1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv 4 * Copyright (C) 1992 Eric Youngdale 5 * Simulate a host adapter with 2 disks attached. Do a lot of checking 6 * to make sure that we are not getting blocks mixed up, and PANIC if 7 * anything out of the ordinary is seen. 8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 9 * 10 * Copyright (C) 2001 - 2021 Douglas Gilbert 11 * 12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html 13 */ 14 15 16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__ 17 18 #include <linux/module.h> 19 #include <linux/align.h> 20 #include <linux/kernel.h> 21 #include <linux/errno.h> 22 #include <linux/jiffies.h> 23 #include <linux/slab.h> 24 #include <linux/types.h> 25 #include <linux/string.h> 26 #include <linux/fs.h> 27 #include <linux/init.h> 28 #include <linux/proc_fs.h> 29 #include <linux/vmalloc.h> 30 #include <linux/moduleparam.h> 31 #include <linux/scatterlist.h> 32 #include <linux/blkdev.h> 33 #include <linux/crc-t10dif.h> 34 #include <linux/spinlock.h> 35 #include <linux/interrupt.h> 36 #include <linux/atomic.h> 37 #include <linux/hrtimer.h> 38 #include <linux/uuid.h> 39 #include <linux/t10-pi.h> 40 #include <linux/msdos_partition.h> 41 #include <linux/random.h> 42 #include <linux/xarray.h> 43 #include <linux/prefetch.h> 44 #include <linux/debugfs.h> 45 #include <linux/async.h> 46 47 #include <net/checksum.h> 48 49 #include <asm/unaligned.h> 50 51 #include <scsi/scsi.h> 52 #include <scsi/scsi_cmnd.h> 53 #include <scsi/scsi_device.h> 54 #include <scsi/scsi_host.h> 55 #include <scsi/scsicam.h> 56 #include <scsi/scsi_eh.h> 57 #include <scsi/scsi_tcq.h> 58 #include <scsi/scsi_dbg.h> 59 60 #include "sd.h" 61 #include "scsi_logging.h" 62 63 /* make sure inq_product_rev string corresponds to this version */ 64 #define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */ 65 static const char *sdebug_version_date = "20210520"; 66 67 #define MY_NAME "scsi_debug" 68 69 /* Additional Sense Code (ASC) */ 70 #define NO_ADDITIONAL_SENSE 0x0 71 #define LOGICAL_UNIT_NOT_READY 0x4 72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8 73 #define UNRECOVERED_READ_ERR 0x11 74 #define PARAMETER_LIST_LENGTH_ERR 0x1a 75 #define INVALID_OPCODE 0x20 76 #define LBA_OUT_OF_RANGE 0x21 77 #define INVALID_FIELD_IN_CDB 0x24 78 #define INVALID_FIELD_IN_PARAM_LIST 0x26 79 #define WRITE_PROTECTED 0x27 80 #define UA_RESET_ASC 0x29 81 #define UA_CHANGED_ASC 0x2a 82 #define TARGET_CHANGED_ASC 0x3f 83 #define LUNS_CHANGED_ASCQ 0x0e 84 #define INSUFF_RES_ASC 0x55 85 #define INSUFF_RES_ASCQ 0x3 86 #define POWER_ON_RESET_ASCQ 0x0 87 #define POWER_ON_OCCURRED_ASCQ 0x1 88 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */ 89 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */ 90 #define CAPACITY_CHANGED_ASCQ 0x9 91 #define SAVING_PARAMS_UNSUP 0x39 92 #define TRANSPORT_PROBLEM 0x4b 93 #define THRESHOLD_EXCEEDED 0x5d 94 #define LOW_POWER_COND_ON 0x5e 95 #define MISCOMPARE_VERIFY_ASC 0x1d 96 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */ 97 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16 98 #define WRITE_ERROR_ASC 0xc 99 #define UNALIGNED_WRITE_ASCQ 0x4 100 #define WRITE_BOUNDARY_ASCQ 0x5 101 #define READ_INVDATA_ASCQ 0x6 102 #define READ_BOUNDARY_ASCQ 0x7 103 #define ATTEMPT_ACCESS_GAP 0x9 104 #define INSUFF_ZONE_ASCQ 0xe 105 106 /* Additional Sense Code Qualifier (ASCQ) */ 107 #define ACK_NAK_TO 0x3 108 109 /* Default values for driver parameters */ 110 #define DEF_NUM_HOST 1 111 #define DEF_NUM_TGTS 1 112 #define DEF_MAX_LUNS 1 113 /* With these defaults, this driver will make 1 host with 1 target 114 * (id 0) containing 1 logical unit (lun 0). That is 1 device. 115 */ 116 #define DEF_ATO 1 117 #define DEF_CDB_LEN 10 118 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */ 119 #define DEF_DEV_SIZE_PRE_INIT 0 120 #define DEF_DEV_SIZE_MB 8 121 #define DEF_ZBC_DEV_SIZE_MB 128 122 #define DEF_DIF 0 123 #define DEF_DIX 0 124 #define DEF_PER_HOST_STORE false 125 #define DEF_D_SENSE 0 126 #define DEF_EVERY_NTH 0 127 #define DEF_FAKE_RW 0 128 #define DEF_GUARD 0 129 #define DEF_HOST_LOCK 0 130 #define DEF_LBPU 0 131 #define DEF_LBPWS 0 132 #define DEF_LBPWS10 0 133 #define DEF_LBPRZ 1 134 #define DEF_LOWEST_ALIGNED 0 135 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */ 136 #define DEF_NO_LUN_0 0 137 #define DEF_NUM_PARTS 0 138 #define DEF_OPTS 0 139 #define DEF_OPT_BLKS 1024 140 #define DEF_PHYSBLK_EXP 0 141 #define DEF_OPT_XFERLEN_EXP 0 142 #define DEF_PTYPE TYPE_DISK 143 #define DEF_RANDOM false 144 #define DEF_REMOVABLE false 145 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */ 146 #define DEF_SECTOR_SIZE 512 147 #define DEF_UNMAP_ALIGNMENT 0 148 #define DEF_UNMAP_GRANULARITY 1 149 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF 150 #define DEF_UNMAP_MAX_DESC 256 151 #define DEF_VIRTUAL_GB 0 152 #define DEF_VPD_USE_HOSTNO 1 153 #define DEF_WRITESAME_LENGTH 0xFFFF 154 #define DEF_STRICT 0 155 #define DEF_STATISTICS false 156 #define DEF_SUBMIT_QUEUES 1 157 #define DEF_TUR_MS_TO_READY 0 158 #define DEF_UUID_CTL 0 159 #define JDELAY_OVERRIDDEN -9999 160 161 /* Default parameters for ZBC drives */ 162 #define DEF_ZBC_ZONE_SIZE_MB 128 163 #define DEF_ZBC_MAX_OPEN_ZONES 8 164 #define DEF_ZBC_NR_CONV_ZONES 1 165 166 #define SDEBUG_LUN_0_VAL 0 167 168 /* bit mask values for sdebug_opts */ 169 #define SDEBUG_OPT_NOISE 1 170 #define SDEBUG_OPT_MEDIUM_ERR 2 171 #define SDEBUG_OPT_TIMEOUT 4 172 #define SDEBUG_OPT_RECOVERED_ERR 8 173 #define SDEBUG_OPT_TRANSPORT_ERR 16 174 #define SDEBUG_OPT_DIF_ERR 32 175 #define SDEBUG_OPT_DIX_ERR 64 176 #define SDEBUG_OPT_MAC_TIMEOUT 128 177 #define SDEBUG_OPT_SHORT_TRANSFER 0x100 178 #define SDEBUG_OPT_Q_NOISE 0x200 179 #define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */ 180 #define SDEBUG_OPT_RARE_TSF 0x800 181 #define SDEBUG_OPT_N_WCE 0x1000 182 #define SDEBUG_OPT_RESET_NOISE 0x2000 183 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000 184 #define SDEBUG_OPT_HOST_BUSY 0x8000 185 #define SDEBUG_OPT_CMD_ABORT 0x10000 186 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \ 187 SDEBUG_OPT_RESET_NOISE) 188 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \ 189 SDEBUG_OPT_TRANSPORT_ERR | \ 190 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \ 191 SDEBUG_OPT_SHORT_TRANSFER | \ 192 SDEBUG_OPT_HOST_BUSY | \ 193 SDEBUG_OPT_CMD_ABORT) 194 #define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \ 195 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR) 196 197 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in 198 * priority order. In the subset implemented here lower numbers have higher 199 * priority. The UA numbers should be a sequence starting from 0 with 200 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */ 201 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */ 202 #define SDEBUG_UA_POOCCUR 1 /* Power on occurred */ 203 #define SDEBUG_UA_BUS_RESET 2 204 #define SDEBUG_UA_MODE_CHANGED 3 205 #define SDEBUG_UA_CAPACITY_CHANGED 4 206 #define SDEBUG_UA_LUNS_CHANGED 5 207 #define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */ 208 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7 209 #define SDEBUG_NUM_UAS 8 210 211 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this 212 * sector on read commands: */ 213 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */ 214 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */ 215 216 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued 217 * (for response) per submit queue at one time. Can be reduced by max_queue 218 * option. Command responses are not queued when jdelay=0 and ndelay=0. The 219 * per-device DEF_CMD_PER_LUN can be changed via sysfs: 220 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth 221 * but cannot exceed SDEBUG_CANQUEUE . 222 */ 223 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */ 224 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG) 225 #define DEF_CMD_PER_LUN SDEBUG_CANQUEUE 226 227 /* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */ 228 #define F_D_IN 1 /* Data-in command (e.g. READ) */ 229 #define F_D_OUT 2 /* Data-out command (e.g. WRITE) */ 230 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */ 231 #define F_D_UNKN 8 232 #define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */ 233 #define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */ 234 #define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */ 235 #define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */ 236 #define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */ 237 #define F_INV_OP 0x200 /* invalid opcode (not supported) */ 238 #define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */ 239 #define F_M_ACCESS 0x800 /* media access, reacts to SSU state */ 240 #define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */ 241 #define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */ 242 243 /* Useful combinations of the above flags */ 244 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR) 245 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW) 246 #define FF_SA (F_SA_HIGH | F_SA_LOW) 247 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY) 248 249 #define SDEBUG_MAX_PARTS 4 250 251 #define SDEBUG_MAX_CMD_LEN 32 252 253 #define SDEB_XA_NOT_IN_USE XA_MARK_1 254 255 static struct kmem_cache *queued_cmd_cache; 256 257 #define TO_QUEUED_CMD(scmd) ((void *)(scmd)->host_scribble) 258 #define ASSIGN_QUEUED_CMD(scmnd, qc) { (scmnd)->host_scribble = (void *) qc; } 259 260 /* Zone types (zbcr05 table 25) */ 261 enum sdebug_z_type { 262 ZBC_ZTYPE_CNV = 0x1, 263 ZBC_ZTYPE_SWR = 0x2, 264 ZBC_ZTYPE_SWP = 0x3, 265 /* ZBC_ZTYPE_SOBR = 0x4, */ 266 ZBC_ZTYPE_GAP = 0x5, 267 }; 268 269 /* enumeration names taken from table 26, zbcr05 */ 270 enum sdebug_z_cond { 271 ZBC_NOT_WRITE_POINTER = 0x0, 272 ZC1_EMPTY = 0x1, 273 ZC2_IMPLICIT_OPEN = 0x2, 274 ZC3_EXPLICIT_OPEN = 0x3, 275 ZC4_CLOSED = 0x4, 276 ZC6_READ_ONLY = 0xd, 277 ZC5_FULL = 0xe, 278 ZC7_OFFLINE = 0xf, 279 }; 280 281 struct sdeb_zone_state { /* ZBC: per zone state */ 282 enum sdebug_z_type z_type; 283 enum sdebug_z_cond z_cond; 284 bool z_non_seq_resource; 285 unsigned int z_size; 286 sector_t z_start; 287 sector_t z_wp; 288 }; 289 290 enum sdebug_err_type { 291 ERR_TMOUT_CMD = 0, /* make specific scsi command timeout */ 292 ERR_FAIL_QUEUE_CMD = 1, /* make specific scsi command's */ 293 /* queuecmd return failed */ 294 ERR_FAIL_CMD = 2, /* make specific scsi command's */ 295 /* queuecmd return succeed but */ 296 /* with errors set in scsi_cmnd */ 297 ERR_ABORT_CMD_FAILED = 3, /* control return FAILED from */ 298 /* scsi_debug_abort() */ 299 ERR_LUN_RESET_FAILED = 4, /* control return FAILED from */ 300 /* scsi_debug_device_reseLUN_RESET_FAILEDt() */ 301 }; 302 303 struct sdebug_err_inject { 304 int type; 305 struct list_head list; 306 int cnt; 307 unsigned char cmd; 308 struct rcu_head rcu; 309 310 union { 311 /* 312 * For ERR_FAIL_QUEUE_CMD 313 */ 314 int queuecmd_ret; 315 316 /* 317 * For ERR_FAIL_CMD 318 */ 319 struct { 320 unsigned char host_byte; 321 unsigned char driver_byte; 322 unsigned char status_byte; 323 unsigned char sense_key; 324 unsigned char asc; 325 unsigned char asq; 326 }; 327 }; 328 }; 329 330 struct sdebug_dev_info { 331 struct list_head dev_list; 332 unsigned int channel; 333 unsigned int target; 334 u64 lun; 335 uuid_t lu_name; 336 struct sdebug_host_info *sdbg_host; 337 unsigned long uas_bm[1]; 338 atomic_t stopped; /* 1: by SSU, 2: device start */ 339 bool used; 340 341 /* For ZBC devices */ 342 enum blk_zoned_model zmodel; 343 unsigned int zcap; 344 unsigned int zsize; 345 unsigned int zsize_shift; 346 unsigned int nr_zones; 347 unsigned int nr_conv_zones; 348 unsigned int nr_seq_zones; 349 unsigned int nr_imp_open; 350 unsigned int nr_exp_open; 351 unsigned int nr_closed; 352 unsigned int max_open; 353 ktime_t create_ts; /* time since bootup that this device was created */ 354 struct sdeb_zone_state *zstate; 355 356 struct dentry *debugfs_entry; 357 struct spinlock list_lock; 358 struct list_head inject_err_list; 359 }; 360 361 struct sdebug_target_info { 362 bool reset_fail; 363 struct dentry *debugfs_entry; 364 }; 365 366 struct sdebug_host_info { 367 struct list_head host_list; 368 int si_idx; /* sdeb_store_info (per host) xarray index */ 369 struct Scsi_Host *shost; 370 struct device dev; 371 struct list_head dev_info_list; 372 }; 373 374 /* There is an xarray of pointers to this struct's objects, one per host */ 375 struct sdeb_store_info { 376 rwlock_t macc_lck; /* for atomic media access on this store */ 377 u8 *storep; /* user data storage (ram) */ 378 struct t10_pi_tuple *dif_storep; /* protection info */ 379 void *map_storep; /* provisioning map */ 380 }; 381 382 #define dev_to_sdebug_host(d) \ 383 container_of(d, struct sdebug_host_info, dev) 384 385 #define shost_to_sdebug_host(shost) \ 386 dev_to_sdebug_host(shost->dma_dev) 387 388 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1, 389 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3}; 390 391 struct sdebug_defer { 392 struct hrtimer hrt; 393 struct execute_work ew; 394 ktime_t cmpl_ts;/* time since boot to complete this cmd */ 395 int issuing_cpu; 396 bool aborted; /* true when blk_abort_request() already called */ 397 enum sdeb_defer_type defer_t; 398 }; 399 400 struct sdebug_queued_cmd { 401 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue 402 * instance indicates this slot is in use. 403 */ 404 struct sdebug_defer sd_dp; 405 struct scsi_cmnd *scmd; 406 }; 407 408 struct sdebug_scsi_cmd { 409 spinlock_t lock; 410 }; 411 412 static atomic_t sdebug_cmnd_count; /* number of incoming commands */ 413 static atomic_t sdebug_completions; /* count of deferred completions */ 414 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */ 415 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */ 416 static atomic_t sdeb_inject_pending; 417 static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */ 418 419 struct opcode_info_t { 420 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */ 421 /* for terminating element */ 422 u8 opcode; /* if num_attached > 0, preferred */ 423 u16 sa; /* service action */ 424 u32 flags; /* OR-ed set of SDEB_F_* */ 425 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 426 const struct opcode_info_t *arrp; /* num_attached elements or NULL */ 427 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */ 428 /* 1 to min(cdb_len, 15); ignore cdb[15...] */ 429 }; 430 431 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */ 432 enum sdeb_opcode_index { 433 SDEB_I_INVALID_OPCODE = 0, 434 SDEB_I_INQUIRY = 1, 435 SDEB_I_REPORT_LUNS = 2, 436 SDEB_I_REQUEST_SENSE = 3, 437 SDEB_I_TEST_UNIT_READY = 4, 438 SDEB_I_MODE_SENSE = 5, /* 6, 10 */ 439 SDEB_I_MODE_SELECT = 6, /* 6, 10 */ 440 SDEB_I_LOG_SENSE = 7, 441 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */ 442 SDEB_I_READ = 9, /* 6, 10, 12, 16 */ 443 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */ 444 SDEB_I_START_STOP = 11, 445 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */ 446 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */ 447 SDEB_I_MAINT_IN = 14, 448 SDEB_I_MAINT_OUT = 15, 449 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */ 450 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */ 451 SDEB_I_RESERVE = 18, /* 6, 10 */ 452 SDEB_I_RELEASE = 19, /* 6, 10 */ 453 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */ 454 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */ 455 SDEB_I_ATA_PT = 22, /* 12, 16 */ 456 SDEB_I_SEND_DIAG = 23, 457 SDEB_I_UNMAP = 24, 458 SDEB_I_WRITE_BUFFER = 25, 459 SDEB_I_WRITE_SAME = 26, /* 10, 16 */ 460 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */ 461 SDEB_I_COMP_WRITE = 28, 462 SDEB_I_PRE_FETCH = 29, /* 10, 16 */ 463 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */ 464 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */ 465 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */ 466 }; 467 468 469 static const unsigned char opcode_ind_arr[256] = { 470 /* 0x0; 0x0->0x1f: 6 byte cdbs */ 471 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE, 472 0, 0, 0, 0, 473 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0, 474 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 475 SDEB_I_RELEASE, 476 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG, 477 SDEB_I_ALLOW_REMOVAL, 0, 478 /* 0x20; 0x20->0x3f: 10 byte cdbs */ 479 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0, 480 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY, 481 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0, 482 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0, 483 /* 0x40; 0x40->0x5f: 10 byte cdbs */ 484 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0, 485 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0, 486 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE, 487 SDEB_I_RELEASE, 488 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0, 489 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */ 490 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 491 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 492 0, SDEB_I_VARIABLE_LEN, 493 /* 0x80; 0x80->0x9f: 16 byte cdbs */ 494 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0, 495 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 496 0, 0, 0, SDEB_I_VERIFY, 497 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 498 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0, 499 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16, 500 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */ 501 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN, 502 SDEB_I_MAINT_OUT, 0, 0, 0, 503 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE, 504 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0, 505 0, 0, 0, 0, 0, 0, 0, 0, 506 0, 0, 0, 0, 0, 0, 0, 0, 507 /* 0xc0; 0xc0->0xff: vendor specific */ 508 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 509 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 510 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 511 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 512 }; 513 514 /* 515 * The following "response" functions return the SCSI mid-level's 4 byte 516 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster 517 * command completion, they can mask their return value with 518 * SDEG_RES_IMMED_MASK . 519 */ 520 #define SDEG_RES_IMMED_MASK 0x40000000 521 522 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *); 523 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *); 524 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *); 525 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 526 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *); 527 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *); 528 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *); 529 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 530 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *); 531 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *); 532 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *); 533 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *); 534 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *); 535 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *); 536 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *); 537 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *); 538 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *); 539 static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *); 540 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *); 541 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *); 542 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *); 543 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *); 544 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *); 545 static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *); 546 static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *); 547 static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 548 static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 549 static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 550 static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *); 551 552 static int sdebug_do_add_host(bool mk_new_store); 553 static int sdebug_add_host_helper(int per_host_idx); 554 static void sdebug_do_remove_host(bool the_end); 555 static int sdebug_add_store(void); 556 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip); 557 static void sdebug_erase_all_stores(bool apart_from_first); 558 559 static void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp); 560 561 /* 562 * The following are overflow arrays for cdbs that "hit" the same index in 563 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb 564 * should be placed in opcode_info_arr[], the others should be placed here. 565 */ 566 static const struct opcode_info_t msense_iarr[] = { 567 {0, 0x1a, 0, F_D_IN, NULL, NULL, 568 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 569 }; 570 571 static const struct opcode_info_t mselect_iarr[] = { 572 {0, 0x15, 0, F_D_OUT, NULL, NULL, 573 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 574 }; 575 576 static const struct opcode_info_t read_iarr[] = { 577 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */ 578 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 579 0, 0, 0, 0} }, 580 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */ 581 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 582 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */ 583 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 584 0xc7, 0, 0, 0, 0} }, 585 }; 586 587 static const struct opcode_info_t write_iarr[] = { 588 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */ 589 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 590 0, 0, 0, 0, 0, 0} }, 591 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */ 592 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 593 0, 0, 0} }, 594 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */ 595 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 596 0xbf, 0xc7, 0, 0, 0, 0} }, 597 }; 598 599 static const struct opcode_info_t verify_iarr[] = { 600 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */ 601 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7, 602 0, 0, 0, 0, 0, 0} }, 603 }; 604 605 static const struct opcode_info_t sa_in_16_iarr[] = { 606 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL, 607 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 608 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */ 609 }; 610 611 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */ 612 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0, 613 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa, 614 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */ 615 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 616 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8, 617 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */ 618 }; 619 620 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */ 621 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL, 622 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 623 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */ 624 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL, 625 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 626 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */ 627 }; 628 629 static const struct opcode_info_t write_same_iarr[] = { 630 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL, 631 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 632 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */ 633 }; 634 635 static const struct opcode_info_t reserve_iarr[] = { 636 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */ 637 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 638 }; 639 640 static const struct opcode_info_t release_iarr[] = { 641 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */ 642 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 643 }; 644 645 static const struct opcode_info_t sync_cache_iarr[] = { 646 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL, 647 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 648 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */ 649 }; 650 651 static const struct opcode_info_t pre_fetch_iarr[] = { 652 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL, 653 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 654 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */ 655 }; 656 657 static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */ 658 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL, 659 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 660 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */ 661 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL, 662 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 663 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */ 664 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL, 665 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 666 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */ 667 }; 668 669 static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */ 670 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL, 671 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 672 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */ 673 }; 674 675 676 /* This array is accessed via SDEB_I_* values. Make sure all are mapped, 677 * plus the terminating elements for logic that scans this table such as 678 * REPORT SUPPORTED OPERATION CODES. */ 679 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = { 680 /* 0 */ 681 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */ 682 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 683 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */ 684 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 685 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL, 686 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 687 0, 0} }, /* REPORT LUNS */ 688 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL, 689 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 690 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */ 691 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 692 /* 5 */ 693 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */ 694 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0, 695 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 696 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */ 697 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 698 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 699 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */ 700 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 701 0, 0, 0} }, 702 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */ 703 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0, 704 0, 0} }, 705 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */ 706 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 707 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 708 /* 10 */ 709 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO, 710 resp_write_dt0, write_iarr, /* WRITE(16) */ 711 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 712 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, 713 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */ 714 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 715 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN, 716 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */ 717 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 718 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} }, 719 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat, 720 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff, 721 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */ 722 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN, 723 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */ 724 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 725 0xff, 0, 0xc7, 0, 0, 0, 0} }, 726 /* 15 */ 727 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */ 728 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 729 {ARRAY_SIZE(verify_iarr), 0x8f, 0, 730 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */ 731 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 732 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, 733 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO, 734 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */ 735 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff, 736 0xff, 0xff} }, 737 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT, 738 NULL, reserve_iarr, /* RESERVE(10) <no response function> */ 739 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 740 0} }, 741 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT, 742 NULL, release_iarr, /* RELEASE(10) <no response function> */ 743 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 744 0} }, 745 /* 20 */ 746 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */ 747 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 748 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */ 749 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 750 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */ 751 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 752 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */ 753 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 754 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */ 755 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} }, 756 /* 25 */ 757 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL, 758 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 759 0, 0, 0, 0} }, /* WRITE_BUFFER */ 760 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, 761 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */ 762 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 763 0, 0, 0, 0, 0} }, 764 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS, 765 resp_sync_cache, sync_cache_iarr, 766 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 767 0, 0, 0, 0} }, /* SYNC_CACHE (10) */ 768 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL, 769 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0, 770 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */ 771 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO, 772 resp_pre_fetch, pre_fetch_iarr, 773 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 774 0, 0, 0, 0} }, /* PRE-FETCH (10) */ 775 776 /* 30 */ 777 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS, 778 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */ 779 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 780 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} }, 781 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS, 782 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */ 783 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 784 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} }, 785 /* sentinel */ 786 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */ 787 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} }, 788 }; 789 790 static int sdebug_num_hosts; 791 static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */ 792 static int sdebug_ato = DEF_ATO; 793 static int sdebug_cdb_len = DEF_CDB_LEN; 794 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */ 795 static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT; 796 static int sdebug_dif = DEF_DIF; 797 static int sdebug_dix = DEF_DIX; 798 static int sdebug_dsense = DEF_D_SENSE; 799 static int sdebug_every_nth = DEF_EVERY_NTH; 800 static int sdebug_fake_rw = DEF_FAKE_RW; 801 static unsigned int sdebug_guard = DEF_GUARD; 802 static int sdebug_host_max_queue; /* per host */ 803 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED; 804 static int sdebug_max_luns = DEF_MAX_LUNS; 805 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */ 806 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR; 807 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM; 808 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */ 809 static int sdebug_no_lun_0 = DEF_NO_LUN_0; 810 static int sdebug_no_uld; 811 static int sdebug_num_parts = DEF_NUM_PARTS; 812 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */ 813 static int sdebug_opt_blks = DEF_OPT_BLKS; 814 static int sdebug_opts = DEF_OPTS; 815 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP; 816 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP; 817 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */ 818 static int sdebug_scsi_level = DEF_SCSI_LEVEL; 819 static int sdebug_sector_size = DEF_SECTOR_SIZE; 820 static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY; 821 static int sdebug_virtual_gb = DEF_VIRTUAL_GB; 822 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO; 823 static unsigned int sdebug_lbpu = DEF_LBPU; 824 static unsigned int sdebug_lbpws = DEF_LBPWS; 825 static unsigned int sdebug_lbpws10 = DEF_LBPWS10; 826 static unsigned int sdebug_lbprz = DEF_LBPRZ; 827 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT; 828 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY; 829 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS; 830 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC; 831 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH; 832 static int sdebug_uuid_ctl = DEF_UUID_CTL; 833 static bool sdebug_random = DEF_RANDOM; 834 static bool sdebug_per_host_store = DEF_PER_HOST_STORE; 835 static bool sdebug_removable = DEF_REMOVABLE; 836 static bool sdebug_clustering; 837 static bool sdebug_host_lock = DEF_HOST_LOCK; 838 static bool sdebug_strict = DEF_STRICT; 839 static bool sdebug_any_injecting_opt; 840 static bool sdebug_no_rwlock; 841 static bool sdebug_verbose; 842 static bool have_dif_prot; 843 static bool write_since_sync; 844 static bool sdebug_statistics = DEF_STATISTICS; 845 static bool sdebug_wp; 846 static bool sdebug_allow_restart; 847 /* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */ 848 static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE; 849 static char *sdeb_zbc_model_s; 850 851 enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0, 852 SAM_LUN_AM_FLAT = 0x1, 853 SAM_LUN_AM_LOGICAL_UNIT = 0x2, 854 SAM_LUN_AM_EXTENDED = 0x3}; 855 static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL; 856 static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL; 857 858 static unsigned int sdebug_store_sectors; 859 static sector_t sdebug_capacity; /* in sectors */ 860 861 /* old BIOS stuff, kernel may get rid of them but some mode sense pages 862 may still need them */ 863 static int sdebug_heads; /* heads per disk */ 864 static int sdebug_cylinders_per; /* cylinders per surface */ 865 static int sdebug_sectors_per; /* sectors per cylinder */ 866 867 static LIST_HEAD(sdebug_host_list); 868 static DEFINE_MUTEX(sdebug_host_list_mutex); 869 870 static struct xarray per_store_arr; 871 static struct xarray *per_store_ap = &per_store_arr; 872 static int sdeb_first_idx = -1; /* invalid index ==> none created */ 873 static int sdeb_most_recent_idx = -1; 874 static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */ 875 876 static unsigned long map_size; 877 static int num_aborts; 878 static int num_dev_resets; 879 static int num_target_resets; 880 static int num_bus_resets; 881 static int num_host_resets; 882 static int dix_writes; 883 static int dix_reads; 884 static int dif_errors; 885 886 /* ZBC global data */ 887 static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */ 888 static int sdeb_zbc_zone_cap_mb; 889 static int sdeb_zbc_zone_size_mb; 890 static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES; 891 static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES; 892 893 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */ 894 static int poll_queues; /* iouring iopoll interface.*/ 895 896 static char sdebug_proc_name[] = MY_NAME; 897 static const char *my_name = MY_NAME; 898 899 static struct bus_type pseudo_lld_bus; 900 901 static struct device_driver sdebug_driverfs_driver = { 902 .name = sdebug_proc_name, 903 .bus = &pseudo_lld_bus, 904 }; 905 906 static const int check_condition_result = 907 SAM_STAT_CHECK_CONDITION; 908 909 static const int illegal_condition_result = 910 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION; 911 912 static const int device_qfull_result = 913 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL; 914 915 static const int condition_met_result = SAM_STAT_CONDITION_MET; 916 917 static struct dentry *sdebug_debugfs_root; 918 919 static void sdebug_err_free(struct rcu_head *head) 920 { 921 struct sdebug_err_inject *inject = 922 container_of(head, typeof(*inject), rcu); 923 924 kfree(inject); 925 } 926 927 static void sdebug_err_add(struct scsi_device *sdev, struct sdebug_err_inject *new) 928 { 929 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata; 930 struct sdebug_err_inject *err; 931 932 spin_lock(&devip->list_lock); 933 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 934 if (err->type == new->type && err->cmd == new->cmd) { 935 list_del_rcu(&err->list); 936 call_rcu(&err->rcu, sdebug_err_free); 937 } 938 } 939 940 list_add_tail_rcu(&new->list, &devip->inject_err_list); 941 spin_unlock(&devip->list_lock); 942 } 943 944 static int sdebug_err_remove(struct scsi_device *sdev, const char *buf, size_t count) 945 { 946 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata; 947 struct sdebug_err_inject *err; 948 int type; 949 unsigned char cmd; 950 951 if (sscanf(buf, "- %d %hhx", &type, &cmd) != 2) { 952 kfree(buf); 953 return -EINVAL; 954 } 955 956 spin_lock(&devip->list_lock); 957 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 958 if (err->type == type && err->cmd == cmd) { 959 list_del_rcu(&err->list); 960 call_rcu(&err->rcu, sdebug_err_free); 961 spin_unlock(&devip->list_lock); 962 kfree(buf); 963 return count; 964 } 965 } 966 spin_unlock(&devip->list_lock); 967 968 kfree(buf); 969 return -EINVAL; 970 } 971 972 static int sdebug_error_show(struct seq_file *m, void *p) 973 { 974 struct scsi_device *sdev = (struct scsi_device *)m->private; 975 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata; 976 struct sdebug_err_inject *err; 977 978 seq_puts(m, "Type\tCount\tCommand\n"); 979 980 rcu_read_lock(); 981 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 982 switch (err->type) { 983 case ERR_TMOUT_CMD: 984 case ERR_ABORT_CMD_FAILED: 985 case ERR_LUN_RESET_FAILED: 986 seq_printf(m, "%d\t%d\t0x%x\n", err->type, err->cnt, 987 err->cmd); 988 break; 989 990 case ERR_FAIL_QUEUE_CMD: 991 seq_printf(m, "%d\t%d\t0x%x\t0x%x\n", err->type, 992 err->cnt, err->cmd, err->queuecmd_ret); 993 break; 994 995 case ERR_FAIL_CMD: 996 seq_printf(m, "%d\t%d\t0x%x\t0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n", 997 err->type, err->cnt, err->cmd, 998 err->host_byte, err->driver_byte, 999 err->status_byte, err->sense_key, 1000 err->asc, err->asq); 1001 break; 1002 } 1003 } 1004 rcu_read_unlock(); 1005 1006 return 0; 1007 } 1008 1009 static int sdebug_error_open(struct inode *inode, struct file *file) 1010 { 1011 return single_open(file, sdebug_error_show, inode->i_private); 1012 } 1013 1014 static ssize_t sdebug_error_write(struct file *file, const char __user *ubuf, 1015 size_t count, loff_t *ppos) 1016 { 1017 char *buf; 1018 unsigned int inject_type; 1019 struct sdebug_err_inject *inject; 1020 struct scsi_device *sdev = (struct scsi_device *)file->f_inode->i_private; 1021 1022 buf = kzalloc(count + 1, GFP_KERNEL); 1023 if (!buf) 1024 return -ENOMEM; 1025 1026 if (copy_from_user(buf, ubuf, count)) { 1027 kfree(buf); 1028 return -EFAULT; 1029 } 1030 1031 if (buf[0] == '-') 1032 return sdebug_err_remove(sdev, buf, count); 1033 1034 if (sscanf(buf, "%d", &inject_type) != 1) { 1035 kfree(buf); 1036 return -EINVAL; 1037 } 1038 1039 inject = kzalloc(sizeof(struct sdebug_err_inject), GFP_KERNEL); 1040 if (!inject) { 1041 kfree(buf); 1042 return -ENOMEM; 1043 } 1044 1045 switch (inject_type) { 1046 case ERR_TMOUT_CMD: 1047 case ERR_ABORT_CMD_FAILED: 1048 case ERR_LUN_RESET_FAILED: 1049 if (sscanf(buf, "%d %d %hhx", &inject->type, &inject->cnt, 1050 &inject->cmd) != 3) 1051 goto out_error; 1052 break; 1053 1054 case ERR_FAIL_QUEUE_CMD: 1055 if (sscanf(buf, "%d %d %hhx %x", &inject->type, &inject->cnt, 1056 &inject->cmd, &inject->queuecmd_ret) != 4) 1057 goto out_error; 1058 break; 1059 1060 case ERR_FAIL_CMD: 1061 if (sscanf(buf, "%d %d %hhx %hhx %hhx %hhx %hhx %hhx %hhx", 1062 &inject->type, &inject->cnt, &inject->cmd, 1063 &inject->host_byte, &inject->driver_byte, 1064 &inject->status_byte, &inject->sense_key, 1065 &inject->asc, &inject->asq) != 9) 1066 goto out_error; 1067 break; 1068 1069 default: 1070 goto out_error; 1071 break; 1072 } 1073 1074 kfree(buf); 1075 sdebug_err_add(sdev, inject); 1076 1077 return count; 1078 1079 out_error: 1080 kfree(buf); 1081 kfree(inject); 1082 return -EINVAL; 1083 } 1084 1085 static const struct file_operations sdebug_error_fops = { 1086 .open = sdebug_error_open, 1087 .read = seq_read, 1088 .write = sdebug_error_write, 1089 .release = single_release, 1090 }; 1091 1092 static int sdebug_target_reset_fail_show(struct seq_file *m, void *p) 1093 { 1094 struct scsi_target *starget = (struct scsi_target *)m->private; 1095 struct sdebug_target_info *targetip = 1096 (struct sdebug_target_info *)starget->hostdata; 1097 1098 if (targetip) 1099 seq_printf(m, "%c\n", targetip->reset_fail ? 'Y' : 'N'); 1100 1101 return 0; 1102 } 1103 1104 static int sdebug_target_reset_fail_open(struct inode *inode, struct file *file) 1105 { 1106 return single_open(file, sdebug_target_reset_fail_show, inode->i_private); 1107 } 1108 1109 static ssize_t sdebug_target_reset_fail_write(struct file *file, 1110 const char __user *ubuf, size_t count, loff_t *ppos) 1111 { 1112 int ret; 1113 struct scsi_target *starget = 1114 (struct scsi_target *)file->f_inode->i_private; 1115 struct sdebug_target_info *targetip = 1116 (struct sdebug_target_info *)starget->hostdata; 1117 1118 if (targetip) { 1119 ret = kstrtobool_from_user(ubuf, count, &targetip->reset_fail); 1120 return ret < 0 ? ret : count; 1121 } 1122 return -ENODEV; 1123 } 1124 1125 static const struct file_operations sdebug_target_reset_fail_fops = { 1126 .open = sdebug_target_reset_fail_open, 1127 .read = seq_read, 1128 .write = sdebug_target_reset_fail_write, 1129 .release = single_release, 1130 }; 1131 1132 static int sdebug_target_alloc(struct scsi_target *starget) 1133 { 1134 struct sdebug_target_info *targetip; 1135 1136 targetip = kzalloc(sizeof(struct sdebug_target_info), GFP_KERNEL); 1137 if (!targetip) 1138 return -ENOMEM; 1139 1140 targetip->debugfs_entry = debugfs_create_dir(dev_name(&starget->dev), 1141 sdebug_debugfs_root); 1142 1143 debugfs_create_file("fail_reset", 0600, targetip->debugfs_entry, starget, 1144 &sdebug_target_reset_fail_fops); 1145 1146 starget->hostdata = targetip; 1147 1148 return 0; 1149 } 1150 1151 static void sdebug_tartget_cleanup_async(void *data, async_cookie_t cookie) 1152 { 1153 struct sdebug_target_info *targetip = data; 1154 1155 debugfs_remove(targetip->debugfs_entry); 1156 kfree(targetip); 1157 } 1158 1159 static void sdebug_target_destroy(struct scsi_target *starget) 1160 { 1161 struct sdebug_target_info *targetip; 1162 1163 targetip = (struct sdebug_target_info *)starget->hostdata; 1164 if (targetip) { 1165 starget->hostdata = NULL; 1166 async_schedule(sdebug_tartget_cleanup_async, targetip); 1167 } 1168 } 1169 1170 /* Only do the extra work involved in logical block provisioning if one or 1171 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing 1172 * real reads and writes (i.e. not skipping them for speed). 1173 */ 1174 static inline bool scsi_debug_lbp(void) 1175 { 1176 return 0 == sdebug_fake_rw && 1177 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10); 1178 } 1179 1180 static void *lba2fake_store(struct sdeb_store_info *sip, 1181 unsigned long long lba) 1182 { 1183 struct sdeb_store_info *lsip = sip; 1184 1185 lba = do_div(lba, sdebug_store_sectors); 1186 if (!sip || !sip->storep) { 1187 WARN_ON_ONCE(true); 1188 lsip = xa_load(per_store_ap, 0); /* should never be NULL */ 1189 } 1190 return lsip->storep + lba * sdebug_sector_size; 1191 } 1192 1193 static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip, 1194 sector_t sector) 1195 { 1196 sector = sector_div(sector, sdebug_store_sectors); 1197 1198 return sip->dif_storep + sector; 1199 } 1200 1201 static void sdebug_max_tgts_luns(void) 1202 { 1203 struct sdebug_host_info *sdbg_host; 1204 struct Scsi_Host *hpnt; 1205 1206 mutex_lock(&sdebug_host_list_mutex); 1207 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 1208 hpnt = sdbg_host->shost; 1209 if ((hpnt->this_id >= 0) && 1210 (sdebug_num_tgts > hpnt->this_id)) 1211 hpnt->max_id = sdebug_num_tgts + 1; 1212 else 1213 hpnt->max_id = sdebug_num_tgts; 1214 /* sdebug_max_luns; */ 1215 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 1216 } 1217 mutex_unlock(&sdebug_host_list_mutex); 1218 } 1219 1220 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1}; 1221 1222 /* Set in_bit to -1 to indicate no bit position of invalid field */ 1223 static void mk_sense_invalid_fld(struct scsi_cmnd *scp, 1224 enum sdeb_cmd_data c_d, 1225 int in_byte, int in_bit) 1226 { 1227 unsigned char *sbuff; 1228 u8 sks[4]; 1229 int sl, asc; 1230 1231 sbuff = scp->sense_buffer; 1232 if (!sbuff) { 1233 sdev_printk(KERN_ERR, scp->device, 1234 "%s: sense_buffer is NULL\n", __func__); 1235 return; 1236 } 1237 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST; 1238 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE); 1239 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0); 1240 memset(sks, 0, sizeof(sks)); 1241 sks[0] = 0x80; 1242 if (c_d) 1243 sks[0] |= 0x40; 1244 if (in_bit >= 0) { 1245 sks[0] |= 0x8; 1246 sks[0] |= 0x7 & in_bit; 1247 } 1248 put_unaligned_be16(in_byte, sks + 1); 1249 if (sdebug_dsense) { 1250 sl = sbuff[7] + 8; 1251 sbuff[7] = sl; 1252 sbuff[sl] = 0x2; 1253 sbuff[sl + 1] = 0x6; 1254 memcpy(sbuff + sl + 4, sks, 3); 1255 } else 1256 memcpy(sbuff + 15, sks, 3); 1257 if (sdebug_verbose) 1258 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq" 1259 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n", 1260 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit); 1261 } 1262 1263 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq) 1264 { 1265 if (!scp->sense_buffer) { 1266 sdev_printk(KERN_ERR, scp->device, 1267 "%s: sense_buffer is NULL\n", __func__); 1268 return; 1269 } 1270 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE); 1271 1272 scsi_build_sense(scp, sdebug_dsense, key, asc, asq); 1273 1274 if (sdebug_verbose) 1275 sdev_printk(KERN_INFO, scp->device, 1276 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n", 1277 my_name, key, asc, asq); 1278 } 1279 1280 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp) 1281 { 1282 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0); 1283 } 1284 1285 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd, 1286 void __user *arg) 1287 { 1288 if (sdebug_verbose) { 1289 if (0x1261 == cmd) 1290 sdev_printk(KERN_INFO, dev, 1291 "%s: BLKFLSBUF [0x1261]\n", __func__); 1292 else if (0x5331 == cmd) 1293 sdev_printk(KERN_INFO, dev, 1294 "%s: CDROM_GET_CAPABILITY [0x5331]\n", 1295 __func__); 1296 else 1297 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n", 1298 __func__, cmd); 1299 } 1300 return -EINVAL; 1301 /* return -ENOTTY; // correct return but upsets fdisk */ 1302 } 1303 1304 static void config_cdb_len(struct scsi_device *sdev) 1305 { 1306 switch (sdebug_cdb_len) { 1307 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */ 1308 sdev->use_10_for_rw = false; 1309 sdev->use_16_for_rw = false; 1310 sdev->use_10_for_ms = false; 1311 break; 1312 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */ 1313 sdev->use_10_for_rw = true; 1314 sdev->use_16_for_rw = false; 1315 sdev->use_10_for_ms = false; 1316 break; 1317 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */ 1318 sdev->use_10_for_rw = true; 1319 sdev->use_16_for_rw = false; 1320 sdev->use_10_for_ms = true; 1321 break; 1322 case 16: 1323 sdev->use_10_for_rw = false; 1324 sdev->use_16_for_rw = true; 1325 sdev->use_10_for_ms = true; 1326 break; 1327 case 32: /* No knobs to suggest this so same as 16 for now */ 1328 sdev->use_10_for_rw = false; 1329 sdev->use_16_for_rw = true; 1330 sdev->use_10_for_ms = true; 1331 break; 1332 default: 1333 pr_warn("unexpected cdb_len=%d, force to 10\n", 1334 sdebug_cdb_len); 1335 sdev->use_10_for_rw = true; 1336 sdev->use_16_for_rw = false; 1337 sdev->use_10_for_ms = false; 1338 sdebug_cdb_len = 10; 1339 break; 1340 } 1341 } 1342 1343 static void all_config_cdb_len(void) 1344 { 1345 struct sdebug_host_info *sdbg_host; 1346 struct Scsi_Host *shost; 1347 struct scsi_device *sdev; 1348 1349 mutex_lock(&sdebug_host_list_mutex); 1350 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 1351 shost = sdbg_host->shost; 1352 shost_for_each_device(sdev, shost) { 1353 config_cdb_len(sdev); 1354 } 1355 } 1356 mutex_unlock(&sdebug_host_list_mutex); 1357 } 1358 1359 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip) 1360 { 1361 struct sdebug_host_info *sdhp = devip->sdbg_host; 1362 struct sdebug_dev_info *dp; 1363 1364 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 1365 if ((devip->sdbg_host == dp->sdbg_host) && 1366 (devip->target == dp->target)) { 1367 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 1368 } 1369 } 1370 } 1371 1372 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1373 { 1374 int k; 1375 1376 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS); 1377 if (k != SDEBUG_NUM_UAS) { 1378 const char *cp = NULL; 1379 1380 switch (k) { 1381 case SDEBUG_UA_POR: 1382 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1383 POWER_ON_RESET_ASCQ); 1384 if (sdebug_verbose) 1385 cp = "power on reset"; 1386 break; 1387 case SDEBUG_UA_POOCCUR: 1388 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1389 POWER_ON_OCCURRED_ASCQ); 1390 if (sdebug_verbose) 1391 cp = "power on occurred"; 1392 break; 1393 case SDEBUG_UA_BUS_RESET: 1394 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC, 1395 BUS_RESET_ASCQ); 1396 if (sdebug_verbose) 1397 cp = "bus reset"; 1398 break; 1399 case SDEBUG_UA_MODE_CHANGED: 1400 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 1401 MODE_CHANGED_ASCQ); 1402 if (sdebug_verbose) 1403 cp = "mode parameters changed"; 1404 break; 1405 case SDEBUG_UA_CAPACITY_CHANGED: 1406 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC, 1407 CAPACITY_CHANGED_ASCQ); 1408 if (sdebug_verbose) 1409 cp = "capacity data changed"; 1410 break; 1411 case SDEBUG_UA_MICROCODE_CHANGED: 1412 mk_sense_buffer(scp, UNIT_ATTENTION, 1413 TARGET_CHANGED_ASC, 1414 MICROCODE_CHANGED_ASCQ); 1415 if (sdebug_verbose) 1416 cp = "microcode has been changed"; 1417 break; 1418 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET: 1419 mk_sense_buffer(scp, UNIT_ATTENTION, 1420 TARGET_CHANGED_ASC, 1421 MICROCODE_CHANGED_WO_RESET_ASCQ); 1422 if (sdebug_verbose) 1423 cp = "microcode has been changed without reset"; 1424 break; 1425 case SDEBUG_UA_LUNS_CHANGED: 1426 /* 1427 * SPC-3 behavior is to report a UNIT ATTENTION with 1428 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN 1429 * on the target, until a REPORT LUNS command is 1430 * received. SPC-4 behavior is to report it only once. 1431 * NOTE: sdebug_scsi_level does not use the same 1432 * values as struct scsi_device->scsi_level. 1433 */ 1434 if (sdebug_scsi_level >= 6) /* SPC-4 and above */ 1435 clear_luns_changed_on_target(devip); 1436 mk_sense_buffer(scp, UNIT_ATTENTION, 1437 TARGET_CHANGED_ASC, 1438 LUNS_CHANGED_ASCQ); 1439 if (sdebug_verbose) 1440 cp = "reported luns data has changed"; 1441 break; 1442 default: 1443 pr_warn("unexpected unit attention code=%d\n", k); 1444 if (sdebug_verbose) 1445 cp = "unknown"; 1446 break; 1447 } 1448 clear_bit(k, devip->uas_bm); 1449 if (sdebug_verbose) 1450 sdev_printk(KERN_INFO, scp->device, 1451 "%s reports: Unit attention: %s\n", 1452 my_name, cp); 1453 return check_condition_result; 1454 } 1455 return 0; 1456 } 1457 1458 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */ 1459 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1460 int arr_len) 1461 { 1462 int act_len; 1463 struct scsi_data_buffer *sdb = &scp->sdb; 1464 1465 if (!sdb->length) 1466 return 0; 1467 if (scp->sc_data_direction != DMA_FROM_DEVICE) 1468 return DID_ERROR << 16; 1469 1470 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents, 1471 arr, arr_len); 1472 scsi_set_resid(scp, scsi_bufflen(scp) - act_len); 1473 1474 return 0; 1475 } 1476 1477 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else 1478 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple 1479 * calls, not required to write in ascending offset order. Assumes resid 1480 * set to scsi_bufflen() prior to any calls. 1481 */ 1482 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr, 1483 int arr_len, unsigned int off_dst) 1484 { 1485 unsigned int act_len, n; 1486 struct scsi_data_buffer *sdb = &scp->sdb; 1487 off_t skip = off_dst; 1488 1489 if (sdb->length <= off_dst) 1490 return 0; 1491 if (scp->sc_data_direction != DMA_FROM_DEVICE) 1492 return DID_ERROR << 16; 1493 1494 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents, 1495 arr, arr_len, skip); 1496 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n", 1497 __func__, off_dst, scsi_bufflen(scp), act_len, 1498 scsi_get_resid(scp)); 1499 n = scsi_bufflen(scp) - (off_dst + act_len); 1500 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n)); 1501 return 0; 1502 } 1503 1504 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into 1505 * 'arr' or -1 if error. 1506 */ 1507 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr, 1508 int arr_len) 1509 { 1510 if (!scsi_bufflen(scp)) 1511 return 0; 1512 if (scp->sc_data_direction != DMA_TO_DEVICE) 1513 return -1; 1514 1515 return scsi_sg_copy_to_buffer(scp, arr, arr_len); 1516 } 1517 1518 1519 static char sdebug_inq_vendor_id[9] = "Linux "; 1520 static char sdebug_inq_product_id[17] = "scsi_debug "; 1521 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION; 1522 /* Use some locally assigned NAAs for SAS addresses. */ 1523 static const u64 naa3_comp_a = 0x3222222000000000ULL; 1524 static const u64 naa3_comp_b = 0x3333333000000000ULL; 1525 static const u64 naa3_comp_c = 0x3111111000000000ULL; 1526 1527 /* Device identification VPD page. Returns number of bytes placed in arr */ 1528 static int inquiry_vpd_83(unsigned char *arr, int port_group_id, 1529 int target_dev_id, int dev_id_num, 1530 const char *dev_id_str, int dev_id_str_len, 1531 const uuid_t *lu_name) 1532 { 1533 int num, port_a; 1534 char b[32]; 1535 1536 port_a = target_dev_id + 1; 1537 /* T10 vendor identifier field format (faked) */ 1538 arr[0] = 0x2; /* ASCII */ 1539 arr[1] = 0x1; 1540 arr[2] = 0x0; 1541 memcpy(&arr[4], sdebug_inq_vendor_id, 8); 1542 memcpy(&arr[12], sdebug_inq_product_id, 16); 1543 memcpy(&arr[28], dev_id_str, dev_id_str_len); 1544 num = 8 + 16 + dev_id_str_len; 1545 arr[3] = num; 1546 num += 4; 1547 if (dev_id_num >= 0) { 1548 if (sdebug_uuid_ctl) { 1549 /* Locally assigned UUID */ 1550 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1551 arr[num++] = 0xa; /* PIV=0, lu, naa */ 1552 arr[num++] = 0x0; 1553 arr[num++] = 0x12; 1554 arr[num++] = 0x10; /* uuid type=1, locally assigned */ 1555 arr[num++] = 0x0; 1556 memcpy(arr + num, lu_name, 16); 1557 num += 16; 1558 } else { 1559 /* NAA-3, Logical unit identifier (binary) */ 1560 arr[num++] = 0x1; /* binary (not necessarily sas) */ 1561 arr[num++] = 0x3; /* PIV=0, lu, naa */ 1562 arr[num++] = 0x0; 1563 arr[num++] = 0x8; 1564 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num); 1565 num += 8; 1566 } 1567 /* Target relative port number */ 1568 arr[num++] = 0x61; /* proto=sas, binary */ 1569 arr[num++] = 0x94; /* PIV=1, target port, rel port */ 1570 arr[num++] = 0x0; /* reserved */ 1571 arr[num++] = 0x4; /* length */ 1572 arr[num++] = 0x0; /* reserved */ 1573 arr[num++] = 0x0; /* reserved */ 1574 arr[num++] = 0x0; 1575 arr[num++] = 0x1; /* relative port A */ 1576 } 1577 /* NAA-3, Target port identifier */ 1578 arr[num++] = 0x61; /* proto=sas, binary */ 1579 arr[num++] = 0x93; /* piv=1, target port, naa */ 1580 arr[num++] = 0x0; 1581 arr[num++] = 0x8; 1582 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1583 num += 8; 1584 /* NAA-3, Target port group identifier */ 1585 arr[num++] = 0x61; /* proto=sas, binary */ 1586 arr[num++] = 0x95; /* piv=1, target port group id */ 1587 arr[num++] = 0x0; 1588 arr[num++] = 0x4; 1589 arr[num++] = 0; 1590 arr[num++] = 0; 1591 put_unaligned_be16(port_group_id, arr + num); 1592 num += 2; 1593 /* NAA-3, Target device identifier */ 1594 arr[num++] = 0x61; /* proto=sas, binary */ 1595 arr[num++] = 0xa3; /* piv=1, target device, naa */ 1596 arr[num++] = 0x0; 1597 arr[num++] = 0x8; 1598 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num); 1599 num += 8; 1600 /* SCSI name string: Target device identifier */ 1601 arr[num++] = 0x63; /* proto=sas, UTF-8 */ 1602 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */ 1603 arr[num++] = 0x0; 1604 arr[num++] = 24; 1605 memcpy(arr + num, "naa.32222220", 12); 1606 num += 12; 1607 snprintf(b, sizeof(b), "%08X", target_dev_id); 1608 memcpy(arr + num, b, 8); 1609 num += 8; 1610 memset(arr + num, 0, 4); 1611 num += 4; 1612 return num; 1613 } 1614 1615 static unsigned char vpd84_data[] = { 1616 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0, 1617 0x22,0x22,0x22,0x0,0xbb,0x1, 1618 0x22,0x22,0x22,0x0,0xbb,0x2, 1619 }; 1620 1621 /* Software interface identification VPD page */ 1622 static int inquiry_vpd_84(unsigned char *arr) 1623 { 1624 memcpy(arr, vpd84_data, sizeof(vpd84_data)); 1625 return sizeof(vpd84_data); 1626 } 1627 1628 /* Management network addresses VPD page */ 1629 static int inquiry_vpd_85(unsigned char *arr) 1630 { 1631 int num = 0; 1632 const char *na1 = "https://www.kernel.org/config"; 1633 const char *na2 = "http://www.kernel.org/log"; 1634 int plen, olen; 1635 1636 arr[num++] = 0x1; /* lu, storage config */ 1637 arr[num++] = 0x0; /* reserved */ 1638 arr[num++] = 0x0; 1639 olen = strlen(na1); 1640 plen = olen + 1; 1641 if (plen % 4) 1642 plen = ((plen / 4) + 1) * 4; 1643 arr[num++] = plen; /* length, null termianted, padded */ 1644 memcpy(arr + num, na1, olen); 1645 memset(arr + num + olen, 0, plen - olen); 1646 num += plen; 1647 1648 arr[num++] = 0x4; /* lu, logging */ 1649 arr[num++] = 0x0; /* reserved */ 1650 arr[num++] = 0x0; 1651 olen = strlen(na2); 1652 plen = olen + 1; 1653 if (plen % 4) 1654 plen = ((plen / 4) + 1) * 4; 1655 arr[num++] = plen; /* length, null terminated, padded */ 1656 memcpy(arr + num, na2, olen); 1657 memset(arr + num + olen, 0, plen - olen); 1658 num += plen; 1659 1660 return num; 1661 } 1662 1663 /* SCSI ports VPD page */ 1664 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id) 1665 { 1666 int num = 0; 1667 int port_a, port_b; 1668 1669 port_a = target_dev_id + 1; 1670 port_b = port_a + 1; 1671 arr[num++] = 0x0; /* reserved */ 1672 arr[num++] = 0x0; /* reserved */ 1673 arr[num++] = 0x0; 1674 arr[num++] = 0x1; /* relative port 1 (primary) */ 1675 memset(arr + num, 0, 6); 1676 num += 6; 1677 arr[num++] = 0x0; 1678 arr[num++] = 12; /* length tp descriptor */ 1679 /* naa-5 target port identifier (A) */ 1680 arr[num++] = 0x61; /* proto=sas, binary */ 1681 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1682 arr[num++] = 0x0; /* reserved */ 1683 arr[num++] = 0x8; /* length */ 1684 put_unaligned_be64(naa3_comp_a + port_a, arr + num); 1685 num += 8; 1686 arr[num++] = 0x0; /* reserved */ 1687 arr[num++] = 0x0; /* reserved */ 1688 arr[num++] = 0x0; 1689 arr[num++] = 0x2; /* relative port 2 (secondary) */ 1690 memset(arr + num, 0, 6); 1691 num += 6; 1692 arr[num++] = 0x0; 1693 arr[num++] = 12; /* length tp descriptor */ 1694 /* naa-5 target port identifier (B) */ 1695 arr[num++] = 0x61; /* proto=sas, binary */ 1696 arr[num++] = 0x93; /* PIV=1, target port, NAA */ 1697 arr[num++] = 0x0; /* reserved */ 1698 arr[num++] = 0x8; /* length */ 1699 put_unaligned_be64(naa3_comp_a + port_b, arr + num); 1700 num += 8; 1701 1702 return num; 1703 } 1704 1705 1706 static unsigned char vpd89_data[] = { 1707 /* from 4th byte */ 0,0,0,0, 1708 'l','i','n','u','x',' ',' ',' ', 1709 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ', 1710 '1','2','3','4', 1711 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0, 1712 0xec,0,0,0, 1713 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0, 1714 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20, 1715 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33, 1716 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31, 1717 0x53,0x41, 1718 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1719 0x20,0x20, 1720 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20, 1721 0x10,0x80, 1722 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0, 1723 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0, 1724 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0, 1725 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0, 1726 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40, 1727 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0, 1728 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0, 1729 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1730 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1731 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1732 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42, 1733 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8, 1734 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe, 1735 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0, 1736 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1737 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1738 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1739 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1740 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1741 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1742 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1743 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1744 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1745 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1746 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1747 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51, 1748 }; 1749 1750 /* ATA Information VPD page */ 1751 static int inquiry_vpd_89(unsigned char *arr) 1752 { 1753 memcpy(arr, vpd89_data, sizeof(vpd89_data)); 1754 return sizeof(vpd89_data); 1755 } 1756 1757 1758 static unsigned char vpdb0_data[] = { 1759 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64, 1760 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1761 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1762 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 1763 }; 1764 1765 /* Block limits VPD page (SBC-3) */ 1766 static int inquiry_vpd_b0(unsigned char *arr) 1767 { 1768 unsigned int gran; 1769 1770 memcpy(arr, vpdb0_data, sizeof(vpdb0_data)); 1771 1772 /* Optimal transfer length granularity */ 1773 if (sdebug_opt_xferlen_exp != 0 && 1774 sdebug_physblk_exp < sdebug_opt_xferlen_exp) 1775 gran = 1 << sdebug_opt_xferlen_exp; 1776 else 1777 gran = 1 << sdebug_physblk_exp; 1778 put_unaligned_be16(gran, arr + 2); 1779 1780 /* Maximum Transfer Length */ 1781 if (sdebug_store_sectors > 0x400) 1782 put_unaligned_be32(sdebug_store_sectors, arr + 4); 1783 1784 /* Optimal Transfer Length */ 1785 put_unaligned_be32(sdebug_opt_blks, &arr[8]); 1786 1787 if (sdebug_lbpu) { 1788 /* Maximum Unmap LBA Count */ 1789 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]); 1790 1791 /* Maximum Unmap Block Descriptor Count */ 1792 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]); 1793 } 1794 1795 /* Unmap Granularity Alignment */ 1796 if (sdebug_unmap_alignment) { 1797 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]); 1798 arr[28] |= 0x80; /* UGAVALID */ 1799 } 1800 1801 /* Optimal Unmap Granularity */ 1802 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]); 1803 1804 /* Maximum WRITE SAME Length */ 1805 put_unaligned_be64(sdebug_write_same_length, &arr[32]); 1806 1807 return 0x3c; /* Mandatory page length for Logical Block Provisioning */ 1808 } 1809 1810 /* Block device characteristics VPD page (SBC-3) */ 1811 static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr) 1812 { 1813 memset(arr, 0, 0x3c); 1814 arr[0] = 0; 1815 arr[1] = 1; /* non rotating medium (e.g. solid state) */ 1816 arr[2] = 0; 1817 arr[3] = 5; /* less than 1.8" */ 1818 if (devip->zmodel == BLK_ZONED_HA) 1819 arr[4] = 1 << 4; /* zoned field = 01b */ 1820 1821 return 0x3c; 1822 } 1823 1824 /* Logical block provisioning VPD page (SBC-4) */ 1825 static int inquiry_vpd_b2(unsigned char *arr) 1826 { 1827 memset(arr, 0, 0x4); 1828 arr[0] = 0; /* threshold exponent */ 1829 if (sdebug_lbpu) 1830 arr[1] = 1 << 7; 1831 if (sdebug_lbpws) 1832 arr[1] |= 1 << 6; 1833 if (sdebug_lbpws10) 1834 arr[1] |= 1 << 5; 1835 if (sdebug_lbprz && scsi_debug_lbp()) 1836 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */ 1837 /* anc_sup=0; dp=0 (no provisioning group descriptor) */ 1838 /* minimum_percentage=0; provisioning_type=0 (unknown) */ 1839 /* threshold_percentage=0 */ 1840 return 0x4; 1841 } 1842 1843 /* Zoned block device characteristics VPD page (ZBC mandatory) */ 1844 static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr) 1845 { 1846 memset(arr, 0, 0x3c); 1847 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */ 1848 /* 1849 * Set Optimal number of open sequential write preferred zones and 1850 * Optimal number of non-sequentially written sequential write 1851 * preferred zones fields to 'not reported' (0xffffffff). Leave other 1852 * fields set to zero, apart from Max. number of open swrz_s field. 1853 */ 1854 put_unaligned_be32(0xffffffff, &arr[4]); 1855 put_unaligned_be32(0xffffffff, &arr[8]); 1856 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open) 1857 put_unaligned_be32(devip->max_open, &arr[12]); 1858 else 1859 put_unaligned_be32(0xffffffff, &arr[12]); 1860 if (devip->zcap < devip->zsize) { 1861 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET; 1862 put_unaligned_be64(devip->zsize, &arr[20]); 1863 } else { 1864 arr[19] = 0; 1865 } 1866 return 0x3c; 1867 } 1868 1869 #define SDEBUG_LONG_INQ_SZ 96 1870 #define SDEBUG_MAX_INQ_ARR_SZ 584 1871 1872 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 1873 { 1874 unsigned char pq_pdt; 1875 unsigned char *arr; 1876 unsigned char *cmd = scp->cmnd; 1877 u32 alloc_len, n; 1878 int ret; 1879 bool have_wlun, is_disk, is_zbc, is_disk_zbc; 1880 1881 alloc_len = get_unaligned_be16(cmd + 3); 1882 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC); 1883 if (! arr) 1884 return DID_REQUEUE << 16; 1885 is_disk = (sdebug_ptype == TYPE_DISK); 1886 is_zbc = (devip->zmodel != BLK_ZONED_NONE); 1887 is_disk_zbc = (is_disk || is_zbc); 1888 have_wlun = scsi_is_wlun(scp->device->lun); 1889 if (have_wlun) 1890 pq_pdt = TYPE_WLUN; /* present, wlun */ 1891 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL)) 1892 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */ 1893 else 1894 pq_pdt = (sdebug_ptype & 0x1f); 1895 arr[0] = pq_pdt; 1896 if (0x2 & cmd[1]) { /* CMDDT bit set */ 1897 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1); 1898 kfree(arr); 1899 return check_condition_result; 1900 } else if (0x1 & cmd[1]) { /* EVPD bit set */ 1901 int lu_id_num, port_group_id, target_dev_id; 1902 u32 len; 1903 char lu_id_str[6]; 1904 int host_no = devip->sdbg_host->shost->host_no; 1905 1906 port_group_id = (((host_no + 1) & 0x7f) << 8) + 1907 (devip->channel & 0x7f); 1908 if (sdebug_vpd_use_hostno == 0) 1909 host_no = 0; 1910 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) + 1911 (devip->target * 1000) + devip->lun); 1912 target_dev_id = ((host_no + 1) * 2000) + 1913 (devip->target * 1000) - 3; 1914 len = scnprintf(lu_id_str, 6, "%d", lu_id_num); 1915 if (0 == cmd[2]) { /* supported vital product data pages */ 1916 arr[1] = cmd[2]; /*sanity */ 1917 n = 4; 1918 arr[n++] = 0x0; /* this page */ 1919 arr[n++] = 0x80; /* unit serial number */ 1920 arr[n++] = 0x83; /* device identification */ 1921 arr[n++] = 0x84; /* software interface ident. */ 1922 arr[n++] = 0x85; /* management network addresses */ 1923 arr[n++] = 0x86; /* extended inquiry */ 1924 arr[n++] = 0x87; /* mode page policy */ 1925 arr[n++] = 0x88; /* SCSI ports */ 1926 if (is_disk_zbc) { /* SBC or ZBC */ 1927 arr[n++] = 0x89; /* ATA information */ 1928 arr[n++] = 0xb0; /* Block limits */ 1929 arr[n++] = 0xb1; /* Block characteristics */ 1930 if (is_disk) 1931 arr[n++] = 0xb2; /* LB Provisioning */ 1932 if (is_zbc) 1933 arr[n++] = 0xb6; /* ZB dev. char. */ 1934 } 1935 arr[3] = n - 4; /* number of supported VPD pages */ 1936 } else if (0x80 == cmd[2]) { /* unit serial number */ 1937 arr[1] = cmd[2]; /*sanity */ 1938 arr[3] = len; 1939 memcpy(&arr[4], lu_id_str, len); 1940 } else if (0x83 == cmd[2]) { /* device identification */ 1941 arr[1] = cmd[2]; /*sanity */ 1942 arr[3] = inquiry_vpd_83(&arr[4], port_group_id, 1943 target_dev_id, lu_id_num, 1944 lu_id_str, len, 1945 &devip->lu_name); 1946 } else if (0x84 == cmd[2]) { /* Software interface ident. */ 1947 arr[1] = cmd[2]; /*sanity */ 1948 arr[3] = inquiry_vpd_84(&arr[4]); 1949 } else if (0x85 == cmd[2]) { /* Management network addresses */ 1950 arr[1] = cmd[2]; /*sanity */ 1951 arr[3] = inquiry_vpd_85(&arr[4]); 1952 } else if (0x86 == cmd[2]) { /* extended inquiry */ 1953 arr[1] = cmd[2]; /*sanity */ 1954 arr[3] = 0x3c; /* number of following entries */ 1955 if (sdebug_dif == T10_PI_TYPE3_PROTECTION) 1956 arr[4] = 0x4; /* SPT: GRD_CHK:1 */ 1957 else if (have_dif_prot) 1958 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */ 1959 else 1960 arr[4] = 0x0; /* no protection stuff */ 1961 arr[5] = 0x7; /* head of q, ordered + simple q's */ 1962 } else if (0x87 == cmd[2]) { /* mode page policy */ 1963 arr[1] = cmd[2]; /*sanity */ 1964 arr[3] = 0x8; /* number of following entries */ 1965 arr[4] = 0x2; /* disconnect-reconnect mp */ 1966 arr[6] = 0x80; /* mlus, shared */ 1967 arr[8] = 0x18; /* protocol specific lu */ 1968 arr[10] = 0x82; /* mlus, per initiator port */ 1969 } else if (0x88 == cmd[2]) { /* SCSI Ports */ 1970 arr[1] = cmd[2]; /*sanity */ 1971 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id); 1972 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */ 1973 arr[1] = cmd[2]; /*sanity */ 1974 n = inquiry_vpd_89(&arr[4]); 1975 put_unaligned_be16(n, arr + 2); 1976 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */ 1977 arr[1] = cmd[2]; /*sanity */ 1978 arr[3] = inquiry_vpd_b0(&arr[4]); 1979 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */ 1980 arr[1] = cmd[2]; /*sanity */ 1981 arr[3] = inquiry_vpd_b1(devip, &arr[4]); 1982 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */ 1983 arr[1] = cmd[2]; /*sanity */ 1984 arr[3] = inquiry_vpd_b2(&arr[4]); 1985 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */ 1986 arr[1] = cmd[2]; /*sanity */ 1987 arr[3] = inquiry_vpd_b6(devip, &arr[4]); 1988 } else { 1989 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 1990 kfree(arr); 1991 return check_condition_result; 1992 } 1993 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len); 1994 ret = fill_from_dev_buffer(scp, arr, 1995 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ)); 1996 kfree(arr); 1997 return ret; 1998 } 1999 /* drops through here for a standard inquiry */ 2000 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */ 2001 arr[2] = sdebug_scsi_level; 2002 arr[3] = 2; /* response_data_format==2 */ 2003 arr[4] = SDEBUG_LONG_INQ_SZ - 5; 2004 arr[5] = (int)have_dif_prot; /* PROTECT bit */ 2005 if (sdebug_vpd_use_hostno == 0) 2006 arr[5] |= 0x10; /* claim: implicit TPGS */ 2007 arr[6] = 0x10; /* claim: MultiP */ 2008 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */ 2009 arr[7] = 0xa; /* claim: LINKED + CMDQUE */ 2010 memcpy(&arr[8], sdebug_inq_vendor_id, 8); 2011 memcpy(&arr[16], sdebug_inq_product_id, 16); 2012 memcpy(&arr[32], sdebug_inq_product_rev, 4); 2013 /* Use Vendor Specific area to place driver date in ASCII hex */ 2014 memcpy(&arr[36], sdebug_version_date, 8); 2015 /* version descriptors (2 bytes each) follow */ 2016 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */ 2017 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */ 2018 n = 62; 2019 if (is_disk) { /* SBC-4 no version claimed */ 2020 put_unaligned_be16(0x600, arr + n); 2021 n += 2; 2022 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */ 2023 put_unaligned_be16(0x525, arr + n); 2024 n += 2; 2025 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */ 2026 put_unaligned_be16(0x624, arr + n); 2027 n += 2; 2028 } 2029 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */ 2030 ret = fill_from_dev_buffer(scp, arr, 2031 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ)); 2032 kfree(arr); 2033 return ret; 2034 } 2035 2036 /* See resp_iec_m_pg() for how this data is manipulated */ 2037 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 2038 0, 0, 0x0, 0x0}; 2039 2040 static int resp_requests(struct scsi_cmnd *scp, 2041 struct sdebug_dev_info *devip) 2042 { 2043 unsigned char *cmd = scp->cmnd; 2044 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */ 2045 bool dsense = !!(cmd[1] & 1); 2046 u32 alloc_len = cmd[4]; 2047 u32 len = 18; 2048 int stopped_state = atomic_read(&devip->stopped); 2049 2050 memset(arr, 0, sizeof(arr)); 2051 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */ 2052 if (dsense) { 2053 arr[0] = 0x72; 2054 arr[1] = NOT_READY; 2055 arr[2] = LOGICAL_UNIT_NOT_READY; 2056 arr[3] = (stopped_state == 2) ? 0x1 : 0x2; 2057 len = 8; 2058 } else { 2059 arr[0] = 0x70; 2060 arr[2] = NOT_READY; /* NO_SENSE in sense_key */ 2061 arr[7] = 0xa; /* 18 byte sense buffer */ 2062 arr[12] = LOGICAL_UNIT_NOT_READY; 2063 arr[13] = (stopped_state == 2) ? 0x1 : 0x2; 2064 } 2065 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) { 2066 /* Information exceptions control mode page: TEST=1, MRIE=6 */ 2067 if (dsense) { 2068 arr[0] = 0x72; 2069 arr[1] = 0x0; /* NO_SENSE in sense_key */ 2070 arr[2] = THRESHOLD_EXCEEDED; 2071 arr[3] = 0xff; /* Failure prediction(false) */ 2072 len = 8; 2073 } else { 2074 arr[0] = 0x70; 2075 arr[2] = 0x0; /* NO_SENSE in sense_key */ 2076 arr[7] = 0xa; /* 18 byte sense buffer */ 2077 arr[12] = THRESHOLD_EXCEEDED; 2078 arr[13] = 0xff; /* Failure prediction(false) */ 2079 } 2080 } else { /* nothing to report */ 2081 if (dsense) { 2082 len = 8; 2083 memset(arr, 0, len); 2084 arr[0] = 0x72; 2085 } else { 2086 memset(arr, 0, len); 2087 arr[0] = 0x70; 2088 arr[7] = 0xa; 2089 } 2090 } 2091 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len)); 2092 } 2093 2094 static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 2095 { 2096 unsigned char *cmd = scp->cmnd; 2097 int power_cond, want_stop, stopped_state; 2098 bool changing; 2099 2100 power_cond = (cmd[4] & 0xf0) >> 4; 2101 if (power_cond) { 2102 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7); 2103 return check_condition_result; 2104 } 2105 want_stop = !(cmd[4] & 1); 2106 stopped_state = atomic_read(&devip->stopped); 2107 if (stopped_state == 2) { 2108 ktime_t now_ts = ktime_get_boottime(); 2109 2110 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) { 2111 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts)); 2112 2113 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) { 2114 /* tur_ms_to_ready timer extinguished */ 2115 atomic_set(&devip->stopped, 0); 2116 stopped_state = 0; 2117 } 2118 } 2119 if (stopped_state == 2) { 2120 if (want_stop) { 2121 stopped_state = 1; /* dummy up success */ 2122 } else { /* Disallow tur_ms_to_ready delay to be overridden */ 2123 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */); 2124 return check_condition_result; 2125 } 2126 } 2127 } 2128 changing = (stopped_state != want_stop); 2129 if (changing) 2130 atomic_xchg(&devip->stopped, want_stop); 2131 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */ 2132 return SDEG_RES_IMMED_MASK; 2133 else 2134 return 0; 2135 } 2136 2137 static sector_t get_sdebug_capacity(void) 2138 { 2139 static const unsigned int gibibyte = 1073741824; 2140 2141 if (sdebug_virtual_gb > 0) 2142 return (sector_t)sdebug_virtual_gb * 2143 (gibibyte / sdebug_sector_size); 2144 else 2145 return sdebug_store_sectors; 2146 } 2147 2148 #define SDEBUG_READCAP_ARR_SZ 8 2149 static int resp_readcap(struct scsi_cmnd *scp, 2150 struct sdebug_dev_info *devip) 2151 { 2152 unsigned char arr[SDEBUG_READCAP_ARR_SZ]; 2153 unsigned int capac; 2154 2155 /* following just in case virtual_gb changed */ 2156 sdebug_capacity = get_sdebug_capacity(); 2157 memset(arr, 0, SDEBUG_READCAP_ARR_SZ); 2158 if (sdebug_capacity < 0xffffffff) { 2159 capac = (unsigned int)sdebug_capacity - 1; 2160 put_unaligned_be32(capac, arr + 0); 2161 } else 2162 put_unaligned_be32(0xffffffff, arr + 0); 2163 put_unaligned_be16(sdebug_sector_size, arr + 6); 2164 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ); 2165 } 2166 2167 #define SDEBUG_READCAP16_ARR_SZ 32 2168 static int resp_readcap16(struct scsi_cmnd *scp, 2169 struct sdebug_dev_info *devip) 2170 { 2171 unsigned char *cmd = scp->cmnd; 2172 unsigned char arr[SDEBUG_READCAP16_ARR_SZ]; 2173 u32 alloc_len; 2174 2175 alloc_len = get_unaligned_be32(cmd + 10); 2176 /* following just in case virtual_gb changed */ 2177 sdebug_capacity = get_sdebug_capacity(); 2178 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ); 2179 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0); 2180 put_unaligned_be32(sdebug_sector_size, arr + 8); 2181 arr[13] = sdebug_physblk_exp & 0xf; 2182 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f; 2183 2184 if (scsi_debug_lbp()) { 2185 arr[14] |= 0x80; /* LBPME */ 2186 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in 2187 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2 2188 * in the wider field maps to 0 in this field. 2189 */ 2190 if (sdebug_lbprz & 1) /* precisely what the draft requires */ 2191 arr[14] |= 0x40; 2192 } 2193 2194 /* 2195 * Since the scsi_debug READ CAPACITY implementation always reports the 2196 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices. 2197 */ 2198 if (devip->zmodel == BLK_ZONED_HM) 2199 arr[12] |= 1 << 4; 2200 2201 arr[15] = sdebug_lowest_aligned & 0xff; 2202 2203 if (have_dif_prot) { 2204 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */ 2205 arr[12] |= 1; /* PROT_EN */ 2206 } 2207 2208 return fill_from_dev_buffer(scp, arr, 2209 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ)); 2210 } 2211 2212 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412 2213 2214 static int resp_report_tgtpgs(struct scsi_cmnd *scp, 2215 struct sdebug_dev_info *devip) 2216 { 2217 unsigned char *cmd = scp->cmnd; 2218 unsigned char *arr; 2219 int host_no = devip->sdbg_host->shost->host_no; 2220 int port_group_a, port_group_b, port_a, port_b; 2221 u32 alen, n, rlen; 2222 int ret; 2223 2224 alen = get_unaligned_be32(cmd + 6); 2225 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC); 2226 if (! arr) 2227 return DID_REQUEUE << 16; 2228 /* 2229 * EVPD page 0x88 states we have two ports, one 2230 * real and a fake port with no device connected. 2231 * So we create two port groups with one port each 2232 * and set the group with port B to unavailable. 2233 */ 2234 port_a = 0x1; /* relative port A */ 2235 port_b = 0x2; /* relative port B */ 2236 port_group_a = (((host_no + 1) & 0x7f) << 8) + 2237 (devip->channel & 0x7f); 2238 port_group_b = (((host_no + 1) & 0x7f) << 8) + 2239 (devip->channel & 0x7f) + 0x80; 2240 2241 /* 2242 * The asymmetric access state is cycled according to the host_id. 2243 */ 2244 n = 4; 2245 if (sdebug_vpd_use_hostno == 0) { 2246 arr[n++] = host_no % 3; /* Asymm access state */ 2247 arr[n++] = 0x0F; /* claim: all states are supported */ 2248 } else { 2249 arr[n++] = 0x0; /* Active/Optimized path */ 2250 arr[n++] = 0x01; /* only support active/optimized paths */ 2251 } 2252 put_unaligned_be16(port_group_a, arr + n); 2253 n += 2; 2254 arr[n++] = 0; /* Reserved */ 2255 arr[n++] = 0; /* Status code */ 2256 arr[n++] = 0; /* Vendor unique */ 2257 arr[n++] = 0x1; /* One port per group */ 2258 arr[n++] = 0; /* Reserved */ 2259 arr[n++] = 0; /* Reserved */ 2260 put_unaligned_be16(port_a, arr + n); 2261 n += 2; 2262 arr[n++] = 3; /* Port unavailable */ 2263 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */ 2264 put_unaligned_be16(port_group_b, arr + n); 2265 n += 2; 2266 arr[n++] = 0; /* Reserved */ 2267 arr[n++] = 0; /* Status code */ 2268 arr[n++] = 0; /* Vendor unique */ 2269 arr[n++] = 0x1; /* One port per group */ 2270 arr[n++] = 0; /* Reserved */ 2271 arr[n++] = 0; /* Reserved */ 2272 put_unaligned_be16(port_b, arr + n); 2273 n += 2; 2274 2275 rlen = n - 4; 2276 put_unaligned_be32(rlen, arr + 0); 2277 2278 /* 2279 * Return the smallest value of either 2280 * - The allocated length 2281 * - The constructed command length 2282 * - The maximum array size 2283 */ 2284 rlen = min(alen, n); 2285 ret = fill_from_dev_buffer(scp, arr, 2286 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ)); 2287 kfree(arr); 2288 return ret; 2289 } 2290 2291 static int resp_rsup_opcodes(struct scsi_cmnd *scp, 2292 struct sdebug_dev_info *devip) 2293 { 2294 bool rctd; 2295 u8 reporting_opts, req_opcode, sdeb_i, supp; 2296 u16 req_sa, u; 2297 u32 alloc_len, a_len; 2298 int k, offset, len, errsts, count, bump, na; 2299 const struct opcode_info_t *oip; 2300 const struct opcode_info_t *r_oip; 2301 u8 *arr; 2302 u8 *cmd = scp->cmnd; 2303 2304 rctd = !!(cmd[2] & 0x80); 2305 reporting_opts = cmd[2] & 0x7; 2306 req_opcode = cmd[3]; 2307 req_sa = get_unaligned_be16(cmd + 4); 2308 alloc_len = get_unaligned_be32(cmd + 6); 2309 if (alloc_len < 4 || alloc_len > 0xffff) { 2310 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 2311 return check_condition_result; 2312 } 2313 if (alloc_len > 8192) 2314 a_len = 8192; 2315 else 2316 a_len = alloc_len; 2317 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC); 2318 if (NULL == arr) { 2319 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 2320 INSUFF_RES_ASCQ); 2321 return check_condition_result; 2322 } 2323 switch (reporting_opts) { 2324 case 0: /* all commands */ 2325 /* count number of commands */ 2326 for (count = 0, oip = opcode_info_arr; 2327 oip->num_attached != 0xff; ++oip) { 2328 if (F_INV_OP & oip->flags) 2329 continue; 2330 count += (oip->num_attached + 1); 2331 } 2332 bump = rctd ? 20 : 8; 2333 put_unaligned_be32(count * bump, arr); 2334 for (offset = 4, oip = opcode_info_arr; 2335 oip->num_attached != 0xff && offset < a_len; ++oip) { 2336 if (F_INV_OP & oip->flags) 2337 continue; 2338 na = oip->num_attached; 2339 arr[offset] = oip->opcode; 2340 put_unaligned_be16(oip->sa, arr + offset + 2); 2341 if (rctd) 2342 arr[offset + 5] |= 0x2; 2343 if (FF_SA & oip->flags) 2344 arr[offset + 5] |= 0x1; 2345 put_unaligned_be16(oip->len_mask[0], arr + offset + 6); 2346 if (rctd) 2347 put_unaligned_be16(0xa, arr + offset + 8); 2348 r_oip = oip; 2349 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) { 2350 if (F_INV_OP & oip->flags) 2351 continue; 2352 offset += bump; 2353 arr[offset] = oip->opcode; 2354 put_unaligned_be16(oip->sa, arr + offset + 2); 2355 if (rctd) 2356 arr[offset + 5] |= 0x2; 2357 if (FF_SA & oip->flags) 2358 arr[offset + 5] |= 0x1; 2359 put_unaligned_be16(oip->len_mask[0], 2360 arr + offset + 6); 2361 if (rctd) 2362 put_unaligned_be16(0xa, 2363 arr + offset + 8); 2364 } 2365 oip = r_oip; 2366 offset += bump; 2367 } 2368 break; 2369 case 1: /* one command: opcode only */ 2370 case 2: /* one command: opcode plus service action */ 2371 case 3: /* one command: if sa==0 then opcode only else opcode+sa */ 2372 sdeb_i = opcode_ind_arr[req_opcode]; 2373 oip = &opcode_info_arr[sdeb_i]; 2374 if (F_INV_OP & oip->flags) { 2375 supp = 1; 2376 offset = 4; 2377 } else { 2378 if (1 == reporting_opts) { 2379 if (FF_SA & oip->flags) { 2380 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2381 2, 2); 2382 kfree(arr); 2383 return check_condition_result; 2384 } 2385 req_sa = 0; 2386 } else if (2 == reporting_opts && 2387 0 == (FF_SA & oip->flags)) { 2388 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1); 2389 kfree(arr); /* point at requested sa */ 2390 return check_condition_result; 2391 } 2392 if (0 == (FF_SA & oip->flags) && 2393 req_opcode == oip->opcode) 2394 supp = 3; 2395 else if (0 == (FF_SA & oip->flags)) { 2396 na = oip->num_attached; 2397 for (k = 0, oip = oip->arrp; k < na; 2398 ++k, ++oip) { 2399 if (req_opcode == oip->opcode) 2400 break; 2401 } 2402 supp = (k >= na) ? 1 : 3; 2403 } else if (req_sa != oip->sa) { 2404 na = oip->num_attached; 2405 for (k = 0, oip = oip->arrp; k < na; 2406 ++k, ++oip) { 2407 if (req_sa == oip->sa) 2408 break; 2409 } 2410 supp = (k >= na) ? 1 : 3; 2411 } else 2412 supp = 3; 2413 if (3 == supp) { 2414 u = oip->len_mask[0]; 2415 put_unaligned_be16(u, arr + 2); 2416 arr[4] = oip->opcode; 2417 for (k = 1; k < u; ++k) 2418 arr[4 + k] = (k < 16) ? 2419 oip->len_mask[k] : 0xff; 2420 offset = 4 + u; 2421 } else 2422 offset = 4; 2423 } 2424 arr[1] = (rctd ? 0x80 : 0) | supp; 2425 if (rctd) { 2426 put_unaligned_be16(0xa, arr + offset); 2427 offset += 12; 2428 } 2429 break; 2430 default: 2431 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 2432 kfree(arr); 2433 return check_condition_result; 2434 } 2435 offset = (offset < a_len) ? offset : a_len; 2436 len = (offset < alloc_len) ? offset : alloc_len; 2437 errsts = fill_from_dev_buffer(scp, arr, len); 2438 kfree(arr); 2439 return errsts; 2440 } 2441 2442 static int resp_rsup_tmfs(struct scsi_cmnd *scp, 2443 struct sdebug_dev_info *devip) 2444 { 2445 bool repd; 2446 u32 alloc_len, len; 2447 u8 arr[16]; 2448 u8 *cmd = scp->cmnd; 2449 2450 memset(arr, 0, sizeof(arr)); 2451 repd = !!(cmd[2] & 0x80); 2452 alloc_len = get_unaligned_be32(cmd + 6); 2453 if (alloc_len < 4) { 2454 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 2455 return check_condition_result; 2456 } 2457 arr[0] = 0xc8; /* ATS | ATSS | LURS */ 2458 arr[1] = 0x1; /* ITNRS */ 2459 if (repd) { 2460 arr[3] = 0xc; 2461 len = 16; 2462 } else 2463 len = 4; 2464 2465 len = (len < alloc_len) ? len : alloc_len; 2466 return fill_from_dev_buffer(scp, arr, len); 2467 } 2468 2469 /* <<Following mode page info copied from ST318451LW>> */ 2470 2471 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target) 2472 { /* Read-Write Error Recovery page for mode_sense */ 2473 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0, 2474 5, 0, 0xff, 0xff}; 2475 2476 memcpy(p, err_recov_pg, sizeof(err_recov_pg)); 2477 if (1 == pcontrol) 2478 memset(p + 2, 0, sizeof(err_recov_pg) - 2); 2479 return sizeof(err_recov_pg); 2480 } 2481 2482 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target) 2483 { /* Disconnect-Reconnect page for mode_sense */ 2484 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0, 2485 0, 0, 0, 0, 0, 0, 0, 0}; 2486 2487 memcpy(p, disconnect_pg, sizeof(disconnect_pg)); 2488 if (1 == pcontrol) 2489 memset(p + 2, 0, sizeof(disconnect_pg) - 2); 2490 return sizeof(disconnect_pg); 2491 } 2492 2493 static int resp_format_pg(unsigned char *p, int pcontrol, int target) 2494 { /* Format device page for mode_sense */ 2495 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0, 2496 0, 0, 0, 0, 0, 0, 0, 0, 2497 0, 0, 0, 0, 0x40, 0, 0, 0}; 2498 2499 memcpy(p, format_pg, sizeof(format_pg)); 2500 put_unaligned_be16(sdebug_sectors_per, p + 10); 2501 put_unaligned_be16(sdebug_sector_size, p + 12); 2502 if (sdebug_removable) 2503 p[20] |= 0x20; /* should agree with INQUIRY */ 2504 if (1 == pcontrol) 2505 memset(p + 2, 0, sizeof(format_pg) - 2); 2506 return sizeof(format_pg); 2507 } 2508 2509 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 2510 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 2511 0, 0, 0, 0}; 2512 2513 static int resp_caching_pg(unsigned char *p, int pcontrol, int target) 2514 { /* Caching page for mode_sense */ 2515 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0, 2516 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; 2517 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0, 2518 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0}; 2519 2520 if (SDEBUG_OPT_N_WCE & sdebug_opts) 2521 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */ 2522 memcpy(p, caching_pg, sizeof(caching_pg)); 2523 if (1 == pcontrol) 2524 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg)); 2525 else if (2 == pcontrol) 2526 memcpy(p, d_caching_pg, sizeof(d_caching_pg)); 2527 return sizeof(caching_pg); 2528 } 2529 2530 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2531 0, 0, 0x2, 0x4b}; 2532 2533 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target) 2534 { /* Control mode page for mode_sense */ 2535 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0, 2536 0, 0, 0, 0}; 2537 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0, 2538 0, 0, 0x2, 0x4b}; 2539 2540 if (sdebug_dsense) 2541 ctrl_m_pg[2] |= 0x4; 2542 else 2543 ctrl_m_pg[2] &= ~0x4; 2544 2545 if (sdebug_ato) 2546 ctrl_m_pg[5] |= 0x80; /* ATO=1 */ 2547 2548 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg)); 2549 if (1 == pcontrol) 2550 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg)); 2551 else if (2 == pcontrol) 2552 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg)); 2553 return sizeof(ctrl_m_pg); 2554 } 2555 2556 2557 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target) 2558 { /* Informational Exceptions control mode page for mode_sense */ 2559 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0, 2560 0, 0, 0x0, 0x0}; 2561 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0, 2562 0, 0, 0x0, 0x0}; 2563 2564 memcpy(p, iec_m_pg, sizeof(iec_m_pg)); 2565 if (1 == pcontrol) 2566 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg)); 2567 else if (2 == pcontrol) 2568 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg)); 2569 return sizeof(iec_m_pg); 2570 } 2571 2572 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target) 2573 { /* SAS SSP mode page - short format for mode_sense */ 2574 unsigned char sas_sf_m_pg[] = {0x19, 0x6, 2575 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0}; 2576 2577 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg)); 2578 if (1 == pcontrol) 2579 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2); 2580 return sizeof(sas_sf_m_pg); 2581 } 2582 2583 2584 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target, 2585 int target_dev_id) 2586 { /* SAS phy control and discover mode page for mode_sense */ 2587 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2, 2588 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0, 2589 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2590 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2591 0x2, 0, 0, 0, 0, 0, 0, 0, 2592 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2593 0, 0, 0, 0, 0, 0, 0, 0, 2594 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0, 2595 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2596 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */ 2597 0x3, 0, 0, 0, 0, 0, 0, 0, 2598 0x88, 0x99, 0, 0, 0, 0, 0, 0, 2599 0, 0, 0, 0, 0, 0, 0, 0, 2600 }; 2601 int port_a, port_b; 2602 2603 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16); 2604 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24); 2605 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64); 2606 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72); 2607 port_a = target_dev_id + 1; 2608 port_b = port_a + 1; 2609 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg)); 2610 put_unaligned_be32(port_a, p + 20); 2611 put_unaligned_be32(port_b, p + 48 + 20); 2612 if (1 == pcontrol) 2613 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4); 2614 return sizeof(sas_pcd_m_pg); 2615 } 2616 2617 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol) 2618 { /* SAS SSP shared protocol specific port mode subpage */ 2619 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0, 2620 0, 0, 0, 0, 0, 0, 0, 0, 2621 }; 2622 2623 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg)); 2624 if (1 == pcontrol) 2625 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4); 2626 return sizeof(sas_sha_m_pg); 2627 } 2628 2629 #define SDEBUG_MAX_MSENSE_SZ 256 2630 2631 static int resp_mode_sense(struct scsi_cmnd *scp, 2632 struct sdebug_dev_info *devip) 2633 { 2634 int pcontrol, pcode, subpcode, bd_len; 2635 unsigned char dev_spec; 2636 u32 alloc_len, offset, len; 2637 int target_dev_id; 2638 int target = scp->device->id; 2639 unsigned char *ap; 2640 unsigned char arr[SDEBUG_MAX_MSENSE_SZ]; 2641 unsigned char *cmd = scp->cmnd; 2642 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode; 2643 2644 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */ 2645 pcontrol = (cmd[2] & 0xc0) >> 6; 2646 pcode = cmd[2] & 0x3f; 2647 subpcode = cmd[3]; 2648 msense_6 = (MODE_SENSE == cmd[0]); 2649 llbaa = msense_6 ? false : !!(cmd[1] & 0x10); 2650 is_disk = (sdebug_ptype == TYPE_DISK); 2651 is_zbc = (devip->zmodel != BLK_ZONED_NONE); 2652 if ((is_disk || is_zbc) && !dbd) 2653 bd_len = llbaa ? 16 : 8; 2654 else 2655 bd_len = 0; 2656 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2657 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ); 2658 if (0x3 == pcontrol) { /* Saving values not supported */ 2659 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0); 2660 return check_condition_result; 2661 } 2662 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) + 2663 (devip->target * 1000) - 3; 2664 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */ 2665 if (is_disk || is_zbc) { 2666 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */ 2667 if (sdebug_wp) 2668 dev_spec |= 0x80; 2669 } else 2670 dev_spec = 0x0; 2671 if (msense_6) { 2672 arr[2] = dev_spec; 2673 arr[3] = bd_len; 2674 offset = 4; 2675 } else { 2676 arr[3] = dev_spec; 2677 if (16 == bd_len) 2678 arr[4] = 0x1; /* set LONGLBA bit */ 2679 arr[7] = bd_len; /* assume 255 or less */ 2680 offset = 8; 2681 } 2682 ap = arr + offset; 2683 if ((bd_len > 0) && (!sdebug_capacity)) 2684 sdebug_capacity = get_sdebug_capacity(); 2685 2686 if (8 == bd_len) { 2687 if (sdebug_capacity > 0xfffffffe) 2688 put_unaligned_be32(0xffffffff, ap + 0); 2689 else 2690 put_unaligned_be32(sdebug_capacity, ap + 0); 2691 put_unaligned_be16(sdebug_sector_size, ap + 6); 2692 offset += bd_len; 2693 ap = arr + offset; 2694 } else if (16 == bd_len) { 2695 put_unaligned_be64((u64)sdebug_capacity, ap + 0); 2696 put_unaligned_be32(sdebug_sector_size, ap + 12); 2697 offset += bd_len; 2698 ap = arr + offset; 2699 } 2700 2701 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) { 2702 /* TODO: Control Extension page */ 2703 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2704 return check_condition_result; 2705 } 2706 bad_pcode = false; 2707 2708 switch (pcode) { 2709 case 0x1: /* Read-Write error recovery page, direct access */ 2710 len = resp_err_recov_pg(ap, pcontrol, target); 2711 offset += len; 2712 break; 2713 case 0x2: /* Disconnect-Reconnect page, all devices */ 2714 len = resp_disconnect_pg(ap, pcontrol, target); 2715 offset += len; 2716 break; 2717 case 0x3: /* Format device page, direct access */ 2718 if (is_disk) { 2719 len = resp_format_pg(ap, pcontrol, target); 2720 offset += len; 2721 } else 2722 bad_pcode = true; 2723 break; 2724 case 0x8: /* Caching page, direct access */ 2725 if (is_disk || is_zbc) { 2726 len = resp_caching_pg(ap, pcontrol, target); 2727 offset += len; 2728 } else 2729 bad_pcode = true; 2730 break; 2731 case 0xa: /* Control Mode page, all devices */ 2732 len = resp_ctrl_m_pg(ap, pcontrol, target); 2733 offset += len; 2734 break; 2735 case 0x19: /* if spc==1 then sas phy, control+discover */ 2736 if ((subpcode > 0x2) && (subpcode < 0xff)) { 2737 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2738 return check_condition_result; 2739 } 2740 len = 0; 2741 if ((0x0 == subpcode) || (0xff == subpcode)) 2742 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2743 if ((0x1 == subpcode) || (0xff == subpcode)) 2744 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target, 2745 target_dev_id); 2746 if ((0x2 == subpcode) || (0xff == subpcode)) 2747 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2748 offset += len; 2749 break; 2750 case 0x1c: /* Informational Exceptions Mode page, all devices */ 2751 len = resp_iec_m_pg(ap, pcontrol, target); 2752 offset += len; 2753 break; 2754 case 0x3f: /* Read all Mode pages */ 2755 if ((0 == subpcode) || (0xff == subpcode)) { 2756 len = resp_err_recov_pg(ap, pcontrol, target); 2757 len += resp_disconnect_pg(ap + len, pcontrol, target); 2758 if (is_disk) { 2759 len += resp_format_pg(ap + len, pcontrol, 2760 target); 2761 len += resp_caching_pg(ap + len, pcontrol, 2762 target); 2763 } else if (is_zbc) { 2764 len += resp_caching_pg(ap + len, pcontrol, 2765 target); 2766 } 2767 len += resp_ctrl_m_pg(ap + len, pcontrol, target); 2768 len += resp_sas_sf_m_pg(ap + len, pcontrol, target); 2769 if (0xff == subpcode) { 2770 len += resp_sas_pcd_m_spg(ap + len, pcontrol, 2771 target, target_dev_id); 2772 len += resp_sas_sha_m_spg(ap + len, pcontrol); 2773 } 2774 len += resp_iec_m_pg(ap + len, pcontrol, target); 2775 offset += len; 2776 } else { 2777 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 2778 return check_condition_result; 2779 } 2780 break; 2781 default: 2782 bad_pcode = true; 2783 break; 2784 } 2785 if (bad_pcode) { 2786 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2787 return check_condition_result; 2788 } 2789 if (msense_6) 2790 arr[0] = offset - 1; 2791 else 2792 put_unaligned_be16((offset - 2), arr + 0); 2793 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset)); 2794 } 2795 2796 #define SDEBUG_MAX_MSELECT_SZ 512 2797 2798 static int resp_mode_select(struct scsi_cmnd *scp, 2799 struct sdebug_dev_info *devip) 2800 { 2801 int pf, sp, ps, md_len, bd_len, off, spf, pg_len; 2802 int param_len, res, mpage; 2803 unsigned char arr[SDEBUG_MAX_MSELECT_SZ]; 2804 unsigned char *cmd = scp->cmnd; 2805 int mselect6 = (MODE_SELECT == cmd[0]); 2806 2807 memset(arr, 0, sizeof(arr)); 2808 pf = cmd[1] & 0x10; 2809 sp = cmd[1] & 0x1; 2810 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7); 2811 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) { 2812 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1); 2813 return check_condition_result; 2814 } 2815 res = fetch_to_dev_buffer(scp, arr, param_len); 2816 if (-1 == res) 2817 return DID_ERROR << 16; 2818 else if (sdebug_verbose && (res < param_len)) 2819 sdev_printk(KERN_INFO, scp->device, 2820 "%s: cdb indicated=%d, IO sent=%d bytes\n", 2821 __func__, param_len, res); 2822 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2); 2823 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6); 2824 off = bd_len + (mselect6 ? 4 : 8); 2825 if (md_len > 2 || off >= res) { 2826 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1); 2827 return check_condition_result; 2828 } 2829 mpage = arr[off] & 0x3f; 2830 ps = !!(arr[off] & 0x80); 2831 if (ps) { 2832 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7); 2833 return check_condition_result; 2834 } 2835 spf = !!(arr[off] & 0x40); 2836 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) : 2837 (arr[off + 1] + 2); 2838 if ((pg_len + off) > param_len) { 2839 mk_sense_buffer(scp, ILLEGAL_REQUEST, 2840 PARAMETER_LIST_LENGTH_ERR, 0); 2841 return check_condition_result; 2842 } 2843 switch (mpage) { 2844 case 0x8: /* Caching Mode page */ 2845 if (caching_pg[1] == arr[off + 1]) { 2846 memcpy(caching_pg + 2, arr + off + 2, 2847 sizeof(caching_pg) - 2); 2848 goto set_mode_changed_ua; 2849 } 2850 break; 2851 case 0xa: /* Control Mode page */ 2852 if (ctrl_m_pg[1] == arr[off + 1]) { 2853 memcpy(ctrl_m_pg + 2, arr + off + 2, 2854 sizeof(ctrl_m_pg) - 2); 2855 if (ctrl_m_pg[4] & 0x8) 2856 sdebug_wp = true; 2857 else 2858 sdebug_wp = false; 2859 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4); 2860 goto set_mode_changed_ua; 2861 } 2862 break; 2863 case 0x1c: /* Informational Exceptions Mode page */ 2864 if (iec_m_pg[1] == arr[off + 1]) { 2865 memcpy(iec_m_pg + 2, arr + off + 2, 2866 sizeof(iec_m_pg) - 2); 2867 goto set_mode_changed_ua; 2868 } 2869 break; 2870 default: 2871 break; 2872 } 2873 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5); 2874 return check_condition_result; 2875 set_mode_changed_ua: 2876 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm); 2877 return 0; 2878 } 2879 2880 static int resp_temp_l_pg(unsigned char *arr) 2881 { 2882 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38, 2883 0x0, 0x1, 0x3, 0x2, 0x0, 65, 2884 }; 2885 2886 memcpy(arr, temp_l_pg, sizeof(temp_l_pg)); 2887 return sizeof(temp_l_pg); 2888 } 2889 2890 static int resp_ie_l_pg(unsigned char *arr) 2891 { 2892 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38, 2893 }; 2894 2895 memcpy(arr, ie_l_pg, sizeof(ie_l_pg)); 2896 if (iec_m_pg[2] & 0x4) { /* TEST bit set */ 2897 arr[4] = THRESHOLD_EXCEEDED; 2898 arr[5] = 0xff; 2899 } 2900 return sizeof(ie_l_pg); 2901 } 2902 2903 static int resp_env_rep_l_spg(unsigned char *arr) 2904 { 2905 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8, 2906 0x0, 40, 72, 0xff, 45, 18, 0, 0, 2907 0x1, 0x0, 0x23, 0x8, 2908 0x0, 55, 72, 35, 55, 45, 0, 0, 2909 }; 2910 2911 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg)); 2912 return sizeof(env_rep_l_spg); 2913 } 2914 2915 #define SDEBUG_MAX_LSENSE_SZ 512 2916 2917 static int resp_log_sense(struct scsi_cmnd *scp, 2918 struct sdebug_dev_info *devip) 2919 { 2920 int ppc, sp, pcode, subpcode; 2921 u32 alloc_len, len, n; 2922 unsigned char arr[SDEBUG_MAX_LSENSE_SZ]; 2923 unsigned char *cmd = scp->cmnd; 2924 2925 memset(arr, 0, sizeof(arr)); 2926 ppc = cmd[1] & 0x2; 2927 sp = cmd[1] & 0x1; 2928 if (ppc || sp) { 2929 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0); 2930 return check_condition_result; 2931 } 2932 pcode = cmd[2] & 0x3f; 2933 subpcode = cmd[3] & 0xff; 2934 alloc_len = get_unaligned_be16(cmd + 7); 2935 arr[0] = pcode; 2936 if (0 == subpcode) { 2937 switch (pcode) { 2938 case 0x0: /* Supported log pages log page */ 2939 n = 4; 2940 arr[n++] = 0x0; /* this page */ 2941 arr[n++] = 0xd; /* Temperature */ 2942 arr[n++] = 0x2f; /* Informational exceptions */ 2943 arr[3] = n - 4; 2944 break; 2945 case 0xd: /* Temperature log page */ 2946 arr[3] = resp_temp_l_pg(arr + 4); 2947 break; 2948 case 0x2f: /* Informational exceptions log page */ 2949 arr[3] = resp_ie_l_pg(arr + 4); 2950 break; 2951 default: 2952 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2953 return check_condition_result; 2954 } 2955 } else if (0xff == subpcode) { 2956 arr[0] |= 0x40; 2957 arr[1] = subpcode; 2958 switch (pcode) { 2959 case 0x0: /* Supported log pages and subpages log page */ 2960 n = 4; 2961 arr[n++] = 0x0; 2962 arr[n++] = 0x0; /* 0,0 page */ 2963 arr[n++] = 0x0; 2964 arr[n++] = 0xff; /* this page */ 2965 arr[n++] = 0xd; 2966 arr[n++] = 0x0; /* Temperature */ 2967 arr[n++] = 0xd; 2968 arr[n++] = 0x1; /* Environment reporting */ 2969 arr[n++] = 0xd; 2970 arr[n++] = 0xff; /* all 0xd subpages */ 2971 arr[n++] = 0x2f; 2972 arr[n++] = 0x0; /* Informational exceptions */ 2973 arr[n++] = 0x2f; 2974 arr[n++] = 0xff; /* all 0x2f subpages */ 2975 arr[3] = n - 4; 2976 break; 2977 case 0xd: /* Temperature subpages */ 2978 n = 4; 2979 arr[n++] = 0xd; 2980 arr[n++] = 0x0; /* Temperature */ 2981 arr[n++] = 0xd; 2982 arr[n++] = 0x1; /* Environment reporting */ 2983 arr[n++] = 0xd; 2984 arr[n++] = 0xff; /* these subpages */ 2985 arr[3] = n - 4; 2986 break; 2987 case 0x2f: /* Informational exceptions subpages */ 2988 n = 4; 2989 arr[n++] = 0x2f; 2990 arr[n++] = 0x0; /* Informational exceptions */ 2991 arr[n++] = 0x2f; 2992 arr[n++] = 0xff; /* these subpages */ 2993 arr[3] = n - 4; 2994 break; 2995 default: 2996 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 2997 return check_condition_result; 2998 } 2999 } else if (subpcode > 0) { 3000 arr[0] |= 0x40; 3001 arr[1] = subpcode; 3002 if (pcode == 0xd && subpcode == 1) 3003 arr[3] = resp_env_rep_l_spg(arr + 4); 3004 else { 3005 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5); 3006 return check_condition_result; 3007 } 3008 } else { 3009 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1); 3010 return check_condition_result; 3011 } 3012 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len); 3013 return fill_from_dev_buffer(scp, arr, 3014 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ)); 3015 } 3016 3017 static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip) 3018 { 3019 return devip->nr_zones != 0; 3020 } 3021 3022 static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip, 3023 unsigned long long lba) 3024 { 3025 u32 zno = lba >> devip->zsize_shift; 3026 struct sdeb_zone_state *zsp; 3027 3028 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones) 3029 return &devip->zstate[zno]; 3030 3031 /* 3032 * If the zone capacity is less than the zone size, adjust for gap 3033 * zones. 3034 */ 3035 zno = 2 * zno - devip->nr_conv_zones; 3036 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones); 3037 zsp = &devip->zstate[zno]; 3038 if (lba >= zsp->z_start + zsp->z_size) 3039 zsp++; 3040 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size); 3041 return zsp; 3042 } 3043 3044 static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp) 3045 { 3046 return zsp->z_type == ZBC_ZTYPE_CNV; 3047 } 3048 3049 static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp) 3050 { 3051 return zsp->z_type == ZBC_ZTYPE_GAP; 3052 } 3053 3054 static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp) 3055 { 3056 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp); 3057 } 3058 3059 static void zbc_close_zone(struct sdebug_dev_info *devip, 3060 struct sdeb_zone_state *zsp) 3061 { 3062 enum sdebug_z_cond zc; 3063 3064 if (!zbc_zone_is_seq(zsp)) 3065 return; 3066 3067 zc = zsp->z_cond; 3068 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)) 3069 return; 3070 3071 if (zc == ZC2_IMPLICIT_OPEN) 3072 devip->nr_imp_open--; 3073 else 3074 devip->nr_exp_open--; 3075 3076 if (zsp->z_wp == zsp->z_start) { 3077 zsp->z_cond = ZC1_EMPTY; 3078 } else { 3079 zsp->z_cond = ZC4_CLOSED; 3080 devip->nr_closed++; 3081 } 3082 } 3083 3084 static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip) 3085 { 3086 struct sdeb_zone_state *zsp = &devip->zstate[0]; 3087 unsigned int i; 3088 3089 for (i = 0; i < devip->nr_zones; i++, zsp++) { 3090 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) { 3091 zbc_close_zone(devip, zsp); 3092 return; 3093 } 3094 } 3095 } 3096 3097 static void zbc_open_zone(struct sdebug_dev_info *devip, 3098 struct sdeb_zone_state *zsp, bool explicit) 3099 { 3100 enum sdebug_z_cond zc; 3101 3102 if (!zbc_zone_is_seq(zsp)) 3103 return; 3104 3105 zc = zsp->z_cond; 3106 if ((explicit && zc == ZC3_EXPLICIT_OPEN) || 3107 (!explicit && zc == ZC2_IMPLICIT_OPEN)) 3108 return; 3109 3110 /* Close an implicit open zone if necessary */ 3111 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN) 3112 zbc_close_zone(devip, zsp); 3113 else if (devip->max_open && 3114 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open) 3115 zbc_close_imp_open_zone(devip); 3116 3117 if (zsp->z_cond == ZC4_CLOSED) 3118 devip->nr_closed--; 3119 if (explicit) { 3120 zsp->z_cond = ZC3_EXPLICIT_OPEN; 3121 devip->nr_exp_open++; 3122 } else { 3123 zsp->z_cond = ZC2_IMPLICIT_OPEN; 3124 devip->nr_imp_open++; 3125 } 3126 } 3127 3128 static inline void zbc_set_zone_full(struct sdebug_dev_info *devip, 3129 struct sdeb_zone_state *zsp) 3130 { 3131 switch (zsp->z_cond) { 3132 case ZC2_IMPLICIT_OPEN: 3133 devip->nr_imp_open--; 3134 break; 3135 case ZC3_EXPLICIT_OPEN: 3136 devip->nr_exp_open--; 3137 break; 3138 default: 3139 WARN_ONCE(true, "Invalid zone %llu condition %x\n", 3140 zsp->z_start, zsp->z_cond); 3141 break; 3142 } 3143 zsp->z_cond = ZC5_FULL; 3144 } 3145 3146 static void zbc_inc_wp(struct sdebug_dev_info *devip, 3147 unsigned long long lba, unsigned int num) 3148 { 3149 struct sdeb_zone_state *zsp = zbc_zone(devip, lba); 3150 unsigned long long n, end, zend = zsp->z_start + zsp->z_size; 3151 3152 if (!zbc_zone_is_seq(zsp)) 3153 return; 3154 3155 if (zsp->z_type == ZBC_ZTYPE_SWR) { 3156 zsp->z_wp += num; 3157 if (zsp->z_wp >= zend) 3158 zbc_set_zone_full(devip, zsp); 3159 return; 3160 } 3161 3162 while (num) { 3163 if (lba != zsp->z_wp) 3164 zsp->z_non_seq_resource = true; 3165 3166 end = lba + num; 3167 if (end >= zend) { 3168 n = zend - lba; 3169 zsp->z_wp = zend; 3170 } else if (end > zsp->z_wp) { 3171 n = num; 3172 zsp->z_wp = end; 3173 } else { 3174 n = num; 3175 } 3176 if (zsp->z_wp >= zend) 3177 zbc_set_zone_full(devip, zsp); 3178 3179 num -= n; 3180 lba += n; 3181 if (num) { 3182 zsp++; 3183 zend = zsp->z_start + zsp->z_size; 3184 } 3185 } 3186 } 3187 3188 static int check_zbc_access_params(struct scsi_cmnd *scp, 3189 unsigned long long lba, unsigned int num, bool write) 3190 { 3191 struct scsi_device *sdp = scp->device; 3192 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 3193 struct sdeb_zone_state *zsp = zbc_zone(devip, lba); 3194 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1); 3195 3196 if (!write) { 3197 if (devip->zmodel == BLK_ZONED_HA) 3198 return 0; 3199 /* For host-managed, reads cannot cross zone types boundaries */ 3200 if (zsp->z_type != zsp_end->z_type) { 3201 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3202 LBA_OUT_OF_RANGE, 3203 READ_INVDATA_ASCQ); 3204 return check_condition_result; 3205 } 3206 return 0; 3207 } 3208 3209 /* Writing into a gap zone is not allowed */ 3210 if (zbc_zone_is_gap(zsp)) { 3211 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 3212 ATTEMPT_ACCESS_GAP); 3213 return check_condition_result; 3214 } 3215 3216 /* No restrictions for writes within conventional zones */ 3217 if (zbc_zone_is_conv(zsp)) { 3218 if (!zbc_zone_is_conv(zsp_end)) { 3219 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3220 LBA_OUT_OF_RANGE, 3221 WRITE_BOUNDARY_ASCQ); 3222 return check_condition_result; 3223 } 3224 return 0; 3225 } 3226 3227 if (zsp->z_type == ZBC_ZTYPE_SWR) { 3228 /* Writes cannot cross sequential zone boundaries */ 3229 if (zsp_end != zsp) { 3230 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3231 LBA_OUT_OF_RANGE, 3232 WRITE_BOUNDARY_ASCQ); 3233 return check_condition_result; 3234 } 3235 /* Cannot write full zones */ 3236 if (zsp->z_cond == ZC5_FULL) { 3237 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3238 INVALID_FIELD_IN_CDB, 0); 3239 return check_condition_result; 3240 } 3241 /* Writes must be aligned to the zone WP */ 3242 if (lba != zsp->z_wp) { 3243 mk_sense_buffer(scp, ILLEGAL_REQUEST, 3244 LBA_OUT_OF_RANGE, 3245 UNALIGNED_WRITE_ASCQ); 3246 return check_condition_result; 3247 } 3248 } 3249 3250 /* Handle implicit open of closed and empty zones */ 3251 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) { 3252 if (devip->max_open && 3253 devip->nr_exp_open >= devip->max_open) { 3254 mk_sense_buffer(scp, DATA_PROTECT, 3255 INSUFF_RES_ASC, 3256 INSUFF_ZONE_ASCQ); 3257 return check_condition_result; 3258 } 3259 zbc_open_zone(devip, zsp, false); 3260 } 3261 3262 return 0; 3263 } 3264 3265 static inline int check_device_access_params 3266 (struct scsi_cmnd *scp, unsigned long long lba, 3267 unsigned int num, bool write) 3268 { 3269 struct scsi_device *sdp = scp->device; 3270 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 3271 3272 if (lba + num > sdebug_capacity) { 3273 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 3274 return check_condition_result; 3275 } 3276 /* transfer length excessive (tie in to block limits VPD page) */ 3277 if (num > sdebug_store_sectors) { 3278 /* needs work to find which cdb byte 'num' comes from */ 3279 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 3280 return check_condition_result; 3281 } 3282 if (write && unlikely(sdebug_wp)) { 3283 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2); 3284 return check_condition_result; 3285 } 3286 if (sdebug_dev_is_zoned(devip)) 3287 return check_zbc_access_params(scp, lba, num, write); 3288 3289 return 0; 3290 } 3291 3292 /* 3293 * Note: if BUG_ON() fires it usually indicates a problem with the parser 3294 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions 3295 * that access any of the "stores" in struct sdeb_store_info should call this 3296 * function with bug_if_fake_rw set to true. 3297 */ 3298 static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip, 3299 bool bug_if_fake_rw) 3300 { 3301 if (sdebug_fake_rw) { 3302 BUG_ON(bug_if_fake_rw); /* See note above */ 3303 return NULL; 3304 } 3305 return xa_load(per_store_ap, devip->sdbg_host->si_idx); 3306 } 3307 3308 /* Returns number of bytes copied or -1 if error. */ 3309 static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp, 3310 u32 sg_skip, u64 lba, u32 num, bool do_write) 3311 { 3312 int ret; 3313 u64 block, rest = 0; 3314 enum dma_data_direction dir; 3315 struct scsi_data_buffer *sdb = &scp->sdb; 3316 u8 *fsp; 3317 3318 if (do_write) { 3319 dir = DMA_TO_DEVICE; 3320 write_since_sync = true; 3321 } else { 3322 dir = DMA_FROM_DEVICE; 3323 } 3324 3325 if (!sdb->length || !sip) 3326 return 0; 3327 if (scp->sc_data_direction != dir) 3328 return -1; 3329 fsp = sip->storep; 3330 3331 block = do_div(lba, sdebug_store_sectors); 3332 if (block + num > sdebug_store_sectors) 3333 rest = block + num - sdebug_store_sectors; 3334 3335 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 3336 fsp + (block * sdebug_sector_size), 3337 (num - rest) * sdebug_sector_size, sg_skip, do_write); 3338 if (ret != (num - rest) * sdebug_sector_size) 3339 return ret; 3340 3341 if (rest) { 3342 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents, 3343 fsp, rest * sdebug_sector_size, 3344 sg_skip + ((num - rest) * sdebug_sector_size), 3345 do_write); 3346 } 3347 3348 return ret; 3349 } 3350 3351 /* Returns number of bytes copied or -1 if error. */ 3352 static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp) 3353 { 3354 struct scsi_data_buffer *sdb = &scp->sdb; 3355 3356 if (!sdb->length) 3357 return 0; 3358 if (scp->sc_data_direction != DMA_TO_DEVICE) 3359 return -1; 3360 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp, 3361 num * sdebug_sector_size, 0, true); 3362 } 3363 3364 /* If sip->storep+lba compares equal to arr(num), then copy top half of 3365 * arr into sip->storep+lba and return true. If comparison fails then 3366 * return false. */ 3367 static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num, 3368 const u8 *arr, bool compare_only) 3369 { 3370 bool res; 3371 u64 block, rest = 0; 3372 u32 store_blks = sdebug_store_sectors; 3373 u32 lb_size = sdebug_sector_size; 3374 u8 *fsp = sip->storep; 3375 3376 block = do_div(lba, store_blks); 3377 if (block + num > store_blks) 3378 rest = block + num - store_blks; 3379 3380 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size); 3381 if (!res) 3382 return res; 3383 if (rest) 3384 res = memcmp(fsp, arr + ((num - rest) * lb_size), 3385 rest * lb_size); 3386 if (!res) 3387 return res; 3388 if (compare_only) 3389 return true; 3390 arr += num * lb_size; 3391 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size); 3392 if (rest) 3393 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size); 3394 return res; 3395 } 3396 3397 static __be16 dif_compute_csum(const void *buf, int len) 3398 { 3399 __be16 csum; 3400 3401 if (sdebug_guard) 3402 csum = (__force __be16)ip_compute_csum(buf, len); 3403 else 3404 csum = cpu_to_be16(crc_t10dif(buf, len)); 3405 3406 return csum; 3407 } 3408 3409 static int dif_verify(struct t10_pi_tuple *sdt, const void *data, 3410 sector_t sector, u32 ei_lba) 3411 { 3412 __be16 csum = dif_compute_csum(data, sdebug_sector_size); 3413 3414 if (sdt->guard_tag != csum) { 3415 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n", 3416 (unsigned long)sector, 3417 be16_to_cpu(sdt->guard_tag), 3418 be16_to_cpu(csum)); 3419 return 0x01; 3420 } 3421 if (sdebug_dif == T10_PI_TYPE1_PROTECTION && 3422 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) { 3423 pr_err("REF check failed on sector %lu\n", 3424 (unsigned long)sector); 3425 return 0x03; 3426 } 3427 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3428 be32_to_cpu(sdt->ref_tag) != ei_lba) { 3429 pr_err("REF check failed on sector %lu\n", 3430 (unsigned long)sector); 3431 return 0x03; 3432 } 3433 return 0; 3434 } 3435 3436 static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector, 3437 unsigned int sectors, bool read) 3438 { 3439 size_t resid; 3440 void *paddr; 3441 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 3442 scp->device->hostdata, true); 3443 struct t10_pi_tuple *dif_storep = sip->dif_storep; 3444 const void *dif_store_end = dif_storep + sdebug_store_sectors; 3445 struct sg_mapping_iter miter; 3446 3447 /* Bytes of protection data to copy into sgl */ 3448 resid = sectors * sizeof(*dif_storep); 3449 3450 sg_miter_start(&miter, scsi_prot_sglist(scp), 3451 scsi_prot_sg_count(scp), SG_MITER_ATOMIC | 3452 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG)); 3453 3454 while (sg_miter_next(&miter) && resid > 0) { 3455 size_t len = min_t(size_t, miter.length, resid); 3456 void *start = dif_store(sip, sector); 3457 size_t rest = 0; 3458 3459 if (dif_store_end < start + len) 3460 rest = start + len - dif_store_end; 3461 3462 paddr = miter.addr; 3463 3464 if (read) 3465 memcpy(paddr, start, len - rest); 3466 else 3467 memcpy(start, paddr, len - rest); 3468 3469 if (rest) { 3470 if (read) 3471 memcpy(paddr + len - rest, dif_storep, rest); 3472 else 3473 memcpy(dif_storep, paddr + len - rest, rest); 3474 } 3475 3476 sector += len / sizeof(*dif_storep); 3477 resid -= len; 3478 } 3479 sg_miter_stop(&miter); 3480 } 3481 3482 static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec, 3483 unsigned int sectors, u32 ei_lba) 3484 { 3485 int ret = 0; 3486 unsigned int i; 3487 sector_t sector; 3488 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 3489 scp->device->hostdata, true); 3490 struct t10_pi_tuple *sdt; 3491 3492 for (i = 0; i < sectors; i++, ei_lba++) { 3493 sector = start_sec + i; 3494 sdt = dif_store(sip, sector); 3495 3496 if (sdt->app_tag == cpu_to_be16(0xffff)) 3497 continue; 3498 3499 /* 3500 * Because scsi_debug acts as both initiator and 3501 * target we proceed to verify the PI even if 3502 * RDPROTECT=3. This is done so the "initiator" knows 3503 * which type of error to return. Otherwise we would 3504 * have to iterate over the PI twice. 3505 */ 3506 if (scp->cmnd[1] >> 5) { /* RDPROTECT */ 3507 ret = dif_verify(sdt, lba2fake_store(sip, sector), 3508 sector, ei_lba); 3509 if (ret) { 3510 dif_errors++; 3511 break; 3512 } 3513 } 3514 } 3515 3516 dif_copy_prot(scp, start_sec, sectors, true); 3517 dix_reads++; 3518 3519 return ret; 3520 } 3521 3522 static inline void 3523 sdeb_read_lock(struct sdeb_store_info *sip) 3524 { 3525 if (sdebug_no_rwlock) { 3526 if (sip) 3527 __acquire(&sip->macc_lck); 3528 else 3529 __acquire(&sdeb_fake_rw_lck); 3530 } else { 3531 if (sip) 3532 read_lock(&sip->macc_lck); 3533 else 3534 read_lock(&sdeb_fake_rw_lck); 3535 } 3536 } 3537 3538 static inline void 3539 sdeb_read_unlock(struct sdeb_store_info *sip) 3540 { 3541 if (sdebug_no_rwlock) { 3542 if (sip) 3543 __release(&sip->macc_lck); 3544 else 3545 __release(&sdeb_fake_rw_lck); 3546 } else { 3547 if (sip) 3548 read_unlock(&sip->macc_lck); 3549 else 3550 read_unlock(&sdeb_fake_rw_lck); 3551 } 3552 } 3553 3554 static inline void 3555 sdeb_write_lock(struct sdeb_store_info *sip) 3556 { 3557 if (sdebug_no_rwlock) { 3558 if (sip) 3559 __acquire(&sip->macc_lck); 3560 else 3561 __acquire(&sdeb_fake_rw_lck); 3562 } else { 3563 if (sip) 3564 write_lock(&sip->macc_lck); 3565 else 3566 write_lock(&sdeb_fake_rw_lck); 3567 } 3568 } 3569 3570 static inline void 3571 sdeb_write_unlock(struct sdeb_store_info *sip) 3572 { 3573 if (sdebug_no_rwlock) { 3574 if (sip) 3575 __release(&sip->macc_lck); 3576 else 3577 __release(&sdeb_fake_rw_lck); 3578 } else { 3579 if (sip) 3580 write_unlock(&sip->macc_lck); 3581 else 3582 write_unlock(&sdeb_fake_rw_lck); 3583 } 3584 } 3585 3586 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3587 { 3588 bool check_prot; 3589 u32 num; 3590 u32 ei_lba; 3591 int ret; 3592 u64 lba; 3593 struct sdeb_store_info *sip = devip2sip(devip, true); 3594 u8 *cmd = scp->cmnd; 3595 3596 switch (cmd[0]) { 3597 case READ_16: 3598 ei_lba = 0; 3599 lba = get_unaligned_be64(cmd + 2); 3600 num = get_unaligned_be32(cmd + 10); 3601 check_prot = true; 3602 break; 3603 case READ_10: 3604 ei_lba = 0; 3605 lba = get_unaligned_be32(cmd + 2); 3606 num = get_unaligned_be16(cmd + 7); 3607 check_prot = true; 3608 break; 3609 case READ_6: 3610 ei_lba = 0; 3611 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 3612 (u32)(cmd[1] & 0x1f) << 16; 3613 num = (0 == cmd[4]) ? 256 : cmd[4]; 3614 check_prot = true; 3615 break; 3616 case READ_12: 3617 ei_lba = 0; 3618 lba = get_unaligned_be32(cmd + 2); 3619 num = get_unaligned_be32(cmd + 6); 3620 check_prot = true; 3621 break; 3622 case XDWRITEREAD_10: 3623 ei_lba = 0; 3624 lba = get_unaligned_be32(cmd + 2); 3625 num = get_unaligned_be16(cmd + 7); 3626 check_prot = false; 3627 break; 3628 default: /* assume READ(32) */ 3629 lba = get_unaligned_be64(cmd + 12); 3630 ei_lba = get_unaligned_be32(cmd + 20); 3631 num = get_unaligned_be32(cmd + 28); 3632 check_prot = false; 3633 break; 3634 } 3635 if (unlikely(have_dif_prot && check_prot)) { 3636 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3637 (cmd[1] & 0xe0)) { 3638 mk_sense_invalid_opcode(scp); 3639 return check_condition_result; 3640 } 3641 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3642 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3643 (cmd[1] & 0xe0) == 0) 3644 sdev_printk(KERN_ERR, scp->device, "Unprotected RD " 3645 "to DIF device\n"); 3646 } 3647 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) && 3648 atomic_read(&sdeb_inject_pending))) { 3649 num /= 2; 3650 atomic_set(&sdeb_inject_pending, 0); 3651 } 3652 3653 ret = check_device_access_params(scp, lba, num, false); 3654 if (ret) 3655 return ret; 3656 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) && 3657 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) && 3658 ((lba + num) > sdebug_medium_error_start))) { 3659 /* claim unrecoverable read error */ 3660 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0); 3661 /* set info field and valid bit for fixed descriptor */ 3662 if (0x70 == (scp->sense_buffer[0] & 0x7f)) { 3663 scp->sense_buffer[0] |= 0x80; /* Valid bit */ 3664 ret = (lba < OPT_MEDIUM_ERR_ADDR) 3665 ? OPT_MEDIUM_ERR_ADDR : (int)lba; 3666 put_unaligned_be32(ret, scp->sense_buffer + 3); 3667 } 3668 scsi_set_resid(scp, scsi_bufflen(scp)); 3669 return check_condition_result; 3670 } 3671 3672 sdeb_read_lock(sip); 3673 3674 /* DIX + T10 DIF */ 3675 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3676 switch (prot_verify_read(scp, lba, num, ei_lba)) { 3677 case 1: /* Guard tag error */ 3678 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */ 3679 sdeb_read_unlock(sip); 3680 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3681 return check_condition_result; 3682 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) { 3683 sdeb_read_unlock(sip); 3684 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3685 return illegal_condition_result; 3686 } 3687 break; 3688 case 3: /* Reference tag error */ 3689 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */ 3690 sdeb_read_unlock(sip); 3691 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3); 3692 return check_condition_result; 3693 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) { 3694 sdeb_read_unlock(sip); 3695 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3); 3696 return illegal_condition_result; 3697 } 3698 break; 3699 } 3700 } 3701 3702 ret = do_device_access(sip, scp, 0, lba, num, false); 3703 sdeb_read_unlock(sip); 3704 if (unlikely(ret == -1)) 3705 return DID_ERROR << 16; 3706 3707 scsi_set_resid(scp, scsi_bufflen(scp) - ret); 3708 3709 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 3710 atomic_read(&sdeb_inject_pending))) { 3711 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 3712 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 3713 atomic_set(&sdeb_inject_pending, 0); 3714 return check_condition_result; 3715 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 3716 /* Logical block guard check failed */ 3717 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3718 atomic_set(&sdeb_inject_pending, 0); 3719 return illegal_condition_result; 3720 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) { 3721 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3722 atomic_set(&sdeb_inject_pending, 0); 3723 return illegal_condition_result; 3724 } 3725 } 3726 return 0; 3727 } 3728 3729 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec, 3730 unsigned int sectors, u32 ei_lba) 3731 { 3732 int ret; 3733 struct t10_pi_tuple *sdt; 3734 void *daddr; 3735 sector_t sector = start_sec; 3736 int ppage_offset; 3737 int dpage_offset; 3738 struct sg_mapping_iter diter; 3739 struct sg_mapping_iter piter; 3740 3741 BUG_ON(scsi_sg_count(SCpnt) == 0); 3742 BUG_ON(scsi_prot_sg_count(SCpnt) == 0); 3743 3744 sg_miter_start(&piter, scsi_prot_sglist(SCpnt), 3745 scsi_prot_sg_count(SCpnt), 3746 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 3747 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt), 3748 SG_MITER_ATOMIC | SG_MITER_FROM_SG); 3749 3750 /* For each protection page */ 3751 while (sg_miter_next(&piter)) { 3752 dpage_offset = 0; 3753 if (WARN_ON(!sg_miter_next(&diter))) { 3754 ret = 0x01; 3755 goto out; 3756 } 3757 3758 for (ppage_offset = 0; ppage_offset < piter.length; 3759 ppage_offset += sizeof(struct t10_pi_tuple)) { 3760 /* If we're at the end of the current 3761 * data page advance to the next one 3762 */ 3763 if (dpage_offset >= diter.length) { 3764 if (WARN_ON(!sg_miter_next(&diter))) { 3765 ret = 0x01; 3766 goto out; 3767 } 3768 dpage_offset = 0; 3769 } 3770 3771 sdt = piter.addr + ppage_offset; 3772 daddr = diter.addr + dpage_offset; 3773 3774 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */ 3775 ret = dif_verify(sdt, daddr, sector, ei_lba); 3776 if (ret) 3777 goto out; 3778 } 3779 3780 sector++; 3781 ei_lba++; 3782 dpage_offset += sdebug_sector_size; 3783 } 3784 diter.consumed = dpage_offset; 3785 sg_miter_stop(&diter); 3786 } 3787 sg_miter_stop(&piter); 3788 3789 dif_copy_prot(SCpnt, start_sec, sectors, false); 3790 dix_writes++; 3791 3792 return 0; 3793 3794 out: 3795 dif_errors++; 3796 sg_miter_stop(&diter); 3797 sg_miter_stop(&piter); 3798 return ret; 3799 } 3800 3801 static unsigned long lba_to_map_index(sector_t lba) 3802 { 3803 if (sdebug_unmap_alignment) 3804 lba += sdebug_unmap_granularity - sdebug_unmap_alignment; 3805 sector_div(lba, sdebug_unmap_granularity); 3806 return lba; 3807 } 3808 3809 static sector_t map_index_to_lba(unsigned long index) 3810 { 3811 sector_t lba = index * sdebug_unmap_granularity; 3812 3813 if (sdebug_unmap_alignment) 3814 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment; 3815 return lba; 3816 } 3817 3818 static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba, 3819 unsigned int *num) 3820 { 3821 sector_t end; 3822 unsigned int mapped; 3823 unsigned long index; 3824 unsigned long next; 3825 3826 index = lba_to_map_index(lba); 3827 mapped = test_bit(index, sip->map_storep); 3828 3829 if (mapped) 3830 next = find_next_zero_bit(sip->map_storep, map_size, index); 3831 else 3832 next = find_next_bit(sip->map_storep, map_size, index); 3833 3834 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next)); 3835 *num = end - lba; 3836 return mapped; 3837 } 3838 3839 static void map_region(struct sdeb_store_info *sip, sector_t lba, 3840 unsigned int len) 3841 { 3842 sector_t end = lba + len; 3843 3844 while (lba < end) { 3845 unsigned long index = lba_to_map_index(lba); 3846 3847 if (index < map_size) 3848 set_bit(index, sip->map_storep); 3849 3850 lba = map_index_to_lba(index + 1); 3851 } 3852 } 3853 3854 static void unmap_region(struct sdeb_store_info *sip, sector_t lba, 3855 unsigned int len) 3856 { 3857 sector_t end = lba + len; 3858 u8 *fsp = sip->storep; 3859 3860 while (lba < end) { 3861 unsigned long index = lba_to_map_index(lba); 3862 3863 if (lba == map_index_to_lba(index) && 3864 lba + sdebug_unmap_granularity <= end && 3865 index < map_size) { 3866 clear_bit(index, sip->map_storep); 3867 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */ 3868 memset(fsp + lba * sdebug_sector_size, 3869 (sdebug_lbprz & 1) ? 0 : 0xff, 3870 sdebug_sector_size * 3871 sdebug_unmap_granularity); 3872 } 3873 if (sip->dif_storep) { 3874 memset(sip->dif_storep + lba, 0xff, 3875 sizeof(*sip->dif_storep) * 3876 sdebug_unmap_granularity); 3877 } 3878 } 3879 lba = map_index_to_lba(index + 1); 3880 } 3881 } 3882 3883 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 3884 { 3885 bool check_prot; 3886 u32 num; 3887 u32 ei_lba; 3888 int ret; 3889 u64 lba; 3890 struct sdeb_store_info *sip = devip2sip(devip, true); 3891 u8 *cmd = scp->cmnd; 3892 3893 switch (cmd[0]) { 3894 case WRITE_16: 3895 ei_lba = 0; 3896 lba = get_unaligned_be64(cmd + 2); 3897 num = get_unaligned_be32(cmd + 10); 3898 check_prot = true; 3899 break; 3900 case WRITE_10: 3901 ei_lba = 0; 3902 lba = get_unaligned_be32(cmd + 2); 3903 num = get_unaligned_be16(cmd + 7); 3904 check_prot = true; 3905 break; 3906 case WRITE_6: 3907 ei_lba = 0; 3908 lba = (u32)cmd[3] | (u32)cmd[2] << 8 | 3909 (u32)(cmd[1] & 0x1f) << 16; 3910 num = (0 == cmd[4]) ? 256 : cmd[4]; 3911 check_prot = true; 3912 break; 3913 case WRITE_12: 3914 ei_lba = 0; 3915 lba = get_unaligned_be32(cmd + 2); 3916 num = get_unaligned_be32(cmd + 6); 3917 check_prot = true; 3918 break; 3919 case 0x53: /* XDWRITEREAD(10) */ 3920 ei_lba = 0; 3921 lba = get_unaligned_be32(cmd + 2); 3922 num = get_unaligned_be16(cmd + 7); 3923 check_prot = false; 3924 break; 3925 default: /* assume WRITE(32) */ 3926 lba = get_unaligned_be64(cmd + 12); 3927 ei_lba = get_unaligned_be32(cmd + 20); 3928 num = get_unaligned_be32(cmd + 28); 3929 check_prot = false; 3930 break; 3931 } 3932 if (unlikely(have_dif_prot && check_prot)) { 3933 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 3934 (cmd[1] & 0xe0)) { 3935 mk_sense_invalid_opcode(scp); 3936 return check_condition_result; 3937 } 3938 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 3939 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 3940 (cmd[1] & 0xe0) == 0) 3941 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 3942 "to DIF device\n"); 3943 } 3944 3945 sdeb_write_lock(sip); 3946 ret = check_device_access_params(scp, lba, num, true); 3947 if (ret) { 3948 sdeb_write_unlock(sip); 3949 return ret; 3950 } 3951 3952 /* DIX + T10 DIF */ 3953 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 3954 switch (prot_verify_write(scp, lba, num, ei_lba)) { 3955 case 1: /* Guard tag error */ 3956 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) { 3957 sdeb_write_unlock(sip); 3958 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 3959 return illegal_condition_result; 3960 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */ 3961 sdeb_write_unlock(sip); 3962 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 3963 return check_condition_result; 3964 } 3965 break; 3966 case 3: /* Reference tag error */ 3967 if (scp->prot_flags & SCSI_PROT_REF_CHECK) { 3968 sdeb_write_unlock(sip); 3969 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3); 3970 return illegal_condition_result; 3971 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */ 3972 sdeb_write_unlock(sip); 3973 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3); 3974 return check_condition_result; 3975 } 3976 break; 3977 } 3978 } 3979 3980 ret = do_device_access(sip, scp, 0, lba, num, true); 3981 if (unlikely(scsi_debug_lbp())) 3982 map_region(sip, lba, num); 3983 /* If ZBC zone then bump its write pointer */ 3984 if (sdebug_dev_is_zoned(devip)) 3985 zbc_inc_wp(devip, lba, num); 3986 sdeb_write_unlock(sip); 3987 if (unlikely(-1 == ret)) 3988 return DID_ERROR << 16; 3989 else if (unlikely(sdebug_verbose && 3990 (ret < (num * sdebug_sector_size)))) 3991 sdev_printk(KERN_INFO, scp->device, 3992 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 3993 my_name, num * sdebug_sector_size, ret); 3994 3995 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 3996 atomic_read(&sdeb_inject_pending))) { 3997 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 3998 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 3999 atomic_set(&sdeb_inject_pending, 0); 4000 return check_condition_result; 4001 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 4002 /* Logical block guard check failed */ 4003 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 4004 atomic_set(&sdeb_inject_pending, 0); 4005 return illegal_condition_result; 4006 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) { 4007 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 4008 atomic_set(&sdeb_inject_pending, 0); 4009 return illegal_condition_result; 4010 } 4011 } 4012 return 0; 4013 } 4014 4015 /* 4016 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32). 4017 * No READ GATHERED yet (requires bidi or long cdb holding gather list). 4018 */ 4019 static int resp_write_scat(struct scsi_cmnd *scp, 4020 struct sdebug_dev_info *devip) 4021 { 4022 u8 *cmd = scp->cmnd; 4023 u8 *lrdp = NULL; 4024 u8 *up; 4025 struct sdeb_store_info *sip = devip2sip(devip, true); 4026 u8 wrprotect; 4027 u16 lbdof, num_lrd, k; 4028 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb; 4029 u32 lb_size = sdebug_sector_size; 4030 u32 ei_lba; 4031 u64 lba; 4032 int ret, res; 4033 bool is_16; 4034 static const u32 lrd_size = 32; /* + parameter list header size */ 4035 4036 if (cmd[0] == VARIABLE_LENGTH_CMD) { 4037 is_16 = false; 4038 wrprotect = (cmd[10] >> 5) & 0x7; 4039 lbdof = get_unaligned_be16(cmd + 12); 4040 num_lrd = get_unaligned_be16(cmd + 16); 4041 bt_len = get_unaligned_be32(cmd + 28); 4042 } else { /* that leaves WRITE SCATTERED(16) */ 4043 is_16 = true; 4044 wrprotect = (cmd[2] >> 5) & 0x7; 4045 lbdof = get_unaligned_be16(cmd + 4); 4046 num_lrd = get_unaligned_be16(cmd + 8); 4047 bt_len = get_unaligned_be32(cmd + 10); 4048 if (unlikely(have_dif_prot)) { 4049 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 4050 wrprotect) { 4051 mk_sense_invalid_opcode(scp); 4052 return illegal_condition_result; 4053 } 4054 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 4055 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 4056 wrprotect == 0) 4057 sdev_printk(KERN_ERR, scp->device, 4058 "Unprotected WR to DIF device\n"); 4059 } 4060 } 4061 if ((num_lrd == 0) || (bt_len == 0)) 4062 return 0; /* T10 says these do-nothings are not errors */ 4063 if (lbdof == 0) { 4064 if (sdebug_verbose) 4065 sdev_printk(KERN_INFO, scp->device, 4066 "%s: %s: LB Data Offset field bad\n", 4067 my_name, __func__); 4068 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4069 return illegal_condition_result; 4070 } 4071 lbdof_blen = lbdof * lb_size; 4072 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) { 4073 if (sdebug_verbose) 4074 sdev_printk(KERN_INFO, scp->device, 4075 "%s: %s: LBA range descriptors don't fit\n", 4076 my_name, __func__); 4077 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4078 return illegal_condition_result; 4079 } 4080 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN); 4081 if (lrdp == NULL) 4082 return SCSI_MLQUEUE_HOST_BUSY; 4083 if (sdebug_verbose) 4084 sdev_printk(KERN_INFO, scp->device, 4085 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n", 4086 my_name, __func__, lbdof_blen); 4087 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen); 4088 if (res == -1) { 4089 ret = DID_ERROR << 16; 4090 goto err_out; 4091 } 4092 4093 sdeb_write_lock(sip); 4094 sg_off = lbdof_blen; 4095 /* Spec says Buffer xfer Length field in number of LBs in dout */ 4096 cum_lb = 0; 4097 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) { 4098 lba = get_unaligned_be64(up + 0); 4099 num = get_unaligned_be32(up + 8); 4100 if (sdebug_verbose) 4101 sdev_printk(KERN_INFO, scp->device, 4102 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n", 4103 my_name, __func__, k, lba, num, sg_off); 4104 if (num == 0) 4105 continue; 4106 ret = check_device_access_params(scp, lba, num, true); 4107 if (ret) 4108 goto err_out_unlock; 4109 num_by = num * lb_size; 4110 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12); 4111 4112 if ((cum_lb + num) > bt_len) { 4113 if (sdebug_verbose) 4114 sdev_printk(KERN_INFO, scp->device, 4115 "%s: %s: sum of blocks > data provided\n", 4116 my_name, __func__); 4117 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC, 4118 0); 4119 ret = illegal_condition_result; 4120 goto err_out_unlock; 4121 } 4122 4123 /* DIX + T10 DIF */ 4124 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) { 4125 int prot_ret = prot_verify_write(scp, lba, num, 4126 ei_lba); 4127 4128 if (prot_ret) { 4129 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 4130 prot_ret); 4131 ret = illegal_condition_result; 4132 goto err_out_unlock; 4133 } 4134 } 4135 4136 ret = do_device_access(sip, scp, sg_off, lba, num, true); 4137 /* If ZBC zone then bump its write pointer */ 4138 if (sdebug_dev_is_zoned(devip)) 4139 zbc_inc_wp(devip, lba, num); 4140 if (unlikely(scsi_debug_lbp())) 4141 map_region(sip, lba, num); 4142 if (unlikely(-1 == ret)) { 4143 ret = DID_ERROR << 16; 4144 goto err_out_unlock; 4145 } else if (unlikely(sdebug_verbose && (ret < num_by))) 4146 sdev_printk(KERN_INFO, scp->device, 4147 "%s: write: cdb indicated=%u, IO sent=%d bytes\n", 4148 my_name, num_by, ret); 4149 4150 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) && 4151 atomic_read(&sdeb_inject_pending))) { 4152 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) { 4153 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0); 4154 atomic_set(&sdeb_inject_pending, 0); 4155 ret = check_condition_result; 4156 goto err_out_unlock; 4157 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) { 4158 /* Logical block guard check failed */ 4159 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1); 4160 atomic_set(&sdeb_inject_pending, 0); 4161 ret = illegal_condition_result; 4162 goto err_out_unlock; 4163 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) { 4164 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1); 4165 atomic_set(&sdeb_inject_pending, 0); 4166 ret = illegal_condition_result; 4167 goto err_out_unlock; 4168 } 4169 } 4170 sg_off += num_by; 4171 cum_lb += num; 4172 } 4173 ret = 0; 4174 err_out_unlock: 4175 sdeb_write_unlock(sip); 4176 err_out: 4177 kfree(lrdp); 4178 return ret; 4179 } 4180 4181 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, 4182 u32 ei_lba, bool unmap, bool ndob) 4183 { 4184 struct scsi_device *sdp = scp->device; 4185 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 4186 unsigned long long i; 4187 u64 block, lbaa; 4188 u32 lb_size = sdebug_sector_size; 4189 int ret; 4190 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *) 4191 scp->device->hostdata, true); 4192 u8 *fs1p; 4193 u8 *fsp; 4194 4195 sdeb_write_lock(sip); 4196 4197 ret = check_device_access_params(scp, lba, num, true); 4198 if (ret) { 4199 sdeb_write_unlock(sip); 4200 return ret; 4201 } 4202 4203 if (unmap && scsi_debug_lbp()) { 4204 unmap_region(sip, lba, num); 4205 goto out; 4206 } 4207 lbaa = lba; 4208 block = do_div(lbaa, sdebug_store_sectors); 4209 /* if ndob then zero 1 logical block, else fetch 1 logical block */ 4210 fsp = sip->storep; 4211 fs1p = fsp + (block * lb_size); 4212 if (ndob) { 4213 memset(fs1p, 0, lb_size); 4214 ret = 0; 4215 } else 4216 ret = fetch_to_dev_buffer(scp, fs1p, lb_size); 4217 4218 if (-1 == ret) { 4219 sdeb_write_unlock(sip); 4220 return DID_ERROR << 16; 4221 } else if (sdebug_verbose && !ndob && (ret < lb_size)) 4222 sdev_printk(KERN_INFO, scp->device, 4223 "%s: %s: lb size=%u, IO sent=%d bytes\n", 4224 my_name, "write same", lb_size, ret); 4225 4226 /* Copy first sector to remaining blocks */ 4227 for (i = 1 ; i < num ; i++) { 4228 lbaa = lba + i; 4229 block = do_div(lbaa, sdebug_store_sectors); 4230 memmove(fsp + (block * lb_size), fs1p, lb_size); 4231 } 4232 if (scsi_debug_lbp()) 4233 map_region(sip, lba, num); 4234 /* If ZBC zone then bump its write pointer */ 4235 if (sdebug_dev_is_zoned(devip)) 4236 zbc_inc_wp(devip, lba, num); 4237 out: 4238 sdeb_write_unlock(sip); 4239 4240 return 0; 4241 } 4242 4243 static int resp_write_same_10(struct scsi_cmnd *scp, 4244 struct sdebug_dev_info *devip) 4245 { 4246 u8 *cmd = scp->cmnd; 4247 u32 lba; 4248 u16 num; 4249 u32 ei_lba = 0; 4250 bool unmap = false; 4251 4252 if (cmd[1] & 0x8) { 4253 if (sdebug_lbpws10 == 0) { 4254 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 4255 return check_condition_result; 4256 } else 4257 unmap = true; 4258 } 4259 lba = get_unaligned_be32(cmd + 2); 4260 num = get_unaligned_be16(cmd + 7); 4261 if (num > sdebug_write_same_length) { 4262 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 4263 return check_condition_result; 4264 } 4265 return resp_write_same(scp, lba, num, ei_lba, unmap, false); 4266 } 4267 4268 static int resp_write_same_16(struct scsi_cmnd *scp, 4269 struct sdebug_dev_info *devip) 4270 { 4271 u8 *cmd = scp->cmnd; 4272 u64 lba; 4273 u32 num; 4274 u32 ei_lba = 0; 4275 bool unmap = false; 4276 bool ndob = false; 4277 4278 if (cmd[1] & 0x8) { /* UNMAP */ 4279 if (sdebug_lbpws == 0) { 4280 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3); 4281 return check_condition_result; 4282 } else 4283 unmap = true; 4284 } 4285 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */ 4286 ndob = true; 4287 lba = get_unaligned_be64(cmd + 2); 4288 num = get_unaligned_be32(cmd + 10); 4289 if (num > sdebug_write_same_length) { 4290 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1); 4291 return check_condition_result; 4292 } 4293 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob); 4294 } 4295 4296 /* Note the mode field is in the same position as the (lower) service action 4297 * field. For the Report supported operation codes command, SPC-4 suggests 4298 * each mode of this command should be reported separately; for future. */ 4299 static int resp_write_buffer(struct scsi_cmnd *scp, 4300 struct sdebug_dev_info *devip) 4301 { 4302 u8 *cmd = scp->cmnd; 4303 struct scsi_device *sdp = scp->device; 4304 struct sdebug_dev_info *dp; 4305 u8 mode; 4306 4307 mode = cmd[1] & 0x1f; 4308 switch (mode) { 4309 case 0x4: /* download microcode (MC) and activate (ACT) */ 4310 /* set UAs on this device only */ 4311 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 4312 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm); 4313 break; 4314 case 0x5: /* download MC, save and ACT */ 4315 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm); 4316 break; 4317 case 0x6: /* download MC with offsets and ACT */ 4318 /* set UAs on most devices (LUs) in this target */ 4319 list_for_each_entry(dp, 4320 &devip->sdbg_host->dev_info_list, 4321 dev_list) 4322 if (dp->target == sdp->id) { 4323 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm); 4324 if (devip != dp) 4325 set_bit(SDEBUG_UA_MICROCODE_CHANGED, 4326 dp->uas_bm); 4327 } 4328 break; 4329 case 0x7: /* download MC with offsets, save, and ACT */ 4330 /* set UA on all devices (LUs) in this target */ 4331 list_for_each_entry(dp, 4332 &devip->sdbg_host->dev_info_list, 4333 dev_list) 4334 if (dp->target == sdp->id) 4335 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, 4336 dp->uas_bm); 4337 break; 4338 default: 4339 /* do nothing for this command for other mode values */ 4340 break; 4341 } 4342 return 0; 4343 } 4344 4345 static int resp_comp_write(struct scsi_cmnd *scp, 4346 struct sdebug_dev_info *devip) 4347 { 4348 u8 *cmd = scp->cmnd; 4349 u8 *arr; 4350 struct sdeb_store_info *sip = devip2sip(devip, true); 4351 u64 lba; 4352 u32 dnum; 4353 u32 lb_size = sdebug_sector_size; 4354 u8 num; 4355 int ret; 4356 int retval = 0; 4357 4358 lba = get_unaligned_be64(cmd + 2); 4359 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */ 4360 if (0 == num) 4361 return 0; /* degenerate case, not an error */ 4362 if (sdebug_dif == T10_PI_TYPE2_PROTECTION && 4363 (cmd[1] & 0xe0)) { 4364 mk_sense_invalid_opcode(scp); 4365 return check_condition_result; 4366 } 4367 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION || 4368 sdebug_dif == T10_PI_TYPE3_PROTECTION) && 4369 (cmd[1] & 0xe0) == 0) 4370 sdev_printk(KERN_ERR, scp->device, "Unprotected WR " 4371 "to DIF device\n"); 4372 ret = check_device_access_params(scp, lba, num, false); 4373 if (ret) 4374 return ret; 4375 dnum = 2 * num; 4376 arr = kcalloc(lb_size, dnum, GFP_ATOMIC); 4377 if (NULL == arr) { 4378 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4379 INSUFF_RES_ASCQ); 4380 return check_condition_result; 4381 } 4382 4383 sdeb_write_lock(sip); 4384 4385 ret = do_dout_fetch(scp, dnum, arr); 4386 if (ret == -1) { 4387 retval = DID_ERROR << 16; 4388 goto cleanup; 4389 } else if (sdebug_verbose && (ret < (dnum * lb_size))) 4390 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb " 4391 "indicated=%u, IO sent=%d bytes\n", my_name, 4392 dnum * lb_size, ret); 4393 if (!comp_write_worker(sip, lba, num, arr, false)) { 4394 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 4395 retval = check_condition_result; 4396 goto cleanup; 4397 } 4398 if (scsi_debug_lbp()) 4399 map_region(sip, lba, num); 4400 cleanup: 4401 sdeb_write_unlock(sip); 4402 kfree(arr); 4403 return retval; 4404 } 4405 4406 struct unmap_block_desc { 4407 __be64 lba; 4408 __be32 blocks; 4409 __be32 __reserved; 4410 }; 4411 4412 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4413 { 4414 unsigned char *buf; 4415 struct unmap_block_desc *desc; 4416 struct sdeb_store_info *sip = devip2sip(devip, true); 4417 unsigned int i, payload_len, descriptors; 4418 int ret; 4419 4420 if (!scsi_debug_lbp()) 4421 return 0; /* fib and say its done */ 4422 payload_len = get_unaligned_be16(scp->cmnd + 7); 4423 BUG_ON(scsi_bufflen(scp) != payload_len); 4424 4425 descriptors = (payload_len - 8) / 16; 4426 if (descriptors > sdebug_unmap_max_desc) { 4427 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1); 4428 return check_condition_result; 4429 } 4430 4431 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC); 4432 if (!buf) { 4433 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4434 INSUFF_RES_ASCQ); 4435 return check_condition_result; 4436 } 4437 4438 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp)); 4439 4440 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2); 4441 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16); 4442 4443 desc = (void *)&buf[8]; 4444 4445 sdeb_write_lock(sip); 4446 4447 for (i = 0 ; i < descriptors ; i++) { 4448 unsigned long long lba = get_unaligned_be64(&desc[i].lba); 4449 unsigned int num = get_unaligned_be32(&desc[i].blocks); 4450 4451 ret = check_device_access_params(scp, lba, num, true); 4452 if (ret) 4453 goto out; 4454 4455 unmap_region(sip, lba, num); 4456 } 4457 4458 ret = 0; 4459 4460 out: 4461 sdeb_write_unlock(sip); 4462 kfree(buf); 4463 4464 return ret; 4465 } 4466 4467 #define SDEBUG_GET_LBA_STATUS_LEN 32 4468 4469 static int resp_get_lba_status(struct scsi_cmnd *scp, 4470 struct sdebug_dev_info *devip) 4471 { 4472 u8 *cmd = scp->cmnd; 4473 u64 lba; 4474 u32 alloc_len, mapped, num; 4475 int ret; 4476 u8 arr[SDEBUG_GET_LBA_STATUS_LEN]; 4477 4478 lba = get_unaligned_be64(cmd + 2); 4479 alloc_len = get_unaligned_be32(cmd + 10); 4480 4481 if (alloc_len < 24) 4482 return 0; 4483 4484 ret = check_device_access_params(scp, lba, 1, false); 4485 if (ret) 4486 return ret; 4487 4488 if (scsi_debug_lbp()) { 4489 struct sdeb_store_info *sip = devip2sip(devip, true); 4490 4491 mapped = map_state(sip, lba, &num); 4492 } else { 4493 mapped = 1; 4494 /* following just in case virtual_gb changed */ 4495 sdebug_capacity = get_sdebug_capacity(); 4496 if (sdebug_capacity - lba <= 0xffffffff) 4497 num = sdebug_capacity - lba; 4498 else 4499 num = 0xffffffff; 4500 } 4501 4502 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN); 4503 put_unaligned_be32(20, arr); /* Parameter Data Length */ 4504 put_unaligned_be64(lba, arr + 8); /* LBA */ 4505 put_unaligned_be32(num, arr + 16); /* Number of blocks */ 4506 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */ 4507 4508 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN); 4509 } 4510 4511 static int resp_sync_cache(struct scsi_cmnd *scp, 4512 struct sdebug_dev_info *devip) 4513 { 4514 int res = 0; 4515 u64 lba; 4516 u32 num_blocks; 4517 u8 *cmd = scp->cmnd; 4518 4519 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */ 4520 lba = get_unaligned_be32(cmd + 2); 4521 num_blocks = get_unaligned_be16(cmd + 7); 4522 } else { /* SYNCHRONIZE_CACHE(16) */ 4523 lba = get_unaligned_be64(cmd + 2); 4524 num_blocks = get_unaligned_be32(cmd + 10); 4525 } 4526 if (lba + num_blocks > sdebug_capacity) { 4527 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4528 return check_condition_result; 4529 } 4530 if (!write_since_sync || (cmd[1] & 0x2)) 4531 res = SDEG_RES_IMMED_MASK; 4532 else /* delay if write_since_sync and IMMED clear */ 4533 write_since_sync = false; 4534 return res; 4535 } 4536 4537 /* 4538 * Assuming the LBA+num_blocks is not out-of-range, this function will return 4539 * CONDITION MET if the specified blocks will/have fitted in the cache, and 4540 * a GOOD status otherwise. Model a disk with a big cache and yield 4541 * CONDITION MET. Actually tries to bring range in main memory into the 4542 * cache associated with the CPU(s). 4543 */ 4544 static int resp_pre_fetch(struct scsi_cmnd *scp, 4545 struct sdebug_dev_info *devip) 4546 { 4547 int res = 0; 4548 u64 lba; 4549 u64 block, rest = 0; 4550 u32 nblks; 4551 u8 *cmd = scp->cmnd; 4552 struct sdeb_store_info *sip = devip2sip(devip, true); 4553 u8 *fsp = sip->storep; 4554 4555 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */ 4556 lba = get_unaligned_be32(cmd + 2); 4557 nblks = get_unaligned_be16(cmd + 7); 4558 } else { /* PRE-FETCH(16) */ 4559 lba = get_unaligned_be64(cmd + 2); 4560 nblks = get_unaligned_be32(cmd + 10); 4561 } 4562 if (lba + nblks > sdebug_capacity) { 4563 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4564 return check_condition_result; 4565 } 4566 if (!fsp) 4567 goto fini; 4568 /* PRE-FETCH spec says nothing about LBP or PI so skip them */ 4569 block = do_div(lba, sdebug_store_sectors); 4570 if (block + nblks > sdebug_store_sectors) 4571 rest = block + nblks - sdebug_store_sectors; 4572 4573 /* Try to bring the PRE-FETCH range into CPU's cache */ 4574 sdeb_read_lock(sip); 4575 prefetch_range(fsp + (sdebug_sector_size * block), 4576 (nblks - rest) * sdebug_sector_size); 4577 if (rest) 4578 prefetch_range(fsp, rest * sdebug_sector_size); 4579 sdeb_read_unlock(sip); 4580 fini: 4581 if (cmd[1] & 0x2) 4582 res = SDEG_RES_IMMED_MASK; 4583 return res | condition_met_result; 4584 } 4585 4586 #define RL_BUCKET_ELEMS 8 4587 4588 /* Even though each pseudo target has a REPORT LUNS "well known logical unit" 4589 * (W-LUN), the normal Linux scanning logic does not associate it with a 4590 * device (e.g. /dev/sg7). The following magic will make that association: 4591 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan" 4592 * where <n> is a host number. If there are multiple targets in a host then 4593 * the above will associate a W-LUN to each target. To only get a W-LUN 4594 * for target 2, then use "echo '- 2 49409' > scan" . 4595 */ 4596 static int resp_report_luns(struct scsi_cmnd *scp, 4597 struct sdebug_dev_info *devip) 4598 { 4599 unsigned char *cmd = scp->cmnd; 4600 unsigned int alloc_len; 4601 unsigned char select_report; 4602 u64 lun; 4603 struct scsi_lun *lun_p; 4604 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)]; 4605 unsigned int lun_cnt; /* normal LUN count (max: 256) */ 4606 unsigned int wlun_cnt; /* report luns W-LUN count */ 4607 unsigned int tlun_cnt; /* total LUN count */ 4608 unsigned int rlen; /* response length (in bytes) */ 4609 int k, j, n, res; 4610 unsigned int off_rsp = 0; 4611 const int sz_lun = sizeof(struct scsi_lun); 4612 4613 clear_luns_changed_on_target(devip); 4614 4615 select_report = cmd[2]; 4616 alloc_len = get_unaligned_be32(cmd + 6); 4617 4618 if (alloc_len < 4) { 4619 pr_err("alloc len too small %d\n", alloc_len); 4620 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1); 4621 return check_condition_result; 4622 } 4623 4624 switch (select_report) { 4625 case 0: /* all LUNs apart from W-LUNs */ 4626 lun_cnt = sdebug_max_luns; 4627 wlun_cnt = 0; 4628 break; 4629 case 1: /* only W-LUNs */ 4630 lun_cnt = 0; 4631 wlun_cnt = 1; 4632 break; 4633 case 2: /* all LUNs */ 4634 lun_cnt = sdebug_max_luns; 4635 wlun_cnt = 1; 4636 break; 4637 case 0x10: /* only administrative LUs */ 4638 case 0x11: /* see SPC-5 */ 4639 case 0x12: /* only subsiduary LUs owned by referenced LU */ 4640 default: 4641 pr_debug("select report invalid %d\n", select_report); 4642 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1); 4643 return check_condition_result; 4644 } 4645 4646 if (sdebug_no_lun_0 && (lun_cnt > 0)) 4647 --lun_cnt; 4648 4649 tlun_cnt = lun_cnt + wlun_cnt; 4650 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */ 4651 scsi_set_resid(scp, scsi_bufflen(scp)); 4652 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n", 4653 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0); 4654 4655 /* loops rely on sizeof response header same as sizeof lun (both 8) */ 4656 lun = sdebug_no_lun_0 ? 1 : 0; 4657 for (k = 0, j = 0, res = 0; true; ++k, j = 0) { 4658 memset(arr, 0, sizeof(arr)); 4659 lun_p = (struct scsi_lun *)&arr[0]; 4660 if (k == 0) { 4661 put_unaligned_be32(rlen, &arr[0]); 4662 ++lun_p; 4663 j = 1; 4664 } 4665 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) { 4666 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt) 4667 break; 4668 int_to_scsilun(lun++, lun_p); 4669 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT) 4670 lun_p->scsi_lun[0] |= 0x40; 4671 } 4672 if (j < RL_BUCKET_ELEMS) 4673 break; 4674 n = j * sz_lun; 4675 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp); 4676 if (res) 4677 return res; 4678 off_rsp += n; 4679 } 4680 if (wlun_cnt) { 4681 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p); 4682 ++j; 4683 } 4684 if (j > 0) 4685 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp); 4686 return res; 4687 } 4688 4689 static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4690 { 4691 bool is_bytchk3 = false; 4692 u8 bytchk; 4693 int ret, j; 4694 u32 vnum, a_num, off; 4695 const u32 lb_size = sdebug_sector_size; 4696 u64 lba; 4697 u8 *arr; 4698 u8 *cmd = scp->cmnd; 4699 struct sdeb_store_info *sip = devip2sip(devip, true); 4700 4701 bytchk = (cmd[1] >> 1) & 0x3; 4702 if (bytchk == 0) { 4703 return 0; /* always claim internal verify okay */ 4704 } else if (bytchk == 2) { 4705 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2); 4706 return check_condition_result; 4707 } else if (bytchk == 3) { 4708 is_bytchk3 = true; /* 1 block sent, compared repeatedly */ 4709 } 4710 switch (cmd[0]) { 4711 case VERIFY_16: 4712 lba = get_unaligned_be64(cmd + 2); 4713 vnum = get_unaligned_be32(cmd + 10); 4714 break; 4715 case VERIFY: /* is VERIFY(10) */ 4716 lba = get_unaligned_be32(cmd + 2); 4717 vnum = get_unaligned_be16(cmd + 7); 4718 break; 4719 default: 4720 mk_sense_invalid_opcode(scp); 4721 return check_condition_result; 4722 } 4723 if (vnum == 0) 4724 return 0; /* not an error */ 4725 a_num = is_bytchk3 ? 1 : vnum; 4726 /* Treat following check like one for read (i.e. no write) access */ 4727 ret = check_device_access_params(scp, lba, a_num, false); 4728 if (ret) 4729 return ret; 4730 4731 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN); 4732 if (!arr) { 4733 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4734 INSUFF_RES_ASCQ); 4735 return check_condition_result; 4736 } 4737 /* Not changing store, so only need read access */ 4738 sdeb_read_lock(sip); 4739 4740 ret = do_dout_fetch(scp, a_num, arr); 4741 if (ret == -1) { 4742 ret = DID_ERROR << 16; 4743 goto cleanup; 4744 } else if (sdebug_verbose && (ret < (a_num * lb_size))) { 4745 sdev_printk(KERN_INFO, scp->device, 4746 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n", 4747 my_name, __func__, a_num * lb_size, ret); 4748 } 4749 if (is_bytchk3) { 4750 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size) 4751 memcpy(arr + off, arr, lb_size); 4752 } 4753 ret = 0; 4754 if (!comp_write_worker(sip, lba, vnum, arr, true)) { 4755 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0); 4756 ret = check_condition_result; 4757 goto cleanup; 4758 } 4759 cleanup: 4760 sdeb_read_unlock(sip); 4761 kfree(arr); 4762 return ret; 4763 } 4764 4765 #define RZONES_DESC_HD 64 4766 4767 /* Report zones depending on start LBA and reporting options */ 4768 static int resp_report_zones(struct scsi_cmnd *scp, 4769 struct sdebug_dev_info *devip) 4770 { 4771 unsigned int rep_max_zones, nrz = 0; 4772 int ret = 0; 4773 u32 alloc_len, rep_opts, rep_len; 4774 bool partial; 4775 u64 lba, zs_lba; 4776 u8 *arr = NULL, *desc; 4777 u8 *cmd = scp->cmnd; 4778 struct sdeb_zone_state *zsp = NULL; 4779 struct sdeb_store_info *sip = devip2sip(devip, false); 4780 4781 if (!sdebug_dev_is_zoned(devip)) { 4782 mk_sense_invalid_opcode(scp); 4783 return check_condition_result; 4784 } 4785 zs_lba = get_unaligned_be64(cmd + 2); 4786 alloc_len = get_unaligned_be32(cmd + 10); 4787 if (alloc_len == 0) 4788 return 0; /* not an error */ 4789 rep_opts = cmd[14] & 0x3f; 4790 partial = cmd[14] & 0x80; 4791 4792 if (zs_lba >= sdebug_capacity) { 4793 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4794 return check_condition_result; 4795 } 4796 4797 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD); 4798 4799 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN); 4800 if (!arr) { 4801 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC, 4802 INSUFF_RES_ASCQ); 4803 return check_condition_result; 4804 } 4805 4806 sdeb_read_lock(sip); 4807 4808 desc = arr + 64; 4809 for (lba = zs_lba; lba < sdebug_capacity; 4810 lba = zsp->z_start + zsp->z_size) { 4811 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba)) 4812 break; 4813 zsp = zbc_zone(devip, lba); 4814 switch (rep_opts) { 4815 case 0x00: 4816 /* All zones */ 4817 break; 4818 case 0x01: 4819 /* Empty zones */ 4820 if (zsp->z_cond != ZC1_EMPTY) 4821 continue; 4822 break; 4823 case 0x02: 4824 /* Implicit open zones */ 4825 if (zsp->z_cond != ZC2_IMPLICIT_OPEN) 4826 continue; 4827 break; 4828 case 0x03: 4829 /* Explicit open zones */ 4830 if (zsp->z_cond != ZC3_EXPLICIT_OPEN) 4831 continue; 4832 break; 4833 case 0x04: 4834 /* Closed zones */ 4835 if (zsp->z_cond != ZC4_CLOSED) 4836 continue; 4837 break; 4838 case 0x05: 4839 /* Full zones */ 4840 if (zsp->z_cond != ZC5_FULL) 4841 continue; 4842 break; 4843 case 0x06: 4844 case 0x07: 4845 case 0x10: 4846 /* 4847 * Read-only, offline, reset WP recommended are 4848 * not emulated: no zones to report; 4849 */ 4850 continue; 4851 case 0x11: 4852 /* non-seq-resource set */ 4853 if (!zsp->z_non_seq_resource) 4854 continue; 4855 break; 4856 case 0x3e: 4857 /* All zones except gap zones. */ 4858 if (zbc_zone_is_gap(zsp)) 4859 continue; 4860 break; 4861 case 0x3f: 4862 /* Not write pointer (conventional) zones */ 4863 if (zbc_zone_is_seq(zsp)) 4864 continue; 4865 break; 4866 default: 4867 mk_sense_buffer(scp, ILLEGAL_REQUEST, 4868 INVALID_FIELD_IN_CDB, 0); 4869 ret = check_condition_result; 4870 goto fini; 4871 } 4872 4873 if (nrz < rep_max_zones) { 4874 /* Fill zone descriptor */ 4875 desc[0] = zsp->z_type; 4876 desc[1] = zsp->z_cond << 4; 4877 if (zsp->z_non_seq_resource) 4878 desc[1] |= 1 << 1; 4879 put_unaligned_be64((u64)zsp->z_size, desc + 8); 4880 put_unaligned_be64((u64)zsp->z_start, desc + 16); 4881 put_unaligned_be64((u64)zsp->z_wp, desc + 24); 4882 desc += 64; 4883 } 4884 4885 if (partial && nrz >= rep_max_zones) 4886 break; 4887 4888 nrz++; 4889 } 4890 4891 /* Report header */ 4892 /* Zone list length. */ 4893 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0); 4894 /* Maximum LBA */ 4895 put_unaligned_be64(sdebug_capacity - 1, arr + 8); 4896 /* Zone starting LBA granularity. */ 4897 if (devip->zcap < devip->zsize) 4898 put_unaligned_be64(devip->zsize, arr + 16); 4899 4900 rep_len = (unsigned long)desc - (unsigned long)arr; 4901 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len)); 4902 4903 fini: 4904 sdeb_read_unlock(sip); 4905 kfree(arr); 4906 return ret; 4907 } 4908 4909 /* Logic transplanted from tcmu-runner, file_zbc.c */ 4910 static void zbc_open_all(struct sdebug_dev_info *devip) 4911 { 4912 struct sdeb_zone_state *zsp = &devip->zstate[0]; 4913 unsigned int i; 4914 4915 for (i = 0; i < devip->nr_zones; i++, zsp++) { 4916 if (zsp->z_cond == ZC4_CLOSED) 4917 zbc_open_zone(devip, &devip->zstate[i], true); 4918 } 4919 } 4920 4921 static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 4922 { 4923 int res = 0; 4924 u64 z_id; 4925 enum sdebug_z_cond zc; 4926 u8 *cmd = scp->cmnd; 4927 struct sdeb_zone_state *zsp; 4928 bool all = cmd[14] & 0x01; 4929 struct sdeb_store_info *sip = devip2sip(devip, false); 4930 4931 if (!sdebug_dev_is_zoned(devip)) { 4932 mk_sense_invalid_opcode(scp); 4933 return check_condition_result; 4934 } 4935 4936 sdeb_write_lock(sip); 4937 4938 if (all) { 4939 /* Check if all closed zones can be open */ 4940 if (devip->max_open && 4941 devip->nr_exp_open + devip->nr_closed > devip->max_open) { 4942 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC, 4943 INSUFF_ZONE_ASCQ); 4944 res = check_condition_result; 4945 goto fini; 4946 } 4947 /* Open all closed zones */ 4948 zbc_open_all(devip); 4949 goto fini; 4950 } 4951 4952 /* Open the specified zone */ 4953 z_id = get_unaligned_be64(cmd + 2); 4954 if (z_id >= sdebug_capacity) { 4955 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 4956 res = check_condition_result; 4957 goto fini; 4958 } 4959 4960 zsp = zbc_zone(devip, z_id); 4961 if (z_id != zsp->z_start) { 4962 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4963 res = check_condition_result; 4964 goto fini; 4965 } 4966 if (zbc_zone_is_conv(zsp)) { 4967 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 4968 res = check_condition_result; 4969 goto fini; 4970 } 4971 4972 zc = zsp->z_cond; 4973 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL) 4974 goto fini; 4975 4976 if (devip->max_open && devip->nr_exp_open >= devip->max_open) { 4977 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC, 4978 INSUFF_ZONE_ASCQ); 4979 res = check_condition_result; 4980 goto fini; 4981 } 4982 4983 zbc_open_zone(devip, zsp, true); 4984 fini: 4985 sdeb_write_unlock(sip); 4986 return res; 4987 } 4988 4989 static void zbc_close_all(struct sdebug_dev_info *devip) 4990 { 4991 unsigned int i; 4992 4993 for (i = 0; i < devip->nr_zones; i++) 4994 zbc_close_zone(devip, &devip->zstate[i]); 4995 } 4996 4997 static int resp_close_zone(struct scsi_cmnd *scp, 4998 struct sdebug_dev_info *devip) 4999 { 5000 int res = 0; 5001 u64 z_id; 5002 u8 *cmd = scp->cmnd; 5003 struct sdeb_zone_state *zsp; 5004 bool all = cmd[14] & 0x01; 5005 struct sdeb_store_info *sip = devip2sip(devip, false); 5006 5007 if (!sdebug_dev_is_zoned(devip)) { 5008 mk_sense_invalid_opcode(scp); 5009 return check_condition_result; 5010 } 5011 5012 sdeb_write_lock(sip); 5013 5014 if (all) { 5015 zbc_close_all(devip); 5016 goto fini; 5017 } 5018 5019 /* Close specified zone */ 5020 z_id = get_unaligned_be64(cmd + 2); 5021 if (z_id >= sdebug_capacity) { 5022 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 5023 res = check_condition_result; 5024 goto fini; 5025 } 5026 5027 zsp = zbc_zone(devip, z_id); 5028 if (z_id != zsp->z_start) { 5029 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5030 res = check_condition_result; 5031 goto fini; 5032 } 5033 if (zbc_zone_is_conv(zsp)) { 5034 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5035 res = check_condition_result; 5036 goto fini; 5037 } 5038 5039 zbc_close_zone(devip, zsp); 5040 fini: 5041 sdeb_write_unlock(sip); 5042 return res; 5043 } 5044 5045 static void zbc_finish_zone(struct sdebug_dev_info *devip, 5046 struct sdeb_zone_state *zsp, bool empty) 5047 { 5048 enum sdebug_z_cond zc = zsp->z_cond; 5049 5050 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN || 5051 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) { 5052 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN) 5053 zbc_close_zone(devip, zsp); 5054 if (zsp->z_cond == ZC4_CLOSED) 5055 devip->nr_closed--; 5056 zsp->z_wp = zsp->z_start + zsp->z_size; 5057 zsp->z_cond = ZC5_FULL; 5058 } 5059 } 5060 5061 static void zbc_finish_all(struct sdebug_dev_info *devip) 5062 { 5063 unsigned int i; 5064 5065 for (i = 0; i < devip->nr_zones; i++) 5066 zbc_finish_zone(devip, &devip->zstate[i], false); 5067 } 5068 5069 static int resp_finish_zone(struct scsi_cmnd *scp, 5070 struct sdebug_dev_info *devip) 5071 { 5072 struct sdeb_zone_state *zsp; 5073 int res = 0; 5074 u64 z_id; 5075 u8 *cmd = scp->cmnd; 5076 bool all = cmd[14] & 0x01; 5077 struct sdeb_store_info *sip = devip2sip(devip, false); 5078 5079 if (!sdebug_dev_is_zoned(devip)) { 5080 mk_sense_invalid_opcode(scp); 5081 return check_condition_result; 5082 } 5083 5084 sdeb_write_lock(sip); 5085 5086 if (all) { 5087 zbc_finish_all(devip); 5088 goto fini; 5089 } 5090 5091 /* Finish the specified zone */ 5092 z_id = get_unaligned_be64(cmd + 2); 5093 if (z_id >= sdebug_capacity) { 5094 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 5095 res = check_condition_result; 5096 goto fini; 5097 } 5098 5099 zsp = zbc_zone(devip, z_id); 5100 if (z_id != zsp->z_start) { 5101 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5102 res = check_condition_result; 5103 goto fini; 5104 } 5105 if (zbc_zone_is_conv(zsp)) { 5106 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5107 res = check_condition_result; 5108 goto fini; 5109 } 5110 5111 zbc_finish_zone(devip, zsp, true); 5112 fini: 5113 sdeb_write_unlock(sip); 5114 return res; 5115 } 5116 5117 static void zbc_rwp_zone(struct sdebug_dev_info *devip, 5118 struct sdeb_zone_state *zsp) 5119 { 5120 enum sdebug_z_cond zc; 5121 struct sdeb_store_info *sip = devip2sip(devip, false); 5122 5123 if (!zbc_zone_is_seq(zsp)) 5124 return; 5125 5126 zc = zsp->z_cond; 5127 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN) 5128 zbc_close_zone(devip, zsp); 5129 5130 if (zsp->z_cond == ZC4_CLOSED) 5131 devip->nr_closed--; 5132 5133 if (zsp->z_wp > zsp->z_start) 5134 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0, 5135 (zsp->z_wp - zsp->z_start) * sdebug_sector_size); 5136 5137 zsp->z_non_seq_resource = false; 5138 zsp->z_wp = zsp->z_start; 5139 zsp->z_cond = ZC1_EMPTY; 5140 } 5141 5142 static void zbc_rwp_all(struct sdebug_dev_info *devip) 5143 { 5144 unsigned int i; 5145 5146 for (i = 0; i < devip->nr_zones; i++) 5147 zbc_rwp_zone(devip, &devip->zstate[i]); 5148 } 5149 5150 static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 5151 { 5152 struct sdeb_zone_state *zsp; 5153 int res = 0; 5154 u64 z_id; 5155 u8 *cmd = scp->cmnd; 5156 bool all = cmd[14] & 0x01; 5157 struct sdeb_store_info *sip = devip2sip(devip, false); 5158 5159 if (!sdebug_dev_is_zoned(devip)) { 5160 mk_sense_invalid_opcode(scp); 5161 return check_condition_result; 5162 } 5163 5164 sdeb_write_lock(sip); 5165 5166 if (all) { 5167 zbc_rwp_all(devip); 5168 goto fini; 5169 } 5170 5171 z_id = get_unaligned_be64(cmd + 2); 5172 if (z_id >= sdebug_capacity) { 5173 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0); 5174 res = check_condition_result; 5175 goto fini; 5176 } 5177 5178 zsp = zbc_zone(devip, z_id); 5179 if (z_id != zsp->z_start) { 5180 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5181 res = check_condition_result; 5182 goto fini; 5183 } 5184 if (zbc_zone_is_conv(zsp)) { 5185 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0); 5186 res = check_condition_result; 5187 goto fini; 5188 } 5189 5190 zbc_rwp_zone(devip, zsp); 5191 fini: 5192 sdeb_write_unlock(sip); 5193 return res; 5194 } 5195 5196 static u32 get_tag(struct scsi_cmnd *cmnd) 5197 { 5198 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd)); 5199 } 5200 5201 /* Queued (deferred) command completions converge here. */ 5202 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp) 5203 { 5204 struct sdebug_queued_cmd *sqcp = container_of(sd_dp, struct sdebug_queued_cmd, sd_dp); 5205 unsigned long flags; 5206 struct scsi_cmnd *scp = sqcp->scmd; 5207 struct sdebug_scsi_cmd *sdsc; 5208 bool aborted; 5209 5210 if (sdebug_statistics) { 5211 atomic_inc(&sdebug_completions); 5212 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 5213 atomic_inc(&sdebug_miss_cpus); 5214 } 5215 5216 if (!scp) { 5217 pr_err("scmd=NULL\n"); 5218 goto out; 5219 } 5220 5221 sdsc = scsi_cmd_priv(scp); 5222 spin_lock_irqsave(&sdsc->lock, flags); 5223 aborted = sd_dp->aborted; 5224 if (unlikely(aborted)) 5225 sd_dp->aborted = false; 5226 ASSIGN_QUEUED_CMD(scp, NULL); 5227 5228 spin_unlock_irqrestore(&sdsc->lock, flags); 5229 5230 if (aborted) { 5231 pr_info("bypassing scsi_done() due to aborted cmd, kicking-off EH\n"); 5232 blk_abort_request(scsi_cmd_to_rq(scp)); 5233 goto out; 5234 } 5235 5236 scsi_done(scp); /* callback to mid level */ 5237 out: 5238 sdebug_free_queued_cmd(sqcp); 5239 } 5240 5241 /* When high resolution timer goes off this function is called. */ 5242 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer) 5243 { 5244 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer, 5245 hrt); 5246 sdebug_q_cmd_complete(sd_dp); 5247 return HRTIMER_NORESTART; 5248 } 5249 5250 /* When work queue schedules work, it calls this function. */ 5251 static void sdebug_q_cmd_wq_complete(struct work_struct *work) 5252 { 5253 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer, 5254 ew.work); 5255 sdebug_q_cmd_complete(sd_dp); 5256 } 5257 5258 static bool got_shared_uuid; 5259 static uuid_t shared_uuid; 5260 5261 static int sdebug_device_create_zones(struct sdebug_dev_info *devip) 5262 { 5263 struct sdeb_zone_state *zsp; 5264 sector_t capacity = get_sdebug_capacity(); 5265 sector_t conv_capacity; 5266 sector_t zstart = 0; 5267 unsigned int i; 5268 5269 /* 5270 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out 5271 * a zone size allowing for at least 4 zones on the device. Otherwise, 5272 * use the specified zone size checking that at least 2 zones can be 5273 * created for the device. 5274 */ 5275 if (!sdeb_zbc_zone_size_mb) { 5276 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M) 5277 >> ilog2(sdebug_sector_size); 5278 while (capacity < devip->zsize << 2 && devip->zsize >= 2) 5279 devip->zsize >>= 1; 5280 if (devip->zsize < 2) { 5281 pr_err("Device capacity too small\n"); 5282 return -EINVAL; 5283 } 5284 } else { 5285 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) { 5286 pr_err("Zone size is not a power of 2\n"); 5287 return -EINVAL; 5288 } 5289 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M) 5290 >> ilog2(sdebug_sector_size); 5291 if (devip->zsize >= capacity) { 5292 pr_err("Zone size too large for device capacity\n"); 5293 return -EINVAL; 5294 } 5295 } 5296 5297 devip->zsize_shift = ilog2(devip->zsize); 5298 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift; 5299 5300 if (sdeb_zbc_zone_cap_mb == 0) { 5301 devip->zcap = devip->zsize; 5302 } else { 5303 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >> 5304 ilog2(sdebug_sector_size); 5305 if (devip->zcap > devip->zsize) { 5306 pr_err("Zone capacity too large\n"); 5307 return -EINVAL; 5308 } 5309 } 5310 5311 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift; 5312 if (conv_capacity >= capacity) { 5313 pr_err("Number of conventional zones too large\n"); 5314 return -EINVAL; 5315 } 5316 devip->nr_conv_zones = sdeb_zbc_nr_conv; 5317 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >> 5318 devip->zsize_shift; 5319 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones; 5320 5321 /* Add gap zones if zone capacity is smaller than the zone size */ 5322 if (devip->zcap < devip->zsize) 5323 devip->nr_zones += devip->nr_seq_zones; 5324 5325 if (devip->zmodel == BLK_ZONED_HM) { 5326 /* zbc_max_open_zones can be 0, meaning "not reported" */ 5327 if (sdeb_zbc_max_open >= devip->nr_zones - 1) 5328 devip->max_open = (devip->nr_zones - 1) / 2; 5329 else 5330 devip->max_open = sdeb_zbc_max_open; 5331 } 5332 5333 devip->zstate = kcalloc(devip->nr_zones, 5334 sizeof(struct sdeb_zone_state), GFP_KERNEL); 5335 if (!devip->zstate) 5336 return -ENOMEM; 5337 5338 for (i = 0; i < devip->nr_zones; i++) { 5339 zsp = &devip->zstate[i]; 5340 5341 zsp->z_start = zstart; 5342 5343 if (i < devip->nr_conv_zones) { 5344 zsp->z_type = ZBC_ZTYPE_CNV; 5345 zsp->z_cond = ZBC_NOT_WRITE_POINTER; 5346 zsp->z_wp = (sector_t)-1; 5347 zsp->z_size = 5348 min_t(u64, devip->zsize, capacity - zstart); 5349 } else if ((zstart & (devip->zsize - 1)) == 0) { 5350 if (devip->zmodel == BLK_ZONED_HM) 5351 zsp->z_type = ZBC_ZTYPE_SWR; 5352 else 5353 zsp->z_type = ZBC_ZTYPE_SWP; 5354 zsp->z_cond = ZC1_EMPTY; 5355 zsp->z_wp = zsp->z_start; 5356 zsp->z_size = 5357 min_t(u64, devip->zcap, capacity - zstart); 5358 } else { 5359 zsp->z_type = ZBC_ZTYPE_GAP; 5360 zsp->z_cond = ZBC_NOT_WRITE_POINTER; 5361 zsp->z_wp = (sector_t)-1; 5362 zsp->z_size = min_t(u64, devip->zsize - devip->zcap, 5363 capacity - zstart); 5364 } 5365 5366 WARN_ON_ONCE((int)zsp->z_size <= 0); 5367 zstart += zsp->z_size; 5368 } 5369 5370 return 0; 5371 } 5372 5373 static struct sdebug_dev_info *sdebug_device_create( 5374 struct sdebug_host_info *sdbg_host, gfp_t flags) 5375 { 5376 struct sdebug_dev_info *devip; 5377 5378 devip = kzalloc(sizeof(*devip), flags); 5379 if (devip) { 5380 if (sdebug_uuid_ctl == 1) 5381 uuid_gen(&devip->lu_name); 5382 else if (sdebug_uuid_ctl == 2) { 5383 if (got_shared_uuid) 5384 devip->lu_name = shared_uuid; 5385 else { 5386 uuid_gen(&shared_uuid); 5387 got_shared_uuid = true; 5388 devip->lu_name = shared_uuid; 5389 } 5390 } 5391 devip->sdbg_host = sdbg_host; 5392 if (sdeb_zbc_in_use) { 5393 devip->zmodel = sdeb_zbc_model; 5394 if (sdebug_device_create_zones(devip)) { 5395 kfree(devip); 5396 return NULL; 5397 } 5398 } else { 5399 devip->zmodel = BLK_ZONED_NONE; 5400 } 5401 devip->create_ts = ktime_get_boottime(); 5402 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0)); 5403 spin_lock_init(&devip->list_lock); 5404 INIT_LIST_HEAD(&devip->inject_err_list); 5405 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list); 5406 } 5407 return devip; 5408 } 5409 5410 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev) 5411 { 5412 struct sdebug_host_info *sdbg_host; 5413 struct sdebug_dev_info *open_devip = NULL; 5414 struct sdebug_dev_info *devip; 5415 5416 sdbg_host = shost_to_sdebug_host(sdev->host); 5417 5418 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5419 if ((devip->used) && (devip->channel == sdev->channel) && 5420 (devip->target == sdev->id) && 5421 (devip->lun == sdev->lun)) 5422 return devip; 5423 else { 5424 if ((!devip->used) && (!open_devip)) 5425 open_devip = devip; 5426 } 5427 } 5428 if (!open_devip) { /* try and make a new one */ 5429 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC); 5430 if (!open_devip) { 5431 pr_err("out of memory at line %d\n", __LINE__); 5432 return NULL; 5433 } 5434 } 5435 5436 open_devip->channel = sdev->channel; 5437 open_devip->target = sdev->id; 5438 open_devip->lun = sdev->lun; 5439 open_devip->sdbg_host = sdbg_host; 5440 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm); 5441 open_devip->used = true; 5442 return open_devip; 5443 } 5444 5445 static int scsi_debug_slave_alloc(struct scsi_device *sdp) 5446 { 5447 if (sdebug_verbose) 5448 pr_info("slave_alloc <%u %u %u %llu>\n", 5449 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5450 5451 return 0; 5452 } 5453 5454 static int scsi_debug_slave_configure(struct scsi_device *sdp) 5455 { 5456 struct sdebug_dev_info *devip = 5457 (struct sdebug_dev_info *)sdp->hostdata; 5458 struct dentry *dentry; 5459 5460 if (sdebug_verbose) 5461 pr_info("slave_configure <%u %u %u %llu>\n", 5462 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5463 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN) 5464 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN; 5465 if (devip == NULL) { 5466 devip = find_build_dev_info(sdp); 5467 if (devip == NULL) 5468 return 1; /* no resources, will be marked offline */ 5469 } 5470 sdp->hostdata = devip; 5471 if (sdebug_no_uld) 5472 sdp->no_uld_attach = 1; 5473 config_cdb_len(sdp); 5474 5475 if (sdebug_allow_restart) 5476 sdp->allow_restart = 1; 5477 5478 devip->debugfs_entry = debugfs_create_dir(dev_name(&sdp->sdev_dev), 5479 sdebug_debugfs_root); 5480 if (IS_ERR_OR_NULL(devip->debugfs_entry)) 5481 pr_info("%s: failed to create debugfs directory for device %s\n", 5482 __func__, dev_name(&sdp->sdev_gendev)); 5483 5484 dentry = debugfs_create_file("error", 0600, devip->debugfs_entry, sdp, 5485 &sdebug_error_fops); 5486 if (IS_ERR_OR_NULL(dentry)) 5487 pr_info("%s: failed to create error file for device %s\n", 5488 __func__, dev_name(&sdp->sdev_gendev)); 5489 5490 return 0; 5491 } 5492 5493 static void scsi_debug_slave_destroy(struct scsi_device *sdp) 5494 { 5495 struct sdebug_dev_info *devip = 5496 (struct sdebug_dev_info *)sdp->hostdata; 5497 struct sdebug_err_inject *err; 5498 5499 if (sdebug_verbose) 5500 pr_info("slave_destroy <%u %u %u %llu>\n", 5501 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun); 5502 5503 if (!devip) 5504 return; 5505 5506 spin_lock(&devip->list_lock); 5507 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 5508 list_del_rcu(&err->list); 5509 call_rcu(&err->rcu, sdebug_err_free); 5510 } 5511 spin_unlock(&devip->list_lock); 5512 5513 debugfs_remove(devip->debugfs_entry); 5514 5515 /* make this slot available for re-use */ 5516 devip->used = false; 5517 sdp->hostdata = NULL; 5518 } 5519 5520 /* Returns true if we require the queued memory to be freed by the caller. */ 5521 static bool stop_qc_helper(struct sdebug_defer *sd_dp, 5522 enum sdeb_defer_type defer_t) 5523 { 5524 if (defer_t == SDEB_DEFER_HRT) { 5525 int res = hrtimer_try_to_cancel(&sd_dp->hrt); 5526 5527 switch (res) { 5528 case 0: /* Not active, it must have already run */ 5529 case -1: /* -1 It's executing the CB */ 5530 return false; 5531 case 1: /* Was active, we've now cancelled */ 5532 default: 5533 return true; 5534 } 5535 } else if (defer_t == SDEB_DEFER_WQ) { 5536 /* Cancel if pending */ 5537 if (cancel_work_sync(&sd_dp->ew.work)) 5538 return true; 5539 /* Was not pending, so it must have run */ 5540 return false; 5541 } else if (defer_t == SDEB_DEFER_POLL) { 5542 return true; 5543 } 5544 5545 return false; 5546 } 5547 5548 5549 static bool scsi_debug_stop_cmnd(struct scsi_cmnd *cmnd) 5550 { 5551 enum sdeb_defer_type l_defer_t; 5552 struct sdebug_defer *sd_dp; 5553 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5554 struct sdebug_queued_cmd *sqcp = TO_QUEUED_CMD(cmnd); 5555 5556 lockdep_assert_held(&sdsc->lock); 5557 5558 if (!sqcp) 5559 return false; 5560 sd_dp = &sqcp->sd_dp; 5561 l_defer_t = READ_ONCE(sd_dp->defer_t); 5562 ASSIGN_QUEUED_CMD(cmnd, NULL); 5563 5564 if (stop_qc_helper(sd_dp, l_defer_t)) 5565 sdebug_free_queued_cmd(sqcp); 5566 5567 return true; 5568 } 5569 5570 /* 5571 * Called from scsi_debug_abort() only, which is for timed-out cmd. 5572 */ 5573 static bool scsi_debug_abort_cmnd(struct scsi_cmnd *cmnd) 5574 { 5575 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5576 unsigned long flags; 5577 bool res; 5578 5579 spin_lock_irqsave(&sdsc->lock, flags); 5580 res = scsi_debug_stop_cmnd(cmnd); 5581 spin_unlock_irqrestore(&sdsc->lock, flags); 5582 5583 return res; 5584 } 5585 5586 /* 5587 * All we can do is set the cmnd as internally aborted and wait for it to 5588 * finish. We cannot call scsi_done() as normal completion path may do that. 5589 */ 5590 static bool sdebug_stop_cmnd(struct request *rq, void *data) 5591 { 5592 scsi_debug_abort_cmnd(blk_mq_rq_to_pdu(rq)); 5593 5594 return true; 5595 } 5596 5597 /* Deletes (stops) timers or work queues of all queued commands */ 5598 static void stop_all_queued(void) 5599 { 5600 struct sdebug_host_info *sdhp; 5601 5602 mutex_lock(&sdebug_host_list_mutex); 5603 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 5604 struct Scsi_Host *shost = sdhp->shost; 5605 5606 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_stop_cmnd, NULL); 5607 } 5608 mutex_unlock(&sdebug_host_list_mutex); 5609 } 5610 5611 static int sdebug_fail_abort(struct scsi_cmnd *cmnd) 5612 { 5613 struct scsi_device *sdp = cmnd->device; 5614 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 5615 struct sdebug_err_inject *err; 5616 unsigned char *cmd = cmnd->cmnd; 5617 int ret = 0; 5618 5619 if (devip == NULL) 5620 return 0; 5621 5622 rcu_read_lock(); 5623 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 5624 if (err->type == ERR_ABORT_CMD_FAILED && 5625 (err->cmd == cmd[0] || err->cmd == 0xff)) { 5626 ret = !!err->cnt; 5627 if (err->cnt < 0) 5628 err->cnt++; 5629 5630 rcu_read_unlock(); 5631 return ret; 5632 } 5633 } 5634 rcu_read_unlock(); 5635 5636 return 0; 5637 } 5638 5639 static int scsi_debug_abort(struct scsi_cmnd *SCpnt) 5640 { 5641 bool ok = scsi_debug_abort_cmnd(SCpnt); 5642 u8 *cmd = SCpnt->cmnd; 5643 u8 opcode = cmd[0]; 5644 5645 ++num_aborts; 5646 5647 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5648 sdev_printk(KERN_INFO, SCpnt->device, 5649 "%s: command%s found\n", __func__, 5650 ok ? "" : " not"); 5651 5652 if (sdebug_fail_abort(SCpnt)) { 5653 scmd_printk(KERN_INFO, SCpnt, "fail abort command 0x%x\n", 5654 opcode); 5655 return FAILED; 5656 } 5657 5658 return SUCCESS; 5659 } 5660 5661 static bool scsi_debug_stop_all_queued_iter(struct request *rq, void *data) 5662 { 5663 struct scsi_device *sdp = data; 5664 struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(rq); 5665 5666 if (scmd->device == sdp) 5667 scsi_debug_abort_cmnd(scmd); 5668 5669 return true; 5670 } 5671 5672 /* Deletes (stops) timers or work queues of all queued commands per sdev */ 5673 static void scsi_debug_stop_all_queued(struct scsi_device *sdp) 5674 { 5675 struct Scsi_Host *shost = sdp->host; 5676 5677 blk_mq_tagset_busy_iter(&shost->tag_set, 5678 scsi_debug_stop_all_queued_iter, sdp); 5679 } 5680 5681 static int sdebug_fail_lun_reset(struct scsi_cmnd *cmnd) 5682 { 5683 struct scsi_device *sdp = cmnd->device; 5684 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 5685 struct sdebug_err_inject *err; 5686 unsigned char *cmd = cmnd->cmnd; 5687 int ret = 0; 5688 5689 if (devip == NULL) 5690 return 0; 5691 5692 rcu_read_lock(); 5693 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 5694 if (err->type == ERR_LUN_RESET_FAILED && 5695 (err->cmd == cmd[0] || err->cmd == 0xff)) { 5696 ret = !!err->cnt; 5697 if (err->cnt < 0) 5698 err->cnt++; 5699 5700 rcu_read_unlock(); 5701 return ret; 5702 } 5703 } 5704 rcu_read_unlock(); 5705 5706 return 0; 5707 } 5708 5709 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt) 5710 { 5711 struct scsi_device *sdp = SCpnt->device; 5712 struct sdebug_dev_info *devip = sdp->hostdata; 5713 u8 *cmd = SCpnt->cmnd; 5714 u8 opcode = cmd[0]; 5715 5716 ++num_dev_resets; 5717 5718 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5719 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5720 5721 scsi_debug_stop_all_queued(sdp); 5722 if (devip) 5723 set_bit(SDEBUG_UA_POR, devip->uas_bm); 5724 5725 if (sdebug_fail_lun_reset(SCpnt)) { 5726 scmd_printk(KERN_INFO, SCpnt, "fail lun reset 0x%x\n", opcode); 5727 return FAILED; 5728 } 5729 5730 return SUCCESS; 5731 } 5732 5733 static int sdebug_fail_target_reset(struct scsi_cmnd *cmnd) 5734 { 5735 struct scsi_target *starget = scsi_target(cmnd->device); 5736 struct sdebug_target_info *targetip = 5737 (struct sdebug_target_info *)starget->hostdata; 5738 5739 if (targetip) 5740 return targetip->reset_fail; 5741 5742 return 0; 5743 } 5744 5745 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt) 5746 { 5747 struct scsi_device *sdp = SCpnt->device; 5748 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host); 5749 struct sdebug_dev_info *devip; 5750 u8 *cmd = SCpnt->cmnd; 5751 u8 opcode = cmd[0]; 5752 int k = 0; 5753 5754 ++num_target_resets; 5755 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5756 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5757 5758 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5759 if (devip->target == sdp->id) { 5760 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5761 ++k; 5762 } 5763 } 5764 5765 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5766 sdev_printk(KERN_INFO, sdp, 5767 "%s: %d device(s) found in target\n", __func__, k); 5768 5769 if (sdebug_fail_target_reset(SCpnt)) { 5770 scmd_printk(KERN_INFO, SCpnt, "fail target reset 0x%x\n", 5771 opcode); 5772 return FAILED; 5773 } 5774 5775 return SUCCESS; 5776 } 5777 5778 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt) 5779 { 5780 struct scsi_device *sdp = SCpnt->device; 5781 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host); 5782 struct sdebug_dev_info *devip; 5783 int k = 0; 5784 5785 ++num_bus_resets; 5786 5787 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5788 sdev_printk(KERN_INFO, sdp, "%s\n", __func__); 5789 5790 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) { 5791 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5792 ++k; 5793 } 5794 5795 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5796 sdev_printk(KERN_INFO, sdp, 5797 "%s: %d device(s) found in host\n", __func__, k); 5798 return SUCCESS; 5799 } 5800 5801 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt) 5802 { 5803 struct sdebug_host_info *sdbg_host; 5804 struct sdebug_dev_info *devip; 5805 int k = 0; 5806 5807 ++num_host_resets; 5808 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts) 5809 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__); 5810 mutex_lock(&sdebug_host_list_mutex); 5811 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) { 5812 list_for_each_entry(devip, &sdbg_host->dev_info_list, 5813 dev_list) { 5814 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm); 5815 ++k; 5816 } 5817 } 5818 mutex_unlock(&sdebug_host_list_mutex); 5819 stop_all_queued(); 5820 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts) 5821 sdev_printk(KERN_INFO, SCpnt->device, 5822 "%s: %d device(s) found\n", __func__, k); 5823 return SUCCESS; 5824 } 5825 5826 static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size) 5827 { 5828 struct msdos_partition *pp; 5829 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs; 5830 int sectors_per_part, num_sectors, k; 5831 int heads_by_sects, start_sec, end_sec; 5832 5833 /* assume partition table already zeroed */ 5834 if ((sdebug_num_parts < 1) || (store_size < 1048576)) 5835 return; 5836 if (sdebug_num_parts > SDEBUG_MAX_PARTS) { 5837 sdebug_num_parts = SDEBUG_MAX_PARTS; 5838 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS); 5839 } 5840 num_sectors = (int)get_sdebug_capacity(); 5841 sectors_per_part = (num_sectors - sdebug_sectors_per) 5842 / sdebug_num_parts; 5843 heads_by_sects = sdebug_heads * sdebug_sectors_per; 5844 starts[0] = sdebug_sectors_per; 5845 max_part_secs = sectors_per_part; 5846 for (k = 1; k < sdebug_num_parts; ++k) { 5847 starts[k] = ((k * sectors_per_part) / heads_by_sects) 5848 * heads_by_sects; 5849 if (starts[k] - starts[k - 1] < max_part_secs) 5850 max_part_secs = starts[k] - starts[k - 1]; 5851 } 5852 starts[sdebug_num_parts] = num_sectors; 5853 starts[sdebug_num_parts + 1] = 0; 5854 5855 ramp[510] = 0x55; /* magic partition markings */ 5856 ramp[511] = 0xAA; 5857 pp = (struct msdos_partition *)(ramp + 0x1be); 5858 for (k = 0; starts[k + 1]; ++k, ++pp) { 5859 start_sec = starts[k]; 5860 end_sec = starts[k] + max_part_secs - 1; 5861 pp->boot_ind = 0; 5862 5863 pp->cyl = start_sec / heads_by_sects; 5864 pp->head = (start_sec - (pp->cyl * heads_by_sects)) 5865 / sdebug_sectors_per; 5866 pp->sector = (start_sec % sdebug_sectors_per) + 1; 5867 5868 pp->end_cyl = end_sec / heads_by_sects; 5869 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects)) 5870 / sdebug_sectors_per; 5871 pp->end_sector = (end_sec % sdebug_sectors_per) + 1; 5872 5873 pp->start_sect = cpu_to_le32(start_sec); 5874 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1); 5875 pp->sys_ind = 0x83; /* plain Linux partition */ 5876 } 5877 } 5878 5879 static void block_unblock_all_queues(bool block) 5880 { 5881 struct sdebug_host_info *sdhp; 5882 5883 lockdep_assert_held(&sdebug_host_list_mutex); 5884 5885 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 5886 struct Scsi_Host *shost = sdhp->shost; 5887 5888 if (block) 5889 scsi_block_requests(shost); 5890 else 5891 scsi_unblock_requests(shost); 5892 } 5893 } 5894 5895 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1 5896 * commands will be processed normally before triggers occur. 5897 */ 5898 static void tweak_cmnd_count(void) 5899 { 5900 int count, modulo; 5901 5902 modulo = abs(sdebug_every_nth); 5903 if (modulo < 2) 5904 return; 5905 5906 mutex_lock(&sdebug_host_list_mutex); 5907 block_unblock_all_queues(true); 5908 count = atomic_read(&sdebug_cmnd_count); 5909 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo); 5910 block_unblock_all_queues(false); 5911 mutex_unlock(&sdebug_host_list_mutex); 5912 } 5913 5914 static void clear_queue_stats(void) 5915 { 5916 atomic_set(&sdebug_cmnd_count, 0); 5917 atomic_set(&sdebug_completions, 0); 5918 atomic_set(&sdebug_miss_cpus, 0); 5919 atomic_set(&sdebug_a_tsf, 0); 5920 } 5921 5922 static bool inject_on_this_cmd(void) 5923 { 5924 if (sdebug_every_nth == 0) 5925 return false; 5926 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0; 5927 } 5928 5929 #define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */ 5930 5931 5932 void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp) 5933 { 5934 if (sqcp) 5935 kmem_cache_free(queued_cmd_cache, sqcp); 5936 } 5937 5938 static struct sdebug_queued_cmd *sdebug_alloc_queued_cmd(struct scsi_cmnd *scmd) 5939 { 5940 struct sdebug_queued_cmd *sqcp; 5941 struct sdebug_defer *sd_dp; 5942 5943 sqcp = kmem_cache_zalloc(queued_cmd_cache, GFP_ATOMIC); 5944 if (!sqcp) 5945 return NULL; 5946 5947 sd_dp = &sqcp->sd_dp; 5948 5949 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED); 5950 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete; 5951 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete); 5952 5953 sqcp->scmd = scmd; 5954 5955 return sqcp; 5956 } 5957 5958 /* Complete the processing of the thread that queued a SCSI command to this 5959 * driver. It either completes the command by calling cmnd_done() or 5960 * schedules a hr timer or work queue then returns 0. Returns 5961 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources. 5962 */ 5963 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip, 5964 int scsi_result, 5965 int (*pfp)(struct scsi_cmnd *, 5966 struct sdebug_dev_info *), 5967 int delta_jiff, int ndelay) 5968 { 5969 struct request *rq = scsi_cmd_to_rq(cmnd); 5970 bool polled = rq->cmd_flags & REQ_POLLED; 5971 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd); 5972 unsigned long flags; 5973 u64 ns_from_boot = 0; 5974 struct sdebug_queued_cmd *sqcp; 5975 struct scsi_device *sdp; 5976 struct sdebug_defer *sd_dp; 5977 5978 if (unlikely(devip == NULL)) { 5979 if (scsi_result == 0) 5980 scsi_result = DID_NO_CONNECT << 16; 5981 goto respond_in_thread; 5982 } 5983 sdp = cmnd->device; 5984 5985 if (delta_jiff == 0) 5986 goto respond_in_thread; 5987 5988 5989 if (unlikely(sdebug_every_nth && (SDEBUG_OPT_RARE_TSF & sdebug_opts) && 5990 (scsi_result == 0))) { 5991 int num_in_q = scsi_device_busy(sdp); 5992 int qdepth = cmnd->device->queue_depth; 5993 5994 if ((num_in_q == qdepth) && 5995 (atomic_inc_return(&sdebug_a_tsf) >= 5996 abs(sdebug_every_nth))) { 5997 atomic_set(&sdebug_a_tsf, 0); 5998 scsi_result = device_qfull_result; 5999 6000 if (unlikely(SDEBUG_OPT_Q_NOISE & sdebug_opts)) 6001 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, <inject> status: TASK SET FULL\n", 6002 __func__, num_in_q); 6003 } 6004 } 6005 6006 sqcp = sdebug_alloc_queued_cmd(cmnd); 6007 if (!sqcp) { 6008 pr_err("%s no alloc\n", __func__); 6009 return SCSI_MLQUEUE_HOST_BUSY; 6010 } 6011 sd_dp = &sqcp->sd_dp; 6012 6013 if (polled) 6014 ns_from_boot = ktime_get_boottime_ns(); 6015 6016 /* one of the resp_*() response functions is called here */ 6017 cmnd->result = pfp ? pfp(cmnd, devip) : 0; 6018 if (cmnd->result & SDEG_RES_IMMED_MASK) { 6019 cmnd->result &= ~SDEG_RES_IMMED_MASK; 6020 delta_jiff = ndelay = 0; 6021 } 6022 if (cmnd->result == 0 && scsi_result != 0) 6023 cmnd->result = scsi_result; 6024 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) { 6025 if (atomic_read(&sdeb_inject_pending)) { 6026 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO); 6027 atomic_set(&sdeb_inject_pending, 0); 6028 cmnd->result = check_condition_result; 6029 } 6030 } 6031 6032 if (unlikely(sdebug_verbose && cmnd->result)) 6033 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n", 6034 __func__, cmnd->result); 6035 6036 if (delta_jiff > 0 || ndelay > 0) { 6037 ktime_t kt; 6038 6039 if (delta_jiff > 0) { 6040 u64 ns = jiffies_to_nsecs(delta_jiff); 6041 6042 if (sdebug_random && ns < U32_MAX) { 6043 ns = get_random_u32_below((u32)ns); 6044 } else if (sdebug_random) { 6045 ns >>= 12; /* scale to 4 usec precision */ 6046 if (ns < U32_MAX) /* over 4 hours max */ 6047 ns = get_random_u32_below((u32)ns); 6048 ns <<= 12; 6049 } 6050 kt = ns_to_ktime(ns); 6051 } else { /* ndelay has a 4.2 second max */ 6052 kt = sdebug_random ? get_random_u32_below((u32)ndelay) : 6053 (u32)ndelay; 6054 if (ndelay < INCLUSIVE_TIMING_MAX_NS) { 6055 u64 d = ktime_get_boottime_ns() - ns_from_boot; 6056 6057 if (kt <= d) { /* elapsed duration >= kt */ 6058 /* call scsi_done() from this thread */ 6059 sdebug_free_queued_cmd(sqcp); 6060 scsi_done(cmnd); 6061 return 0; 6062 } 6063 /* otherwise reduce kt by elapsed time */ 6064 kt -= d; 6065 } 6066 } 6067 if (sdebug_statistics) 6068 sd_dp->issuing_cpu = raw_smp_processor_id(); 6069 if (polled) { 6070 spin_lock_irqsave(&sdsc->lock, flags); 6071 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt); 6072 ASSIGN_QUEUED_CMD(cmnd, sqcp); 6073 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL); 6074 spin_unlock_irqrestore(&sdsc->lock, flags); 6075 } else { 6076 /* schedule the invocation of scsi_done() for a later time */ 6077 spin_lock_irqsave(&sdsc->lock, flags); 6078 ASSIGN_QUEUED_CMD(cmnd, sqcp); 6079 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT); 6080 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED); 6081 /* 6082 * The completion handler will try to grab sqcp->lock, 6083 * so there is no chance that the completion handler 6084 * will call scsi_done() until we release the lock 6085 * here (so ok to keep referencing sdsc). 6086 */ 6087 spin_unlock_irqrestore(&sdsc->lock, flags); 6088 } 6089 } else { /* jdelay < 0, use work queue */ 6090 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) && 6091 atomic_read(&sdeb_inject_pending))) { 6092 sd_dp->aborted = true; 6093 atomic_set(&sdeb_inject_pending, 0); 6094 sdev_printk(KERN_INFO, sdp, "abort request tag=%#x\n", 6095 blk_mq_unique_tag_to_tag(get_tag(cmnd))); 6096 } 6097 6098 if (sdebug_statistics) 6099 sd_dp->issuing_cpu = raw_smp_processor_id(); 6100 if (polled) { 6101 spin_lock_irqsave(&sdsc->lock, flags); 6102 ASSIGN_QUEUED_CMD(cmnd, sqcp); 6103 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot); 6104 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL); 6105 spin_unlock_irqrestore(&sdsc->lock, flags); 6106 } else { 6107 spin_lock_irqsave(&sdsc->lock, flags); 6108 ASSIGN_QUEUED_CMD(cmnd, sqcp); 6109 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ); 6110 schedule_work(&sd_dp->ew.work); 6111 spin_unlock_irqrestore(&sdsc->lock, flags); 6112 } 6113 } 6114 6115 return 0; 6116 6117 respond_in_thread: /* call back to mid-layer using invocation thread */ 6118 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0; 6119 cmnd->result &= ~SDEG_RES_IMMED_MASK; 6120 if (cmnd->result == 0 && scsi_result != 0) 6121 cmnd->result = scsi_result; 6122 scsi_done(cmnd); 6123 return 0; 6124 } 6125 6126 /* Note: The following macros create attribute files in the 6127 /sys/module/scsi_debug/parameters directory. Unfortunately this 6128 driver is unaware of a change and cannot trigger auxiliary actions 6129 as it can when the corresponding attribute in the 6130 /sys/bus/pseudo/drivers/scsi_debug directory is changed. 6131 */ 6132 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR); 6133 module_param_named(ato, sdebug_ato, int, S_IRUGO); 6134 module_param_named(cdb_len, sdebug_cdb_len, int, 0644); 6135 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR); 6136 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR); 6137 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO); 6138 module_param_named(dif, sdebug_dif, int, S_IRUGO); 6139 module_param_named(dix, sdebug_dix, int, S_IRUGO); 6140 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR); 6141 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR); 6142 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR); 6143 module_param_named(guard, sdebug_guard, uint, S_IRUGO); 6144 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR); 6145 module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO); 6146 module_param_string(inq_product, sdebug_inq_product_id, 6147 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR); 6148 module_param_string(inq_rev, sdebug_inq_product_rev, 6149 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR); 6150 module_param_string(inq_vendor, sdebug_inq_vendor_id, 6151 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR); 6152 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO); 6153 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO); 6154 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO); 6155 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO); 6156 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO); 6157 module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR); 6158 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR); 6159 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR); 6160 module_param_named(medium_error_count, sdebug_medium_error_count, int, 6161 S_IRUGO | S_IWUSR); 6162 module_param_named(medium_error_start, sdebug_medium_error_start, int, 6163 S_IRUGO | S_IWUSR); 6164 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR); 6165 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR); 6166 module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR); 6167 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO); 6168 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO); 6169 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR); 6170 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO); 6171 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO); 6172 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR); 6173 module_param_named(per_host_store, sdebug_per_host_store, bool, 6174 S_IRUGO | S_IWUSR); 6175 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO); 6176 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR); 6177 module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR); 6178 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR); 6179 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO); 6180 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO); 6181 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR); 6182 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR); 6183 module_param_named(submit_queues, submit_queues, int, S_IRUGO); 6184 module_param_named(poll_queues, poll_queues, int, S_IRUGO); 6185 module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO); 6186 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO); 6187 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO); 6188 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO); 6189 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO); 6190 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO); 6191 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR); 6192 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int, 6193 S_IRUGO | S_IWUSR); 6194 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR); 6195 module_param_named(write_same_length, sdebug_write_same_length, int, 6196 S_IRUGO | S_IWUSR); 6197 module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO); 6198 module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO); 6199 module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO); 6200 module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO); 6201 module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO); 6202 module_param_named(allow_restart, sdebug_allow_restart, bool, S_IRUGO | S_IWUSR); 6203 6204 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert"); 6205 MODULE_DESCRIPTION("SCSI debug adapter driver"); 6206 MODULE_LICENSE("GPL"); 6207 MODULE_VERSION(SDEBUG_VERSION); 6208 6209 MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)"); 6210 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)"); 6211 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)"); 6212 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)"); 6213 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny"); 6214 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)"); 6215 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)"); 6216 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)"); 6217 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)"); 6218 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)"); 6219 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)"); 6220 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)"); 6221 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)"); 6222 MODULE_PARM_DESC(host_max_queue, 6223 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])"); 6224 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")"); 6225 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\"" 6226 SDEBUG_VERSION "\")"); 6227 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")"); 6228 MODULE_PARM_DESC(lbprz, 6229 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2"); 6230 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)"); 6231 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)"); 6232 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)"); 6233 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)"); 6234 MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method"); 6235 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)"); 6236 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))"); 6237 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error"); 6238 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error"); 6239 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)"); 6240 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)"); 6241 MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)"); 6242 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))"); 6243 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)"); 6244 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)"); 6245 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)"); 6246 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)"); 6247 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)"); 6248 MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)"); 6249 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)"); 6250 MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))"); 6251 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])"); 6252 MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns"); 6253 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)"); 6254 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])"); 6255 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)"); 6256 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)"); 6257 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)"); 6258 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)"); 6259 MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)"); 6260 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)"); 6261 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)"); 6262 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)"); 6263 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)"); 6264 MODULE_PARM_DESC(uuid_ctl, 6265 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)"); 6266 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)"); 6267 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)"); 6268 MODULE_PARM_DESC(wp, "Write Protect (def=0)"); 6269 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)"); 6270 MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix"); 6271 MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)"); 6272 MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)"); 6273 MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)"); 6274 MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)"); 6275 MODULE_PARM_DESC(allow_restart, "Set scsi_device's allow_restart flag(def=0)"); 6276 6277 #define SDEBUG_INFO_LEN 256 6278 static char sdebug_info[SDEBUG_INFO_LEN]; 6279 6280 static const char *scsi_debug_info(struct Scsi_Host *shp) 6281 { 6282 int k; 6283 6284 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n", 6285 my_name, SDEBUG_VERSION, sdebug_version_date); 6286 if (k >= (SDEBUG_INFO_LEN - 1)) 6287 return sdebug_info; 6288 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k, 6289 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d", 6290 sdebug_dev_size_mb, sdebug_opts, submit_queues, 6291 "statistics", (int)sdebug_statistics); 6292 return sdebug_info; 6293 } 6294 6295 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */ 6296 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, 6297 int length) 6298 { 6299 char arr[16]; 6300 int opts; 6301 int minLen = length > 15 ? 15 : length; 6302 6303 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 6304 return -EACCES; 6305 memcpy(arr, buffer, minLen); 6306 arr[minLen] = '\0'; 6307 if (1 != sscanf(arr, "%d", &opts)) 6308 return -EINVAL; 6309 sdebug_opts = opts; 6310 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 6311 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 6312 if (sdebug_every_nth != 0) 6313 tweak_cmnd_count(); 6314 return length; 6315 } 6316 6317 struct sdebug_submit_queue_data { 6318 int *first; 6319 int *last; 6320 int queue_num; 6321 }; 6322 6323 static bool sdebug_submit_queue_iter(struct request *rq, void *opaque) 6324 { 6325 struct sdebug_submit_queue_data *data = opaque; 6326 u32 unique_tag = blk_mq_unique_tag(rq); 6327 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag); 6328 u16 tag = blk_mq_unique_tag_to_tag(unique_tag); 6329 int queue_num = data->queue_num; 6330 6331 if (hwq != queue_num) 6332 return true; 6333 6334 /* Rely on iter'ing in ascending tag order */ 6335 if (*data->first == -1) 6336 *data->first = *data->last = tag; 6337 else 6338 *data->last = tag; 6339 6340 return true; 6341 } 6342 6343 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the 6344 * same for each scsi_debug host (if more than one). Some of the counters 6345 * output are not atomics so might be inaccurate in a busy system. */ 6346 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host) 6347 { 6348 struct sdebug_host_info *sdhp; 6349 int j; 6350 6351 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n", 6352 SDEBUG_VERSION, sdebug_version_date); 6353 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n", 6354 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb, 6355 sdebug_opts, sdebug_every_nth); 6356 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n", 6357 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns, 6358 sdebug_sector_size, "bytes"); 6359 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n", 6360 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per, 6361 num_aborts); 6362 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n", 6363 num_dev_resets, num_target_resets, num_bus_resets, 6364 num_host_resets); 6365 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n", 6366 dix_reads, dix_writes, dif_errors); 6367 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000, 6368 sdebug_statistics); 6369 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n", 6370 atomic_read(&sdebug_cmnd_count), 6371 atomic_read(&sdebug_completions), 6372 "miss_cpus", atomic_read(&sdebug_miss_cpus), 6373 atomic_read(&sdebug_a_tsf), 6374 atomic_read(&sdeb_mq_poll_count)); 6375 6376 seq_printf(m, "submit_queues=%d\n", submit_queues); 6377 for (j = 0; j < submit_queues; ++j) { 6378 int f = -1, l = -1; 6379 struct sdebug_submit_queue_data data = { 6380 .queue_num = j, 6381 .first = &f, 6382 .last = &l, 6383 }; 6384 seq_printf(m, " queue %d:\n", j); 6385 blk_mq_tagset_busy_iter(&host->tag_set, sdebug_submit_queue_iter, 6386 &data); 6387 if (f >= 0) { 6388 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n", 6389 "first,last bits", f, l); 6390 } 6391 } 6392 6393 seq_printf(m, "this host_no=%d\n", host->host_no); 6394 if (!xa_empty(per_store_ap)) { 6395 bool niu; 6396 int idx; 6397 unsigned long l_idx; 6398 struct sdeb_store_info *sip; 6399 6400 seq_puts(m, "\nhost list:\n"); 6401 j = 0; 6402 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6403 idx = sdhp->si_idx; 6404 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j, 6405 sdhp->shost->host_no, idx); 6406 ++j; 6407 } 6408 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n", 6409 sdeb_most_recent_idx); 6410 j = 0; 6411 xa_for_each(per_store_ap, l_idx, sip) { 6412 niu = xa_get_mark(per_store_ap, l_idx, 6413 SDEB_XA_NOT_IN_USE); 6414 idx = (int)l_idx; 6415 seq_printf(m, " %d: idx=%d%s\n", j, idx, 6416 (niu ? " not_in_use" : "")); 6417 ++j; 6418 } 6419 } 6420 return 0; 6421 } 6422 6423 static ssize_t delay_show(struct device_driver *ddp, char *buf) 6424 { 6425 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay); 6426 } 6427 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit 6428 * of delay is jiffies. 6429 */ 6430 static ssize_t delay_store(struct device_driver *ddp, const char *buf, 6431 size_t count) 6432 { 6433 int jdelay, res; 6434 6435 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) { 6436 res = count; 6437 if (sdebug_jdelay != jdelay) { 6438 struct sdebug_host_info *sdhp; 6439 6440 mutex_lock(&sdebug_host_list_mutex); 6441 block_unblock_all_queues(true); 6442 6443 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6444 struct Scsi_Host *shost = sdhp->shost; 6445 6446 if (scsi_host_busy(shost)) { 6447 res = -EBUSY; /* queued commands */ 6448 break; 6449 } 6450 } 6451 if (res > 0) { 6452 sdebug_jdelay = jdelay; 6453 sdebug_ndelay = 0; 6454 } 6455 block_unblock_all_queues(false); 6456 mutex_unlock(&sdebug_host_list_mutex); 6457 } 6458 return res; 6459 } 6460 return -EINVAL; 6461 } 6462 static DRIVER_ATTR_RW(delay); 6463 6464 static ssize_t ndelay_show(struct device_driver *ddp, char *buf) 6465 { 6466 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay); 6467 } 6468 /* Returns -EBUSY if ndelay is being changed and commands are queued */ 6469 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */ 6470 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf, 6471 size_t count) 6472 { 6473 int ndelay, res; 6474 6475 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) && 6476 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) { 6477 res = count; 6478 if (sdebug_ndelay != ndelay) { 6479 struct sdebug_host_info *sdhp; 6480 6481 mutex_lock(&sdebug_host_list_mutex); 6482 block_unblock_all_queues(true); 6483 6484 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6485 struct Scsi_Host *shost = sdhp->shost; 6486 6487 if (scsi_host_busy(shost)) { 6488 res = -EBUSY; /* queued commands */ 6489 break; 6490 } 6491 } 6492 6493 if (res > 0) { 6494 sdebug_ndelay = ndelay; 6495 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN 6496 : DEF_JDELAY; 6497 } 6498 block_unblock_all_queues(false); 6499 mutex_unlock(&sdebug_host_list_mutex); 6500 } 6501 return res; 6502 } 6503 return -EINVAL; 6504 } 6505 static DRIVER_ATTR_RW(ndelay); 6506 6507 static ssize_t opts_show(struct device_driver *ddp, char *buf) 6508 { 6509 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts); 6510 } 6511 6512 static ssize_t opts_store(struct device_driver *ddp, const char *buf, 6513 size_t count) 6514 { 6515 int opts; 6516 char work[20]; 6517 6518 if (sscanf(buf, "%10s", work) == 1) { 6519 if (strncasecmp(work, "0x", 2) == 0) { 6520 if (kstrtoint(work + 2, 16, &opts) == 0) 6521 goto opts_done; 6522 } else { 6523 if (kstrtoint(work, 10, &opts) == 0) 6524 goto opts_done; 6525 } 6526 } 6527 return -EINVAL; 6528 opts_done: 6529 sdebug_opts = opts; 6530 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts); 6531 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts); 6532 tweak_cmnd_count(); 6533 return count; 6534 } 6535 static DRIVER_ATTR_RW(opts); 6536 6537 static ssize_t ptype_show(struct device_driver *ddp, char *buf) 6538 { 6539 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype); 6540 } 6541 static ssize_t ptype_store(struct device_driver *ddp, const char *buf, 6542 size_t count) 6543 { 6544 int n; 6545 6546 /* Cannot change from or to TYPE_ZBC with sysfs */ 6547 if (sdebug_ptype == TYPE_ZBC) 6548 return -EINVAL; 6549 6550 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6551 if (n == TYPE_ZBC) 6552 return -EINVAL; 6553 sdebug_ptype = n; 6554 return count; 6555 } 6556 return -EINVAL; 6557 } 6558 static DRIVER_ATTR_RW(ptype); 6559 6560 static ssize_t dsense_show(struct device_driver *ddp, char *buf) 6561 { 6562 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense); 6563 } 6564 static ssize_t dsense_store(struct device_driver *ddp, const char *buf, 6565 size_t count) 6566 { 6567 int n; 6568 6569 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6570 sdebug_dsense = n; 6571 return count; 6572 } 6573 return -EINVAL; 6574 } 6575 static DRIVER_ATTR_RW(dsense); 6576 6577 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf) 6578 { 6579 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw); 6580 } 6581 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf, 6582 size_t count) 6583 { 6584 int n, idx; 6585 6586 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6587 bool want_store = (n == 0); 6588 struct sdebug_host_info *sdhp; 6589 6590 n = (n > 0); 6591 sdebug_fake_rw = (sdebug_fake_rw > 0); 6592 if (sdebug_fake_rw == n) 6593 return count; /* not transitioning so do nothing */ 6594 6595 if (want_store) { /* 1 --> 0 transition, set up store */ 6596 if (sdeb_first_idx < 0) { 6597 idx = sdebug_add_store(); 6598 if (idx < 0) 6599 return idx; 6600 } else { 6601 idx = sdeb_first_idx; 6602 xa_clear_mark(per_store_ap, idx, 6603 SDEB_XA_NOT_IN_USE); 6604 } 6605 /* make all hosts use same store */ 6606 list_for_each_entry(sdhp, &sdebug_host_list, 6607 host_list) { 6608 if (sdhp->si_idx != idx) { 6609 xa_set_mark(per_store_ap, sdhp->si_idx, 6610 SDEB_XA_NOT_IN_USE); 6611 sdhp->si_idx = idx; 6612 } 6613 } 6614 sdeb_most_recent_idx = idx; 6615 } else { /* 0 --> 1 transition is trigger for shrink */ 6616 sdebug_erase_all_stores(true /* apart from first */); 6617 } 6618 sdebug_fake_rw = n; 6619 return count; 6620 } 6621 return -EINVAL; 6622 } 6623 static DRIVER_ATTR_RW(fake_rw); 6624 6625 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf) 6626 { 6627 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0); 6628 } 6629 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf, 6630 size_t count) 6631 { 6632 int n; 6633 6634 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6635 sdebug_no_lun_0 = n; 6636 return count; 6637 } 6638 return -EINVAL; 6639 } 6640 static DRIVER_ATTR_RW(no_lun_0); 6641 6642 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf) 6643 { 6644 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts); 6645 } 6646 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf, 6647 size_t count) 6648 { 6649 int n; 6650 6651 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6652 sdebug_num_tgts = n; 6653 sdebug_max_tgts_luns(); 6654 return count; 6655 } 6656 return -EINVAL; 6657 } 6658 static DRIVER_ATTR_RW(num_tgts); 6659 6660 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf) 6661 { 6662 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb); 6663 } 6664 static DRIVER_ATTR_RO(dev_size_mb); 6665 6666 static ssize_t per_host_store_show(struct device_driver *ddp, char *buf) 6667 { 6668 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store); 6669 } 6670 6671 static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf, 6672 size_t count) 6673 { 6674 bool v; 6675 6676 if (kstrtobool(buf, &v)) 6677 return -EINVAL; 6678 6679 sdebug_per_host_store = v; 6680 return count; 6681 } 6682 static DRIVER_ATTR_RW(per_host_store); 6683 6684 static ssize_t num_parts_show(struct device_driver *ddp, char *buf) 6685 { 6686 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts); 6687 } 6688 static DRIVER_ATTR_RO(num_parts); 6689 6690 static ssize_t every_nth_show(struct device_driver *ddp, char *buf) 6691 { 6692 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth); 6693 } 6694 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf, 6695 size_t count) 6696 { 6697 int nth; 6698 char work[20]; 6699 6700 if (sscanf(buf, "%10s", work) == 1) { 6701 if (strncasecmp(work, "0x", 2) == 0) { 6702 if (kstrtoint(work + 2, 16, &nth) == 0) 6703 goto every_nth_done; 6704 } else { 6705 if (kstrtoint(work, 10, &nth) == 0) 6706 goto every_nth_done; 6707 } 6708 } 6709 return -EINVAL; 6710 6711 every_nth_done: 6712 sdebug_every_nth = nth; 6713 if (nth && !sdebug_statistics) { 6714 pr_info("every_nth needs statistics=1, set it\n"); 6715 sdebug_statistics = true; 6716 } 6717 tweak_cmnd_count(); 6718 return count; 6719 } 6720 static DRIVER_ATTR_RW(every_nth); 6721 6722 static ssize_t lun_format_show(struct device_driver *ddp, char *buf) 6723 { 6724 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am); 6725 } 6726 static ssize_t lun_format_store(struct device_driver *ddp, const char *buf, 6727 size_t count) 6728 { 6729 int n; 6730 bool changed; 6731 6732 if (kstrtoint(buf, 0, &n)) 6733 return -EINVAL; 6734 if (n >= 0) { 6735 if (n > (int)SAM_LUN_AM_FLAT) { 6736 pr_warn("only LUN address methods 0 and 1 are supported\n"); 6737 return -EINVAL; 6738 } 6739 changed = ((int)sdebug_lun_am != n); 6740 sdebug_lun_am = n; 6741 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */ 6742 struct sdebug_host_info *sdhp; 6743 struct sdebug_dev_info *dp; 6744 6745 mutex_lock(&sdebug_host_list_mutex); 6746 list_for_each_entry(sdhp, &sdebug_host_list, host_list) { 6747 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) { 6748 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm); 6749 } 6750 } 6751 mutex_unlock(&sdebug_host_list_mutex); 6752 } 6753 return count; 6754 } 6755 return -EINVAL; 6756 } 6757 static DRIVER_ATTR_RW(lun_format); 6758 6759 static ssize_t max_luns_show(struct device_driver *ddp, char *buf) 6760 { 6761 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns); 6762 } 6763 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf, 6764 size_t count) 6765 { 6766 int n; 6767 bool changed; 6768 6769 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6770 if (n > 256) { 6771 pr_warn("max_luns can be no more than 256\n"); 6772 return -EINVAL; 6773 } 6774 changed = (sdebug_max_luns != n); 6775 sdebug_max_luns = n; 6776 sdebug_max_tgts_luns(); 6777 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */ 6778 struct sdebug_host_info *sdhp; 6779 struct sdebug_dev_info *dp; 6780 6781 mutex_lock(&sdebug_host_list_mutex); 6782 list_for_each_entry(sdhp, &sdebug_host_list, 6783 host_list) { 6784 list_for_each_entry(dp, &sdhp->dev_info_list, 6785 dev_list) { 6786 set_bit(SDEBUG_UA_LUNS_CHANGED, 6787 dp->uas_bm); 6788 } 6789 } 6790 mutex_unlock(&sdebug_host_list_mutex); 6791 } 6792 return count; 6793 } 6794 return -EINVAL; 6795 } 6796 static DRIVER_ATTR_RW(max_luns); 6797 6798 static ssize_t max_queue_show(struct device_driver *ddp, char *buf) 6799 { 6800 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue); 6801 } 6802 /* N.B. max_queue can be changed while there are queued commands. In flight 6803 * commands beyond the new max_queue will be completed. */ 6804 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf, 6805 size_t count) 6806 { 6807 int n; 6808 6809 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) && 6810 (n <= SDEBUG_CANQUEUE) && 6811 (sdebug_host_max_queue == 0)) { 6812 mutex_lock(&sdebug_host_list_mutex); 6813 6814 /* We may only change sdebug_max_queue when we have no shosts */ 6815 if (list_empty(&sdebug_host_list)) 6816 sdebug_max_queue = n; 6817 else 6818 count = -EBUSY; 6819 mutex_unlock(&sdebug_host_list_mutex); 6820 return count; 6821 } 6822 return -EINVAL; 6823 } 6824 static DRIVER_ATTR_RW(max_queue); 6825 6826 static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf) 6827 { 6828 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue); 6829 } 6830 6831 static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf) 6832 { 6833 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock); 6834 } 6835 6836 static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count) 6837 { 6838 bool v; 6839 6840 if (kstrtobool(buf, &v)) 6841 return -EINVAL; 6842 6843 sdebug_no_rwlock = v; 6844 return count; 6845 } 6846 static DRIVER_ATTR_RW(no_rwlock); 6847 6848 /* 6849 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap 6850 * in range [0, sdebug_host_max_queue), we can't change it. 6851 */ 6852 static DRIVER_ATTR_RO(host_max_queue); 6853 6854 static ssize_t no_uld_show(struct device_driver *ddp, char *buf) 6855 { 6856 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld); 6857 } 6858 static DRIVER_ATTR_RO(no_uld); 6859 6860 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf) 6861 { 6862 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level); 6863 } 6864 static DRIVER_ATTR_RO(scsi_level); 6865 6866 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf) 6867 { 6868 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb); 6869 } 6870 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf, 6871 size_t count) 6872 { 6873 int n; 6874 bool changed; 6875 6876 /* Ignore capacity change for ZBC drives for now */ 6877 if (sdeb_zbc_in_use) 6878 return -ENOTSUPP; 6879 6880 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6881 changed = (sdebug_virtual_gb != n); 6882 sdebug_virtual_gb = n; 6883 sdebug_capacity = get_sdebug_capacity(); 6884 if (changed) { 6885 struct sdebug_host_info *sdhp; 6886 struct sdebug_dev_info *dp; 6887 6888 mutex_lock(&sdebug_host_list_mutex); 6889 list_for_each_entry(sdhp, &sdebug_host_list, 6890 host_list) { 6891 list_for_each_entry(dp, &sdhp->dev_info_list, 6892 dev_list) { 6893 set_bit(SDEBUG_UA_CAPACITY_CHANGED, 6894 dp->uas_bm); 6895 } 6896 } 6897 mutex_unlock(&sdebug_host_list_mutex); 6898 } 6899 return count; 6900 } 6901 return -EINVAL; 6902 } 6903 static DRIVER_ATTR_RW(virtual_gb); 6904 6905 static ssize_t add_host_show(struct device_driver *ddp, char *buf) 6906 { 6907 /* absolute number of hosts currently active is what is shown */ 6908 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts); 6909 } 6910 6911 static ssize_t add_host_store(struct device_driver *ddp, const char *buf, 6912 size_t count) 6913 { 6914 bool found; 6915 unsigned long idx; 6916 struct sdeb_store_info *sip; 6917 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store; 6918 int delta_hosts; 6919 6920 if (sscanf(buf, "%d", &delta_hosts) != 1) 6921 return -EINVAL; 6922 if (delta_hosts > 0) { 6923 do { 6924 found = false; 6925 if (want_phs) { 6926 xa_for_each_marked(per_store_ap, idx, sip, 6927 SDEB_XA_NOT_IN_USE) { 6928 sdeb_most_recent_idx = (int)idx; 6929 found = true; 6930 break; 6931 } 6932 if (found) /* re-use case */ 6933 sdebug_add_host_helper((int)idx); 6934 else 6935 sdebug_do_add_host(true); 6936 } else { 6937 sdebug_do_add_host(false); 6938 } 6939 } while (--delta_hosts); 6940 } else if (delta_hosts < 0) { 6941 do { 6942 sdebug_do_remove_host(false); 6943 } while (++delta_hosts); 6944 } 6945 return count; 6946 } 6947 static DRIVER_ATTR_RW(add_host); 6948 6949 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf) 6950 { 6951 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno); 6952 } 6953 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf, 6954 size_t count) 6955 { 6956 int n; 6957 6958 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 6959 sdebug_vpd_use_hostno = n; 6960 return count; 6961 } 6962 return -EINVAL; 6963 } 6964 static DRIVER_ATTR_RW(vpd_use_hostno); 6965 6966 static ssize_t statistics_show(struct device_driver *ddp, char *buf) 6967 { 6968 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics); 6969 } 6970 static ssize_t statistics_store(struct device_driver *ddp, const char *buf, 6971 size_t count) 6972 { 6973 int n; 6974 6975 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) { 6976 if (n > 0) 6977 sdebug_statistics = true; 6978 else { 6979 clear_queue_stats(); 6980 sdebug_statistics = false; 6981 } 6982 return count; 6983 } 6984 return -EINVAL; 6985 } 6986 static DRIVER_ATTR_RW(statistics); 6987 6988 static ssize_t sector_size_show(struct device_driver *ddp, char *buf) 6989 { 6990 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size); 6991 } 6992 static DRIVER_ATTR_RO(sector_size); 6993 6994 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf) 6995 { 6996 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues); 6997 } 6998 static DRIVER_ATTR_RO(submit_queues); 6999 7000 static ssize_t dix_show(struct device_driver *ddp, char *buf) 7001 { 7002 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix); 7003 } 7004 static DRIVER_ATTR_RO(dix); 7005 7006 static ssize_t dif_show(struct device_driver *ddp, char *buf) 7007 { 7008 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif); 7009 } 7010 static DRIVER_ATTR_RO(dif); 7011 7012 static ssize_t guard_show(struct device_driver *ddp, char *buf) 7013 { 7014 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard); 7015 } 7016 static DRIVER_ATTR_RO(guard); 7017 7018 static ssize_t ato_show(struct device_driver *ddp, char *buf) 7019 { 7020 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato); 7021 } 7022 static DRIVER_ATTR_RO(ato); 7023 7024 static ssize_t map_show(struct device_driver *ddp, char *buf) 7025 { 7026 ssize_t count = 0; 7027 7028 if (!scsi_debug_lbp()) 7029 return scnprintf(buf, PAGE_SIZE, "0-%u\n", 7030 sdebug_store_sectors); 7031 7032 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) { 7033 struct sdeb_store_info *sip = xa_load(per_store_ap, 0); 7034 7035 if (sip) 7036 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl", 7037 (int)map_size, sip->map_storep); 7038 } 7039 buf[count++] = '\n'; 7040 buf[count] = '\0'; 7041 7042 return count; 7043 } 7044 static DRIVER_ATTR_RO(map); 7045 7046 static ssize_t random_show(struct device_driver *ddp, char *buf) 7047 { 7048 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random); 7049 } 7050 7051 static ssize_t random_store(struct device_driver *ddp, const char *buf, 7052 size_t count) 7053 { 7054 bool v; 7055 7056 if (kstrtobool(buf, &v)) 7057 return -EINVAL; 7058 7059 sdebug_random = v; 7060 return count; 7061 } 7062 static DRIVER_ATTR_RW(random); 7063 7064 static ssize_t removable_show(struct device_driver *ddp, char *buf) 7065 { 7066 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0); 7067 } 7068 static ssize_t removable_store(struct device_driver *ddp, const char *buf, 7069 size_t count) 7070 { 7071 int n; 7072 7073 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 7074 sdebug_removable = (n > 0); 7075 return count; 7076 } 7077 return -EINVAL; 7078 } 7079 static DRIVER_ATTR_RW(removable); 7080 7081 static ssize_t host_lock_show(struct device_driver *ddp, char *buf) 7082 { 7083 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock); 7084 } 7085 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */ 7086 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf, 7087 size_t count) 7088 { 7089 int n; 7090 7091 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 7092 sdebug_host_lock = (n > 0); 7093 return count; 7094 } 7095 return -EINVAL; 7096 } 7097 static DRIVER_ATTR_RW(host_lock); 7098 7099 static ssize_t strict_show(struct device_driver *ddp, char *buf) 7100 { 7101 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict); 7102 } 7103 static ssize_t strict_store(struct device_driver *ddp, const char *buf, 7104 size_t count) 7105 { 7106 int n; 7107 7108 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) { 7109 sdebug_strict = (n > 0); 7110 return count; 7111 } 7112 return -EINVAL; 7113 } 7114 static DRIVER_ATTR_RW(strict); 7115 7116 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf) 7117 { 7118 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl); 7119 } 7120 static DRIVER_ATTR_RO(uuid_ctl); 7121 7122 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf) 7123 { 7124 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len); 7125 } 7126 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf, 7127 size_t count) 7128 { 7129 int ret, n; 7130 7131 ret = kstrtoint(buf, 0, &n); 7132 if (ret) 7133 return ret; 7134 sdebug_cdb_len = n; 7135 all_config_cdb_len(); 7136 return count; 7137 } 7138 static DRIVER_ATTR_RW(cdb_len); 7139 7140 static const char * const zbc_model_strs_a[] = { 7141 [BLK_ZONED_NONE] = "none", 7142 [BLK_ZONED_HA] = "host-aware", 7143 [BLK_ZONED_HM] = "host-managed", 7144 }; 7145 7146 static const char * const zbc_model_strs_b[] = { 7147 [BLK_ZONED_NONE] = "no", 7148 [BLK_ZONED_HA] = "aware", 7149 [BLK_ZONED_HM] = "managed", 7150 }; 7151 7152 static const char * const zbc_model_strs_c[] = { 7153 [BLK_ZONED_NONE] = "0", 7154 [BLK_ZONED_HA] = "1", 7155 [BLK_ZONED_HM] = "2", 7156 }; 7157 7158 static int sdeb_zbc_model_str(const char *cp) 7159 { 7160 int res = sysfs_match_string(zbc_model_strs_a, cp); 7161 7162 if (res < 0) { 7163 res = sysfs_match_string(zbc_model_strs_b, cp); 7164 if (res < 0) { 7165 res = sysfs_match_string(zbc_model_strs_c, cp); 7166 if (res < 0) 7167 return -EINVAL; 7168 } 7169 } 7170 return res; 7171 } 7172 7173 static ssize_t zbc_show(struct device_driver *ddp, char *buf) 7174 { 7175 return scnprintf(buf, PAGE_SIZE, "%s\n", 7176 zbc_model_strs_a[sdeb_zbc_model]); 7177 } 7178 static DRIVER_ATTR_RO(zbc); 7179 7180 static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf) 7181 { 7182 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready); 7183 } 7184 static DRIVER_ATTR_RO(tur_ms_to_ready); 7185 7186 /* Note: The following array creates attribute files in the 7187 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these 7188 files (over those found in the /sys/module/scsi_debug/parameters 7189 directory) is that auxiliary actions can be triggered when an attribute 7190 is changed. For example see: add_host_store() above. 7191 */ 7192 7193 static struct attribute *sdebug_drv_attrs[] = { 7194 &driver_attr_delay.attr, 7195 &driver_attr_opts.attr, 7196 &driver_attr_ptype.attr, 7197 &driver_attr_dsense.attr, 7198 &driver_attr_fake_rw.attr, 7199 &driver_attr_host_max_queue.attr, 7200 &driver_attr_no_lun_0.attr, 7201 &driver_attr_num_tgts.attr, 7202 &driver_attr_dev_size_mb.attr, 7203 &driver_attr_num_parts.attr, 7204 &driver_attr_every_nth.attr, 7205 &driver_attr_lun_format.attr, 7206 &driver_attr_max_luns.attr, 7207 &driver_attr_max_queue.attr, 7208 &driver_attr_no_rwlock.attr, 7209 &driver_attr_no_uld.attr, 7210 &driver_attr_scsi_level.attr, 7211 &driver_attr_virtual_gb.attr, 7212 &driver_attr_add_host.attr, 7213 &driver_attr_per_host_store.attr, 7214 &driver_attr_vpd_use_hostno.attr, 7215 &driver_attr_sector_size.attr, 7216 &driver_attr_statistics.attr, 7217 &driver_attr_submit_queues.attr, 7218 &driver_attr_dix.attr, 7219 &driver_attr_dif.attr, 7220 &driver_attr_guard.attr, 7221 &driver_attr_ato.attr, 7222 &driver_attr_map.attr, 7223 &driver_attr_random.attr, 7224 &driver_attr_removable.attr, 7225 &driver_attr_host_lock.attr, 7226 &driver_attr_ndelay.attr, 7227 &driver_attr_strict.attr, 7228 &driver_attr_uuid_ctl.attr, 7229 &driver_attr_cdb_len.attr, 7230 &driver_attr_tur_ms_to_ready.attr, 7231 &driver_attr_zbc.attr, 7232 NULL, 7233 }; 7234 ATTRIBUTE_GROUPS(sdebug_drv); 7235 7236 static struct device *pseudo_primary; 7237 7238 static int __init scsi_debug_init(void) 7239 { 7240 bool want_store = (sdebug_fake_rw == 0); 7241 unsigned long sz; 7242 int k, ret, hosts_to_add; 7243 int idx = -1; 7244 7245 if (sdebug_ndelay >= 1000 * 1000 * 1000) { 7246 pr_warn("ndelay must be less than 1 second, ignored\n"); 7247 sdebug_ndelay = 0; 7248 } else if (sdebug_ndelay > 0) 7249 sdebug_jdelay = JDELAY_OVERRIDDEN; 7250 7251 switch (sdebug_sector_size) { 7252 case 512: 7253 case 1024: 7254 case 2048: 7255 case 4096: 7256 break; 7257 default: 7258 pr_err("invalid sector_size %d\n", sdebug_sector_size); 7259 return -EINVAL; 7260 } 7261 7262 switch (sdebug_dif) { 7263 case T10_PI_TYPE0_PROTECTION: 7264 break; 7265 case T10_PI_TYPE1_PROTECTION: 7266 case T10_PI_TYPE2_PROTECTION: 7267 case T10_PI_TYPE3_PROTECTION: 7268 have_dif_prot = true; 7269 break; 7270 7271 default: 7272 pr_err("dif must be 0, 1, 2 or 3\n"); 7273 return -EINVAL; 7274 } 7275 7276 if (sdebug_num_tgts < 0) { 7277 pr_err("num_tgts must be >= 0\n"); 7278 return -EINVAL; 7279 } 7280 7281 if (sdebug_guard > 1) { 7282 pr_err("guard must be 0 or 1\n"); 7283 return -EINVAL; 7284 } 7285 7286 if (sdebug_ato > 1) { 7287 pr_err("ato must be 0 or 1\n"); 7288 return -EINVAL; 7289 } 7290 7291 if (sdebug_physblk_exp > 15) { 7292 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp); 7293 return -EINVAL; 7294 } 7295 7296 sdebug_lun_am = sdebug_lun_am_i; 7297 if (sdebug_lun_am > SAM_LUN_AM_FLAT) { 7298 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am); 7299 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL; 7300 } 7301 7302 if (sdebug_max_luns > 256) { 7303 if (sdebug_max_luns > 16384) { 7304 pr_warn("max_luns can be no more than 16384, use default\n"); 7305 sdebug_max_luns = DEF_MAX_LUNS; 7306 } 7307 sdebug_lun_am = SAM_LUN_AM_FLAT; 7308 } 7309 7310 if (sdebug_lowest_aligned > 0x3fff) { 7311 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned); 7312 return -EINVAL; 7313 } 7314 7315 if (submit_queues < 1) { 7316 pr_err("submit_queues must be 1 or more\n"); 7317 return -EINVAL; 7318 } 7319 7320 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) { 7321 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE); 7322 return -EINVAL; 7323 } 7324 7325 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) || 7326 (sdebug_host_max_queue < 0)) { 7327 pr_err("host_max_queue must be in range [0 %d]\n", 7328 SDEBUG_CANQUEUE); 7329 return -EINVAL; 7330 } 7331 7332 if (sdebug_host_max_queue && 7333 (sdebug_max_queue != sdebug_host_max_queue)) { 7334 sdebug_max_queue = sdebug_host_max_queue; 7335 pr_warn("fixing max submit queue depth to host max queue depth, %d\n", 7336 sdebug_max_queue); 7337 } 7338 7339 /* 7340 * check for host managed zoned block device specified with 7341 * ptype=0x14 or zbc=XXX. 7342 */ 7343 if (sdebug_ptype == TYPE_ZBC) { 7344 sdeb_zbc_model = BLK_ZONED_HM; 7345 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) { 7346 k = sdeb_zbc_model_str(sdeb_zbc_model_s); 7347 if (k < 0) 7348 return k; 7349 sdeb_zbc_model = k; 7350 switch (sdeb_zbc_model) { 7351 case BLK_ZONED_NONE: 7352 case BLK_ZONED_HA: 7353 sdebug_ptype = TYPE_DISK; 7354 break; 7355 case BLK_ZONED_HM: 7356 sdebug_ptype = TYPE_ZBC; 7357 break; 7358 default: 7359 pr_err("Invalid ZBC model\n"); 7360 return -EINVAL; 7361 } 7362 } 7363 if (sdeb_zbc_model != BLK_ZONED_NONE) { 7364 sdeb_zbc_in_use = true; 7365 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT) 7366 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB; 7367 } 7368 7369 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT) 7370 sdebug_dev_size_mb = DEF_DEV_SIZE_MB; 7371 if (sdebug_dev_size_mb < 1) 7372 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */ 7373 sz = (unsigned long)sdebug_dev_size_mb * 1048576; 7374 sdebug_store_sectors = sz / sdebug_sector_size; 7375 sdebug_capacity = get_sdebug_capacity(); 7376 7377 /* play around with geometry, don't waste too much on track 0 */ 7378 sdebug_heads = 8; 7379 sdebug_sectors_per = 32; 7380 if (sdebug_dev_size_mb >= 256) 7381 sdebug_heads = 64; 7382 else if (sdebug_dev_size_mb >= 16) 7383 sdebug_heads = 32; 7384 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 7385 (sdebug_sectors_per * sdebug_heads); 7386 if (sdebug_cylinders_per >= 1024) { 7387 /* other LLDs do this; implies >= 1GB ram disk ... */ 7388 sdebug_heads = 255; 7389 sdebug_sectors_per = 63; 7390 sdebug_cylinders_per = (unsigned long)sdebug_capacity / 7391 (sdebug_sectors_per * sdebug_heads); 7392 } 7393 if (scsi_debug_lbp()) { 7394 sdebug_unmap_max_blocks = 7395 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU); 7396 7397 sdebug_unmap_max_desc = 7398 clamp(sdebug_unmap_max_desc, 0U, 256U); 7399 7400 sdebug_unmap_granularity = 7401 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU); 7402 7403 if (sdebug_unmap_alignment && 7404 sdebug_unmap_granularity <= 7405 sdebug_unmap_alignment) { 7406 pr_err("ERR: unmap_granularity <= unmap_alignment\n"); 7407 return -EINVAL; 7408 } 7409 } 7410 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ); 7411 if (want_store) { 7412 idx = sdebug_add_store(); 7413 if (idx < 0) 7414 return idx; 7415 } 7416 7417 pseudo_primary = root_device_register("pseudo_0"); 7418 if (IS_ERR(pseudo_primary)) { 7419 pr_warn("root_device_register() error\n"); 7420 ret = PTR_ERR(pseudo_primary); 7421 goto free_vm; 7422 } 7423 ret = bus_register(&pseudo_lld_bus); 7424 if (ret < 0) { 7425 pr_warn("bus_register error: %d\n", ret); 7426 goto dev_unreg; 7427 } 7428 ret = driver_register(&sdebug_driverfs_driver); 7429 if (ret < 0) { 7430 pr_warn("driver_register error: %d\n", ret); 7431 goto bus_unreg; 7432 } 7433 7434 hosts_to_add = sdebug_add_host; 7435 sdebug_add_host = 0; 7436 7437 queued_cmd_cache = KMEM_CACHE(sdebug_queued_cmd, SLAB_HWCACHE_ALIGN); 7438 if (!queued_cmd_cache) { 7439 ret = -ENOMEM; 7440 goto driver_unreg; 7441 } 7442 7443 sdebug_debugfs_root = debugfs_create_dir("scsi_debug", NULL); 7444 if (IS_ERR_OR_NULL(sdebug_debugfs_root)) 7445 pr_info("%s: failed to create initial debugfs directory\n", __func__); 7446 7447 for (k = 0; k < hosts_to_add; k++) { 7448 if (want_store && k == 0) { 7449 ret = sdebug_add_host_helper(idx); 7450 if (ret < 0) { 7451 pr_err("add_host_helper k=%d, error=%d\n", 7452 k, -ret); 7453 break; 7454 } 7455 } else { 7456 ret = sdebug_do_add_host(want_store && 7457 sdebug_per_host_store); 7458 if (ret < 0) { 7459 pr_err("add_host k=%d error=%d\n", k, -ret); 7460 break; 7461 } 7462 } 7463 } 7464 if (sdebug_verbose) 7465 pr_info("built %d host(s)\n", sdebug_num_hosts); 7466 7467 return 0; 7468 7469 driver_unreg: 7470 driver_unregister(&sdebug_driverfs_driver); 7471 bus_unreg: 7472 bus_unregister(&pseudo_lld_bus); 7473 dev_unreg: 7474 root_device_unregister(pseudo_primary); 7475 free_vm: 7476 sdebug_erase_store(idx, NULL); 7477 return ret; 7478 } 7479 7480 static void __exit scsi_debug_exit(void) 7481 { 7482 int k = sdebug_num_hosts; 7483 7484 for (; k; k--) 7485 sdebug_do_remove_host(true); 7486 kmem_cache_destroy(queued_cmd_cache); 7487 driver_unregister(&sdebug_driverfs_driver); 7488 bus_unregister(&pseudo_lld_bus); 7489 root_device_unregister(pseudo_primary); 7490 7491 sdebug_erase_all_stores(false); 7492 xa_destroy(per_store_ap); 7493 debugfs_remove(sdebug_debugfs_root); 7494 } 7495 7496 device_initcall(scsi_debug_init); 7497 module_exit(scsi_debug_exit); 7498 7499 static void sdebug_release_adapter(struct device *dev) 7500 { 7501 struct sdebug_host_info *sdbg_host; 7502 7503 sdbg_host = dev_to_sdebug_host(dev); 7504 kfree(sdbg_host); 7505 } 7506 7507 /* idx must be valid, if sip is NULL then it will be obtained using idx */ 7508 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip) 7509 { 7510 if (idx < 0) 7511 return; 7512 if (!sip) { 7513 if (xa_empty(per_store_ap)) 7514 return; 7515 sip = xa_load(per_store_ap, idx); 7516 if (!sip) 7517 return; 7518 } 7519 vfree(sip->map_storep); 7520 vfree(sip->dif_storep); 7521 vfree(sip->storep); 7522 xa_erase(per_store_ap, idx); 7523 kfree(sip); 7524 } 7525 7526 /* Assume apart_from_first==false only in shutdown case. */ 7527 static void sdebug_erase_all_stores(bool apart_from_first) 7528 { 7529 unsigned long idx; 7530 struct sdeb_store_info *sip = NULL; 7531 7532 xa_for_each(per_store_ap, idx, sip) { 7533 if (apart_from_first) 7534 apart_from_first = false; 7535 else 7536 sdebug_erase_store(idx, sip); 7537 } 7538 if (apart_from_first) 7539 sdeb_most_recent_idx = sdeb_first_idx; 7540 } 7541 7542 /* 7543 * Returns store xarray new element index (idx) if >=0 else negated errno. 7544 * Limit the number of stores to 65536. 7545 */ 7546 static int sdebug_add_store(void) 7547 { 7548 int res; 7549 u32 n_idx; 7550 unsigned long iflags; 7551 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576; 7552 struct sdeb_store_info *sip = NULL; 7553 struct xa_limit xal = { .max = 1 << 16, .min = 0 }; 7554 7555 sip = kzalloc(sizeof(*sip), GFP_KERNEL); 7556 if (!sip) 7557 return -ENOMEM; 7558 7559 xa_lock_irqsave(per_store_ap, iflags); 7560 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC); 7561 if (unlikely(res < 0)) { 7562 xa_unlock_irqrestore(per_store_ap, iflags); 7563 kfree(sip); 7564 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res); 7565 return res; 7566 } 7567 sdeb_most_recent_idx = n_idx; 7568 if (sdeb_first_idx < 0) 7569 sdeb_first_idx = n_idx; 7570 xa_unlock_irqrestore(per_store_ap, iflags); 7571 7572 res = -ENOMEM; 7573 sip->storep = vzalloc(sz); 7574 if (!sip->storep) { 7575 pr_err("user data oom\n"); 7576 goto err; 7577 } 7578 if (sdebug_num_parts > 0) 7579 sdebug_build_parts(sip->storep, sz); 7580 7581 /* DIF/DIX: what T10 calls Protection Information (PI) */ 7582 if (sdebug_dix) { 7583 int dif_size; 7584 7585 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple); 7586 sip->dif_storep = vmalloc(dif_size); 7587 7588 pr_info("dif_storep %u bytes @ %pK\n", dif_size, 7589 sip->dif_storep); 7590 7591 if (!sip->dif_storep) { 7592 pr_err("DIX oom\n"); 7593 goto err; 7594 } 7595 memset(sip->dif_storep, 0xff, dif_size); 7596 } 7597 /* Logical Block Provisioning */ 7598 if (scsi_debug_lbp()) { 7599 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1; 7600 sip->map_storep = vmalloc(array_size(sizeof(long), 7601 BITS_TO_LONGS(map_size))); 7602 7603 pr_info("%lu provisioning blocks\n", map_size); 7604 7605 if (!sip->map_storep) { 7606 pr_err("LBP map oom\n"); 7607 goto err; 7608 } 7609 7610 bitmap_zero(sip->map_storep, map_size); 7611 7612 /* Map first 1KB for partition table */ 7613 if (sdebug_num_parts) 7614 map_region(sip, 0, 2); 7615 } 7616 7617 rwlock_init(&sip->macc_lck); 7618 return (int)n_idx; 7619 err: 7620 sdebug_erase_store((int)n_idx, sip); 7621 pr_warn("%s: failed, errno=%d\n", __func__, -res); 7622 return res; 7623 } 7624 7625 static int sdebug_add_host_helper(int per_host_idx) 7626 { 7627 int k, devs_per_host, idx; 7628 int error = -ENOMEM; 7629 struct sdebug_host_info *sdbg_host; 7630 struct sdebug_dev_info *sdbg_devinfo, *tmp; 7631 7632 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL); 7633 if (!sdbg_host) 7634 return -ENOMEM; 7635 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx; 7636 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE)) 7637 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE); 7638 sdbg_host->si_idx = idx; 7639 7640 INIT_LIST_HEAD(&sdbg_host->dev_info_list); 7641 7642 devs_per_host = sdebug_num_tgts * sdebug_max_luns; 7643 for (k = 0; k < devs_per_host; k++) { 7644 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL); 7645 if (!sdbg_devinfo) 7646 goto clean; 7647 } 7648 7649 mutex_lock(&sdebug_host_list_mutex); 7650 list_add_tail(&sdbg_host->host_list, &sdebug_host_list); 7651 mutex_unlock(&sdebug_host_list_mutex); 7652 7653 sdbg_host->dev.bus = &pseudo_lld_bus; 7654 sdbg_host->dev.parent = pseudo_primary; 7655 sdbg_host->dev.release = &sdebug_release_adapter; 7656 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts); 7657 7658 error = device_register(&sdbg_host->dev); 7659 if (error) { 7660 mutex_lock(&sdebug_host_list_mutex); 7661 list_del(&sdbg_host->host_list); 7662 mutex_unlock(&sdebug_host_list_mutex); 7663 goto clean; 7664 } 7665 7666 ++sdebug_num_hosts; 7667 return 0; 7668 7669 clean: 7670 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 7671 dev_list) { 7672 list_del(&sdbg_devinfo->dev_list); 7673 kfree(sdbg_devinfo->zstate); 7674 kfree(sdbg_devinfo); 7675 } 7676 if (sdbg_host->dev.release) 7677 put_device(&sdbg_host->dev); 7678 else 7679 kfree(sdbg_host); 7680 pr_warn("%s: failed, errno=%d\n", __func__, -error); 7681 return error; 7682 } 7683 7684 static int sdebug_do_add_host(bool mk_new_store) 7685 { 7686 int ph_idx = sdeb_most_recent_idx; 7687 7688 if (mk_new_store) { 7689 ph_idx = sdebug_add_store(); 7690 if (ph_idx < 0) 7691 return ph_idx; 7692 } 7693 return sdebug_add_host_helper(ph_idx); 7694 } 7695 7696 static void sdebug_do_remove_host(bool the_end) 7697 { 7698 int idx = -1; 7699 struct sdebug_host_info *sdbg_host = NULL; 7700 struct sdebug_host_info *sdbg_host2; 7701 7702 mutex_lock(&sdebug_host_list_mutex); 7703 if (!list_empty(&sdebug_host_list)) { 7704 sdbg_host = list_entry(sdebug_host_list.prev, 7705 struct sdebug_host_info, host_list); 7706 idx = sdbg_host->si_idx; 7707 } 7708 if (!the_end && idx >= 0) { 7709 bool unique = true; 7710 7711 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) { 7712 if (sdbg_host2 == sdbg_host) 7713 continue; 7714 if (idx == sdbg_host2->si_idx) { 7715 unique = false; 7716 break; 7717 } 7718 } 7719 if (unique) { 7720 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE); 7721 if (idx == sdeb_most_recent_idx) 7722 --sdeb_most_recent_idx; 7723 } 7724 } 7725 if (sdbg_host) 7726 list_del(&sdbg_host->host_list); 7727 mutex_unlock(&sdebug_host_list_mutex); 7728 7729 if (!sdbg_host) 7730 return; 7731 7732 device_unregister(&sdbg_host->dev); 7733 --sdebug_num_hosts; 7734 } 7735 7736 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth) 7737 { 7738 struct sdebug_dev_info *devip = sdev->hostdata; 7739 7740 if (!devip) 7741 return -ENODEV; 7742 7743 mutex_lock(&sdebug_host_list_mutex); 7744 block_unblock_all_queues(true); 7745 7746 if (qdepth > SDEBUG_CANQUEUE) { 7747 qdepth = SDEBUG_CANQUEUE; 7748 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__, 7749 qdepth, SDEBUG_CANQUEUE); 7750 } 7751 if (qdepth < 1) 7752 qdepth = 1; 7753 if (qdepth != sdev->queue_depth) 7754 scsi_change_queue_depth(sdev, qdepth); 7755 7756 block_unblock_all_queues(false); 7757 mutex_unlock(&sdebug_host_list_mutex); 7758 7759 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) 7760 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d\n", __func__, qdepth); 7761 7762 return sdev->queue_depth; 7763 } 7764 7765 static bool fake_timeout(struct scsi_cmnd *scp) 7766 { 7767 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) { 7768 if (sdebug_every_nth < -1) 7769 sdebug_every_nth = -1; 7770 if (SDEBUG_OPT_TIMEOUT & sdebug_opts) 7771 return true; /* ignore command causing timeout */ 7772 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts && 7773 scsi_medium_access_command(scp)) 7774 return true; /* time out reads and writes */ 7775 } 7776 return false; 7777 } 7778 7779 /* Response to TUR or media access command when device stopped */ 7780 static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip) 7781 { 7782 int stopped_state; 7783 u64 diff_ns = 0; 7784 ktime_t now_ts = ktime_get_boottime(); 7785 struct scsi_device *sdp = scp->device; 7786 7787 stopped_state = atomic_read(&devip->stopped); 7788 if (stopped_state == 2) { 7789 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) { 7790 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts)); 7791 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) { 7792 /* tur_ms_to_ready timer extinguished */ 7793 atomic_set(&devip->stopped, 0); 7794 return 0; 7795 } 7796 } 7797 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1); 7798 if (sdebug_verbose) 7799 sdev_printk(KERN_INFO, sdp, 7800 "%s: Not ready: in process of becoming ready\n", my_name); 7801 if (scp->cmnd[0] == TEST_UNIT_READY) { 7802 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000; 7803 7804 if (diff_ns <= tur_nanosecs_to_ready) 7805 diff_ns = tur_nanosecs_to_ready - diff_ns; 7806 else 7807 diff_ns = tur_nanosecs_to_ready; 7808 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */ 7809 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */ 7810 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE, 7811 diff_ns); 7812 return check_condition_result; 7813 } 7814 } 7815 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2); 7816 if (sdebug_verbose) 7817 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n", 7818 my_name); 7819 return check_condition_result; 7820 } 7821 7822 static void sdebug_map_queues(struct Scsi_Host *shost) 7823 { 7824 int i, qoff; 7825 7826 if (shost->nr_hw_queues == 1) 7827 return; 7828 7829 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) { 7830 struct blk_mq_queue_map *map = &shost->tag_set.map[i]; 7831 7832 map->nr_queues = 0; 7833 7834 if (i == HCTX_TYPE_DEFAULT) 7835 map->nr_queues = submit_queues - poll_queues; 7836 else if (i == HCTX_TYPE_POLL) 7837 map->nr_queues = poll_queues; 7838 7839 if (!map->nr_queues) { 7840 BUG_ON(i == HCTX_TYPE_DEFAULT); 7841 continue; 7842 } 7843 7844 map->queue_offset = qoff; 7845 blk_mq_map_queues(map); 7846 7847 qoff += map->nr_queues; 7848 } 7849 } 7850 7851 struct sdebug_blk_mq_poll_data { 7852 unsigned int queue_num; 7853 int *num_entries; 7854 }; 7855 7856 /* 7857 * We don't handle aborted commands here, but it does not seem possible to have 7858 * aborted polled commands from schedule_resp() 7859 */ 7860 static bool sdebug_blk_mq_poll_iter(struct request *rq, void *opaque) 7861 { 7862 struct sdebug_blk_mq_poll_data *data = opaque; 7863 struct scsi_cmnd *cmd = blk_mq_rq_to_pdu(rq); 7864 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd); 7865 struct sdebug_defer *sd_dp; 7866 u32 unique_tag = blk_mq_unique_tag(rq); 7867 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag); 7868 struct sdebug_queued_cmd *sqcp; 7869 unsigned long flags; 7870 int queue_num = data->queue_num; 7871 ktime_t time; 7872 7873 /* We're only interested in one queue for this iteration */ 7874 if (hwq != queue_num) 7875 return true; 7876 7877 /* Subsequent checks would fail if this failed, but check anyway */ 7878 if (!test_bit(SCMD_STATE_INFLIGHT, &cmd->state)) 7879 return true; 7880 7881 time = ktime_get_boottime(); 7882 7883 spin_lock_irqsave(&sdsc->lock, flags); 7884 sqcp = TO_QUEUED_CMD(cmd); 7885 if (!sqcp) { 7886 spin_unlock_irqrestore(&sdsc->lock, flags); 7887 return true; 7888 } 7889 7890 sd_dp = &sqcp->sd_dp; 7891 if (READ_ONCE(sd_dp->defer_t) != SDEB_DEFER_POLL) { 7892 spin_unlock_irqrestore(&sdsc->lock, flags); 7893 return true; 7894 } 7895 7896 if (time < sd_dp->cmpl_ts) { 7897 spin_unlock_irqrestore(&sdsc->lock, flags); 7898 return true; 7899 } 7900 7901 ASSIGN_QUEUED_CMD(cmd, NULL); 7902 spin_unlock_irqrestore(&sdsc->lock, flags); 7903 7904 if (sdebug_statistics) { 7905 atomic_inc(&sdebug_completions); 7906 if (raw_smp_processor_id() != sd_dp->issuing_cpu) 7907 atomic_inc(&sdebug_miss_cpus); 7908 } 7909 7910 sdebug_free_queued_cmd(sqcp); 7911 7912 scsi_done(cmd); /* callback to mid level */ 7913 (*data->num_entries)++; 7914 return true; 7915 } 7916 7917 static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num) 7918 { 7919 int num_entries = 0; 7920 struct sdebug_blk_mq_poll_data data = { 7921 .queue_num = queue_num, 7922 .num_entries = &num_entries, 7923 }; 7924 7925 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_blk_mq_poll_iter, 7926 &data); 7927 7928 if (num_entries > 0) 7929 atomic_add(num_entries, &sdeb_mq_poll_count); 7930 return num_entries; 7931 } 7932 7933 static int sdebug_timeout_cmd(struct scsi_cmnd *cmnd) 7934 { 7935 struct scsi_device *sdp = cmnd->device; 7936 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 7937 struct sdebug_err_inject *err; 7938 unsigned char *cmd = cmnd->cmnd; 7939 int ret = 0; 7940 7941 if (devip == NULL) 7942 return 0; 7943 7944 rcu_read_lock(); 7945 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 7946 if (err->type == ERR_TMOUT_CMD && 7947 (err->cmd == cmd[0] || err->cmd == 0xff)) { 7948 ret = !!err->cnt; 7949 if (err->cnt < 0) 7950 err->cnt++; 7951 7952 rcu_read_unlock(); 7953 return ret; 7954 } 7955 } 7956 rcu_read_unlock(); 7957 7958 return 0; 7959 } 7960 7961 static int sdebug_fail_queue_cmd(struct scsi_cmnd *cmnd) 7962 { 7963 struct scsi_device *sdp = cmnd->device; 7964 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 7965 struct sdebug_err_inject *err; 7966 unsigned char *cmd = cmnd->cmnd; 7967 int ret = 0; 7968 7969 if (devip == NULL) 7970 return 0; 7971 7972 rcu_read_lock(); 7973 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 7974 if (err->type == ERR_FAIL_QUEUE_CMD && 7975 (err->cmd == cmd[0] || err->cmd == 0xff)) { 7976 ret = err->cnt ? err->queuecmd_ret : 0; 7977 if (err->cnt < 0) 7978 err->cnt++; 7979 7980 rcu_read_unlock(); 7981 return ret; 7982 } 7983 } 7984 rcu_read_unlock(); 7985 7986 return 0; 7987 } 7988 7989 static int sdebug_fail_cmd(struct scsi_cmnd *cmnd, int *retval, 7990 struct sdebug_err_inject *info) 7991 { 7992 struct scsi_device *sdp = cmnd->device; 7993 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata; 7994 struct sdebug_err_inject *err; 7995 unsigned char *cmd = cmnd->cmnd; 7996 int ret = 0; 7997 int result; 7998 7999 if (devip == NULL) 8000 return 0; 8001 8002 rcu_read_lock(); 8003 list_for_each_entry_rcu(err, &devip->inject_err_list, list) { 8004 if (err->type == ERR_FAIL_CMD && 8005 (err->cmd == cmd[0] || err->cmd == 0xff)) { 8006 if (!err->cnt) { 8007 rcu_read_unlock(); 8008 return 0; 8009 } 8010 8011 ret = !!err->cnt; 8012 rcu_read_unlock(); 8013 goto out_handle; 8014 } 8015 } 8016 rcu_read_unlock(); 8017 8018 return 0; 8019 8020 out_handle: 8021 if (err->cnt < 0) 8022 err->cnt++; 8023 mk_sense_buffer(cmnd, err->sense_key, err->asc, err->asq); 8024 result = err->status_byte | err->host_byte << 16 | err->driver_byte << 24; 8025 *info = *err; 8026 *retval = schedule_resp(cmnd, devip, result, NULL, 0, 0); 8027 8028 return ret; 8029 } 8030 8031 static int scsi_debug_queuecommand(struct Scsi_Host *shost, 8032 struct scsi_cmnd *scp) 8033 { 8034 u8 sdeb_i; 8035 struct scsi_device *sdp = scp->device; 8036 const struct opcode_info_t *oip; 8037 const struct opcode_info_t *r_oip; 8038 struct sdebug_dev_info *devip; 8039 u8 *cmd = scp->cmnd; 8040 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *); 8041 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL; 8042 int k, na; 8043 int errsts = 0; 8044 u64 lun_index = sdp->lun & 0x3FFF; 8045 u32 flags; 8046 u16 sa; 8047 u8 opcode = cmd[0]; 8048 bool has_wlun_rl; 8049 bool inject_now; 8050 int ret = 0; 8051 struct sdebug_err_inject err; 8052 8053 scsi_set_resid(scp, 0); 8054 if (sdebug_statistics) { 8055 atomic_inc(&sdebug_cmnd_count); 8056 inject_now = inject_on_this_cmd(); 8057 } else { 8058 inject_now = false; 8059 } 8060 if (unlikely(sdebug_verbose && 8061 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) { 8062 char b[120]; 8063 int n, len, sb; 8064 8065 len = scp->cmd_len; 8066 sb = (int)sizeof(b); 8067 if (len > 32) 8068 strcpy(b, "too long, over 32 bytes"); 8069 else { 8070 for (k = 0, n = 0; k < len && n < sb; ++k) 8071 n += scnprintf(b + n, sb - n, "%02x ", 8072 (u32)cmd[k]); 8073 } 8074 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name, 8075 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b); 8076 } 8077 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY))) 8078 return SCSI_MLQUEUE_HOST_BUSY; 8079 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS); 8080 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl)) 8081 goto err_out; 8082 8083 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */ 8084 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */ 8085 devip = (struct sdebug_dev_info *)sdp->hostdata; 8086 if (unlikely(!devip)) { 8087 devip = find_build_dev_info(sdp); 8088 if (NULL == devip) 8089 goto err_out; 8090 } 8091 8092 if (sdebug_timeout_cmd(scp)) { 8093 scmd_printk(KERN_INFO, scp, "timeout command 0x%x\n", opcode); 8094 return 0; 8095 } 8096 8097 ret = sdebug_fail_queue_cmd(scp); 8098 if (ret) { 8099 scmd_printk(KERN_INFO, scp, "fail queue command 0x%x with 0x%x\n", 8100 opcode, ret); 8101 return ret; 8102 } 8103 8104 if (sdebug_fail_cmd(scp, &ret, &err)) { 8105 scmd_printk(KERN_INFO, scp, 8106 "fail command 0x%x with hostbyte=0x%x, " 8107 "driverbyte=0x%x, statusbyte=0x%x, " 8108 "sense_key=0x%x, asc=0x%x, asq=0x%x\n", 8109 opcode, err.host_byte, err.driver_byte, 8110 err.status_byte, err.sense_key, err.asc, err.asq); 8111 return ret; 8112 } 8113 8114 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending))) 8115 atomic_set(&sdeb_inject_pending, 1); 8116 8117 na = oip->num_attached; 8118 r_pfp = oip->pfp; 8119 if (na) { /* multiple commands with this opcode */ 8120 r_oip = oip; 8121 if (FF_SA & r_oip->flags) { 8122 if (F_SA_LOW & oip->flags) 8123 sa = 0x1f & cmd[1]; 8124 else 8125 sa = get_unaligned_be16(cmd + 8); 8126 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 8127 if (opcode == oip->opcode && sa == oip->sa) 8128 break; 8129 } 8130 } else { /* since no service action only check opcode */ 8131 for (k = 0; k <= na; oip = r_oip->arrp + k++) { 8132 if (opcode == oip->opcode) 8133 break; 8134 } 8135 } 8136 if (k > na) { 8137 if (F_SA_LOW & r_oip->flags) 8138 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4); 8139 else if (F_SA_HIGH & r_oip->flags) 8140 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7); 8141 else 8142 mk_sense_invalid_opcode(scp); 8143 goto check_cond; 8144 } 8145 } /* else (when na==0) we assume the oip is a match */ 8146 flags = oip->flags; 8147 if (unlikely(F_INV_OP & flags)) { 8148 mk_sense_invalid_opcode(scp); 8149 goto check_cond; 8150 } 8151 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) { 8152 if (sdebug_verbose) 8153 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n", 8154 my_name, opcode, " supported for wlun"); 8155 mk_sense_invalid_opcode(scp); 8156 goto check_cond; 8157 } 8158 if (unlikely(sdebug_strict)) { /* check cdb against mask */ 8159 u8 rem; 8160 int j; 8161 8162 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) { 8163 rem = ~oip->len_mask[k] & cmd[k]; 8164 if (rem) { 8165 for (j = 7; j >= 0; --j, rem <<= 1) { 8166 if (0x80 & rem) 8167 break; 8168 } 8169 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j); 8170 goto check_cond; 8171 } 8172 } 8173 } 8174 if (unlikely(!(F_SKIP_UA & flags) && 8175 find_first_bit(devip->uas_bm, 8176 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) { 8177 errsts = make_ua(scp, devip); 8178 if (errsts) 8179 goto check_cond; 8180 } 8181 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) && 8182 atomic_read(&devip->stopped))) { 8183 errsts = resp_not_ready(scp, devip); 8184 if (errsts) 8185 goto fini; 8186 } 8187 if (sdebug_fake_rw && (F_FAKE_RW & flags)) 8188 goto fini; 8189 if (unlikely(sdebug_every_nth)) { 8190 if (fake_timeout(scp)) 8191 return 0; /* ignore command: make trouble */ 8192 } 8193 if (likely(oip->pfp)) 8194 pfp = oip->pfp; /* calls a resp_* function */ 8195 else 8196 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */ 8197 8198 fini: 8199 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */ 8200 return schedule_resp(scp, devip, errsts, pfp, 0, 0); 8201 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 || 8202 sdebug_ndelay > 10000)) { 8203 /* 8204 * Skip long delays if ndelay <= 10 microseconds. Otherwise 8205 * for Start Stop Unit (SSU) want at least 1 second delay and 8206 * if sdebug_jdelay>1 want a long delay of that many seconds. 8207 * For Synchronize Cache want 1/20 of SSU's delay. 8208 */ 8209 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay; 8210 int denom = (flags & F_SYNC_DELAY) ? 20 : 1; 8211 8212 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ); 8213 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0); 8214 } else 8215 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay, 8216 sdebug_ndelay); 8217 check_cond: 8218 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0); 8219 err_out: 8220 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0); 8221 } 8222 8223 static int sdebug_init_cmd_priv(struct Scsi_Host *shost, struct scsi_cmnd *cmd) 8224 { 8225 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd); 8226 8227 spin_lock_init(&sdsc->lock); 8228 8229 return 0; 8230 } 8231 8232 static struct scsi_host_template sdebug_driver_template = { 8233 .show_info = scsi_debug_show_info, 8234 .write_info = scsi_debug_write_info, 8235 .proc_name = sdebug_proc_name, 8236 .name = "SCSI DEBUG", 8237 .info = scsi_debug_info, 8238 .slave_alloc = scsi_debug_slave_alloc, 8239 .slave_configure = scsi_debug_slave_configure, 8240 .slave_destroy = scsi_debug_slave_destroy, 8241 .ioctl = scsi_debug_ioctl, 8242 .queuecommand = scsi_debug_queuecommand, 8243 .change_queue_depth = sdebug_change_qdepth, 8244 .map_queues = sdebug_map_queues, 8245 .mq_poll = sdebug_blk_mq_poll, 8246 .eh_abort_handler = scsi_debug_abort, 8247 .eh_device_reset_handler = scsi_debug_device_reset, 8248 .eh_target_reset_handler = scsi_debug_target_reset, 8249 .eh_bus_reset_handler = scsi_debug_bus_reset, 8250 .eh_host_reset_handler = scsi_debug_host_reset, 8251 .can_queue = SDEBUG_CANQUEUE, 8252 .this_id = 7, 8253 .sg_tablesize = SG_MAX_SEGMENTS, 8254 .cmd_per_lun = DEF_CMD_PER_LUN, 8255 .max_sectors = -1U, 8256 .max_segment_size = -1U, 8257 .module = THIS_MODULE, 8258 .track_queue_depth = 1, 8259 .cmd_size = sizeof(struct sdebug_scsi_cmd), 8260 .init_cmd_priv = sdebug_init_cmd_priv, 8261 .target_alloc = sdebug_target_alloc, 8262 .target_destroy = sdebug_target_destroy, 8263 }; 8264 8265 static int sdebug_driver_probe(struct device *dev) 8266 { 8267 int error = 0; 8268 struct sdebug_host_info *sdbg_host; 8269 struct Scsi_Host *hpnt; 8270 int hprot; 8271 8272 sdbg_host = dev_to_sdebug_host(dev); 8273 8274 sdebug_driver_template.can_queue = sdebug_max_queue; 8275 sdebug_driver_template.cmd_per_lun = sdebug_max_queue; 8276 if (!sdebug_clustering) 8277 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1; 8278 8279 hpnt = scsi_host_alloc(&sdebug_driver_template, 0); 8280 if (NULL == hpnt) { 8281 pr_err("scsi_host_alloc failed\n"); 8282 error = -ENODEV; 8283 return error; 8284 } 8285 if (submit_queues > nr_cpu_ids) { 8286 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n", 8287 my_name, submit_queues, nr_cpu_ids); 8288 submit_queues = nr_cpu_ids; 8289 } 8290 /* 8291 * Decide whether to tell scsi subsystem that we want mq. The 8292 * following should give the same answer for each host. 8293 */ 8294 hpnt->nr_hw_queues = submit_queues; 8295 if (sdebug_host_max_queue) 8296 hpnt->host_tagset = 1; 8297 8298 /* poll queues are possible for nr_hw_queues > 1 */ 8299 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) { 8300 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n", 8301 my_name, poll_queues, hpnt->nr_hw_queues); 8302 poll_queues = 0; 8303 } 8304 8305 /* 8306 * Poll queues don't need interrupts, but we need at least one I/O queue 8307 * left over for non-polled I/O. 8308 * If condition not met, trim poll_queues to 1 (just for simplicity). 8309 */ 8310 if (poll_queues >= submit_queues) { 8311 if (submit_queues < 3) 8312 pr_warn("%s: trim poll_queues to 1\n", my_name); 8313 else 8314 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n", 8315 my_name, submit_queues - 1); 8316 poll_queues = 1; 8317 } 8318 if (poll_queues) 8319 hpnt->nr_maps = 3; 8320 8321 sdbg_host->shost = hpnt; 8322 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id)) 8323 hpnt->max_id = sdebug_num_tgts + 1; 8324 else 8325 hpnt->max_id = sdebug_num_tgts; 8326 /* = sdebug_max_luns; */ 8327 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1; 8328 8329 hprot = 0; 8330 8331 switch (sdebug_dif) { 8332 8333 case T10_PI_TYPE1_PROTECTION: 8334 hprot = SHOST_DIF_TYPE1_PROTECTION; 8335 if (sdebug_dix) 8336 hprot |= SHOST_DIX_TYPE1_PROTECTION; 8337 break; 8338 8339 case T10_PI_TYPE2_PROTECTION: 8340 hprot = SHOST_DIF_TYPE2_PROTECTION; 8341 if (sdebug_dix) 8342 hprot |= SHOST_DIX_TYPE2_PROTECTION; 8343 break; 8344 8345 case T10_PI_TYPE3_PROTECTION: 8346 hprot = SHOST_DIF_TYPE3_PROTECTION; 8347 if (sdebug_dix) 8348 hprot |= SHOST_DIX_TYPE3_PROTECTION; 8349 break; 8350 8351 default: 8352 if (sdebug_dix) 8353 hprot |= SHOST_DIX_TYPE0_PROTECTION; 8354 break; 8355 } 8356 8357 scsi_host_set_prot(hpnt, hprot); 8358 8359 if (have_dif_prot || sdebug_dix) 8360 pr_info("host protection%s%s%s%s%s%s%s\n", 8361 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "", 8362 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "", 8363 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "", 8364 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "", 8365 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "", 8366 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "", 8367 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : ""); 8368 8369 if (sdebug_guard == 1) 8370 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP); 8371 else 8372 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC); 8373 8374 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts); 8375 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts); 8376 if (sdebug_every_nth) /* need stats counters for every_nth */ 8377 sdebug_statistics = true; 8378 error = scsi_add_host(hpnt, &sdbg_host->dev); 8379 if (error) { 8380 pr_err("scsi_add_host failed\n"); 8381 error = -ENODEV; 8382 scsi_host_put(hpnt); 8383 } else { 8384 scsi_scan_host(hpnt); 8385 } 8386 8387 return error; 8388 } 8389 8390 static void sdebug_driver_remove(struct device *dev) 8391 { 8392 struct sdebug_host_info *sdbg_host; 8393 struct sdebug_dev_info *sdbg_devinfo, *tmp; 8394 8395 sdbg_host = dev_to_sdebug_host(dev); 8396 8397 scsi_remove_host(sdbg_host->shost); 8398 8399 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list, 8400 dev_list) { 8401 list_del(&sdbg_devinfo->dev_list); 8402 kfree(sdbg_devinfo->zstate); 8403 kfree(sdbg_devinfo); 8404 } 8405 8406 scsi_host_put(sdbg_host->shost); 8407 } 8408 8409 static struct bus_type pseudo_lld_bus = { 8410 .name = "pseudo", 8411 .probe = sdebug_driver_probe, 8412 .remove = sdebug_driver_remove, 8413 .drv_groups = sdebug_drv_groups, 8414 }; 8415