xref: /linux/drivers/scsi/qedf/qedf_io.c (revision 5cfe477f6a3f9a4d9b2906d442964f2115b0403f)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  QLogic FCoE Offload Driver
4  *  Copyright (c) 2016-2018 Cavium Inc.
5  */
6 #include <linux/spinlock.h>
7 #include <linux/vmalloc.h>
8 #include "qedf.h"
9 #include <scsi/scsi_tcq.h>
10 
11 void qedf_cmd_timer_set(struct qedf_ctx *qedf, struct qedf_ioreq *io_req,
12 	unsigned int timer_msec)
13 {
14 	queue_delayed_work(qedf->timer_work_queue, &io_req->timeout_work,
15 	    msecs_to_jiffies(timer_msec));
16 }
17 
18 static void qedf_cmd_timeout(struct work_struct *work)
19 {
20 
21 	struct qedf_ioreq *io_req =
22 	    container_of(work, struct qedf_ioreq, timeout_work.work);
23 	struct qedf_ctx *qedf;
24 	struct qedf_rport *fcport;
25 
26 	fcport = io_req->fcport;
27 	if (io_req->fcport == NULL) {
28 		QEDF_INFO(NULL, QEDF_LOG_IO,  "fcport is NULL.\n");
29 		return;
30 	}
31 
32 	qedf = fcport->qedf;
33 
34 	switch (io_req->cmd_type) {
35 	case QEDF_ABTS:
36 		if (qedf == NULL) {
37 			QEDF_INFO(NULL, QEDF_LOG_IO,
38 				  "qedf is NULL for ABTS xid=0x%x.\n",
39 				  io_req->xid);
40 			return;
41 		}
42 
43 		QEDF_ERR((&qedf->dbg_ctx), "ABTS timeout, xid=0x%x.\n",
44 		    io_req->xid);
45 		/* Cleanup timed out ABTS */
46 		qedf_initiate_cleanup(io_req, true);
47 		complete(&io_req->abts_done);
48 
49 		/*
50 		 * Need to call kref_put for reference taken when initiate_abts
51 		 * was called since abts_compl won't be called now that we've
52 		 * cleaned up the task.
53 		 */
54 		kref_put(&io_req->refcount, qedf_release_cmd);
55 
56 		/* Clear in abort bit now that we're done with the command */
57 		clear_bit(QEDF_CMD_IN_ABORT, &io_req->flags);
58 
59 		/*
60 		 * Now that the original I/O and the ABTS are complete see
61 		 * if we need to reconnect to the target.
62 		 */
63 		qedf_restart_rport(fcport);
64 		break;
65 	case QEDF_ELS:
66 		if (!qedf) {
67 			QEDF_INFO(NULL, QEDF_LOG_IO,
68 				  "qedf is NULL for ELS xid=0x%x.\n",
69 				  io_req->xid);
70 			return;
71 		}
72 		/* ELS request no longer outstanding since it timed out */
73 		clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
74 
75 		kref_get(&io_req->refcount);
76 		/*
77 		 * Don't attempt to clean an ELS timeout as any subseqeunt
78 		 * ABTS or cleanup requests just hang.  For now just free
79 		 * the resources of the original I/O and the RRQ
80 		 */
81 		QEDF_ERR(&(qedf->dbg_ctx), "ELS timeout, xid=0x%x.\n",
82 			  io_req->xid);
83 		qedf_initiate_cleanup(io_req, true);
84 		io_req->event = QEDF_IOREQ_EV_ELS_TMO;
85 		/* Call callback function to complete command */
86 		if (io_req->cb_func && io_req->cb_arg) {
87 			io_req->cb_func(io_req->cb_arg);
88 			io_req->cb_arg = NULL;
89 		}
90 		kref_put(&io_req->refcount, qedf_release_cmd);
91 		break;
92 	case QEDF_SEQ_CLEANUP:
93 		QEDF_ERR(&(qedf->dbg_ctx), "Sequence cleanup timeout, "
94 		    "xid=0x%x.\n", io_req->xid);
95 		qedf_initiate_cleanup(io_req, true);
96 		io_req->event = QEDF_IOREQ_EV_ELS_TMO;
97 		qedf_process_seq_cleanup_compl(qedf, NULL, io_req);
98 		break;
99 	default:
100 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
101 			  "Hit default case, xid=0x%x.\n", io_req->xid);
102 		break;
103 	}
104 }
105 
106 void qedf_cmd_mgr_free(struct qedf_cmd_mgr *cmgr)
107 {
108 	struct io_bdt *bdt_info;
109 	struct qedf_ctx *qedf = cmgr->qedf;
110 	size_t bd_tbl_sz;
111 	u16 min_xid = 0;
112 	u16 max_xid = (FCOE_PARAMS_NUM_TASKS - 1);
113 	int num_ios;
114 	int i;
115 	struct qedf_ioreq *io_req;
116 
117 	num_ios = max_xid - min_xid + 1;
118 
119 	/* Free fcoe_bdt_ctx structures */
120 	if (!cmgr->io_bdt_pool) {
121 		QEDF_ERR(&qedf->dbg_ctx, "io_bdt_pool is NULL.\n");
122 		goto free_cmd_pool;
123 	}
124 
125 	bd_tbl_sz = QEDF_MAX_BDS_PER_CMD * sizeof(struct scsi_sge);
126 	for (i = 0; i < num_ios; i++) {
127 		bdt_info = cmgr->io_bdt_pool[i];
128 		if (bdt_info->bd_tbl) {
129 			dma_free_coherent(&qedf->pdev->dev, bd_tbl_sz,
130 			    bdt_info->bd_tbl, bdt_info->bd_tbl_dma);
131 			bdt_info->bd_tbl = NULL;
132 		}
133 	}
134 
135 	/* Destroy io_bdt pool */
136 	for (i = 0; i < num_ios; i++) {
137 		kfree(cmgr->io_bdt_pool[i]);
138 		cmgr->io_bdt_pool[i] = NULL;
139 	}
140 
141 	kfree(cmgr->io_bdt_pool);
142 	cmgr->io_bdt_pool = NULL;
143 
144 free_cmd_pool:
145 
146 	for (i = 0; i < num_ios; i++) {
147 		io_req = &cmgr->cmds[i];
148 		kfree(io_req->sgl_task_params);
149 		kfree(io_req->task_params);
150 		/* Make sure we free per command sense buffer */
151 		if (io_req->sense_buffer)
152 			dma_free_coherent(&qedf->pdev->dev,
153 			    QEDF_SCSI_SENSE_BUFFERSIZE, io_req->sense_buffer,
154 			    io_req->sense_buffer_dma);
155 		cancel_delayed_work_sync(&io_req->rrq_work);
156 	}
157 
158 	/* Free command manager itself */
159 	vfree(cmgr);
160 }
161 
162 static void qedf_handle_rrq(struct work_struct *work)
163 {
164 	struct qedf_ioreq *io_req =
165 	    container_of(work, struct qedf_ioreq, rrq_work.work);
166 
167 	atomic_set(&io_req->state, QEDFC_CMD_ST_RRQ_ACTIVE);
168 	qedf_send_rrq(io_req);
169 
170 }
171 
172 struct qedf_cmd_mgr *qedf_cmd_mgr_alloc(struct qedf_ctx *qedf)
173 {
174 	struct qedf_cmd_mgr *cmgr;
175 	struct io_bdt *bdt_info;
176 	struct qedf_ioreq *io_req;
177 	u16 xid;
178 	int i;
179 	int num_ios;
180 	u16 min_xid = 0;
181 	u16 max_xid = (FCOE_PARAMS_NUM_TASKS - 1);
182 
183 	/* Make sure num_queues is already set before calling this function */
184 	if (!qedf->num_queues) {
185 		QEDF_ERR(&(qedf->dbg_ctx), "num_queues is not set.\n");
186 		return NULL;
187 	}
188 
189 	if (max_xid <= min_xid || max_xid == FC_XID_UNKNOWN) {
190 		QEDF_WARN(&(qedf->dbg_ctx), "Invalid min_xid 0x%x and "
191 			   "max_xid 0x%x.\n", min_xid, max_xid);
192 		return NULL;
193 	}
194 
195 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_DISC, "min xid 0x%x, max xid "
196 		   "0x%x.\n", min_xid, max_xid);
197 
198 	num_ios = max_xid - min_xid + 1;
199 
200 	cmgr = vzalloc(sizeof(struct qedf_cmd_mgr));
201 	if (!cmgr) {
202 		QEDF_WARN(&(qedf->dbg_ctx), "Failed to alloc cmd mgr.\n");
203 		return NULL;
204 	}
205 
206 	cmgr->qedf = qedf;
207 	spin_lock_init(&cmgr->lock);
208 
209 	/*
210 	 * Initialize I/O request fields.
211 	 */
212 	xid = 0;
213 
214 	for (i = 0; i < num_ios; i++) {
215 		io_req = &cmgr->cmds[i];
216 		INIT_DELAYED_WORK(&io_req->timeout_work, qedf_cmd_timeout);
217 
218 		io_req->xid = xid++;
219 
220 		INIT_DELAYED_WORK(&io_req->rrq_work, qedf_handle_rrq);
221 
222 		/* Allocate DMA memory to hold sense buffer */
223 		io_req->sense_buffer = dma_alloc_coherent(&qedf->pdev->dev,
224 		    QEDF_SCSI_SENSE_BUFFERSIZE, &io_req->sense_buffer_dma,
225 		    GFP_KERNEL);
226 		if (!io_req->sense_buffer) {
227 			QEDF_ERR(&qedf->dbg_ctx,
228 				 "Failed to alloc sense buffer.\n");
229 			goto mem_err;
230 		}
231 
232 		/* Allocate task parameters to pass to f/w init funcions */
233 		io_req->task_params = kzalloc(sizeof(*io_req->task_params),
234 					      GFP_KERNEL);
235 		if (!io_req->task_params) {
236 			QEDF_ERR(&(qedf->dbg_ctx),
237 				 "Failed to allocate task_params for xid=0x%x\n",
238 				 i);
239 			goto mem_err;
240 		}
241 
242 		/*
243 		 * Allocate scatter/gather list info to pass to f/w init
244 		 * functions.
245 		 */
246 		io_req->sgl_task_params = kzalloc(
247 		    sizeof(struct scsi_sgl_task_params), GFP_KERNEL);
248 		if (!io_req->sgl_task_params) {
249 			QEDF_ERR(&(qedf->dbg_ctx),
250 				 "Failed to allocate sgl_task_params for xid=0x%x\n",
251 				 i);
252 			goto mem_err;
253 		}
254 	}
255 
256 	/* Allocate pool of io_bdts - one for each qedf_ioreq */
257 	cmgr->io_bdt_pool = kmalloc_array(num_ios, sizeof(struct io_bdt *),
258 	    GFP_KERNEL);
259 
260 	if (!cmgr->io_bdt_pool) {
261 		QEDF_WARN(&(qedf->dbg_ctx), "Failed to alloc io_bdt_pool.\n");
262 		goto mem_err;
263 	}
264 
265 	for (i = 0; i < num_ios; i++) {
266 		cmgr->io_bdt_pool[i] = kmalloc(sizeof(struct io_bdt),
267 		    GFP_KERNEL);
268 		if (!cmgr->io_bdt_pool[i]) {
269 			QEDF_WARN(&(qedf->dbg_ctx),
270 				  "Failed to alloc io_bdt_pool[%d].\n", i);
271 			goto mem_err;
272 		}
273 	}
274 
275 	for (i = 0; i < num_ios; i++) {
276 		bdt_info = cmgr->io_bdt_pool[i];
277 		bdt_info->bd_tbl = dma_alloc_coherent(&qedf->pdev->dev,
278 		    QEDF_MAX_BDS_PER_CMD * sizeof(struct scsi_sge),
279 		    &bdt_info->bd_tbl_dma, GFP_KERNEL);
280 		if (!bdt_info->bd_tbl) {
281 			QEDF_WARN(&(qedf->dbg_ctx),
282 				  "Failed to alloc bdt_tbl[%d].\n", i);
283 			goto mem_err;
284 		}
285 	}
286 	atomic_set(&cmgr->free_list_cnt, num_ios);
287 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
288 	    "cmgr->free_list_cnt=%d.\n",
289 	    atomic_read(&cmgr->free_list_cnt));
290 
291 	return cmgr;
292 
293 mem_err:
294 	qedf_cmd_mgr_free(cmgr);
295 	return NULL;
296 }
297 
298 struct qedf_ioreq *qedf_alloc_cmd(struct qedf_rport *fcport, u8 cmd_type)
299 {
300 	struct qedf_ctx *qedf = fcport->qedf;
301 	struct qedf_cmd_mgr *cmd_mgr = qedf->cmd_mgr;
302 	struct qedf_ioreq *io_req = NULL;
303 	struct io_bdt *bd_tbl;
304 	u16 xid;
305 	uint32_t free_sqes;
306 	int i;
307 	unsigned long flags;
308 
309 	free_sqes = atomic_read(&fcport->free_sqes);
310 
311 	if (!free_sqes) {
312 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
313 		    "Returning NULL, free_sqes=%d.\n ",
314 		    free_sqes);
315 		goto out_failed;
316 	}
317 
318 	/* Limit the number of outstanding R/W tasks */
319 	if ((atomic_read(&fcport->num_active_ios) >=
320 	    NUM_RW_TASKS_PER_CONNECTION)) {
321 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
322 		    "Returning NULL, num_active_ios=%d.\n",
323 		    atomic_read(&fcport->num_active_ios));
324 		goto out_failed;
325 	}
326 
327 	/* Limit global TIDs certain tasks */
328 	if (atomic_read(&cmd_mgr->free_list_cnt) <= GBL_RSVD_TASKS) {
329 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
330 		    "Returning NULL, free_list_cnt=%d.\n",
331 		    atomic_read(&cmd_mgr->free_list_cnt));
332 		goto out_failed;
333 	}
334 
335 	spin_lock_irqsave(&cmd_mgr->lock, flags);
336 	for (i = 0; i < FCOE_PARAMS_NUM_TASKS; i++) {
337 		io_req = &cmd_mgr->cmds[cmd_mgr->idx];
338 		cmd_mgr->idx++;
339 		if (cmd_mgr->idx == FCOE_PARAMS_NUM_TASKS)
340 			cmd_mgr->idx = 0;
341 
342 		/* Check to make sure command was previously freed */
343 		if (!io_req->alloc)
344 			break;
345 	}
346 
347 	if (i == FCOE_PARAMS_NUM_TASKS) {
348 		spin_unlock_irqrestore(&cmd_mgr->lock, flags);
349 		goto out_failed;
350 	}
351 
352 	if (test_bit(QEDF_CMD_DIRTY, &io_req->flags))
353 		QEDF_ERR(&qedf->dbg_ctx,
354 			 "io_req found to be dirty ox_id = 0x%x.\n",
355 			 io_req->xid);
356 
357 	/* Clear any flags now that we've reallocated the xid */
358 	io_req->flags = 0;
359 	io_req->alloc = 1;
360 	spin_unlock_irqrestore(&cmd_mgr->lock, flags);
361 
362 	atomic_inc(&fcport->num_active_ios);
363 	atomic_dec(&fcport->free_sqes);
364 	xid = io_req->xid;
365 	atomic_dec(&cmd_mgr->free_list_cnt);
366 
367 	io_req->cmd_mgr = cmd_mgr;
368 	io_req->fcport = fcport;
369 
370 	/* Clear any stale sc_cmd back pointer */
371 	io_req->sc_cmd = NULL;
372 	io_req->lun = -1;
373 
374 	/* Hold the io_req against deletion */
375 	kref_init(&io_req->refcount);	/* ID: 001 */
376 	atomic_set(&io_req->state, QEDFC_CMD_ST_IO_ACTIVE);
377 
378 	/* Bind io_bdt for this io_req */
379 	/* Have a static link between io_req and io_bdt_pool */
380 	bd_tbl = io_req->bd_tbl = cmd_mgr->io_bdt_pool[xid];
381 	if (bd_tbl == NULL) {
382 		QEDF_ERR(&(qedf->dbg_ctx), "bd_tbl is NULL, xid=%x.\n", xid);
383 		kref_put(&io_req->refcount, qedf_release_cmd);
384 		goto out_failed;
385 	}
386 	bd_tbl->io_req = io_req;
387 	io_req->cmd_type = cmd_type;
388 	io_req->tm_flags = 0;
389 
390 	/* Reset sequence offset data */
391 	io_req->rx_buf_off = 0;
392 	io_req->tx_buf_off = 0;
393 	io_req->rx_id = 0xffff; /* No OX_ID */
394 
395 	return io_req;
396 
397 out_failed:
398 	/* Record failure for stats and return NULL to caller */
399 	qedf->alloc_failures++;
400 	return NULL;
401 }
402 
403 static void qedf_free_mp_resc(struct qedf_ioreq *io_req)
404 {
405 	struct qedf_mp_req *mp_req = &(io_req->mp_req);
406 	struct qedf_ctx *qedf = io_req->fcport->qedf;
407 	uint64_t sz = sizeof(struct scsi_sge);
408 
409 	/* clear tm flags */
410 	if (mp_req->mp_req_bd) {
411 		dma_free_coherent(&qedf->pdev->dev, sz,
412 		    mp_req->mp_req_bd, mp_req->mp_req_bd_dma);
413 		mp_req->mp_req_bd = NULL;
414 	}
415 	if (mp_req->mp_resp_bd) {
416 		dma_free_coherent(&qedf->pdev->dev, sz,
417 		    mp_req->mp_resp_bd, mp_req->mp_resp_bd_dma);
418 		mp_req->mp_resp_bd = NULL;
419 	}
420 	if (mp_req->req_buf) {
421 		dma_free_coherent(&qedf->pdev->dev, QEDF_PAGE_SIZE,
422 		    mp_req->req_buf, mp_req->req_buf_dma);
423 		mp_req->req_buf = NULL;
424 	}
425 	if (mp_req->resp_buf) {
426 		dma_free_coherent(&qedf->pdev->dev, QEDF_PAGE_SIZE,
427 		    mp_req->resp_buf, mp_req->resp_buf_dma);
428 		mp_req->resp_buf = NULL;
429 	}
430 }
431 
432 void qedf_release_cmd(struct kref *ref)
433 {
434 	struct qedf_ioreq *io_req =
435 	    container_of(ref, struct qedf_ioreq, refcount);
436 	struct qedf_cmd_mgr *cmd_mgr = io_req->cmd_mgr;
437 	struct qedf_rport *fcport = io_req->fcport;
438 	unsigned long flags;
439 
440 	if (io_req->cmd_type == QEDF_SCSI_CMD) {
441 		QEDF_WARN(&fcport->qedf->dbg_ctx,
442 			  "Cmd released called without scsi_done called, io_req %p xid=0x%x.\n",
443 			  io_req, io_req->xid);
444 		WARN_ON(io_req->sc_cmd);
445 	}
446 
447 	if (io_req->cmd_type == QEDF_ELS ||
448 	    io_req->cmd_type == QEDF_TASK_MGMT_CMD)
449 		qedf_free_mp_resc(io_req);
450 
451 	atomic_inc(&cmd_mgr->free_list_cnt);
452 	atomic_dec(&fcport->num_active_ios);
453 	atomic_set(&io_req->state, QEDF_CMD_ST_INACTIVE);
454 	if (atomic_read(&fcport->num_active_ios) < 0) {
455 		QEDF_WARN(&(fcport->qedf->dbg_ctx), "active_ios < 0.\n");
456 		WARN_ON(1);
457 	}
458 
459 	/* Increment task retry identifier now that the request is released */
460 	io_req->task_retry_identifier++;
461 	io_req->fcport = NULL;
462 
463 	clear_bit(QEDF_CMD_DIRTY, &io_req->flags);
464 	io_req->cpu = 0;
465 	spin_lock_irqsave(&cmd_mgr->lock, flags);
466 	io_req->fcport = NULL;
467 	io_req->alloc = 0;
468 	spin_unlock_irqrestore(&cmd_mgr->lock, flags);
469 }
470 
471 static int qedf_map_sg(struct qedf_ioreq *io_req)
472 {
473 	struct scsi_cmnd *sc = io_req->sc_cmd;
474 	struct Scsi_Host *host = sc->device->host;
475 	struct fc_lport *lport = shost_priv(host);
476 	struct qedf_ctx *qedf = lport_priv(lport);
477 	struct scsi_sge *bd = io_req->bd_tbl->bd_tbl;
478 	struct scatterlist *sg;
479 	int byte_count = 0;
480 	int sg_count = 0;
481 	int bd_count = 0;
482 	u32 sg_len;
483 	u64 addr;
484 	int i = 0;
485 
486 	sg_count = dma_map_sg(&qedf->pdev->dev, scsi_sglist(sc),
487 	    scsi_sg_count(sc), sc->sc_data_direction);
488 	sg = scsi_sglist(sc);
489 
490 	io_req->sge_type = QEDF_IOREQ_UNKNOWN_SGE;
491 
492 	if (sg_count <= 8 || io_req->io_req_flags == QEDF_READ)
493 		io_req->sge_type = QEDF_IOREQ_FAST_SGE;
494 
495 	scsi_for_each_sg(sc, sg, sg_count, i) {
496 		sg_len = (u32)sg_dma_len(sg);
497 		addr = (u64)sg_dma_address(sg);
498 
499 		/*
500 		 * Intermediate s/g element so check if start address
501 		 * is page aligned.  Only required for writes and only if the
502 		 * number of scatter/gather elements is 8 or more.
503 		 */
504 		if (io_req->sge_type == QEDF_IOREQ_UNKNOWN_SGE && (i) &&
505 		    (i != (sg_count - 1)) && sg_len < QEDF_PAGE_SIZE)
506 			io_req->sge_type = QEDF_IOREQ_SLOW_SGE;
507 
508 		bd[bd_count].sge_addr.lo = cpu_to_le32(U64_LO(addr));
509 		bd[bd_count].sge_addr.hi  = cpu_to_le32(U64_HI(addr));
510 		bd[bd_count].sge_len = cpu_to_le32(sg_len);
511 
512 		bd_count++;
513 		byte_count += sg_len;
514 	}
515 
516 	/* To catch a case where FAST and SLOW nothing is set, set FAST */
517 	if (io_req->sge_type == QEDF_IOREQ_UNKNOWN_SGE)
518 		io_req->sge_type = QEDF_IOREQ_FAST_SGE;
519 
520 	if (byte_count != scsi_bufflen(sc))
521 		QEDF_ERR(&(qedf->dbg_ctx), "byte_count = %d != "
522 			  "scsi_bufflen = %d, task_id = 0x%x.\n", byte_count,
523 			   scsi_bufflen(sc), io_req->xid);
524 
525 	return bd_count;
526 }
527 
528 static int qedf_build_bd_list_from_sg(struct qedf_ioreq *io_req)
529 {
530 	struct scsi_cmnd *sc = io_req->sc_cmd;
531 	struct scsi_sge *bd = io_req->bd_tbl->bd_tbl;
532 	int bd_count;
533 
534 	if (scsi_sg_count(sc)) {
535 		bd_count = qedf_map_sg(io_req);
536 		if (bd_count == 0)
537 			return -ENOMEM;
538 	} else {
539 		bd_count = 0;
540 		bd[0].sge_addr.lo = bd[0].sge_addr.hi = 0;
541 		bd[0].sge_len = 0;
542 	}
543 	io_req->bd_tbl->bd_valid = bd_count;
544 
545 	return 0;
546 }
547 
548 static void qedf_build_fcp_cmnd(struct qedf_ioreq *io_req,
549 				  struct fcp_cmnd *fcp_cmnd)
550 {
551 	struct scsi_cmnd *sc_cmd = io_req->sc_cmd;
552 
553 	/* fcp_cmnd is 32 bytes */
554 	memset(fcp_cmnd, 0, FCP_CMND_LEN);
555 
556 	/* 8 bytes: SCSI LUN info */
557 	int_to_scsilun(sc_cmd->device->lun,
558 			(struct scsi_lun *)&fcp_cmnd->fc_lun);
559 
560 	/* 4 bytes: flag info */
561 	fcp_cmnd->fc_pri_ta = 0;
562 	fcp_cmnd->fc_tm_flags = io_req->tm_flags;
563 	fcp_cmnd->fc_flags = io_req->io_req_flags;
564 	fcp_cmnd->fc_cmdref = 0;
565 
566 	/* Populate data direction */
567 	if (io_req->cmd_type == QEDF_TASK_MGMT_CMD) {
568 		fcp_cmnd->fc_flags |= FCP_CFL_RDDATA;
569 	} else {
570 		if (sc_cmd->sc_data_direction == DMA_TO_DEVICE)
571 			fcp_cmnd->fc_flags |= FCP_CFL_WRDATA;
572 		else if (sc_cmd->sc_data_direction == DMA_FROM_DEVICE)
573 			fcp_cmnd->fc_flags |= FCP_CFL_RDDATA;
574 	}
575 
576 	fcp_cmnd->fc_pri_ta = FCP_PTA_SIMPLE;
577 
578 	/* 16 bytes: CDB information */
579 	if (io_req->cmd_type != QEDF_TASK_MGMT_CMD)
580 		memcpy(fcp_cmnd->fc_cdb, sc_cmd->cmnd, sc_cmd->cmd_len);
581 
582 	/* 4 bytes: FCP data length */
583 	fcp_cmnd->fc_dl = htonl(io_req->data_xfer_len);
584 }
585 
586 static void  qedf_init_task(struct qedf_rport *fcport, struct fc_lport *lport,
587 	struct qedf_ioreq *io_req, struct fcoe_task_context *task_ctx,
588 	struct fcoe_wqe *sqe)
589 {
590 	enum fcoe_task_type task_type;
591 	struct scsi_cmnd *sc_cmd = io_req->sc_cmd;
592 	struct io_bdt *bd_tbl = io_req->bd_tbl;
593 	u8 fcp_cmnd[32];
594 	u32 tmp_fcp_cmnd[8];
595 	int bd_count = 0;
596 	struct qedf_ctx *qedf = fcport->qedf;
597 	uint16_t cq_idx = smp_processor_id() % qedf->num_queues;
598 	struct regpair sense_data_buffer_phys_addr;
599 	u32 tx_io_size = 0;
600 	u32 rx_io_size = 0;
601 	int i, cnt;
602 
603 	/* Note init_initiator_rw_fcoe_task memsets the task context */
604 	io_req->task = task_ctx;
605 	memset(task_ctx, 0, sizeof(struct fcoe_task_context));
606 	memset(io_req->task_params, 0, sizeof(struct fcoe_task_params));
607 	memset(io_req->sgl_task_params, 0, sizeof(struct scsi_sgl_task_params));
608 
609 	/* Set task type bassed on DMA directio of command */
610 	if (io_req->cmd_type == QEDF_TASK_MGMT_CMD) {
611 		task_type = FCOE_TASK_TYPE_READ_INITIATOR;
612 	} else {
613 		if (sc_cmd->sc_data_direction == DMA_TO_DEVICE) {
614 			task_type = FCOE_TASK_TYPE_WRITE_INITIATOR;
615 			tx_io_size = io_req->data_xfer_len;
616 		} else {
617 			task_type = FCOE_TASK_TYPE_READ_INITIATOR;
618 			rx_io_size = io_req->data_xfer_len;
619 		}
620 	}
621 
622 	/* Setup the fields for fcoe_task_params */
623 	io_req->task_params->context = task_ctx;
624 	io_req->task_params->sqe = sqe;
625 	io_req->task_params->task_type = task_type;
626 	io_req->task_params->tx_io_size = tx_io_size;
627 	io_req->task_params->rx_io_size = rx_io_size;
628 	io_req->task_params->conn_cid = fcport->fw_cid;
629 	io_req->task_params->itid = io_req->xid;
630 	io_req->task_params->cq_rss_number = cq_idx;
631 	io_req->task_params->is_tape_device = fcport->dev_type;
632 
633 	/* Fill in information for scatter/gather list */
634 	if (io_req->cmd_type != QEDF_TASK_MGMT_CMD) {
635 		bd_count = bd_tbl->bd_valid;
636 		io_req->sgl_task_params->sgl = bd_tbl->bd_tbl;
637 		io_req->sgl_task_params->sgl_phys_addr.lo =
638 			U64_LO(bd_tbl->bd_tbl_dma);
639 		io_req->sgl_task_params->sgl_phys_addr.hi =
640 			U64_HI(bd_tbl->bd_tbl_dma);
641 		io_req->sgl_task_params->num_sges = bd_count;
642 		io_req->sgl_task_params->total_buffer_size =
643 		    scsi_bufflen(io_req->sc_cmd);
644 		if (io_req->sge_type == QEDF_IOREQ_SLOW_SGE)
645 			io_req->sgl_task_params->small_mid_sge = 1;
646 		else
647 			io_req->sgl_task_params->small_mid_sge = 0;
648 	}
649 
650 	/* Fill in physical address of sense buffer */
651 	sense_data_buffer_phys_addr.lo = U64_LO(io_req->sense_buffer_dma);
652 	sense_data_buffer_phys_addr.hi = U64_HI(io_req->sense_buffer_dma);
653 
654 	/* fill FCP_CMND IU */
655 	qedf_build_fcp_cmnd(io_req, (struct fcp_cmnd *)tmp_fcp_cmnd);
656 
657 	/* Swap fcp_cmnd since FC is big endian */
658 	cnt = sizeof(struct fcp_cmnd) / sizeof(u32);
659 	for (i = 0; i < cnt; i++) {
660 		tmp_fcp_cmnd[i] = cpu_to_be32(tmp_fcp_cmnd[i]);
661 	}
662 	memcpy(fcp_cmnd, tmp_fcp_cmnd, sizeof(struct fcp_cmnd));
663 
664 	init_initiator_rw_fcoe_task(io_req->task_params,
665 				    io_req->sgl_task_params,
666 				    sense_data_buffer_phys_addr,
667 				    io_req->task_retry_identifier, fcp_cmnd);
668 
669 	/* Increment SGL type counters */
670 	if (io_req->sge_type == QEDF_IOREQ_SLOW_SGE)
671 		qedf->slow_sge_ios++;
672 	else
673 		qedf->fast_sge_ios++;
674 }
675 
676 void qedf_init_mp_task(struct qedf_ioreq *io_req,
677 	struct fcoe_task_context *task_ctx, struct fcoe_wqe *sqe)
678 {
679 	struct qedf_mp_req *mp_req = &(io_req->mp_req);
680 	struct qedf_rport *fcport = io_req->fcport;
681 	struct qedf_ctx *qedf = io_req->fcport->qedf;
682 	struct fc_frame_header *fc_hdr;
683 	struct fcoe_tx_mid_path_params task_fc_hdr;
684 	struct scsi_sgl_task_params tx_sgl_task_params;
685 	struct scsi_sgl_task_params rx_sgl_task_params;
686 
687 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_DISC,
688 		  "Initializing MP task for cmd_type=%d\n",
689 		  io_req->cmd_type);
690 
691 	qedf->control_requests++;
692 
693 	memset(&tx_sgl_task_params, 0, sizeof(struct scsi_sgl_task_params));
694 	memset(&rx_sgl_task_params, 0, sizeof(struct scsi_sgl_task_params));
695 	memset(task_ctx, 0, sizeof(struct fcoe_task_context));
696 	memset(&task_fc_hdr, 0, sizeof(struct fcoe_tx_mid_path_params));
697 
698 	/* Setup the task from io_req for easy reference */
699 	io_req->task = task_ctx;
700 
701 	/* Setup the fields for fcoe_task_params */
702 	io_req->task_params->context = task_ctx;
703 	io_req->task_params->sqe = sqe;
704 	io_req->task_params->task_type = FCOE_TASK_TYPE_MIDPATH;
705 	io_req->task_params->tx_io_size = io_req->data_xfer_len;
706 	/* rx_io_size tells the f/w how large a response buffer we have */
707 	io_req->task_params->rx_io_size = PAGE_SIZE;
708 	io_req->task_params->conn_cid = fcport->fw_cid;
709 	io_req->task_params->itid = io_req->xid;
710 	/* Return middle path commands on CQ 0 */
711 	io_req->task_params->cq_rss_number = 0;
712 	io_req->task_params->is_tape_device = fcport->dev_type;
713 
714 	fc_hdr = &(mp_req->req_fc_hdr);
715 	/* Set OX_ID and RX_ID based on driver task id */
716 	fc_hdr->fh_ox_id = io_req->xid;
717 	fc_hdr->fh_rx_id = htons(0xffff);
718 
719 	/* Set up FC header information */
720 	task_fc_hdr.parameter = fc_hdr->fh_parm_offset;
721 	task_fc_hdr.r_ctl = fc_hdr->fh_r_ctl;
722 	task_fc_hdr.type = fc_hdr->fh_type;
723 	task_fc_hdr.cs_ctl = fc_hdr->fh_cs_ctl;
724 	task_fc_hdr.df_ctl = fc_hdr->fh_df_ctl;
725 	task_fc_hdr.rx_id = fc_hdr->fh_rx_id;
726 	task_fc_hdr.ox_id = fc_hdr->fh_ox_id;
727 
728 	/* Set up s/g list parameters for request buffer */
729 	tx_sgl_task_params.sgl = mp_req->mp_req_bd;
730 	tx_sgl_task_params.sgl_phys_addr.lo = U64_LO(mp_req->mp_req_bd_dma);
731 	tx_sgl_task_params.sgl_phys_addr.hi = U64_HI(mp_req->mp_req_bd_dma);
732 	tx_sgl_task_params.num_sges = 1;
733 	/* Set PAGE_SIZE for now since sg element is that size ??? */
734 	tx_sgl_task_params.total_buffer_size = io_req->data_xfer_len;
735 	tx_sgl_task_params.small_mid_sge = 0;
736 
737 	/* Set up s/g list parameters for request buffer */
738 	rx_sgl_task_params.sgl = mp_req->mp_resp_bd;
739 	rx_sgl_task_params.sgl_phys_addr.lo = U64_LO(mp_req->mp_resp_bd_dma);
740 	rx_sgl_task_params.sgl_phys_addr.hi = U64_HI(mp_req->mp_resp_bd_dma);
741 	rx_sgl_task_params.num_sges = 1;
742 	/* Set PAGE_SIZE for now since sg element is that size ??? */
743 	rx_sgl_task_params.total_buffer_size = PAGE_SIZE;
744 	rx_sgl_task_params.small_mid_sge = 0;
745 
746 
747 	/*
748 	 * Last arg is 0 as previous code did not set that we wanted the
749 	 * fc header information.
750 	 */
751 	init_initiator_midpath_unsolicited_fcoe_task(io_req->task_params,
752 						     &task_fc_hdr,
753 						     &tx_sgl_task_params,
754 						     &rx_sgl_task_params, 0);
755 }
756 
757 /* Presumed that fcport->rport_lock is held */
758 u16 qedf_get_sqe_idx(struct qedf_rport *fcport)
759 {
760 	uint16_t total_sqe = (fcport->sq_mem_size)/(sizeof(struct fcoe_wqe));
761 	u16 rval;
762 
763 	rval = fcport->sq_prod_idx;
764 
765 	/* Adjust ring index */
766 	fcport->sq_prod_idx++;
767 	fcport->fw_sq_prod_idx++;
768 	if (fcport->sq_prod_idx == total_sqe)
769 		fcport->sq_prod_idx = 0;
770 
771 	return rval;
772 }
773 
774 void qedf_ring_doorbell(struct qedf_rport *fcport)
775 {
776 	struct fcoe_db_data dbell = { 0 };
777 
778 	dbell.agg_flags = 0;
779 
780 	dbell.params |= DB_DEST_XCM << FCOE_DB_DATA_DEST_SHIFT;
781 	dbell.params |= DB_AGG_CMD_SET << FCOE_DB_DATA_AGG_CMD_SHIFT;
782 	dbell.params |= DQ_XCM_FCOE_SQ_PROD_CMD <<
783 	    FCOE_DB_DATA_AGG_VAL_SEL_SHIFT;
784 
785 	dbell.sq_prod = fcport->fw_sq_prod_idx;
786 	/* wmb makes sure that the BDs data is updated before updating the
787 	 * producer, otherwise FW may read old data from the BDs.
788 	 */
789 	wmb();
790 	barrier();
791 	writel(*(u32 *)&dbell, fcport->p_doorbell);
792 	/*
793 	 * Fence required to flush the write combined buffer, since another
794 	 * CPU may write to the same doorbell address and data may be lost
795 	 * due to relaxed order nature of write combined bar.
796 	 */
797 	wmb();
798 }
799 
800 static void qedf_trace_io(struct qedf_rport *fcport, struct qedf_ioreq *io_req,
801 			  int8_t direction)
802 {
803 	struct qedf_ctx *qedf = fcport->qedf;
804 	struct qedf_io_log *io_log;
805 	struct scsi_cmnd *sc_cmd = io_req->sc_cmd;
806 	unsigned long flags;
807 	uint8_t op;
808 
809 	spin_lock_irqsave(&qedf->io_trace_lock, flags);
810 
811 	io_log = &qedf->io_trace_buf[qedf->io_trace_idx];
812 	io_log->direction = direction;
813 	io_log->task_id = io_req->xid;
814 	io_log->port_id = fcport->rdata->ids.port_id;
815 	io_log->lun = sc_cmd->device->lun;
816 	io_log->op = op = sc_cmd->cmnd[0];
817 	io_log->lba[0] = sc_cmd->cmnd[2];
818 	io_log->lba[1] = sc_cmd->cmnd[3];
819 	io_log->lba[2] = sc_cmd->cmnd[4];
820 	io_log->lba[3] = sc_cmd->cmnd[5];
821 	io_log->bufflen = scsi_bufflen(sc_cmd);
822 	io_log->sg_count = scsi_sg_count(sc_cmd);
823 	io_log->result = sc_cmd->result;
824 	io_log->jiffies = jiffies;
825 	io_log->refcount = kref_read(&io_req->refcount);
826 
827 	if (direction == QEDF_IO_TRACE_REQ) {
828 		/* For requests we only care abot the submission CPU */
829 		io_log->req_cpu = io_req->cpu;
830 		io_log->int_cpu = 0;
831 		io_log->rsp_cpu = 0;
832 	} else if (direction == QEDF_IO_TRACE_RSP) {
833 		io_log->req_cpu = io_req->cpu;
834 		io_log->int_cpu = io_req->int_cpu;
835 		io_log->rsp_cpu = smp_processor_id();
836 	}
837 
838 	io_log->sge_type = io_req->sge_type;
839 
840 	qedf->io_trace_idx++;
841 	if (qedf->io_trace_idx == QEDF_IO_TRACE_SIZE)
842 		qedf->io_trace_idx = 0;
843 
844 	spin_unlock_irqrestore(&qedf->io_trace_lock, flags);
845 }
846 
847 int qedf_post_io_req(struct qedf_rport *fcport, struct qedf_ioreq *io_req)
848 {
849 	struct scsi_cmnd *sc_cmd = io_req->sc_cmd;
850 	struct Scsi_Host *host = sc_cmd->device->host;
851 	struct fc_lport *lport = shost_priv(host);
852 	struct qedf_ctx *qedf = lport_priv(lport);
853 	struct fcoe_task_context *task_ctx;
854 	u16 xid;
855 	struct fcoe_wqe *sqe;
856 	u16 sqe_idx;
857 
858 	/* Initialize rest of io_req fileds */
859 	io_req->data_xfer_len = scsi_bufflen(sc_cmd);
860 	qedf_priv(sc_cmd)->io_req = io_req;
861 	io_req->sge_type = QEDF_IOREQ_FAST_SGE; /* Assume fast SGL by default */
862 
863 	/* Record which cpu this request is associated with */
864 	io_req->cpu = smp_processor_id();
865 
866 	if (sc_cmd->sc_data_direction == DMA_FROM_DEVICE) {
867 		io_req->io_req_flags = QEDF_READ;
868 		qedf->input_requests++;
869 	} else if (sc_cmd->sc_data_direction == DMA_TO_DEVICE) {
870 		io_req->io_req_flags = QEDF_WRITE;
871 		qedf->output_requests++;
872 	} else {
873 		io_req->io_req_flags = 0;
874 		qedf->control_requests++;
875 	}
876 
877 	xid = io_req->xid;
878 
879 	/* Build buffer descriptor list for firmware from sg list */
880 	if (qedf_build_bd_list_from_sg(io_req)) {
881 		QEDF_ERR(&(qedf->dbg_ctx), "BD list creation failed.\n");
882 		/* Release cmd will release io_req, but sc_cmd is assigned */
883 		io_req->sc_cmd = NULL;
884 		kref_put(&io_req->refcount, qedf_release_cmd);
885 		return -EAGAIN;
886 	}
887 
888 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags) ||
889 	    test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
890 		QEDF_ERR(&(qedf->dbg_ctx), "Session not offloaded yet.\n");
891 		/* Release cmd will release io_req, but sc_cmd is assigned */
892 		io_req->sc_cmd = NULL;
893 		kref_put(&io_req->refcount, qedf_release_cmd);
894 		return -EINVAL;
895 	}
896 
897 	/* Record LUN number for later use if we neeed them */
898 	io_req->lun = (int)sc_cmd->device->lun;
899 
900 	/* Obtain free SQE */
901 	sqe_idx = qedf_get_sqe_idx(fcport);
902 	sqe = &fcport->sq[sqe_idx];
903 	memset(sqe, 0, sizeof(struct fcoe_wqe));
904 
905 	/* Get the task context */
906 	task_ctx = qedf_get_task_mem(&qedf->tasks, xid);
907 	if (!task_ctx) {
908 		QEDF_WARN(&(qedf->dbg_ctx), "task_ctx is NULL, xid=%d.\n",
909 			   xid);
910 		/* Release cmd will release io_req, but sc_cmd is assigned */
911 		io_req->sc_cmd = NULL;
912 		kref_put(&io_req->refcount, qedf_release_cmd);
913 		return -EINVAL;
914 	}
915 
916 	qedf_init_task(fcport, lport, io_req, task_ctx, sqe);
917 
918 	/* Ring doorbell */
919 	qedf_ring_doorbell(fcport);
920 
921 	/* Set that command is with the firmware now */
922 	set_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
923 
924 	if (qedf_io_tracing && io_req->sc_cmd)
925 		qedf_trace_io(fcport, io_req, QEDF_IO_TRACE_REQ);
926 
927 	return false;
928 }
929 
930 int
931 qedf_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *sc_cmd)
932 {
933 	struct fc_lport *lport = shost_priv(host);
934 	struct qedf_ctx *qedf = lport_priv(lport);
935 	struct fc_rport *rport = starget_to_rport(scsi_target(sc_cmd->device));
936 	struct fc_rport_libfc_priv *rp = rport->dd_data;
937 	struct qedf_rport *fcport;
938 	struct qedf_ioreq *io_req;
939 	int rc = 0;
940 	int rval;
941 	unsigned long flags = 0;
942 	int num_sgs = 0;
943 
944 	num_sgs = scsi_sg_count(sc_cmd);
945 	if (scsi_sg_count(sc_cmd) > QEDF_MAX_BDS_PER_CMD) {
946 		QEDF_ERR(&qedf->dbg_ctx,
947 			 "Number of SG elements %d exceeds what hardware limitation of %d.\n",
948 			 num_sgs, QEDF_MAX_BDS_PER_CMD);
949 		sc_cmd->result = DID_ERROR;
950 		scsi_done(sc_cmd);
951 		return 0;
952 	}
953 
954 	if (test_bit(QEDF_UNLOADING, &qedf->flags) ||
955 	    test_bit(QEDF_DBG_STOP_IO, &qedf->flags)) {
956 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
957 			  "Returning DNC as unloading or stop io, flags 0x%lx.\n",
958 			  qedf->flags);
959 		sc_cmd->result = DID_NO_CONNECT << 16;
960 		scsi_done(sc_cmd);
961 		return 0;
962 	}
963 
964 	if (!qedf->pdev->msix_enabled) {
965 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
966 		    "Completing sc_cmd=%p DID_NO_CONNECT as MSI-X is not enabled.\n",
967 		    sc_cmd);
968 		sc_cmd->result = DID_NO_CONNECT << 16;
969 		scsi_done(sc_cmd);
970 		return 0;
971 	}
972 
973 	rval = fc_remote_port_chkready(rport);
974 	if (rval) {
975 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
976 			  "fc_remote_port_chkready failed=0x%x for port_id=0x%06x.\n",
977 			  rval, rport->port_id);
978 		sc_cmd->result = rval;
979 		scsi_done(sc_cmd);
980 		return 0;
981 	}
982 
983 	/* Retry command if we are doing a qed drain operation */
984 	if (test_bit(QEDF_DRAIN_ACTIVE, &qedf->flags)) {
985 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO, "Drain active.\n");
986 		rc = SCSI_MLQUEUE_HOST_BUSY;
987 		goto exit_qcmd;
988 	}
989 
990 	if (lport->state != LPORT_ST_READY ||
991 	    atomic_read(&qedf->link_state) != QEDF_LINK_UP) {
992 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO, "Link down.\n");
993 		rc = SCSI_MLQUEUE_HOST_BUSY;
994 		goto exit_qcmd;
995 	}
996 
997 	/* rport and tgt are allocated together, so tgt should be non-NULL */
998 	fcport = (struct qedf_rport *)&rp[1];
999 
1000 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags) ||
1001 	    test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
1002 		/*
1003 		 * Session is not offloaded yet. Let SCSI-ml retry
1004 		 * the command.
1005 		 */
1006 		rc = SCSI_MLQUEUE_TARGET_BUSY;
1007 		goto exit_qcmd;
1008 	}
1009 
1010 	atomic_inc(&fcport->ios_to_queue);
1011 
1012 	if (fcport->retry_delay_timestamp) {
1013 		/* Take fcport->rport_lock for resetting the delay_timestamp */
1014 		spin_lock_irqsave(&fcport->rport_lock, flags);
1015 		if (time_after(jiffies, fcport->retry_delay_timestamp)) {
1016 			fcport->retry_delay_timestamp = 0;
1017 		} else {
1018 			spin_unlock_irqrestore(&fcport->rport_lock, flags);
1019 			/* If retry_delay timer is active, flow off the ML */
1020 			rc = SCSI_MLQUEUE_TARGET_BUSY;
1021 			atomic_dec(&fcport->ios_to_queue);
1022 			goto exit_qcmd;
1023 		}
1024 		spin_unlock_irqrestore(&fcport->rport_lock, flags);
1025 	}
1026 
1027 	io_req = qedf_alloc_cmd(fcport, QEDF_SCSI_CMD);
1028 	if (!io_req) {
1029 		rc = SCSI_MLQUEUE_HOST_BUSY;
1030 		atomic_dec(&fcport->ios_to_queue);
1031 		goto exit_qcmd;
1032 	}
1033 
1034 	io_req->sc_cmd = sc_cmd;
1035 
1036 	/* Take fcport->rport_lock for posting to fcport send queue */
1037 	spin_lock_irqsave(&fcport->rport_lock, flags);
1038 	if (qedf_post_io_req(fcport, io_req)) {
1039 		QEDF_WARN(&(qedf->dbg_ctx), "Unable to post io_req\n");
1040 		/* Return SQE to pool */
1041 		atomic_inc(&fcport->free_sqes);
1042 		rc = SCSI_MLQUEUE_HOST_BUSY;
1043 	}
1044 	spin_unlock_irqrestore(&fcport->rport_lock, flags);
1045 	atomic_dec(&fcport->ios_to_queue);
1046 
1047 exit_qcmd:
1048 	return rc;
1049 }
1050 
1051 static void qedf_parse_fcp_rsp(struct qedf_ioreq *io_req,
1052 				 struct fcoe_cqe_rsp_info *fcp_rsp)
1053 {
1054 	struct scsi_cmnd *sc_cmd = io_req->sc_cmd;
1055 	struct qedf_ctx *qedf = io_req->fcport->qedf;
1056 	u8 rsp_flags = fcp_rsp->rsp_flags.flags;
1057 	int fcp_sns_len = 0;
1058 	int fcp_rsp_len = 0;
1059 	uint8_t *rsp_info, *sense_data;
1060 
1061 	io_req->fcp_status = FC_GOOD;
1062 	io_req->fcp_resid = 0;
1063 	if (rsp_flags & (FCOE_FCP_RSP_FLAGS_FCP_RESID_OVER |
1064 	    FCOE_FCP_RSP_FLAGS_FCP_RESID_UNDER))
1065 		io_req->fcp_resid = fcp_rsp->fcp_resid;
1066 
1067 	io_req->scsi_comp_flags = rsp_flags;
1068 	io_req->cdb_status = fcp_rsp->scsi_status_code;
1069 
1070 	if (rsp_flags &
1071 	    FCOE_FCP_RSP_FLAGS_FCP_RSP_LEN_VALID)
1072 		fcp_rsp_len = fcp_rsp->fcp_rsp_len;
1073 
1074 	if (rsp_flags &
1075 	    FCOE_FCP_RSP_FLAGS_FCP_SNS_LEN_VALID)
1076 		fcp_sns_len = fcp_rsp->fcp_sns_len;
1077 
1078 	io_req->fcp_rsp_len = fcp_rsp_len;
1079 	io_req->fcp_sns_len = fcp_sns_len;
1080 	rsp_info = sense_data = io_req->sense_buffer;
1081 
1082 	/* fetch fcp_rsp_code */
1083 	if ((fcp_rsp_len == 4) || (fcp_rsp_len == 8)) {
1084 		/* Only for task management function */
1085 		io_req->fcp_rsp_code = rsp_info[3];
1086 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
1087 		    "fcp_rsp_code = %d\n", io_req->fcp_rsp_code);
1088 		/* Adjust sense-data location. */
1089 		sense_data += fcp_rsp_len;
1090 	}
1091 
1092 	if (fcp_sns_len > SCSI_SENSE_BUFFERSIZE) {
1093 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
1094 		    "Truncating sense buffer\n");
1095 		fcp_sns_len = SCSI_SENSE_BUFFERSIZE;
1096 	}
1097 
1098 	/* The sense buffer can be NULL for TMF commands */
1099 	if (sc_cmd->sense_buffer) {
1100 		memset(sc_cmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
1101 		if (fcp_sns_len)
1102 			memcpy(sc_cmd->sense_buffer, sense_data,
1103 			    fcp_sns_len);
1104 	}
1105 }
1106 
1107 static void qedf_unmap_sg_list(struct qedf_ctx *qedf, struct qedf_ioreq *io_req)
1108 {
1109 	struct scsi_cmnd *sc = io_req->sc_cmd;
1110 
1111 	if (io_req->bd_tbl->bd_valid && sc && scsi_sg_count(sc)) {
1112 		dma_unmap_sg(&qedf->pdev->dev, scsi_sglist(sc),
1113 		    scsi_sg_count(sc), sc->sc_data_direction);
1114 		io_req->bd_tbl->bd_valid = 0;
1115 	}
1116 }
1117 
1118 void qedf_scsi_completion(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
1119 	struct qedf_ioreq *io_req)
1120 {
1121 	struct scsi_cmnd *sc_cmd;
1122 	struct fcoe_cqe_rsp_info *fcp_rsp;
1123 	struct qedf_rport *fcport;
1124 	int refcount;
1125 	u16 scope, qualifier = 0;
1126 	u8 fw_residual_flag = 0;
1127 	unsigned long flags = 0;
1128 	u16 chk_scope = 0;
1129 
1130 	if (!io_req)
1131 		return;
1132 	if (!cqe)
1133 		return;
1134 
1135 	if (!test_bit(QEDF_CMD_OUTSTANDING, &io_req->flags) ||
1136 	    test_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags) ||
1137 	    test_bit(QEDF_CMD_IN_ABORT, &io_req->flags)) {
1138 		QEDF_ERR(&qedf->dbg_ctx,
1139 			 "io_req xid=0x%x already in cleanup or abort processing or already completed.\n",
1140 			 io_req->xid);
1141 		return;
1142 	}
1143 
1144 	sc_cmd = io_req->sc_cmd;
1145 	fcp_rsp = &cqe->cqe_info.rsp_info;
1146 
1147 	if (!sc_cmd) {
1148 		QEDF_WARN(&(qedf->dbg_ctx), "sc_cmd is NULL!\n");
1149 		return;
1150 	}
1151 
1152 	if (!qedf_priv(sc_cmd)->io_req) {
1153 		QEDF_WARN(&(qedf->dbg_ctx),
1154 			  "io_req is NULL, returned in another context.\n");
1155 		return;
1156 	}
1157 
1158 	if (!sc_cmd->device) {
1159 		QEDF_ERR(&qedf->dbg_ctx,
1160 			 "Device for sc_cmd %p is NULL.\n", sc_cmd);
1161 		return;
1162 	}
1163 
1164 	if (!scsi_cmd_to_rq(sc_cmd)->q) {
1165 		QEDF_WARN(&(qedf->dbg_ctx), "request->q is NULL so request "
1166 		   "is not valid, sc_cmd=%p.\n", sc_cmd);
1167 		return;
1168 	}
1169 
1170 	fcport = io_req->fcport;
1171 
1172 	/*
1173 	 * When flush is active, let the cmds be completed from the cleanup
1174 	 * context
1175 	 */
1176 	if (test_bit(QEDF_RPORT_IN_TARGET_RESET, &fcport->flags) ||
1177 	    (test_bit(QEDF_RPORT_IN_LUN_RESET, &fcport->flags) &&
1178 	     sc_cmd->device->lun == (u64)fcport->lun_reset_lun)) {
1179 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1180 			  "Dropping good completion xid=0x%x as fcport is flushing",
1181 			  io_req->xid);
1182 		return;
1183 	}
1184 
1185 	qedf_parse_fcp_rsp(io_req, fcp_rsp);
1186 
1187 	qedf_unmap_sg_list(qedf, io_req);
1188 
1189 	/* Check for FCP transport error */
1190 	if (io_req->fcp_rsp_len > 3 && io_req->fcp_rsp_code) {
1191 		QEDF_ERR(&(qedf->dbg_ctx),
1192 		    "FCP I/O protocol failure xid=0x%x fcp_rsp_len=%d "
1193 		    "fcp_rsp_code=%d.\n", io_req->xid, io_req->fcp_rsp_len,
1194 		    io_req->fcp_rsp_code);
1195 		sc_cmd->result = DID_BUS_BUSY << 16;
1196 		goto out;
1197 	}
1198 
1199 	fw_residual_flag = GET_FIELD(cqe->cqe_info.rsp_info.fw_error_flags,
1200 	    FCOE_CQE_RSP_INFO_FW_UNDERRUN);
1201 	if (fw_residual_flag) {
1202 		QEDF_ERR(&qedf->dbg_ctx,
1203 			 "Firmware detected underrun: xid=0x%x fcp_rsp.flags=0x%02x fcp_resid=%d fw_residual=0x%x lba=%02x%02x%02x%02x.\n",
1204 			 io_req->xid, fcp_rsp->rsp_flags.flags,
1205 			 io_req->fcp_resid,
1206 			 cqe->cqe_info.rsp_info.fw_residual, sc_cmd->cmnd[2],
1207 			 sc_cmd->cmnd[3], sc_cmd->cmnd[4], sc_cmd->cmnd[5]);
1208 
1209 		if (io_req->cdb_status == 0)
1210 			sc_cmd->result = (DID_ERROR << 16) | io_req->cdb_status;
1211 		else
1212 			sc_cmd->result = (DID_OK << 16) | io_req->cdb_status;
1213 
1214 		/*
1215 		 * Set resid to the whole buffer length so we won't try to resue
1216 		 * any previously data.
1217 		 */
1218 		scsi_set_resid(sc_cmd, scsi_bufflen(sc_cmd));
1219 		goto out;
1220 	}
1221 
1222 	switch (io_req->fcp_status) {
1223 	case FC_GOOD:
1224 		if (io_req->cdb_status == 0) {
1225 			/* Good I/O completion */
1226 			sc_cmd->result = DID_OK << 16;
1227 		} else {
1228 			refcount = kref_read(&io_req->refcount);
1229 			QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
1230 			    "%d:0:%d:%lld xid=0x%0x op=0x%02x "
1231 			    "lba=%02x%02x%02x%02x cdb_status=%d "
1232 			    "fcp_resid=0x%x refcount=%d.\n",
1233 			    qedf->lport->host->host_no, sc_cmd->device->id,
1234 			    sc_cmd->device->lun, io_req->xid,
1235 			    sc_cmd->cmnd[0], sc_cmd->cmnd[2], sc_cmd->cmnd[3],
1236 			    sc_cmd->cmnd[4], sc_cmd->cmnd[5],
1237 			    io_req->cdb_status, io_req->fcp_resid,
1238 			    refcount);
1239 			sc_cmd->result = (DID_OK << 16) | io_req->cdb_status;
1240 
1241 			if (io_req->cdb_status == SAM_STAT_TASK_SET_FULL ||
1242 			    io_req->cdb_status == SAM_STAT_BUSY) {
1243 				/*
1244 				 * Check whether we need to set retry_delay at
1245 				 * all based on retry_delay module parameter
1246 				 * and the status qualifier.
1247 				 */
1248 
1249 				/* Upper 2 bits */
1250 				scope = fcp_rsp->retry_delay_timer & 0xC000;
1251 				/* Lower 14 bits */
1252 				qualifier = fcp_rsp->retry_delay_timer & 0x3FFF;
1253 
1254 				if (qedf_retry_delay)
1255 					chk_scope = 1;
1256 				/* Record stats */
1257 				if (io_req->cdb_status ==
1258 				    SAM_STAT_TASK_SET_FULL)
1259 					qedf->task_set_fulls++;
1260 				else
1261 					qedf->busy++;
1262 			}
1263 		}
1264 		if (io_req->fcp_resid)
1265 			scsi_set_resid(sc_cmd, io_req->fcp_resid);
1266 
1267 		if (chk_scope == 1) {
1268 			if ((scope == 1 || scope == 2) &&
1269 			    (qualifier > 0 && qualifier <= 0x3FEF)) {
1270 				/* Check we don't go over the max */
1271 				if (qualifier > QEDF_RETRY_DELAY_MAX) {
1272 					qualifier = QEDF_RETRY_DELAY_MAX;
1273 					QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1274 						  "qualifier = %d\n",
1275 						  (fcp_rsp->retry_delay_timer &
1276 						  0x3FFF));
1277 				}
1278 				QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1279 					  "Scope = %d and qualifier = %d",
1280 					  scope, qualifier);
1281 				/*  Take fcport->rport_lock to
1282 				 *  update the retry_delay_timestamp
1283 				 */
1284 				spin_lock_irqsave(&fcport->rport_lock, flags);
1285 				fcport->retry_delay_timestamp =
1286 					jiffies + (qualifier * HZ / 10);
1287 				spin_unlock_irqrestore(&fcport->rport_lock,
1288 						       flags);
1289 
1290 			} else {
1291 				QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1292 					  "combination of scope = %d and qualifier = %d is not handled in qedf.\n",
1293 					  scope, qualifier);
1294 			}
1295 		}
1296 		break;
1297 	default:
1298 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO, "fcp_status=%d.\n",
1299 			   io_req->fcp_status);
1300 		break;
1301 	}
1302 
1303 out:
1304 	if (qedf_io_tracing)
1305 		qedf_trace_io(fcport, io_req, QEDF_IO_TRACE_RSP);
1306 
1307 	/*
1308 	 * We wait till the end of the function to clear the
1309 	 * outstanding bit in case we need to send an abort
1310 	 */
1311 	clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
1312 
1313 	io_req->sc_cmd = NULL;
1314 	qedf_priv(sc_cmd)->io_req =  NULL;
1315 	scsi_done(sc_cmd);
1316 	kref_put(&io_req->refcount, qedf_release_cmd);
1317 }
1318 
1319 /* Return a SCSI command in some other context besides a normal completion */
1320 void qedf_scsi_done(struct qedf_ctx *qedf, struct qedf_ioreq *io_req,
1321 	int result)
1322 {
1323 	struct scsi_cmnd *sc_cmd;
1324 	int refcount;
1325 
1326 	if (!io_req) {
1327 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO, "io_req is NULL\n");
1328 		return;
1329 	}
1330 
1331 	if (test_and_set_bit(QEDF_CMD_ERR_SCSI_DONE, &io_req->flags)) {
1332 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1333 			  "io_req:%p scsi_done handling already done\n",
1334 			  io_req);
1335 		return;
1336 	}
1337 
1338 	/*
1339 	 * We will be done with this command after this call so clear the
1340 	 * outstanding bit.
1341 	 */
1342 	clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
1343 
1344 	sc_cmd = io_req->sc_cmd;
1345 
1346 	if (!sc_cmd) {
1347 		QEDF_WARN(&(qedf->dbg_ctx), "sc_cmd is NULL!\n");
1348 		return;
1349 	}
1350 
1351 	if (!virt_addr_valid(sc_cmd)) {
1352 		QEDF_ERR(&qedf->dbg_ctx, "sc_cmd=%p is not valid.", sc_cmd);
1353 		goto bad_scsi_ptr;
1354 	}
1355 
1356 	if (!qedf_priv(sc_cmd)->io_req) {
1357 		QEDF_WARN(&(qedf->dbg_ctx),
1358 			  "io_req is NULL, returned in another context.\n");
1359 		return;
1360 	}
1361 
1362 	if (!sc_cmd->device) {
1363 		QEDF_ERR(&qedf->dbg_ctx, "Device for sc_cmd %p is NULL.\n",
1364 			 sc_cmd);
1365 		goto bad_scsi_ptr;
1366 	}
1367 
1368 	if (!virt_addr_valid(sc_cmd->device)) {
1369 		QEDF_ERR(&qedf->dbg_ctx,
1370 			 "Device pointer for sc_cmd %p is bad.\n", sc_cmd);
1371 		goto bad_scsi_ptr;
1372 	}
1373 
1374 	if (!sc_cmd->sense_buffer) {
1375 		QEDF_ERR(&qedf->dbg_ctx,
1376 			 "sc_cmd->sense_buffer for sc_cmd %p is NULL.\n",
1377 			 sc_cmd);
1378 		goto bad_scsi_ptr;
1379 	}
1380 
1381 	if (!virt_addr_valid(sc_cmd->sense_buffer)) {
1382 		QEDF_ERR(&qedf->dbg_ctx,
1383 			 "sc_cmd->sense_buffer for sc_cmd %p is bad.\n",
1384 			 sc_cmd);
1385 		goto bad_scsi_ptr;
1386 	}
1387 
1388 	qedf_unmap_sg_list(qedf, io_req);
1389 
1390 	sc_cmd->result = result << 16;
1391 	refcount = kref_read(&io_req->refcount);
1392 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO, "%d:0:%d:%lld: Completing "
1393 	    "sc_cmd=%p result=0x%08x op=0x%02x lba=0x%02x%02x%02x%02x, "
1394 	    "allowed=%d retries=%d refcount=%d.\n",
1395 	    qedf->lport->host->host_no, sc_cmd->device->id,
1396 	    sc_cmd->device->lun, sc_cmd, sc_cmd->result, sc_cmd->cmnd[0],
1397 	    sc_cmd->cmnd[2], sc_cmd->cmnd[3], sc_cmd->cmnd[4],
1398 	    sc_cmd->cmnd[5], sc_cmd->allowed, sc_cmd->retries,
1399 	    refcount);
1400 
1401 	/*
1402 	 * Set resid to the whole buffer length so we won't try to resue any
1403 	 * previously read data
1404 	 */
1405 	scsi_set_resid(sc_cmd, scsi_bufflen(sc_cmd));
1406 
1407 	if (qedf_io_tracing)
1408 		qedf_trace_io(io_req->fcport, io_req, QEDF_IO_TRACE_RSP);
1409 
1410 	io_req->sc_cmd = NULL;
1411 	qedf_priv(sc_cmd)->io_req = NULL;
1412 	scsi_done(sc_cmd);
1413 	kref_put(&io_req->refcount, qedf_release_cmd);
1414 	return;
1415 
1416 bad_scsi_ptr:
1417 	/*
1418 	 * Clear the io_req->sc_cmd backpointer so we don't try to process
1419 	 * this again
1420 	 */
1421 	io_req->sc_cmd = NULL;
1422 	kref_put(&io_req->refcount, qedf_release_cmd);  /* ID: 001 */
1423 }
1424 
1425 /*
1426  * Handle warning type CQE completions. This is mainly used for REC timer
1427  * popping.
1428  */
1429 void qedf_process_warning_compl(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
1430 	struct qedf_ioreq *io_req)
1431 {
1432 	int rval, i;
1433 	struct qedf_rport *fcport = io_req->fcport;
1434 	u64 err_warn_bit_map;
1435 	u8 err_warn = 0xff;
1436 
1437 	if (!cqe) {
1438 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1439 			  "cqe is NULL for io_req %p xid=0x%x\n",
1440 			  io_req, io_req->xid);
1441 		return;
1442 	}
1443 
1444 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx), "Warning CQE, "
1445 		  "xid=0x%x\n", io_req->xid);
1446 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx),
1447 		  "err_warn_bitmap=%08x:%08x\n",
1448 		  le32_to_cpu(cqe->cqe_info.err_info.err_warn_bitmap_hi),
1449 		  le32_to_cpu(cqe->cqe_info.err_info.err_warn_bitmap_lo));
1450 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx), "tx_buff_off=%08x, "
1451 		  "rx_buff_off=%08x, rx_id=%04x\n",
1452 		  le32_to_cpu(cqe->cqe_info.err_info.tx_buf_off),
1453 		  le32_to_cpu(cqe->cqe_info.err_info.rx_buf_off),
1454 		  le32_to_cpu(cqe->cqe_info.err_info.rx_id));
1455 
1456 	/* Normalize the error bitmap value to an just an unsigned int */
1457 	err_warn_bit_map = (u64)
1458 	    ((u64)cqe->cqe_info.err_info.err_warn_bitmap_hi << 32) |
1459 	    (u64)cqe->cqe_info.err_info.err_warn_bitmap_lo;
1460 	for (i = 0; i < 64; i++) {
1461 		if (err_warn_bit_map & (u64)((u64)1 << i)) {
1462 			err_warn = i;
1463 			break;
1464 		}
1465 	}
1466 
1467 	/* Check if REC TOV expired if this is a tape device */
1468 	if (fcport->dev_type == QEDF_RPORT_TYPE_TAPE) {
1469 		if (err_warn ==
1470 		    FCOE_WARNING_CODE_REC_TOV_TIMER_EXPIRATION) {
1471 			QEDF_ERR(&(qedf->dbg_ctx), "REC timer expired.\n");
1472 			if (!test_bit(QEDF_CMD_SRR_SENT, &io_req->flags)) {
1473 				io_req->rx_buf_off =
1474 				    cqe->cqe_info.err_info.rx_buf_off;
1475 				io_req->tx_buf_off =
1476 				    cqe->cqe_info.err_info.tx_buf_off;
1477 				io_req->rx_id = cqe->cqe_info.err_info.rx_id;
1478 				rval = qedf_send_rec(io_req);
1479 				/*
1480 				 * We only want to abort the io_req if we
1481 				 * can't queue the REC command as we want to
1482 				 * keep the exchange open for recovery.
1483 				 */
1484 				if (rval)
1485 					goto send_abort;
1486 			}
1487 			return;
1488 		}
1489 	}
1490 
1491 send_abort:
1492 	init_completion(&io_req->abts_done);
1493 	rval = qedf_initiate_abts(io_req, true);
1494 	if (rval)
1495 		QEDF_ERR(&(qedf->dbg_ctx), "Failed to queue ABTS.\n");
1496 }
1497 
1498 /* Cleanup a command when we receive an error detection completion */
1499 void qedf_process_error_detect(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
1500 	struct qedf_ioreq *io_req)
1501 {
1502 	int rval;
1503 
1504 	if (io_req == NULL) {
1505 		QEDF_INFO(NULL, QEDF_LOG_IO, "io_req is NULL.\n");
1506 		return;
1507 	}
1508 
1509 	if (io_req->fcport == NULL) {
1510 		QEDF_INFO(NULL, QEDF_LOG_IO, "fcport is NULL.\n");
1511 		return;
1512 	}
1513 
1514 	if (!cqe) {
1515 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1516 			"cqe is NULL for io_req %p\n", io_req);
1517 		return;
1518 	}
1519 
1520 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx), "Error detection CQE, "
1521 		  "xid=0x%x\n", io_req->xid);
1522 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx),
1523 		  "err_warn_bitmap=%08x:%08x\n",
1524 		  le32_to_cpu(cqe->cqe_info.err_info.err_warn_bitmap_hi),
1525 		  le32_to_cpu(cqe->cqe_info.err_info.err_warn_bitmap_lo));
1526 	QEDF_ERR(&(io_req->fcport->qedf->dbg_ctx), "tx_buff_off=%08x, "
1527 		  "rx_buff_off=%08x, rx_id=%04x\n",
1528 		  le32_to_cpu(cqe->cqe_info.err_info.tx_buf_off),
1529 		  le32_to_cpu(cqe->cqe_info.err_info.rx_buf_off),
1530 		  le32_to_cpu(cqe->cqe_info.err_info.rx_id));
1531 
1532 	/* When flush is active, let the cmds be flushed out from the cleanup context */
1533 	if (test_bit(QEDF_RPORT_IN_TARGET_RESET, &io_req->fcport->flags) ||
1534 		(test_bit(QEDF_RPORT_IN_LUN_RESET, &io_req->fcport->flags) &&
1535 		 io_req->sc_cmd->device->lun == (u64)io_req->fcport->lun_reset_lun)) {
1536 		QEDF_ERR(&qedf->dbg_ctx,
1537 			"Dropping EQE for xid=0x%x as fcport is flushing",
1538 			io_req->xid);
1539 		return;
1540 	}
1541 
1542 	if (qedf->stop_io_on_error) {
1543 		qedf_stop_all_io(qedf);
1544 		return;
1545 	}
1546 
1547 	init_completion(&io_req->abts_done);
1548 	rval = qedf_initiate_abts(io_req, true);
1549 	if (rval)
1550 		QEDF_ERR(&(qedf->dbg_ctx), "Failed to queue ABTS.\n");
1551 }
1552 
1553 static void qedf_flush_els_req(struct qedf_ctx *qedf,
1554 	struct qedf_ioreq *els_req)
1555 {
1556 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
1557 	    "Flushing ELS request xid=0x%x refcount=%d.\n", els_req->xid,
1558 	    kref_read(&els_req->refcount));
1559 
1560 	/*
1561 	 * Need to distinguish this from a timeout when calling the
1562 	 * els_req->cb_func.
1563 	 */
1564 	els_req->event = QEDF_IOREQ_EV_ELS_FLUSH;
1565 
1566 	clear_bit(QEDF_CMD_OUTSTANDING, &els_req->flags);
1567 
1568 	/* Cancel the timer */
1569 	cancel_delayed_work_sync(&els_req->timeout_work);
1570 
1571 	/* Call callback function to complete command */
1572 	if (els_req->cb_func && els_req->cb_arg) {
1573 		els_req->cb_func(els_req->cb_arg);
1574 		els_req->cb_arg = NULL;
1575 	}
1576 
1577 	/* Release kref for original initiate_els */
1578 	kref_put(&els_req->refcount, qedf_release_cmd);
1579 }
1580 
1581 /* A value of -1 for lun is a wild card that means flush all
1582  * active SCSI I/Os for the target.
1583  */
1584 void qedf_flush_active_ios(struct qedf_rport *fcport, int lun)
1585 {
1586 	struct qedf_ioreq *io_req;
1587 	struct qedf_ctx *qedf;
1588 	struct qedf_cmd_mgr *cmd_mgr;
1589 	int i, rc;
1590 	unsigned long flags;
1591 	int flush_cnt = 0;
1592 	int wait_cnt = 100;
1593 	int refcount = 0;
1594 
1595 	if (!fcport) {
1596 		QEDF_ERR(NULL, "fcport is NULL\n");
1597 		return;
1598 	}
1599 
1600 	/* Check that fcport is still offloaded */
1601 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags)) {
1602 		QEDF_ERR(NULL, "fcport is no longer offloaded.\n");
1603 		return;
1604 	}
1605 
1606 	qedf = fcport->qedf;
1607 
1608 	if (!qedf) {
1609 		QEDF_ERR(NULL, "qedf is NULL.\n");
1610 		return;
1611 	}
1612 
1613 	/* Only wait for all commands to be queued in the Upload context */
1614 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags) &&
1615 	    (lun == -1)) {
1616 		while (atomic_read(&fcport->ios_to_queue)) {
1617 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1618 				  "Waiting for %d I/Os to be queued\n",
1619 				  atomic_read(&fcport->ios_to_queue));
1620 			if (wait_cnt == 0) {
1621 				QEDF_ERR(NULL,
1622 					 "%d IOs request could not be queued\n",
1623 					 atomic_read(&fcport->ios_to_queue));
1624 			}
1625 			msleep(20);
1626 			wait_cnt--;
1627 		}
1628 	}
1629 
1630 	cmd_mgr = qedf->cmd_mgr;
1631 
1632 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1633 		  "Flush active i/o's num=0x%x fcport=0x%p port_id=0x%06x scsi_id=%d.\n",
1634 		  atomic_read(&fcport->num_active_ios), fcport,
1635 		  fcport->rdata->ids.port_id, fcport->rport->scsi_target_id);
1636 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO, "Locking flush mutex.\n");
1637 
1638 	mutex_lock(&qedf->flush_mutex);
1639 	if (lun == -1) {
1640 		set_bit(QEDF_RPORT_IN_TARGET_RESET, &fcport->flags);
1641 	} else {
1642 		set_bit(QEDF_RPORT_IN_LUN_RESET, &fcport->flags);
1643 		fcport->lun_reset_lun = lun;
1644 	}
1645 
1646 	for (i = 0; i < FCOE_PARAMS_NUM_TASKS; i++) {
1647 		io_req = &cmd_mgr->cmds[i];
1648 
1649 		if (!io_req)
1650 			continue;
1651 		if (!io_req->fcport)
1652 			continue;
1653 
1654 		spin_lock_irqsave(&cmd_mgr->lock, flags);
1655 
1656 		if (io_req->alloc) {
1657 			if (!test_bit(QEDF_CMD_OUTSTANDING, &io_req->flags)) {
1658 				if (io_req->cmd_type == QEDF_SCSI_CMD)
1659 					QEDF_ERR(&qedf->dbg_ctx,
1660 						 "Allocated but not queued, xid=0x%x\n",
1661 						 io_req->xid);
1662 			}
1663 			spin_unlock_irqrestore(&cmd_mgr->lock, flags);
1664 		} else {
1665 			spin_unlock_irqrestore(&cmd_mgr->lock, flags);
1666 			continue;
1667 		}
1668 
1669 		if (io_req->fcport != fcport)
1670 			continue;
1671 
1672 		/* In case of ABTS, CMD_OUTSTANDING is cleared on ABTS response,
1673 		 * but RRQ is still pending.
1674 		 * Workaround: Within qedf_send_rrq, we check if the fcport is
1675 		 * NULL, and we drop the ref on the io_req to clean it up.
1676 		 */
1677 		if (!test_bit(QEDF_CMD_OUTSTANDING, &io_req->flags)) {
1678 			refcount = kref_read(&io_req->refcount);
1679 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1680 				  "Not outstanding, xid=0x%x, cmd_type=%d refcount=%d.\n",
1681 				  io_req->xid, io_req->cmd_type, refcount);
1682 			/* If RRQ work has been queue, try to cancel it and
1683 			 * free the io_req
1684 			 */
1685 			if (atomic_read(&io_req->state) ==
1686 			    QEDFC_CMD_ST_RRQ_WAIT) {
1687 				if (cancel_delayed_work_sync
1688 				    (&io_req->rrq_work)) {
1689 					QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1690 						  "Putting reference for pending RRQ work xid=0x%x.\n",
1691 						  io_req->xid);
1692 					/* ID: 003 */
1693 					kref_put(&io_req->refcount,
1694 						 qedf_release_cmd);
1695 				}
1696 			}
1697 			continue;
1698 		}
1699 
1700 		/* Only consider flushing ELS during target reset */
1701 		if (io_req->cmd_type == QEDF_ELS &&
1702 		    lun == -1) {
1703 			rc = kref_get_unless_zero(&io_req->refcount);
1704 			if (!rc) {
1705 				QEDF_ERR(&(qedf->dbg_ctx),
1706 				    "Could not get kref for ELS io_req=0x%p xid=0x%x.\n",
1707 				    io_req, io_req->xid);
1708 				continue;
1709 			}
1710 			qedf_initiate_cleanup(io_req, false);
1711 			flush_cnt++;
1712 			qedf_flush_els_req(qedf, io_req);
1713 
1714 			/*
1715 			 * Release the kref and go back to the top of the
1716 			 * loop.
1717 			 */
1718 			goto free_cmd;
1719 		}
1720 
1721 		if (io_req->cmd_type == QEDF_ABTS) {
1722 			/* ID: 004 */
1723 			rc = kref_get_unless_zero(&io_req->refcount);
1724 			if (!rc) {
1725 				QEDF_ERR(&(qedf->dbg_ctx),
1726 				    "Could not get kref for abort io_req=0x%p xid=0x%x.\n",
1727 				    io_req, io_req->xid);
1728 				continue;
1729 			}
1730 			if (lun != -1 && io_req->lun != lun)
1731 				goto free_cmd;
1732 
1733 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1734 			    "Flushing abort xid=0x%x.\n", io_req->xid);
1735 
1736 			if (cancel_delayed_work_sync(&io_req->rrq_work)) {
1737 				QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1738 					  "Putting ref for cancelled RRQ work xid=0x%x.\n",
1739 					  io_req->xid);
1740 				kref_put(&io_req->refcount, qedf_release_cmd);
1741 			}
1742 
1743 			if (cancel_delayed_work_sync(&io_req->timeout_work)) {
1744 				QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1745 					  "Putting ref for cancelled tmo work xid=0x%x.\n",
1746 					  io_req->xid);
1747 				qedf_initiate_cleanup(io_req, true);
1748 				/* Notify eh_abort handler that ABTS is
1749 				 * complete
1750 				 */
1751 				complete(&io_req->abts_done);
1752 				clear_bit(QEDF_CMD_IN_ABORT, &io_req->flags);
1753 				/* ID: 002 */
1754 				kref_put(&io_req->refcount, qedf_release_cmd);
1755 			}
1756 			flush_cnt++;
1757 			goto free_cmd;
1758 		}
1759 
1760 		if (!io_req->sc_cmd)
1761 			continue;
1762 		if (!io_req->sc_cmd->device) {
1763 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1764 				  "Device backpointer NULL for sc_cmd=%p.\n",
1765 				  io_req->sc_cmd);
1766 			/* Put reference for non-existent scsi_cmnd */
1767 			io_req->sc_cmd = NULL;
1768 			qedf_initiate_cleanup(io_req, false);
1769 			kref_put(&io_req->refcount, qedf_release_cmd);
1770 			continue;
1771 		}
1772 		if (lun > -1) {
1773 			if (io_req->lun != lun)
1774 				continue;
1775 		}
1776 
1777 		/*
1778 		 * Use kref_get_unless_zero in the unlikely case the command
1779 		 * we're about to flush was completed in the normal SCSI path
1780 		 */
1781 		rc = kref_get_unless_zero(&io_req->refcount);
1782 		if (!rc) {
1783 			QEDF_ERR(&(qedf->dbg_ctx), "Could not get kref for "
1784 			    "io_req=0x%p xid=0x%x\n", io_req, io_req->xid);
1785 			continue;
1786 		}
1787 
1788 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO,
1789 		    "Cleanup xid=0x%x.\n", io_req->xid);
1790 		flush_cnt++;
1791 
1792 		/* Cleanup task and return I/O mid-layer */
1793 		qedf_initiate_cleanup(io_req, true);
1794 
1795 free_cmd:
1796 		kref_put(&io_req->refcount, qedf_release_cmd);	/* ID: 004 */
1797 	}
1798 
1799 	wait_cnt = 60;
1800 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1801 		  "Flushed 0x%x I/Os, active=0x%x.\n",
1802 		  flush_cnt, atomic_read(&fcport->num_active_ios));
1803 	/* Only wait for all commands to complete in the Upload context */
1804 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags) &&
1805 	    (lun == -1)) {
1806 		while (atomic_read(&fcport->num_active_ios)) {
1807 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1808 				  "Flushed 0x%x I/Os, active=0x%x cnt=%d.\n",
1809 				  flush_cnt,
1810 				  atomic_read(&fcport->num_active_ios),
1811 				  wait_cnt);
1812 			if (wait_cnt == 0) {
1813 				QEDF_ERR(&qedf->dbg_ctx,
1814 					 "Flushed %d I/Os, active=%d.\n",
1815 					 flush_cnt,
1816 					 atomic_read(&fcport->num_active_ios));
1817 				for (i = 0; i < FCOE_PARAMS_NUM_TASKS; i++) {
1818 					io_req = &cmd_mgr->cmds[i];
1819 					if (io_req->fcport &&
1820 					    io_req->fcport == fcport) {
1821 						refcount =
1822 						kref_read(&io_req->refcount);
1823 						set_bit(QEDF_CMD_DIRTY,
1824 							&io_req->flags);
1825 						QEDF_ERR(&qedf->dbg_ctx,
1826 							 "Outstanding io_req =%p xid=0x%x flags=0x%lx, sc_cmd=%p refcount=%d cmd_type=%d.\n",
1827 							 io_req, io_req->xid,
1828 							 io_req->flags,
1829 							 io_req->sc_cmd,
1830 							 refcount,
1831 							 io_req->cmd_type);
1832 					}
1833 				}
1834 				WARN_ON(1);
1835 				break;
1836 			}
1837 			msleep(500);
1838 			wait_cnt--;
1839 		}
1840 	}
1841 
1842 	clear_bit(QEDF_RPORT_IN_LUN_RESET, &fcport->flags);
1843 	clear_bit(QEDF_RPORT_IN_TARGET_RESET, &fcport->flags);
1844 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO, "Unlocking flush mutex.\n");
1845 	mutex_unlock(&qedf->flush_mutex);
1846 }
1847 
1848 /*
1849  * Initiate a ABTS middle path command. Note that we don't have to initialize
1850  * the task context for an ABTS task.
1851  */
1852 int qedf_initiate_abts(struct qedf_ioreq *io_req, bool return_scsi_cmd_on_abts)
1853 {
1854 	struct fc_lport *lport;
1855 	struct qedf_rport *fcport = io_req->fcport;
1856 	struct fc_rport_priv *rdata;
1857 	struct qedf_ctx *qedf;
1858 	u16 xid;
1859 	int rc = 0;
1860 	unsigned long flags;
1861 	struct fcoe_wqe *sqe;
1862 	u16 sqe_idx;
1863 	int refcount = 0;
1864 
1865 	/* Sanity check qedf_rport before dereferencing any pointers */
1866 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags)) {
1867 		QEDF_ERR(NULL, "tgt not offloaded\n");
1868 		rc = 1;
1869 		goto out;
1870 	}
1871 
1872 	qedf = fcport->qedf;
1873 	rdata = fcport->rdata;
1874 
1875 	if (!rdata || !kref_get_unless_zero(&rdata->kref)) {
1876 		QEDF_ERR(&qedf->dbg_ctx, "stale rport\n");
1877 		rc = 1;
1878 		goto out;
1879 	}
1880 
1881 	lport = qedf->lport;
1882 
1883 	if (lport->state != LPORT_ST_READY || !(lport->link_up)) {
1884 		QEDF_ERR(&(qedf->dbg_ctx), "link is not ready\n");
1885 		rc = 1;
1886 		goto drop_rdata_kref;
1887 	}
1888 
1889 	if (atomic_read(&qedf->link_down_tmo_valid) > 0) {
1890 		QEDF_ERR(&(qedf->dbg_ctx), "link_down_tmo active.\n");
1891 		rc = 1;
1892 		goto drop_rdata_kref;
1893 	}
1894 
1895 	/* Ensure room on SQ */
1896 	if (!atomic_read(&fcport->free_sqes)) {
1897 		QEDF_ERR(&(qedf->dbg_ctx), "No SQ entries available\n");
1898 		rc = 1;
1899 		goto drop_rdata_kref;
1900 	}
1901 
1902 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
1903 		QEDF_ERR(&qedf->dbg_ctx, "fcport is uploading.\n");
1904 		rc = 1;
1905 		goto drop_rdata_kref;
1906 	}
1907 
1908 	if (!test_bit(QEDF_CMD_OUTSTANDING, &io_req->flags) ||
1909 	    test_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags) ||
1910 	    test_bit(QEDF_CMD_IN_ABORT, &io_req->flags)) {
1911 		QEDF_ERR(&qedf->dbg_ctx,
1912 			 "io_req xid=0x%x sc_cmd=%p already in cleanup or abort processing or already completed.\n",
1913 			 io_req->xid, io_req->sc_cmd);
1914 		rc = 1;
1915 		goto drop_rdata_kref;
1916 	}
1917 
1918 	kref_get(&io_req->refcount);
1919 
1920 	xid = io_req->xid;
1921 	qedf->control_requests++;
1922 	qedf->packet_aborts++;
1923 
1924 	/* Set the command type to abort */
1925 	io_req->cmd_type = QEDF_ABTS;
1926 	io_req->return_scsi_cmd_on_abts = return_scsi_cmd_on_abts;
1927 
1928 	set_bit(QEDF_CMD_IN_ABORT, &io_req->flags);
1929 	refcount = kref_read(&io_req->refcount);
1930 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_SCSI_TM,
1931 		  "ABTS io_req xid = 0x%x refcount=%d\n",
1932 		  xid, refcount);
1933 
1934 	qedf_cmd_timer_set(qedf, io_req, QEDF_ABORT_TIMEOUT);
1935 
1936 	spin_lock_irqsave(&fcport->rport_lock, flags);
1937 
1938 	sqe_idx = qedf_get_sqe_idx(fcport);
1939 	sqe = &fcport->sq[sqe_idx];
1940 	memset(sqe, 0, sizeof(struct fcoe_wqe));
1941 	io_req->task_params->sqe = sqe;
1942 
1943 	init_initiator_abort_fcoe_task(io_req->task_params);
1944 	qedf_ring_doorbell(fcport);
1945 
1946 	spin_unlock_irqrestore(&fcport->rport_lock, flags);
1947 
1948 drop_rdata_kref:
1949 	kref_put(&rdata->kref, fc_rport_destroy);
1950 out:
1951 	return rc;
1952 }
1953 
1954 void qedf_process_abts_compl(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
1955 	struct qedf_ioreq *io_req)
1956 {
1957 	uint32_t r_ctl;
1958 	int rc;
1959 	struct qedf_rport *fcport = io_req->fcport;
1960 
1961 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_SCSI_TM, "Entered with xid = "
1962 		   "0x%x cmd_type = %d\n", io_req->xid, io_req->cmd_type);
1963 
1964 	r_ctl = cqe->cqe_info.abts_info.r_ctl;
1965 
1966 	/* This was added at a point when we were scheduling abts_compl &
1967 	 * cleanup_compl on different CPUs and there was a possibility of
1968 	 * the io_req to be freed from the other context before we got here.
1969 	 */
1970 	if (!fcport) {
1971 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1972 			  "Dropping ABTS completion xid=0x%x as fcport is NULL",
1973 			  io_req->xid);
1974 		return;
1975 	}
1976 
1977 	/*
1978 	 * When flush is active, let the cmds be completed from the cleanup
1979 	 * context
1980 	 */
1981 	if (test_bit(QEDF_RPORT_IN_TARGET_RESET, &fcport->flags) ||
1982 	    test_bit(QEDF_RPORT_IN_LUN_RESET, &fcport->flags)) {
1983 		QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
1984 			  "Dropping ABTS completion xid=0x%x as fcport is flushing",
1985 			  io_req->xid);
1986 		return;
1987 	}
1988 
1989 	if (!cancel_delayed_work(&io_req->timeout_work)) {
1990 		QEDF_ERR(&qedf->dbg_ctx,
1991 			 "Wasn't able to cancel abts timeout work.\n");
1992 	}
1993 
1994 	switch (r_ctl) {
1995 	case FC_RCTL_BA_ACC:
1996 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_SCSI_TM,
1997 		    "ABTS response - ACC Send RRQ after R_A_TOV\n");
1998 		io_req->event = QEDF_IOREQ_EV_ABORT_SUCCESS;
1999 		rc = kref_get_unless_zero(&io_req->refcount);	/* ID: 003 */
2000 		if (!rc) {
2001 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_SCSI_TM,
2002 				  "kref is already zero so ABTS was already completed or flushed xid=0x%x.\n",
2003 				  io_req->xid);
2004 			return;
2005 		}
2006 		/*
2007 		 * Dont release this cmd yet. It will be relesed
2008 		 * after we get RRQ response
2009 		 */
2010 		queue_delayed_work(qedf->dpc_wq, &io_req->rrq_work,
2011 		    msecs_to_jiffies(qedf->lport->r_a_tov));
2012 		atomic_set(&io_req->state, QEDFC_CMD_ST_RRQ_WAIT);
2013 		break;
2014 	/* For error cases let the cleanup return the command */
2015 	case FC_RCTL_BA_RJT:
2016 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_SCSI_TM,
2017 		   "ABTS response - RJT\n");
2018 		io_req->event = QEDF_IOREQ_EV_ABORT_FAILED;
2019 		break;
2020 	default:
2021 		QEDF_ERR(&(qedf->dbg_ctx), "Unknown ABTS response\n");
2022 		break;
2023 	}
2024 
2025 	clear_bit(QEDF_CMD_IN_ABORT, &io_req->flags);
2026 
2027 	if (io_req->sc_cmd) {
2028 		if (!io_req->return_scsi_cmd_on_abts)
2029 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_SCSI_TM,
2030 				  "Not call scsi_done for xid=0x%x.\n",
2031 				  io_req->xid);
2032 		if (io_req->return_scsi_cmd_on_abts)
2033 			qedf_scsi_done(qedf, io_req, DID_ERROR);
2034 	}
2035 
2036 	/* Notify eh_abort handler that ABTS is complete */
2037 	complete(&io_req->abts_done);
2038 
2039 	kref_put(&io_req->refcount, qedf_release_cmd);
2040 }
2041 
2042 int qedf_init_mp_req(struct qedf_ioreq *io_req)
2043 {
2044 	struct qedf_mp_req *mp_req;
2045 	struct scsi_sge *mp_req_bd;
2046 	struct scsi_sge *mp_resp_bd;
2047 	struct qedf_ctx *qedf = io_req->fcport->qedf;
2048 	dma_addr_t addr;
2049 	uint64_t sz;
2050 
2051 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_MP_REQ, "Entered.\n");
2052 
2053 	mp_req = (struct qedf_mp_req *)&(io_req->mp_req);
2054 	memset(mp_req, 0, sizeof(struct qedf_mp_req));
2055 
2056 	if (io_req->cmd_type != QEDF_ELS) {
2057 		mp_req->req_len = sizeof(struct fcp_cmnd);
2058 		io_req->data_xfer_len = mp_req->req_len;
2059 	} else
2060 		mp_req->req_len = io_req->data_xfer_len;
2061 
2062 	mp_req->req_buf = dma_alloc_coherent(&qedf->pdev->dev, QEDF_PAGE_SIZE,
2063 	    &mp_req->req_buf_dma, GFP_KERNEL);
2064 	if (!mp_req->req_buf) {
2065 		QEDF_ERR(&(qedf->dbg_ctx), "Unable to alloc MP req buffer\n");
2066 		qedf_free_mp_resc(io_req);
2067 		return -ENOMEM;
2068 	}
2069 
2070 	mp_req->resp_buf = dma_alloc_coherent(&qedf->pdev->dev,
2071 	    QEDF_PAGE_SIZE, &mp_req->resp_buf_dma, GFP_KERNEL);
2072 	if (!mp_req->resp_buf) {
2073 		QEDF_ERR(&(qedf->dbg_ctx), "Unable to alloc TM resp "
2074 			  "buffer\n");
2075 		qedf_free_mp_resc(io_req);
2076 		return -ENOMEM;
2077 	}
2078 
2079 	/* Allocate and map mp_req_bd and mp_resp_bd */
2080 	sz = sizeof(struct scsi_sge);
2081 	mp_req->mp_req_bd = dma_alloc_coherent(&qedf->pdev->dev, sz,
2082 	    &mp_req->mp_req_bd_dma, GFP_KERNEL);
2083 	if (!mp_req->mp_req_bd) {
2084 		QEDF_ERR(&(qedf->dbg_ctx), "Unable to alloc MP req bd\n");
2085 		qedf_free_mp_resc(io_req);
2086 		return -ENOMEM;
2087 	}
2088 
2089 	mp_req->mp_resp_bd = dma_alloc_coherent(&qedf->pdev->dev, sz,
2090 	    &mp_req->mp_resp_bd_dma, GFP_KERNEL);
2091 	if (!mp_req->mp_resp_bd) {
2092 		QEDF_ERR(&(qedf->dbg_ctx), "Unable to alloc MP resp bd\n");
2093 		qedf_free_mp_resc(io_req);
2094 		return -ENOMEM;
2095 	}
2096 
2097 	/* Fill bd table */
2098 	addr = mp_req->req_buf_dma;
2099 	mp_req_bd = mp_req->mp_req_bd;
2100 	mp_req_bd->sge_addr.lo = U64_LO(addr);
2101 	mp_req_bd->sge_addr.hi = U64_HI(addr);
2102 	mp_req_bd->sge_len = QEDF_PAGE_SIZE;
2103 
2104 	/*
2105 	 * MP buffer is either a task mgmt command or an ELS.
2106 	 * So the assumption is that it consumes a single bd
2107 	 * entry in the bd table
2108 	 */
2109 	mp_resp_bd = mp_req->mp_resp_bd;
2110 	addr = mp_req->resp_buf_dma;
2111 	mp_resp_bd->sge_addr.lo = U64_LO(addr);
2112 	mp_resp_bd->sge_addr.hi = U64_HI(addr);
2113 	mp_resp_bd->sge_len = QEDF_PAGE_SIZE;
2114 
2115 	return 0;
2116 }
2117 
2118 /*
2119  * Last ditch effort to clear the port if it's stuck. Used only after a
2120  * cleanup task times out.
2121  */
2122 static void qedf_drain_request(struct qedf_ctx *qedf)
2123 {
2124 	if (test_bit(QEDF_DRAIN_ACTIVE, &qedf->flags)) {
2125 		QEDF_ERR(&(qedf->dbg_ctx), "MCP drain already active.\n");
2126 		return;
2127 	}
2128 
2129 	/* Set bit to return all queuecommand requests as busy */
2130 	set_bit(QEDF_DRAIN_ACTIVE, &qedf->flags);
2131 
2132 	/* Call qed drain request for function. Should be synchronous */
2133 	qed_ops->common->drain(qedf->cdev);
2134 
2135 	/* Settle time for CQEs to be returned */
2136 	msleep(100);
2137 
2138 	/* Unplug and continue */
2139 	clear_bit(QEDF_DRAIN_ACTIVE, &qedf->flags);
2140 }
2141 
2142 /*
2143  * Returns SUCCESS if the cleanup task does not timeout, otherwise return
2144  * FAILURE.
2145  */
2146 int qedf_initiate_cleanup(struct qedf_ioreq *io_req,
2147 	bool return_scsi_cmd_on_abts)
2148 {
2149 	struct qedf_rport *fcport;
2150 	struct qedf_ctx *qedf;
2151 	int tmo = 0;
2152 	int rc = SUCCESS;
2153 	unsigned long flags;
2154 	struct fcoe_wqe *sqe;
2155 	u16 sqe_idx;
2156 	int refcount = 0;
2157 
2158 	fcport = io_req->fcport;
2159 	if (!fcport) {
2160 		QEDF_ERR(NULL, "fcport is NULL.\n");
2161 		return SUCCESS;
2162 	}
2163 
2164 	/* Sanity check qedf_rport before dereferencing any pointers */
2165 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags)) {
2166 		QEDF_ERR(NULL, "tgt not offloaded\n");
2167 		return SUCCESS;
2168 	}
2169 
2170 	qedf = fcport->qedf;
2171 	if (!qedf) {
2172 		QEDF_ERR(NULL, "qedf is NULL.\n");
2173 		return SUCCESS;
2174 	}
2175 
2176 	if (io_req->cmd_type == QEDF_ELS) {
2177 		goto process_els;
2178 	}
2179 
2180 	if (!test_bit(QEDF_CMD_OUTSTANDING, &io_req->flags) ||
2181 	    test_and_set_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags)) {
2182 		QEDF_ERR(&(qedf->dbg_ctx), "io_req xid=0x%x already in "
2183 			  "cleanup processing or already completed.\n",
2184 			  io_req->xid);
2185 		return SUCCESS;
2186 	}
2187 	set_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags);
2188 
2189 process_els:
2190 	/* Ensure room on SQ */
2191 	if (!atomic_read(&fcport->free_sqes)) {
2192 		QEDF_ERR(&(qedf->dbg_ctx), "No SQ entries available\n");
2193 		/* Need to make sure we clear the flag since it was set */
2194 		clear_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags);
2195 		return FAILED;
2196 	}
2197 
2198 	if (io_req->cmd_type == QEDF_CLEANUP) {
2199 		QEDF_ERR(&qedf->dbg_ctx,
2200 			 "io_req=0x%x is already a cleanup command cmd_type=%d.\n",
2201 			 io_req->xid, io_req->cmd_type);
2202 		clear_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags);
2203 		return SUCCESS;
2204 	}
2205 
2206 	refcount = kref_read(&io_req->refcount);
2207 
2208 	QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_IO,
2209 		  "Entered xid=0x%x sc_cmd=%p cmd_type=%d flags=0x%lx refcount=%d fcport=%p port_id=0x%06x\n",
2210 		  io_req->xid, io_req->sc_cmd, io_req->cmd_type, io_req->flags,
2211 		  refcount, fcport, fcport->rdata->ids.port_id);
2212 
2213 	/* Cleanup cmds re-use the same TID as the original I/O */
2214 	io_req->cmd_type = QEDF_CLEANUP;
2215 	io_req->return_scsi_cmd_on_abts = return_scsi_cmd_on_abts;
2216 
2217 	init_completion(&io_req->cleanup_done);
2218 
2219 	spin_lock_irqsave(&fcport->rport_lock, flags);
2220 
2221 	sqe_idx = qedf_get_sqe_idx(fcport);
2222 	sqe = &fcport->sq[sqe_idx];
2223 	memset(sqe, 0, sizeof(struct fcoe_wqe));
2224 	io_req->task_params->sqe = sqe;
2225 
2226 	init_initiator_cleanup_fcoe_task(io_req->task_params);
2227 	qedf_ring_doorbell(fcport);
2228 
2229 	spin_unlock_irqrestore(&fcport->rport_lock, flags);
2230 
2231 	tmo = wait_for_completion_timeout(&io_req->cleanup_done,
2232 					  QEDF_CLEANUP_TIMEOUT * HZ);
2233 
2234 	if (!tmo) {
2235 		rc = FAILED;
2236 		/* Timeout case */
2237 		QEDF_ERR(&(qedf->dbg_ctx), "Cleanup command timeout, "
2238 			  "xid=%x.\n", io_req->xid);
2239 		clear_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags);
2240 		/* Issue a drain request if cleanup task times out */
2241 		QEDF_ERR(&(qedf->dbg_ctx), "Issuing MCP drain request.\n");
2242 		qedf_drain_request(qedf);
2243 	}
2244 
2245 	/* If it TASK MGMT handle it, reference will be decreased
2246 	 * in qedf_execute_tmf
2247 	 */
2248 	if (io_req->tm_flags  == FCP_TMF_LUN_RESET ||
2249 	    io_req->tm_flags == FCP_TMF_TGT_RESET) {
2250 		clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
2251 		io_req->sc_cmd = NULL;
2252 		kref_put(&io_req->refcount, qedf_release_cmd);
2253 		complete(&io_req->tm_done);
2254 	}
2255 
2256 	if (io_req->sc_cmd) {
2257 		if (!io_req->return_scsi_cmd_on_abts)
2258 			QEDF_INFO(&qedf->dbg_ctx, QEDF_LOG_SCSI_TM,
2259 				  "Not call scsi_done for xid=0x%x.\n",
2260 				  io_req->xid);
2261 		if (io_req->return_scsi_cmd_on_abts)
2262 			qedf_scsi_done(qedf, io_req, DID_ERROR);
2263 	}
2264 
2265 	if (rc == SUCCESS)
2266 		io_req->event = QEDF_IOREQ_EV_CLEANUP_SUCCESS;
2267 	else
2268 		io_req->event = QEDF_IOREQ_EV_CLEANUP_FAILED;
2269 
2270 	return rc;
2271 }
2272 
2273 void qedf_process_cleanup_compl(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
2274 	struct qedf_ioreq *io_req)
2275 {
2276 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_IO, "Entered xid = 0x%x\n",
2277 		   io_req->xid);
2278 
2279 	clear_bit(QEDF_CMD_IN_CLEANUP, &io_req->flags);
2280 
2281 	/* Complete so we can finish cleaning up the I/O */
2282 	complete(&io_req->cleanup_done);
2283 }
2284 
2285 static int qedf_execute_tmf(struct qedf_rport *fcport, struct scsi_cmnd *sc_cmd,
2286 	uint8_t tm_flags)
2287 {
2288 	struct qedf_ioreq *io_req;
2289 	struct fcoe_task_context *task;
2290 	struct qedf_ctx *qedf = fcport->qedf;
2291 	struct fc_lport *lport = qedf->lport;
2292 	int rc = 0;
2293 	uint16_t xid;
2294 	int tmo = 0;
2295 	int lun = 0;
2296 	unsigned long flags;
2297 	struct fcoe_wqe *sqe;
2298 	u16 sqe_idx;
2299 
2300 	if (!sc_cmd) {
2301 		QEDF_ERR(&qedf->dbg_ctx, "sc_cmd is NULL\n");
2302 		return FAILED;
2303 	}
2304 
2305 	lun = (int)sc_cmd->device->lun;
2306 	if (!test_bit(QEDF_RPORT_SESSION_READY, &fcport->flags)) {
2307 		QEDF_ERR(&(qedf->dbg_ctx), "fcport not offloaded\n");
2308 		rc = FAILED;
2309 		goto no_flush;
2310 	}
2311 
2312 	io_req = qedf_alloc_cmd(fcport, QEDF_TASK_MGMT_CMD);
2313 	if (!io_req) {
2314 		QEDF_ERR(&(qedf->dbg_ctx), "Failed TMF");
2315 		rc = -EAGAIN;
2316 		goto no_flush;
2317 	}
2318 
2319 	if (tm_flags == FCP_TMF_LUN_RESET)
2320 		qedf->lun_resets++;
2321 	else if (tm_flags == FCP_TMF_TGT_RESET)
2322 		qedf->target_resets++;
2323 
2324 	/* Initialize rest of io_req fields */
2325 	io_req->sc_cmd = sc_cmd;
2326 	io_req->fcport = fcport;
2327 	io_req->cmd_type = QEDF_TASK_MGMT_CMD;
2328 
2329 	/* Record which cpu this request is associated with */
2330 	io_req->cpu = smp_processor_id();
2331 
2332 	/* Set TM flags */
2333 	io_req->io_req_flags = QEDF_READ;
2334 	io_req->data_xfer_len = 0;
2335 	io_req->tm_flags = tm_flags;
2336 
2337 	/* Default is to return a SCSI command when an error occurs */
2338 	io_req->return_scsi_cmd_on_abts = false;
2339 
2340 	/* Obtain exchange id */
2341 	xid = io_req->xid;
2342 
2343 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_SCSI_TM, "TMF io_req xid = "
2344 		   "0x%x\n", xid);
2345 
2346 	/* Initialize task context for this IO request */
2347 	task = qedf_get_task_mem(&qedf->tasks, xid);
2348 
2349 	init_completion(&io_req->tm_done);
2350 
2351 	spin_lock_irqsave(&fcport->rport_lock, flags);
2352 
2353 	sqe_idx = qedf_get_sqe_idx(fcport);
2354 	sqe = &fcport->sq[sqe_idx];
2355 	memset(sqe, 0, sizeof(struct fcoe_wqe));
2356 
2357 	qedf_init_task(fcport, lport, io_req, task, sqe);
2358 	qedf_ring_doorbell(fcport);
2359 
2360 	spin_unlock_irqrestore(&fcport->rport_lock, flags);
2361 
2362 	set_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
2363 	tmo = wait_for_completion_timeout(&io_req->tm_done,
2364 	    QEDF_TM_TIMEOUT * HZ);
2365 
2366 	if (!tmo) {
2367 		rc = FAILED;
2368 		QEDF_ERR(&(qedf->dbg_ctx), "wait for tm_cmpl timeout!\n");
2369 		/* Clear outstanding bit since command timed out */
2370 		clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
2371 		io_req->sc_cmd = NULL;
2372 	} else {
2373 		/* Check TMF response code */
2374 		if (io_req->fcp_rsp_code == 0)
2375 			rc = SUCCESS;
2376 		else
2377 			rc = FAILED;
2378 	}
2379 	/*
2380 	 * Double check that fcport has not gone into an uploading state before
2381 	 * executing the command flush for the LUN/target.
2382 	 */
2383 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
2384 		QEDF_ERR(&qedf->dbg_ctx,
2385 			 "fcport is uploading, not executing flush.\n");
2386 		goto no_flush;
2387 	}
2388 	/* We do not need this io_req any more */
2389 	kref_put(&io_req->refcount, qedf_release_cmd);
2390 
2391 
2392 	if (tm_flags == FCP_TMF_LUN_RESET)
2393 		qedf_flush_active_ios(fcport, lun);
2394 	else
2395 		qedf_flush_active_ios(fcport, -1);
2396 
2397 no_flush:
2398 	if (rc != SUCCESS) {
2399 		QEDF_ERR(&(qedf->dbg_ctx), "task mgmt command failed...\n");
2400 		rc = FAILED;
2401 	} else {
2402 		QEDF_ERR(&(qedf->dbg_ctx), "task mgmt command success...\n");
2403 		rc = SUCCESS;
2404 	}
2405 	return rc;
2406 }
2407 
2408 int qedf_initiate_tmf(struct scsi_cmnd *sc_cmd, u8 tm_flags)
2409 {
2410 	struct fc_rport *rport = starget_to_rport(scsi_target(sc_cmd->device));
2411 	struct fc_rport_libfc_priv *rp = rport->dd_data;
2412 	struct qedf_rport *fcport = (struct qedf_rport *)&rp[1];
2413 	struct qedf_ctx *qedf;
2414 	struct fc_lport *lport = shost_priv(sc_cmd->device->host);
2415 	int rc = SUCCESS;
2416 	int rval;
2417 	struct qedf_ioreq *io_req = NULL;
2418 	int ref_cnt = 0;
2419 	struct fc_rport_priv *rdata = fcport->rdata;
2420 
2421 	QEDF_ERR(NULL,
2422 		 "tm_flags 0x%x sc_cmd %p op = 0x%02x target_id = 0x%x lun=%d\n",
2423 		 tm_flags, sc_cmd, sc_cmd->cmd_len ? sc_cmd->cmnd[0] : 0xff,
2424 		 rport->scsi_target_id, (int)sc_cmd->device->lun);
2425 
2426 	if (!rdata || !kref_get_unless_zero(&rdata->kref)) {
2427 		QEDF_ERR(NULL, "stale rport\n");
2428 		return FAILED;
2429 	}
2430 
2431 	QEDF_ERR(NULL, "portid=%06x tm_flags =%s\n", rdata->ids.port_id,
2432 		 (tm_flags == FCP_TMF_TGT_RESET) ? "TARGET RESET" :
2433 		 "LUN RESET");
2434 
2435 	if (qedf_priv(sc_cmd)->io_req) {
2436 		io_req = qedf_priv(sc_cmd)->io_req;
2437 		ref_cnt = kref_read(&io_req->refcount);
2438 		QEDF_ERR(NULL,
2439 			 "orig io_req = %p xid = 0x%x ref_cnt = %d.\n",
2440 			 io_req, io_req->xid, ref_cnt);
2441 	}
2442 
2443 	rval = fc_remote_port_chkready(rport);
2444 	if (rval) {
2445 		QEDF_ERR(NULL, "device_reset rport not ready\n");
2446 		rc = FAILED;
2447 		goto tmf_err;
2448 	}
2449 
2450 	rc = fc_block_scsi_eh(sc_cmd);
2451 	if (rc)
2452 		goto tmf_err;
2453 
2454 	if (!fcport) {
2455 		QEDF_ERR(NULL, "device_reset: rport is NULL\n");
2456 		rc = FAILED;
2457 		goto tmf_err;
2458 	}
2459 
2460 	qedf = fcport->qedf;
2461 
2462 	if (!qedf) {
2463 		QEDF_ERR(NULL, "qedf is NULL.\n");
2464 		rc = FAILED;
2465 		goto tmf_err;
2466 	}
2467 
2468 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
2469 		QEDF_ERR(&qedf->dbg_ctx, "Connection is getting uploaded.\n");
2470 		rc = SUCCESS;
2471 		goto tmf_err;
2472 	}
2473 
2474 	if (test_bit(QEDF_UNLOADING, &qedf->flags) ||
2475 	    test_bit(QEDF_DBG_STOP_IO, &qedf->flags)) {
2476 		rc = SUCCESS;
2477 		goto tmf_err;
2478 	}
2479 
2480 	if (lport->state != LPORT_ST_READY || !(lport->link_up)) {
2481 		QEDF_ERR(&(qedf->dbg_ctx), "link is not ready\n");
2482 		rc = FAILED;
2483 		goto tmf_err;
2484 	}
2485 
2486 	if (test_bit(QEDF_RPORT_UPLOADING_CONNECTION, &fcport->flags)) {
2487 		if (!fcport->rdata)
2488 			QEDF_ERR(&qedf->dbg_ctx, "fcport %p is uploading.\n",
2489 				 fcport);
2490 		else
2491 			QEDF_ERR(&qedf->dbg_ctx,
2492 				 "fcport %p port_id=%06x is uploading.\n",
2493 				 fcport, fcport->rdata->ids.port_id);
2494 		rc = FAILED;
2495 		goto tmf_err;
2496 	}
2497 
2498 	rc = qedf_execute_tmf(fcport, sc_cmd, tm_flags);
2499 
2500 tmf_err:
2501 	kref_put(&rdata->kref, fc_rport_destroy);
2502 	return rc;
2503 }
2504 
2505 void qedf_process_tmf_compl(struct qedf_ctx *qedf, struct fcoe_cqe *cqe,
2506 	struct qedf_ioreq *io_req)
2507 {
2508 	struct fcoe_cqe_rsp_info *fcp_rsp;
2509 
2510 	clear_bit(QEDF_CMD_OUTSTANDING, &io_req->flags);
2511 
2512 	fcp_rsp = &cqe->cqe_info.rsp_info;
2513 	qedf_parse_fcp_rsp(io_req, fcp_rsp);
2514 
2515 	io_req->sc_cmd = NULL;
2516 	complete(&io_req->tm_done);
2517 }
2518 
2519 void qedf_process_unsol_compl(struct qedf_ctx *qedf, uint16_t que_idx,
2520 	struct fcoe_cqe *cqe)
2521 {
2522 	unsigned long flags;
2523 	uint16_t pktlen = cqe->cqe_info.unsolic_info.pkt_len;
2524 	u32 payload_len, crc;
2525 	struct fc_frame_header *fh;
2526 	struct fc_frame *fp;
2527 	struct qedf_io_work *io_work;
2528 	u32 bdq_idx;
2529 	void *bdq_addr;
2530 	struct scsi_bd *p_bd_info;
2531 
2532 	p_bd_info = &cqe->cqe_info.unsolic_info.bd_info;
2533 	QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_UNSOL,
2534 		  "address.hi=%x, address.lo=%x, opaque_data.hi=%x, opaque_data.lo=%x, bdq_prod_idx=%u, len=%u\n",
2535 		  le32_to_cpu(p_bd_info->address.hi),
2536 		  le32_to_cpu(p_bd_info->address.lo),
2537 		  le32_to_cpu(p_bd_info->opaque.fcoe_opaque.hi),
2538 		  le32_to_cpu(p_bd_info->opaque.fcoe_opaque.lo),
2539 		  qedf->bdq_prod_idx, pktlen);
2540 
2541 	bdq_idx = le32_to_cpu(p_bd_info->opaque.fcoe_opaque.lo);
2542 	if (bdq_idx >= QEDF_BDQ_SIZE) {
2543 		QEDF_ERR(&(qedf->dbg_ctx), "bdq_idx is out of range %d.\n",
2544 		    bdq_idx);
2545 		goto increment_prod;
2546 	}
2547 
2548 	bdq_addr = qedf->bdq[bdq_idx].buf_addr;
2549 	if (!bdq_addr) {
2550 		QEDF_ERR(&(qedf->dbg_ctx), "bdq_addr is NULL, dropping "
2551 		    "unsolicited packet.\n");
2552 		goto increment_prod;
2553 	}
2554 
2555 	if (qedf_dump_frames) {
2556 		QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_UNSOL,
2557 		    "BDQ frame is at addr=%p.\n", bdq_addr);
2558 		print_hex_dump(KERN_WARNING, "bdq ", DUMP_PREFIX_OFFSET, 16, 1,
2559 		    (void *)bdq_addr, pktlen, false);
2560 	}
2561 
2562 	/* Allocate frame */
2563 	payload_len = pktlen - sizeof(struct fc_frame_header);
2564 	fp = fc_frame_alloc(qedf->lport, payload_len);
2565 	if (!fp) {
2566 		QEDF_ERR(&(qedf->dbg_ctx), "Could not allocate fp.\n");
2567 		goto increment_prod;
2568 	}
2569 
2570 	/* Copy data from BDQ buffer into fc_frame struct */
2571 	fh = (struct fc_frame_header *)fc_frame_header_get(fp);
2572 	memcpy(fh, (void *)bdq_addr, pktlen);
2573 
2574 	QEDF_WARN(&qedf->dbg_ctx,
2575 		  "Processing Unsolicated frame, src=%06x dest=%06x r_ctl=0x%x type=0x%x cmd=%02x\n",
2576 		  ntoh24(fh->fh_s_id), ntoh24(fh->fh_d_id), fh->fh_r_ctl,
2577 		  fh->fh_type, fc_frame_payload_op(fp));
2578 
2579 	/* Initialize the frame so libfc sees it as a valid frame */
2580 	crc = fcoe_fc_crc(fp);
2581 	fc_frame_init(fp);
2582 	fr_dev(fp) = qedf->lport;
2583 	fr_sof(fp) = FC_SOF_I3;
2584 	fr_eof(fp) = FC_EOF_T;
2585 	fr_crc(fp) = cpu_to_le32(~crc);
2586 
2587 	/*
2588 	 * We need to return the frame back up to libfc in a non-atomic
2589 	 * context
2590 	 */
2591 	io_work = mempool_alloc(qedf->io_mempool, GFP_ATOMIC);
2592 	if (!io_work) {
2593 		QEDF_WARN(&(qedf->dbg_ctx), "Could not allocate "
2594 			   "work for I/O completion.\n");
2595 		fc_frame_free(fp);
2596 		goto increment_prod;
2597 	}
2598 	memset(io_work, 0, sizeof(struct qedf_io_work));
2599 
2600 	INIT_WORK(&io_work->work, qedf_fp_io_handler);
2601 
2602 	/* Copy contents of CQE for deferred processing */
2603 	memcpy(&io_work->cqe, cqe, sizeof(struct fcoe_cqe));
2604 
2605 	io_work->qedf = qedf;
2606 	io_work->fp = fp;
2607 
2608 	queue_work_on(smp_processor_id(), qedf_io_wq, &io_work->work);
2609 increment_prod:
2610 	spin_lock_irqsave(&qedf->hba_lock, flags);
2611 
2612 	/* Increment producer to let f/w know we've handled the frame */
2613 	qedf->bdq_prod_idx++;
2614 
2615 	/* Producer index wraps at uint16_t boundary */
2616 	if (qedf->bdq_prod_idx == 0xffff)
2617 		qedf->bdq_prod_idx = 0;
2618 
2619 	writew(qedf->bdq_prod_idx, qedf->bdq_primary_prod);
2620 	readw(qedf->bdq_primary_prod);
2621 	writew(qedf->bdq_prod_idx, qedf->bdq_secondary_prod);
2622 	readw(qedf->bdq_secondary_prod);
2623 
2624 	spin_unlock_irqrestore(&qedf->hba_lock, flags);
2625 }
2626