1 /******************************************************************************* 2 * Filename: target_core_transport.c 3 * 4 * This file contains the Generic Target Engine Core. 5 * 6 * Copyright (c) 2002, 2003, 2004, 2005 PyX Technologies, Inc. 7 * Copyright (c) 2005, 2006, 2007 SBE, Inc. 8 * Copyright (c) 2007-2010 Rising Tide Systems 9 * Copyright (c) 2008-2010 Linux-iSCSI.org 10 * 11 * Nicholas A. Bellinger <nab@kernel.org> 12 * 13 * This program is free software; you can redistribute it and/or modify 14 * it under the terms of the GNU General Public License as published by 15 * the Free Software Foundation; either version 2 of the License, or 16 * (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program; if not, write to the Free Software 25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 26 * 27 ******************************************************************************/ 28 29 #include <linux/net.h> 30 #include <linux/delay.h> 31 #include <linux/string.h> 32 #include <linux/timer.h> 33 #include <linux/slab.h> 34 #include <linux/blkdev.h> 35 #include <linux/spinlock.h> 36 #include <linux/kthread.h> 37 #include <linux/in.h> 38 #include <linux/cdrom.h> 39 #include <linux/module.h> 40 #include <asm/unaligned.h> 41 #include <net/sock.h> 42 #include <net/tcp.h> 43 #include <scsi/scsi.h> 44 #include <scsi/scsi_cmnd.h> 45 #include <scsi/scsi_tcq.h> 46 47 #include <target/target_core_base.h> 48 #include <target/target_core_backend.h> 49 #include <target/target_core_fabric.h> 50 #include <target/target_core_configfs.h> 51 52 #include "target_core_internal.h" 53 #include "target_core_alua.h" 54 #include "target_core_pr.h" 55 #include "target_core_ua.h" 56 57 static int sub_api_initialized; 58 59 static struct workqueue_struct *target_completion_wq; 60 static struct kmem_cache *se_sess_cache; 61 struct kmem_cache *se_tmr_req_cache; 62 struct kmem_cache *se_ua_cache; 63 struct kmem_cache *t10_pr_reg_cache; 64 struct kmem_cache *t10_alua_lu_gp_cache; 65 struct kmem_cache *t10_alua_lu_gp_mem_cache; 66 struct kmem_cache *t10_alua_tg_pt_gp_cache; 67 struct kmem_cache *t10_alua_tg_pt_gp_mem_cache; 68 69 static int transport_generic_write_pending(struct se_cmd *); 70 static int transport_processing_thread(void *param); 71 static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *); 72 static void transport_complete_task_attr(struct se_cmd *cmd); 73 static void transport_handle_queue_full(struct se_cmd *cmd, 74 struct se_device *dev); 75 static void transport_free_dev_tasks(struct se_cmd *cmd); 76 static int transport_generic_get_mem(struct se_cmd *cmd); 77 static void transport_put_cmd(struct se_cmd *cmd); 78 static void transport_remove_cmd_from_queue(struct se_cmd *cmd); 79 static int transport_set_sense_codes(struct se_cmd *cmd, u8 asc, u8 ascq); 80 static void transport_generic_request_failure(struct se_cmd *); 81 static void target_complete_ok_work(struct work_struct *work); 82 83 int init_se_kmem_caches(void) 84 { 85 se_tmr_req_cache = kmem_cache_create("se_tmr_cache", 86 sizeof(struct se_tmr_req), __alignof__(struct se_tmr_req), 87 0, NULL); 88 if (!se_tmr_req_cache) { 89 pr_err("kmem_cache_create() for struct se_tmr_req" 90 " failed\n"); 91 goto out; 92 } 93 se_sess_cache = kmem_cache_create("se_sess_cache", 94 sizeof(struct se_session), __alignof__(struct se_session), 95 0, NULL); 96 if (!se_sess_cache) { 97 pr_err("kmem_cache_create() for struct se_session" 98 " failed\n"); 99 goto out_free_tmr_req_cache; 100 } 101 se_ua_cache = kmem_cache_create("se_ua_cache", 102 sizeof(struct se_ua), __alignof__(struct se_ua), 103 0, NULL); 104 if (!se_ua_cache) { 105 pr_err("kmem_cache_create() for struct se_ua failed\n"); 106 goto out_free_sess_cache; 107 } 108 t10_pr_reg_cache = kmem_cache_create("t10_pr_reg_cache", 109 sizeof(struct t10_pr_registration), 110 __alignof__(struct t10_pr_registration), 0, NULL); 111 if (!t10_pr_reg_cache) { 112 pr_err("kmem_cache_create() for struct t10_pr_registration" 113 " failed\n"); 114 goto out_free_ua_cache; 115 } 116 t10_alua_lu_gp_cache = kmem_cache_create("t10_alua_lu_gp_cache", 117 sizeof(struct t10_alua_lu_gp), __alignof__(struct t10_alua_lu_gp), 118 0, NULL); 119 if (!t10_alua_lu_gp_cache) { 120 pr_err("kmem_cache_create() for t10_alua_lu_gp_cache" 121 " failed\n"); 122 goto out_free_pr_reg_cache; 123 } 124 t10_alua_lu_gp_mem_cache = kmem_cache_create("t10_alua_lu_gp_mem_cache", 125 sizeof(struct t10_alua_lu_gp_member), 126 __alignof__(struct t10_alua_lu_gp_member), 0, NULL); 127 if (!t10_alua_lu_gp_mem_cache) { 128 pr_err("kmem_cache_create() for t10_alua_lu_gp_mem_" 129 "cache failed\n"); 130 goto out_free_lu_gp_cache; 131 } 132 t10_alua_tg_pt_gp_cache = kmem_cache_create("t10_alua_tg_pt_gp_cache", 133 sizeof(struct t10_alua_tg_pt_gp), 134 __alignof__(struct t10_alua_tg_pt_gp), 0, NULL); 135 if (!t10_alua_tg_pt_gp_cache) { 136 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_" 137 "cache failed\n"); 138 goto out_free_lu_gp_mem_cache; 139 } 140 t10_alua_tg_pt_gp_mem_cache = kmem_cache_create( 141 "t10_alua_tg_pt_gp_mem_cache", 142 sizeof(struct t10_alua_tg_pt_gp_member), 143 __alignof__(struct t10_alua_tg_pt_gp_member), 144 0, NULL); 145 if (!t10_alua_tg_pt_gp_mem_cache) { 146 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_" 147 "mem_t failed\n"); 148 goto out_free_tg_pt_gp_cache; 149 } 150 151 target_completion_wq = alloc_workqueue("target_completion", 152 WQ_MEM_RECLAIM, 0); 153 if (!target_completion_wq) 154 goto out_free_tg_pt_gp_mem_cache; 155 156 return 0; 157 158 out_free_tg_pt_gp_mem_cache: 159 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache); 160 out_free_tg_pt_gp_cache: 161 kmem_cache_destroy(t10_alua_tg_pt_gp_cache); 162 out_free_lu_gp_mem_cache: 163 kmem_cache_destroy(t10_alua_lu_gp_mem_cache); 164 out_free_lu_gp_cache: 165 kmem_cache_destroy(t10_alua_lu_gp_cache); 166 out_free_pr_reg_cache: 167 kmem_cache_destroy(t10_pr_reg_cache); 168 out_free_ua_cache: 169 kmem_cache_destroy(se_ua_cache); 170 out_free_sess_cache: 171 kmem_cache_destroy(se_sess_cache); 172 out_free_tmr_req_cache: 173 kmem_cache_destroy(se_tmr_req_cache); 174 out: 175 return -ENOMEM; 176 } 177 178 void release_se_kmem_caches(void) 179 { 180 destroy_workqueue(target_completion_wq); 181 kmem_cache_destroy(se_tmr_req_cache); 182 kmem_cache_destroy(se_sess_cache); 183 kmem_cache_destroy(se_ua_cache); 184 kmem_cache_destroy(t10_pr_reg_cache); 185 kmem_cache_destroy(t10_alua_lu_gp_cache); 186 kmem_cache_destroy(t10_alua_lu_gp_mem_cache); 187 kmem_cache_destroy(t10_alua_tg_pt_gp_cache); 188 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache); 189 } 190 191 /* This code ensures unique mib indexes are handed out. */ 192 static DEFINE_SPINLOCK(scsi_mib_index_lock); 193 static u32 scsi_mib_index[SCSI_INDEX_TYPE_MAX]; 194 195 /* 196 * Allocate a new row index for the entry type specified 197 */ 198 u32 scsi_get_new_index(scsi_index_t type) 199 { 200 u32 new_index; 201 202 BUG_ON((type < 0) || (type >= SCSI_INDEX_TYPE_MAX)); 203 204 spin_lock(&scsi_mib_index_lock); 205 new_index = ++scsi_mib_index[type]; 206 spin_unlock(&scsi_mib_index_lock); 207 208 return new_index; 209 } 210 211 static void transport_init_queue_obj(struct se_queue_obj *qobj) 212 { 213 atomic_set(&qobj->queue_cnt, 0); 214 INIT_LIST_HEAD(&qobj->qobj_list); 215 init_waitqueue_head(&qobj->thread_wq); 216 spin_lock_init(&qobj->cmd_queue_lock); 217 } 218 219 void transport_subsystem_check_init(void) 220 { 221 int ret; 222 223 if (sub_api_initialized) 224 return; 225 226 ret = request_module("target_core_iblock"); 227 if (ret != 0) 228 pr_err("Unable to load target_core_iblock\n"); 229 230 ret = request_module("target_core_file"); 231 if (ret != 0) 232 pr_err("Unable to load target_core_file\n"); 233 234 ret = request_module("target_core_pscsi"); 235 if (ret != 0) 236 pr_err("Unable to load target_core_pscsi\n"); 237 238 ret = request_module("target_core_stgt"); 239 if (ret != 0) 240 pr_err("Unable to load target_core_stgt\n"); 241 242 sub_api_initialized = 1; 243 return; 244 } 245 246 struct se_session *transport_init_session(void) 247 { 248 struct se_session *se_sess; 249 250 se_sess = kmem_cache_zalloc(se_sess_cache, GFP_KERNEL); 251 if (!se_sess) { 252 pr_err("Unable to allocate struct se_session from" 253 " se_sess_cache\n"); 254 return ERR_PTR(-ENOMEM); 255 } 256 INIT_LIST_HEAD(&se_sess->sess_list); 257 INIT_LIST_HEAD(&se_sess->sess_acl_list); 258 INIT_LIST_HEAD(&se_sess->sess_cmd_list); 259 INIT_LIST_HEAD(&se_sess->sess_wait_list); 260 spin_lock_init(&se_sess->sess_cmd_lock); 261 262 return se_sess; 263 } 264 EXPORT_SYMBOL(transport_init_session); 265 266 /* 267 * Called with spin_lock_bh(&struct se_portal_group->session_lock called. 268 */ 269 void __transport_register_session( 270 struct se_portal_group *se_tpg, 271 struct se_node_acl *se_nacl, 272 struct se_session *se_sess, 273 void *fabric_sess_ptr) 274 { 275 unsigned char buf[PR_REG_ISID_LEN]; 276 277 se_sess->se_tpg = se_tpg; 278 se_sess->fabric_sess_ptr = fabric_sess_ptr; 279 /* 280 * Used by struct se_node_acl's under ConfigFS to locate active se_session-t 281 * 282 * Only set for struct se_session's that will actually be moving I/O. 283 * eg: *NOT* discovery sessions. 284 */ 285 if (se_nacl) { 286 /* 287 * If the fabric module supports an ISID based TransportID, 288 * save this value in binary from the fabric I_T Nexus now. 289 */ 290 if (se_tpg->se_tpg_tfo->sess_get_initiator_sid != NULL) { 291 memset(&buf[0], 0, PR_REG_ISID_LEN); 292 se_tpg->se_tpg_tfo->sess_get_initiator_sid(se_sess, 293 &buf[0], PR_REG_ISID_LEN); 294 se_sess->sess_bin_isid = get_unaligned_be64(&buf[0]); 295 } 296 spin_lock_irq(&se_nacl->nacl_sess_lock); 297 /* 298 * The se_nacl->nacl_sess pointer will be set to the 299 * last active I_T Nexus for each struct se_node_acl. 300 */ 301 se_nacl->nacl_sess = se_sess; 302 303 list_add_tail(&se_sess->sess_acl_list, 304 &se_nacl->acl_sess_list); 305 spin_unlock_irq(&se_nacl->nacl_sess_lock); 306 } 307 list_add_tail(&se_sess->sess_list, &se_tpg->tpg_sess_list); 308 309 pr_debug("TARGET_CORE[%s]: Registered fabric_sess_ptr: %p\n", 310 se_tpg->se_tpg_tfo->get_fabric_name(), se_sess->fabric_sess_ptr); 311 } 312 EXPORT_SYMBOL(__transport_register_session); 313 314 void transport_register_session( 315 struct se_portal_group *se_tpg, 316 struct se_node_acl *se_nacl, 317 struct se_session *se_sess, 318 void *fabric_sess_ptr) 319 { 320 spin_lock_bh(&se_tpg->session_lock); 321 __transport_register_session(se_tpg, se_nacl, se_sess, fabric_sess_ptr); 322 spin_unlock_bh(&se_tpg->session_lock); 323 } 324 EXPORT_SYMBOL(transport_register_session); 325 326 void transport_deregister_session_configfs(struct se_session *se_sess) 327 { 328 struct se_node_acl *se_nacl; 329 unsigned long flags; 330 /* 331 * Used by struct se_node_acl's under ConfigFS to locate active struct se_session 332 */ 333 se_nacl = se_sess->se_node_acl; 334 if (se_nacl) { 335 spin_lock_irqsave(&se_nacl->nacl_sess_lock, flags); 336 list_del(&se_sess->sess_acl_list); 337 /* 338 * If the session list is empty, then clear the pointer. 339 * Otherwise, set the struct se_session pointer from the tail 340 * element of the per struct se_node_acl active session list. 341 */ 342 if (list_empty(&se_nacl->acl_sess_list)) 343 se_nacl->nacl_sess = NULL; 344 else { 345 se_nacl->nacl_sess = container_of( 346 se_nacl->acl_sess_list.prev, 347 struct se_session, sess_acl_list); 348 } 349 spin_unlock_irqrestore(&se_nacl->nacl_sess_lock, flags); 350 } 351 } 352 EXPORT_SYMBOL(transport_deregister_session_configfs); 353 354 void transport_free_session(struct se_session *se_sess) 355 { 356 kmem_cache_free(se_sess_cache, se_sess); 357 } 358 EXPORT_SYMBOL(transport_free_session); 359 360 void transport_deregister_session(struct se_session *se_sess) 361 { 362 struct se_portal_group *se_tpg = se_sess->se_tpg; 363 struct se_node_acl *se_nacl; 364 unsigned long flags; 365 366 if (!se_tpg) { 367 transport_free_session(se_sess); 368 return; 369 } 370 371 spin_lock_irqsave(&se_tpg->session_lock, flags); 372 list_del(&se_sess->sess_list); 373 se_sess->se_tpg = NULL; 374 se_sess->fabric_sess_ptr = NULL; 375 spin_unlock_irqrestore(&se_tpg->session_lock, flags); 376 377 /* 378 * Determine if we need to do extra work for this initiator node's 379 * struct se_node_acl if it had been previously dynamically generated. 380 */ 381 se_nacl = se_sess->se_node_acl; 382 if (se_nacl) { 383 spin_lock_irqsave(&se_tpg->acl_node_lock, flags); 384 if (se_nacl->dynamic_node_acl) { 385 if (!se_tpg->se_tpg_tfo->tpg_check_demo_mode_cache( 386 se_tpg)) { 387 list_del(&se_nacl->acl_list); 388 se_tpg->num_node_acls--; 389 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags); 390 391 core_tpg_wait_for_nacl_pr_ref(se_nacl); 392 core_free_device_list_for_node(se_nacl, se_tpg); 393 se_tpg->se_tpg_tfo->tpg_release_fabric_acl(se_tpg, 394 se_nacl); 395 spin_lock_irqsave(&se_tpg->acl_node_lock, flags); 396 } 397 } 398 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags); 399 } 400 401 transport_free_session(se_sess); 402 403 pr_debug("TARGET_CORE[%s]: Deregistered fabric_sess\n", 404 se_tpg->se_tpg_tfo->get_fabric_name()); 405 } 406 EXPORT_SYMBOL(transport_deregister_session); 407 408 /* 409 * Called with cmd->t_state_lock held. 410 */ 411 static void transport_all_task_dev_remove_state(struct se_cmd *cmd) 412 { 413 struct se_device *dev = cmd->se_dev; 414 struct se_task *task; 415 unsigned long flags; 416 417 if (!dev) 418 return; 419 420 list_for_each_entry(task, &cmd->t_task_list, t_list) { 421 if (task->task_flags & TF_ACTIVE) 422 continue; 423 424 spin_lock_irqsave(&dev->execute_task_lock, flags); 425 if (task->t_state_active) { 426 pr_debug("Removed ITT: 0x%08x dev: %p task[%p]\n", 427 cmd->se_tfo->get_task_tag(cmd), dev, task); 428 429 list_del(&task->t_state_list); 430 atomic_dec(&cmd->t_task_cdbs_ex_left); 431 task->t_state_active = false; 432 } 433 spin_unlock_irqrestore(&dev->execute_task_lock, flags); 434 } 435 436 } 437 438 /* transport_cmd_check_stop(): 439 * 440 * 'transport_off = 1' determines if t_transport_active should be cleared. 441 * 'transport_off = 2' determines if task_dev_state should be removed. 442 * 443 * A non-zero u8 t_state sets cmd->t_state. 444 * Returns 1 when command is stopped, else 0. 445 */ 446 static int transport_cmd_check_stop( 447 struct se_cmd *cmd, 448 int transport_off, 449 u8 t_state) 450 { 451 unsigned long flags; 452 453 spin_lock_irqsave(&cmd->t_state_lock, flags); 454 /* 455 * Determine if IOCTL context caller in requesting the stopping of this 456 * command for LUN shutdown purposes. 457 */ 458 if (atomic_read(&cmd->transport_lun_stop)) { 459 pr_debug("%s:%d atomic_read(&cmd->transport_lun_stop)" 460 " == TRUE for ITT: 0x%08x\n", __func__, __LINE__, 461 cmd->se_tfo->get_task_tag(cmd)); 462 463 atomic_set(&cmd->t_transport_active, 0); 464 if (transport_off == 2) 465 transport_all_task_dev_remove_state(cmd); 466 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 467 468 complete(&cmd->transport_lun_stop_comp); 469 return 1; 470 } 471 /* 472 * Determine if frontend context caller is requesting the stopping of 473 * this command for frontend exceptions. 474 */ 475 if (atomic_read(&cmd->t_transport_stop)) { 476 pr_debug("%s:%d atomic_read(&cmd->t_transport_stop) ==" 477 " TRUE for ITT: 0x%08x\n", __func__, __LINE__, 478 cmd->se_tfo->get_task_tag(cmd)); 479 480 if (transport_off == 2) 481 transport_all_task_dev_remove_state(cmd); 482 483 /* 484 * Clear struct se_cmd->se_lun before the transport_off == 2 handoff 485 * to FE. 486 */ 487 if (transport_off == 2) 488 cmd->se_lun = NULL; 489 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 490 491 complete(&cmd->t_transport_stop_comp); 492 return 1; 493 } 494 if (transport_off) { 495 atomic_set(&cmd->t_transport_active, 0); 496 if (transport_off == 2) { 497 transport_all_task_dev_remove_state(cmd); 498 /* 499 * Clear struct se_cmd->se_lun before the transport_off == 2 500 * handoff to fabric module. 501 */ 502 cmd->se_lun = NULL; 503 /* 504 * Some fabric modules like tcm_loop can release 505 * their internally allocated I/O reference now and 506 * struct se_cmd now. 507 * 508 * Fabric modules are expected to return '1' here if the 509 * se_cmd being passed is released at this point, 510 * or zero if not being released. 511 */ 512 if (cmd->se_tfo->check_stop_free != NULL) { 513 spin_unlock_irqrestore( 514 &cmd->t_state_lock, flags); 515 516 return cmd->se_tfo->check_stop_free(cmd); 517 } 518 } 519 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 520 521 return 0; 522 } else if (t_state) 523 cmd->t_state = t_state; 524 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 525 526 return 0; 527 } 528 529 static int transport_cmd_check_stop_to_fabric(struct se_cmd *cmd) 530 { 531 return transport_cmd_check_stop(cmd, 2, 0); 532 } 533 534 static void transport_lun_remove_cmd(struct se_cmd *cmd) 535 { 536 struct se_lun *lun = cmd->se_lun; 537 unsigned long flags; 538 539 if (!lun) 540 return; 541 542 spin_lock_irqsave(&cmd->t_state_lock, flags); 543 if (!atomic_read(&cmd->transport_dev_active)) { 544 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 545 goto check_lun; 546 } 547 atomic_set(&cmd->transport_dev_active, 0); 548 transport_all_task_dev_remove_state(cmd); 549 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 550 551 552 check_lun: 553 spin_lock_irqsave(&lun->lun_cmd_lock, flags); 554 if (atomic_read(&cmd->transport_lun_active)) { 555 list_del(&cmd->se_lun_node); 556 atomic_set(&cmd->transport_lun_active, 0); 557 #if 0 558 pr_debug("Removed ITT: 0x%08x from LUN LIST[%d]\n" 559 cmd->se_tfo->get_task_tag(cmd), lun->unpacked_lun); 560 #endif 561 } 562 spin_unlock_irqrestore(&lun->lun_cmd_lock, flags); 563 } 564 565 void transport_cmd_finish_abort(struct se_cmd *cmd, int remove) 566 { 567 if (!cmd->se_tmr_req) 568 transport_lun_remove_cmd(cmd); 569 570 if (transport_cmd_check_stop_to_fabric(cmd)) 571 return; 572 if (remove) { 573 transport_remove_cmd_from_queue(cmd); 574 transport_put_cmd(cmd); 575 } 576 } 577 578 static void transport_add_cmd_to_queue(struct se_cmd *cmd, int t_state, 579 bool at_head) 580 { 581 struct se_device *dev = cmd->se_dev; 582 struct se_queue_obj *qobj = &dev->dev_queue_obj; 583 unsigned long flags; 584 585 if (t_state) { 586 spin_lock_irqsave(&cmd->t_state_lock, flags); 587 cmd->t_state = t_state; 588 atomic_set(&cmd->t_transport_active, 1); 589 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 590 } 591 592 spin_lock_irqsave(&qobj->cmd_queue_lock, flags); 593 594 /* If the cmd is already on the list, remove it before we add it */ 595 if (!list_empty(&cmd->se_queue_node)) 596 list_del(&cmd->se_queue_node); 597 else 598 atomic_inc(&qobj->queue_cnt); 599 600 if (at_head) 601 list_add(&cmd->se_queue_node, &qobj->qobj_list); 602 else 603 list_add_tail(&cmd->se_queue_node, &qobj->qobj_list); 604 atomic_set(&cmd->t_transport_queue_active, 1); 605 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags); 606 607 wake_up_interruptible(&qobj->thread_wq); 608 } 609 610 static struct se_cmd * 611 transport_get_cmd_from_queue(struct se_queue_obj *qobj) 612 { 613 struct se_cmd *cmd; 614 unsigned long flags; 615 616 spin_lock_irqsave(&qobj->cmd_queue_lock, flags); 617 if (list_empty(&qobj->qobj_list)) { 618 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags); 619 return NULL; 620 } 621 cmd = list_first_entry(&qobj->qobj_list, struct se_cmd, se_queue_node); 622 623 atomic_set(&cmd->t_transport_queue_active, 0); 624 625 list_del_init(&cmd->se_queue_node); 626 atomic_dec(&qobj->queue_cnt); 627 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags); 628 629 return cmd; 630 } 631 632 static void transport_remove_cmd_from_queue(struct se_cmd *cmd) 633 { 634 struct se_queue_obj *qobj = &cmd->se_dev->dev_queue_obj; 635 unsigned long flags; 636 637 spin_lock_irqsave(&qobj->cmd_queue_lock, flags); 638 if (!atomic_read(&cmd->t_transport_queue_active)) { 639 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags); 640 return; 641 } 642 atomic_set(&cmd->t_transport_queue_active, 0); 643 atomic_dec(&qobj->queue_cnt); 644 list_del_init(&cmd->se_queue_node); 645 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags); 646 647 if (atomic_read(&cmd->t_transport_queue_active)) { 648 pr_err("ITT: 0x%08x t_transport_queue_active: %d\n", 649 cmd->se_tfo->get_task_tag(cmd), 650 atomic_read(&cmd->t_transport_queue_active)); 651 } 652 } 653 654 /* 655 * Completion function used by TCM subsystem plugins (such as FILEIO) 656 * for queueing up response from struct se_subsystem_api->do_task() 657 */ 658 void transport_complete_sync_cache(struct se_cmd *cmd, int good) 659 { 660 struct se_task *task = list_entry(cmd->t_task_list.next, 661 struct se_task, t_list); 662 663 if (good) { 664 cmd->scsi_status = SAM_STAT_GOOD; 665 task->task_scsi_status = GOOD; 666 } else { 667 task->task_scsi_status = SAM_STAT_CHECK_CONDITION; 668 task->task_se_cmd->scsi_sense_reason = 669 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; 670 671 } 672 673 transport_complete_task(task, good); 674 } 675 EXPORT_SYMBOL(transport_complete_sync_cache); 676 677 static void target_complete_failure_work(struct work_struct *work) 678 { 679 struct se_cmd *cmd = container_of(work, struct se_cmd, work); 680 681 transport_generic_request_failure(cmd); 682 } 683 684 /* transport_complete_task(): 685 * 686 * Called from interrupt and non interrupt context depending 687 * on the transport plugin. 688 */ 689 void transport_complete_task(struct se_task *task, int success) 690 { 691 struct se_cmd *cmd = task->task_se_cmd; 692 struct se_device *dev = cmd->se_dev; 693 unsigned long flags; 694 695 spin_lock_irqsave(&cmd->t_state_lock, flags); 696 task->task_flags &= ~TF_ACTIVE; 697 698 /* 699 * See if any sense data exists, if so set the TASK_SENSE flag. 700 * Also check for any other post completion work that needs to be 701 * done by the plugins. 702 */ 703 if (dev && dev->transport->transport_complete) { 704 if (dev->transport->transport_complete(task) != 0) { 705 cmd->se_cmd_flags |= SCF_TRANSPORT_TASK_SENSE; 706 task->task_flags |= TF_HAS_SENSE; 707 success = 1; 708 } 709 } 710 711 /* 712 * See if we are waiting for outstanding struct se_task 713 * to complete for an exception condition 714 */ 715 if (task->task_flags & TF_REQUEST_STOP) { 716 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 717 complete(&task->task_stop_comp); 718 return; 719 } 720 721 if (!success) 722 cmd->t_tasks_failed = 1; 723 724 /* 725 * Decrement the outstanding t_task_cdbs_left count. The last 726 * struct se_task from struct se_cmd will complete itself into the 727 * device queue depending upon int success. 728 */ 729 if (!atomic_dec_and_test(&cmd->t_task_cdbs_left)) { 730 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 731 return; 732 } 733 734 if (cmd->t_tasks_failed) { 735 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; 736 INIT_WORK(&cmd->work, target_complete_failure_work); 737 } else { 738 atomic_set(&cmd->t_transport_complete, 1); 739 INIT_WORK(&cmd->work, target_complete_ok_work); 740 } 741 742 cmd->t_state = TRANSPORT_COMPLETE; 743 atomic_set(&cmd->t_transport_active, 1); 744 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 745 746 queue_work(target_completion_wq, &cmd->work); 747 } 748 EXPORT_SYMBOL(transport_complete_task); 749 750 /* 751 * Called by transport_add_tasks_from_cmd() once a struct se_cmd's 752 * struct se_task list are ready to be added to the active execution list 753 * struct se_device 754 755 * Called with se_dev_t->execute_task_lock called. 756 */ 757 static inline int transport_add_task_check_sam_attr( 758 struct se_task *task, 759 struct se_task *task_prev, 760 struct se_device *dev) 761 { 762 /* 763 * No SAM Task attribute emulation enabled, add to tail of 764 * execution queue 765 */ 766 if (dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED) { 767 list_add_tail(&task->t_execute_list, &dev->execute_task_list); 768 return 0; 769 } 770 /* 771 * HEAD_OF_QUEUE attribute for received CDB, which means 772 * the first task that is associated with a struct se_cmd goes to 773 * head of the struct se_device->execute_task_list, and task_prev 774 * after that for each subsequent task 775 */ 776 if (task->task_se_cmd->sam_task_attr == MSG_HEAD_TAG) { 777 list_add(&task->t_execute_list, 778 (task_prev != NULL) ? 779 &task_prev->t_execute_list : 780 &dev->execute_task_list); 781 782 pr_debug("Set HEAD_OF_QUEUE for task CDB: 0x%02x" 783 " in execution queue\n", 784 task->task_se_cmd->t_task_cdb[0]); 785 return 1; 786 } 787 /* 788 * For ORDERED, SIMPLE or UNTAGGED attribute tasks once they have been 789 * transitioned from Dermant -> Active state, and are added to the end 790 * of the struct se_device->execute_task_list 791 */ 792 list_add_tail(&task->t_execute_list, &dev->execute_task_list); 793 return 0; 794 } 795 796 /* __transport_add_task_to_execute_queue(): 797 * 798 * Called with se_dev_t->execute_task_lock called. 799 */ 800 static void __transport_add_task_to_execute_queue( 801 struct se_task *task, 802 struct se_task *task_prev, 803 struct se_device *dev) 804 { 805 int head_of_queue; 806 807 head_of_queue = transport_add_task_check_sam_attr(task, task_prev, dev); 808 atomic_inc(&dev->execute_tasks); 809 810 if (task->t_state_active) 811 return; 812 /* 813 * Determine if this task needs to go to HEAD_OF_QUEUE for the 814 * state list as well. Running with SAM Task Attribute emulation 815 * will always return head_of_queue == 0 here 816 */ 817 if (head_of_queue) 818 list_add(&task->t_state_list, (task_prev) ? 819 &task_prev->t_state_list : 820 &dev->state_task_list); 821 else 822 list_add_tail(&task->t_state_list, &dev->state_task_list); 823 824 task->t_state_active = true; 825 826 pr_debug("Added ITT: 0x%08x task[%p] to dev: %p\n", 827 task->task_se_cmd->se_tfo->get_task_tag(task->task_se_cmd), 828 task, dev); 829 } 830 831 static void transport_add_tasks_to_state_queue(struct se_cmd *cmd) 832 { 833 struct se_device *dev = cmd->se_dev; 834 struct se_task *task; 835 unsigned long flags; 836 837 spin_lock_irqsave(&cmd->t_state_lock, flags); 838 list_for_each_entry(task, &cmd->t_task_list, t_list) { 839 spin_lock(&dev->execute_task_lock); 840 if (!task->t_state_active) { 841 list_add_tail(&task->t_state_list, 842 &dev->state_task_list); 843 task->t_state_active = true; 844 845 pr_debug("Added ITT: 0x%08x task[%p] to dev: %p\n", 846 task->task_se_cmd->se_tfo->get_task_tag( 847 task->task_se_cmd), task, dev); 848 } 849 spin_unlock(&dev->execute_task_lock); 850 } 851 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 852 } 853 854 static void __transport_add_tasks_from_cmd(struct se_cmd *cmd) 855 { 856 struct se_device *dev = cmd->se_dev; 857 struct se_task *task, *task_prev = NULL; 858 859 list_for_each_entry(task, &cmd->t_task_list, t_list) { 860 if (!list_empty(&task->t_execute_list)) 861 continue; 862 /* 863 * __transport_add_task_to_execute_queue() handles the 864 * SAM Task Attribute emulation if enabled 865 */ 866 __transport_add_task_to_execute_queue(task, task_prev, dev); 867 task_prev = task; 868 } 869 } 870 871 static void transport_add_tasks_from_cmd(struct se_cmd *cmd) 872 { 873 unsigned long flags; 874 struct se_device *dev = cmd->se_dev; 875 876 spin_lock_irqsave(&dev->execute_task_lock, flags); 877 __transport_add_tasks_from_cmd(cmd); 878 spin_unlock_irqrestore(&dev->execute_task_lock, flags); 879 } 880 881 void __transport_remove_task_from_execute_queue(struct se_task *task, 882 struct se_device *dev) 883 { 884 list_del_init(&task->t_execute_list); 885 atomic_dec(&dev->execute_tasks); 886 } 887 888 static void transport_remove_task_from_execute_queue( 889 struct se_task *task, 890 struct se_device *dev) 891 { 892 unsigned long flags; 893 894 if (WARN_ON(list_empty(&task->t_execute_list))) 895 return; 896 897 spin_lock_irqsave(&dev->execute_task_lock, flags); 898 __transport_remove_task_from_execute_queue(task, dev); 899 spin_unlock_irqrestore(&dev->execute_task_lock, flags); 900 } 901 902 /* 903 * Handle QUEUE_FULL / -EAGAIN and -ENOMEM status 904 */ 905 906 static void target_qf_do_work(struct work_struct *work) 907 { 908 struct se_device *dev = container_of(work, struct se_device, 909 qf_work_queue); 910 LIST_HEAD(qf_cmd_list); 911 struct se_cmd *cmd, *cmd_tmp; 912 913 spin_lock_irq(&dev->qf_cmd_lock); 914 list_splice_init(&dev->qf_cmd_list, &qf_cmd_list); 915 spin_unlock_irq(&dev->qf_cmd_lock); 916 917 list_for_each_entry_safe(cmd, cmd_tmp, &qf_cmd_list, se_qf_node) { 918 list_del(&cmd->se_qf_node); 919 atomic_dec(&dev->dev_qf_count); 920 smp_mb__after_atomic_dec(); 921 922 pr_debug("Processing %s cmd: %p QUEUE_FULL in work queue" 923 " context: %s\n", cmd->se_tfo->get_fabric_name(), cmd, 924 (cmd->t_state == TRANSPORT_COMPLETE_QF_OK) ? "COMPLETE_OK" : 925 (cmd->t_state == TRANSPORT_COMPLETE_QF_WP) ? "WRITE_PENDING" 926 : "UNKNOWN"); 927 928 transport_add_cmd_to_queue(cmd, cmd->t_state, true); 929 } 930 } 931 932 unsigned char *transport_dump_cmd_direction(struct se_cmd *cmd) 933 { 934 switch (cmd->data_direction) { 935 case DMA_NONE: 936 return "NONE"; 937 case DMA_FROM_DEVICE: 938 return "READ"; 939 case DMA_TO_DEVICE: 940 return "WRITE"; 941 case DMA_BIDIRECTIONAL: 942 return "BIDI"; 943 default: 944 break; 945 } 946 947 return "UNKNOWN"; 948 } 949 950 void transport_dump_dev_state( 951 struct se_device *dev, 952 char *b, 953 int *bl) 954 { 955 *bl += sprintf(b + *bl, "Status: "); 956 switch (dev->dev_status) { 957 case TRANSPORT_DEVICE_ACTIVATED: 958 *bl += sprintf(b + *bl, "ACTIVATED"); 959 break; 960 case TRANSPORT_DEVICE_DEACTIVATED: 961 *bl += sprintf(b + *bl, "DEACTIVATED"); 962 break; 963 case TRANSPORT_DEVICE_SHUTDOWN: 964 *bl += sprintf(b + *bl, "SHUTDOWN"); 965 break; 966 case TRANSPORT_DEVICE_OFFLINE_ACTIVATED: 967 case TRANSPORT_DEVICE_OFFLINE_DEACTIVATED: 968 *bl += sprintf(b + *bl, "OFFLINE"); 969 break; 970 default: 971 *bl += sprintf(b + *bl, "UNKNOWN=%d", dev->dev_status); 972 break; 973 } 974 975 *bl += sprintf(b + *bl, " Execute/Max Queue Depth: %d/%d", 976 atomic_read(&dev->execute_tasks), dev->queue_depth); 977 *bl += sprintf(b + *bl, " SectorSize: %u MaxSectors: %u\n", 978 dev->se_sub_dev->se_dev_attrib.block_size, dev->se_sub_dev->se_dev_attrib.max_sectors); 979 *bl += sprintf(b + *bl, " "); 980 } 981 982 void transport_dump_vpd_proto_id( 983 struct t10_vpd *vpd, 984 unsigned char *p_buf, 985 int p_buf_len) 986 { 987 unsigned char buf[VPD_TMP_BUF_SIZE]; 988 int len; 989 990 memset(buf, 0, VPD_TMP_BUF_SIZE); 991 len = sprintf(buf, "T10 VPD Protocol Identifier: "); 992 993 switch (vpd->protocol_identifier) { 994 case 0x00: 995 sprintf(buf+len, "Fibre Channel\n"); 996 break; 997 case 0x10: 998 sprintf(buf+len, "Parallel SCSI\n"); 999 break; 1000 case 0x20: 1001 sprintf(buf+len, "SSA\n"); 1002 break; 1003 case 0x30: 1004 sprintf(buf+len, "IEEE 1394\n"); 1005 break; 1006 case 0x40: 1007 sprintf(buf+len, "SCSI Remote Direct Memory Access" 1008 " Protocol\n"); 1009 break; 1010 case 0x50: 1011 sprintf(buf+len, "Internet SCSI (iSCSI)\n"); 1012 break; 1013 case 0x60: 1014 sprintf(buf+len, "SAS Serial SCSI Protocol\n"); 1015 break; 1016 case 0x70: 1017 sprintf(buf+len, "Automation/Drive Interface Transport" 1018 " Protocol\n"); 1019 break; 1020 case 0x80: 1021 sprintf(buf+len, "AT Attachment Interface ATA/ATAPI\n"); 1022 break; 1023 default: 1024 sprintf(buf+len, "Unknown 0x%02x\n", 1025 vpd->protocol_identifier); 1026 break; 1027 } 1028 1029 if (p_buf) 1030 strncpy(p_buf, buf, p_buf_len); 1031 else 1032 pr_debug("%s", buf); 1033 } 1034 1035 void 1036 transport_set_vpd_proto_id(struct t10_vpd *vpd, unsigned char *page_83) 1037 { 1038 /* 1039 * Check if the Protocol Identifier Valid (PIV) bit is set.. 1040 * 1041 * from spc3r23.pdf section 7.5.1 1042 */ 1043 if (page_83[1] & 0x80) { 1044 vpd->protocol_identifier = (page_83[0] & 0xf0); 1045 vpd->protocol_identifier_set = 1; 1046 transport_dump_vpd_proto_id(vpd, NULL, 0); 1047 } 1048 } 1049 EXPORT_SYMBOL(transport_set_vpd_proto_id); 1050 1051 int transport_dump_vpd_assoc( 1052 struct t10_vpd *vpd, 1053 unsigned char *p_buf, 1054 int p_buf_len) 1055 { 1056 unsigned char buf[VPD_TMP_BUF_SIZE]; 1057 int ret = 0; 1058 int len; 1059 1060 memset(buf, 0, VPD_TMP_BUF_SIZE); 1061 len = sprintf(buf, "T10 VPD Identifier Association: "); 1062 1063 switch (vpd->association) { 1064 case 0x00: 1065 sprintf(buf+len, "addressed logical unit\n"); 1066 break; 1067 case 0x10: 1068 sprintf(buf+len, "target port\n"); 1069 break; 1070 case 0x20: 1071 sprintf(buf+len, "SCSI target device\n"); 1072 break; 1073 default: 1074 sprintf(buf+len, "Unknown 0x%02x\n", vpd->association); 1075 ret = -EINVAL; 1076 break; 1077 } 1078 1079 if (p_buf) 1080 strncpy(p_buf, buf, p_buf_len); 1081 else 1082 pr_debug("%s", buf); 1083 1084 return ret; 1085 } 1086 1087 int transport_set_vpd_assoc(struct t10_vpd *vpd, unsigned char *page_83) 1088 { 1089 /* 1090 * The VPD identification association.. 1091 * 1092 * from spc3r23.pdf Section 7.6.3.1 Table 297 1093 */ 1094 vpd->association = (page_83[1] & 0x30); 1095 return transport_dump_vpd_assoc(vpd, NULL, 0); 1096 } 1097 EXPORT_SYMBOL(transport_set_vpd_assoc); 1098 1099 int transport_dump_vpd_ident_type( 1100 struct t10_vpd *vpd, 1101 unsigned char *p_buf, 1102 int p_buf_len) 1103 { 1104 unsigned char buf[VPD_TMP_BUF_SIZE]; 1105 int ret = 0; 1106 int len; 1107 1108 memset(buf, 0, VPD_TMP_BUF_SIZE); 1109 len = sprintf(buf, "T10 VPD Identifier Type: "); 1110 1111 switch (vpd->device_identifier_type) { 1112 case 0x00: 1113 sprintf(buf+len, "Vendor specific\n"); 1114 break; 1115 case 0x01: 1116 sprintf(buf+len, "T10 Vendor ID based\n"); 1117 break; 1118 case 0x02: 1119 sprintf(buf+len, "EUI-64 based\n"); 1120 break; 1121 case 0x03: 1122 sprintf(buf+len, "NAA\n"); 1123 break; 1124 case 0x04: 1125 sprintf(buf+len, "Relative target port identifier\n"); 1126 break; 1127 case 0x08: 1128 sprintf(buf+len, "SCSI name string\n"); 1129 break; 1130 default: 1131 sprintf(buf+len, "Unsupported: 0x%02x\n", 1132 vpd->device_identifier_type); 1133 ret = -EINVAL; 1134 break; 1135 } 1136 1137 if (p_buf) { 1138 if (p_buf_len < strlen(buf)+1) 1139 return -EINVAL; 1140 strncpy(p_buf, buf, p_buf_len); 1141 } else { 1142 pr_debug("%s", buf); 1143 } 1144 1145 return ret; 1146 } 1147 1148 int transport_set_vpd_ident_type(struct t10_vpd *vpd, unsigned char *page_83) 1149 { 1150 /* 1151 * The VPD identifier type.. 1152 * 1153 * from spc3r23.pdf Section 7.6.3.1 Table 298 1154 */ 1155 vpd->device_identifier_type = (page_83[1] & 0x0f); 1156 return transport_dump_vpd_ident_type(vpd, NULL, 0); 1157 } 1158 EXPORT_SYMBOL(transport_set_vpd_ident_type); 1159 1160 int transport_dump_vpd_ident( 1161 struct t10_vpd *vpd, 1162 unsigned char *p_buf, 1163 int p_buf_len) 1164 { 1165 unsigned char buf[VPD_TMP_BUF_SIZE]; 1166 int ret = 0; 1167 1168 memset(buf, 0, VPD_TMP_BUF_SIZE); 1169 1170 switch (vpd->device_identifier_code_set) { 1171 case 0x01: /* Binary */ 1172 sprintf(buf, "T10 VPD Binary Device Identifier: %s\n", 1173 &vpd->device_identifier[0]); 1174 break; 1175 case 0x02: /* ASCII */ 1176 sprintf(buf, "T10 VPD ASCII Device Identifier: %s\n", 1177 &vpd->device_identifier[0]); 1178 break; 1179 case 0x03: /* UTF-8 */ 1180 sprintf(buf, "T10 VPD UTF-8 Device Identifier: %s\n", 1181 &vpd->device_identifier[0]); 1182 break; 1183 default: 1184 sprintf(buf, "T10 VPD Device Identifier encoding unsupported:" 1185 " 0x%02x", vpd->device_identifier_code_set); 1186 ret = -EINVAL; 1187 break; 1188 } 1189 1190 if (p_buf) 1191 strncpy(p_buf, buf, p_buf_len); 1192 else 1193 pr_debug("%s", buf); 1194 1195 return ret; 1196 } 1197 1198 int 1199 transport_set_vpd_ident(struct t10_vpd *vpd, unsigned char *page_83) 1200 { 1201 static const char hex_str[] = "0123456789abcdef"; 1202 int j = 0, i = 4; /* offset to start of the identifer */ 1203 1204 /* 1205 * The VPD Code Set (encoding) 1206 * 1207 * from spc3r23.pdf Section 7.6.3.1 Table 296 1208 */ 1209 vpd->device_identifier_code_set = (page_83[0] & 0x0f); 1210 switch (vpd->device_identifier_code_set) { 1211 case 0x01: /* Binary */ 1212 vpd->device_identifier[j++] = 1213 hex_str[vpd->device_identifier_type]; 1214 while (i < (4 + page_83[3])) { 1215 vpd->device_identifier[j++] = 1216 hex_str[(page_83[i] & 0xf0) >> 4]; 1217 vpd->device_identifier[j++] = 1218 hex_str[page_83[i] & 0x0f]; 1219 i++; 1220 } 1221 break; 1222 case 0x02: /* ASCII */ 1223 case 0x03: /* UTF-8 */ 1224 while (i < (4 + page_83[3])) 1225 vpd->device_identifier[j++] = page_83[i++]; 1226 break; 1227 default: 1228 break; 1229 } 1230 1231 return transport_dump_vpd_ident(vpd, NULL, 0); 1232 } 1233 EXPORT_SYMBOL(transport_set_vpd_ident); 1234 1235 static void core_setup_task_attr_emulation(struct se_device *dev) 1236 { 1237 /* 1238 * If this device is from Target_Core_Mod/pSCSI, disable the 1239 * SAM Task Attribute emulation. 1240 * 1241 * This is currently not available in upsream Linux/SCSI Target 1242 * mode code, and is assumed to be disabled while using TCM/pSCSI. 1243 */ 1244 if (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV) { 1245 dev->dev_task_attr_type = SAM_TASK_ATTR_PASSTHROUGH; 1246 return; 1247 } 1248 1249 dev->dev_task_attr_type = SAM_TASK_ATTR_EMULATED; 1250 pr_debug("%s: Using SAM_TASK_ATTR_EMULATED for SPC: 0x%02x" 1251 " device\n", dev->transport->name, 1252 dev->transport->get_device_rev(dev)); 1253 } 1254 1255 static void scsi_dump_inquiry(struct se_device *dev) 1256 { 1257 struct t10_wwn *wwn = &dev->se_sub_dev->t10_wwn; 1258 int i, device_type; 1259 /* 1260 * Print Linux/SCSI style INQUIRY formatting to the kernel ring buffer 1261 */ 1262 pr_debug(" Vendor: "); 1263 for (i = 0; i < 8; i++) 1264 if (wwn->vendor[i] >= 0x20) 1265 pr_debug("%c", wwn->vendor[i]); 1266 else 1267 pr_debug(" "); 1268 1269 pr_debug(" Model: "); 1270 for (i = 0; i < 16; i++) 1271 if (wwn->model[i] >= 0x20) 1272 pr_debug("%c", wwn->model[i]); 1273 else 1274 pr_debug(" "); 1275 1276 pr_debug(" Revision: "); 1277 for (i = 0; i < 4; i++) 1278 if (wwn->revision[i] >= 0x20) 1279 pr_debug("%c", wwn->revision[i]); 1280 else 1281 pr_debug(" "); 1282 1283 pr_debug("\n"); 1284 1285 device_type = dev->transport->get_device_type(dev); 1286 pr_debug(" Type: %s ", scsi_device_type(device_type)); 1287 pr_debug(" ANSI SCSI revision: %02x\n", 1288 dev->transport->get_device_rev(dev)); 1289 } 1290 1291 struct se_device *transport_add_device_to_core_hba( 1292 struct se_hba *hba, 1293 struct se_subsystem_api *transport, 1294 struct se_subsystem_dev *se_dev, 1295 u32 device_flags, 1296 void *transport_dev, 1297 struct se_dev_limits *dev_limits, 1298 const char *inquiry_prod, 1299 const char *inquiry_rev) 1300 { 1301 int force_pt; 1302 struct se_device *dev; 1303 1304 dev = kzalloc(sizeof(struct se_device), GFP_KERNEL); 1305 if (!dev) { 1306 pr_err("Unable to allocate memory for se_dev_t\n"); 1307 return NULL; 1308 } 1309 1310 transport_init_queue_obj(&dev->dev_queue_obj); 1311 dev->dev_flags = device_flags; 1312 dev->dev_status |= TRANSPORT_DEVICE_DEACTIVATED; 1313 dev->dev_ptr = transport_dev; 1314 dev->se_hba = hba; 1315 dev->se_sub_dev = se_dev; 1316 dev->transport = transport; 1317 INIT_LIST_HEAD(&dev->dev_list); 1318 INIT_LIST_HEAD(&dev->dev_sep_list); 1319 INIT_LIST_HEAD(&dev->dev_tmr_list); 1320 INIT_LIST_HEAD(&dev->execute_task_list); 1321 INIT_LIST_HEAD(&dev->delayed_cmd_list); 1322 INIT_LIST_HEAD(&dev->state_task_list); 1323 INIT_LIST_HEAD(&dev->qf_cmd_list); 1324 spin_lock_init(&dev->execute_task_lock); 1325 spin_lock_init(&dev->delayed_cmd_lock); 1326 spin_lock_init(&dev->dev_reservation_lock); 1327 spin_lock_init(&dev->dev_status_lock); 1328 spin_lock_init(&dev->se_port_lock); 1329 spin_lock_init(&dev->se_tmr_lock); 1330 spin_lock_init(&dev->qf_cmd_lock); 1331 atomic_set(&dev->dev_ordered_id, 0); 1332 1333 se_dev_set_default_attribs(dev, dev_limits); 1334 1335 dev->dev_index = scsi_get_new_index(SCSI_DEVICE_INDEX); 1336 dev->creation_time = get_jiffies_64(); 1337 spin_lock_init(&dev->stats_lock); 1338 1339 spin_lock(&hba->device_lock); 1340 list_add_tail(&dev->dev_list, &hba->hba_dev_list); 1341 hba->dev_count++; 1342 spin_unlock(&hba->device_lock); 1343 /* 1344 * Setup the SAM Task Attribute emulation for struct se_device 1345 */ 1346 core_setup_task_attr_emulation(dev); 1347 /* 1348 * Force PR and ALUA passthrough emulation with internal object use. 1349 */ 1350 force_pt = (hba->hba_flags & HBA_FLAGS_INTERNAL_USE); 1351 /* 1352 * Setup the Reservations infrastructure for struct se_device 1353 */ 1354 core_setup_reservations(dev, force_pt); 1355 /* 1356 * Setup the Asymmetric Logical Unit Assignment for struct se_device 1357 */ 1358 if (core_setup_alua(dev, force_pt) < 0) 1359 goto out; 1360 1361 /* 1362 * Startup the struct se_device processing thread 1363 */ 1364 dev->process_thread = kthread_run(transport_processing_thread, dev, 1365 "LIO_%s", dev->transport->name); 1366 if (IS_ERR(dev->process_thread)) { 1367 pr_err("Unable to create kthread: LIO_%s\n", 1368 dev->transport->name); 1369 goto out; 1370 } 1371 /* 1372 * Setup work_queue for QUEUE_FULL 1373 */ 1374 INIT_WORK(&dev->qf_work_queue, target_qf_do_work); 1375 /* 1376 * Preload the initial INQUIRY const values if we are doing 1377 * anything virtual (IBLOCK, FILEIO, RAMDISK), but not for TCM/pSCSI 1378 * passthrough because this is being provided by the backend LLD. 1379 * This is required so that transport_get_inquiry() copies these 1380 * originals once back into DEV_T10_WWN(dev) for the virtual device 1381 * setup. 1382 */ 1383 if (dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) { 1384 if (!inquiry_prod || !inquiry_rev) { 1385 pr_err("All non TCM/pSCSI plugins require" 1386 " INQUIRY consts\n"); 1387 goto out; 1388 } 1389 1390 strncpy(&dev->se_sub_dev->t10_wwn.vendor[0], "LIO-ORG", 8); 1391 strncpy(&dev->se_sub_dev->t10_wwn.model[0], inquiry_prod, 16); 1392 strncpy(&dev->se_sub_dev->t10_wwn.revision[0], inquiry_rev, 4); 1393 } 1394 scsi_dump_inquiry(dev); 1395 1396 return dev; 1397 out: 1398 kthread_stop(dev->process_thread); 1399 1400 spin_lock(&hba->device_lock); 1401 list_del(&dev->dev_list); 1402 hba->dev_count--; 1403 spin_unlock(&hba->device_lock); 1404 1405 se_release_vpd_for_dev(dev); 1406 1407 kfree(dev); 1408 1409 return NULL; 1410 } 1411 EXPORT_SYMBOL(transport_add_device_to_core_hba); 1412 1413 /* transport_generic_prepare_cdb(): 1414 * 1415 * Since the Initiator sees iSCSI devices as LUNs, the SCSI CDB will 1416 * contain the iSCSI LUN in bits 7-5 of byte 1 as per SAM-2. 1417 * The point of this is since we are mapping iSCSI LUNs to 1418 * SCSI Target IDs having a non-zero LUN in the CDB will throw the 1419 * devices and HBAs for a loop. 1420 */ 1421 static inline void transport_generic_prepare_cdb( 1422 unsigned char *cdb) 1423 { 1424 switch (cdb[0]) { 1425 case READ_10: /* SBC - RDProtect */ 1426 case READ_12: /* SBC - RDProtect */ 1427 case READ_16: /* SBC - RDProtect */ 1428 case SEND_DIAGNOSTIC: /* SPC - SELF-TEST Code */ 1429 case VERIFY: /* SBC - VRProtect */ 1430 case VERIFY_16: /* SBC - VRProtect */ 1431 case WRITE_VERIFY: /* SBC - VRProtect */ 1432 case WRITE_VERIFY_12: /* SBC - VRProtect */ 1433 break; 1434 default: 1435 cdb[1] &= 0x1f; /* clear logical unit number */ 1436 break; 1437 } 1438 } 1439 1440 static struct se_task * 1441 transport_generic_get_task(struct se_cmd *cmd, 1442 enum dma_data_direction data_direction) 1443 { 1444 struct se_task *task; 1445 struct se_device *dev = cmd->se_dev; 1446 1447 task = dev->transport->alloc_task(cmd->t_task_cdb); 1448 if (!task) { 1449 pr_err("Unable to allocate struct se_task\n"); 1450 return NULL; 1451 } 1452 1453 INIT_LIST_HEAD(&task->t_list); 1454 INIT_LIST_HEAD(&task->t_execute_list); 1455 INIT_LIST_HEAD(&task->t_state_list); 1456 init_completion(&task->task_stop_comp); 1457 task->task_se_cmd = cmd; 1458 task->task_data_direction = data_direction; 1459 1460 return task; 1461 } 1462 1463 static int transport_generic_cmd_sequencer(struct se_cmd *, unsigned char *); 1464 1465 /* 1466 * Used by fabric modules containing a local struct se_cmd within their 1467 * fabric dependent per I/O descriptor. 1468 */ 1469 void transport_init_se_cmd( 1470 struct se_cmd *cmd, 1471 struct target_core_fabric_ops *tfo, 1472 struct se_session *se_sess, 1473 u32 data_length, 1474 int data_direction, 1475 int task_attr, 1476 unsigned char *sense_buffer) 1477 { 1478 INIT_LIST_HEAD(&cmd->se_lun_node); 1479 INIT_LIST_HEAD(&cmd->se_delayed_node); 1480 INIT_LIST_HEAD(&cmd->se_qf_node); 1481 INIT_LIST_HEAD(&cmd->se_queue_node); 1482 INIT_LIST_HEAD(&cmd->se_cmd_list); 1483 INIT_LIST_HEAD(&cmd->t_task_list); 1484 init_completion(&cmd->transport_lun_fe_stop_comp); 1485 init_completion(&cmd->transport_lun_stop_comp); 1486 init_completion(&cmd->t_transport_stop_comp); 1487 init_completion(&cmd->cmd_wait_comp); 1488 spin_lock_init(&cmd->t_state_lock); 1489 atomic_set(&cmd->transport_dev_active, 1); 1490 1491 cmd->se_tfo = tfo; 1492 cmd->se_sess = se_sess; 1493 cmd->data_length = data_length; 1494 cmd->data_direction = data_direction; 1495 cmd->sam_task_attr = task_attr; 1496 cmd->sense_buffer = sense_buffer; 1497 } 1498 EXPORT_SYMBOL(transport_init_se_cmd); 1499 1500 static int transport_check_alloc_task_attr(struct se_cmd *cmd) 1501 { 1502 /* 1503 * Check if SAM Task Attribute emulation is enabled for this 1504 * struct se_device storage object 1505 */ 1506 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED) 1507 return 0; 1508 1509 if (cmd->sam_task_attr == MSG_ACA_TAG) { 1510 pr_debug("SAM Task Attribute ACA" 1511 " emulation is not supported\n"); 1512 return -EINVAL; 1513 } 1514 /* 1515 * Used to determine when ORDERED commands should go from 1516 * Dormant to Active status. 1517 */ 1518 cmd->se_ordered_id = atomic_inc_return(&cmd->se_dev->dev_ordered_id); 1519 smp_mb__after_atomic_inc(); 1520 pr_debug("Allocated se_ordered_id: %u for Task Attr: 0x%02x on %s\n", 1521 cmd->se_ordered_id, cmd->sam_task_attr, 1522 cmd->se_dev->transport->name); 1523 return 0; 1524 } 1525 1526 /* transport_generic_allocate_tasks(): 1527 * 1528 * Called from fabric RX Thread. 1529 */ 1530 int transport_generic_allocate_tasks( 1531 struct se_cmd *cmd, 1532 unsigned char *cdb) 1533 { 1534 int ret; 1535 1536 transport_generic_prepare_cdb(cdb); 1537 /* 1538 * Ensure that the received CDB is less than the max (252 + 8) bytes 1539 * for VARIABLE_LENGTH_CMD 1540 */ 1541 if (scsi_command_size(cdb) > SCSI_MAX_VARLEN_CDB_SIZE) { 1542 pr_err("Received SCSI CDB with command_size: %d that" 1543 " exceeds SCSI_MAX_VARLEN_CDB_SIZE: %d\n", 1544 scsi_command_size(cdb), SCSI_MAX_VARLEN_CDB_SIZE); 1545 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 1546 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 1547 return -EINVAL; 1548 } 1549 /* 1550 * If the received CDB is larger than TCM_MAX_COMMAND_SIZE, 1551 * allocate the additional extended CDB buffer now.. Otherwise 1552 * setup the pointer from __t_task_cdb to t_task_cdb. 1553 */ 1554 if (scsi_command_size(cdb) > sizeof(cmd->__t_task_cdb)) { 1555 cmd->t_task_cdb = kzalloc(scsi_command_size(cdb), 1556 GFP_KERNEL); 1557 if (!cmd->t_task_cdb) { 1558 pr_err("Unable to allocate cmd->t_task_cdb" 1559 " %u > sizeof(cmd->__t_task_cdb): %lu ops\n", 1560 scsi_command_size(cdb), 1561 (unsigned long)sizeof(cmd->__t_task_cdb)); 1562 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 1563 cmd->scsi_sense_reason = 1564 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; 1565 return -ENOMEM; 1566 } 1567 } else 1568 cmd->t_task_cdb = &cmd->__t_task_cdb[0]; 1569 /* 1570 * Copy the original CDB into cmd-> 1571 */ 1572 memcpy(cmd->t_task_cdb, cdb, scsi_command_size(cdb)); 1573 /* 1574 * Setup the received CDB based on SCSI defined opcodes and 1575 * perform unit attention, persistent reservations and ALUA 1576 * checks for virtual device backends. The cmd->t_task_cdb 1577 * pointer is expected to be setup before we reach this point. 1578 */ 1579 ret = transport_generic_cmd_sequencer(cmd, cdb); 1580 if (ret < 0) 1581 return ret; 1582 /* 1583 * Check for SAM Task Attribute Emulation 1584 */ 1585 if (transport_check_alloc_task_attr(cmd) < 0) { 1586 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 1587 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 1588 return -EINVAL; 1589 } 1590 spin_lock(&cmd->se_lun->lun_sep_lock); 1591 if (cmd->se_lun->lun_sep) 1592 cmd->se_lun->lun_sep->sep_stats.cmd_pdus++; 1593 spin_unlock(&cmd->se_lun->lun_sep_lock); 1594 return 0; 1595 } 1596 EXPORT_SYMBOL(transport_generic_allocate_tasks); 1597 1598 /* 1599 * Used by fabric module frontends to queue tasks directly. 1600 * Many only be used from process context only 1601 */ 1602 int transport_handle_cdb_direct( 1603 struct se_cmd *cmd) 1604 { 1605 int ret; 1606 1607 if (!cmd->se_lun) { 1608 dump_stack(); 1609 pr_err("cmd->se_lun is NULL\n"); 1610 return -EINVAL; 1611 } 1612 if (in_interrupt()) { 1613 dump_stack(); 1614 pr_err("transport_generic_handle_cdb cannot be called" 1615 " from interrupt context\n"); 1616 return -EINVAL; 1617 } 1618 /* 1619 * Set TRANSPORT_NEW_CMD state and cmd->t_transport_active=1 following 1620 * transport_generic_handle_cdb*() -> transport_add_cmd_to_queue() 1621 * in existing usage to ensure that outstanding descriptors are handled 1622 * correctly during shutdown via transport_wait_for_tasks() 1623 * 1624 * Also, we don't take cmd->t_state_lock here as we only expect 1625 * this to be called for initial descriptor submission. 1626 */ 1627 cmd->t_state = TRANSPORT_NEW_CMD; 1628 atomic_set(&cmd->t_transport_active, 1); 1629 /* 1630 * transport_generic_new_cmd() is already handling QUEUE_FULL, 1631 * so follow TRANSPORT_NEW_CMD processing thread context usage 1632 * and call transport_generic_request_failure() if necessary.. 1633 */ 1634 ret = transport_generic_new_cmd(cmd); 1635 if (ret < 0) 1636 transport_generic_request_failure(cmd); 1637 1638 return 0; 1639 } 1640 EXPORT_SYMBOL(transport_handle_cdb_direct); 1641 1642 /** 1643 * target_submit_cmd - lookup unpacked lun and submit uninitialized se_cmd 1644 * 1645 * @se_cmd: command descriptor to submit 1646 * @se_sess: associated se_sess for endpoint 1647 * @cdb: pointer to SCSI CDB 1648 * @sense: pointer to SCSI sense buffer 1649 * @unpacked_lun: unpacked LUN to reference for struct se_lun 1650 * @data_length: fabric expected data transfer length 1651 * @task_addr: SAM task attribute 1652 * @data_dir: DMA data direction 1653 * @flags: flags for command submission from target_sc_flags_tables 1654 * 1655 * This may only be called from process context, and also currently 1656 * assumes internal allocation of fabric payload buffer by target-core. 1657 **/ 1658 int target_submit_cmd(struct se_cmd *se_cmd, struct se_session *se_sess, 1659 unsigned char *cdb, unsigned char *sense, u32 unpacked_lun, 1660 u32 data_length, int task_attr, int data_dir, int flags) 1661 { 1662 struct se_portal_group *se_tpg; 1663 int rc; 1664 1665 se_tpg = se_sess->se_tpg; 1666 BUG_ON(!se_tpg); 1667 BUG_ON(se_cmd->se_tfo || se_cmd->se_sess); 1668 BUG_ON(in_interrupt()); 1669 /* 1670 * Initialize se_cmd for target operation. From this point 1671 * exceptions are handled by sending exception status via 1672 * target_core_fabric_ops->queue_status() callback 1673 */ 1674 transport_init_se_cmd(se_cmd, se_tpg->se_tpg_tfo, se_sess, 1675 data_length, data_dir, task_attr, sense); 1676 /* 1677 * Obtain struct se_cmd->cmd_kref reference and add new cmd to 1678 * se_sess->sess_cmd_list. A second kref_get here is necessary 1679 * for fabrics using TARGET_SCF_ACK_KREF that expect a second 1680 * kref_put() to happen during fabric packet acknowledgement. 1681 */ 1682 target_get_sess_cmd(se_sess, se_cmd, (flags & TARGET_SCF_ACK_KREF)); 1683 /* 1684 * Signal bidirectional data payloads to target-core 1685 */ 1686 if (flags & TARGET_SCF_BIDI_OP) 1687 se_cmd->se_cmd_flags |= SCF_BIDI; 1688 /* 1689 * Locate se_lun pointer and attach it to struct se_cmd 1690 */ 1691 if (transport_lookup_cmd_lun(se_cmd, unpacked_lun) < 0) 1692 goto out_check_cond; 1693 /* 1694 * Sanitize CDBs via transport_generic_cmd_sequencer() and 1695 * allocate the necessary tasks to complete the received CDB+data 1696 */ 1697 rc = transport_generic_allocate_tasks(se_cmd, cdb); 1698 if (rc != 0) 1699 goto out_check_cond; 1700 /* 1701 * Dispatch se_cmd descriptor to se_lun->lun_se_dev backend 1702 * for immediate execution of READs, otherwise wait for 1703 * transport_generic_handle_data() to be called for WRITEs 1704 * when fabric has filled the incoming buffer. 1705 */ 1706 transport_handle_cdb_direct(se_cmd); 1707 return 0; 1708 1709 out_check_cond: 1710 transport_send_check_condition_and_sense(se_cmd, 1711 se_cmd->scsi_sense_reason, 0); 1712 return 0; 1713 } 1714 EXPORT_SYMBOL(target_submit_cmd); 1715 1716 /* 1717 * Used by fabric module frontends defining a TFO->new_cmd_map() caller 1718 * to queue up a newly setup se_cmd w/ TRANSPORT_NEW_CMD_MAP in order to 1719 * complete setup in TCM process context w/ TFO->new_cmd_map(). 1720 */ 1721 int transport_generic_handle_cdb_map( 1722 struct se_cmd *cmd) 1723 { 1724 if (!cmd->se_lun) { 1725 dump_stack(); 1726 pr_err("cmd->se_lun is NULL\n"); 1727 return -EINVAL; 1728 } 1729 1730 transport_add_cmd_to_queue(cmd, TRANSPORT_NEW_CMD_MAP, false); 1731 return 0; 1732 } 1733 EXPORT_SYMBOL(transport_generic_handle_cdb_map); 1734 1735 /* transport_generic_handle_data(): 1736 * 1737 * 1738 */ 1739 int transport_generic_handle_data( 1740 struct se_cmd *cmd) 1741 { 1742 /* 1743 * For the software fabric case, then we assume the nexus is being 1744 * failed/shutdown when signals are pending from the kthread context 1745 * caller, so we return a failure. For the HW target mode case running 1746 * in interrupt code, the signal_pending() check is skipped. 1747 */ 1748 if (!in_interrupt() && signal_pending(current)) 1749 return -EPERM; 1750 /* 1751 * If the received CDB has aleady been ABORTED by the generic 1752 * target engine, we now call transport_check_aborted_status() 1753 * to queue any delated TASK_ABORTED status for the received CDB to the 1754 * fabric module as we are expecting no further incoming DATA OUT 1755 * sequences at this point. 1756 */ 1757 if (transport_check_aborted_status(cmd, 1) != 0) 1758 return 0; 1759 1760 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_WRITE, false); 1761 return 0; 1762 } 1763 EXPORT_SYMBOL(transport_generic_handle_data); 1764 1765 /* transport_generic_handle_tmr(): 1766 * 1767 * 1768 */ 1769 int transport_generic_handle_tmr( 1770 struct se_cmd *cmd) 1771 { 1772 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_TMR, false); 1773 return 0; 1774 } 1775 EXPORT_SYMBOL(transport_generic_handle_tmr); 1776 1777 /* 1778 * If the task is active, request it to be stopped and sleep until it 1779 * has completed. 1780 */ 1781 bool target_stop_task(struct se_task *task, unsigned long *flags) 1782 { 1783 struct se_cmd *cmd = task->task_se_cmd; 1784 bool was_active = false; 1785 1786 if (task->task_flags & TF_ACTIVE) { 1787 task->task_flags |= TF_REQUEST_STOP; 1788 spin_unlock_irqrestore(&cmd->t_state_lock, *flags); 1789 1790 pr_debug("Task %p waiting to complete\n", task); 1791 wait_for_completion(&task->task_stop_comp); 1792 pr_debug("Task %p stopped successfully\n", task); 1793 1794 spin_lock_irqsave(&cmd->t_state_lock, *flags); 1795 atomic_dec(&cmd->t_task_cdbs_left); 1796 task->task_flags &= ~(TF_ACTIVE | TF_REQUEST_STOP); 1797 was_active = true; 1798 } 1799 1800 return was_active; 1801 } 1802 1803 static int transport_stop_tasks_for_cmd(struct se_cmd *cmd) 1804 { 1805 struct se_task *task, *task_tmp; 1806 unsigned long flags; 1807 int ret = 0; 1808 1809 pr_debug("ITT[0x%08x] - Stopping tasks\n", 1810 cmd->se_tfo->get_task_tag(cmd)); 1811 1812 /* 1813 * No tasks remain in the execution queue 1814 */ 1815 spin_lock_irqsave(&cmd->t_state_lock, flags); 1816 list_for_each_entry_safe(task, task_tmp, 1817 &cmd->t_task_list, t_list) { 1818 pr_debug("Processing task %p\n", task); 1819 /* 1820 * If the struct se_task has not been sent and is not active, 1821 * remove the struct se_task from the execution queue. 1822 */ 1823 if (!(task->task_flags & (TF_ACTIVE | TF_SENT))) { 1824 spin_unlock_irqrestore(&cmd->t_state_lock, 1825 flags); 1826 transport_remove_task_from_execute_queue(task, 1827 cmd->se_dev); 1828 1829 pr_debug("Task %p removed from execute queue\n", task); 1830 spin_lock_irqsave(&cmd->t_state_lock, flags); 1831 continue; 1832 } 1833 1834 if (!target_stop_task(task, &flags)) { 1835 pr_debug("Task %p - did nothing\n", task); 1836 ret++; 1837 } 1838 } 1839 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 1840 1841 return ret; 1842 } 1843 1844 /* 1845 * Handle SAM-esque emulation for generic transport request failures. 1846 */ 1847 static void transport_generic_request_failure(struct se_cmd *cmd) 1848 { 1849 int ret = 0; 1850 1851 pr_debug("-----[ Storage Engine Exception for cmd: %p ITT: 0x%08x" 1852 " CDB: 0x%02x\n", cmd, cmd->se_tfo->get_task_tag(cmd), 1853 cmd->t_task_cdb[0]); 1854 pr_debug("-----[ i_state: %d t_state: %d scsi_sense_reason: %d\n", 1855 cmd->se_tfo->get_cmd_state(cmd), 1856 cmd->t_state, cmd->scsi_sense_reason); 1857 pr_debug("-----[ t_tasks: %d t_task_cdbs_left: %d" 1858 " t_task_cdbs_sent: %d t_task_cdbs_ex_left: %d --" 1859 " t_transport_active: %d t_transport_stop: %d" 1860 " t_transport_sent: %d\n", cmd->t_task_list_num, 1861 atomic_read(&cmd->t_task_cdbs_left), 1862 atomic_read(&cmd->t_task_cdbs_sent), 1863 atomic_read(&cmd->t_task_cdbs_ex_left), 1864 atomic_read(&cmd->t_transport_active), 1865 atomic_read(&cmd->t_transport_stop), 1866 atomic_read(&cmd->t_transport_sent)); 1867 1868 /* 1869 * For SAM Task Attribute emulation for failed struct se_cmd 1870 */ 1871 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 1872 transport_complete_task_attr(cmd); 1873 1874 switch (cmd->scsi_sense_reason) { 1875 case TCM_NON_EXISTENT_LUN: 1876 case TCM_UNSUPPORTED_SCSI_OPCODE: 1877 case TCM_INVALID_CDB_FIELD: 1878 case TCM_INVALID_PARAMETER_LIST: 1879 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE: 1880 case TCM_UNKNOWN_MODE_PAGE: 1881 case TCM_WRITE_PROTECTED: 1882 case TCM_CHECK_CONDITION_ABORT_CMD: 1883 case TCM_CHECK_CONDITION_UNIT_ATTENTION: 1884 case TCM_CHECK_CONDITION_NOT_READY: 1885 break; 1886 case TCM_RESERVATION_CONFLICT: 1887 /* 1888 * No SENSE Data payload for this case, set SCSI Status 1889 * and queue the response to $FABRIC_MOD. 1890 * 1891 * Uses linux/include/scsi/scsi.h SAM status codes defs 1892 */ 1893 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT; 1894 /* 1895 * For UA Interlock Code 11b, a RESERVATION CONFLICT will 1896 * establish a UNIT ATTENTION with PREVIOUS RESERVATION 1897 * CONFLICT STATUS. 1898 * 1899 * See spc4r17, section 7.4.6 Control Mode Page, Table 349 1900 */ 1901 if (cmd->se_sess && 1902 cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2) 1903 core_scsi3_ua_allocate(cmd->se_sess->se_node_acl, 1904 cmd->orig_fe_lun, 0x2C, 1905 ASCQ_2CH_PREVIOUS_RESERVATION_CONFLICT_STATUS); 1906 1907 ret = cmd->se_tfo->queue_status(cmd); 1908 if (ret == -EAGAIN || ret == -ENOMEM) 1909 goto queue_full; 1910 goto check_stop; 1911 default: 1912 pr_err("Unknown transport error for CDB 0x%02x: %d\n", 1913 cmd->t_task_cdb[0], cmd->scsi_sense_reason); 1914 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE; 1915 break; 1916 } 1917 /* 1918 * If a fabric does not define a cmd->se_tfo->new_cmd_map caller, 1919 * make the call to transport_send_check_condition_and_sense() 1920 * directly. Otherwise expect the fabric to make the call to 1921 * transport_send_check_condition_and_sense() after handling 1922 * possible unsoliticied write data payloads. 1923 */ 1924 ret = transport_send_check_condition_and_sense(cmd, 1925 cmd->scsi_sense_reason, 0); 1926 if (ret == -EAGAIN || ret == -ENOMEM) 1927 goto queue_full; 1928 1929 check_stop: 1930 transport_lun_remove_cmd(cmd); 1931 if (!transport_cmd_check_stop_to_fabric(cmd)) 1932 ; 1933 return; 1934 1935 queue_full: 1936 cmd->t_state = TRANSPORT_COMPLETE_QF_OK; 1937 transport_handle_queue_full(cmd, cmd->se_dev); 1938 } 1939 1940 static inline u32 transport_lba_21(unsigned char *cdb) 1941 { 1942 return ((cdb[1] & 0x1f) << 16) | (cdb[2] << 8) | cdb[3]; 1943 } 1944 1945 static inline u32 transport_lba_32(unsigned char *cdb) 1946 { 1947 return (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5]; 1948 } 1949 1950 static inline unsigned long long transport_lba_64(unsigned char *cdb) 1951 { 1952 unsigned int __v1, __v2; 1953 1954 __v1 = (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5]; 1955 __v2 = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9]; 1956 1957 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32; 1958 } 1959 1960 /* 1961 * For VARIABLE_LENGTH_CDB w/ 32 byte extended CDBs 1962 */ 1963 static inline unsigned long long transport_lba_64_ext(unsigned char *cdb) 1964 { 1965 unsigned int __v1, __v2; 1966 1967 __v1 = (cdb[12] << 24) | (cdb[13] << 16) | (cdb[14] << 8) | cdb[15]; 1968 __v2 = (cdb[16] << 24) | (cdb[17] << 16) | (cdb[18] << 8) | cdb[19]; 1969 1970 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32; 1971 } 1972 1973 static void transport_set_supported_SAM_opcode(struct se_cmd *se_cmd) 1974 { 1975 unsigned long flags; 1976 1977 spin_lock_irqsave(&se_cmd->t_state_lock, flags); 1978 se_cmd->se_cmd_flags |= SCF_SUPPORTED_SAM_OPCODE; 1979 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags); 1980 } 1981 1982 /* 1983 * Called from Fabric Module context from transport_execute_tasks() 1984 * 1985 * The return of this function determins if the tasks from struct se_cmd 1986 * get added to the execution queue in transport_execute_tasks(), 1987 * or are added to the delayed or ordered lists here. 1988 */ 1989 static inline int transport_execute_task_attr(struct se_cmd *cmd) 1990 { 1991 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED) 1992 return 1; 1993 /* 1994 * Check for the existence of HEAD_OF_QUEUE, and if true return 1 1995 * to allow the passed struct se_cmd list of tasks to the front of the list. 1996 */ 1997 if (cmd->sam_task_attr == MSG_HEAD_TAG) { 1998 pr_debug("Added HEAD_OF_QUEUE for CDB:" 1999 " 0x%02x, se_ordered_id: %u\n", 2000 cmd->t_task_cdb[0], 2001 cmd->se_ordered_id); 2002 return 1; 2003 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) { 2004 atomic_inc(&cmd->se_dev->dev_ordered_sync); 2005 smp_mb__after_atomic_inc(); 2006 2007 pr_debug("Added ORDERED for CDB: 0x%02x to ordered" 2008 " list, se_ordered_id: %u\n", 2009 cmd->t_task_cdb[0], 2010 cmd->se_ordered_id); 2011 /* 2012 * Add ORDERED command to tail of execution queue if 2013 * no other older commands exist that need to be 2014 * completed first. 2015 */ 2016 if (!atomic_read(&cmd->se_dev->simple_cmds)) 2017 return 1; 2018 } else { 2019 /* 2020 * For SIMPLE and UNTAGGED Task Attribute commands 2021 */ 2022 atomic_inc(&cmd->se_dev->simple_cmds); 2023 smp_mb__after_atomic_inc(); 2024 } 2025 /* 2026 * Otherwise if one or more outstanding ORDERED task attribute exist, 2027 * add the dormant task(s) built for the passed struct se_cmd to the 2028 * execution queue and become in Active state for this struct se_device. 2029 */ 2030 if (atomic_read(&cmd->se_dev->dev_ordered_sync) != 0) { 2031 /* 2032 * Otherwise, add cmd w/ tasks to delayed cmd queue that 2033 * will be drained upon completion of HEAD_OF_QUEUE task. 2034 */ 2035 spin_lock(&cmd->se_dev->delayed_cmd_lock); 2036 cmd->se_cmd_flags |= SCF_DELAYED_CMD_FROM_SAM_ATTR; 2037 list_add_tail(&cmd->se_delayed_node, 2038 &cmd->se_dev->delayed_cmd_list); 2039 spin_unlock(&cmd->se_dev->delayed_cmd_lock); 2040 2041 pr_debug("Added CDB: 0x%02x Task Attr: 0x%02x to" 2042 " delayed CMD list, se_ordered_id: %u\n", 2043 cmd->t_task_cdb[0], cmd->sam_task_attr, 2044 cmd->se_ordered_id); 2045 /* 2046 * Return zero to let transport_execute_tasks() know 2047 * not to add the delayed tasks to the execution list. 2048 */ 2049 return 0; 2050 } 2051 /* 2052 * Otherwise, no ORDERED task attributes exist.. 2053 */ 2054 return 1; 2055 } 2056 2057 /* 2058 * Called from fabric module context in transport_generic_new_cmd() and 2059 * transport_generic_process_write() 2060 */ 2061 static int transport_execute_tasks(struct se_cmd *cmd) 2062 { 2063 int add_tasks; 2064 struct se_device *se_dev = cmd->se_dev; 2065 /* 2066 * Call transport_cmd_check_stop() to see if a fabric exception 2067 * has occurred that prevents execution. 2068 */ 2069 if (!transport_cmd_check_stop(cmd, 0, TRANSPORT_PROCESSING)) { 2070 /* 2071 * Check for SAM Task Attribute emulation and HEAD_OF_QUEUE 2072 * attribute for the tasks of the received struct se_cmd CDB 2073 */ 2074 add_tasks = transport_execute_task_attr(cmd); 2075 if (!add_tasks) 2076 goto execute_tasks; 2077 /* 2078 * __transport_execute_tasks() -> __transport_add_tasks_from_cmd() 2079 * adds associated se_tasks while holding dev->execute_task_lock 2080 * before I/O dispath to avoid a double spinlock access. 2081 */ 2082 __transport_execute_tasks(se_dev, cmd); 2083 return 0; 2084 } 2085 2086 execute_tasks: 2087 __transport_execute_tasks(se_dev, NULL); 2088 return 0; 2089 } 2090 2091 /* 2092 * Called to check struct se_device tcq depth window, and once open pull struct se_task 2093 * from struct se_device->execute_task_list and 2094 * 2095 * Called from transport_processing_thread() 2096 */ 2097 static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *new_cmd) 2098 { 2099 int error; 2100 struct se_cmd *cmd = NULL; 2101 struct se_task *task = NULL; 2102 unsigned long flags; 2103 2104 check_depth: 2105 spin_lock_irq(&dev->execute_task_lock); 2106 if (new_cmd != NULL) 2107 __transport_add_tasks_from_cmd(new_cmd); 2108 2109 if (list_empty(&dev->execute_task_list)) { 2110 spin_unlock_irq(&dev->execute_task_lock); 2111 return 0; 2112 } 2113 task = list_first_entry(&dev->execute_task_list, 2114 struct se_task, t_execute_list); 2115 __transport_remove_task_from_execute_queue(task, dev); 2116 spin_unlock_irq(&dev->execute_task_lock); 2117 2118 cmd = task->task_se_cmd; 2119 spin_lock_irqsave(&cmd->t_state_lock, flags); 2120 task->task_flags |= (TF_ACTIVE | TF_SENT); 2121 atomic_inc(&cmd->t_task_cdbs_sent); 2122 2123 if (atomic_read(&cmd->t_task_cdbs_sent) == 2124 cmd->t_task_list_num) 2125 atomic_set(&cmd->t_transport_sent, 1); 2126 2127 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 2128 2129 if (cmd->execute_task) 2130 error = cmd->execute_task(task); 2131 else 2132 error = dev->transport->do_task(task); 2133 if (error != 0) { 2134 spin_lock_irqsave(&cmd->t_state_lock, flags); 2135 task->task_flags &= ~TF_ACTIVE; 2136 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 2137 atomic_set(&cmd->t_transport_sent, 0); 2138 transport_stop_tasks_for_cmd(cmd); 2139 transport_generic_request_failure(cmd); 2140 } 2141 2142 new_cmd = NULL; 2143 goto check_depth; 2144 2145 return 0; 2146 } 2147 2148 static inline u32 transport_get_sectors_6( 2149 unsigned char *cdb, 2150 struct se_cmd *cmd, 2151 int *ret) 2152 { 2153 struct se_device *dev = cmd->se_dev; 2154 2155 /* 2156 * Assume TYPE_DISK for non struct se_device objects. 2157 * Use 8-bit sector value. 2158 */ 2159 if (!dev) 2160 goto type_disk; 2161 2162 /* 2163 * Use 24-bit allocation length for TYPE_TAPE. 2164 */ 2165 if (dev->transport->get_device_type(dev) == TYPE_TAPE) 2166 return (u32)(cdb[2] << 16) + (cdb[3] << 8) + cdb[4]; 2167 2168 /* 2169 * Everything else assume TYPE_DISK Sector CDB location. 2170 * Use 8-bit sector value. SBC-3 says: 2171 * 2172 * A TRANSFER LENGTH field set to zero specifies that 256 2173 * logical blocks shall be written. Any other value 2174 * specifies the number of logical blocks that shall be 2175 * written. 2176 */ 2177 type_disk: 2178 return cdb[4] ? : 256; 2179 } 2180 2181 static inline u32 transport_get_sectors_10( 2182 unsigned char *cdb, 2183 struct se_cmd *cmd, 2184 int *ret) 2185 { 2186 struct se_device *dev = cmd->se_dev; 2187 2188 /* 2189 * Assume TYPE_DISK for non struct se_device objects. 2190 * Use 16-bit sector value. 2191 */ 2192 if (!dev) 2193 goto type_disk; 2194 2195 /* 2196 * XXX_10 is not defined in SSC, throw an exception 2197 */ 2198 if (dev->transport->get_device_type(dev) == TYPE_TAPE) { 2199 *ret = -EINVAL; 2200 return 0; 2201 } 2202 2203 /* 2204 * Everything else assume TYPE_DISK Sector CDB location. 2205 * Use 16-bit sector value. 2206 */ 2207 type_disk: 2208 return (u32)(cdb[7] << 8) + cdb[8]; 2209 } 2210 2211 static inline u32 transport_get_sectors_12( 2212 unsigned char *cdb, 2213 struct se_cmd *cmd, 2214 int *ret) 2215 { 2216 struct se_device *dev = cmd->se_dev; 2217 2218 /* 2219 * Assume TYPE_DISK for non struct se_device objects. 2220 * Use 32-bit sector value. 2221 */ 2222 if (!dev) 2223 goto type_disk; 2224 2225 /* 2226 * XXX_12 is not defined in SSC, throw an exception 2227 */ 2228 if (dev->transport->get_device_type(dev) == TYPE_TAPE) { 2229 *ret = -EINVAL; 2230 return 0; 2231 } 2232 2233 /* 2234 * Everything else assume TYPE_DISK Sector CDB location. 2235 * Use 32-bit sector value. 2236 */ 2237 type_disk: 2238 return (u32)(cdb[6] << 24) + (cdb[7] << 16) + (cdb[8] << 8) + cdb[9]; 2239 } 2240 2241 static inline u32 transport_get_sectors_16( 2242 unsigned char *cdb, 2243 struct se_cmd *cmd, 2244 int *ret) 2245 { 2246 struct se_device *dev = cmd->se_dev; 2247 2248 /* 2249 * Assume TYPE_DISK for non struct se_device objects. 2250 * Use 32-bit sector value. 2251 */ 2252 if (!dev) 2253 goto type_disk; 2254 2255 /* 2256 * Use 24-bit allocation length for TYPE_TAPE. 2257 */ 2258 if (dev->transport->get_device_type(dev) == TYPE_TAPE) 2259 return (u32)(cdb[12] << 16) + (cdb[13] << 8) + cdb[14]; 2260 2261 type_disk: 2262 return (u32)(cdb[10] << 24) + (cdb[11] << 16) + 2263 (cdb[12] << 8) + cdb[13]; 2264 } 2265 2266 /* 2267 * Used for VARIABLE_LENGTH_CDB WRITE_32 and READ_32 variants 2268 */ 2269 static inline u32 transport_get_sectors_32( 2270 unsigned char *cdb, 2271 struct se_cmd *cmd, 2272 int *ret) 2273 { 2274 /* 2275 * Assume TYPE_DISK for non struct se_device objects. 2276 * Use 32-bit sector value. 2277 */ 2278 return (u32)(cdb[28] << 24) + (cdb[29] << 16) + 2279 (cdb[30] << 8) + cdb[31]; 2280 2281 } 2282 2283 static inline u32 transport_get_size( 2284 u32 sectors, 2285 unsigned char *cdb, 2286 struct se_cmd *cmd) 2287 { 2288 struct se_device *dev = cmd->se_dev; 2289 2290 if (dev->transport->get_device_type(dev) == TYPE_TAPE) { 2291 if (cdb[1] & 1) { /* sectors */ 2292 return dev->se_sub_dev->se_dev_attrib.block_size * sectors; 2293 } else /* bytes */ 2294 return sectors; 2295 } 2296 #if 0 2297 pr_debug("Returning block_size: %u, sectors: %u == %u for" 2298 " %s object\n", dev->se_sub_dev->se_dev_attrib.block_size, sectors, 2299 dev->se_sub_dev->se_dev_attrib.block_size * sectors, 2300 dev->transport->name); 2301 #endif 2302 return dev->se_sub_dev->se_dev_attrib.block_size * sectors; 2303 } 2304 2305 static void transport_xor_callback(struct se_cmd *cmd) 2306 { 2307 unsigned char *buf, *addr; 2308 struct scatterlist *sg; 2309 unsigned int offset; 2310 int i; 2311 int count; 2312 /* 2313 * From sbc3r22.pdf section 5.48 XDWRITEREAD (10) command 2314 * 2315 * 1) read the specified logical block(s); 2316 * 2) transfer logical blocks from the data-out buffer; 2317 * 3) XOR the logical blocks transferred from the data-out buffer with 2318 * the logical blocks read, storing the resulting XOR data in a buffer; 2319 * 4) if the DISABLE WRITE bit is set to zero, then write the logical 2320 * blocks transferred from the data-out buffer; and 2321 * 5) transfer the resulting XOR data to the data-in buffer. 2322 */ 2323 buf = kmalloc(cmd->data_length, GFP_KERNEL); 2324 if (!buf) { 2325 pr_err("Unable to allocate xor_callback buf\n"); 2326 return; 2327 } 2328 /* 2329 * Copy the scatterlist WRITE buffer located at cmd->t_data_sg 2330 * into the locally allocated *buf 2331 */ 2332 sg_copy_to_buffer(cmd->t_data_sg, 2333 cmd->t_data_nents, 2334 buf, 2335 cmd->data_length); 2336 2337 /* 2338 * Now perform the XOR against the BIDI read memory located at 2339 * cmd->t_mem_bidi_list 2340 */ 2341 2342 offset = 0; 2343 for_each_sg(cmd->t_bidi_data_sg, sg, cmd->t_bidi_data_nents, count) { 2344 addr = kmap_atomic(sg_page(sg), KM_USER0); 2345 if (!addr) 2346 goto out; 2347 2348 for (i = 0; i < sg->length; i++) 2349 *(addr + sg->offset + i) ^= *(buf + offset + i); 2350 2351 offset += sg->length; 2352 kunmap_atomic(addr, KM_USER0); 2353 } 2354 2355 out: 2356 kfree(buf); 2357 } 2358 2359 /* 2360 * Used to obtain Sense Data from underlying Linux/SCSI struct scsi_cmnd 2361 */ 2362 static int transport_get_sense_data(struct se_cmd *cmd) 2363 { 2364 unsigned char *buffer = cmd->sense_buffer, *sense_buffer = NULL; 2365 struct se_device *dev = cmd->se_dev; 2366 struct se_task *task = NULL, *task_tmp; 2367 unsigned long flags; 2368 u32 offset = 0; 2369 2370 WARN_ON(!cmd->se_lun); 2371 2372 if (!dev) 2373 return 0; 2374 2375 spin_lock_irqsave(&cmd->t_state_lock, flags); 2376 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) { 2377 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 2378 return 0; 2379 } 2380 2381 list_for_each_entry_safe(task, task_tmp, 2382 &cmd->t_task_list, t_list) { 2383 if (!(task->task_flags & TF_HAS_SENSE)) 2384 continue; 2385 2386 if (!dev->transport->get_sense_buffer) { 2387 pr_err("dev->transport->get_sense_buffer" 2388 " is NULL\n"); 2389 continue; 2390 } 2391 2392 sense_buffer = dev->transport->get_sense_buffer(task); 2393 if (!sense_buffer) { 2394 pr_err("ITT[0x%08x]_TASK[%p]: Unable to locate" 2395 " sense buffer for task with sense\n", 2396 cmd->se_tfo->get_task_tag(cmd), task); 2397 continue; 2398 } 2399 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 2400 2401 offset = cmd->se_tfo->set_fabric_sense_len(cmd, 2402 TRANSPORT_SENSE_BUFFER); 2403 2404 memcpy(&buffer[offset], sense_buffer, 2405 TRANSPORT_SENSE_BUFFER); 2406 cmd->scsi_status = task->task_scsi_status; 2407 /* Automatically padded */ 2408 cmd->scsi_sense_length = 2409 (TRANSPORT_SENSE_BUFFER + offset); 2410 2411 pr_debug("HBA_[%u]_PLUG[%s]: Set SAM STATUS: 0x%02x" 2412 " and sense\n", 2413 dev->se_hba->hba_id, dev->transport->name, 2414 cmd->scsi_status); 2415 return 0; 2416 } 2417 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 2418 2419 return -1; 2420 } 2421 2422 static inline long long transport_dev_end_lba(struct se_device *dev) 2423 { 2424 return dev->transport->get_blocks(dev) + 1; 2425 } 2426 2427 static int transport_cmd_get_valid_sectors(struct se_cmd *cmd) 2428 { 2429 struct se_device *dev = cmd->se_dev; 2430 u32 sectors; 2431 2432 if (dev->transport->get_device_type(dev) != TYPE_DISK) 2433 return 0; 2434 2435 sectors = (cmd->data_length / dev->se_sub_dev->se_dev_attrib.block_size); 2436 2437 if ((cmd->t_task_lba + sectors) > transport_dev_end_lba(dev)) { 2438 pr_err("LBA: %llu Sectors: %u exceeds" 2439 " transport_dev_end_lba(): %llu\n", 2440 cmd->t_task_lba, sectors, 2441 transport_dev_end_lba(dev)); 2442 return -EINVAL; 2443 } 2444 2445 return 0; 2446 } 2447 2448 static int target_check_write_same_discard(unsigned char *flags, struct se_device *dev) 2449 { 2450 /* 2451 * Determine if the received WRITE_SAME is used to for direct 2452 * passthrough into Linux/SCSI with struct request via TCM/pSCSI 2453 * or we are signaling the use of internal WRITE_SAME + UNMAP=1 2454 * emulation for -> Linux/BLOCK disbard with TCM/IBLOCK code. 2455 */ 2456 int passthrough = (dev->transport->transport_type == 2457 TRANSPORT_PLUGIN_PHBA_PDEV); 2458 2459 if (!passthrough) { 2460 if ((flags[0] & 0x04) || (flags[0] & 0x02)) { 2461 pr_err("WRITE_SAME PBDATA and LBDATA" 2462 " bits not supported for Block Discard" 2463 " Emulation\n"); 2464 return -ENOSYS; 2465 } 2466 /* 2467 * Currently for the emulated case we only accept 2468 * tpws with the UNMAP=1 bit set. 2469 */ 2470 if (!(flags[0] & 0x08)) { 2471 pr_err("WRITE_SAME w/o UNMAP bit not" 2472 " supported for Block Discard Emulation\n"); 2473 return -ENOSYS; 2474 } 2475 } 2476 2477 return 0; 2478 } 2479 2480 /* transport_generic_cmd_sequencer(): 2481 * 2482 * Generic Command Sequencer that should work for most DAS transport 2483 * drivers. 2484 * 2485 * Called from transport_generic_allocate_tasks() in the $FABRIC_MOD 2486 * RX Thread. 2487 * 2488 * FIXME: Need to support other SCSI OPCODES where as well. 2489 */ 2490 static int transport_generic_cmd_sequencer( 2491 struct se_cmd *cmd, 2492 unsigned char *cdb) 2493 { 2494 struct se_device *dev = cmd->se_dev; 2495 struct se_subsystem_dev *su_dev = dev->se_sub_dev; 2496 int ret = 0, sector_ret = 0, passthrough; 2497 u32 sectors = 0, size = 0, pr_reg_type = 0; 2498 u16 service_action; 2499 u8 alua_ascq = 0; 2500 /* 2501 * Check for an existing UNIT ATTENTION condition 2502 */ 2503 if (core_scsi3_ua_check(cmd, cdb) < 0) { 2504 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 2505 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_UNIT_ATTENTION; 2506 return -EINVAL; 2507 } 2508 /* 2509 * Check status of Asymmetric Logical Unit Assignment port 2510 */ 2511 ret = su_dev->t10_alua.alua_state_check(cmd, cdb, &alua_ascq); 2512 if (ret != 0) { 2513 /* 2514 * Set SCSI additional sense code (ASC) to 'LUN Not Accessible'; 2515 * The ALUA additional sense code qualifier (ASCQ) is determined 2516 * by the ALUA primary or secondary access state.. 2517 */ 2518 if (ret > 0) { 2519 #if 0 2520 pr_debug("[%s]: ALUA TG Port not available," 2521 " SenseKey: NOT_READY, ASC/ASCQ: 0x04/0x%02x\n", 2522 cmd->se_tfo->get_fabric_name(), alua_ascq); 2523 #endif 2524 transport_set_sense_codes(cmd, 0x04, alua_ascq); 2525 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 2526 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_NOT_READY; 2527 return -EINVAL; 2528 } 2529 goto out_invalid_cdb_field; 2530 } 2531 /* 2532 * Check status for SPC-3 Persistent Reservations 2533 */ 2534 if (su_dev->t10_pr.pr_ops.t10_reservation_check(cmd, &pr_reg_type) != 0) { 2535 if (su_dev->t10_pr.pr_ops.t10_seq_non_holder( 2536 cmd, cdb, pr_reg_type) != 0) { 2537 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 2538 cmd->se_cmd_flags |= SCF_SCSI_RESERVATION_CONFLICT; 2539 cmd->scsi_sense_reason = TCM_RESERVATION_CONFLICT; 2540 return -EBUSY; 2541 } 2542 /* 2543 * This means the CDB is allowed for the SCSI Initiator port 2544 * when said port is *NOT* holding the legacy SPC-2 or 2545 * SPC-3 Persistent Reservation. 2546 */ 2547 } 2548 2549 /* 2550 * If we operate in passthrough mode we skip most CDB emulation and 2551 * instead hand the commands down to the physical SCSI device. 2552 */ 2553 passthrough = 2554 (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV); 2555 2556 switch (cdb[0]) { 2557 case READ_6: 2558 sectors = transport_get_sectors_6(cdb, cmd, §or_ret); 2559 if (sector_ret) 2560 goto out_unsupported_cdb; 2561 size = transport_get_size(sectors, cdb, cmd); 2562 cmd->t_task_lba = transport_lba_21(cdb); 2563 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2564 break; 2565 case READ_10: 2566 sectors = transport_get_sectors_10(cdb, cmd, §or_ret); 2567 if (sector_ret) 2568 goto out_unsupported_cdb; 2569 size = transport_get_size(sectors, cdb, cmd); 2570 cmd->t_task_lba = transport_lba_32(cdb); 2571 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2572 break; 2573 case READ_12: 2574 sectors = transport_get_sectors_12(cdb, cmd, §or_ret); 2575 if (sector_ret) 2576 goto out_unsupported_cdb; 2577 size = transport_get_size(sectors, cdb, cmd); 2578 cmd->t_task_lba = transport_lba_32(cdb); 2579 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2580 break; 2581 case READ_16: 2582 sectors = transport_get_sectors_16(cdb, cmd, §or_ret); 2583 if (sector_ret) 2584 goto out_unsupported_cdb; 2585 size = transport_get_size(sectors, cdb, cmd); 2586 cmd->t_task_lba = transport_lba_64(cdb); 2587 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2588 break; 2589 case WRITE_6: 2590 sectors = transport_get_sectors_6(cdb, cmd, §or_ret); 2591 if (sector_ret) 2592 goto out_unsupported_cdb; 2593 size = transport_get_size(sectors, cdb, cmd); 2594 cmd->t_task_lba = transport_lba_21(cdb); 2595 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2596 break; 2597 case WRITE_10: 2598 sectors = transport_get_sectors_10(cdb, cmd, §or_ret); 2599 if (sector_ret) 2600 goto out_unsupported_cdb; 2601 size = transport_get_size(sectors, cdb, cmd); 2602 cmd->t_task_lba = transport_lba_32(cdb); 2603 if (cdb[1] & 0x8) 2604 cmd->se_cmd_flags |= SCF_FUA; 2605 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2606 break; 2607 case WRITE_12: 2608 sectors = transport_get_sectors_12(cdb, cmd, §or_ret); 2609 if (sector_ret) 2610 goto out_unsupported_cdb; 2611 size = transport_get_size(sectors, cdb, cmd); 2612 cmd->t_task_lba = transport_lba_32(cdb); 2613 if (cdb[1] & 0x8) 2614 cmd->se_cmd_flags |= SCF_FUA; 2615 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2616 break; 2617 case WRITE_16: 2618 sectors = transport_get_sectors_16(cdb, cmd, §or_ret); 2619 if (sector_ret) 2620 goto out_unsupported_cdb; 2621 size = transport_get_size(sectors, cdb, cmd); 2622 cmd->t_task_lba = transport_lba_64(cdb); 2623 if (cdb[1] & 0x8) 2624 cmd->se_cmd_flags |= SCF_FUA; 2625 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2626 break; 2627 case XDWRITEREAD_10: 2628 if ((cmd->data_direction != DMA_TO_DEVICE) || 2629 !(cmd->se_cmd_flags & SCF_BIDI)) 2630 goto out_invalid_cdb_field; 2631 sectors = transport_get_sectors_10(cdb, cmd, §or_ret); 2632 if (sector_ret) 2633 goto out_unsupported_cdb; 2634 size = transport_get_size(sectors, cdb, cmd); 2635 cmd->t_task_lba = transport_lba_32(cdb); 2636 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2637 2638 /* 2639 * Do now allow BIDI commands for passthrough mode. 2640 */ 2641 if (passthrough) 2642 goto out_unsupported_cdb; 2643 2644 /* 2645 * Setup BIDI XOR callback to be run after I/O completion. 2646 */ 2647 cmd->transport_complete_callback = &transport_xor_callback; 2648 if (cdb[1] & 0x8) 2649 cmd->se_cmd_flags |= SCF_FUA; 2650 break; 2651 case VARIABLE_LENGTH_CMD: 2652 service_action = get_unaligned_be16(&cdb[8]); 2653 switch (service_action) { 2654 case XDWRITEREAD_32: 2655 sectors = transport_get_sectors_32(cdb, cmd, §or_ret); 2656 if (sector_ret) 2657 goto out_unsupported_cdb; 2658 size = transport_get_size(sectors, cdb, cmd); 2659 /* 2660 * Use WRITE_32 and READ_32 opcodes for the emulated 2661 * XDWRITE_READ_32 logic. 2662 */ 2663 cmd->t_task_lba = transport_lba_64_ext(cdb); 2664 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB; 2665 2666 /* 2667 * Do now allow BIDI commands for passthrough mode. 2668 */ 2669 if (passthrough) 2670 goto out_unsupported_cdb; 2671 2672 /* 2673 * Setup BIDI XOR callback to be run during after I/O 2674 * completion. 2675 */ 2676 cmd->transport_complete_callback = &transport_xor_callback; 2677 if (cdb[1] & 0x8) 2678 cmd->se_cmd_flags |= SCF_FUA; 2679 break; 2680 case WRITE_SAME_32: 2681 sectors = transport_get_sectors_32(cdb, cmd, §or_ret); 2682 if (sector_ret) 2683 goto out_unsupported_cdb; 2684 2685 if (sectors) 2686 size = transport_get_size(1, cdb, cmd); 2687 else { 2688 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not" 2689 " supported\n"); 2690 goto out_invalid_cdb_field; 2691 } 2692 2693 cmd->t_task_lba = get_unaligned_be64(&cdb[12]); 2694 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2695 2696 if (target_check_write_same_discard(&cdb[10], dev) < 0) 2697 goto out_invalid_cdb_field; 2698 if (!passthrough) 2699 cmd->execute_task = target_emulate_write_same; 2700 break; 2701 default: 2702 pr_err("VARIABLE_LENGTH_CMD service action" 2703 " 0x%04x not supported\n", service_action); 2704 goto out_unsupported_cdb; 2705 } 2706 break; 2707 case MAINTENANCE_IN: 2708 if (dev->transport->get_device_type(dev) != TYPE_ROM) { 2709 /* MAINTENANCE_IN from SCC-2 */ 2710 /* 2711 * Check for emulated MI_REPORT_TARGET_PGS. 2712 */ 2713 if (cdb[1] == MI_REPORT_TARGET_PGS && 2714 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) { 2715 cmd->execute_task = 2716 target_emulate_report_target_port_groups; 2717 } 2718 size = (cdb[6] << 24) | (cdb[7] << 16) | 2719 (cdb[8] << 8) | cdb[9]; 2720 } else { 2721 /* GPCMD_SEND_KEY from multi media commands */ 2722 size = (cdb[8] << 8) + cdb[9]; 2723 } 2724 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2725 break; 2726 case MODE_SELECT: 2727 size = cdb[4]; 2728 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2729 break; 2730 case MODE_SELECT_10: 2731 size = (cdb[7] << 8) + cdb[8]; 2732 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2733 break; 2734 case MODE_SENSE: 2735 size = cdb[4]; 2736 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2737 if (!passthrough) 2738 cmd->execute_task = target_emulate_modesense; 2739 break; 2740 case MODE_SENSE_10: 2741 size = (cdb[7] << 8) + cdb[8]; 2742 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2743 if (!passthrough) 2744 cmd->execute_task = target_emulate_modesense; 2745 break; 2746 case GPCMD_READ_BUFFER_CAPACITY: 2747 case GPCMD_SEND_OPC: 2748 case LOG_SELECT: 2749 case LOG_SENSE: 2750 size = (cdb[7] << 8) + cdb[8]; 2751 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2752 break; 2753 case READ_BLOCK_LIMITS: 2754 size = READ_BLOCK_LEN; 2755 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2756 break; 2757 case GPCMD_GET_CONFIGURATION: 2758 case GPCMD_READ_FORMAT_CAPACITIES: 2759 case GPCMD_READ_DISC_INFO: 2760 case GPCMD_READ_TRACK_RZONE_INFO: 2761 size = (cdb[7] << 8) + cdb[8]; 2762 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2763 break; 2764 case PERSISTENT_RESERVE_IN: 2765 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS) 2766 cmd->execute_task = target_scsi3_emulate_pr_in; 2767 size = (cdb[7] << 8) + cdb[8]; 2768 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2769 break; 2770 case PERSISTENT_RESERVE_OUT: 2771 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS) 2772 cmd->execute_task = target_scsi3_emulate_pr_out; 2773 size = (cdb[7] << 8) + cdb[8]; 2774 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2775 break; 2776 case GPCMD_MECHANISM_STATUS: 2777 case GPCMD_READ_DVD_STRUCTURE: 2778 size = (cdb[8] << 8) + cdb[9]; 2779 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2780 break; 2781 case READ_POSITION: 2782 size = READ_POSITION_LEN; 2783 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2784 break; 2785 case MAINTENANCE_OUT: 2786 if (dev->transport->get_device_type(dev) != TYPE_ROM) { 2787 /* MAINTENANCE_OUT from SCC-2 2788 * 2789 * Check for emulated MO_SET_TARGET_PGS. 2790 */ 2791 if (cdb[1] == MO_SET_TARGET_PGS && 2792 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) { 2793 cmd->execute_task = 2794 target_emulate_set_target_port_groups; 2795 } 2796 2797 size = (cdb[6] << 24) | (cdb[7] << 16) | 2798 (cdb[8] << 8) | cdb[9]; 2799 } else { 2800 /* GPCMD_REPORT_KEY from multi media commands */ 2801 size = (cdb[8] << 8) + cdb[9]; 2802 } 2803 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2804 break; 2805 case INQUIRY: 2806 size = (cdb[3] << 8) + cdb[4]; 2807 /* 2808 * Do implict HEAD_OF_QUEUE processing for INQUIRY. 2809 * See spc4r17 section 5.3 2810 */ 2811 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 2812 cmd->sam_task_attr = MSG_HEAD_TAG; 2813 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2814 if (!passthrough) 2815 cmd->execute_task = target_emulate_inquiry; 2816 break; 2817 case READ_BUFFER: 2818 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8]; 2819 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2820 break; 2821 case READ_CAPACITY: 2822 size = READ_CAP_LEN; 2823 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2824 if (!passthrough) 2825 cmd->execute_task = target_emulate_readcapacity; 2826 break; 2827 case READ_MEDIA_SERIAL_NUMBER: 2828 case SECURITY_PROTOCOL_IN: 2829 case SECURITY_PROTOCOL_OUT: 2830 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9]; 2831 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2832 break; 2833 case SERVICE_ACTION_IN: 2834 switch (cmd->t_task_cdb[1] & 0x1f) { 2835 case SAI_READ_CAPACITY_16: 2836 if (!passthrough) 2837 cmd->execute_task = 2838 target_emulate_readcapacity_16; 2839 break; 2840 default: 2841 if (passthrough) 2842 break; 2843 2844 pr_err("Unsupported SA: 0x%02x\n", 2845 cmd->t_task_cdb[1] & 0x1f); 2846 goto out_unsupported_cdb; 2847 } 2848 /*FALLTHROUGH*/ 2849 case ACCESS_CONTROL_IN: 2850 case ACCESS_CONTROL_OUT: 2851 case EXTENDED_COPY: 2852 case READ_ATTRIBUTE: 2853 case RECEIVE_COPY_RESULTS: 2854 case WRITE_ATTRIBUTE: 2855 size = (cdb[10] << 24) | (cdb[11] << 16) | 2856 (cdb[12] << 8) | cdb[13]; 2857 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2858 break; 2859 case RECEIVE_DIAGNOSTIC: 2860 case SEND_DIAGNOSTIC: 2861 size = (cdb[3] << 8) | cdb[4]; 2862 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2863 break; 2864 /* #warning FIXME: Figure out correct GPCMD_READ_CD blocksize. */ 2865 #if 0 2866 case GPCMD_READ_CD: 2867 sectors = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8]; 2868 size = (2336 * sectors); 2869 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2870 break; 2871 #endif 2872 case READ_TOC: 2873 size = cdb[8]; 2874 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2875 break; 2876 case REQUEST_SENSE: 2877 size = cdb[4]; 2878 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2879 if (!passthrough) 2880 cmd->execute_task = target_emulate_request_sense; 2881 break; 2882 case READ_ELEMENT_STATUS: 2883 size = 65536 * cdb[7] + 256 * cdb[8] + cdb[9]; 2884 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2885 break; 2886 case WRITE_BUFFER: 2887 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8]; 2888 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2889 break; 2890 case RESERVE: 2891 case RESERVE_10: 2892 /* 2893 * The SPC-2 RESERVE does not contain a size in the SCSI CDB. 2894 * Assume the passthrough or $FABRIC_MOD will tell us about it. 2895 */ 2896 if (cdb[0] == RESERVE_10) 2897 size = (cdb[7] << 8) | cdb[8]; 2898 else 2899 size = cmd->data_length; 2900 2901 /* 2902 * Setup the legacy emulated handler for SPC-2 and 2903 * >= SPC-3 compatible reservation handling (CRH=1) 2904 * Otherwise, we assume the underlying SCSI logic is 2905 * is running in SPC_PASSTHROUGH, and wants reservations 2906 * emulation disabled. 2907 */ 2908 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH) 2909 cmd->execute_task = target_scsi2_reservation_reserve; 2910 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB; 2911 break; 2912 case RELEASE: 2913 case RELEASE_10: 2914 /* 2915 * The SPC-2 RELEASE does not contain a size in the SCSI CDB. 2916 * Assume the passthrough or $FABRIC_MOD will tell us about it. 2917 */ 2918 if (cdb[0] == RELEASE_10) 2919 size = (cdb[7] << 8) | cdb[8]; 2920 else 2921 size = cmd->data_length; 2922 2923 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH) 2924 cmd->execute_task = target_scsi2_reservation_release; 2925 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB; 2926 break; 2927 case SYNCHRONIZE_CACHE: 2928 case 0x91: /* SYNCHRONIZE_CACHE_16: */ 2929 /* 2930 * Extract LBA and range to be flushed for emulated SYNCHRONIZE_CACHE 2931 */ 2932 if (cdb[0] == SYNCHRONIZE_CACHE) { 2933 sectors = transport_get_sectors_10(cdb, cmd, §or_ret); 2934 cmd->t_task_lba = transport_lba_32(cdb); 2935 } else { 2936 sectors = transport_get_sectors_16(cdb, cmd, §or_ret); 2937 cmd->t_task_lba = transport_lba_64(cdb); 2938 } 2939 if (sector_ret) 2940 goto out_unsupported_cdb; 2941 2942 size = transport_get_size(sectors, cdb, cmd); 2943 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB; 2944 2945 if (passthrough) 2946 break; 2947 2948 /* 2949 * Check to ensure that LBA + Range does not exceed past end of 2950 * device for IBLOCK and FILEIO ->do_sync_cache() backend calls 2951 */ 2952 if ((cmd->t_task_lba != 0) || (sectors != 0)) { 2953 if (transport_cmd_get_valid_sectors(cmd) < 0) 2954 goto out_invalid_cdb_field; 2955 } 2956 cmd->execute_task = target_emulate_synchronize_cache; 2957 break; 2958 case UNMAP: 2959 size = get_unaligned_be16(&cdb[7]); 2960 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2961 if (!passthrough) 2962 cmd->execute_task = target_emulate_unmap; 2963 break; 2964 case WRITE_SAME_16: 2965 sectors = transport_get_sectors_16(cdb, cmd, §or_ret); 2966 if (sector_ret) 2967 goto out_unsupported_cdb; 2968 2969 if (sectors) 2970 size = transport_get_size(1, cdb, cmd); 2971 else { 2972 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n"); 2973 goto out_invalid_cdb_field; 2974 } 2975 2976 cmd->t_task_lba = get_unaligned_be64(&cdb[2]); 2977 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2978 2979 if (target_check_write_same_discard(&cdb[1], dev) < 0) 2980 goto out_invalid_cdb_field; 2981 if (!passthrough) 2982 cmd->execute_task = target_emulate_write_same; 2983 break; 2984 case WRITE_SAME: 2985 sectors = transport_get_sectors_10(cdb, cmd, §or_ret); 2986 if (sector_ret) 2987 goto out_unsupported_cdb; 2988 2989 if (sectors) 2990 size = transport_get_size(1, cdb, cmd); 2991 else { 2992 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n"); 2993 goto out_invalid_cdb_field; 2994 } 2995 2996 cmd->t_task_lba = get_unaligned_be32(&cdb[2]); 2997 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 2998 /* 2999 * Follow sbcr26 with WRITE_SAME (10) and check for the existence 3000 * of byte 1 bit 3 UNMAP instead of original reserved field 3001 */ 3002 if (target_check_write_same_discard(&cdb[1], dev) < 0) 3003 goto out_invalid_cdb_field; 3004 if (!passthrough) 3005 cmd->execute_task = target_emulate_write_same; 3006 break; 3007 case ALLOW_MEDIUM_REMOVAL: 3008 case ERASE: 3009 case REZERO_UNIT: 3010 case SEEK_10: 3011 case SPACE: 3012 case START_STOP: 3013 case TEST_UNIT_READY: 3014 case VERIFY: 3015 case WRITE_FILEMARKS: 3016 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB; 3017 if (!passthrough) 3018 cmd->execute_task = target_emulate_noop; 3019 break; 3020 case GPCMD_CLOSE_TRACK: 3021 case INITIALIZE_ELEMENT_STATUS: 3022 case GPCMD_LOAD_UNLOAD: 3023 case GPCMD_SET_SPEED: 3024 case MOVE_MEDIUM: 3025 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB; 3026 break; 3027 case REPORT_LUNS: 3028 cmd->execute_task = target_report_luns; 3029 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9]; 3030 /* 3031 * Do implict HEAD_OF_QUEUE processing for REPORT_LUNS 3032 * See spc4r17 section 5.3 3033 */ 3034 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 3035 cmd->sam_task_attr = MSG_HEAD_TAG; 3036 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB; 3037 break; 3038 default: 3039 pr_warn("TARGET_CORE[%s]: Unsupported SCSI Opcode" 3040 " 0x%02x, sending CHECK_CONDITION.\n", 3041 cmd->se_tfo->get_fabric_name(), cdb[0]); 3042 goto out_unsupported_cdb; 3043 } 3044 3045 if (size != cmd->data_length) { 3046 pr_warn("TARGET_CORE[%s]: Expected Transfer Length:" 3047 " %u does not match SCSI CDB Length: %u for SAM Opcode:" 3048 " 0x%02x\n", cmd->se_tfo->get_fabric_name(), 3049 cmd->data_length, size, cdb[0]); 3050 3051 cmd->cmd_spdtl = size; 3052 3053 if (cmd->data_direction == DMA_TO_DEVICE) { 3054 pr_err("Rejecting underflow/overflow" 3055 " WRITE data\n"); 3056 goto out_invalid_cdb_field; 3057 } 3058 /* 3059 * Reject READ_* or WRITE_* with overflow/underflow for 3060 * type SCF_SCSI_DATA_SG_IO_CDB. 3061 */ 3062 if (!ret && (dev->se_sub_dev->se_dev_attrib.block_size != 512)) { 3063 pr_err("Failing OVERFLOW/UNDERFLOW for LBA op" 3064 " CDB on non 512-byte sector setup subsystem" 3065 " plugin: %s\n", dev->transport->name); 3066 /* Returns CHECK_CONDITION + INVALID_CDB_FIELD */ 3067 goto out_invalid_cdb_field; 3068 } 3069 3070 if (size > cmd->data_length) { 3071 cmd->se_cmd_flags |= SCF_OVERFLOW_BIT; 3072 cmd->residual_count = (size - cmd->data_length); 3073 } else { 3074 cmd->se_cmd_flags |= SCF_UNDERFLOW_BIT; 3075 cmd->residual_count = (cmd->data_length - size); 3076 } 3077 cmd->data_length = size; 3078 } 3079 3080 /* reject any command that we don't have a handler for */ 3081 if (!(passthrough || cmd->execute_task || 3082 (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB))) 3083 goto out_unsupported_cdb; 3084 3085 /* Let's limit control cdbs to a page, for simplicity's sake. */ 3086 if ((cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB) && 3087 size > PAGE_SIZE) 3088 goto out_invalid_cdb_field; 3089 3090 transport_set_supported_SAM_opcode(cmd); 3091 return ret; 3092 3093 out_unsupported_cdb: 3094 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 3095 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE; 3096 return -EINVAL; 3097 out_invalid_cdb_field: 3098 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 3099 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 3100 return -EINVAL; 3101 } 3102 3103 /* 3104 * Called from I/O completion to determine which dormant/delayed 3105 * and ordered cmds need to have their tasks added to the execution queue. 3106 */ 3107 static void transport_complete_task_attr(struct se_cmd *cmd) 3108 { 3109 struct se_device *dev = cmd->se_dev; 3110 struct se_cmd *cmd_p, *cmd_tmp; 3111 int new_active_tasks = 0; 3112 3113 if (cmd->sam_task_attr == MSG_SIMPLE_TAG) { 3114 atomic_dec(&dev->simple_cmds); 3115 smp_mb__after_atomic_dec(); 3116 dev->dev_cur_ordered_id++; 3117 pr_debug("Incremented dev->dev_cur_ordered_id: %u for" 3118 " SIMPLE: %u\n", dev->dev_cur_ordered_id, 3119 cmd->se_ordered_id); 3120 } else if (cmd->sam_task_attr == MSG_HEAD_TAG) { 3121 dev->dev_cur_ordered_id++; 3122 pr_debug("Incremented dev_cur_ordered_id: %u for" 3123 " HEAD_OF_QUEUE: %u\n", dev->dev_cur_ordered_id, 3124 cmd->se_ordered_id); 3125 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) { 3126 atomic_dec(&dev->dev_ordered_sync); 3127 smp_mb__after_atomic_dec(); 3128 3129 dev->dev_cur_ordered_id++; 3130 pr_debug("Incremented dev_cur_ordered_id: %u for ORDERED:" 3131 " %u\n", dev->dev_cur_ordered_id, cmd->se_ordered_id); 3132 } 3133 /* 3134 * Process all commands up to the last received 3135 * ORDERED task attribute which requires another blocking 3136 * boundary 3137 */ 3138 spin_lock(&dev->delayed_cmd_lock); 3139 list_for_each_entry_safe(cmd_p, cmd_tmp, 3140 &dev->delayed_cmd_list, se_delayed_node) { 3141 3142 list_del(&cmd_p->se_delayed_node); 3143 spin_unlock(&dev->delayed_cmd_lock); 3144 3145 pr_debug("Calling add_tasks() for" 3146 " cmd_p: 0x%02x Task Attr: 0x%02x" 3147 " Dormant -> Active, se_ordered_id: %u\n", 3148 cmd_p->t_task_cdb[0], 3149 cmd_p->sam_task_attr, cmd_p->se_ordered_id); 3150 3151 transport_add_tasks_from_cmd(cmd_p); 3152 new_active_tasks++; 3153 3154 spin_lock(&dev->delayed_cmd_lock); 3155 if (cmd_p->sam_task_attr == MSG_ORDERED_TAG) 3156 break; 3157 } 3158 spin_unlock(&dev->delayed_cmd_lock); 3159 /* 3160 * If new tasks have become active, wake up the transport thread 3161 * to do the processing of the Active tasks. 3162 */ 3163 if (new_active_tasks != 0) 3164 wake_up_interruptible(&dev->dev_queue_obj.thread_wq); 3165 } 3166 3167 static void transport_complete_qf(struct se_cmd *cmd) 3168 { 3169 int ret = 0; 3170 3171 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 3172 transport_complete_task_attr(cmd); 3173 3174 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) { 3175 ret = cmd->se_tfo->queue_status(cmd); 3176 if (ret) 3177 goto out; 3178 } 3179 3180 switch (cmd->data_direction) { 3181 case DMA_FROM_DEVICE: 3182 ret = cmd->se_tfo->queue_data_in(cmd); 3183 break; 3184 case DMA_TO_DEVICE: 3185 if (cmd->t_bidi_data_sg) { 3186 ret = cmd->se_tfo->queue_data_in(cmd); 3187 if (ret < 0) 3188 break; 3189 } 3190 /* Fall through for DMA_TO_DEVICE */ 3191 case DMA_NONE: 3192 ret = cmd->se_tfo->queue_status(cmd); 3193 break; 3194 default: 3195 break; 3196 } 3197 3198 out: 3199 if (ret < 0) { 3200 transport_handle_queue_full(cmd, cmd->se_dev); 3201 return; 3202 } 3203 transport_lun_remove_cmd(cmd); 3204 transport_cmd_check_stop_to_fabric(cmd); 3205 } 3206 3207 static void transport_handle_queue_full( 3208 struct se_cmd *cmd, 3209 struct se_device *dev) 3210 { 3211 spin_lock_irq(&dev->qf_cmd_lock); 3212 list_add_tail(&cmd->se_qf_node, &cmd->se_dev->qf_cmd_list); 3213 atomic_inc(&dev->dev_qf_count); 3214 smp_mb__after_atomic_inc(); 3215 spin_unlock_irq(&cmd->se_dev->qf_cmd_lock); 3216 3217 schedule_work(&cmd->se_dev->qf_work_queue); 3218 } 3219 3220 static void target_complete_ok_work(struct work_struct *work) 3221 { 3222 struct se_cmd *cmd = container_of(work, struct se_cmd, work); 3223 int reason = 0, ret; 3224 3225 /* 3226 * Check if we need to move delayed/dormant tasks from cmds on the 3227 * delayed execution list after a HEAD_OF_QUEUE or ORDERED Task 3228 * Attribute. 3229 */ 3230 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED) 3231 transport_complete_task_attr(cmd); 3232 /* 3233 * Check to schedule QUEUE_FULL work, or execute an existing 3234 * cmd->transport_qf_callback() 3235 */ 3236 if (atomic_read(&cmd->se_dev->dev_qf_count) != 0) 3237 schedule_work(&cmd->se_dev->qf_work_queue); 3238 3239 /* 3240 * Check if we need to retrieve a sense buffer from 3241 * the struct se_cmd in question. 3242 */ 3243 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) { 3244 if (transport_get_sense_data(cmd) < 0) 3245 reason = TCM_NON_EXISTENT_LUN; 3246 3247 /* 3248 * Only set when an struct se_task->task_scsi_status returned 3249 * a non GOOD status. 3250 */ 3251 if (cmd->scsi_status) { 3252 ret = transport_send_check_condition_and_sense( 3253 cmd, reason, 1); 3254 if (ret == -EAGAIN || ret == -ENOMEM) 3255 goto queue_full; 3256 3257 transport_lun_remove_cmd(cmd); 3258 transport_cmd_check_stop_to_fabric(cmd); 3259 return; 3260 } 3261 } 3262 /* 3263 * Check for a callback, used by amongst other things 3264 * XDWRITE_READ_10 emulation. 3265 */ 3266 if (cmd->transport_complete_callback) 3267 cmd->transport_complete_callback(cmd); 3268 3269 switch (cmd->data_direction) { 3270 case DMA_FROM_DEVICE: 3271 spin_lock(&cmd->se_lun->lun_sep_lock); 3272 if (cmd->se_lun->lun_sep) { 3273 cmd->se_lun->lun_sep->sep_stats.tx_data_octets += 3274 cmd->data_length; 3275 } 3276 spin_unlock(&cmd->se_lun->lun_sep_lock); 3277 3278 ret = cmd->se_tfo->queue_data_in(cmd); 3279 if (ret == -EAGAIN || ret == -ENOMEM) 3280 goto queue_full; 3281 break; 3282 case DMA_TO_DEVICE: 3283 spin_lock(&cmd->se_lun->lun_sep_lock); 3284 if (cmd->se_lun->lun_sep) { 3285 cmd->se_lun->lun_sep->sep_stats.rx_data_octets += 3286 cmd->data_length; 3287 } 3288 spin_unlock(&cmd->se_lun->lun_sep_lock); 3289 /* 3290 * Check if we need to send READ payload for BIDI-COMMAND 3291 */ 3292 if (cmd->t_bidi_data_sg) { 3293 spin_lock(&cmd->se_lun->lun_sep_lock); 3294 if (cmd->se_lun->lun_sep) { 3295 cmd->se_lun->lun_sep->sep_stats.tx_data_octets += 3296 cmd->data_length; 3297 } 3298 spin_unlock(&cmd->se_lun->lun_sep_lock); 3299 ret = cmd->se_tfo->queue_data_in(cmd); 3300 if (ret == -EAGAIN || ret == -ENOMEM) 3301 goto queue_full; 3302 break; 3303 } 3304 /* Fall through for DMA_TO_DEVICE */ 3305 case DMA_NONE: 3306 ret = cmd->se_tfo->queue_status(cmd); 3307 if (ret == -EAGAIN || ret == -ENOMEM) 3308 goto queue_full; 3309 break; 3310 default: 3311 break; 3312 } 3313 3314 transport_lun_remove_cmd(cmd); 3315 transport_cmd_check_stop_to_fabric(cmd); 3316 return; 3317 3318 queue_full: 3319 pr_debug("Handling complete_ok QUEUE_FULL: se_cmd: %p," 3320 " data_direction: %d\n", cmd, cmd->data_direction); 3321 cmd->t_state = TRANSPORT_COMPLETE_QF_OK; 3322 transport_handle_queue_full(cmd, cmd->se_dev); 3323 } 3324 3325 static void transport_free_dev_tasks(struct se_cmd *cmd) 3326 { 3327 struct se_task *task, *task_tmp; 3328 unsigned long flags; 3329 LIST_HEAD(dispose_list); 3330 3331 spin_lock_irqsave(&cmd->t_state_lock, flags); 3332 list_for_each_entry_safe(task, task_tmp, 3333 &cmd->t_task_list, t_list) { 3334 if (!(task->task_flags & TF_ACTIVE)) 3335 list_move_tail(&task->t_list, &dispose_list); 3336 } 3337 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3338 3339 while (!list_empty(&dispose_list)) { 3340 task = list_first_entry(&dispose_list, struct se_task, t_list); 3341 3342 if (task->task_sg != cmd->t_data_sg && 3343 task->task_sg != cmd->t_bidi_data_sg) 3344 kfree(task->task_sg); 3345 3346 list_del(&task->t_list); 3347 3348 cmd->se_dev->transport->free_task(task); 3349 } 3350 } 3351 3352 static inline void transport_free_sgl(struct scatterlist *sgl, int nents) 3353 { 3354 struct scatterlist *sg; 3355 int count; 3356 3357 for_each_sg(sgl, sg, nents, count) 3358 __free_page(sg_page(sg)); 3359 3360 kfree(sgl); 3361 } 3362 3363 static inline void transport_free_pages(struct se_cmd *cmd) 3364 { 3365 if (cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC) 3366 return; 3367 3368 transport_free_sgl(cmd->t_data_sg, cmd->t_data_nents); 3369 cmd->t_data_sg = NULL; 3370 cmd->t_data_nents = 0; 3371 3372 transport_free_sgl(cmd->t_bidi_data_sg, cmd->t_bidi_data_nents); 3373 cmd->t_bidi_data_sg = NULL; 3374 cmd->t_bidi_data_nents = 0; 3375 } 3376 3377 /** 3378 * transport_release_cmd - free a command 3379 * @cmd: command to free 3380 * 3381 * This routine unconditionally frees a command, and reference counting 3382 * or list removal must be done in the caller. 3383 */ 3384 static void transport_release_cmd(struct se_cmd *cmd) 3385 { 3386 BUG_ON(!cmd->se_tfo); 3387 3388 if (cmd->se_tmr_req) 3389 core_tmr_release_req(cmd->se_tmr_req); 3390 if (cmd->t_task_cdb != cmd->__t_task_cdb) 3391 kfree(cmd->t_task_cdb); 3392 /* 3393 * If this cmd has been setup with target_get_sess_cmd(), drop 3394 * the kref and call ->release_cmd() in kref callback. 3395 */ 3396 if (cmd->check_release != 0) { 3397 target_put_sess_cmd(cmd->se_sess, cmd); 3398 return; 3399 } 3400 cmd->se_tfo->release_cmd(cmd); 3401 } 3402 3403 /** 3404 * transport_put_cmd - release a reference to a command 3405 * @cmd: command to release 3406 * 3407 * This routine releases our reference to the command and frees it if possible. 3408 */ 3409 static void transport_put_cmd(struct se_cmd *cmd) 3410 { 3411 unsigned long flags; 3412 int free_tasks = 0; 3413 3414 spin_lock_irqsave(&cmd->t_state_lock, flags); 3415 if (atomic_read(&cmd->t_fe_count)) { 3416 if (!atomic_dec_and_test(&cmd->t_fe_count)) 3417 goto out_busy; 3418 } 3419 3420 if (atomic_read(&cmd->t_se_count)) { 3421 if (!atomic_dec_and_test(&cmd->t_se_count)) 3422 goto out_busy; 3423 } 3424 3425 if (atomic_read(&cmd->transport_dev_active)) { 3426 atomic_set(&cmd->transport_dev_active, 0); 3427 transport_all_task_dev_remove_state(cmd); 3428 free_tasks = 1; 3429 } 3430 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3431 3432 if (free_tasks != 0) 3433 transport_free_dev_tasks(cmd); 3434 3435 transport_free_pages(cmd); 3436 transport_release_cmd(cmd); 3437 return; 3438 out_busy: 3439 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3440 } 3441 3442 /* 3443 * transport_generic_map_mem_to_cmd - Use fabric-alloced pages instead of 3444 * allocating in the core. 3445 * @cmd: Associated se_cmd descriptor 3446 * @mem: SGL style memory for TCM WRITE / READ 3447 * @sg_mem_num: Number of SGL elements 3448 * @mem_bidi_in: SGL style memory for TCM BIDI READ 3449 * @sg_mem_bidi_num: Number of BIDI READ SGL elements 3450 * 3451 * Return: nonzero return cmd was rejected for -ENOMEM or inproper usage 3452 * of parameters. 3453 */ 3454 int transport_generic_map_mem_to_cmd( 3455 struct se_cmd *cmd, 3456 struct scatterlist *sgl, 3457 u32 sgl_count, 3458 struct scatterlist *sgl_bidi, 3459 u32 sgl_bidi_count) 3460 { 3461 if (!sgl || !sgl_count) 3462 return 0; 3463 3464 if ((cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) || 3465 (cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB)) { 3466 /* 3467 * Reject SCSI data overflow with map_mem_to_cmd() as incoming 3468 * scatterlists already have been set to follow what the fabric 3469 * passes for the original expected data transfer length. 3470 */ 3471 if (cmd->se_cmd_flags & SCF_OVERFLOW_BIT) { 3472 pr_warn("Rejecting SCSI DATA overflow for fabric using" 3473 " SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC\n"); 3474 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 3475 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD; 3476 return -EINVAL; 3477 } 3478 3479 cmd->t_data_sg = sgl; 3480 cmd->t_data_nents = sgl_count; 3481 3482 if (sgl_bidi && sgl_bidi_count) { 3483 cmd->t_bidi_data_sg = sgl_bidi; 3484 cmd->t_bidi_data_nents = sgl_bidi_count; 3485 } 3486 cmd->se_cmd_flags |= SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC; 3487 } 3488 3489 return 0; 3490 } 3491 EXPORT_SYMBOL(transport_generic_map_mem_to_cmd); 3492 3493 void *transport_kmap_first_data_page(struct se_cmd *cmd) 3494 { 3495 struct scatterlist *sg = cmd->t_data_sg; 3496 3497 BUG_ON(!sg); 3498 /* 3499 * We need to take into account a possible offset here for fabrics like 3500 * tcm_loop who may be using a contig buffer from the SCSI midlayer for 3501 * control CDBs passed as SGLs via transport_generic_map_mem_to_cmd() 3502 */ 3503 return kmap(sg_page(sg)) + sg->offset; 3504 } 3505 EXPORT_SYMBOL(transport_kmap_first_data_page); 3506 3507 void transport_kunmap_first_data_page(struct se_cmd *cmd) 3508 { 3509 kunmap(sg_page(cmd->t_data_sg)); 3510 } 3511 EXPORT_SYMBOL(transport_kunmap_first_data_page); 3512 3513 static int 3514 transport_generic_get_mem(struct se_cmd *cmd) 3515 { 3516 u32 length = cmd->data_length; 3517 unsigned int nents; 3518 struct page *page; 3519 int i = 0; 3520 3521 nents = DIV_ROUND_UP(length, PAGE_SIZE); 3522 cmd->t_data_sg = kmalloc(sizeof(struct scatterlist) * nents, GFP_KERNEL); 3523 if (!cmd->t_data_sg) 3524 return -ENOMEM; 3525 3526 cmd->t_data_nents = nents; 3527 sg_init_table(cmd->t_data_sg, nents); 3528 3529 while (length) { 3530 u32 page_len = min_t(u32, length, PAGE_SIZE); 3531 page = alloc_page(GFP_KERNEL | __GFP_ZERO); 3532 if (!page) 3533 goto out; 3534 3535 sg_set_page(&cmd->t_data_sg[i], page, page_len, 0); 3536 length -= page_len; 3537 i++; 3538 } 3539 return 0; 3540 3541 out: 3542 while (i >= 0) { 3543 __free_page(sg_page(&cmd->t_data_sg[i])); 3544 i--; 3545 } 3546 kfree(cmd->t_data_sg); 3547 cmd->t_data_sg = NULL; 3548 return -ENOMEM; 3549 } 3550 3551 /* Reduce sectors if they are too long for the device */ 3552 static inline sector_t transport_limit_task_sectors( 3553 struct se_device *dev, 3554 unsigned long long lba, 3555 sector_t sectors) 3556 { 3557 sectors = min_t(sector_t, sectors, dev->se_sub_dev->se_dev_attrib.max_sectors); 3558 3559 if (dev->transport->get_device_type(dev) == TYPE_DISK) 3560 if ((lba + sectors) > transport_dev_end_lba(dev)) 3561 sectors = ((transport_dev_end_lba(dev) - lba) + 1); 3562 3563 return sectors; 3564 } 3565 3566 3567 /* 3568 * This function can be used by HW target mode drivers to create a linked 3569 * scatterlist from all contiguously allocated struct se_task->task_sg[]. 3570 * This is intended to be called during the completion path by TCM Core 3571 * when struct target_core_fabric_ops->check_task_sg_chaining is enabled. 3572 */ 3573 void transport_do_task_sg_chain(struct se_cmd *cmd) 3574 { 3575 struct scatterlist *sg_first = NULL; 3576 struct scatterlist *sg_prev = NULL; 3577 int sg_prev_nents = 0; 3578 struct scatterlist *sg; 3579 struct se_task *task; 3580 u32 chained_nents = 0; 3581 int i; 3582 3583 BUG_ON(!cmd->se_tfo->task_sg_chaining); 3584 3585 /* 3586 * Walk the struct se_task list and setup scatterlist chains 3587 * for each contiguously allocated struct se_task->task_sg[]. 3588 */ 3589 list_for_each_entry(task, &cmd->t_task_list, t_list) { 3590 if (!task->task_sg) 3591 continue; 3592 3593 if (!sg_first) { 3594 sg_first = task->task_sg; 3595 chained_nents = task->task_sg_nents; 3596 } else { 3597 sg_chain(sg_prev, sg_prev_nents, task->task_sg); 3598 chained_nents += task->task_sg_nents; 3599 } 3600 /* 3601 * For the padded tasks, use the extra SGL vector allocated 3602 * in transport_allocate_data_tasks() for the sg_prev_nents 3603 * offset into sg_chain() above. 3604 * 3605 * We do not need the padding for the last task (or a single 3606 * task), but in that case we will never use the sg_prev_nents 3607 * value below which would be incorrect. 3608 */ 3609 sg_prev_nents = (task->task_sg_nents + 1); 3610 sg_prev = task->task_sg; 3611 } 3612 /* 3613 * Setup the starting pointer and total t_tasks_sg_linked_no including 3614 * padding SGs for linking and to mark the end. 3615 */ 3616 cmd->t_tasks_sg_chained = sg_first; 3617 cmd->t_tasks_sg_chained_no = chained_nents; 3618 3619 pr_debug("Setup cmd: %p cmd->t_tasks_sg_chained: %p and" 3620 " t_tasks_sg_chained_no: %u\n", cmd, cmd->t_tasks_sg_chained, 3621 cmd->t_tasks_sg_chained_no); 3622 3623 for_each_sg(cmd->t_tasks_sg_chained, sg, 3624 cmd->t_tasks_sg_chained_no, i) { 3625 3626 pr_debug("SG[%d]: %p page: %p length: %d offset: %d\n", 3627 i, sg, sg_page(sg), sg->length, sg->offset); 3628 if (sg_is_chain(sg)) 3629 pr_debug("SG: %p sg_is_chain=1\n", sg); 3630 if (sg_is_last(sg)) 3631 pr_debug("SG: %p sg_is_last=1\n", sg); 3632 } 3633 } 3634 EXPORT_SYMBOL(transport_do_task_sg_chain); 3635 3636 /* 3637 * Break up cmd into chunks transport can handle 3638 */ 3639 static int 3640 transport_allocate_data_tasks(struct se_cmd *cmd, 3641 enum dma_data_direction data_direction, 3642 struct scatterlist *cmd_sg, unsigned int sgl_nents) 3643 { 3644 struct se_device *dev = cmd->se_dev; 3645 int task_count, i; 3646 unsigned long long lba; 3647 sector_t sectors, dev_max_sectors; 3648 u32 sector_size; 3649 3650 if (transport_cmd_get_valid_sectors(cmd) < 0) 3651 return -EINVAL; 3652 3653 dev_max_sectors = dev->se_sub_dev->se_dev_attrib.max_sectors; 3654 sector_size = dev->se_sub_dev->se_dev_attrib.block_size; 3655 3656 WARN_ON(cmd->data_length % sector_size); 3657 3658 lba = cmd->t_task_lba; 3659 sectors = DIV_ROUND_UP(cmd->data_length, sector_size); 3660 task_count = DIV_ROUND_UP_SECTOR_T(sectors, dev_max_sectors); 3661 3662 /* 3663 * If we need just a single task reuse the SG list in the command 3664 * and avoid a lot of work. 3665 */ 3666 if (task_count == 1) { 3667 struct se_task *task; 3668 unsigned long flags; 3669 3670 task = transport_generic_get_task(cmd, data_direction); 3671 if (!task) 3672 return -ENOMEM; 3673 3674 task->task_sg = cmd_sg; 3675 task->task_sg_nents = sgl_nents; 3676 3677 task->task_lba = lba; 3678 task->task_sectors = sectors; 3679 task->task_size = task->task_sectors * sector_size; 3680 3681 spin_lock_irqsave(&cmd->t_state_lock, flags); 3682 list_add_tail(&task->t_list, &cmd->t_task_list); 3683 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3684 3685 return task_count; 3686 } 3687 3688 for (i = 0; i < task_count; i++) { 3689 struct se_task *task; 3690 unsigned int task_size, task_sg_nents_padded; 3691 struct scatterlist *sg; 3692 unsigned long flags; 3693 int count; 3694 3695 task = transport_generic_get_task(cmd, data_direction); 3696 if (!task) 3697 return -ENOMEM; 3698 3699 task->task_lba = lba; 3700 task->task_sectors = min(sectors, dev_max_sectors); 3701 task->task_size = task->task_sectors * sector_size; 3702 3703 /* 3704 * This now assumes that passed sg_ents are in PAGE_SIZE chunks 3705 * in order to calculate the number per task SGL entries 3706 */ 3707 task->task_sg_nents = DIV_ROUND_UP(task->task_size, PAGE_SIZE); 3708 /* 3709 * Check if the fabric module driver is requesting that all 3710 * struct se_task->task_sg[] be chained together.. If so, 3711 * then allocate an extra padding SG entry for linking and 3712 * marking the end of the chained SGL for every task except 3713 * the last one for (task_count > 1) operation, or skipping 3714 * the extra padding for the (task_count == 1) case. 3715 */ 3716 if (cmd->se_tfo->task_sg_chaining && (i < (task_count - 1))) { 3717 task_sg_nents_padded = (task->task_sg_nents + 1); 3718 } else 3719 task_sg_nents_padded = task->task_sg_nents; 3720 3721 task->task_sg = kmalloc(sizeof(struct scatterlist) * 3722 task_sg_nents_padded, GFP_KERNEL); 3723 if (!task->task_sg) { 3724 cmd->se_dev->transport->free_task(task); 3725 return -ENOMEM; 3726 } 3727 3728 sg_init_table(task->task_sg, task_sg_nents_padded); 3729 3730 task_size = task->task_size; 3731 3732 /* Build new sgl, only up to task_size */ 3733 for_each_sg(task->task_sg, sg, task->task_sg_nents, count) { 3734 if (cmd_sg->length > task_size) 3735 break; 3736 3737 *sg = *cmd_sg; 3738 task_size -= cmd_sg->length; 3739 cmd_sg = sg_next(cmd_sg); 3740 } 3741 3742 lba += task->task_sectors; 3743 sectors -= task->task_sectors; 3744 3745 spin_lock_irqsave(&cmd->t_state_lock, flags); 3746 list_add_tail(&task->t_list, &cmd->t_task_list); 3747 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3748 } 3749 3750 return task_count; 3751 } 3752 3753 static int 3754 transport_allocate_control_task(struct se_cmd *cmd) 3755 { 3756 struct se_task *task; 3757 unsigned long flags; 3758 3759 task = transport_generic_get_task(cmd, cmd->data_direction); 3760 if (!task) 3761 return -ENOMEM; 3762 3763 task->task_sg = cmd->t_data_sg; 3764 task->task_size = cmd->data_length; 3765 task->task_sg_nents = cmd->t_data_nents; 3766 3767 spin_lock_irqsave(&cmd->t_state_lock, flags); 3768 list_add_tail(&task->t_list, &cmd->t_task_list); 3769 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3770 3771 /* Success! Return number of tasks allocated */ 3772 return 1; 3773 } 3774 3775 /* 3776 * Allocate any required ressources to execute the command, and either place 3777 * it on the execution queue if possible. For writes we might not have the 3778 * payload yet, thus notify the fabric via a call to ->write_pending instead. 3779 */ 3780 int transport_generic_new_cmd(struct se_cmd *cmd) 3781 { 3782 struct se_device *dev = cmd->se_dev; 3783 int task_cdbs, task_cdbs_bidi = 0; 3784 int set_counts = 1; 3785 int ret = 0; 3786 3787 /* 3788 * Determine is the TCM fabric module has already allocated physical 3789 * memory, and is directly calling transport_generic_map_mem_to_cmd() 3790 * beforehand. 3791 */ 3792 if (!(cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC) && 3793 cmd->data_length) { 3794 ret = transport_generic_get_mem(cmd); 3795 if (ret < 0) 3796 goto out_fail; 3797 } 3798 3799 /* 3800 * For BIDI command set up the read tasks first. 3801 */ 3802 if (cmd->t_bidi_data_sg && 3803 dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) { 3804 BUG_ON(!(cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB)); 3805 3806 task_cdbs_bidi = transport_allocate_data_tasks(cmd, 3807 DMA_FROM_DEVICE, cmd->t_bidi_data_sg, 3808 cmd->t_bidi_data_nents); 3809 if (task_cdbs_bidi <= 0) 3810 goto out_fail; 3811 3812 atomic_inc(&cmd->t_fe_count); 3813 atomic_inc(&cmd->t_se_count); 3814 set_counts = 0; 3815 } 3816 3817 if (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) { 3818 task_cdbs = transport_allocate_data_tasks(cmd, 3819 cmd->data_direction, cmd->t_data_sg, 3820 cmd->t_data_nents); 3821 } else { 3822 task_cdbs = transport_allocate_control_task(cmd); 3823 } 3824 3825 if (task_cdbs < 0) 3826 goto out_fail; 3827 else if (!task_cdbs && (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB)) { 3828 cmd->t_state = TRANSPORT_COMPLETE; 3829 atomic_set(&cmd->t_transport_active, 1); 3830 INIT_WORK(&cmd->work, target_complete_ok_work); 3831 queue_work(target_completion_wq, &cmd->work); 3832 return 0; 3833 } 3834 3835 if (set_counts) { 3836 atomic_inc(&cmd->t_fe_count); 3837 atomic_inc(&cmd->t_se_count); 3838 } 3839 3840 cmd->t_task_list_num = (task_cdbs + task_cdbs_bidi); 3841 atomic_set(&cmd->t_task_cdbs_left, cmd->t_task_list_num); 3842 atomic_set(&cmd->t_task_cdbs_ex_left, cmd->t_task_list_num); 3843 3844 /* 3845 * For WRITEs, let the fabric know its buffer is ready.. 3846 * This WRITE struct se_cmd (and all of its associated struct se_task's) 3847 * will be added to the struct se_device execution queue after its WRITE 3848 * data has arrived. (ie: It gets handled by the transport processing 3849 * thread a second time) 3850 */ 3851 if (cmd->data_direction == DMA_TO_DEVICE) { 3852 transport_add_tasks_to_state_queue(cmd); 3853 return transport_generic_write_pending(cmd); 3854 } 3855 /* 3856 * Everything else but a WRITE, add the struct se_cmd's struct se_task's 3857 * to the execution queue. 3858 */ 3859 transport_execute_tasks(cmd); 3860 return 0; 3861 3862 out_fail: 3863 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION; 3864 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE; 3865 return -EINVAL; 3866 } 3867 EXPORT_SYMBOL(transport_generic_new_cmd); 3868 3869 /* transport_generic_process_write(): 3870 * 3871 * 3872 */ 3873 void transport_generic_process_write(struct se_cmd *cmd) 3874 { 3875 transport_execute_tasks(cmd); 3876 } 3877 EXPORT_SYMBOL(transport_generic_process_write); 3878 3879 static void transport_write_pending_qf(struct se_cmd *cmd) 3880 { 3881 int ret; 3882 3883 ret = cmd->se_tfo->write_pending(cmd); 3884 if (ret == -EAGAIN || ret == -ENOMEM) { 3885 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n", 3886 cmd); 3887 transport_handle_queue_full(cmd, cmd->se_dev); 3888 } 3889 } 3890 3891 static int transport_generic_write_pending(struct se_cmd *cmd) 3892 { 3893 unsigned long flags; 3894 int ret; 3895 3896 spin_lock_irqsave(&cmd->t_state_lock, flags); 3897 cmd->t_state = TRANSPORT_WRITE_PENDING; 3898 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 3899 3900 /* 3901 * Clear the se_cmd for WRITE_PENDING status in order to set 3902 * cmd->t_transport_active=0 so that transport_generic_handle_data 3903 * can be called from HW target mode interrupt code. This is safe 3904 * to be called with transport_off=1 before the cmd->se_tfo->write_pending 3905 * because the se_cmd->se_lun pointer is not being cleared. 3906 */ 3907 transport_cmd_check_stop(cmd, 1, 0); 3908 3909 /* 3910 * Call the fabric write_pending function here to let the 3911 * frontend know that WRITE buffers are ready. 3912 */ 3913 ret = cmd->se_tfo->write_pending(cmd); 3914 if (ret == -EAGAIN || ret == -ENOMEM) 3915 goto queue_full; 3916 else if (ret < 0) 3917 return ret; 3918 3919 return 1; 3920 3921 queue_full: 3922 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n", cmd); 3923 cmd->t_state = TRANSPORT_COMPLETE_QF_WP; 3924 transport_handle_queue_full(cmd, cmd->se_dev); 3925 return 0; 3926 } 3927 3928 void transport_generic_free_cmd(struct se_cmd *cmd, int wait_for_tasks) 3929 { 3930 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD)) { 3931 if (wait_for_tasks && cmd->se_tmr_req) 3932 transport_wait_for_tasks(cmd); 3933 3934 transport_release_cmd(cmd); 3935 } else { 3936 if (wait_for_tasks) 3937 transport_wait_for_tasks(cmd); 3938 3939 core_dec_lacl_count(cmd->se_sess->se_node_acl, cmd); 3940 3941 if (cmd->se_lun) 3942 transport_lun_remove_cmd(cmd); 3943 3944 transport_free_dev_tasks(cmd); 3945 3946 transport_put_cmd(cmd); 3947 } 3948 } 3949 EXPORT_SYMBOL(transport_generic_free_cmd); 3950 3951 /* target_get_sess_cmd - Add command to active ->sess_cmd_list 3952 * @se_sess: session to reference 3953 * @se_cmd: command descriptor to add 3954 * @ack_kref: Signal that fabric will perform an ack target_put_sess_cmd() 3955 */ 3956 void target_get_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd, 3957 bool ack_kref) 3958 { 3959 unsigned long flags; 3960 3961 kref_init(&se_cmd->cmd_kref); 3962 /* 3963 * Add a second kref if the fabric caller is expecting to handle 3964 * fabric acknowledgement that requires two target_put_sess_cmd() 3965 * invocations before se_cmd descriptor release. 3966 */ 3967 if (ack_kref == true) 3968 kref_get(&se_cmd->cmd_kref); 3969 3970 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); 3971 list_add_tail(&se_cmd->se_cmd_list, &se_sess->sess_cmd_list); 3972 se_cmd->check_release = 1; 3973 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 3974 } 3975 EXPORT_SYMBOL(target_get_sess_cmd); 3976 3977 static void target_release_cmd_kref(struct kref *kref) 3978 { 3979 struct se_cmd *se_cmd = container_of(kref, struct se_cmd, cmd_kref); 3980 struct se_session *se_sess = se_cmd->se_sess; 3981 unsigned long flags; 3982 3983 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); 3984 if (list_empty(&se_cmd->se_cmd_list)) { 3985 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 3986 WARN_ON(1); 3987 return; 3988 } 3989 if (se_sess->sess_tearing_down && se_cmd->cmd_wait_set) { 3990 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 3991 complete(&se_cmd->cmd_wait_comp); 3992 return; 3993 } 3994 list_del(&se_cmd->se_cmd_list); 3995 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 3996 3997 se_cmd->se_tfo->release_cmd(se_cmd); 3998 } 3999 4000 /* target_put_sess_cmd - Check for active I/O shutdown via kref_put 4001 * @se_sess: session to reference 4002 * @se_cmd: command descriptor to drop 4003 */ 4004 int target_put_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd) 4005 { 4006 return kref_put(&se_cmd->cmd_kref, target_release_cmd_kref); 4007 } 4008 EXPORT_SYMBOL(target_put_sess_cmd); 4009 4010 /* target_splice_sess_cmd_list - Split active cmds into sess_wait_list 4011 * @se_sess: session to split 4012 */ 4013 void target_splice_sess_cmd_list(struct se_session *se_sess) 4014 { 4015 struct se_cmd *se_cmd; 4016 unsigned long flags; 4017 4018 WARN_ON(!list_empty(&se_sess->sess_wait_list)); 4019 INIT_LIST_HEAD(&se_sess->sess_wait_list); 4020 4021 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); 4022 se_sess->sess_tearing_down = 1; 4023 4024 list_splice_init(&se_sess->sess_cmd_list, &se_sess->sess_wait_list); 4025 4026 list_for_each_entry(se_cmd, &se_sess->sess_wait_list, se_cmd_list) 4027 se_cmd->cmd_wait_set = 1; 4028 4029 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); 4030 } 4031 EXPORT_SYMBOL(target_splice_sess_cmd_list); 4032 4033 /* target_wait_for_sess_cmds - Wait for outstanding descriptors 4034 * @se_sess: session to wait for active I/O 4035 * @wait_for_tasks: Make extra transport_wait_for_tasks call 4036 */ 4037 void target_wait_for_sess_cmds( 4038 struct se_session *se_sess, 4039 int wait_for_tasks) 4040 { 4041 struct se_cmd *se_cmd, *tmp_cmd; 4042 bool rc = false; 4043 4044 list_for_each_entry_safe(se_cmd, tmp_cmd, 4045 &se_sess->sess_wait_list, se_cmd_list) { 4046 list_del(&se_cmd->se_cmd_list); 4047 4048 pr_debug("Waiting for se_cmd: %p t_state: %d, fabric state:" 4049 " %d\n", se_cmd, se_cmd->t_state, 4050 se_cmd->se_tfo->get_cmd_state(se_cmd)); 4051 4052 if (wait_for_tasks) { 4053 pr_debug("Calling transport_wait_for_tasks se_cmd: %p t_state: %d," 4054 " fabric state: %d\n", se_cmd, se_cmd->t_state, 4055 se_cmd->se_tfo->get_cmd_state(se_cmd)); 4056 4057 rc = transport_wait_for_tasks(se_cmd); 4058 4059 pr_debug("After transport_wait_for_tasks se_cmd: %p t_state: %d," 4060 " fabric state: %d\n", se_cmd, se_cmd->t_state, 4061 se_cmd->se_tfo->get_cmd_state(se_cmd)); 4062 } 4063 4064 if (!rc) { 4065 wait_for_completion(&se_cmd->cmd_wait_comp); 4066 pr_debug("After cmd_wait_comp: se_cmd: %p t_state: %d" 4067 " fabric state: %d\n", se_cmd, se_cmd->t_state, 4068 se_cmd->se_tfo->get_cmd_state(se_cmd)); 4069 } 4070 4071 se_cmd->se_tfo->release_cmd(se_cmd); 4072 } 4073 } 4074 EXPORT_SYMBOL(target_wait_for_sess_cmds); 4075 4076 /* transport_lun_wait_for_tasks(): 4077 * 4078 * Called from ConfigFS context to stop the passed struct se_cmd to allow 4079 * an struct se_lun to be successfully shutdown. 4080 */ 4081 static int transport_lun_wait_for_tasks(struct se_cmd *cmd, struct se_lun *lun) 4082 { 4083 unsigned long flags; 4084 int ret; 4085 /* 4086 * If the frontend has already requested this struct se_cmd to 4087 * be stopped, we can safely ignore this struct se_cmd. 4088 */ 4089 spin_lock_irqsave(&cmd->t_state_lock, flags); 4090 if (atomic_read(&cmd->t_transport_stop)) { 4091 atomic_set(&cmd->transport_lun_stop, 0); 4092 pr_debug("ConfigFS ITT[0x%08x] - t_transport_stop ==" 4093 " TRUE, skipping\n", cmd->se_tfo->get_task_tag(cmd)); 4094 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4095 transport_cmd_check_stop(cmd, 1, 0); 4096 return -EPERM; 4097 } 4098 atomic_set(&cmd->transport_lun_fe_stop, 1); 4099 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4100 4101 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq); 4102 4103 ret = transport_stop_tasks_for_cmd(cmd); 4104 4105 pr_debug("ConfigFS: cmd: %p t_tasks: %d stop tasks ret:" 4106 " %d\n", cmd, cmd->t_task_list_num, ret); 4107 if (!ret) { 4108 pr_debug("ConfigFS: ITT[0x%08x] - stopping cmd....\n", 4109 cmd->se_tfo->get_task_tag(cmd)); 4110 wait_for_completion(&cmd->transport_lun_stop_comp); 4111 pr_debug("ConfigFS: ITT[0x%08x] - stopped cmd....\n", 4112 cmd->se_tfo->get_task_tag(cmd)); 4113 } 4114 transport_remove_cmd_from_queue(cmd); 4115 4116 return 0; 4117 } 4118 4119 static void __transport_clear_lun_from_sessions(struct se_lun *lun) 4120 { 4121 struct se_cmd *cmd = NULL; 4122 unsigned long lun_flags, cmd_flags; 4123 /* 4124 * Do exception processing and return CHECK_CONDITION status to the 4125 * Initiator Port. 4126 */ 4127 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags); 4128 while (!list_empty(&lun->lun_cmd_list)) { 4129 cmd = list_first_entry(&lun->lun_cmd_list, 4130 struct se_cmd, se_lun_node); 4131 list_del(&cmd->se_lun_node); 4132 4133 atomic_set(&cmd->transport_lun_active, 0); 4134 /* 4135 * This will notify iscsi_target_transport.c: 4136 * transport_cmd_check_stop() that a LUN shutdown is in 4137 * progress for the iscsi_cmd_t. 4138 */ 4139 spin_lock(&cmd->t_state_lock); 4140 pr_debug("SE_LUN[%d] - Setting cmd->transport" 4141 "_lun_stop for ITT: 0x%08x\n", 4142 cmd->se_lun->unpacked_lun, 4143 cmd->se_tfo->get_task_tag(cmd)); 4144 atomic_set(&cmd->transport_lun_stop, 1); 4145 spin_unlock(&cmd->t_state_lock); 4146 4147 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags); 4148 4149 if (!cmd->se_lun) { 4150 pr_err("ITT: 0x%08x, [i,t]_state: %u/%u\n", 4151 cmd->se_tfo->get_task_tag(cmd), 4152 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state); 4153 BUG(); 4154 } 4155 /* 4156 * If the Storage engine still owns the iscsi_cmd_t, determine 4157 * and/or stop its context. 4158 */ 4159 pr_debug("SE_LUN[%d] - ITT: 0x%08x before transport" 4160 "_lun_wait_for_tasks()\n", cmd->se_lun->unpacked_lun, 4161 cmd->se_tfo->get_task_tag(cmd)); 4162 4163 if (transport_lun_wait_for_tasks(cmd, cmd->se_lun) < 0) { 4164 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags); 4165 continue; 4166 } 4167 4168 pr_debug("SE_LUN[%d] - ITT: 0x%08x after transport_lun" 4169 "_wait_for_tasks(): SUCCESS\n", 4170 cmd->se_lun->unpacked_lun, 4171 cmd->se_tfo->get_task_tag(cmd)); 4172 4173 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags); 4174 if (!atomic_read(&cmd->transport_dev_active)) { 4175 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags); 4176 goto check_cond; 4177 } 4178 atomic_set(&cmd->transport_dev_active, 0); 4179 transport_all_task_dev_remove_state(cmd); 4180 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags); 4181 4182 transport_free_dev_tasks(cmd); 4183 /* 4184 * The Storage engine stopped this struct se_cmd before it was 4185 * send to the fabric frontend for delivery back to the 4186 * Initiator Node. Return this SCSI CDB back with an 4187 * CHECK_CONDITION status. 4188 */ 4189 check_cond: 4190 transport_send_check_condition_and_sense(cmd, 4191 TCM_NON_EXISTENT_LUN, 0); 4192 /* 4193 * If the fabric frontend is waiting for this iscsi_cmd_t to 4194 * be released, notify the waiting thread now that LU has 4195 * finished accessing it. 4196 */ 4197 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags); 4198 if (atomic_read(&cmd->transport_lun_fe_stop)) { 4199 pr_debug("SE_LUN[%d] - Detected FE stop for" 4200 " struct se_cmd: %p ITT: 0x%08x\n", 4201 lun->unpacked_lun, 4202 cmd, cmd->se_tfo->get_task_tag(cmd)); 4203 4204 spin_unlock_irqrestore(&cmd->t_state_lock, 4205 cmd_flags); 4206 transport_cmd_check_stop(cmd, 1, 0); 4207 complete(&cmd->transport_lun_fe_stop_comp); 4208 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags); 4209 continue; 4210 } 4211 pr_debug("SE_LUN[%d] - ITT: 0x%08x finished processing\n", 4212 lun->unpacked_lun, cmd->se_tfo->get_task_tag(cmd)); 4213 4214 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags); 4215 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags); 4216 } 4217 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags); 4218 } 4219 4220 static int transport_clear_lun_thread(void *p) 4221 { 4222 struct se_lun *lun = p; 4223 4224 __transport_clear_lun_from_sessions(lun); 4225 complete(&lun->lun_shutdown_comp); 4226 4227 return 0; 4228 } 4229 4230 int transport_clear_lun_from_sessions(struct se_lun *lun) 4231 { 4232 struct task_struct *kt; 4233 4234 kt = kthread_run(transport_clear_lun_thread, lun, 4235 "tcm_cl_%u", lun->unpacked_lun); 4236 if (IS_ERR(kt)) { 4237 pr_err("Unable to start clear_lun thread\n"); 4238 return PTR_ERR(kt); 4239 } 4240 wait_for_completion(&lun->lun_shutdown_comp); 4241 4242 return 0; 4243 } 4244 4245 /** 4246 * transport_wait_for_tasks - wait for completion to occur 4247 * @cmd: command to wait 4248 * 4249 * Called from frontend fabric context to wait for storage engine 4250 * to pause and/or release frontend generated struct se_cmd. 4251 */ 4252 bool transport_wait_for_tasks(struct se_cmd *cmd) 4253 { 4254 unsigned long flags; 4255 4256 spin_lock_irqsave(&cmd->t_state_lock, flags); 4257 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD) && !(cmd->se_tmr_req)) { 4258 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4259 return false; 4260 } 4261 /* 4262 * Only perform a possible wait_for_tasks if SCF_SUPPORTED_SAM_OPCODE 4263 * has been set in transport_set_supported_SAM_opcode(). 4264 */ 4265 if (!(cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE) && !cmd->se_tmr_req) { 4266 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4267 return false; 4268 } 4269 /* 4270 * If we are already stopped due to an external event (ie: LUN shutdown) 4271 * sleep until the connection can have the passed struct se_cmd back. 4272 * The cmd->transport_lun_stopped_sem will be upped by 4273 * transport_clear_lun_from_sessions() once the ConfigFS context caller 4274 * has completed its operation on the struct se_cmd. 4275 */ 4276 if (atomic_read(&cmd->transport_lun_stop)) { 4277 4278 pr_debug("wait_for_tasks: Stopping" 4279 " wait_for_completion(&cmd->t_tasktransport_lun_fe" 4280 "_stop_comp); for ITT: 0x%08x\n", 4281 cmd->se_tfo->get_task_tag(cmd)); 4282 /* 4283 * There is a special case for WRITES where a FE exception + 4284 * LUN shutdown means ConfigFS context is still sleeping on 4285 * transport_lun_stop_comp in transport_lun_wait_for_tasks(). 4286 * We go ahead and up transport_lun_stop_comp just to be sure 4287 * here. 4288 */ 4289 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4290 complete(&cmd->transport_lun_stop_comp); 4291 wait_for_completion(&cmd->transport_lun_fe_stop_comp); 4292 spin_lock_irqsave(&cmd->t_state_lock, flags); 4293 4294 transport_all_task_dev_remove_state(cmd); 4295 /* 4296 * At this point, the frontend who was the originator of this 4297 * struct se_cmd, now owns the structure and can be released through 4298 * normal means below. 4299 */ 4300 pr_debug("wait_for_tasks: Stopped" 4301 " wait_for_completion(&cmd->t_tasktransport_lun_fe_" 4302 "stop_comp); for ITT: 0x%08x\n", 4303 cmd->se_tfo->get_task_tag(cmd)); 4304 4305 atomic_set(&cmd->transport_lun_stop, 0); 4306 } 4307 if (!atomic_read(&cmd->t_transport_active) || 4308 atomic_read(&cmd->t_transport_aborted)) { 4309 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4310 return false; 4311 } 4312 4313 atomic_set(&cmd->t_transport_stop, 1); 4314 4315 pr_debug("wait_for_tasks: Stopping %p ITT: 0x%08x" 4316 " i_state: %d, t_state: %d, t_transport_stop = TRUE\n", 4317 cmd, cmd->se_tfo->get_task_tag(cmd), 4318 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state); 4319 4320 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4321 4322 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq); 4323 4324 wait_for_completion(&cmd->t_transport_stop_comp); 4325 4326 spin_lock_irqsave(&cmd->t_state_lock, flags); 4327 atomic_set(&cmd->t_transport_active, 0); 4328 atomic_set(&cmd->t_transport_stop, 0); 4329 4330 pr_debug("wait_for_tasks: Stopped wait_for_compltion(" 4331 "&cmd->t_transport_stop_comp) for ITT: 0x%08x\n", 4332 cmd->se_tfo->get_task_tag(cmd)); 4333 4334 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4335 4336 return true; 4337 } 4338 EXPORT_SYMBOL(transport_wait_for_tasks); 4339 4340 static int transport_get_sense_codes( 4341 struct se_cmd *cmd, 4342 u8 *asc, 4343 u8 *ascq) 4344 { 4345 *asc = cmd->scsi_asc; 4346 *ascq = cmd->scsi_ascq; 4347 4348 return 0; 4349 } 4350 4351 static int transport_set_sense_codes( 4352 struct se_cmd *cmd, 4353 u8 asc, 4354 u8 ascq) 4355 { 4356 cmd->scsi_asc = asc; 4357 cmd->scsi_ascq = ascq; 4358 4359 return 0; 4360 } 4361 4362 int transport_send_check_condition_and_sense( 4363 struct se_cmd *cmd, 4364 u8 reason, 4365 int from_transport) 4366 { 4367 unsigned char *buffer = cmd->sense_buffer; 4368 unsigned long flags; 4369 int offset; 4370 u8 asc = 0, ascq = 0; 4371 4372 spin_lock_irqsave(&cmd->t_state_lock, flags); 4373 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) { 4374 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4375 return 0; 4376 } 4377 cmd->se_cmd_flags |= SCF_SENT_CHECK_CONDITION; 4378 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4379 4380 if (!reason && from_transport) 4381 goto after_reason; 4382 4383 if (!from_transport) 4384 cmd->se_cmd_flags |= SCF_EMULATED_TASK_SENSE; 4385 /* 4386 * Data Segment and SenseLength of the fabric response PDU. 4387 * 4388 * TRANSPORT_SENSE_BUFFER is now set to SCSI_SENSE_BUFFERSIZE 4389 * from include/scsi/scsi_cmnd.h 4390 */ 4391 offset = cmd->se_tfo->set_fabric_sense_len(cmd, 4392 TRANSPORT_SENSE_BUFFER); 4393 /* 4394 * Actual SENSE DATA, see SPC-3 7.23.2 SPC_SENSE_KEY_OFFSET uses 4395 * SENSE KEY values from include/scsi/scsi.h 4396 */ 4397 switch (reason) { 4398 case TCM_NON_EXISTENT_LUN: 4399 /* CURRENT ERROR */ 4400 buffer[offset] = 0x70; 4401 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4402 /* ILLEGAL REQUEST */ 4403 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; 4404 /* LOGICAL UNIT NOT SUPPORTED */ 4405 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x25; 4406 break; 4407 case TCM_UNSUPPORTED_SCSI_OPCODE: 4408 case TCM_SECTOR_COUNT_TOO_MANY: 4409 /* CURRENT ERROR */ 4410 buffer[offset] = 0x70; 4411 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4412 /* ILLEGAL REQUEST */ 4413 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; 4414 /* INVALID COMMAND OPERATION CODE */ 4415 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x20; 4416 break; 4417 case TCM_UNKNOWN_MODE_PAGE: 4418 /* CURRENT ERROR */ 4419 buffer[offset] = 0x70; 4420 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4421 /* ILLEGAL REQUEST */ 4422 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; 4423 /* INVALID FIELD IN CDB */ 4424 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24; 4425 break; 4426 case TCM_CHECK_CONDITION_ABORT_CMD: 4427 /* CURRENT ERROR */ 4428 buffer[offset] = 0x70; 4429 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4430 /* ABORTED COMMAND */ 4431 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4432 /* BUS DEVICE RESET FUNCTION OCCURRED */ 4433 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x29; 4434 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x03; 4435 break; 4436 case TCM_INCORRECT_AMOUNT_OF_DATA: 4437 /* CURRENT ERROR */ 4438 buffer[offset] = 0x70; 4439 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4440 /* ABORTED COMMAND */ 4441 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4442 /* WRITE ERROR */ 4443 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c; 4444 /* NOT ENOUGH UNSOLICITED DATA */ 4445 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0d; 4446 break; 4447 case TCM_INVALID_CDB_FIELD: 4448 /* CURRENT ERROR */ 4449 buffer[offset] = 0x70; 4450 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4451 /* ABORTED COMMAND */ 4452 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4453 /* INVALID FIELD IN CDB */ 4454 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24; 4455 break; 4456 case TCM_INVALID_PARAMETER_LIST: 4457 /* CURRENT ERROR */ 4458 buffer[offset] = 0x70; 4459 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4460 /* ABORTED COMMAND */ 4461 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4462 /* INVALID FIELD IN PARAMETER LIST */ 4463 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x26; 4464 break; 4465 case TCM_UNEXPECTED_UNSOLICITED_DATA: 4466 /* CURRENT ERROR */ 4467 buffer[offset] = 0x70; 4468 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4469 /* ABORTED COMMAND */ 4470 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4471 /* WRITE ERROR */ 4472 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c; 4473 /* UNEXPECTED_UNSOLICITED_DATA */ 4474 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0c; 4475 break; 4476 case TCM_SERVICE_CRC_ERROR: 4477 /* CURRENT ERROR */ 4478 buffer[offset] = 0x70; 4479 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4480 /* ABORTED COMMAND */ 4481 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4482 /* PROTOCOL SERVICE CRC ERROR */ 4483 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x47; 4484 /* N/A */ 4485 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x05; 4486 break; 4487 case TCM_SNACK_REJECTED: 4488 /* CURRENT ERROR */ 4489 buffer[offset] = 0x70; 4490 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4491 /* ABORTED COMMAND */ 4492 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; 4493 /* READ ERROR */ 4494 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x11; 4495 /* FAILED RETRANSMISSION REQUEST */ 4496 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x13; 4497 break; 4498 case TCM_WRITE_PROTECTED: 4499 /* CURRENT ERROR */ 4500 buffer[offset] = 0x70; 4501 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4502 /* DATA PROTECT */ 4503 buffer[offset+SPC_SENSE_KEY_OFFSET] = DATA_PROTECT; 4504 /* WRITE PROTECTED */ 4505 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x27; 4506 break; 4507 case TCM_CHECK_CONDITION_UNIT_ATTENTION: 4508 /* CURRENT ERROR */ 4509 buffer[offset] = 0x70; 4510 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4511 /* UNIT ATTENTION */ 4512 buffer[offset+SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION; 4513 core_scsi3_ua_for_check_condition(cmd, &asc, &ascq); 4514 buffer[offset+SPC_ASC_KEY_OFFSET] = asc; 4515 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq; 4516 break; 4517 case TCM_CHECK_CONDITION_NOT_READY: 4518 /* CURRENT ERROR */ 4519 buffer[offset] = 0x70; 4520 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4521 /* Not Ready */ 4522 buffer[offset+SPC_SENSE_KEY_OFFSET] = NOT_READY; 4523 transport_get_sense_codes(cmd, &asc, &ascq); 4524 buffer[offset+SPC_ASC_KEY_OFFSET] = asc; 4525 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq; 4526 break; 4527 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE: 4528 default: 4529 /* CURRENT ERROR */ 4530 buffer[offset] = 0x70; 4531 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; 4532 /* ILLEGAL REQUEST */ 4533 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; 4534 /* LOGICAL UNIT COMMUNICATION FAILURE */ 4535 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x80; 4536 break; 4537 } 4538 /* 4539 * This code uses linux/include/scsi/scsi.h SAM status codes! 4540 */ 4541 cmd->scsi_status = SAM_STAT_CHECK_CONDITION; 4542 /* 4543 * Automatically padded, this value is encoded in the fabric's 4544 * data_length response PDU containing the SCSI defined sense data. 4545 */ 4546 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset; 4547 4548 after_reason: 4549 return cmd->se_tfo->queue_status(cmd); 4550 } 4551 EXPORT_SYMBOL(transport_send_check_condition_and_sense); 4552 4553 int transport_check_aborted_status(struct se_cmd *cmd, int send_status) 4554 { 4555 int ret = 0; 4556 4557 if (atomic_read(&cmd->t_transport_aborted) != 0) { 4558 if (!send_status || 4559 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS)) 4560 return 1; 4561 #if 0 4562 pr_debug("Sending delayed SAM_STAT_TASK_ABORTED" 4563 " status for CDB: 0x%02x ITT: 0x%08x\n", 4564 cmd->t_task_cdb[0], 4565 cmd->se_tfo->get_task_tag(cmd)); 4566 #endif 4567 cmd->se_cmd_flags |= SCF_SENT_DELAYED_TAS; 4568 cmd->se_tfo->queue_status(cmd); 4569 ret = 1; 4570 } 4571 return ret; 4572 } 4573 EXPORT_SYMBOL(transport_check_aborted_status); 4574 4575 void transport_send_task_abort(struct se_cmd *cmd) 4576 { 4577 unsigned long flags; 4578 4579 spin_lock_irqsave(&cmd->t_state_lock, flags); 4580 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) { 4581 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4582 return; 4583 } 4584 spin_unlock_irqrestore(&cmd->t_state_lock, flags); 4585 4586 /* 4587 * If there are still expected incoming fabric WRITEs, we wait 4588 * until until they have completed before sending a TASK_ABORTED 4589 * response. This response with TASK_ABORTED status will be 4590 * queued back to fabric module by transport_check_aborted_status(). 4591 */ 4592 if (cmd->data_direction == DMA_TO_DEVICE) { 4593 if (cmd->se_tfo->write_pending_status(cmd) != 0) { 4594 atomic_inc(&cmd->t_transport_aborted); 4595 smp_mb__after_atomic_inc(); 4596 } 4597 } 4598 cmd->scsi_status = SAM_STAT_TASK_ABORTED; 4599 #if 0 4600 pr_debug("Setting SAM_STAT_TASK_ABORTED status for CDB: 0x%02x," 4601 " ITT: 0x%08x\n", cmd->t_task_cdb[0], 4602 cmd->se_tfo->get_task_tag(cmd)); 4603 #endif 4604 cmd->se_tfo->queue_status(cmd); 4605 } 4606 4607 static int transport_generic_do_tmr(struct se_cmd *cmd) 4608 { 4609 struct se_device *dev = cmd->se_dev; 4610 struct se_tmr_req *tmr = cmd->se_tmr_req; 4611 int ret; 4612 4613 switch (tmr->function) { 4614 case TMR_ABORT_TASK: 4615 tmr->response = TMR_FUNCTION_REJECTED; 4616 break; 4617 case TMR_ABORT_TASK_SET: 4618 case TMR_CLEAR_ACA: 4619 case TMR_CLEAR_TASK_SET: 4620 tmr->response = TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED; 4621 break; 4622 case TMR_LUN_RESET: 4623 ret = core_tmr_lun_reset(dev, tmr, NULL, NULL); 4624 tmr->response = (!ret) ? TMR_FUNCTION_COMPLETE : 4625 TMR_FUNCTION_REJECTED; 4626 break; 4627 case TMR_TARGET_WARM_RESET: 4628 tmr->response = TMR_FUNCTION_REJECTED; 4629 break; 4630 case TMR_TARGET_COLD_RESET: 4631 tmr->response = TMR_FUNCTION_REJECTED; 4632 break; 4633 default: 4634 pr_err("Uknown TMR function: 0x%02x.\n", 4635 tmr->function); 4636 tmr->response = TMR_FUNCTION_REJECTED; 4637 break; 4638 } 4639 4640 cmd->t_state = TRANSPORT_ISTATE_PROCESSING; 4641 cmd->se_tfo->queue_tm_rsp(cmd); 4642 4643 transport_cmd_check_stop_to_fabric(cmd); 4644 return 0; 4645 } 4646 4647 /* transport_processing_thread(): 4648 * 4649 * 4650 */ 4651 static int transport_processing_thread(void *param) 4652 { 4653 int ret; 4654 struct se_cmd *cmd; 4655 struct se_device *dev = param; 4656 4657 while (!kthread_should_stop()) { 4658 ret = wait_event_interruptible(dev->dev_queue_obj.thread_wq, 4659 atomic_read(&dev->dev_queue_obj.queue_cnt) || 4660 kthread_should_stop()); 4661 if (ret < 0) 4662 goto out; 4663 4664 get_cmd: 4665 cmd = transport_get_cmd_from_queue(&dev->dev_queue_obj); 4666 if (!cmd) 4667 continue; 4668 4669 switch (cmd->t_state) { 4670 case TRANSPORT_NEW_CMD: 4671 BUG(); 4672 break; 4673 case TRANSPORT_NEW_CMD_MAP: 4674 if (!cmd->se_tfo->new_cmd_map) { 4675 pr_err("cmd->se_tfo->new_cmd_map is" 4676 " NULL for TRANSPORT_NEW_CMD_MAP\n"); 4677 BUG(); 4678 } 4679 ret = cmd->se_tfo->new_cmd_map(cmd); 4680 if (ret < 0) { 4681 transport_generic_request_failure(cmd); 4682 break; 4683 } 4684 ret = transport_generic_new_cmd(cmd); 4685 if (ret < 0) { 4686 transport_generic_request_failure(cmd); 4687 break; 4688 } 4689 break; 4690 case TRANSPORT_PROCESS_WRITE: 4691 transport_generic_process_write(cmd); 4692 break; 4693 case TRANSPORT_PROCESS_TMR: 4694 transport_generic_do_tmr(cmd); 4695 break; 4696 case TRANSPORT_COMPLETE_QF_WP: 4697 transport_write_pending_qf(cmd); 4698 break; 4699 case TRANSPORT_COMPLETE_QF_OK: 4700 transport_complete_qf(cmd); 4701 break; 4702 default: 4703 pr_err("Unknown t_state: %d for ITT: 0x%08x " 4704 "i_state: %d on SE LUN: %u\n", 4705 cmd->t_state, 4706 cmd->se_tfo->get_task_tag(cmd), 4707 cmd->se_tfo->get_cmd_state(cmd), 4708 cmd->se_lun->unpacked_lun); 4709 BUG(); 4710 } 4711 4712 goto get_cmd; 4713 } 4714 4715 out: 4716 WARN_ON(!list_empty(&dev->state_task_list)); 4717 WARN_ON(!list_empty(&dev->dev_queue_obj.qobj_list)); 4718 dev->process_thread = NULL; 4719 return 0; 4720 } 4721