpfc_bsg_event *evt; 1029 int rc = 0; 1030 struct bsg_job_data *dd_data = NULL; 1031 uint32_t ev_mask; 1032 unsigned long flags; 1033 1034 if (job->request_len < 1035 sizeof(struct fc_bsg_request) + sizeof(struct set_ct_event)) { 1036 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1037 "2612 Received SET_CT_EVENT below minimum " 1038 "size\n"); 1039 rc = -EINVAL; 1040 goto job_error; 1041 } 1042 1043 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 1044 if (dd_data == NULL) { 1045 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1046 "2734 Failed allocation of dd_data\n"); 1047 rc = -ENOMEM; 1048 goto job_error; 1049 } 1050 1051 event_req = (struct set_ct_event *) 1052 job->request->rqst_data.h_vendor.vendor_cmd; 1053 ev_mask = ((uint32_t)(unsigned long)event_req->type_mask & 1054 FC_REG_EVENT_MASK); 1055 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1056 list_for_each_entry(evt, &phba->ct_ev_waiters, node) { 1057 if (evt->reg_id == event_req->ev_reg_id) { 1058 lpfc_bsg_event_ref(evt); 1059 evt->wait_time_stamp = jiffies; 1060 break; 1061 } 1062 } 1063 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1064 1065 if (&evt->node == &phba->ct_ev_waiters) { 1066 /* no event waiting struct yet - first call */ 1067 evt = lpfc_bsg_event_new(ev_mask, event_req->ev_reg_id, 1068 event_req->ev_req_id); 1069 if (!evt) { 1070 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1071 "2617 Failed allocation of event " 1072 "waiter\n"); 1073 rc = -ENOMEM; 1074 goto job_error; 1075 } 1076 1077 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1078 list_add(&evt->node, &phba->ct_ev_waiters); 1079 lpfc_bsg_event_ref(evt); 1080 evt->wait_time_stamp = jiffies; 1081 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1082 } 1083 1084 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1085 evt->waiting = 1; 1086 dd_data->type = TYPE_EVT; 1087 dd_data->context_un.evt = evt; 1088 evt->set_job = job; /* for unsolicited command */ 1089 job->dd_data = dd_data; /* for fc transport timeout callback*/ 1090 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1091 return 0; /* call job done later */ 1092 1093 job_error: 1094 if (dd_data != NULL) 1095 kfree(dd_data); 1096 1097 job->dd_data = NULL; 1098 return rc; 1099 } 1100 1101 /** 1102 * lpfc_bsg_hba_get_event - process a GET_EVENT bsg vendor command 1103 * @job: GET_EVENT fc_bsg_job 1104 **/ 1105 static int 1106 lpfc_bsg_hba_get_event(struct fc_bsg_job *job) 1107 { 1108 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 1109 struct lpfc_hba *phba = vport->phba; 1110 struct get_ct_event *event_req; 1111 struct get_ct_event_reply *event_reply; 1112 struct lpfc_bsg_event *evt; 1113 struct event_data *evt_dat = NULL; 1114 unsigned long flags; 1115 uint32_t rc = 0; 1116 1117 if (job->request_len < 1118 sizeof(struct fc_bsg_request) + sizeof(struct get_ct_event)) { 1119 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1120 "2613 Received GET_CT_EVENT request below " 1121 "minimum size\n"); 1122 rc = -EINVAL; 1123 goto job_error; 1124 } 1125 1126 event_req = (struct get_ct_event *) 1127 job->request->rqst_data.h_vendor.vendor_cmd; 1128 1129 event_reply = (struct get_ct_event_reply *) 1130 job->reply->reply_data.vendor_reply.vendor_rsp; 1131 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1132 list_for_each_entry(evt, &phba->ct_ev_waiters, node) { 1133 if (evt->reg_id == event_req->ev_reg_id) { 1134 if (list_empty(&evt->events_to_get)) 1135 break; 1136 lpfc_bsg_event_ref(evt); 1137 evt->wait_time_stamp = jiffies; 1138 evt_dat = list_entry(evt->events_to_get.prev, 1139 struct event_data, node); 1140 list_del(&evt_dat->node); 1141 break; 1142 } 1143 } 1144 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1145 1146 /* The app may continue to ask for event data until it gets 1147 * an error indicating that there isn't anymore 1148 */ 1149 if (evt_dat == NULL) { 1150 job->reply->reply_payload_rcv_len = 0; 1151 rc = -ENOENT; 1152 goto job_error; 1153 } 1154 1155 if (evt_dat->len > job->request_payload.payload_len) { 1156 evt_dat->len = job->request_payload.payload_len; 1157 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1158 "2618 Truncated event data at %d " 1159 "bytes\n", 1160 job->request_payload.payload_len); 1161 } 1162 1163 event_reply->type = evt_dat->type; 1164 event_reply->immed_data = evt_dat->immed_dat; 1165 if (evt_dat->len > 0) 1166 job->reply->reply_payload_rcv_len = 1167 sg_copy_from_buffer(job->request_payload.sg_list, 1168 job->request_payload.sg_cnt, 1169 evt_dat->data, evt_dat->len); 1170 else 1171 job->reply->reply_payload_rcv_len = 0; 1172 1173 if (evt_dat) { 1174 kfree(evt_dat->data); 1175 kfree(evt_dat); 1176 } 1177 1178 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1179 lpfc_bsg_event_unref(evt); 1180 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1181 job->dd_data = NULL; 1182 job->reply->result = 0; 1183 job->job_done(job); 1184 return 0; 1185 1186 job_error: 1187 job->dd_data = NULL; 1188 job->reply->result = rc; 1189 return rc; 1190 } 1191 1192 /** 1193 * lpfc_issue_ct_rsp_cmp - lpfc_issue_ct_rsp's completion handler 1194 * @phba: Pointer to HBA context object. 1195 * @cmdiocbq: Pointer to command iocb. 1196 * @rspiocbq: Pointer to response iocb. 1197 * 1198 * This function is the completion handler for iocbs issued using 1199 * lpfc_issue_ct_rsp_cmp function. This function is called by the 1200 * ring event handler function without any lock held. This function 1201 * can be called from both worker thread context and interrupt 1202 * context. This function also can be called from other thread which 1203 * cleans up the SLI layer objects. 1204 * This function copy the contents of the response iocb to the 1205 * response iocb memory object provided by the caller of 1206 * lpfc_sli_issue_iocb_wait and then wakes up the thread which 1207 * sleeps for the iocb completion. 1208 **/ 1209 static void 1210 lpfc_issue_ct_rsp_cmp(struct lpfc_hba *phba, 1211 struct lpfc_iocbq *cmdiocbq, 1212 struct lpfc_iocbq *rspiocbq) 1213 { 1214 struct bsg_job_data *dd_data; 1215 struct fc_bsg_job *job; 1216 IOCB_t *rsp; 1217 struct lpfc_dmabuf *bmp; 1218 struct lpfc_nodelist *ndlp; 1219 unsigned long flags; 1220 int rc = 0; 1221 1222 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1223 dd_data = cmdiocbq->context1; 1224 /* normal completion and timeout crossed paths, already done */ 1225 if (!dd_data) { 1226 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1227 return; 1228 } 1229 1230 job = dd_data->context_un.iocb.set_job; 1231 bmp = dd_data->context_un.iocb.bmp; 1232 rsp = &rspiocbq->iocb; 1233 ndlp = dd_data->context_un.iocb.ndlp; 1234 1235 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 1236 job->request_payload.sg_cnt, DMA_TO_DEVICE); 1237 1238 if (rsp->ulpStatus) { 1239 if (rsp->ulpStatus == IOSTAT_LOCAL_REJECT) { 1240 switch (rsp->un.ulpWord[4] & 0xff) { 1241 case IOERR_SEQUENCE_TIMEOUT: 1242 rc = -ETIMEDOUT; 1243 break; 1244 case IOERR_INVALID_RPI: 1245 rc = -EFAULT; 1246 break; 1247 default: 1248 rc = -EACCES; 1249 break; 1250 } 1251 } else 1252 rc = -EACCES; 1253 } else 1254 job->reply->reply_payload_rcv_len = 1255 rsp->un.genreq64.bdl.bdeSize; 1256 1257 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 1258 lpfc_sli_release_iocbq(phba, cmdiocbq); 1259 lpfc_nlp_put(ndlp); 1260 kfree(bmp); 1261 kfree(dd_data); 1262 /* make error code available to userspace */ 1263 job->reply->result = rc; 1264 job->dd_data = NULL; 1265 /* complete the job back to userspace */ 1266 job->job_done(job); 1267 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1268 return; 1269 } 1270 1271 /** 1272 * lpfc_issue_ct_rsp - issue a ct response 1273 * @phba: Pointer to HBA context object. 1274 * @job: Pointer to the job object. 1275 * @tag: tag index value into the ports context exchange array. 1276 * @bmp: Pointer to a dma buffer descriptor. 1277 * @num_entry: Number of enties in the bde. 1278 **/ 1279 static int 1280 lpfc_issue_ct_rsp(struct lpfc_hba *phba, struct fc_bsg_job *job, uint32_t tag, 1281 struct lpfc_dmabuf *bmp, int num_entry) 1282 { 1283 IOCB_t *icmd; 1284 struct lpfc_iocbq *ctiocb = NULL; 1285 int rc = 0; 1286 struct lpfc_nodelist *ndlp = NULL; 1287 struct bsg_job_data *dd_data; 1288 uint32_t creg_val; 1289 1290 /* allocate our bsg tracking structure */ 1291 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 1292 if (!dd_data) { 1293 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1294 "2736 Failed allocation of dd_data\n"); 1295 rc = -ENOMEM; 1296 goto no_dd_data; 1297 } 1298 1299 /* Allocate buffer for command iocb */ 1300 ctiocb = lpfc_sli_get_iocbq(phba); 1301 if (!ctiocb) { 1302 rc = ENOMEM; 1303 goto no_ctiocb; 1304 } 1305 1306 icmd = &ctiocb->iocb; 1307 icmd->un.xseq64.bdl.ulpIoTag32 = 0; 1308 icmd->un.xseq64.bdl.addrHigh = putPaddrHigh(bmp->phys); 1309 icmd->un.xseq64.bdl.addrLow = putPaddrLow(bmp->phys); 1310 icmd->un.xseq64.bdl.bdeFlags = BUFF_TYPE_BLP_64; 1311 icmd->un.xseq64.bdl.bdeSize = (num_entry * sizeof(struct ulp_bde64)); 1312 icmd->un.xseq64.w5.hcsw.Fctl = (LS | LA); 1313 icmd->un.xseq64.w5.hcsw.Dfctl = 0; 1314 icmd->un.xseq64.w5.hcsw.Rctl = FC_RCTL_DD_SOL_CTL; 1315 icmd->un.xseq64.w5.hcsw.Type = FC_TYPE_CT; 1316 1317 /* Fill in rest of iocb */ 1318 icmd->ulpCommand = CMD_XMIT_SEQUENCE64_CX; 1319 icmd->ulpBdeCount = 1; 1320 icmd->ulpLe = 1; 1321 icmd->ulpClass = CLASS3; 1322 if (phba->sli_rev == LPFC_SLI_REV4) { 1323 /* Do not issue unsol response if oxid not marked as valid */ 1324 if (!(phba->ct_ctx[tag].flags & UNSOL_VALID)) { 1325 rc = IOCB_ERROR; 1326 goto issue_ct_rsp_exit; 1327 } 1328 icmd->ulpContext = phba->ct_ctx[tag].oxid; 1329 ndlp = lpfc_findnode_did(phba->pport, phba->ct_ctx[tag].SID); 1330 if (!ndlp) { 1331 lpfc_printf_log(phba, KERN_WARNING, LOG_ELS, 1332 "2721 ndlp null for oxid %x SID %x\n", 1333 icmd->ulpContext, 1334 phba->ct_ctx[tag].SID); 1335 rc = IOCB_ERROR; 1336 goto issue_ct_rsp_exit; 1337 } 1338 1339 /* Check if the ndlp is active */ 1340 if (!ndlp || !NLP_CHK_NODE_ACT(ndlp)) { 1341 rc = -IOCB_ERROR; 1342 goto issue_ct_rsp_exit; 1343 } 1344 1345 /* get a refernece count so the ndlp doesn't go away while 1346 * we respond 1347 */ 1348 if (!lpfc_nlp_get(ndlp)) { 1349 rc = -IOCB_ERROR; 1350 goto issue_ct_rsp_exit; 1351 } 1352 1353 icmd->un.ulpWord[3] = ndlp->nlp_rpi; 1354 /* The exchange is done, mark the entry as invalid */ 1355 phba->ct_ctx[tag].flags &= ~UNSOL_VALID; 1356 } else 1357 icmd->ulpContext = (ushort) tag; 1358 1359 icmd->ulpTimeout = phba->fc_ratov * 2; 1360 1361 /* Xmit CT response on exchange <xid> */ 1362 lpfc_printf_log(phba, KERN_INFO, LOG_ELS, 1363 "2722 Xmit CT response on exchange x%x Data: x%x x%x\n", 1364 icmd->ulpContext, icmd->ulpIoTag, phba->link_state); 1365 1366 ctiocb->iocb_cmpl = NULL; 1367 ctiocb->iocb_flag |= LPFC_IO_LIBDFC; 1368 ctiocb->vport = phba->pport; 1369 ctiocb->context3 = bmp; 1370 1371 ctiocb->iocb_cmpl = lpfc_issue_ct_rsp_cmp; 1372 ctiocb->context1 = dd_data; 1373 ctiocb->context2 = NULL; 1374 dd_data->type = TYPE_IOCB; 1375 dd_data->context_un.iocb.cmdiocbq = ctiocb; 1376 dd_data->context_un.iocb.rspiocbq = NULL; 1377 dd_data->context_un.iocb.set_job = job; 1378 dd_data->context_un.iocb.bmp = bmp; 1379 dd_data->context_un.iocb.ndlp = ndlp; 1380 1381 if (phba->cfg_poll & DISABLE_FCP_RING_INT) { 1382 creg_val = readl(phba->HCregaddr); 1383 creg_val |= (HC_R0INT_ENA << LPFC_FCP_RING); 1384 writel(creg_val, phba->HCregaddr); 1385 readl(phba->HCregaddr); /* flush */ 1386 } 1387 1388 rc = lpfc_sli_issue_iocb(phba, LPFC_ELS_RING, ctiocb, 0); 1389 1390 if (rc == IOCB_SUCCESS) 1391 return 0; /* done for now */ 1392 1393 issue_ct_rsp_exit: 1394 lpfc_sli_release_iocbq(phba, ctiocb); 1395 no_ctiocb: 1396 kfree(dd_data); 1397 no_dd_data: 1398 return rc; 1399 } 1400 1401 /** 1402 * lpfc_bsg_send_mgmt_rsp - process a SEND_MGMT_RESP bsg vendor command 1403 * @job: SEND_MGMT_RESP fc_bsg_job 1404 **/ 1405 static int 1406 lpfc_bsg_send_mgmt_rsp(struct fc_bsg_job *job) 1407 { 1408 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 1409 struct lpfc_hba *phba = vport->phba; 1410 struct send_mgmt_resp *mgmt_resp = (struct send_mgmt_resp *) 1411 job->request->rqst_data.h_vendor.vendor_cmd; 1412 struct ulp_bde64 *bpl; 1413 struct lpfc_dmabuf *bmp = NULL; 1414 struct scatterlist *sgel = NULL; 1415 int request_nseg; 1416 int numbde; 1417 dma_addr_t busaddr; 1418 uint32_t tag = mgmt_resp->tag; 1419 unsigned long reqbfrcnt = 1420 (unsigned long)job->request_payload.payload_len; 1421 int rc = 0; 1422 1423 /* in case no data is transferred */ 1424 job->reply->reply_payload_rcv_len = 0; 1425 1426 if (!reqbfrcnt || (reqbfrcnt > (80 * BUF_SZ_4K))) { 1427 rc = -ERANGE; 1428 goto send_mgmt_rsp_exit; 1429 } 1430 1431 bmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 1432 if (!bmp) { 1433 rc = -ENOMEM; 1434 goto send_mgmt_rsp_exit; 1435 } 1436 1437 bmp->virt = lpfc_mbuf_alloc(phba, 0, &bmp->phys); 1438 if (!bmp->virt) { 1439 rc = -ENOMEM; 1440 goto send_mgmt_rsp_free_bmp; 1441 } 1442 1443 INIT_LIST_HEAD(&bmp->list); 1444 bpl = (struct ulp_bde64 *) bmp->virt; 1445 request_nseg = pci_map_sg(phba->pcidev, job->request_payload.sg_list, 1446 job->request_payload.sg_cnt, DMA_TO_DEVICE); 1447 for_each_sg(job->request_payload.sg_list, sgel, request_nseg, numbde) { 1448 busaddr = sg_dma_address(sgel); 1449 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64; 1450 bpl->tus.f.bdeSize = sg_dma_len(sgel); 1451 bpl->tus.w = cpu_to_le32(bpl->tus.w); 1452 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 1453 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 1454 bpl++; 1455 } 1456 1457 rc = lpfc_issue_ct_rsp(phba, job, tag, bmp, request_nseg); 1458 1459 if (rc == IOCB_SUCCESS) 1460 return 0; /* done for now */ 1461 1462 /* TBD need to handle a timeout */ 1463 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 1464 job->request_payload.sg_cnt, DMA_TO_DEVICE); 1465 rc = -EACCES; 1466 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 1467 1468 send_mgmt_rsp_free_bmp: 1469 kfree(bmp); 1470 send_mgmt_rsp_exit: 1471 /* make error code available to userspace */ 1472 job->reply->result = rc; 1473 job->dd_data = NULL; 1474 return rc; 1475 } 1476 1477 /** 1478 * lpfc_bsg_diag_mode - process a LPFC_BSG_VENDOR_DIAG_MODE bsg vendor command 1479 * @job: LPFC_BSG_VENDOR_DIAG_MODE 1480 * 1481 * This function is responsible for placing a port into diagnostic loopback 1482 * mode in order to perform a diagnostic loopback test. 1483 * All new scsi requests are blocked, a small delay is used to allow the 1484 * scsi requests to complete then the link is brought down. If the link is 1485 * is placed in loopback mode then scsi requests are again allowed 1486 * so the scsi mid-layer doesn't give up on the port. 1487 * All of this is done in-line. 1488 */ 1489 static int 1490 lpfc_bsg_diag_mode(struct fc_bsg_job *job) 1491 { 1492 struct Scsi_Host *shost = job->shost; 1493 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 1494 struct lpfc_hba *phba = vport->phba; 1495 struct diag_mode_set *loopback_mode; 1496 struct lpfc_sli *psli = &phba->sli; 1497 struct lpfc_sli_ring *pring = &psli->ring[LPFC_FCP_RING]; 1498 uint32_t link_flags; 1499 uint32_t timeout; 1500 struct lpfc_vport **vports; 1501 LPFC_MBOXQ_t *pmboxq; 1502 int mbxstatus; 1503 int i = 0; 1504 int rc = 0; 1505 1506 /* no data to return just the return code */ 1507 job->reply->reply_payload_rcv_len = 0; 1508 1509 if (job->request_len < 1510 sizeof(struct fc_bsg_request) + sizeof(struct diag_mode_set)) { 1511 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 1512 "2738 Received DIAG MODE request below minimum " 1513 "size\n"); 1514 rc = -EINVAL; 1515 goto job_error; 1516 } 1517 1518 loopback_mode = (struct diag_mode_set *) 1519 job->request->rqst_data.h_vendor.vendor_cmd; 1520 link_flags = loopback_mode->type; 1521 timeout = loopback_mode->timeout; 1522 1523 if ((phba->link_state == LPFC_HBA_ERROR) || 1524 (psli->sli_flag & LPFC_BLOCK_MGMT_IO) || 1525 (!(psli->sli_flag & LPFC_SLI_ACTIVE))) { 1526 rc = -EACCES; 1527 goto job_error; 1528 } 1529 1530 pmboxq = mempool_alloc(phba->mbox_mem_pool, GFP_KERNEL); 1531 if (!pmboxq) { 1532 rc = -ENOMEM; 1533 goto job_error; 1534 } 1535 1536 vports = lpfc_create_vport_work_array(phba); 1537 if (vports) { 1538 for (i = 0; i <= phba->max_vpi && vports[i] != NULL; i++) { 1539 shost = lpfc_shost_from_vport(vports[i]); 1540 scsi_block_requests(shost); 1541 } 1542 1543 lpfc_destroy_vport_work_array(phba, vports); 1544 } else { 1545 shost = lpfc_shost_from_vport(phba->pport); 1546 scsi_block_requests(shost); 1547 } 1548 1549 while (pring->txcmplq_cnt) { 1550 if (i++ > 500) /* wait up to 5 seconds */ 1551 break; 1552 1553 msleep(10); 1554 } 1555 1556 memset((void *)pmboxq, 0, sizeof(LPFC_MBOXQ_t)); 1557 pmboxq->u.mb.mbxCommand = MBX_DOWN_LINK; 1558 pmboxq->u.mb.mbxOwner = OWN_HOST; 1559 1560 mbxstatus = lpfc_sli_issue_mbox_wait(phba, pmboxq, LPFC_MBOX_TMO); 1561 1562 if ((mbxstatus == MBX_SUCCESS) && (pmboxq->u.mb.mbxStatus == 0)) { 1563 /* wait for link down before proceeding */ 1564 i = 0; 1565 while (phba->link_state != LPFC_LINK_DOWN) { 1566 if (i++ > timeout) { 1567 rc = -ETIMEDOUT; 1568 goto loopback_mode_exit; 1569 } 1570 1571 msleep(10); 1572 } 1573 1574 memset((void *)pmboxq, 0, sizeof(LPFC_MBOXQ_t)); 1575 if (link_flags == INTERNAL_LOOP_BACK) 1576 pmboxq->u.mb.un.varInitLnk.link_flags = FLAGS_LOCAL_LB; 1577 else 1578 pmboxq->u.mb.un.varInitLnk.link_flags = 1579 FLAGS_TOPOLOGY_MODE_LOOP; 1580 1581 pmboxq->u.mb.mbxCommand = MBX_INIT_LINK; 1582 pmboxq->u.mb.mbxOwner = OWN_HOST; 1583 1584 mbxstatus = lpfc_sli_issue_mbox_wait(phba, pmboxq, 1585 LPFC_MBOX_TMO); 1586 1587 if ((mbxstatus != MBX_SUCCESS) || (pmboxq->u.mb.mbxStatus)) 1588 rc = -ENODEV; 1589 else { 1590 phba->link_flag |= LS_LOOPBACK_MODE; 1591 /* wait for the link attention interrupt */ 1592 msleep(100); 1593 1594 i = 0; 1595 while (phba->link_state != LPFC_HBA_READY) { 1596 if (i++ > timeout) { 1597 rc = -ETIMEDOUT; 1598 break; 1599 } 1600 1601 msleep(10); 1602 } 1603 } 1604 1605 } else 1606 rc = -ENODEV; 1607 1608 loopback_mode_exit: 1609 vports = lpfc_create_vport_work_array(phba); 1610 if (vports) { 1611 for (i = 0; i <= phba->max_vpi && vports[i] != NULL; i++) { 1612 shost = lpfc_shost_from_vport(vports[i]); 1613 scsi_unblock_requests(shost); 1614 } 1615 lpfc_destroy_vport_work_array(phba, vports); 1616 } else { 1617 shost = lpfc_shost_from_vport(phba->pport); 1618 scsi_unblock_requests(shost); 1619 } 1620 1621 /* 1622 * Let SLI layer release mboxq if mbox command completed after timeout. 1623 */ 1624 if (mbxstatus != MBX_TIMEOUT) 1625 mempool_free(pmboxq, phba->mbox_mem_pool); 1626 1627 job_error: 1628 /* make error code available to userspace */ 1629 job->reply->result = rc; 1630 /* complete the job back to userspace if no error */ 1631 if (rc == 0) 1632 job->job_done(job); 1633 return rc; 1634 } 1635 1636 /** 1637 * lpfcdiag_loop_self_reg - obtains a remote port login id 1638 * @phba: Pointer to HBA context object 1639 * @rpi: Pointer to a remote port login id 1640 * 1641 * This function obtains a remote port login id so the diag loopback test 1642 * can send and receive its own unsolicited CT command. 1643 **/ 1644 static int lpfcdiag_loop_self_reg(struct lpfc_hba *phba, uint16_t * rpi) 1645 { 1646 LPFC_MBOXQ_t *mbox; 1647 struct lpfc_dmabuf *dmabuff; 1648 int status; 1649 1650 mbox = mempool_alloc(phba->mbox_mem_pool, GFP_KERNEL); 1651 if (!mbox) 1652 return ENOMEM; 1653 1654 status = lpfc_reg_rpi(phba, 0, phba->pport->fc_myDID, 1655 (uint8_t *)&phba->pport->fc_sparam, mbox, 0); 1656 if (status) { 1657 mempool_free(mbox, phba->mbox_mem_pool); 1658 return ENOMEM; 1659 } 1660 1661 dmabuff = (struct lpfc_dmabuf *) mbox->context1; 1662 mbox->context1 = NULL; 1663 status = lpfc_sli_issue_mbox_wait(phba, mbox, LPFC_MBOX_TMO); 1664 1665 if ((status != MBX_SUCCESS) || (mbox->u.mb.mbxStatus)) { 1666 lpfc_mbuf_free(phba, dmabuff->virt, dmabuff->phys); 1667 kfree(dmabuff); 1668 if (status != MBX_TIMEOUT) 1669 mempool_free(mbox, phba->mbox_mem_pool); 1670 return ENODEV; 1671 } 1672 1673 *rpi = mbox->u.mb.un.varWords[0]; 1674 1675 lpfc_mbuf_free(phba, dmabuff->virt, dmabuff->phys); 1676 kfree(dmabuff); 1677 mempool_free(mbox, phba->mbox_mem_pool); 1678 return 0; 1679 } 1680 1681 /** 1682 * lpfcdiag_loop_self_unreg - unregs from the rpi 1683 * @phba: Pointer to HBA context object 1684 * @rpi: Remote port login id 1685 * 1686 * This function unregisters the rpi obtained in lpfcdiag_loop_self_reg 1687 **/ 1688 static int lpfcdiag_loop_self_unreg(struct lpfc_hba *phba, uint16_t rpi) 1689 { 1690 LPFC_MBOXQ_t *mbox; 1691 int status; 1692 1693 /* Allocate mboxq structure */ 1694 mbox = mempool_alloc(phba->mbox_mem_pool, GFP_KERNEL); 1695 if (mbox == NULL) 1696 return ENOMEM; 1697 1698 lpfc_unreg_login(phba, 0, rpi, mbox); 1699 status = lpfc_sli_issue_mbox_wait(phba, mbox, LPFC_MBOX_TMO); 1700 1701 if ((status != MBX_SUCCESS) || (mbox->u.mb.mbxStatus)) { 1702 if (status != MBX_TIMEOUT) 1703 mempool_free(mbox, phba->mbox_mem_pool); 1704 return EIO; 1705 } 1706 1707 mempool_free(mbox, phba->mbox_mem_pool); 1708 return 0; 1709 } 1710 1711 /** 1712 * lpfcdiag_loop_get_xri - obtains the transmit and receive ids 1713 * @phba: Pointer to HBA context object 1714 * @rpi: Remote port login id 1715 * @txxri: Pointer to transmit exchange id 1716 * @rxxri: Pointer to response exchabge id 1717 * 1718 * This function obtains the transmit and receive ids required to send 1719 * an unsolicited ct command with a payload. A special lpfc FsType and CmdRsp 1720 * flags are used to the unsolicted response handler is able to process 1721 * the ct command sent on the same port. 1722 **/ 1723 static int lpfcdiag_loop_get_xri(struct lpfc_hba *phba, uint16_t rpi, 1724 uint16_t *txxri, uint16_t * rxxri) 1725 { 1726 struct lpfc_bsg_event *evt; 1727 struct lpfc_iocbq *cmdiocbq, *rspiocbq; 1728 IOCB_t *cmd, *rsp; 1729 struct lpfc_dmabuf *dmabuf; 1730 struct ulp_bde64 *bpl = NULL; 1731 struct lpfc_sli_ct_request *ctreq = NULL; 1732 int ret_val = 0; 1733 unsigned long flags; 1734 1735 *txxri = 0; 1736 *rxxri = 0; 1737 evt = lpfc_bsg_event_new(FC_REG_CT_EVENT, current->pid, 1738 SLI_CT_ELX_LOOPBACK); 1739 if (!evt) 1740 return ENOMEM; 1741 1742 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1743 list_add(&evt->node, &phba->ct_ev_waiters); 1744 lpfc_bsg_event_ref(evt); 1745 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1746 1747 cmdiocbq = lpfc_sli_get_iocbq(phba); 1748 rspiocbq = lpfc_sli_get_iocbq(phba); 1749 1750 dmabuf = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 1751 if (dmabuf) { 1752 dmabuf->virt = lpfc_mbuf_alloc(phba, 0, &dmabuf->phys); 1753 if (dmabuf->virt) { 1754 INIT_LIST_HEAD(&dmabuf->list); 1755 bpl = (struct ulp_bde64 *) dmabuf->virt; 1756 memset(bpl, 0, sizeof(*bpl)); 1757 ctreq = (struct lpfc_sli_ct_request *)(bpl + 1); 1758 bpl->addrHigh = 1759 le32_to_cpu(putPaddrHigh(dmabuf->phys + 1760 sizeof(*bpl))); 1761 bpl->addrLow = 1762 le32_to_cpu(putPaddrLow(dmabuf->phys + 1763 sizeof(*bpl))); 1764 bpl->tus.f.bdeFlags = 0; 1765 bpl->tus.f.bdeSize = ELX_LOOPBACK_HEADER_SZ; 1766 bpl->tus.w = le32_to_cpu(bpl->tus.w); 1767 } 1768 } 1769 1770 if (cmdiocbq == NULL || rspiocbq == NULL || 1771 dmabuf == NULL || bpl == NULL || ctreq == NULL || 1772 dmabuf->virt == NULL) { 1773 ret_val = ENOMEM; 1774 goto err_get_xri_exit; 1775 } 1776 1777 cmd = &cmdiocbq->iocb; 1778 rsp = &rspiocbq->iocb; 1779 1780 memset(ctreq, 0, ELX_LOOPBACK_HEADER_SZ); 1781 1782 ctreq->RevisionId.bits.Revision = SLI_CT_REVISION; 1783 ctreq->RevisionId.bits.InId = 0; 1784 ctreq->FsType = SLI_CT_ELX_LOOPBACK; 1785 ctreq->FsSubType = 0; 1786 ctreq->CommandResponse.bits.CmdRsp = ELX_LOOPBACK_XRI_SETUP; 1787 ctreq->CommandResponse.bits.Size = 0; 1788 1789 1790 cmd->un.xseq64.bdl.addrHigh = putPaddrHigh(dmabuf->phys); 1791 cmd->un.xseq64.bdl.addrLow = putPaddrLow(dmabuf->phys); 1792 cmd->un.xseq64.bdl.bdeFlags = BUFF_TYPE_BLP_64; 1793 cmd->un.xseq64.bdl.bdeSize = sizeof(*bpl); 1794 1795 cmd->un.xseq64.w5.hcsw.Fctl = LA; 1796 cmd->un.xseq64.w5.hcsw.Dfctl = 0; 1797 cmd->un.xseq64.w5.hcsw.Rctl = FC_RCTL_DD_UNSOL_CTL; 1798 cmd->un.xseq64.w5.hcsw.Type = FC_TYPE_CT; 1799 1800 cmd->ulpCommand = CMD_XMIT_SEQUENCE64_CR; 1801 cmd->ulpBdeCount = 1; 1802 cmd->ulpLe = 1; 1803 cmd->ulpClass = CLASS3; 1804 cmd->ulpContext = rpi; 1805 1806 cmdiocbq->iocb_flag |= LPFC_IO_LIBDFC; 1807 cmdiocbq->vport = phba->pport; 1808 1809 ret_val = lpfc_sli_issue_iocb_wait(phba, LPFC_ELS_RING, cmdiocbq, 1810 rspiocbq, 1811 (phba->fc_ratov * 2) 1812 + LPFC_DRVR_TIMEOUT); 1813 if (ret_val) 1814 goto err_get_xri_exit; 1815 1816 *txxri = rsp->ulpContext; 1817 1818 evt->waiting = 1; 1819 evt->wait_time_stamp = jiffies; 1820 ret_val = wait_event_interruptible_timeout( 1821 evt->wq, !list_empty(&evt->events_to_see), 1822 ((phba->fc_ratov * 2) + LPFC_DRVR_TIMEOUT) * HZ); 1823 if (list_empty(&evt->events_to_see)) 1824 ret_val = (ret_val) ? EINTR : ETIMEDOUT; 1825 else { 1826 ret_val = IOCB_SUCCESS; 1827 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1828 list_move(evt->events_to_see.prev, &evt->events_to_get); 1829 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1830 *rxxri = (list_entry(evt->events_to_get.prev, 1831 typeof(struct event_data), 1832 node))->immed_dat; 1833 } 1834 evt->waiting = 0; 1835 1836 err_get_xri_exit: 1837 spin_lock_irqsave(&phba->ct_ev_lock, flags); 1838 lpfc_bsg_event_unref(evt); /* release ref */ 1839 lpfc_bsg_event_unref(evt); /* delete */ 1840 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 1841 1842 if (dmabuf) { 1843 if (dmabuf->virt) 1844 lpfc_mbuf_free(phba, dmabuf->virt, dmabuf->phys); 1845 kfree(dmabuf); 1846 } 1847 1848 if (cmdiocbq && (ret_val != IOCB_TIMEDOUT)) 1849 lpfc_sli_release_iocbq(phba, cmdiocbq); 1850 if (rspiocbq) 1851 lpfc_sli_release_iocbq(phba, rspiocbq); 1852 return ret_val; 1853 } 1854 1855 /** 1856 * diag_cmd_data_alloc - fills in a bde struct with dma buffers 1857 * @phba: Pointer to HBA context object 1858 * @bpl: Pointer to 64 bit bde structure 1859 * @size: Number of bytes to process 1860 * @nocopydata: Flag to copy user data into the allocated buffer 1861 * 1862 * This function allocates page size buffers and populates an lpfc_dmabufext. 1863 * If allowed the user data pointed to with indataptr is copied into the kernel 1864 * memory. The chained list of page size buffers is returned. 1865 **/ 1866 static struct lpfc_dmabufext * 1867 diag_cmd_data_alloc(struct lpfc_hba *phba, 1868 struct ulp_bde64 *bpl, uint32_t size, 1869 int nocopydata) 1870 { 1871 struct lpfc_dmabufext *mlist = NULL; 1872 struct lpfc_dmabufext *dmp; 1873 int cnt, offset = 0, i = 0; 1874 struct pci_dev *pcidev; 1875 1876 pcidev = phba->pcidev; 1877 1878 while (size) { 1879 /* We get chunks of 4K */ 1880 if (size > BUF_SZ_4K) 1881 cnt = BUF_SZ_4K; 1882 else 1883 cnt = size; 1884 1885 /* allocate struct lpfc_dmabufext buffer header */ 1886 dmp = kmalloc(sizeof(struct lpfc_dmabufext), GFP_KERNEL); 1887 if (!dmp) 1888 goto out; 1889 1890 INIT_LIST_HEAD(&dmp->dma.list); 1891 1892 /* Queue it to a linked list */ 1893 if (mlist) 1894 list_add_tail(&dmp->dma.list, &mlist->dma.list); 1895 else 1896 mlist = dmp; 1897 1898 /* allocate buffer */ 1899 dmp->dma.virt = dma_alloc_coherent(&pcidev->dev, 1900 cnt, 1901 &(dmp->dma.phys), 1902 GFP_KERNEL); 1903 1904 if (!dmp->dma.virt) 1905 goto out; 1906 1907 dmp->size = cnt; 1908 1909 if (nocopydata) { 1910 bpl->tus.f.bdeFlags = 0; 1911 pci_dma_sync_single_for_device(phba->pcidev, 1912 dmp->dma.phys, LPFC_BPL_SIZE, PCI_DMA_TODEVICE); 1913 1914 } else { 1915 memset((uint8_t *)dmp->dma.virt, 0, cnt); 1916 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64I; 1917 } 1918 1919 /* build buffer ptr list for IOCB */ 1920 bpl->addrLow = le32_to_cpu(putPaddrLow(dmp->dma.phys)); 1921 bpl->addrHigh = le32_to_cpu(putPaddrHigh(dmp->dma.phys)); 1922 bpl->tus.f.bdeSize = (ushort) cnt; 1923 bpl->tus.w = le32_to_cpu(bpl->tus.w); 1924 bpl++; 1925 1926 i++; 1927 offset += cnt; 1928 size -= cnt; 1929 } 1930 1931 mlist->flag = i; 1932 return mlist; 1933 out: 1934 diag_cmd_data_free(phba, mlist); 1935 return NULL; 1936 } 1937 1938 /** 1939 * lpfcdiag_loop_post_rxbufs - post the receive buffers for an unsol CT cmd 1940 * @phba: Pointer to HBA context object 1941 * @rxxri: Receive exchange id 1942 * @len: Number of data bytes 1943 * 1944 * This function allocates and posts a data buffer of sufficient size to recieve 1945 * an unsolicted CT command. 1946 **/ 1947 static int lpfcdiag_loop_post_rxbufs(struct lpfc_hba *phba, uint16_t rxxri, 1948 size_t len) 1949 { 1950 struct lpfc_sli *psli = &phba->sli; 1951 struct lpfc_sli_ring *pring = &psli->ring[LPFC_ELS_RING]; 1952 struct lpfc_iocbq *cmdiocbq; 1953 IOCB_t *cmd = NULL; 1954 struct list_head head, *curr, *next; 1955 struct lpfc_dmabuf *rxbmp; 1956 struct lpfc_dmabuf *dmp; 1957 struct lpfc_dmabuf *mp[2] = {NULL, NULL}; 1958 struct ulp_bde64 *rxbpl = NULL; 1959 uint32_t num_bde; 1960 struct lpfc_dmabufext *rxbuffer = NULL; 1961 int ret_val = 0; 1962 int i = 0; 1963 1964 cmdiocbq = lpfc_sli_get_iocbq(phba); 1965 rxbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 1966 if (rxbmp != NULL) { 1967 rxbmp->virt = lpfc_mbuf_alloc(phba, 0, &rxbmp->phys); 1968 if (rxbmp->virt) { 1969 INIT_LIST_HEAD(&rxbmp->list); 1970 rxbpl = (struct ulp_bde64 *) rxbmp->virt; 1971 rxbuffer = diag_cmd_data_alloc(phba, rxbpl, len, 0); 1972 } 1973 } 1974 1975 if (!cmdiocbq || !rxbmp || !rxbpl || !rxbuffer) { 1976 ret_val = ENOMEM; 1977 goto err_post_rxbufs_exit; 1978 } 1979 1980 /* Queue buffers for the receive exchange */ 1981 num_bde = (uint32_t)rxbuffer->flag; 1982 dmp = &rxbuffer->dma; 1983 1984 cmd = &cmdiocbq->iocb; 1985 i = 0; 1986 1987 INIT_LIST_HEAD(&head); 1988 list_add_tail(&head, &dmp->list); 1989 list_for_each_safe(curr, next, &head) { 1990 mp[i] = list_entry(curr, struct lpfc_dmabuf, list); 1991 list_del(curr); 1992 1993 if (phba->sli3_options & LPFC_SLI3_HBQ_ENABLED) { 1994 mp[i]->buffer_tag = lpfc_sli_get_buffer_tag(phba); 1995 cmd->un.quexri64cx.buff.bde.addrHigh = 1996 putPaddrHigh(mp[i]->phys); 1997 cmd->un.quexri64cx.buff.bde.addrLow = 1998 putPaddrLow(mp[i]->phys); 1999 cmd->un.quexri64cx.buff.bde.tus.f.bdeSize = 2000 ((struct lpfc_dmabufext *)mp[i])->size; 2001 cmd->un.quexri64cx.buff.buffer_tag = mp[i]->buffer_tag; 2002 cmd->ulpCommand = CMD_QUE_XRI64_CX; 2003 cmd->ulpPU = 0; 2004 cmd->ulpLe = 1; 2005 cmd->ulpBdeCount = 1; 2006 cmd->unsli3.que_xri64cx_ext_words.ebde_count = 0; 2007 2008 } else { 2009 cmd->un.cont64[i].addrHigh = putPaddrHigh(mp[i]->phys); 2010 cmd->un.cont64[i].addrLow = putPaddrLow(mp[i]->phys); 2011 cmd->un.cont64[i].tus.f.bdeSize = 2012 ((struct lpfc_dmabufext *)mp[i])->size; 2013 cmd->ulpBdeCount = ++i; 2014 2015 if ((--num_bde > 0) && (i < 2)) 2016 continue; 2017 2018 cmd->ulpCommand = CMD_QUE_XRI_BUF64_CX; 2019 cmd->ulpLe = 1; 2020 } 2021 2022 cmd->ulpClass = CLASS3; 2023 cmd->ulpContext = rxxri; 2024 2025 ret_val = lpfc_sli_issue_iocb(phba, LPFC_ELS_RING, cmdiocbq, 0); 2026 2027 if (ret_val == IOCB_ERROR) { 2028 diag_cmd_data_free(phba, 2029 (struct lpfc_dmabufext *)mp[0]); 2030 if (mp[1]) 2031 diag_cmd_data_free(phba, 2032 (struct lpfc_dmabufext *)mp[1]); 2033 dmp = list_entry(next, struct lpfc_dmabuf, list); 2034 ret_val = EIO; 2035 goto err_post_rxbufs_exit; 2036 } 2037 2038 lpfc_sli_ringpostbuf_put(phba, pring, mp[0]); 2039 if (mp[1]) { 2040 lpfc_sli_ringpostbuf_put(phba, pring, mp[1]); 2041 mp[1] = NULL; 2042 } 2043 2044 /* The iocb was freed by lpfc_sli_issue_iocb */ 2045 cmdiocbq = lpfc_sli_get_iocbq(phba); 2046 if (!cmdiocbq) { 2047 dmp = list_entry(next, struct lpfc_dmabuf, list); 2048 ret_val = EIO; 2049 goto err_post_rxbufs_exit; 2050 } 2051 2052 cmd = &cmdiocbq->iocb; 2053 i = 0; 2054 } 2055 list_del(&head); 2056 2057 err_post_rxbufs_exit: 2058 2059 if (rxbmp) { 2060 if (rxbmp->virt) 2061 lpfc_mbuf_free(phba, rxbmp->virt, rxbmp->phys); 2062 kfree(rxbmp); 2063 } 2064 2065 if (cmdiocbq) 2066 lpfc_sli_release_iocbq(phba, cmdiocbq); 2067 return ret_val; 2068 } 2069 2070 /** 2071 * lpfc_bsg_diag_test - with a port in loopback issues a Ct cmd to itself 2072 * @job: LPFC_BSG_VENDOR_DIAG_TEST fc_bsg_job 2073 * 2074 * This function receives a user data buffer to be transmitted and received on 2075 * the same port, the link must be up and in loopback mode prior 2076 * to being called. 2077 * 1. A kernel buffer is allocated to copy the user data into. 2078 * 2. The port registers with "itself". 2079 * 3. The transmit and receive exchange ids are obtained. 2080 * 4. The receive exchange id is posted. 2081 * 5. A new els loopback event is created. 2082 * 6. The command and response iocbs are allocated. 2083 * 7. The cmd iocb FsType is set to elx loopback and the CmdRsp to looppback. 2084 * 2085 * This function is meant to be called n times while the port is in loopback 2086 * so it is the apps responsibility to issue a reset to take the port out 2087 * of loopback mode. 2088 **/ 2089 static int 2090 lpfc_bsg_diag_test(struct fc_bsg_job *job) 2091 { 2092 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 2093 struct lpfc_hba *phba = vport->phba; 2094 struct diag_mode_test *diag_mode; 2095 struct lpfc_bsg_event *evt; 2096 struct event_data *evdat; 2097 struct lpfc_sli *psli = &phba->sli; 2098 uint32_t size; 2099 uint32_t full_size; 2100 size_t segment_len = 0, segment_offset = 0, current_offset = 0; 2101 uint16_t rpi; 2102 struct lpfc_iocbq *cmdiocbq, *rspiocbq; 2103 IOCB_t *cmd, *rsp; 2104 struct lpfc_sli_ct_request *ctreq; 2105 struct lpfc_dmabuf *txbmp; 2106 struct ulp_bde64 *txbpl = NULL; 2107 struct lpfc_dmabufext *txbuffer = NULL; 2108 struct list_head head; 2109 struct lpfc_dmabuf *curr; 2110 uint16_t txxri, rxxri; 2111 uint32_t num_bde; 2112 uint8_t *ptr = NULL, *rx_databuf = NULL; 2113 int rc = 0; 2114 unsigned long flags; 2115 void *dataout = NULL; 2116 uint32_t total_mem; 2117 2118 /* in case no data is returned return just the return code */ 2119 job->reply->reply_payload_rcv_len = 0; 2120 2121 if (job->request_len < 2122 sizeof(struct fc_bsg_request) + sizeof(struct diag_mode_test)) { 2123 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2124 "2739 Received DIAG TEST request below minimum " 2125 "size\n"); 2126 rc = -EINVAL; 2127 goto loopback_test_exit; 2128 } 2129 2130 if (job->request_payload.payload_len != 2131 job->reply_payload.payload_len) { 2132 rc = -EINVAL; 2133 goto loopback_test_exit; 2134 } 2135 2136 diag_mode = (struct diag_mode_test *) 2137 job->request->rqst_data.h_vendor.vendor_cmd; 2138 2139 if ((phba->link_state == LPFC_HBA_ERROR) || 2140 (psli->sli_flag & LPFC_BLOCK_MGMT_IO) || 2141 (!(psli->sli_flag & LPFC_SLI_ACTIVE))) { 2142 rc = -EACCES; 2143 goto loopback_test_exit; 2144 } 2145 2146 if (!lpfc_is_link_up(phba) || !(phba->link_flag & LS_LOOPBACK_MODE)) { 2147 rc = -EACCES; 2148 goto loopback_test_exit; 2149 } 2150 2151 size = job->request_payload.payload_len; 2152 full_size = size + ELX_LOOPBACK_HEADER_SZ; /* plus the header */ 2153 2154 if ((size == 0) || (size > 80 * BUF_SZ_4K)) { 2155 rc = -ERANGE; 2156 goto loopback_test_exit; 2157 } 2158 2159 if (size >= BUF_SZ_4K) { 2160 /* 2161 * Allocate memory for ioctl data. If buffer is bigger than 64k, 2162 * then we allocate 64k and re-use that buffer over and over to 2163 * xfer the whole block. This is because Linux kernel has a 2164 * problem allocating more than 120k of kernel space memory. Saw 2165 * problem with GET_FCPTARGETMAPPING... 2166 */ 2167 if (size <= (64 * 1024)) 2168 total_mem = size; 2169 else 2170 total_mem = 64 * 1024; 2171 } else 2172 /* Allocate memory for ioctl data */ 2173 total_mem = BUF_SZ_4K; 2174 2175 dataout = kmalloc(total_mem, GFP_KERNEL); 2176 if (dataout == NULL) { 2177 rc = -ENOMEM; 2178 goto loopback_test_exit; 2179 } 2180 2181 ptr = dataout; 2182 ptr += ELX_LOOPBACK_HEADER_SZ; 2183 sg_copy_to_buffer(job->request_payload.sg_list, 2184 job->request_payload.sg_cnt, 2185 ptr, size); 2186 2187 rc = lpfcdiag_loop_self_reg(phba, &rpi); 2188 if (rc) { 2189 rc = -ENOMEM; 2190 goto loopback_test_exit; 2191 } 2192 2193 rc = lpfcdiag_loop_get_xri(phba, rpi, &txxri, &rxxri); 2194 if (rc) { 2195 lpfcdiag_loop_self_unreg(phba, rpi); 2196 rc = -ENOMEM; 2197 goto loopback_test_exit; 2198 } 2199 2200 rc = lpfcdiag_loop_post_rxbufs(phba, rxxri, full_size); 2201 if (rc) { 2202 lpfcdiag_loop_self_unreg(phba, rpi); 2203 rc = -ENOMEM; 2204 goto loopback_test_exit; 2205 } 2206 2207 evt = lpfc_bsg_event_new(FC_REG_CT_EVENT, current->pid, 2208 SLI_CT_ELX_LOOPBACK); 2209 if (!evt) { 2210 lpfcdiag_loop_self_unreg(phba, rpi); 2211 rc = -ENOMEM; 2212 goto loopback_test_exit; 2213 } 2214 2215 spin_lock_irqsave(&phba->ct_ev_lock, flags); 2216 list_add(&evt->node, &phba->ct_ev_waiters); 2217 lpfc_bsg_event_ref(evt); 2218 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 2219 2220 cmdiocbq = lpfc_sli_get_iocbq(phba); 2221 rspiocbq = lpfc_sli_get_iocbq(phba); 2222 txbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 2223 2224 if (txbmp) { 2225 txbmp->virt = lpfc_mbuf_alloc(phba, 0, &txbmp->phys); 2226 if (txbmp->virt) { 2227 INIT_LIST_HEAD(&txbmp->list); 2228 txbpl = (struct ulp_bde64 *) txbmp->virt; 2229 txbuffer = diag_cmd_data_alloc(phba, 2230 txbpl, full_size, 0); 2231 } 2232 } 2233 2234 if (!cmdiocbq || !rspiocbq || !txbmp || !txbpl || !txbuffer || 2235 !txbmp->virt) { 2236 rc = -ENOMEM; 2237 goto err_loopback_test_exit; 2238 } 2239 2240 cmd = &cmdiocbq->iocb; 2241 rsp = &rspiocbq->iocb; 2242 2243 INIT_LIST_HEAD(&head); 2244 list_add_tail(&head, &txbuffer->dma.list); 2245 list_for_each_entry(curr, &head, list) { 2246 segment_len = ((struct lpfc_dmabufext *)curr)->size; 2247 if (current_offset == 0) { 2248 ctreq = curr->virt; 2249 memset(ctreq, 0, ELX_LOOPBACK_HEADER_SZ); 2250 ctreq->RevisionId.bits.Revision = SLI_CT_REVISION; 2251 ctreq->RevisionId.bits.InId = 0; 2252 ctreq->FsType = SLI_CT_ELX_LOOPBACK; 2253 ctreq->FsSubType = 0; 2254 ctreq->CommandResponse.bits.CmdRsp = ELX_LOOPBACK_DATA; 2255 ctreq->CommandResponse.bits.Size = size; 2256 segment_offset = ELX_LOOPBACK_HEADER_SZ; 2257 } else 2258 segment_offset = 0; 2259 2260 BUG_ON(segment_offset >= segment_len); 2261 memcpy(curr->virt + segment_offset, 2262 ptr + current_offset, 2263 segment_len - segment_offset); 2264 2265 current_offset += segment_len - segment_offset; 2266 BUG_ON(current_offset > size); 2267 } 2268 list_del(&head); 2269 2270 /* Build the XMIT_SEQUENCE iocb */ 2271 2272 num_bde = (uint32_t)txbuffer->flag; 2273 2274 cmd->un.xseq64.bdl.addrHigh = putPaddrHigh(txbmp->phys); 2275 cmd->un.xseq64.bdl.addrLow = putPaddrLow(txbmp->phys); 2276 cmd->un.xseq64.bdl.bdeFlags = BUFF_TYPE_BLP_64; 2277 cmd->un.xseq64.bdl.bdeSize = (num_bde * sizeof(struct ulp_bde64)); 2278 2279 cmd->un.xseq64.w5.hcsw.Fctl = (LS | LA); 2280 cmd->un.xseq64.w5.hcsw.Dfctl = 0; 2281 cmd->un.xseq64.w5.hcsw.Rctl = FC_RCTL_DD_UNSOL_CTL; 2282 cmd->un.xseq64.w5.hcsw.Type = FC_TYPE_CT; 2283 2284 cmd->ulpCommand = CMD_XMIT_SEQUENCE64_CX; 2285 cmd->ulpBdeCount = 1; 2286 cmd->ulpLe = 1; 2287 cmd->ulpClass = CLASS3; 2288 cmd->ulpContext = txxri; 2289 2290 cmdiocbq->iocb_flag |= LPFC_IO_LIBDFC; 2291 cmdiocbq->vport = phba->pport; 2292 2293 rc = lpfc_sli_issue_iocb_wait(phba, LPFC_ELS_RING, cmdiocbq, rspiocbq, 2294 (phba->fc_ratov * 2) + LPFC_DRVR_TIMEOUT); 2295 2296 if ((rc != IOCB_SUCCESS) || (rsp->ulpStatus != IOCB_SUCCESS)) { 2297 rc = -EIO; 2298 goto err_loopback_test_exit; 2299 } 2300 2301 evt->waiting = 1; 2302 rc = wait_event_interruptible_timeout( 2303 evt->wq, !list_empty(&evt->events_to_see), 2304 ((phba->fc_ratov * 2) + LPFC_DRVR_TIMEOUT) * HZ); 2305 evt->waiting = 0; 2306 if (list_empty(&evt->events_to_see)) 2307 rc = (rc) ? -EINTR : -ETIMEDOUT; 2308 else { 2309 spin_lock_irqsave(&phba->ct_ev_lock, flags); 2310 list_move(evt->events_to_see.prev, &evt->events_to_get); 2311 evdat = list_entry(evt->events_to_get.prev, 2312 typeof(*evdat), node); 2313 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 2314 rx_databuf = evdat->data; 2315 if (evdat->len != full_size) { 2316 lpfc_printf_log(phba, KERN_ERR, LOG_LIBDFC, 2317 "1603 Loopback test did not receive expected " 2318 "data length. actual length 0x%x expected " 2319 "length 0x%x\n", 2320 evdat->len, full_size); 2321 rc = -EIO; 2322 } else if (rx_databuf == NULL) 2323 rc = -EIO; 2324 else { 2325 rc = IOCB_SUCCESS; 2326 /* skip over elx loopback header */ 2327 rx_databuf += ELX_LOOPBACK_HEADER_SZ; 2328 job->reply->reply_payload_rcv_len = 2329 sg_copy_from_buffer(job->reply_payload.sg_list, 2330 job->reply_payload.sg_cnt, 2331 rx_databuf, size); 2332 job->reply->reply_payload_rcv_len = size; 2333 } 2334 } 2335 2336 err_loopback_test_exit: 2337 lpfcdiag_loop_self_unreg(phba, rpi); 2338 2339 spin_lock_irqsave(&phba->ct_ev_lock, flags); 2340 lpfc_bsg_event_unref(evt); /* release ref */ 2341 lpfc_bsg_event_unref(evt); /* delete */ 2342 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 2343 2344 if (cmdiocbq != NULL) 2345 lpfc_sli_release_iocbq(phba, cmdiocbq); 2346 2347 if (rspiocbq != NULL) 2348 lpfc_sli_release_iocbq(phba, rspiocbq); 2349 2350 if (txbmp != NULL) { 2351 if (txbpl != NULL) { 2352 if (txbuffer != NULL) 2353 diag_cmd_data_free(phba, txbuffer); 2354 lpfc_mbuf_free(phba, txbmp->virt, txbmp->phys); 2355 } 2356 kfree(txbmp); 2357 } 2358 2359 loopback_test_exit: 2360 kfree(dataout); 2361 /* make error code available to userspace */ 2362 job->reply->result = rc; 2363 job->dd_data = NULL; 2364 /* complete the job back to userspace if no error */ 2365 if (rc == 0) 2366 job->job_done(job); 2367 return rc; 2368 } 2369 2370 /** 2371 * lpfc_bsg_get_dfc_rev - process a GET_DFC_REV bsg vendor command 2372 * @job: GET_DFC_REV fc_bsg_job 2373 **/ 2374 static int 2375 lpfc_bsg_get_dfc_rev(struct fc_bsg_job *job) 2376 { 2377 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 2378 struct lpfc_hba *phba = vport->phba; 2379 struct get_mgmt_rev *event_req; 2380 struct get_mgmt_rev_reply *event_reply; 2381 int rc = 0; 2382 2383 if (job->request_len < 2384 sizeof(struct fc_bsg_request) + sizeof(struct get_mgmt_rev)) { 2385 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2386 "2740 Received GET_DFC_REV request below " 2387 "minimum size\n"); 2388 rc = -EINVAL; 2389 goto job_error; 2390 } 2391 2392 event_req = (struct get_mgmt_rev *) 2393 job->request->rqst_data.h_vendor.vendor_cmd; 2394 2395 event_reply = (struct get_mgmt_rev_reply *) 2396 job->reply->reply_data.vendor_reply.vendor_rsp; 2397 2398 if (job->reply_len < 2399 sizeof(struct fc_bsg_request) + sizeof(struct get_mgmt_rev_reply)) { 2400 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2401 "2741 Received GET_DFC_REV reply below " 2402 "minimum size\n"); 2403 rc = -EINVAL; 2404 goto job_error; 2405 } 2406 2407 event_reply->info.a_Major = MANAGEMENT_MAJOR_REV; 2408 event_reply->info.a_Minor = MANAGEMENT_MINOR_REV; 2409 job_error: 2410 job->reply->result = rc; 2411 if (rc == 0) 2412 job->job_done(job); 2413 return rc; 2414 } 2415 2416 /** 2417 * lpfc_bsg_wake_mbox_wait - lpfc_bsg_issue_mbox mbox completion handler 2418 * @phba: Pointer to HBA context object. 2419 * @pmboxq: Pointer to mailbox command. 2420 * 2421 * This is completion handler function for mailbox commands issued from 2422 * lpfc_bsg_issue_mbox function. This function is called by the 2423 * mailbox event handler function with no lock held. This function 2424 * will wake up thread waiting on the wait queue pointed by context1 2425 * of the mailbox. 2426 **/ 2427 void 2428 lpfc_bsg_wake_mbox_wait(struct lpfc_hba *phba, LPFC_MBOXQ_t *pmboxq) 2429 { 2430 struct bsg_job_data *dd_data; 2431 struct fc_bsg_job *job; 2432 uint32_t size; 2433 unsigned long flags; 2434 uint8_t *to; 2435 uint8_t *from; 2436 2437 spin_lock_irqsave(&phba->ct_ev_lock, flags); 2438 dd_data = pmboxq->context1; 2439 /* job already timed out? */ 2440 if (!dd_data) { 2441 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 2442 return; 2443 } 2444 2445 /* build the outgoing buffer to do an sg copy 2446 * the format is the response mailbox followed by any extended 2447 * mailbox data 2448 */ 2449 from = (uint8_t *)&pmboxq->u.mb; 2450 to = (uint8_t *)dd_data->context_un.mbox.mb; 2451 memcpy(to, from, sizeof(MAILBOX_t)); 2452 if (pmboxq->u.mb.mbxStatus == MBX_SUCCESS) { 2453 /* copy the extended data if any, count is in words */ 2454 if (dd_data->context_un.mbox.outExtWLen) { 2455 from = (uint8_t *)dd_data->context_un.mbox.ext; 2456 to += sizeof(MAILBOX_t); 2457 size = dd_data->context_un.mbox.outExtWLen * 2458 sizeof(uint32_t); 2459 memcpy(to, from, size); 2460 } else if (pmboxq->u.mb.mbxCommand == MBX_RUN_BIU_DIAG64) { 2461 from = (uint8_t *)dd_data->context_un.mbox. 2462 dmp->dma.virt; 2463 to += sizeof(MAILBOX_t); 2464 size = dd_data->context_un.mbox.dmp->size; 2465 memcpy(to, from, size); 2466 } else if ((phba->sli_rev == LPFC_SLI_REV4) && 2467 (pmboxq->u.mb.mbxCommand == MBX_DUMP_MEMORY)) { 2468 from = (uint8_t *)dd_data->context_un.mbox.dmp->dma. 2469 virt; 2470 to += sizeof(MAILBOX_t); 2471 size = pmboxq->u.mb.un.varWords[5]; 2472 memcpy(to, from, size); 2473 } else if (pmboxq->u.mb.mbxCommand == MBX_READ_EVENT_LOG) { 2474 from = (uint8_t *)dd_data->context_un. 2475 mbox.dmp->dma.virt; 2476 to += sizeof(MAILBOX_t); 2477 size = dd_data->context_un.mbox.dmp->size; 2478 memcpy(to, from, size); 2479 } 2480 } 2481 2482 from = (uint8_t *)dd_data->context_un.mbox.mb; 2483 job = dd_data->context_un.mbox.set_job; 2484 size = job->reply_payload.payload_len; 2485 job->reply->reply_payload_rcv_len = 2486 sg_copy_from_buffer(job->reply_payload.sg_list, 2487 job->reply_payload.sg_cnt, 2488 from, size); 2489 job->reply->result = 0; 2490 2491 dd_data->context_un.mbox.set_job = NULL; 2492 job->dd_data = NULL; 2493 job->job_done(job); 2494 /* need to hold the lock until we call job done to hold off 2495 * the timeout handler returning to the midlayer while 2496 * we are stillprocessing the job 2497 */ 2498 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 2499 2500 kfree(dd_data->context_un.mbox.mb); 2501 mempool_free(dd_data->context_un.mbox.pmboxq, phba->mbox_mem_pool); 2502 kfree(dd_data->context_un.mbox.ext); 2503 if (dd_data->context_un.mbox.dmp) { 2504 dma_free_coherent(&phba->pcidev->dev, 2505 dd_data->context_un.mbox.dmp->size, 2506 dd_data->context_un.mbox.dmp->dma.virt, 2507 dd_data->context_un.mbox.dmp->dma.phys); 2508 kfree(dd_data->context_un.mbox.dmp); 2509 } 2510 if (dd_data->context_un.mbox.rxbmp) { 2511 lpfc_mbuf_free(phba, dd_data->context_un.mbox.rxbmp->virt, 2512 dd_data->context_un.mbox.rxbmp->phys); 2513 kfree(dd_data->context_un.mbox.rxbmp); 2514 } 2515 kfree(dd_data); 2516 return; 2517 } 2518 2519 /** 2520 * lpfc_bsg_check_cmd_access - test for a supported mailbox command 2521 * @phba: Pointer to HBA context object. 2522 * @mb: Pointer to a mailbox object. 2523 * @vport: Pointer to a vport object. 2524 * 2525 * Some commands require the port to be offline, some may not be called from 2526 * the application. 2527 **/ 2528 static int lpfc_bsg_check_cmd_access(struct lpfc_hba *phba, 2529 MAILBOX_t *mb, struct lpfc_vport *vport) 2530 { 2531 /* return negative error values for bsg job */ 2532 switch (mb->mbxCommand) { 2533 /* Offline only */ 2534 case MBX_INIT_LINK: 2535 case MBX_DOWN_LINK: 2536 case MBX_CONFIG_LINK: 2537 case MBX_CONFIG_RING: 2538 case MBX_RESET_RING: 2539 case MBX_UNREG_LOGIN: 2540 case MBX_CLEAR_LA: 2541 case MBX_DUMP_CONTEXT: 2542 case MBX_RUN_DIAGS: 2543 case MBX_RESTART: 2544 case MBX_SET_MASK: 2545 if (!(vport->fc_flag & FC_OFFLINE_MODE)) { 2546 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2547 "2743 Command 0x%x is illegal in on-line " 2548 "state\n", 2549 mb->mbxCommand); 2550 return -EPERM; 2551 } 2552 case MBX_WRITE_NV: 2553 case MBX_WRITE_VPARMS: 2554 case MBX_LOAD_SM: 2555 case MBX_READ_NV: 2556 case MBX_READ_CONFIG: 2557 case MBX_READ_RCONFIG: 2558 case MBX_READ_STATUS: 2559 case MBX_READ_XRI: 2560 case MBX_READ_REV: 2561 case MBX_READ_LNK_STAT: 2562 case MBX_DUMP_MEMORY: 2563 case MBX_DOWN_LOAD: 2564 case MBX_UPDATE_CFG: 2565 case MBX_KILL_BOARD: 2566 case MBX_LOAD_AREA: 2567 case MBX_LOAD_EXP_ROM: 2568 case MBX_BEACON: 2569 case MBX_DEL_LD_ENTRY: 2570 case MBX_SET_DEBUG: 2571 case MBX_WRITE_WWN: 2572 case MBX_SLI4_CONFIG: 2573 case MBX_READ_EVENT_LOG: 2574 case MBX_READ_EVENT_LOG_STATUS: 2575 case MBX_WRITE_EVENT_LOG: 2576 case MBX_PORT_CAPABILITIES: 2577 case MBX_PORT_IOV_CONTROL: 2578 case MBX_RUN_BIU_DIAG64: 2579 break; 2580 case MBX_SET_VARIABLE: 2581 lpfc_printf_log(phba, KERN_INFO, LOG_INIT, 2582 "1226 mbox: set_variable 0x%x, 0x%x\n", 2583 mb->un.varWords[0], 2584 mb->un.varWords[1]); 2585 if ((mb->un.varWords[0] == SETVAR_MLOMNT) 2586 && (mb->un.varWords[1] == 1)) { 2587 phba->wait_4_mlo_maint_flg = 1; 2588 } else if (mb->un.varWords[0] == SETVAR_MLORST) { 2589 phba->link_flag &= ~LS_LOOPBACK_MODE; 2590 phba->fc_topology = TOPOLOGY_PT_PT; 2591 } 2592 break; 2593 case MBX_READ_SPARM64: 2594 case MBX_READ_LA: 2595 case MBX_READ_LA64: 2596 case MBX_REG_LOGIN: 2597 case MBX_REG_LOGIN64: 2598 case MBX_CONFIG_PORT: 2599 case MBX_RUN_BIU_DIAG: 2600 default: 2601 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2602 "2742 Unknown Command 0x%x\n", 2603 mb->mbxCommand); 2604 return -EPERM; 2605 } 2606 2607 return 0; /* ok */ 2608 } 2609 2610 /** 2611 * lpfc_bsg_issue_mbox - issues a mailbox command on behalf of an app 2612 * @phba: Pointer to HBA context object. 2613 * @mb: Pointer to a mailbox object. 2614 * @vport: Pointer to a vport object. 2615 * 2616 * Allocate a tracking object, mailbox command memory, get a mailbox 2617 * from the mailbox pool, copy the caller mailbox command. 2618 * 2619 * If offline and the sli is active we need to poll for the command (port is 2620 * being reset) and com-plete the job, otherwise issue the mailbox command and 2621 * let our completion handler finish the command. 2622 **/ 2623 static uint32_t 2624 lpfc_bsg_issue_mbox(struct lpfc_hba *phba, struct fc_bsg_job *job, 2625 struct lpfc_vport *vport) 2626 { 2627 LPFC_MBOXQ_t *pmboxq = NULL; /* internal mailbox queue */ 2628 MAILBOX_t *pmb; /* shortcut to the pmboxq mailbox */ 2629 /* a 4k buffer to hold the mb and extended data from/to the bsg */ 2630 MAILBOX_t *mb = NULL; 2631 struct bsg_job_data *dd_data = NULL; /* bsg data tracking structure */ 2632 uint32_t size; 2633 struct lpfc_dmabuf *rxbmp = NULL; /* for biu diag */ 2634 struct lpfc_dmabufext *dmp = NULL; /* for biu diag */ 2635 struct ulp_bde64 *rxbpl = NULL; 2636 struct dfc_mbox_req *mbox_req = (struct dfc_mbox_req *) 2637 job->request->rqst_data.h_vendor.vendor_cmd; 2638 uint8_t *ext = NULL; 2639 int rc = 0; 2640 uint8_t *from; 2641 2642 /* in case no data is transferred */ 2643 job->reply->reply_payload_rcv_len = 0; 2644 2645 /* check if requested extended data lengths are valid */ 2646 if ((mbox_req->inExtWLen > MAILBOX_EXT_SIZE) || 2647 (mbox_req->outExtWLen > MAILBOX_EXT_SIZE)) { 2648 rc = -ERANGE; 2649 goto job_done; 2650 } 2651 2652 /* allocate our bsg tracking structure */ 2653 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 2654 if (!dd_data) { 2655 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2656 "2727 Failed allocation of dd_data\n"); 2657 rc = -ENOMEM; 2658 goto job_done; 2659 } 2660 2661 mb = kzalloc(BSG_MBOX_SIZE, GFP_KERNEL); 2662 if (!mb) { 2663 rc = -ENOMEM; 2664 goto job_done; 2665 } 2666 2667 pmboxq = mempool_alloc(phba->mbox_mem_pool, GFP_KERNEL); 2668 if (!pmboxq) { 2669 rc = -ENOMEM; 2670 goto job_done; 2671 } 2672 memset(pmboxq, 0, sizeof(LPFC_MBOXQ_t)); 2673 2674 size = job->request_payload.payload_len; 2675 sg_copy_to_buffer(job->request_payload.sg_list, 2676 job->request_payload.sg_cnt, 2677 mb, size); 2678 2679 rc = lpfc_bsg_check_cmd_access(phba, mb, vport); 2680 if (rc != 0) 2681 goto job_done; /* must be negative */ 2682 2683 pmb = &pmboxq->u.mb; 2684 memcpy(pmb, mb, sizeof(*pmb)); 2685 pmb->mbxOwner = OWN_HOST; 2686 pmboxq->vport = vport; 2687 2688 /* If HBA encountered an error attention, allow only DUMP 2689 * or RESTART mailbox commands until the HBA is restarted. 2690 */ 2691 if (phba->pport->stopped && 2692 pmb->mbxCommand != MBX_DUMP_MEMORY && 2693 pmb->mbxCommand != MBX_RESTART && 2694 pmb->mbxCommand != MBX_WRITE_VPARMS && 2695 pmb->mbxCommand != MBX_WRITE_WWN) 2696 lpfc_printf_log(phba, KERN_WARNING, LOG_MBOX, 2697 "2797 mbox: Issued mailbox cmd " 2698 "0x%x while in stopped state.\n", 2699 pmb->mbxCommand); 2700 2701 /* Don't allow mailbox commands to be sent when blocked 2702 * or when in the middle of discovery 2703 */ 2704 if (phba->sli.sli_flag & LPFC_BLOCK_MGMT_IO) { 2705 rc = -EAGAIN; 2706 goto job_done; 2707 } 2708 2709 /* extended mailbox commands will need an extended buffer */ 2710 if (mbox_req->inExtWLen || mbox_req->outExtWLen) { 2711 ext = kzalloc(MAILBOX_EXT_SIZE, GFP_KERNEL); 2712 if (!ext) { 2713 rc = -ENOMEM; 2714 goto job_done; 2715 } 2716 2717 /* any data for the device? */ 2718 if (mbox_req->inExtWLen) { 2719 from = (uint8_t *)mb; 2720 from += sizeof(MAILBOX_t); 2721 memcpy((uint8_t *)ext, from, 2722 mbox_req->inExtWLen * sizeof(uint32_t)); 2723 } 2724 2725 pmboxq->context2 = ext; 2726 pmboxq->in_ext_byte_len = 2727 mbox_req->inExtWLen * sizeof(uint32_t); 2728 pmboxq->out_ext_byte_len = 2729 mbox_req->outExtWLen * sizeof(uint32_t); 2730 pmboxq->mbox_offset_word = mbox_req->mbOffset; 2731 } 2732 2733 /* biu diag will need a kernel buffer to transfer the data 2734 * allocate our own buffer and setup the mailbox command to 2735 * use ours 2736 */ 2737 if (pmb->mbxCommand == MBX_RUN_BIU_DIAG64) { 2738 uint32_t transmit_length = pmb->un.varWords[1]; 2739 uint32_t receive_length = pmb->un.varWords[4]; 2740 /* transmit length cannot be greater than receive length or 2741 * mailbox extension size 2742 */ 2743 if ((transmit_length > receive_length) || 2744 (transmit_length > MAILBOX_EXT_SIZE)) { 2745 rc = -ERANGE; 2746 goto job_done; 2747 } 2748 2749 rxbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 2750 if (!rxbmp) { 2751 rc = -ENOMEM; 2752 goto job_done; 2753 } 2754 2755 rxbmp->virt = lpfc_mbuf_alloc(phba, 0, &rxbmp->phys); 2756 if (!rxbmp->virt) { 2757 rc = -ENOMEM; 2758 goto job_done; 2759 } 2760 2761 INIT_LIST_HEAD(&rxbmp->list); 2762 rxbpl = (struct ulp_bde64 *) rxbmp->virt; 2763 dmp = diag_cmd_data_alloc(phba, rxbpl, transmit_length, 0); 2764 if (!dmp) { 2765 rc = -ENOMEM; 2766 goto job_done; 2767 } 2768 2769 INIT_LIST_HEAD(&dmp->dma.list); 2770 pmb->un.varBIUdiag.un.s2.xmit_bde64.addrHigh = 2771 putPaddrHigh(dmp->dma.phys); 2772 pmb->un.varBIUdiag.un.s2.xmit_bde64.addrLow = 2773 putPaddrLow(dmp->dma.phys); 2774 2775 pmb->un.varBIUdiag.un.s2.rcv_bde64.addrHigh = 2776 putPaddrHigh(dmp->dma.phys + 2777 pmb->un.varBIUdiag.un.s2. 2778 xmit_bde64.tus.f.bdeSize); 2779 pmb->un.varBIUdiag.un.s2.rcv_bde64.addrLow = 2780 putPaddrLow(dmp->dma.phys + 2781 pmb->un.varBIUdiag.un.s2. 2782 xmit_bde64.tus.f.bdeSize); 2783 2784 /* copy the transmit data found in the mailbox extension area */ 2785 from = (uint8_t *)mb; 2786 from += sizeof(MAILBOX_t); 2787 memcpy((uint8_t *)dmp->dma.virt, from, transmit_length); 2788 } else if (pmb->mbxCommand == MBX_READ_EVENT_LOG) { 2789 struct READ_EVENT_LOG_VAR *rdEventLog = 2790 &pmb->un.varRdEventLog ; 2791 uint32_t receive_length = rdEventLog->rcv_bde64.tus.f.bdeSize; 2792 uint32_t mode = bf_get(lpfc_event_log, rdEventLog); 2793 2794 /* receive length cannot be greater than mailbox 2795 * extension size 2796 */ 2797 if (receive_length > MAILBOX_EXT_SIZE) { 2798 rc = -ERANGE; 2799 goto job_done; 2800 } 2801 2802 /* mode zero uses a bde like biu diags command */ 2803 if (mode == 0) { 2804 2805 /* rebuild the command for sli4 using our own buffers 2806 * like we do for biu diags 2807 */ 2808 2809 rxbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 2810 if (!rxbmp) { 2811 rc = -ENOMEM; 2812 goto job_done; 2813 } 2814 2815 rxbmp->virt = lpfc_mbuf_alloc(phba, 0, &rxbmp->phys); 2816 rxbpl = (struct ulp_bde64 *) rxbmp->virt; 2817 if (rxbpl) { 2818 INIT_LIST_HEAD(&rxbmp->list); 2819 dmp = diag_cmd_data_alloc(phba, rxbpl, 2820 receive_length, 0); 2821 } 2822 2823 if (!dmp) { 2824 rc = -ENOMEM; 2825 goto job_done; 2826 } 2827 2828 INIT_LIST_HEAD(&dmp->dma.list); 2829 pmb->un.varWords[3] = putPaddrLow(dmp->dma.phys); 2830 pmb->un.varWords[4] = putPaddrHigh(dmp->dma.phys); 2831 } 2832 } else if (phba->sli_rev == LPFC_SLI_REV4) { 2833 if (pmb->mbxCommand == MBX_DUMP_MEMORY) { 2834 /* rebuild the command for sli4 using our own buffers 2835 * like we do for biu diags 2836 */ 2837 uint32_t receive_length = pmb->un.varWords[2]; 2838 /* receive length cannot be greater than mailbox 2839 * extension size 2840 */ 2841 if ((receive_length == 0) || 2842 (receive_length > MAILBOX_EXT_SIZE)) { 2843 rc = -ERANGE; 2844 goto job_done; 2845 } 2846 2847 rxbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 2848 if (!rxbmp) { 2849 rc = -ENOMEM; 2850 goto job_done; 2851 } 2852 2853 rxbmp->virt = lpfc_mbuf_alloc(phba, 0, &rxbmp->phys); 2854 if (!rxbmp->virt) { 2855 rc = -ENOMEM; 2856 goto job_done; 2857 } 2858 2859 INIT_LIST_HEAD(&rxbmp->list); 2860 rxbpl = (struct ulp_bde64 *) rxbmp->virt; 2861 dmp = diag_cmd_data_alloc(phba, rxbpl, receive_length, 2862 0); 2863 if (!dmp) { 2864 rc = -ENOMEM; 2865 goto job_done; 2866 } 2867 2868 INIT_LIST_HEAD(&dmp->dma.list); 2869 pmb->un.varWords[3] = putPaddrLow(dmp->dma.phys); 2870 pmb->un.varWords[4] = putPaddrHigh(dmp->dma.phys); 2871 } else if ((pmb->mbxCommand == MBX_UPDATE_CFG) && 2872 pmb->un.varUpdateCfg.co) { 2873 struct ulp_bde64 *bde = 2874 (struct ulp_bde64 *)&pmb->un.varWords[4]; 2875 2876 /* bde size cannot be greater than mailbox ext size */ 2877 if (bde->tus.f.bdeSize > MAILBOX_EXT_SIZE) { 2878 rc = -ERANGE; 2879 goto job_done; 2880 } 2881 2882 rxbmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 2883 if (!rxbmp) { 2884 rc = -ENOMEM; 2885 goto job_done; 2886 } 2887 2888 rxbmp->virt = lpfc_mbuf_alloc(phba, 0, &rxbmp->phys); 2889 if (!rxbmp->virt) { 2890 rc = -ENOMEM; 2891 goto job_done; 2892 } 2893 2894 INIT_LIST_HEAD(&rxbmp->list); 2895 rxbpl = (struct ulp_bde64 *) rxbmp->virt; 2896 dmp = diag_cmd_data_alloc(phba, rxbpl, 2897 bde->tus.f.bdeSize, 0); 2898 if (!dmp) { 2899 rc = -ENOMEM; 2900 goto job_done; 2901 } 2902 2903 INIT_LIST_HEAD(&dmp->dma.list); 2904 bde->addrHigh = putPaddrHigh(dmp->dma.phys); 2905 bde->addrLow = putPaddrLow(dmp->dma.phys); 2906 2907 /* copy the transmit data found in the mailbox 2908 * extension area 2909 */ 2910 from = (uint8_t *)mb; 2911 from += sizeof(MAILBOX_t); 2912 memcpy((uint8_t *)dmp->dma.virt, from, 2913 bde->tus.f.bdeSize); 2914 } 2915 } 2916 2917 dd_data->context_un.mbox.rxbmp = rxbmp; 2918 dd_data->context_un.mbox.dmp = dmp; 2919 2920 /* setup wake call as IOCB callback */ 2921 pmboxq->mbox_cmpl = lpfc_bsg_wake_mbox_wait; 2922 2923 /* setup context field to pass wait_queue pointer to wake function */ 2924 pmboxq->context1 = dd_data; 2925 dd_data->type = TYPE_MBOX; 2926 dd_data->context_un.mbox.pmboxq = pmboxq; 2927 dd_data->context_un.mbox.mb = mb; 2928 dd_data->context_un.mbox.set_job = job; 2929 dd_data->context_un.mbox.ext = ext; 2930 dd_data->context_un.mbox.mbOffset = mbox_req->mbOffset; 2931 dd_data->context_un.mbox.inExtWLen = mbox_req->inExtWLen; 2932 dd_data->context_un.mbox.outExtWLen = mbox_req->outExtWLen; 2933 job->dd_data = dd_data; 2934 2935 if ((vport->fc_flag & FC_OFFLINE_MODE) || 2936 (!(phba->sli.sli_flag & LPFC_SLI_ACTIVE))) { 2937 rc = lpfc_sli_issue_mbox(phba, pmboxq, MBX_POLL); 2938 if (rc != MBX_SUCCESS) { 2939 rc = (rc == MBX_TIMEOUT) ? -ETIME : -ENODEV; 2940 goto job_done; 2941 } 2942 2943 /* job finished, copy the data */ 2944 memcpy(mb, pmb, sizeof(*pmb)); 2945 job->reply->reply_payload_rcv_len = 2946 sg_copy_from_buffer(job->reply_payload.sg_list, 2947 job->reply_payload.sg_cnt, 2948 mb, size); 2949 /* not waiting mbox already done */ 2950 rc = 0; 2951 goto job_done; 2952 } 2953 2954 rc = lpfc_sli_issue_mbox(phba, pmboxq, MBX_NOWAIT); 2955 if ((rc == MBX_SUCCESS) || (rc == MBX_BUSY)) 2956 return 1; /* job started */ 2957 2958 job_done: 2959 /* common exit for error or job completed inline */ 2960 kfree(mb); 2961 if (pmboxq) 2962 mempool_free(pmboxq, phba->mbox_mem_pool); 2963 kfree(ext); 2964 if (dmp) { 2965 dma_free_coherent(&phba->pcidev->dev, 2966 dmp->size, dmp->dma.virt, 2967 dmp->dma.phys); 2968 kfree(dmp); 2969 } 2970 if (rxbmp) { 2971 lpfc_mbuf_free(phba, rxbmp->virt, rxbmp->phys); 2972 kfree(rxbmp); 2973 } 2974 kfree(dd_data); 2975 2976 return rc; 2977 } 2978 2979 /** 2980 * lpfc_bsg_mbox_cmd - process an fc bsg LPFC_BSG_VENDOR_MBOX command 2981 * @job: MBOX fc_bsg_job for LPFC_BSG_VENDOR_MBOX. 2982 **/ 2983 static int 2984 lpfc_bsg_mbox_cmd(struct fc_bsg_job *job) 2985 { 2986 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 2987 struct lpfc_hba *phba = vport->phba; 2988 int rc = 0; 2989 2990 /* in case no data is transferred */ 2991 job->reply->reply_payload_rcv_len = 0; 2992 if (job->request_len < 2993 sizeof(struct fc_bsg_request) + sizeof(struct dfc_mbox_req)) { 2994 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 2995 "2737 Received MBOX_REQ request below " 2996 "minimum size\n"); 2997 rc = -EINVAL; 2998 goto job_error; 2999 } 3000 3001 if (job->request_payload.payload_len != BSG_MBOX_SIZE) { 3002 rc = -EINVAL; 3003 goto job_error; 3004 } 3005 3006 if (job->reply_payload.payload_len != BSG_MBOX_SIZE) { 3007 rc = -EINVAL; 3008 goto job_error; 3009 } 3010 3011 if (phba->sli.sli_flag & LPFC_BLOCK_MGMT_IO) { 3012 rc = -EAGAIN; 3013 goto job_error; 3014 } 3015 3016 rc = lpfc_bsg_issue_mbox(phba, job, vport); 3017 3018 job_error: 3019 if (rc == 0) { 3020 /* job done */ 3021 job->reply->result = 0; 3022 job->dd_data = NULL; 3023 job->job_done(job); 3024 } else if (rc == 1) 3025 /* job submitted, will complete later*/ 3026 rc = 0; /* return zero, no error */ 3027 else { 3028 /* some error occurred */ 3029 job->reply->result = rc; 3030 job->dd_data = NULL; 3031 } 3032 3033 return rc; 3034 } 3035 3036 /** 3037 * lpfc_bsg_menlo_cmd_cmp - lpfc_menlo_cmd completion handler 3038 * @phba: Pointer to HBA context object. 3039 * @cmdiocbq: Pointer to command iocb. 3040 * @rspiocbq: Pointer to response iocb. 3041 * 3042 * This function is the completion handler for iocbs issued using 3043 * lpfc_menlo_cmd function. This function is called by the 3044 * ring event handler function without any lock held. This function 3045 * can be called from both worker thread context and interrupt 3046 * context. This function also can be called from another thread which 3047 * cleans up the SLI layer objects. 3048 * This function copies the contents of the response iocb to the 3049 * response iocb memory object provided by the caller of 3050 * lpfc_sli_issue_iocb_wait and then wakes up the thread which 3051 * sleeps for the iocb completion. 3052 **/ 3053 static void 3054 lpfc_bsg_menlo_cmd_cmp(struct lpfc_hba *phba, 3055 struct lpfc_iocbq *cmdiocbq, 3056 struct lpfc_iocbq *rspiocbq) 3057 { 3058 struct bsg_job_data *dd_data; 3059 struct fc_bsg_job *job; 3060 IOCB_t *rsp; 3061 struct lpfc_dmabuf *bmp; 3062 struct lpfc_bsg_menlo *menlo; 3063 unsigned long flags; 3064 struct menlo_response *menlo_resp; 3065 int rc = 0; 3066 3067 spin_lock_irqsave(&phba->ct_ev_lock, flags); 3068 dd_data = cmdiocbq->context1; 3069 if (!dd_data) { 3070 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3071 return; 3072 } 3073 3074 menlo = &dd_data->context_un.menlo; 3075 job = menlo->set_job; 3076 job->dd_data = NULL; /* so timeout handler does not reply */ 3077 3078 spin_lock_irqsave(&phba->hbalock, flags); 3079 cmdiocbq->iocb_flag |= LPFC_IO_WAKE; 3080 if (cmdiocbq->context2 && rspiocbq) 3081 memcpy(&((struct lpfc_iocbq *)cmdiocbq->context2)->iocb, 3082 &rspiocbq->iocb, sizeof(IOCB_t)); 3083 spin_unlock_irqrestore(&phba->hbalock, flags); 3084 3085 bmp = menlo->bmp; 3086 rspiocbq = menlo->rspiocbq; 3087 rsp = &rspiocbq->iocb; 3088 3089 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 3090 job->request_payload.sg_cnt, DMA_TO_DEVICE); 3091 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 3092 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 3093 3094 /* always return the xri, this would be used in the case 3095 * of a menlo download to allow the data to be sent as a continuation 3096 * of the exchange. 3097 */ 3098 menlo_resp = (struct menlo_response *) 3099 job->reply->reply_data.vendor_reply.vendor_rsp; 3100 menlo_resp->xri = rsp->ulpContext; 3101 if (rsp->ulpStatus) { 3102 if (rsp->ulpStatus == IOSTAT_LOCAL_REJECT) { 3103 switch (rsp->un.ulpWord[4] & 0xff) { 3104 case IOERR_SEQUENCE_TIMEOUT: 3105 rc = -ETIMEDOUT; 3106 break; 3107 case IOERR_INVALID_RPI: 3108 rc = -EFAULT; 3109 break; 3110 default: 3111 rc = -EACCES; 3112 break; 3113 } 3114 } else 3115 rc = -EACCES; 3116 } else 3117 job->reply->reply_payload_rcv_len = 3118 rsp->un.genreq64.bdl.bdeSize; 3119 3120 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 3121 lpfc_sli_release_iocbq(phba, rspiocbq); 3122 lpfc_sli_release_iocbq(phba, cmdiocbq); 3123 kfree(bmp); 3124 kfree(dd_data); 3125 /* make error code available to userspace */ 3126 job->reply->result = rc; 3127 /* complete the job back to userspace */ 3128 job->job_done(job); 3129 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3130 return; 3131 } 3132 3133 /** 3134 * lpfc_menlo_cmd - send an ioctl for menlo hardware 3135 * @job: fc_bsg_job to handle 3136 * 3137 * This function issues a gen request 64 CR ioctl for all menlo cmd requests, 3138 * all the command completions will return the xri for the command. 3139 * For menlo data requests a gen request 64 CX is used to continue the exchange 3140 * supplied in the menlo request header xri field. 3141 **/ 3142 static int 3143 lpfc_menlo_cmd(struct fc_bsg_job *job) 3144 { 3145 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 3146 struct lpfc_hba *phba = vport->phba; 3147 struct lpfc_iocbq *cmdiocbq, *rspiocbq; 3148 IOCB_t *cmd, *rsp; 3149 int rc = 0; 3150 struct menlo_command *menlo_cmd; 3151 struct menlo_response *menlo_resp; 3152 struct lpfc_dmabuf *bmp = NULL; 3153 int request_nseg; 3154 int reply_nseg; 3155 struct scatterlist *sgel = NULL; 3156 int numbde; 3157 dma_addr_t busaddr; 3158 struct bsg_job_data *dd_data; 3159 struct ulp_bde64 *bpl = NULL; 3160 3161 /* in case no data is returned return just the return code */ 3162 job->reply->reply_payload_rcv_len = 0; 3163 3164 if (job->request_len < 3165 sizeof(struct fc_bsg_request) + 3166 sizeof(struct menlo_command)) { 3167 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 3168 "2784 Received MENLO_CMD request below " 3169 "minimum size\n"); 3170 rc = -ERANGE; 3171 goto no_dd_data; 3172 } 3173 3174 if (job->reply_len < 3175 sizeof(struct fc_bsg_request) + sizeof(struct menlo_response)) { 3176 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 3177 "2785 Received MENLO_CMD reply below " 3178 "minimum size\n"); 3179 rc = -ERANGE; 3180 goto no_dd_data; 3181 } 3182 3183 if (!(phba->menlo_flag & HBA_MENLO_SUPPORT)) { 3184 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 3185 "2786 Adapter does not support menlo " 3186 "commands\n"); 3187 rc = -EPERM; 3188 goto no_dd_data; 3189 } 3190 3191 menlo_cmd = (struct menlo_command *) 3192 job->request->rqst_data.h_vendor.vendor_cmd; 3193 3194 menlo_resp = (struct menlo_response *) 3195 job->reply->reply_data.vendor_reply.vendor_rsp; 3196 3197 /* allocate our bsg tracking structure */ 3198 dd_data = kmalloc(sizeof(struct bsg_job_data), GFP_KERNEL); 3199 if (!dd_data) { 3200 lpfc_printf_log(phba, KERN_WARNING, LOG_LIBDFC, 3201 "2787 Failed allocation of dd_data\n"); 3202 rc = -ENOMEM; 3203 goto no_dd_data; 3204 } 3205 3206 bmp = kmalloc(sizeof(struct lpfc_dmabuf), GFP_KERNEL); 3207 if (!bmp) { 3208 rc = -ENOMEM; 3209 goto free_dd; 3210 } 3211 3212 cmdiocbq = lpfc_sli_get_iocbq(phba); 3213 if (!cmdiocbq) { 3214 rc = -ENOMEM; 3215 goto free_bmp; 3216 } 3217 3218 rspiocbq = lpfc_sli_get_iocbq(phba); 3219 if (!rspiocbq) { 3220 rc = -ENOMEM; 3221 goto free_cmdiocbq; 3222 } 3223 3224 rsp = &rspiocbq->iocb; 3225 3226 bmp->virt = lpfc_mbuf_alloc(phba, 0, &bmp->phys); 3227 if (!bmp->virt) { 3228 rc = -ENOMEM; 3229 goto free_rspiocbq; 3230 } 3231 3232 INIT_LIST_HEAD(&bmp->list); 3233 bpl = (struct ulp_bde64 *) bmp->virt; 3234 request_nseg = pci_map_sg(phba->pcidev, job->request_payload.sg_list, 3235 job->request_payload.sg_cnt, DMA_TO_DEVICE); 3236 for_each_sg(job->request_payload.sg_list, sgel, request_nseg, numbde) { 3237 busaddr = sg_dma_address(sgel); 3238 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64; 3239 bpl->tus.f.bdeSize = sg_dma_len(sgel); 3240 bpl->tus.w = cpu_to_le32(bpl->tus.w); 3241 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 3242 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 3243 bpl++; 3244 } 3245 3246 reply_nseg = pci_map_sg(phba->pcidev, job->reply_payload.sg_list, 3247 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 3248 for_each_sg(job->reply_payload.sg_list, sgel, reply_nseg, numbde) { 3249 busaddr = sg_dma_address(sgel); 3250 bpl->tus.f.bdeFlags = BUFF_TYPE_BDE_64I; 3251 bpl->tus.f.bdeSize = sg_dma_len(sgel); 3252 bpl->tus.w = cpu_to_le32(bpl->tus.w); 3253 bpl->addrLow = cpu_to_le32(putPaddrLow(busaddr)); 3254 bpl->addrHigh = cpu_to_le32(putPaddrHigh(busaddr)); 3255 bpl++; 3256 } 3257 3258 cmd = &cmdiocbq->iocb; 3259 cmd->un.genreq64.bdl.ulpIoTag32 = 0; 3260 cmd->un.genreq64.bdl.addrHigh = putPaddrHigh(bmp->phys); 3261 cmd->un.genreq64.bdl.addrLow = putPaddrLow(bmp->phys); 3262 cmd->un.genreq64.bdl.bdeFlags = BUFF_TYPE_BLP_64; 3263 cmd->un.genreq64.bdl.bdeSize = 3264 (request_nseg + reply_nseg) * sizeof(struct ulp_bde64); 3265 cmd->un.genreq64.w5.hcsw.Fctl = (SI | LA); 3266 cmd->un.genreq64.w5.hcsw.Dfctl = 0; 3267 cmd->un.genreq64.w5.hcsw.Rctl = FC_RCTL_DD_UNSOL_CMD; 3268 cmd->un.genreq64.w5.hcsw.Type = MENLO_TRANSPORT_TYPE; /* 0xfe */ 3269 cmd->ulpBdeCount = 1; 3270 cmd->ulpClass = CLASS3; 3271 cmd->ulpOwner = OWN_CHIP; 3272 cmd->ulpLe = 1; /* Limited Edition */ 3273 cmdiocbq->iocb_flag |= LPFC_IO_LIBDFC; 3274 cmdiocbq->vport = phba->pport; 3275 /* We want the firmware to timeout before we do */ 3276 cmd->ulpTimeout = MENLO_TIMEOUT - 5; 3277 cmdiocbq->context3 = bmp; 3278 cmdiocbq->context2 = rspiocbq; 3279 cmdiocbq->iocb_cmpl = lpfc_bsg_menlo_cmd_cmp; 3280 cmdiocbq->context1 = dd_data; 3281 cmdiocbq->context2 = rspiocbq; 3282 if (menlo_cmd->cmd == LPFC_BSG_VENDOR_MENLO_CMD) { 3283 cmd->ulpCommand = CMD_GEN_REQUEST64_CR; 3284 cmd->ulpPU = MENLO_PU; /* 3 */ 3285 cmd->un.ulpWord[4] = MENLO_DID; /* 0x0000FC0E */ 3286 cmd->ulpContext = MENLO_CONTEXT; /* 0 */ 3287 } else { 3288 cmd->ulpCommand = CMD_GEN_REQUEST64_CX; 3289 cmd->ulpPU = 1; 3290 cmd->un.ulpWord[4] = 0; 3291 cmd->ulpContext = menlo_cmd->xri; 3292 } 3293 3294 dd_data->type = TYPE_MENLO; 3295 dd_data->context_un.menlo.cmdiocbq = cmdiocbq; 3296 dd_data->context_un.menlo.rspiocbq = rspiocbq; 3297 dd_data->context_un.menlo.set_job = job; 3298 dd_data->context_un.menlo.bmp = bmp; 3299 3300 rc = lpfc_sli_issue_iocb(phba, LPFC_ELS_RING, cmdiocbq, 3301 MENLO_TIMEOUT - 5); 3302 if (rc == IOCB_SUCCESS) 3303 return 0; /* done for now */ 3304 3305 /* iocb failed so cleanup */ 3306 pci_unmap_sg(phba->pcidev, job->request_payload.sg_list, 3307 job->request_payload.sg_cnt, DMA_TO_DEVICE); 3308 pci_unmap_sg(phba->pcidev, job->reply_payload.sg_list, 3309 job->reply_payload.sg_cnt, DMA_FROM_DEVICE); 3310 3311 lpfc_mbuf_free(phba, bmp->virt, bmp->phys); 3312 3313 free_rspiocbq: 3314 lpfc_sli_release_iocbq(phba, rspiocbq); 3315 free_cmdiocbq: 3316 lpfc_sli_release_iocbq(phba, cmdiocbq); 3317 free_bmp: 3318 kfree(bmp); 3319 free_dd: 3320 kfree(dd_data); 3321 no_dd_data: 3322 /* make error code available to userspace */ 3323 job->reply->result = rc; 3324 job->dd_data = NULL; 3325 return rc; 3326 } 3327 /** 3328 * lpfc_bsg_hst_vendor - process a vendor-specific fc_bsg_job 3329 * @job: fc_bsg_job to handle 3330 **/ 3331 static int 3332 lpfc_bsg_hst_vendor(struct fc_bsg_job *job) 3333 { 3334 int command = job->request->rqst_data.h_vendor.vendor_cmd[0]; 3335 int rc; 3336 3337 switch (command) { 3338 case LPFC_BSG_VENDOR_SET_CT_EVENT: 3339 rc = lpfc_bsg_hba_set_event(job); 3340 break; 3341 case LPFC_BSG_VENDOR_GET_CT_EVENT: 3342 rc = lpfc_bsg_hba_get_event(job); 3343 break; 3344 case LPFC_BSG_VENDOR_SEND_MGMT_RESP: 3345 rc = lpfc_bsg_send_mgmt_rsp(job); 3346 break; 3347 case LPFC_BSG_VENDOR_DIAG_MODE: 3348 rc = lpfc_bsg_diag_mode(job); 3349 break; 3350 case LPFC_BSG_VENDOR_DIAG_TEST: 3351 rc = lpfc_bsg_diag_test(job); 3352 break; 3353 case LPFC_BSG_VENDOR_GET_MGMT_REV: 3354 rc = lpfc_bsg_get_dfc_rev(job); 3355 break; 3356 case LPFC_BSG_VENDOR_MBOX: 3357 rc = lpfc_bsg_mbox_cmd(job); 3358 break; 3359 case LPFC_BSG_VENDOR_MENLO_CMD: 3360 case LPFC_BSG_VENDOR_MENLO_DATA: 3361 rc = lpfc_menlo_cmd(job); 3362 break; 3363 default: 3364 rc = -EINVAL; 3365 job->reply->reply_payload_rcv_len = 0; 3366 /* make error code available to userspace */ 3367 job->reply->result = rc; 3368 break; 3369 } 3370 3371 return rc; 3372 } 3373 3374 /** 3375 * lpfc_bsg_request - handle a bsg request from the FC transport 3376 * @job: fc_bsg_job to handle 3377 **/ 3378 int 3379 lpfc_bsg_request(struct fc_bsg_job *job) 3380 { 3381 uint32_t msgcode; 3382 int rc; 3383 3384 msgcode = job->request->msgcode; 3385 switch (msgcode) { 3386 case FC_BSG_HST_VENDOR: 3387 rc = lpfc_bsg_hst_vendor(job); 3388 break; 3389 case FC_BSG_RPT_ELS: 3390 rc = lpfc_bsg_rport_els(job); 3391 break; 3392 case FC_BSG_RPT_CT: 3393 rc = lpfc_bsg_send_mgmt_cmd(job); 3394 break; 3395 default: 3396 rc = -EINVAL; 3397 job->reply->reply_payload_rcv_len = 0; 3398 /* make error code available to userspace */ 3399 job->reply->result = rc; 3400 break; 3401 } 3402 3403 return rc; 3404 } 3405 3406 /** 3407 * lpfc_bsg_timeout - handle timeout of a bsg request from the FC transport 3408 * @job: fc_bsg_job that has timed out 3409 * 3410 * This function just aborts the job's IOCB. The aborted IOCB will return to 3411 * the waiting function which will handle passing the error back to userspace 3412 **/ 3413 int 3414 lpfc_bsg_timeout(struct fc_bsg_job *job) 3415 { 3416 struct lpfc_vport *vport = (struct lpfc_vport *)job->shost->hostdata; 3417 struct lpfc_hba *phba = vport->phba; 3418 struct lpfc_iocbq *cmdiocb; 3419 struct lpfc_bsg_event *evt; 3420 struct lpfc_bsg_iocb *iocb; 3421 struct lpfc_bsg_mbox *mbox; 3422 struct lpfc_bsg_menlo *menlo; 3423 struct lpfc_sli_ring *pring = &phba->sli.ring[LPFC_ELS_RING]; 3424 struct bsg_job_data *dd_data; 3425 unsigned long flags; 3426 3427 spin_lock_irqsave(&phba->ct_ev_lock, flags); 3428 dd_data = (struct bsg_job_data *)job->dd_data; 3429 /* timeout and completion crossed paths if no dd_data */ 3430 if (!dd_data) { 3431 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3432 return 0; 3433 } 3434 3435 switch (dd_data->type) { 3436 case TYPE_IOCB: 3437 iocb = &dd_data->context_un.iocb; 3438 cmdiocb = iocb->cmdiocbq; 3439 /* hint to completion handler that the job timed out */ 3440 job->reply->result = -EAGAIN; 3441 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3442 /* this will call our completion handler */ 3443 spin_lock_irq(&phba->hbalock); 3444 lpfc_sli_issue_abort_iotag(phba, pring, cmdiocb); 3445 spin_unlock_irq(&phba->hbalock); 3446 break; 3447 case TYPE_EVT: 3448 evt = dd_data->context_un.evt; 3449 /* this event has no job anymore */ 3450 evt->set_job = NULL; 3451 job->dd_data = NULL; 3452 job->reply->reply_payload_rcv_len = 0; 3453 /* Return -EAGAIN which is our way of signallying the 3454 * app to retry. 3455 */ 3456 job->reply->result = -EAGAIN; 3457 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3458 job->job_done(job); 3459 break; 3460 case TYPE_MBOX: 3461 mbox = &dd_data->context_un.mbox; 3462 /* this mbox has no job anymore */ 3463 mbox->set_job = NULL; 3464 job->dd_data = NULL; 3465 job->reply->reply_payload_rcv_len = 0; 3466 job->reply->result = -EAGAIN; 3467 /* the mbox completion handler can now be run */ 3468 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3469 job->job_done(job); 3470 break; 3471 case TYPE_MENLO: 3472 menlo = &dd_data->context_un.menlo; 3473 cmdiocb = menlo->cmdiocbq; 3474 /* hint to completion handler that the job timed out */ 3475 job->reply->result = -EAGAIN; 3476 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3477 /* this will call our completion handler */ 3478 spin_lock_irq(&phba->hbalock); 3479 lpfc_sli_issue_abort_iotag(phba, pring, cmdiocb); 3480 spin_unlock_irq(&phba->hbalock); 3481 break; 3482 default: 3483 spin_unlock_irqrestore(&phba->ct_ev_lock, flags); 3484 break; 3485 } 3486 3487 /* scsi transport fc fc_bsg_job_timeout expects a zero return code, 3488 * otherwise an error message will be displayed on the console 3489 * so always return success (zero) 3490 */ 3491 return 0; 3492 } 3493