2 * Copyright (c) 2003-2009 Silicon Graphics International Corp.
3 * Copyright (c) 2012 The FreeBSD Foundation
6 * Portions of this software were developed by Edward Tomasz Napierala
7 * under sponsorship from the FreeBSD Foundation.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions, and the following disclaimer,
14 * without modification.
15 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
16 * substantially similar to the "NO WARRANTY" disclaimer below
17 * ("Disclaimer") and any redistribution must be conditioned upon
18 * including a substantially similar Disclaimer requirement for further
19 * binary redistribution.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR
25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
30 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
31 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32 * POSSIBILITY OF SUCH DAMAGES.
34 * $Id: //depot/users/kenm/FreeBSD-test2/sys/cam/ctl/ctl.c#8 $
37 * CAM Target Layer, a SCSI device emulation subsystem.
39 * Author: Ken Merry <ken@FreeBSD.org>
44 #include <sys/cdefs.h>
45 __FBSDID("$FreeBSD$");
47 #include <sys/param.h>
48 #include <sys/systm.h>
49 #include <sys/kernel.h>
50 #include <sys/types.h>
51 #include <sys/kthread.h>
53 #include <sys/fcntl.h>
55 #include <sys/module.h>
56 #include <sys/mutex.h>
57 #include <sys/condvar.h>
58 #include <sys/malloc.h>
60 #include <sys/ioccom.h>
61 #include <sys/queue.h>
63 #include <sys/endian.h>
64 #include <sys/sysctl.h>
67 #include <cam/scsi/scsi_all.h>
68 #include <cam/scsi/scsi_da.h>
69 #include <cam/ctl/ctl_io.h>
70 #include <cam/ctl/ctl.h>
71 #include <cam/ctl/ctl_frontend.h>
72 #include <cam/ctl/ctl_frontend_internal.h>
73 #include <cam/ctl/ctl_util.h>
74 #include <cam/ctl/ctl_backend.h>
75 #include <cam/ctl/ctl_ioctl.h>
76 #include <cam/ctl/ctl_ha.h>
77 #include <cam/ctl/ctl_private.h>
78 #include <cam/ctl/ctl_debug.h>
79 #include <cam/ctl/ctl_scsi_all.h>
80 #include <cam/ctl/ctl_error.h>
82 struct ctl_softc *control_softc = NULL;
85 * The default is to run with CTL_DONE_THREAD turned on. Completed
86 * transactions are queued for processing by the CTL work thread. When
87 * CTL_DONE_THREAD is not defined, completed transactions are processed in
88 * the caller's context.
90 #define CTL_DONE_THREAD
93 * Use the serial number and device ID provided by the backend, rather than
96 #define CTL_USE_BACKEND_SN
99 * Size and alignment macros needed for Copan-specific HA hardware. These
100 * can go away when the HA code is re-written, and uses busdma for any
103 #define CTL_ALIGN_8B(target, source, type) \
104 if (((uint32_t)source & 0x7) != 0) \
105 target = (type)(source + (0x8 - ((uint32_t)source & 0x7)));\
107 target = (type)source;
109 #define CTL_SIZE_8B(target, size) \
110 if ((size & 0x7) != 0) \
111 target = size + (0x8 - (size & 0x7)); \
115 #define CTL_ALIGN_8B_MARGIN 16
118 * Template mode pages.
122 * Note that these are default values only. The actual values will be
123 * filled in when the user does a mode sense.
125 static struct copan_power_subpage power_page_default = {
126 /*page_code*/ PWR_PAGE_CODE | SMPH_SPF,
127 /*subpage*/ PWR_SUBPAGE_CODE,
128 /*page_length*/ {(sizeof(struct copan_power_subpage) - 4) & 0xff00,
129 (sizeof(struct copan_power_subpage) - 4) & 0x00ff},
130 /*page_version*/ PWR_VERSION,
132 /* max_active_luns*/ PWR_DFLT_MAX_LUNS,
133 /*reserved*/ {0, 0, 0, 0, 0, 0, 0, 0, 0,
134 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
138 static struct copan_power_subpage power_page_changeable = {
139 /*page_code*/ PWR_PAGE_CODE | SMPH_SPF,
140 /*subpage*/ PWR_SUBPAGE_CODE,
141 /*page_length*/ {(sizeof(struct copan_power_subpage) - 4) & 0xff00,
142 (sizeof(struct copan_power_subpage) - 4) & 0x00ff},
145 /* max_active_luns*/ 0,
146 /*reserved*/ {0, 0, 0, 0, 0, 0, 0, 0, 0,
147 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
151 static struct copan_aps_subpage aps_page_default = {
152 APS_PAGE_CODE | SMPH_SPF, //page_code
153 APS_SUBPAGE_CODE, //subpage
154 {(sizeof(struct copan_aps_subpage) - 4) & 0xff00,
155 (sizeof(struct copan_aps_subpage) - 4) & 0x00ff}, //page_length
156 APS_VERSION, //page_version
158 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
159 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
160 0, 0, 0, 0, 0} //reserved
163 static struct copan_aps_subpage aps_page_changeable = {
164 APS_PAGE_CODE | SMPH_SPF, //page_code
165 APS_SUBPAGE_CODE, //subpage
166 {(sizeof(struct copan_aps_subpage) - 4) & 0xff00,
167 (sizeof(struct copan_aps_subpage) - 4) & 0x00ff}, //page_length
170 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
171 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
172 0, 0, 0, 0, 0} //reserved
175 static struct copan_debugconf_subpage debugconf_page_default = {
176 DBGCNF_PAGE_CODE | SMPH_SPF, /* page_code */
177 DBGCNF_SUBPAGE_CODE, /* subpage */
178 {(sizeof(struct copan_debugconf_subpage) - 4) >> 8,
179 (sizeof(struct copan_debugconf_subpage) - 4) >> 0}, /* page_length */
180 DBGCNF_VERSION, /* page_version */
181 {CTL_TIME_IO_DEFAULT_SECS>>8,
182 CTL_TIME_IO_DEFAULT_SECS>>0}, /* ctl_time_io_secs */
185 static struct copan_debugconf_subpage debugconf_page_changeable = {
186 DBGCNF_PAGE_CODE | SMPH_SPF, /* page_code */
187 DBGCNF_SUBPAGE_CODE, /* subpage */
188 {(sizeof(struct copan_debugconf_subpage) - 4) >> 8,
189 (sizeof(struct copan_debugconf_subpage) - 4) >> 0}, /* page_length */
190 0, /* page_version */
191 {0xff,0xff}, /* ctl_time_io_secs */
194 static struct scsi_format_page format_page_default = {
195 /*page_code*/SMS_FORMAT_DEVICE_PAGE,
196 /*page_length*/sizeof(struct scsi_format_page) - 2,
197 /*tracks_per_zone*/ {0, 0},
198 /*alt_sectors_per_zone*/ {0, 0},
199 /*alt_tracks_per_zone*/ {0, 0},
200 /*alt_tracks_per_lun*/ {0, 0},
201 /*sectors_per_track*/ {(CTL_DEFAULT_SECTORS_PER_TRACK >> 8) & 0xff,
202 CTL_DEFAULT_SECTORS_PER_TRACK & 0xff},
203 /*bytes_per_sector*/ {0, 0},
204 /*interleave*/ {0, 0},
205 /*track_skew*/ {0, 0},
206 /*cylinder_skew*/ {0, 0},
208 /*reserved*/ {0, 0, 0}
211 static struct scsi_format_page format_page_changeable = {
212 /*page_code*/SMS_FORMAT_DEVICE_PAGE,
213 /*page_length*/sizeof(struct scsi_format_page) - 2,
214 /*tracks_per_zone*/ {0, 0},
215 /*alt_sectors_per_zone*/ {0, 0},
216 /*alt_tracks_per_zone*/ {0, 0},
217 /*alt_tracks_per_lun*/ {0, 0},
218 /*sectors_per_track*/ {0, 0},
219 /*bytes_per_sector*/ {0, 0},
220 /*interleave*/ {0, 0},
221 /*track_skew*/ {0, 0},
222 /*cylinder_skew*/ {0, 0},
224 /*reserved*/ {0, 0, 0}
227 static struct scsi_rigid_disk_page rigid_disk_page_default = {
228 /*page_code*/SMS_RIGID_DISK_PAGE,
229 /*page_length*/sizeof(struct scsi_rigid_disk_page) - 2,
230 /*cylinders*/ {0, 0, 0},
231 /*heads*/ CTL_DEFAULT_HEADS,
232 /*start_write_precomp*/ {0, 0, 0},
233 /*start_reduced_current*/ {0, 0, 0},
234 /*step_rate*/ {0, 0},
235 /*landing_zone_cylinder*/ {0, 0, 0},
236 /*rpl*/ SRDP_RPL_DISABLED,
237 /*rotational_offset*/ 0,
239 /*rotation_rate*/ {(CTL_DEFAULT_ROTATION_RATE >> 8) & 0xff,
240 CTL_DEFAULT_ROTATION_RATE & 0xff},
244 static struct scsi_rigid_disk_page rigid_disk_page_changeable = {
245 /*page_code*/SMS_RIGID_DISK_PAGE,
246 /*page_length*/sizeof(struct scsi_rigid_disk_page) - 2,
247 /*cylinders*/ {0, 0, 0},
249 /*start_write_precomp*/ {0, 0, 0},
250 /*start_reduced_current*/ {0, 0, 0},
251 /*step_rate*/ {0, 0},
252 /*landing_zone_cylinder*/ {0, 0, 0},
254 /*rotational_offset*/ 0,
256 /*rotation_rate*/ {0, 0},
260 static struct scsi_caching_page caching_page_default = {
261 /*page_code*/SMS_CACHING_PAGE,
262 /*page_length*/sizeof(struct scsi_caching_page) - 2,
263 /*flags1*/ SCP_DISC | SCP_WCE,
265 /*disable_pf_transfer_len*/ {0xff, 0xff},
266 /*min_prefetch*/ {0, 0},
267 /*max_prefetch*/ {0xff, 0xff},
268 /*max_pf_ceiling*/ {0xff, 0xff},
270 /*cache_segments*/ 0,
271 /*cache_seg_size*/ {0, 0},
273 /*non_cache_seg_size*/ {0, 0, 0}
276 static struct scsi_caching_page caching_page_changeable = {
277 /*page_code*/SMS_CACHING_PAGE,
278 /*page_length*/sizeof(struct scsi_caching_page) - 2,
281 /*disable_pf_transfer_len*/ {0, 0},
282 /*min_prefetch*/ {0, 0},
283 /*max_prefetch*/ {0, 0},
284 /*max_pf_ceiling*/ {0, 0},
286 /*cache_segments*/ 0,
287 /*cache_seg_size*/ {0, 0},
289 /*non_cache_seg_size*/ {0, 0, 0}
292 static struct scsi_control_page control_page_default = {
293 /*page_code*/SMS_CONTROL_MODE_PAGE,
294 /*page_length*/sizeof(struct scsi_control_page) - 2,
299 /*aen_holdoff_period*/{0, 0}
302 static struct scsi_control_page control_page_changeable = {
303 /*page_code*/SMS_CONTROL_MODE_PAGE,
304 /*page_length*/sizeof(struct scsi_control_page) - 2,
309 /*aen_holdoff_period*/{0, 0}
314 * XXX KDM move these into the softc.
316 static int rcv_sync_msg;
317 static int persis_offset;
318 static uint8_t ctl_pause_rtr;
319 static int ctl_is_single = 1;
320 static int index_to_aps_page;
323 SYSCTL_NODE(_kern_cam, OID_AUTO, ctl, CTLFLAG_RD, 0, "CAM Target Layer");
324 SYSCTL_INT(_kern_cam_ctl, OID_AUTO, disable, CTLFLAG_RDTUN, &ctl_disable, 0,
326 TUNABLE_INT("kern.cam.ctl.disable", &ctl_disable);
329 * Serial number (0x80), device id (0x83), and supported pages (0x00)
331 #define SCSI_EVPD_NUM_SUPPORTED_PAGES 3
333 static void ctl_isc_event_handler(ctl_ha_channel chanel, ctl_ha_event event,
335 static void ctl_copy_sense_data(union ctl_ha_msg *src, union ctl_io *dest);
336 static int ctl_init(void);
337 void ctl_shutdown(void);
338 static int ctl_open(struct cdev *dev, int flags, int fmt, struct thread *td);
339 static int ctl_close(struct cdev *dev, int flags, int fmt, struct thread *td);
340 static void ctl_ioctl_online(void *arg);
341 static void ctl_ioctl_offline(void *arg);
342 static int ctl_ioctl_targ_enable(void *arg, struct ctl_id targ_id);
343 static int ctl_ioctl_targ_disable(void *arg, struct ctl_id targ_id);
344 static int ctl_ioctl_lun_enable(void *arg, struct ctl_id targ_id, int lun_id);
345 static int ctl_ioctl_lun_disable(void *arg, struct ctl_id targ_id, int lun_id);
346 static int ctl_ioctl_do_datamove(struct ctl_scsiio *ctsio);
347 static int ctl_serialize_other_sc_cmd(struct ctl_scsiio *ctsio, int have_lock);
348 static int ctl_ioctl_submit_wait(union ctl_io *io);
349 static void ctl_ioctl_datamove(union ctl_io *io);
350 static void ctl_ioctl_done(union ctl_io *io);
351 static void ctl_ioctl_hard_startstop_callback(void *arg,
352 struct cfi_metatask *metatask);
353 static void ctl_ioctl_bbrread_callback(void *arg,struct cfi_metatask *metatask);
354 static int ctl_ioctl_fill_ooa(struct ctl_lun *lun, uint32_t *cur_fill_num,
355 struct ctl_ooa *ooa_hdr,
356 struct ctl_ooa_entry *kern_entries);
357 static int ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag,
359 uint32_t ctl_get_resindex(struct ctl_nexus *nexus);
360 uint32_t ctl_port_idx(int port_num);
362 static union ctl_io *ctl_malloc_io(ctl_io_type io_type, uint32_t targ_port,
363 uint32_t targ_target, uint32_t targ_lun,
365 static void ctl_kfree_io(union ctl_io *io);
367 static int ctl_alloc_lun(struct ctl_softc *ctl_softc, struct ctl_lun *lun,
368 struct ctl_be_lun *be_lun, struct ctl_id target_id);
369 static int ctl_free_lun(struct ctl_lun *lun);
370 static void ctl_create_lun(struct ctl_be_lun *be_lun);
372 static void ctl_failover_change_pages(struct ctl_softc *softc,
373 struct ctl_scsiio *ctsio, int master);
376 static int ctl_do_mode_select(union ctl_io *io);
377 static int ctl_pro_preempt(struct ctl_softc *softc, struct ctl_lun *lun,
378 uint64_t res_key, uint64_t sa_res_key,
379 uint8_t type, uint32_t residx,
380 struct ctl_scsiio *ctsio,
381 struct scsi_per_res_out *cdb,
382 struct scsi_per_res_out_parms* param);
383 static void ctl_pro_preempt_other(struct ctl_lun *lun,
384 union ctl_ha_msg *msg);
385 static void ctl_hndl_per_res_out_on_other_sc(union ctl_ha_msg *msg);
386 static int ctl_inquiry_evpd_supported(struct ctl_scsiio *ctsio, int alloc_len);
387 static int ctl_inquiry_evpd_serial(struct ctl_scsiio *ctsio, int alloc_len);
388 static int ctl_inquiry_evpd_devid(struct ctl_scsiio *ctsio, int alloc_len);
389 static int ctl_inquiry_evpd(struct ctl_scsiio *ctsio);
390 static int ctl_inquiry_std(struct ctl_scsiio *ctsio);
391 static int ctl_get_lba_len(union ctl_io *io, uint64_t *lba, uint32_t *len);
392 static ctl_action ctl_extent_check(union ctl_io *io1, union ctl_io *io2);
393 static ctl_action ctl_check_for_blockage(union ctl_io *pending_io,
394 union ctl_io *ooa_io);
395 static ctl_action ctl_check_ooa(struct ctl_lun *lun, union ctl_io *pending_io,
396 union ctl_io *starting_io);
397 static int ctl_check_blocked(struct ctl_lun *lun);
398 static int ctl_scsiio_lun_check(struct ctl_softc *ctl_softc,
400 struct ctl_cmd_entry *entry,
401 struct ctl_scsiio *ctsio);
402 //static int ctl_check_rtr(union ctl_io *pending_io, struct ctl_softc *softc);
403 static void ctl_failover(void);
404 static int ctl_scsiio_precheck(struct ctl_softc *ctl_softc,
405 struct ctl_scsiio *ctsio);
406 static int ctl_scsiio(struct ctl_scsiio *ctsio);
408 static int ctl_bus_reset(struct ctl_softc *ctl_softc, union ctl_io *io);
409 static int ctl_target_reset(struct ctl_softc *ctl_softc, union ctl_io *io,
410 ctl_ua_type ua_type);
411 static int ctl_lun_reset(struct ctl_lun *lun, union ctl_io *io,
412 ctl_ua_type ua_type);
413 static int ctl_abort_task(union ctl_io *io);
414 static void ctl_run_task_queue(struct ctl_softc *ctl_softc);
416 static void ctl_datamove_timer_wakeup(void *arg);
417 static void ctl_done_timer_wakeup(void *arg);
418 #endif /* CTL_IO_DELAY */
420 static void ctl_send_datamove_done(union ctl_io *io, int have_lock);
421 static void ctl_datamove_remote_write_cb(struct ctl_ha_dt_req *rq);
422 static int ctl_datamove_remote_dm_write_cb(union ctl_io *io);
423 static void ctl_datamove_remote_write(union ctl_io *io);
424 static int ctl_datamove_remote_dm_read_cb(union ctl_io *io);
425 static void ctl_datamove_remote_read_cb(struct ctl_ha_dt_req *rq);
426 static int ctl_datamove_remote_sgl_setup(union ctl_io *io);
427 static int ctl_datamove_remote_xfer(union ctl_io *io, unsigned command,
428 ctl_ha_dt_cb callback);
429 static void ctl_datamove_remote_read(union ctl_io *io);
430 static void ctl_datamove_remote(union ctl_io *io);
431 static int ctl_process_done(union ctl_io *io, int have_lock);
432 static void ctl_work_thread(void *arg);
435 * Load the serialization table. This isn't very pretty, but is probably
436 * the easiest way to do it.
438 #include "ctl_ser_table.c"
441 * We only need to define open, close and ioctl routines for this driver.
443 static struct cdevsw ctl_cdevsw = {
444 .d_version = D_VERSION,
447 .d_close = ctl_close,
448 .d_ioctl = ctl_ioctl,
453 MALLOC_DEFINE(M_CTL, "ctlmem", "Memory used for CTL");
455 static int ctl_module_event_handler(module_t, int /*modeventtype_t*/, void *);
457 static moduledata_t ctl_moduledata = {
459 ctl_module_event_handler,
463 DECLARE_MODULE(ctl, ctl_moduledata, SI_SUB_CONFIGURE, SI_ORDER_THIRD);
464 MODULE_VERSION(ctl, 1);
467 ctl_isc_handler_finish_xfer(struct ctl_softc *ctl_softc,
468 union ctl_ha_msg *msg_info)
470 struct ctl_scsiio *ctsio;
472 if (msg_info->hdr.original_sc == NULL) {
473 printf("%s: original_sc == NULL!\n", __func__);
474 /* XXX KDM now what? */
478 ctsio = &msg_info->hdr.original_sc->scsiio;
479 ctsio->io_hdr.flags |= CTL_FLAG_IO_ACTIVE;
480 ctsio->io_hdr.msg_type = CTL_MSG_FINISH_IO;
481 ctsio->io_hdr.status = msg_info->hdr.status;
482 ctsio->scsi_status = msg_info->scsi.scsi_status;
483 ctsio->sense_len = msg_info->scsi.sense_len;
484 ctsio->sense_residual = msg_info->scsi.sense_residual;
485 ctsio->residual = msg_info->scsi.residual;
486 memcpy(&ctsio->sense_data, &msg_info->scsi.sense_data,
487 sizeof(ctsio->sense_data));
488 memcpy(&ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN].bytes,
489 &msg_info->scsi.lbalen, sizeof(msg_info->scsi.lbalen));
490 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue, &ctsio->io_hdr, links);
495 ctl_isc_handler_finish_ser_only(struct ctl_softc *ctl_softc,
496 union ctl_ha_msg *msg_info)
498 struct ctl_scsiio *ctsio;
500 if (msg_info->hdr.serializing_sc == NULL) {
501 printf("%s: serializing_sc == NULL!\n", __func__);
502 /* XXX KDM now what? */
506 ctsio = &msg_info->hdr.serializing_sc->scsiio;
509 * Attempt to catch the situation where an I/O has
510 * been freed, and we're using it again.
512 if (ctsio->io_hdr.io_type == 0xff) {
513 union ctl_io *tmp_io;
514 tmp_io = (union ctl_io *)ctsio;
515 printf("%s: %p use after free!\n", __func__,
517 printf("%s: type %d msg %d cdb %x iptl: "
518 "%d:%d:%d:%d tag 0x%04x "
519 "flag %#x status %x\n",
521 tmp_io->io_hdr.io_type,
522 tmp_io->io_hdr.msg_type,
523 tmp_io->scsiio.cdb[0],
524 tmp_io->io_hdr.nexus.initid.id,
525 tmp_io->io_hdr.nexus.targ_port,
526 tmp_io->io_hdr.nexus.targ_target.id,
527 tmp_io->io_hdr.nexus.targ_lun,
528 (tmp_io->io_hdr.io_type ==
530 tmp_io->taskio.tag_num :
531 tmp_io->scsiio.tag_num,
532 tmp_io->io_hdr.flags,
533 tmp_io->io_hdr.status);
536 ctsio->io_hdr.msg_type = CTL_MSG_FINISH_IO;
537 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue, &ctsio->io_hdr, links);
542 * ISC (Inter Shelf Communication) event handler. Events from the HA
543 * subsystem come in here.
546 ctl_isc_event_handler(ctl_ha_channel channel, ctl_ha_event event, int param)
548 struct ctl_softc *ctl_softc;
550 struct ctl_prio *presio;
551 ctl_ha_status isc_status;
553 ctl_softc = control_softc;
558 printf("CTL: Isc Msg event %d\n", event);
560 if (event == CTL_HA_EVT_MSG_RECV) {
561 union ctl_ha_msg msg_info;
563 isc_status = ctl_ha_msg_recv(CTL_HA_CHAN_CTL, &msg_info,
564 sizeof(msg_info), /*wait*/ 0);
566 printf("CTL: msg_type %d\n", msg_info.msg_type);
568 if (isc_status != 0) {
569 printf("Error receiving message, status = %d\n",
573 mtx_lock(&ctl_softc->ctl_lock);
575 switch (msg_info.hdr.msg_type) {
576 case CTL_MSG_SERIALIZE:
578 printf("Serialize\n");
580 io = ctl_alloc_io((void *)ctl_softc->othersc_pool);
582 printf("ctl_isc_event_handler: can't allocate "
585 /* Need to set busy and send msg back */
586 mtx_unlock(&ctl_softc->ctl_lock);
587 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU;
588 msg_info.hdr.status = CTL_SCSI_ERROR;
589 msg_info.scsi.scsi_status = SCSI_STATUS_BUSY;
590 msg_info.scsi.sense_len = 0;
591 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
592 sizeof(msg_info), 0) > CTL_HA_STATUS_SUCCESS){
597 // populate ctsio from msg_info
598 io->io_hdr.io_type = CTL_IO_SCSI;
599 io->io_hdr.msg_type = CTL_MSG_SERIALIZE;
600 io->io_hdr.original_sc = msg_info.hdr.original_sc;
602 printf("pOrig %x\n", (int)msg_info.original_sc);
604 io->io_hdr.flags |= CTL_FLAG_FROM_OTHER_SC |
607 * If we're in serialization-only mode, we don't
608 * want to go through full done processing. Thus
611 * XXX KDM add another flag that is more specific.
613 if (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY)
614 io->io_hdr.flags |= CTL_FLAG_INT_COPY;
615 io->io_hdr.nexus = msg_info.hdr.nexus;
617 printf("targ %d, port %d, iid %d, lun %d\n",
618 io->io_hdr.nexus.targ_target.id,
619 io->io_hdr.nexus.targ_port,
620 io->io_hdr.nexus.initid.id,
621 io->io_hdr.nexus.targ_lun);
623 io->scsiio.tag_num = msg_info.scsi.tag_num;
624 io->scsiio.tag_type = msg_info.scsi.tag_type;
625 memcpy(io->scsiio.cdb, msg_info.scsi.cdb,
627 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) {
628 struct ctl_cmd_entry *entry;
631 opcode = io->scsiio.cdb[0];
632 entry = &ctl_cmd_table[opcode];
633 io->io_hdr.flags &= ~CTL_FLAG_DATA_MASK;
635 entry->flags & CTL_FLAG_DATA_MASK;
637 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
642 /* Performed on the Originating SC, XFER mode only */
643 case CTL_MSG_DATAMOVE: {
644 struct ctl_sg_entry *sgl;
647 io = msg_info.hdr.original_sc;
649 printf("%s: original_sc == NULL!\n", __func__);
650 /* XXX KDM do something here */
653 io->io_hdr.msg_type = CTL_MSG_DATAMOVE;
654 io->io_hdr.flags |= CTL_FLAG_IO_ACTIVE;
656 * Keep track of this, we need to send it back over
657 * when the datamove is complete.
659 io->io_hdr.serializing_sc = msg_info.hdr.serializing_sc;
661 if (msg_info.dt.sg_sequence == 0) {
663 * XXX KDM we use the preallocated S/G list
664 * here, but we'll need to change this to
665 * dynamic allocation if we need larger S/G
668 if (msg_info.dt.kern_sg_entries >
669 sizeof(io->io_hdr.remote_sglist) /
670 sizeof(io->io_hdr.remote_sglist[0])) {
671 printf("%s: number of S/G entries "
672 "needed %u > allocated num %zd\n",
674 msg_info.dt.kern_sg_entries,
675 sizeof(io->io_hdr.remote_sglist)/
676 sizeof(io->io_hdr.remote_sglist[0]));
679 * XXX KDM send a message back to
680 * the other side to shut down the
681 * DMA. The error will come back
682 * through via the normal channel.
686 sgl = io->io_hdr.remote_sglist;
688 sizeof(io->io_hdr.remote_sglist));
690 io->scsiio.kern_data_ptr = (uint8_t *)sgl;
692 io->scsiio.kern_sg_entries =
693 msg_info.dt.kern_sg_entries;
694 io->scsiio.rem_sg_entries =
695 msg_info.dt.kern_sg_entries;
696 io->scsiio.kern_data_len =
697 msg_info.dt.kern_data_len;
698 io->scsiio.kern_total_len =
699 msg_info.dt.kern_total_len;
700 io->scsiio.kern_data_resid =
701 msg_info.dt.kern_data_resid;
702 io->scsiio.kern_rel_offset =
703 msg_info.dt.kern_rel_offset;
705 * Clear out per-DMA flags.
707 io->io_hdr.flags &= ~CTL_FLAG_RDMA_MASK;
709 * Add per-DMA flags that are set for this
710 * particular DMA request.
712 io->io_hdr.flags |= msg_info.dt.flags &
715 sgl = (struct ctl_sg_entry *)
716 io->scsiio.kern_data_ptr;
718 for (i = msg_info.dt.sent_sg_entries, j = 0;
719 i < (msg_info.dt.sent_sg_entries +
720 msg_info.dt.cur_sg_entries); i++, j++) {
721 sgl[i].addr = msg_info.dt.sg_list[j].addr;
722 sgl[i].len = msg_info.dt.sg_list[j].len;
725 printf("%s: L: %p,%d -> %p,%d j=%d, i=%d\n",
727 msg_info.dt.sg_list[j].addr,
728 msg_info.dt.sg_list[j].len,
729 sgl[i].addr, sgl[i].len, j, i);
733 memcpy(&sgl[msg_info.dt.sent_sg_entries],
735 sizeof(*sgl) * msg_info.dt.cur_sg_entries);
739 * If this is the last piece of the I/O, we've got
740 * the full S/G list. Queue processing in the thread.
741 * Otherwise wait for the next piece.
743 if (msg_info.dt.sg_last != 0) {
744 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
750 /* Performed on the Serializing (primary) SC, XFER mode only */
751 case CTL_MSG_DATAMOVE_DONE: {
752 if (msg_info.hdr.serializing_sc == NULL) {
753 printf("%s: serializing_sc == NULL!\n",
755 /* XXX KDM now what? */
759 * We grab the sense information here in case
760 * there was a failure, so we can return status
761 * back to the initiator.
763 io = msg_info.hdr.serializing_sc;
764 io->io_hdr.msg_type = CTL_MSG_DATAMOVE_DONE;
765 io->io_hdr.status = msg_info.hdr.status;
766 io->scsiio.scsi_status = msg_info.scsi.scsi_status;
767 io->scsiio.sense_len = msg_info.scsi.sense_len;
768 io->scsiio.sense_residual =msg_info.scsi.sense_residual;
769 io->io_hdr.port_status = msg_info.scsi.fetd_status;
770 io->scsiio.residual = msg_info.scsi.residual;
771 memcpy(&io->scsiio.sense_data,&msg_info.scsi.sense_data,
772 sizeof(io->scsiio.sense_data));
774 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
780 /* Preformed on Originating SC, SER_ONLY mode */
782 io = msg_info.hdr.original_sc;
784 printf("%s: Major Bummer\n", __func__);
785 mtx_unlock(&ctl_softc->ctl_lock);
789 printf("pOrig %x\n",(int) ctsio);
792 io->io_hdr.msg_type = CTL_MSG_R2R;
793 io->io_hdr.serializing_sc = msg_info.hdr.serializing_sc;
794 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
800 * Performed on Serializing(i.e. primary SC) SC in SER_ONLY
802 * Performed on the Originating (i.e. secondary) SC in XFER
805 case CTL_MSG_FINISH_IO:
806 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER)
807 ctl_isc_handler_finish_xfer(ctl_softc,
810 ctl_isc_handler_finish_ser_only(ctl_softc,
814 /* Preformed on Originating SC */
815 case CTL_MSG_BAD_JUJU:
816 io = msg_info.hdr.original_sc;
818 printf("%s: Bad JUJU!, original_sc is NULL!\n",
822 ctl_copy_sense_data(&msg_info, io);
824 * IO should have already been cleaned up on other
825 * SC so clear this flag so we won't send a message
826 * back to finish the IO there.
828 io->io_hdr.flags &= ~CTL_FLAG_SENT_2OTHER_SC;
829 io->io_hdr.flags |= CTL_FLAG_IO_ACTIVE;
831 /* io = msg_info.hdr.serializing_sc; */
832 io->io_hdr.msg_type = CTL_MSG_BAD_JUJU;
833 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
838 /* Handle resets sent from the other side */
839 case CTL_MSG_MANAGE_TASKS: {
840 struct ctl_taskio *taskio;
841 taskio = (struct ctl_taskio *)ctl_alloc_io(
842 (void *)ctl_softc->othersc_pool);
843 if (taskio == NULL) {
844 printf("ctl_isc_event_handler: can't allocate "
847 /* should I just call the proper reset func
849 mtx_unlock(&ctl_softc->ctl_lock);
852 ctl_zero_io((union ctl_io *)taskio);
853 taskio->io_hdr.io_type = CTL_IO_TASK;
854 taskio->io_hdr.flags |= CTL_FLAG_FROM_OTHER_SC;
855 taskio->io_hdr.nexus = msg_info.hdr.nexus;
856 taskio->task_action = msg_info.task.task_action;
857 taskio->tag_num = msg_info.task.tag_num;
858 taskio->tag_type = msg_info.task.tag_type;
860 taskio->io_hdr.start_time = time_uptime;
861 getbintime(&taskio->io_hdr.start_bt);
863 cs_prof_gettime(&taskio->io_hdr.start_ticks);
865 #endif /* CTL_TIME_IO */
866 STAILQ_INSERT_TAIL(&ctl_softc->task_queue,
867 &taskio->io_hdr, links);
868 ctl_softc->flags |= CTL_FLAG_TASK_PENDING;
872 /* Persistent Reserve action which needs attention */
873 case CTL_MSG_PERS_ACTION:
874 presio = (struct ctl_prio *)ctl_alloc_io(
875 (void *)ctl_softc->othersc_pool);
876 if (presio == NULL) {
877 printf("ctl_isc_event_handler: can't allocate "
880 /* Need to set busy and send msg back */
881 mtx_unlock(&ctl_softc->ctl_lock);
884 ctl_zero_io((union ctl_io *)presio);
885 presio->io_hdr.msg_type = CTL_MSG_PERS_ACTION;
886 presio->pr_msg = msg_info.pr;
887 STAILQ_INSERT_TAIL(&ctl_softc->isc_queue,
888 &presio->io_hdr, links);
891 case CTL_MSG_SYNC_FE:
894 case CTL_MSG_APS_LOCK: {
895 // It's quicker to execute this then to
898 struct ctl_page_index *page_index;
899 struct copan_aps_subpage *current_sp;
901 lun = ctl_softc->ctl_luns[msg_info.hdr.nexus.targ_lun];
902 page_index = &lun->mode_pages.index[index_to_aps_page];
903 current_sp = (struct copan_aps_subpage *)
904 (page_index->page_data +
905 (page_index->page_len * CTL_PAGE_CURRENT));
907 current_sp->lock_active = msg_info.aps.lock_flag;
911 printf("How did I get here?\n");
913 mtx_unlock(&ctl_softc->ctl_lock);
914 } else if (event == CTL_HA_EVT_MSG_SENT) {
915 if (param != CTL_HA_STATUS_SUCCESS) {
916 printf("Bad status from ctl_ha_msg_send status %d\n",
920 } else if (event == CTL_HA_EVT_DISCONNECT) {
921 printf("CTL: Got a disconnect from Isc\n");
924 printf("ctl_isc_event_handler: Unknown event %d\n", event);
933 ctl_copy_sense_data(union ctl_ha_msg *src, union ctl_io *dest)
935 struct scsi_sense_data *sense;
937 sense = &dest->scsiio.sense_data;
938 bcopy(&src->scsi.sense_data, sense, sizeof(*sense));
939 dest->scsiio.scsi_status = src->scsi.scsi_status;
940 dest->scsiio.sense_len = src->scsi.sense_len;
941 dest->io_hdr.status = src->hdr.status;
947 struct ctl_softc *softc;
948 struct ctl_io_pool *internal_pool, *emergency_pool, *other_pool;
949 struct ctl_frontend *fe;
962 /* If we're disabled, don't initialize. */
963 if (ctl_disable != 0)
966 control_softc = malloc(sizeof(*control_softc), M_DEVBUF,
968 softc = control_softc;
970 softc->dev = make_dev(&ctl_cdevsw, 0, UID_ROOT, GID_OPERATOR, 0600,
973 softc->dev->si_drv1 = softc;
976 * By default, return a "bad LUN" peripheral qualifier for unknown
977 * LUNs. The user can override this default using the tunable or
978 * sysctl. See the comment in ctl_inquiry_std() for more details.
980 softc->inquiry_pq_no_lun = 1;
981 TUNABLE_INT_FETCH("kern.cam.ctl.inquiry_pq_no_lun",
982 &softc->inquiry_pq_no_lun);
983 sysctl_ctx_init(&softc->sysctl_ctx);
984 softc->sysctl_tree = SYSCTL_ADD_NODE(&softc->sysctl_ctx,
985 SYSCTL_STATIC_CHILDREN(_kern_cam), OID_AUTO, "ctl",
986 CTLFLAG_RD, 0, "CAM Target Layer");
988 if (softc->sysctl_tree == NULL) {
989 printf("%s: unable to allocate sysctl tree\n", __func__);
990 destroy_dev(softc->dev);
991 free(control_softc, M_DEVBUF);
992 control_softc = NULL;
996 SYSCTL_ADD_INT(&softc->sysctl_ctx,
997 SYSCTL_CHILDREN(softc->sysctl_tree), OID_AUTO,
998 "inquiry_pq_no_lun", CTLFLAG_RW,
999 &softc->inquiry_pq_no_lun, 0,
1000 "Report no lun possible for invalid LUNs");
1002 mtx_init(&softc->ctl_lock, "CTL mutex", NULL, MTX_DEF);
1003 mtx_init(&softc->pool_lock, "CTL pool mutex", NULL, MTX_DEF);
1004 softc->open_count = 0;
1007 * Default to actually sending a SYNCHRONIZE CACHE command down to
1010 softc->flags = CTL_FLAG_REAL_SYNC;
1013 * In Copan's HA scheme, the "master" and "slave" roles are
1014 * figured out through the slot the controller is in. Although it
1015 * is an active/active system, someone has to be in charge.
1018 scmicro_rw(SCMICRO_GET_SHELF_ID, &sc_id);
1022 softc->flags |= CTL_FLAG_MASTER_SHELF;
1025 persis_offset = CTL_MAX_INITIATORS;
1028 * XXX KDM need to figure out where we want to get our target ID
1029 * and WWID. Is it different on each port?
1031 softc->target.id = 0;
1032 softc->target.wwid[0] = 0x12345678;
1033 softc->target.wwid[1] = 0x87654321;
1034 STAILQ_INIT(&softc->lun_list);
1035 STAILQ_INIT(&softc->pending_lun_queue);
1036 STAILQ_INIT(&softc->task_queue);
1037 STAILQ_INIT(&softc->incoming_queue);
1038 STAILQ_INIT(&softc->rtr_queue);
1039 STAILQ_INIT(&softc->done_queue);
1040 STAILQ_INIT(&softc->isc_queue);
1041 STAILQ_INIT(&softc->fe_list);
1042 STAILQ_INIT(&softc->be_list);
1043 STAILQ_INIT(&softc->io_pools);
1048 * We don't bother calling these with ctl_lock held here, because,
1049 * in theory, no one else can try to do anything while we're in our
1050 * module init routine.
1052 if (ctl_pool_create(softc, CTL_POOL_INTERNAL, CTL_POOL_ENTRIES_INTERNAL,
1053 &internal_pool)!= 0){
1054 printf("ctl: can't allocate %d entry internal pool, "
1055 "exiting\n", CTL_POOL_ENTRIES_INTERNAL);
1059 if (ctl_pool_create(softc, CTL_POOL_EMERGENCY,
1060 CTL_POOL_ENTRIES_EMERGENCY, &emergency_pool) != 0) {
1061 printf("ctl: can't allocate %d entry emergency pool, "
1062 "exiting\n", CTL_POOL_ENTRIES_EMERGENCY);
1063 ctl_pool_free(internal_pool);
1067 if (ctl_pool_create(softc, CTL_POOL_4OTHERSC, CTL_POOL_ENTRIES_OTHER_SC,
1070 printf("ctl: can't allocate %d entry other SC pool, "
1071 "exiting\n", CTL_POOL_ENTRIES_OTHER_SC);
1072 ctl_pool_free(internal_pool);
1073 ctl_pool_free(emergency_pool);
1077 softc->internal_pool = internal_pool;
1078 softc->emergency_pool = emergency_pool;
1079 softc->othersc_pool = other_pool;
1082 * We used to allocate a processor LUN here. The new scheme is to
1083 * just let the user allocate LUNs as he sees fit.
1086 mtx_lock(&softc->ctl_lock);
1087 ctl_alloc_lun(softc, lun, /*be_lun*/NULL, /*target*/softc->target);
1088 mtx_unlock(&softc->ctl_lock);
1091 error = kproc_create(ctl_work_thread, softc, &softc->work_thread, 0, 0,
1094 printf("error creating CTL work thread!\n");
1095 mtx_lock(&softc->ctl_lock);
1097 mtx_unlock(&softc->ctl_lock);
1098 ctl_pool_free(internal_pool);
1099 ctl_pool_free(emergency_pool);
1100 ctl_pool_free(other_pool);
1103 printf("ctl: CAM Target Layer loaded\n");
1106 * Initialize the initiator and portname mappings
1108 memset(softc->wwpn_iid, 0, sizeof(softc->wwpn_iid));
1111 * Initialize the ioctl front end.
1113 fe = &softc->ioctl_info.fe;
1114 sprintf(softc->ioctl_info.port_name, "CTL ioctl");
1115 fe->port_type = CTL_PORT_IOCTL;
1116 fe->num_requested_ctl_io = 100;
1117 fe->port_name = softc->ioctl_info.port_name;
1118 fe->port_online = ctl_ioctl_online;
1119 fe->port_offline = ctl_ioctl_offline;
1120 fe->onoff_arg = &softc->ioctl_info;
1121 fe->targ_enable = ctl_ioctl_targ_enable;
1122 fe->targ_disable = ctl_ioctl_targ_disable;
1123 fe->lun_enable = ctl_ioctl_lun_enable;
1124 fe->lun_disable = ctl_ioctl_lun_disable;
1125 fe->targ_lun_arg = &softc->ioctl_info;
1126 fe->fe_datamove = ctl_ioctl_datamove;
1127 fe->fe_done = ctl_ioctl_done;
1128 fe->max_targets = 15;
1129 fe->max_target_id = 15;
1131 if (ctl_frontend_register(&softc->ioctl_info.fe,
1132 (softc->flags & CTL_FLAG_MASTER_SHELF)) != 0) {
1133 printf("ctl: ioctl front end registration failed, will "
1134 "continue anyway\n");
1138 if (sizeof(struct callout) > CTL_TIMER_BYTES) {
1139 printf("sizeof(struct callout) %zd > CTL_TIMER_BYTES %zd\n",
1140 sizeof(struct callout), CTL_TIMER_BYTES);
1143 #endif /* CTL_IO_DELAY */
1151 struct ctl_softc *softc;
1152 struct ctl_lun *lun, *next_lun;
1153 struct ctl_io_pool *pool;
1155 softc = (struct ctl_softc *)control_softc;
1157 if (ctl_frontend_deregister(&softc->ioctl_info.fe) != 0)
1158 printf("ctl: ioctl front end deregistration failed\n");
1160 mtx_lock(&softc->ctl_lock);
1165 for (lun = STAILQ_FIRST(&softc->lun_list); lun != NULL; lun = next_lun){
1166 next_lun = STAILQ_NEXT(lun, links);
1170 mtx_unlock(&softc->ctl_lock);
1173 * This will rip the rug out from under any FETDs or anyone else
1174 * that has a pool allocated. Since we increment our module
1175 * refcount any time someone outside the main CTL module allocates
1176 * a pool, we shouldn't have any problems here. The user won't be
1177 * able to unload the CTL module until client modules have
1178 * successfully unloaded.
1180 while ((pool = STAILQ_FIRST(&softc->io_pools)) != NULL)
1181 ctl_pool_free(pool);
1184 ctl_shutdown_thread(softc->work_thread);
1187 mtx_destroy(&softc->pool_lock);
1188 mtx_destroy(&softc->ctl_lock);
1190 destroy_dev(softc->dev);
1192 sysctl_ctx_free(&softc->sysctl_ctx);
1194 free(control_softc, M_DEVBUF);
1195 control_softc = NULL;
1197 printf("ctl: CAM Target Layer unloaded\n");
1201 ctl_module_event_handler(module_t mod, int what, void *arg)
1206 return (ctl_init());
1210 return (EOPNOTSUPP);
1215 * XXX KDM should we do some access checks here? Bump a reference count to
1216 * prevent a CTL module from being unloaded while someone has it open?
1219 ctl_open(struct cdev *dev, int flags, int fmt, struct thread *td)
1225 ctl_close(struct cdev *dev, int flags, int fmt, struct thread *td)
1231 ctl_port_enable(ctl_port_type port_type)
1233 struct ctl_softc *softc;
1234 struct ctl_frontend *fe;
1236 if (ctl_is_single == 0) {
1237 union ctl_ha_msg msg_info;
1241 printf("%s: HA mode, synchronizing frontend enable\n",
1244 msg_info.hdr.msg_type = CTL_MSG_SYNC_FE;
1245 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1246 sizeof(msg_info), 1 )) > CTL_HA_STATUS_SUCCESS) {
1247 printf("Sync msg send error retval %d\n", isc_retval);
1249 if (!rcv_sync_msg) {
1250 isc_retval=ctl_ha_msg_recv(CTL_HA_CHAN_CTL, &msg_info,
1251 sizeof(msg_info), 1);
1254 printf("CTL:Frontend Enable\n");
1256 printf("%s: single mode, skipping frontend synchronization\n",
1261 softc = control_softc;
1263 STAILQ_FOREACH(fe, &softc->fe_list, links) {
1264 if (port_type & fe->port_type)
1267 printf("port %d\n", fe->targ_port);
1269 ctl_frontend_online(fe);
1277 ctl_port_disable(ctl_port_type port_type)
1279 struct ctl_softc *softc;
1280 struct ctl_frontend *fe;
1282 softc = control_softc;
1284 STAILQ_FOREACH(fe, &softc->fe_list, links) {
1285 if (port_type & fe->port_type)
1286 ctl_frontend_offline(fe);
1293 * Returns 0 for success, 1 for failure.
1294 * Currently the only failure mode is if there aren't enough entries
1295 * allocated. So, in case of a failure, look at num_entries_dropped,
1296 * reallocate and try again.
1299 ctl_port_list(struct ctl_port_entry *entries, int num_entries_alloced,
1300 int *num_entries_filled, int *num_entries_dropped,
1301 ctl_port_type port_type, int no_virtual)
1303 struct ctl_softc *softc;
1304 struct ctl_frontend *fe;
1305 int entries_dropped, entries_filled;
1309 softc = control_softc;
1313 entries_dropped = 0;
1316 mtx_lock(&softc->ctl_lock);
1317 STAILQ_FOREACH(fe, &softc->fe_list, links) {
1318 struct ctl_port_entry *entry;
1320 if ((fe->port_type & port_type) == 0)
1323 if ((no_virtual != 0)
1324 && (fe->virtual_port != 0))
1327 if (entries_filled >= num_entries_alloced) {
1331 entry = &entries[i];
1333 entry->port_type = fe->port_type;
1334 strlcpy(entry->port_name, fe->port_name,
1335 sizeof(entry->port_name));
1336 entry->physical_port = fe->physical_port;
1337 entry->virtual_port = fe->virtual_port;
1338 entry->wwnn = fe->wwnn;
1339 entry->wwpn = fe->wwpn;
1345 mtx_unlock(&softc->ctl_lock);
1347 if (entries_dropped > 0)
1350 *num_entries_dropped = entries_dropped;
1351 *num_entries_filled = entries_filled;
1357 ctl_ioctl_online(void *arg)
1359 struct ctl_ioctl_info *ioctl_info;
1361 ioctl_info = (struct ctl_ioctl_info *)arg;
1363 ioctl_info->flags |= CTL_IOCTL_FLAG_ENABLED;
1367 ctl_ioctl_offline(void *arg)
1369 struct ctl_ioctl_info *ioctl_info;
1371 ioctl_info = (struct ctl_ioctl_info *)arg;
1373 ioctl_info->flags &= ~CTL_IOCTL_FLAG_ENABLED;
1377 * Remove an initiator by port number and initiator ID.
1378 * Returns 0 for success, 1 for failure.
1381 ctl_remove_initiator(int32_t targ_port, uint32_t iid)
1383 struct ctl_softc *softc;
1385 softc = control_softc;
1387 mtx_assert(&softc->ctl_lock, MA_NOTOWNED);
1390 || (targ_port > CTL_MAX_PORTS)) {
1391 printf("%s: invalid port number %d\n", __func__, targ_port);
1394 if (iid > CTL_MAX_INIT_PER_PORT) {
1395 printf("%s: initiator ID %u > maximun %u!\n",
1396 __func__, iid, CTL_MAX_INIT_PER_PORT);
1400 mtx_lock(&softc->ctl_lock);
1402 softc->wwpn_iid[targ_port][iid].in_use = 0;
1404 mtx_unlock(&softc->ctl_lock);
1410 * Add an initiator to the initiator map.
1411 * Returns 0 for success, 1 for failure.
1414 ctl_add_initiator(uint64_t wwpn, int32_t targ_port, uint32_t iid)
1416 struct ctl_softc *softc;
1419 softc = control_softc;
1421 mtx_assert(&softc->ctl_lock, MA_NOTOWNED);
1426 || (targ_port > CTL_MAX_PORTS)) {
1427 printf("%s: invalid port number %d\n", __func__, targ_port);
1430 if (iid > CTL_MAX_INIT_PER_PORT) {
1431 printf("%s: WWPN %#jx initiator ID %u > maximun %u!\n",
1432 __func__, wwpn, iid, CTL_MAX_INIT_PER_PORT);
1436 mtx_lock(&softc->ctl_lock);
1438 if (softc->wwpn_iid[targ_port][iid].in_use != 0) {
1440 * We don't treat this as an error.
1442 if (softc->wwpn_iid[targ_port][iid].wwpn == wwpn) {
1443 printf("%s: port %d iid %u WWPN %#jx arrived again?\n",
1444 __func__, targ_port, iid, (uintmax_t)wwpn);
1449 * This is an error, but what do we do about it? The
1450 * driver is telling us we have a new WWPN for this
1451 * initiator ID, so we pretty much need to use it.
1453 printf("%s: port %d iid %u WWPN %#jx arrived, WWPN %#jx is "
1454 "still at that address\n", __func__, targ_port, iid,
1456 (uintmax_t)softc->wwpn_iid[targ_port][iid].wwpn);
1459 * XXX KDM clear have_ca and ua_pending on each LUN for
1463 softc->wwpn_iid[targ_port][iid].in_use = 1;
1464 softc->wwpn_iid[targ_port][iid].iid = iid;
1465 softc->wwpn_iid[targ_port][iid].wwpn = wwpn;
1466 softc->wwpn_iid[targ_port][iid].port = targ_port;
1470 mtx_unlock(&softc->ctl_lock);
1476 * XXX KDM should we pretend to do something in the target/lun
1477 * enable/disable functions?
1480 ctl_ioctl_targ_enable(void *arg, struct ctl_id targ_id)
1486 ctl_ioctl_targ_disable(void *arg, struct ctl_id targ_id)
1492 ctl_ioctl_lun_enable(void *arg, struct ctl_id targ_id, int lun_id)
1498 ctl_ioctl_lun_disable(void *arg, struct ctl_id targ_id, int lun_id)
1504 * Data movement routine for the CTL ioctl frontend port.
1507 ctl_ioctl_do_datamove(struct ctl_scsiio *ctsio)
1509 struct ctl_sg_entry *ext_sglist, *kern_sglist;
1510 struct ctl_sg_entry ext_entry, kern_entry;
1511 int ext_sglen, ext_sg_entries, kern_sg_entries;
1512 int ext_sg_start, ext_offset;
1513 int len_to_copy, len_copied;
1514 int kern_watermark, ext_watermark;
1515 int ext_sglist_malloced;
1518 ext_sglist_malloced = 0;
1522 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove\n"));
1525 * If this flag is set, fake the data transfer.
1527 if (ctsio->io_hdr.flags & CTL_FLAG_NO_DATAMOVE) {
1528 ctsio->ext_data_filled = ctsio->ext_data_len;
1533 * To simplify things here, if we have a single buffer, stick it in
1534 * a S/G entry and just make it a single entry S/G list.
1536 if (ctsio->io_hdr.flags & CTL_FLAG_EDPTR_SGLIST) {
1539 ext_sglen = ctsio->ext_sg_entries * sizeof(*ext_sglist);
1541 ext_sglist = (struct ctl_sg_entry *)malloc(ext_sglen, M_CTL,
1543 ext_sglist_malloced = 1;
1544 if (copyin(ctsio->ext_data_ptr, ext_sglist,
1546 ctl_set_internal_failure(ctsio,
1551 ext_sg_entries = ctsio->ext_sg_entries;
1553 for (i = 0; i < ext_sg_entries; i++) {
1554 if ((len_seen + ext_sglist[i].len) >=
1555 ctsio->ext_data_filled) {
1557 ext_offset = ctsio->ext_data_filled - len_seen;
1560 len_seen += ext_sglist[i].len;
1563 ext_sglist = &ext_entry;
1564 ext_sglist->addr = ctsio->ext_data_ptr;
1565 ext_sglist->len = ctsio->ext_data_len;
1568 ext_offset = ctsio->ext_data_filled;
1571 if (ctsio->kern_sg_entries > 0) {
1572 kern_sglist = (struct ctl_sg_entry *)ctsio->kern_data_ptr;
1573 kern_sg_entries = ctsio->kern_sg_entries;
1575 kern_sglist = &kern_entry;
1576 kern_sglist->addr = ctsio->kern_data_ptr;
1577 kern_sglist->len = ctsio->kern_data_len;
1578 kern_sg_entries = 1;
1583 ext_watermark = ext_offset;
1585 for (i = ext_sg_start, j = 0;
1586 i < ext_sg_entries && j < kern_sg_entries;) {
1587 uint8_t *ext_ptr, *kern_ptr;
1589 len_to_copy = ctl_min(ext_sglist[i].len - ext_watermark,
1590 kern_sglist[j].len - kern_watermark);
1592 ext_ptr = (uint8_t *)ext_sglist[i].addr;
1593 ext_ptr = ext_ptr + ext_watermark;
1594 if (ctsio->io_hdr.flags & CTL_FLAG_BUS_ADDR) {
1598 panic("need to implement bus address support");
1600 kern_ptr = bus_to_virt(kern_sglist[j].addr);
1603 kern_ptr = (uint8_t *)kern_sglist[j].addr;
1604 kern_ptr = kern_ptr + kern_watermark;
1606 kern_watermark += len_to_copy;
1607 ext_watermark += len_to_copy;
1609 if ((ctsio->io_hdr.flags & CTL_FLAG_DATA_MASK) ==
1611 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d "
1612 "bytes to user\n", len_to_copy));
1613 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p "
1614 "to %p\n", kern_ptr, ext_ptr));
1615 if (copyout(kern_ptr, ext_ptr, len_to_copy) != 0) {
1616 ctl_set_internal_failure(ctsio,
1622 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d "
1623 "bytes from user\n", len_to_copy));
1624 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p "
1625 "to %p\n", ext_ptr, kern_ptr));
1626 if (copyin(ext_ptr, kern_ptr, len_to_copy)!= 0){
1627 ctl_set_internal_failure(ctsio,
1634 len_copied += len_to_copy;
1636 if (ext_sglist[i].len == ext_watermark) {
1641 if (kern_sglist[j].len == kern_watermark) {
1647 ctsio->ext_data_filled += len_copied;
1649 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_sg_entries: %d, "
1650 "kern_sg_entries: %d\n", ext_sg_entries,
1652 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_data_len = %d, "
1653 "kern_data_len = %d\n", ctsio->ext_data_len,
1654 ctsio->kern_data_len));
1657 /* XXX KDM set residual?? */
1660 if (ext_sglist_malloced != 0)
1661 free(ext_sglist, M_CTL);
1663 return (CTL_RETVAL_COMPLETE);
1667 * Serialize a command that went down the "wrong" side, and so was sent to
1668 * this controller for execution. The logic is a little different than the
1669 * standard case in ctl_scsiio_precheck(). Errors in this case need to get
1670 * sent back to the other side, but in the success case, we execute the
1671 * command on this side (XFER mode) or tell the other side to execute it
1675 ctl_serialize_other_sc_cmd(struct ctl_scsiio *ctsio, int have_lock)
1677 struct ctl_softc *ctl_softc;
1678 union ctl_ha_msg msg_info;
1679 struct ctl_lun *lun;
1682 ctl_softc = control_softc;
1684 mtx_lock(&ctl_softc->ctl_lock);
1686 lun = ctl_softc->ctl_luns[ctsio->io_hdr.nexus.targ_lun];
1690 * Why isn't LUN defined? The other side wouldn't
1691 * send a cmd if the LUN is undefined.
1693 printf("%s: Bad JUJU!, LUN is NULL!\n", __func__);
1695 /* "Logical unit not supported" */
1696 ctl_set_sense_data(&msg_info.scsi.sense_data,
1698 /*sense_format*/SSD_TYPE_NONE,
1699 /*current_error*/ 1,
1700 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST,
1705 msg_info.scsi.sense_len = SSD_FULL_SIZE;
1706 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND;
1707 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE;
1708 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc;
1709 msg_info.hdr.serializing_sc = NULL;
1710 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU;
1711 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1712 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) {
1715 mtx_unlock(&ctl_softc->ctl_lock);
1720 TAILQ_INSERT_TAIL(&lun->ooa_queue, &ctsio->io_hdr, ooa_links);
1722 switch (ctl_check_ooa(lun, (union ctl_io *)ctsio,
1723 (union ctl_io *)TAILQ_PREV(&ctsio->io_hdr, ctl_ooaq,
1725 case CTL_ACTION_BLOCK:
1726 ctsio->io_hdr.flags |= CTL_FLAG_BLOCKED;
1727 TAILQ_INSERT_TAIL(&lun->blocked_queue, &ctsio->io_hdr,
1730 case CTL_ACTION_PASS:
1731 case CTL_ACTION_SKIP:
1732 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) {
1733 ctsio->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR;
1734 STAILQ_INSERT_TAIL(&ctl_softc->rtr_queue,
1735 &ctsio->io_hdr, links);
1738 /* send msg back to other side */
1739 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc;
1740 msg_info.hdr.serializing_sc = (union ctl_io *)ctsio;
1741 msg_info.hdr.msg_type = CTL_MSG_R2R;
1743 printf("2. pOrig %x\n", (int)msg_info.hdr.original_sc);
1745 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1746 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) {
1750 case CTL_ACTION_OVERLAP:
1751 /* OVERLAPPED COMMANDS ATTEMPTED */
1752 ctl_set_sense_data(&msg_info.scsi.sense_data,
1754 /*sense_format*/SSD_TYPE_NONE,
1755 /*current_error*/ 1,
1756 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST,
1761 msg_info.scsi.sense_len = SSD_FULL_SIZE;
1762 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND;
1763 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE;
1764 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc;
1765 msg_info.hdr.serializing_sc = NULL;
1766 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU;
1768 printf("BAD JUJU:Major Bummer Overlap\n");
1770 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links);
1772 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1773 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) {
1776 case CTL_ACTION_OVERLAP_TAG:
1777 /* TAGGED OVERLAPPED COMMANDS (NN = QUEUE TAG) */
1778 ctl_set_sense_data(&msg_info.scsi.sense_data,
1780 /*sense_format*/SSD_TYPE_NONE,
1781 /*current_error*/ 1,
1782 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST,
1784 /*ascq*/ ctsio->tag_num & 0xff,
1787 msg_info.scsi.sense_len = SSD_FULL_SIZE;
1788 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND;
1789 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE;
1790 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc;
1791 msg_info.hdr.serializing_sc = NULL;
1792 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU;
1794 printf("BAD JUJU:Major Bummer Overlap Tag\n");
1796 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links);
1798 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1799 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) {
1802 case CTL_ACTION_ERROR:
1804 /* "Internal target failure" */
1805 ctl_set_sense_data(&msg_info.scsi.sense_data,
1807 /*sense_format*/SSD_TYPE_NONE,
1808 /*current_error*/ 1,
1809 /*sense_key*/ SSD_KEY_HARDWARE_ERROR,
1814 msg_info.scsi.sense_len = SSD_FULL_SIZE;
1815 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND;
1816 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE;
1817 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc;
1818 msg_info.hdr.serializing_sc = NULL;
1819 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU;
1821 printf("BAD JUJU:Major Bummer HW Error\n");
1823 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links);
1825 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info,
1826 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) {
1831 mtx_unlock(&ctl_softc->ctl_lock);
1836 ctl_ioctl_submit_wait(union ctl_io *io)
1838 struct ctl_fe_ioctl_params params;
1839 ctl_fe_ioctl_state last_state;
1844 bzero(¶ms, sizeof(params));
1846 mtx_init(¶ms.ioctl_mtx, "ctliocmtx", NULL, MTX_DEF);
1847 cv_init(¶ms.sem, "ctlioccv");
1848 params.state = CTL_IOCTL_INPROG;
1849 last_state = params.state;
1851 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr = ¶ms;
1853 CTL_DEBUG_PRINT(("ctl_ioctl_submit_wait\n"));
1855 /* This shouldn't happen */
1856 if ((retval = ctl_queue(io)) != CTL_RETVAL_COMPLETE)
1862 mtx_lock(¶ms.ioctl_mtx);
1864 * Check the state here, and don't sleep if the state has
1865 * already changed (i.e. wakeup has already occured, but we
1866 * weren't waiting yet).
1868 if (params.state == last_state) {
1869 /* XXX KDM cv_wait_sig instead? */
1870 cv_wait(¶ms.sem, ¶ms.ioctl_mtx);
1872 last_state = params.state;
1874 switch (params.state) {
1875 case CTL_IOCTL_INPROG:
1876 /* Why did we wake up? */
1877 /* XXX KDM error here? */
1878 mtx_unlock(¶ms.ioctl_mtx);
1880 case CTL_IOCTL_DATAMOVE:
1881 CTL_DEBUG_PRINT(("got CTL_IOCTL_DATAMOVE\n"));
1884 * change last_state back to INPROG to avoid
1885 * deadlock on subsequent data moves.
1887 params.state = last_state = CTL_IOCTL_INPROG;
1889 mtx_unlock(¶ms.ioctl_mtx);
1890 ctl_ioctl_do_datamove(&io->scsiio);
1892 * Note that in some cases, most notably writes,
1893 * this will queue the I/O and call us back later.
1894 * In other cases, generally reads, this routine
1895 * will immediately call back and wake us up,
1896 * probably using our own context.
1898 io->scsiio.be_move_done(io);
1900 case CTL_IOCTL_DONE:
1901 mtx_unlock(¶ms.ioctl_mtx);
1902 CTL_DEBUG_PRINT(("got CTL_IOCTL_DONE\n"));
1906 mtx_unlock(¶ms.ioctl_mtx);
1907 /* XXX KDM error here? */
1910 } while (done == 0);
1912 mtx_destroy(¶ms.ioctl_mtx);
1913 cv_destroy(¶ms.sem);
1915 return (CTL_RETVAL_COMPLETE);
1919 ctl_ioctl_datamove(union ctl_io *io)
1921 struct ctl_fe_ioctl_params *params;
1923 params = (struct ctl_fe_ioctl_params *)
1924 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr;
1926 mtx_lock(¶ms->ioctl_mtx);
1927 params->state = CTL_IOCTL_DATAMOVE;
1928 cv_broadcast(¶ms->sem);
1929 mtx_unlock(¶ms->ioctl_mtx);
1933 ctl_ioctl_done(union ctl_io *io)
1935 struct ctl_fe_ioctl_params *params;
1937 params = (struct ctl_fe_ioctl_params *)
1938 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr;
1940 mtx_lock(¶ms->ioctl_mtx);
1941 params->state = CTL_IOCTL_DONE;
1942 cv_broadcast(¶ms->sem);
1943 mtx_unlock(¶ms->ioctl_mtx);
1947 ctl_ioctl_hard_startstop_callback(void *arg, struct cfi_metatask *metatask)
1949 struct ctl_fe_ioctl_startstop_info *sd_info;
1951 sd_info = (struct ctl_fe_ioctl_startstop_info *)arg;
1953 sd_info->hs_info.status = metatask->status;
1954 sd_info->hs_info.total_luns = metatask->taskinfo.startstop.total_luns;
1955 sd_info->hs_info.luns_complete =
1956 metatask->taskinfo.startstop.luns_complete;
1957 sd_info->hs_info.luns_failed = metatask->taskinfo.startstop.luns_failed;
1959 cv_broadcast(&sd_info->sem);
1963 ctl_ioctl_bbrread_callback(void *arg, struct cfi_metatask *metatask)
1965 struct ctl_fe_ioctl_bbrread_info *fe_bbr_info;
1967 fe_bbr_info = (struct ctl_fe_ioctl_bbrread_info *)arg;
1969 mtx_lock(fe_bbr_info->lock);
1970 fe_bbr_info->bbr_info->status = metatask->status;
1971 fe_bbr_info->bbr_info->bbr_status = metatask->taskinfo.bbrread.status;
1972 fe_bbr_info->wakeup_done = 1;
1973 mtx_unlock(fe_bbr_info->lock);
1975 cv_broadcast(&fe_bbr_info->sem);
1979 * Returns 0 for success, errno for failure.
1982 ctl_ioctl_fill_ooa(struct ctl_lun *lun, uint32_t *cur_fill_num,
1983 struct ctl_ooa *ooa_hdr, struct ctl_ooa_entry *kern_entries)
1990 mtx_assert(&control_softc->ctl_lock, MA_OWNED);
1992 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); (io != NULL);
1993 (*cur_fill_num)++, io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr,
1995 struct ctl_ooa_entry *entry;
1998 * If we've got more than we can fit, just count the
1999 * remaining entries.
2001 if (*cur_fill_num >= ooa_hdr->alloc_num)
2004 entry = &kern_entries[*cur_fill_num];
2006 entry->tag_num = io->scsiio.tag_num;
2007 entry->lun_num = lun->lun;
2009 entry->start_bt = io->io_hdr.start_bt;
2011 bcopy(io->scsiio.cdb, entry->cdb, io->scsiio.cdb_len);
2012 entry->cdb_len = io->scsiio.cdb_len;
2013 if (io->io_hdr.flags & CTL_FLAG_BLOCKED)
2014 entry->cmd_flags |= CTL_OOACMD_FLAG_BLOCKED;
2016 if (io->io_hdr.flags & CTL_FLAG_DMA_INPROG)
2017 entry->cmd_flags |= CTL_OOACMD_FLAG_DMA;
2019 if (io->io_hdr.flags & CTL_FLAG_ABORT)
2020 entry->cmd_flags |= CTL_OOACMD_FLAG_ABORT;
2022 if (io->io_hdr.flags & CTL_FLAG_IS_WAS_ON_RTR)
2023 entry->cmd_flags |= CTL_OOACMD_FLAG_RTR;
2025 if (io->io_hdr.flags & CTL_FLAG_DMA_QUEUED)
2026 entry->cmd_flags |= CTL_OOACMD_FLAG_DMA_QUEUED;
2033 ctl_copyin_alloc(void *user_addr, int len, char *error_str,
2034 size_t error_str_len)
2038 kptr = malloc(len, M_CTL, M_WAITOK | M_ZERO);
2040 if (copyin(user_addr, kptr, len) != 0) {
2041 snprintf(error_str, error_str_len, "Error copying %d bytes "
2042 "from user address %p to kernel address %p", len,
2052 ctl_free_args(int num_be_args, struct ctl_be_arg *be_args)
2056 if (be_args == NULL)
2059 for (i = 0; i < num_be_args; i++) {
2060 free(be_args[i].kname, M_CTL);
2061 free(be_args[i].kvalue, M_CTL);
2064 free(be_args, M_CTL);
2067 static struct ctl_be_arg *
2068 ctl_copyin_args(int num_be_args, struct ctl_be_arg *be_args,
2069 char *error_str, size_t error_str_len)
2071 struct ctl_be_arg *args;
2074 args = ctl_copyin_alloc(be_args, num_be_args * sizeof(*be_args),
2075 error_str, error_str_len);
2080 for (i = 0; i < num_be_args; i++) {
2081 args[i].kname = NULL;
2082 args[i].kvalue = NULL;
2085 for (i = 0; i < num_be_args; i++) {
2088 args[i].kname = ctl_copyin_alloc(args[i].name,
2089 args[i].namelen, error_str, error_str_len);
2090 if (args[i].kname == NULL)
2093 if (args[i].kname[args[i].namelen - 1] != '\0') {
2094 snprintf(error_str, error_str_len, "Argument %d "
2095 "name is not NUL-terminated", i);
2099 args[i].kvalue = NULL;
2101 tmpptr = ctl_copyin_alloc(args[i].value,
2102 args[i].vallen, error_str, error_str_len);
2106 args[i].kvalue = tmpptr;
2108 if ((args[i].flags & CTL_BEARG_ASCII)
2109 && (tmpptr[args[i].vallen - 1] != '\0')) {
2110 snprintf(error_str, error_str_len, "Argument %d "
2111 "value is not NUL-terminated", i);
2119 ctl_free_args(num_be_args, args);
2125 * Escape characters that are illegal or not recommended in XML.
2128 ctl_sbuf_printf_esc(struct sbuf *sb, char *str)
2134 for (; *str; str++) {
2137 retval = sbuf_printf(sb, "&");
2140 retval = sbuf_printf(sb, ">");
2143 retval = sbuf_printf(sb, "<");
2146 retval = sbuf_putc(sb, *str);
2159 ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag,
2162 struct ctl_softc *softc;
2165 softc = control_softc;
2175 * If we haven't been "enabled", don't allow any SCSI I/O
2178 if ((softc->ioctl_info.flags & CTL_IOCTL_FLAG_ENABLED) == 0) {
2183 io = ctl_alloc_io(softc->ioctl_info.fe.ctl_pool_ref);
2185 printf("ctl_ioctl: can't allocate ctl_io!\n");
2191 * Need to save the pool reference so it doesn't get
2192 * spammed by the user's ctl_io.
2194 pool_tmp = io->io_hdr.pool;
2196 memcpy(io, (void *)addr, sizeof(*io));
2198 io->io_hdr.pool = pool_tmp;
2200 * No status yet, so make sure the status is set properly.
2202 io->io_hdr.status = CTL_STATUS_NONE;
2205 * The user sets the initiator ID, target and LUN IDs.
2207 io->io_hdr.nexus.targ_port = softc->ioctl_info.fe.targ_port;
2208 io->io_hdr.flags |= CTL_FLAG_USER_REQ;
2209 if ((io->io_hdr.io_type == CTL_IO_SCSI)
2210 && (io->scsiio.tag_type != CTL_TAG_UNTAGGED))
2211 io->scsiio.tag_num = softc->ioctl_info.cur_tag_num++;
2213 retval = ctl_ioctl_submit_wait(io);
2220 memcpy((void *)addr, io, sizeof(*io));
2222 /* return this to our pool */
2227 case CTL_ENABLE_PORT:
2228 case CTL_DISABLE_PORT:
2229 case CTL_SET_PORT_WWNS: {
2230 struct ctl_frontend *fe;
2231 struct ctl_port_entry *entry;
2233 entry = (struct ctl_port_entry *)addr;
2235 mtx_lock(&softc->ctl_lock);
2236 STAILQ_FOREACH(fe, &softc->fe_list, links) {
2242 if ((entry->port_type == CTL_PORT_NONE)
2243 && (entry->targ_port == fe->targ_port)) {
2245 * If the user only wants to enable or
2246 * disable or set WWNs on a specific port,
2247 * do the operation and we're done.
2251 } else if (entry->port_type & fe->port_type) {
2253 * Compare the user's type mask with the
2254 * particular frontend type to see if we
2261 * Make sure the user isn't trying to set
2262 * WWNs on multiple ports at the same time.
2264 if (cmd == CTL_SET_PORT_WWNS) {
2265 printf("%s: Can't set WWNs on "
2266 "multiple ports\n", __func__);
2273 * XXX KDM we have to drop the lock here,
2274 * because the online/offline operations
2275 * can potentially block. We need to
2276 * reference count the frontends so they
2279 mtx_unlock(&softc->ctl_lock);
2281 if (cmd == CTL_ENABLE_PORT) {
2282 struct ctl_lun *lun;
2284 STAILQ_FOREACH(lun, &softc->lun_list,
2286 fe->lun_enable(fe->targ_lun_arg,
2291 ctl_frontend_online(fe);
2292 } else if (cmd == CTL_DISABLE_PORT) {
2293 struct ctl_lun *lun;
2295 ctl_frontend_offline(fe);
2297 STAILQ_FOREACH(lun, &softc->lun_list,
2306 mtx_lock(&softc->ctl_lock);
2308 if (cmd == CTL_SET_PORT_WWNS)
2309 ctl_frontend_set_wwns(fe,
2310 (entry->flags & CTL_PORT_WWNN_VALID) ?
2312 (entry->flags & CTL_PORT_WWPN_VALID) ?
2313 1 : 0, entry->wwpn);
2318 mtx_unlock(&softc->ctl_lock);
2321 case CTL_GET_PORT_LIST: {
2322 struct ctl_frontend *fe;
2323 struct ctl_port_list *list;
2326 list = (struct ctl_port_list *)addr;
2328 if (list->alloc_len != (list->alloc_num *
2329 sizeof(struct ctl_port_entry))) {
2330 printf("%s: CTL_GET_PORT_LIST: alloc_len %u != "
2331 "alloc_num %u * sizeof(struct ctl_port_entry) "
2332 "%zu\n", __func__, list->alloc_len,
2333 list->alloc_num, sizeof(struct ctl_port_entry));
2339 list->dropped_num = 0;
2341 mtx_lock(&softc->ctl_lock);
2342 STAILQ_FOREACH(fe, &softc->fe_list, links) {
2343 struct ctl_port_entry entry, *list_entry;
2345 if (list->fill_num >= list->alloc_num) {
2346 list->dropped_num++;
2350 entry.port_type = fe->port_type;
2351 strlcpy(entry.port_name, fe->port_name,
2352 sizeof(entry.port_name));
2353 entry.targ_port = fe->targ_port;
2354 entry.physical_port = fe->physical_port;
2355 entry.virtual_port = fe->virtual_port;
2356 entry.wwnn = fe->wwnn;
2357 entry.wwpn = fe->wwpn;
2358 if (fe->status & CTL_PORT_STATUS_ONLINE)
2363 list_entry = &list->entries[i];
2365 retval = copyout(&entry, list_entry, sizeof(entry));
2367 printf("%s: CTL_GET_PORT_LIST: copyout "
2368 "returned %d\n", __func__, retval);
2373 list->fill_len += sizeof(entry);
2375 mtx_unlock(&softc->ctl_lock);
2378 * If this is non-zero, we had a copyout fault, so there's
2379 * probably no point in attempting to set the status inside
2385 if (list->dropped_num > 0)
2386 list->status = CTL_PORT_LIST_NEED_MORE_SPACE;
2388 list->status = CTL_PORT_LIST_OK;
2391 case CTL_DUMP_OOA: {
2392 struct ctl_lun *lun;
2397 mtx_lock(&softc->ctl_lock);
2398 printf("Dumping OOA queues:\n");
2399 STAILQ_FOREACH(lun, &softc->lun_list, links) {
2400 for (io = (union ctl_io *)TAILQ_FIRST(
2401 &lun->ooa_queue); io != NULL;
2402 io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr,
2404 sbuf_new(&sb, printbuf, sizeof(printbuf),
2406 sbuf_printf(&sb, "LUN %jd tag 0x%04x%s%s%s%s: ",
2410 CTL_FLAG_BLOCKED) ? "" : " BLOCKED",
2412 CTL_FLAG_DMA_INPROG) ? " DMA" : "",
2414 CTL_FLAG_ABORT) ? " ABORT" : "",
2416 CTL_FLAG_IS_WAS_ON_RTR) ? " RTR" : "");
2417 ctl_scsi_command_string(&io->scsiio, NULL, &sb);
2419 printf("%s\n", sbuf_data(&sb));
2422 printf("OOA queues dump done\n");
2423 mtx_unlock(&softc->ctl_lock);
2427 struct ctl_lun *lun;
2428 struct ctl_ooa *ooa_hdr;
2429 struct ctl_ooa_entry *entries;
2430 uint32_t cur_fill_num;
2432 ooa_hdr = (struct ctl_ooa *)addr;
2434 if ((ooa_hdr->alloc_len == 0)
2435 || (ooa_hdr->alloc_num == 0)) {
2436 printf("%s: CTL_GET_OOA: alloc len %u and alloc num %u "
2437 "must be non-zero\n", __func__,
2438 ooa_hdr->alloc_len, ooa_hdr->alloc_num);
2443 if (ooa_hdr->alloc_len != (ooa_hdr->alloc_num *
2444 sizeof(struct ctl_ooa_entry))) {
2445 printf("%s: CTL_GET_OOA: alloc len %u must be alloc "
2446 "num %d * sizeof(struct ctl_ooa_entry) %zd\n",
2447 __func__, ooa_hdr->alloc_len,
2448 ooa_hdr->alloc_num,sizeof(struct ctl_ooa_entry));
2453 entries = malloc(ooa_hdr->alloc_len, M_CTL, M_WAITOK | M_ZERO);
2454 if (entries == NULL) {
2455 printf("%s: could not allocate %d bytes for OOA "
2456 "dump\n", __func__, ooa_hdr->alloc_len);
2461 mtx_lock(&softc->ctl_lock);
2462 if (((ooa_hdr->flags & CTL_OOA_FLAG_ALL_LUNS) == 0)
2463 && ((ooa_hdr->lun_num > CTL_MAX_LUNS)
2464 || (softc->ctl_luns[ooa_hdr->lun_num] == NULL))) {
2465 mtx_unlock(&softc->ctl_lock);
2466 free(entries, M_CTL);
2467 printf("%s: CTL_GET_OOA: invalid LUN %ju\n",
2468 __func__, (uintmax_t)ooa_hdr->lun_num);
2475 if (ooa_hdr->flags & CTL_OOA_FLAG_ALL_LUNS) {
2476 STAILQ_FOREACH(lun, &softc->lun_list, links) {
2477 retval = ctl_ioctl_fill_ooa(lun, &cur_fill_num,
2483 mtx_unlock(&softc->ctl_lock);
2484 free(entries, M_CTL);
2488 lun = softc->ctl_luns[ooa_hdr->lun_num];
2490 retval = ctl_ioctl_fill_ooa(lun, &cur_fill_num,ooa_hdr,
2493 mtx_unlock(&softc->ctl_lock);
2495 ooa_hdr->fill_num = min(cur_fill_num, ooa_hdr->alloc_num);
2496 ooa_hdr->fill_len = ooa_hdr->fill_num *
2497 sizeof(struct ctl_ooa_entry);
2498 retval = copyout(entries, ooa_hdr->entries, ooa_hdr->fill_len);
2500 printf("%s: error copying out %d bytes for OOA dump\n",
2501 __func__, ooa_hdr->fill_len);
2504 getbintime(&ooa_hdr->cur_bt);
2506 if (cur_fill_num > ooa_hdr->alloc_num) {
2507 ooa_hdr->dropped_num = cur_fill_num -ooa_hdr->alloc_num;
2508 ooa_hdr->status = CTL_OOA_NEED_MORE_SPACE;
2510 ooa_hdr->dropped_num = 0;
2511 ooa_hdr->status = CTL_OOA_OK;
2514 free(entries, M_CTL);
2517 case CTL_CHECK_OOA: {
2519 struct ctl_lun *lun;
2520 struct ctl_ooa_info *ooa_info;
2523 ooa_info = (struct ctl_ooa_info *)addr;
2525 if (ooa_info->lun_id >= CTL_MAX_LUNS) {
2526 ooa_info->status = CTL_OOA_INVALID_LUN;
2529 mtx_lock(&softc->ctl_lock);
2530 lun = softc->ctl_luns[ooa_info->lun_id];
2532 mtx_unlock(&softc->ctl_lock);
2533 ooa_info->status = CTL_OOA_INVALID_LUN;
2537 ooa_info->num_entries = 0;
2538 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue);
2539 io != NULL; io = (union ctl_io *)TAILQ_NEXT(
2540 &io->io_hdr, ooa_links)) {
2541 ooa_info->num_entries++;
2544 mtx_unlock(&softc->ctl_lock);
2545 ooa_info->status = CTL_OOA_SUCCESS;
2549 case CTL_HARD_START:
2550 case CTL_HARD_STOP: {
2551 struct ctl_fe_ioctl_startstop_info ss_info;
2552 struct cfi_metatask *metatask;
2555 mtx_init(&hs_mtx, "HS Mutex", NULL, MTX_DEF);
2557 cv_init(&ss_info.sem, "hard start/stop cv" );
2559 metatask = cfi_alloc_metatask(/*can_wait*/ 1);
2560 if (metatask == NULL) {
2562 mtx_destroy(&hs_mtx);
2566 if (cmd == CTL_HARD_START)
2567 metatask->tasktype = CFI_TASK_STARTUP;
2569 metatask->tasktype = CFI_TASK_SHUTDOWN;
2571 metatask->callback = ctl_ioctl_hard_startstop_callback;
2572 metatask->callback_arg = &ss_info;
2574 cfi_action(metatask);
2576 /* Wait for the callback */
2578 cv_wait_sig(&ss_info.sem, &hs_mtx);
2579 mtx_unlock(&hs_mtx);
2582 * All information has been copied from the metatask by the
2583 * time cv_broadcast() is called, so we free the metatask here.
2585 cfi_free_metatask(metatask);
2587 memcpy((void *)addr, &ss_info.hs_info, sizeof(ss_info.hs_info));
2589 mtx_destroy(&hs_mtx);
2593 struct ctl_bbrread_info *bbr_info;
2594 struct ctl_fe_ioctl_bbrread_info fe_bbr_info;
2596 struct cfi_metatask *metatask;
2598 bbr_info = (struct ctl_bbrread_info *)addr;
2600 bzero(&fe_bbr_info, sizeof(fe_bbr_info));
2602 bzero(&bbr_mtx, sizeof(bbr_mtx));
2603 mtx_init(&bbr_mtx, "BBR Mutex", NULL, MTX_DEF);
2605 fe_bbr_info.bbr_info = bbr_info;
2606 fe_bbr_info.lock = &bbr_mtx;
2608 cv_init(&fe_bbr_info.sem, "BBR read cv");
2609 metatask = cfi_alloc_metatask(/*can_wait*/ 1);
2611 if (metatask == NULL) {
2612 mtx_destroy(&bbr_mtx);
2613 cv_destroy(&fe_bbr_info.sem);
2617 metatask->tasktype = CFI_TASK_BBRREAD;
2618 metatask->callback = ctl_ioctl_bbrread_callback;
2619 metatask->callback_arg = &fe_bbr_info;
2620 metatask->taskinfo.bbrread.lun_num = bbr_info->lun_num;
2621 metatask->taskinfo.bbrread.lba = bbr_info->lba;
2622 metatask->taskinfo.bbrread.len = bbr_info->len;
2624 cfi_action(metatask);
2627 while (fe_bbr_info.wakeup_done == 0)
2628 cv_wait_sig(&fe_bbr_info.sem, &bbr_mtx);
2629 mtx_unlock(&bbr_mtx);
2631 bbr_info->status = metatask->status;
2632 bbr_info->bbr_status = metatask->taskinfo.bbrread.status;
2633 bbr_info->scsi_status = metatask->taskinfo.bbrread.scsi_status;
2634 memcpy(&bbr_info->sense_data,
2635 &metatask->taskinfo.bbrread.sense_data,
2636 ctl_min(sizeof(bbr_info->sense_data),
2637 sizeof(metatask->taskinfo.bbrread.sense_data)));
2639 cfi_free_metatask(metatask);
2641 mtx_destroy(&bbr_mtx);
2642 cv_destroy(&fe_bbr_info.sem);
2646 case CTL_DELAY_IO: {
2647 struct ctl_io_delay_info *delay_info;
2649 struct ctl_lun *lun;
2650 #endif /* CTL_IO_DELAY */
2652 delay_info = (struct ctl_io_delay_info *)addr;
2655 mtx_lock(&softc->ctl_lock);
2657 if ((delay_info->lun_id > CTL_MAX_LUNS)
2658 || (softc->ctl_luns[delay_info->lun_id] == NULL)) {
2659 delay_info->status = CTL_DELAY_STATUS_INVALID_LUN;
2661 lun = softc->ctl_luns[delay_info->lun_id];
2663 delay_info->status = CTL_DELAY_STATUS_OK;
2665 switch (delay_info->delay_type) {
2666 case CTL_DELAY_TYPE_CONT:
2668 case CTL_DELAY_TYPE_ONESHOT:
2671 delay_info->status =
2672 CTL_DELAY_STATUS_INVALID_TYPE;
2676 switch (delay_info->delay_loc) {
2677 case CTL_DELAY_LOC_DATAMOVE:
2678 lun->delay_info.datamove_type =
2679 delay_info->delay_type;
2680 lun->delay_info.datamove_delay =
2681 delay_info->delay_secs;
2683 case CTL_DELAY_LOC_DONE:
2684 lun->delay_info.done_type =
2685 delay_info->delay_type;
2686 lun->delay_info.done_delay =
2687 delay_info->delay_secs;
2690 delay_info->status =
2691 CTL_DELAY_STATUS_INVALID_LOC;
2696 mtx_unlock(&softc->ctl_lock);
2698 delay_info->status = CTL_DELAY_STATUS_NOT_IMPLEMENTED;
2699 #endif /* CTL_IO_DELAY */
2702 case CTL_REALSYNC_SET: {
2705 syncstate = (int *)addr;
2707 mtx_lock(&softc->ctl_lock);
2708 switch (*syncstate) {
2710 softc->flags &= ~CTL_FLAG_REAL_SYNC;
2713 softc->flags |= CTL_FLAG_REAL_SYNC;
2719 mtx_unlock(&softc->ctl_lock);
2722 case CTL_REALSYNC_GET: {
2725 syncstate = (int*)addr;
2727 mtx_lock(&softc->ctl_lock);
2728 if (softc->flags & CTL_FLAG_REAL_SYNC)
2732 mtx_unlock(&softc->ctl_lock);
2738 struct ctl_sync_info *sync_info;
2739 struct ctl_lun *lun;
2741 sync_info = (struct ctl_sync_info *)addr;
2743 mtx_lock(&softc->ctl_lock);
2744 lun = softc->ctl_luns[sync_info->lun_id];
2746 mtx_unlock(&softc->ctl_lock);
2747 sync_info->status = CTL_GS_SYNC_NO_LUN;
2750 * Get or set the sync interval. We're not bounds checking
2751 * in the set case, hopefully the user won't do something
2754 if (cmd == CTL_GETSYNC)
2755 sync_info->sync_interval = lun->sync_interval;
2757 lun->sync_interval = sync_info->sync_interval;
2759 mtx_unlock(&softc->ctl_lock);
2761 sync_info->status = CTL_GS_SYNC_OK;
2765 case CTL_GETSTATS: {
2766 struct ctl_stats *stats;
2767 struct ctl_lun *lun;
2770 stats = (struct ctl_stats *)addr;
2772 if ((sizeof(struct ctl_lun_io_stats) * softc->num_luns) >
2774 stats->status = CTL_SS_NEED_MORE_SPACE;
2775 stats->num_luns = softc->num_luns;
2779 * XXX KDM no locking here. If the LUN list changes,
2780 * things can blow up.
2782 for (i = 0, lun = STAILQ_FIRST(&softc->lun_list); lun != NULL;
2783 i++, lun = STAILQ_NEXT(lun, links)) {
2784 retval = copyout(&lun->stats, &stats->lun_stats[i],
2785 sizeof(lun->stats));
2789 stats->num_luns = softc->num_luns;
2790 stats->fill_len = sizeof(struct ctl_lun_io_stats) *
2792 stats->status = CTL_SS_OK;
2794 stats->flags = CTL_STATS_FLAG_TIME_VALID;
2796 stats->flags = CTL_STATS_FLAG_NONE;
2798 getnanouptime(&stats->timestamp);
2801 case CTL_ERROR_INJECT: {
2802 struct ctl_error_desc *err_desc, *new_err_desc;
2803 struct ctl_lun *lun;
2805 err_desc = (struct ctl_error_desc *)addr;
2807 new_err_desc = malloc(sizeof(*new_err_desc), M_CTL,
2809 bcopy(err_desc, new_err_desc, sizeof(*new_err_desc));
2811 mtx_lock(&softc->ctl_lock);
2812 lun = softc->ctl_luns[err_desc->lun_id];
2814 mtx_unlock(&softc->ctl_lock);
2815 printf("%s: CTL_ERROR_INJECT: invalid LUN %ju\n",
2816 __func__, (uintmax_t)err_desc->lun_id);
2822 * We could do some checking here to verify the validity
2823 * of the request, but given the complexity of error
2824 * injection requests, the checking logic would be fairly
2827 * For now, if the request is invalid, it just won't get
2828 * executed and might get deleted.
2830 STAILQ_INSERT_TAIL(&lun->error_list, new_err_desc, links);
2833 * XXX KDM check to make sure the serial number is unique,
2834 * in case we somehow manage to wrap. That shouldn't
2835 * happen for a very long time, but it's the right thing to
2838 new_err_desc->serial = lun->error_serial;
2839 err_desc->serial = lun->error_serial;
2840 lun->error_serial++;
2842 mtx_unlock(&softc->ctl_lock);
2845 case CTL_ERROR_INJECT_DELETE: {
2846 struct ctl_error_desc *delete_desc, *desc, *desc2;
2847 struct ctl_lun *lun;
2850 delete_desc = (struct ctl_error_desc *)addr;
2853 mtx_lock(&softc->ctl_lock);
2854 lun = softc->ctl_luns[delete_desc->lun_id];
2856 mtx_unlock(&softc->ctl_lock);
2857 printf("%s: CTL_ERROR_INJECT_DELETE: invalid LUN %ju\n",
2858 __func__, (uintmax_t)delete_desc->lun_id);
2862 STAILQ_FOREACH_SAFE(desc, &lun->error_list, links, desc2) {
2863 if (desc->serial != delete_desc->serial)
2866 STAILQ_REMOVE(&lun->error_list, desc, ctl_error_desc,
2871 mtx_unlock(&softc->ctl_lock);
2872 if (delete_done == 0) {
2873 printf("%s: CTL_ERROR_INJECT_DELETE: can't find "
2874 "error serial %ju on LUN %u\n", __func__,
2875 delete_desc->serial, delete_desc->lun_id);
2881 case CTL_DUMP_STRUCTS: {
2883 struct ctl_frontend *fe;
2885 printf("CTL IID to WWPN map start:\n");
2886 for (i = 0; i < CTL_MAX_PORTS; i++) {
2887 for (j = 0; j < CTL_MAX_INIT_PER_PORT; j++) {
2888 if (softc->wwpn_iid[i][j].in_use == 0)
2891 printf("port %d iid %u WWPN %#jx\n",
2892 softc->wwpn_iid[i][j].port,
2893 softc->wwpn_iid[i][j].iid,
2894 (uintmax_t)softc->wwpn_iid[i][j].wwpn);
2897 printf("CTL IID to WWPN map end\n");
2898 printf("CTL Persistent Reservation information start:\n");
2899 for (i = 0; i < CTL_MAX_LUNS; i++) {
2900 struct ctl_lun *lun;
2902 lun = softc->ctl_luns[i];
2905 || ((lun->flags & CTL_LUN_DISABLED) != 0))
2908 for (j = 0; j < (CTL_MAX_PORTS * 2); j++) {
2909 for (k = 0; k < CTL_MAX_INIT_PER_PORT; k++){
2910 if (lun->per_res[j+k].registered == 0)
2912 printf("LUN %d port %d iid %d key "
2914 (uintmax_t)scsi_8btou64(
2915 lun->per_res[j+k].res_key.key));
2919 printf("CTL Persistent Reservation information end\n");
2920 printf("CTL Frontends:\n");
2922 * XXX KDM calling this without a lock. We'd likely want
2923 * to drop the lock before calling the frontend's dump
2926 STAILQ_FOREACH(fe, &softc->fe_list, links) {
2927 printf("Frontend %s Type %u pport %d vport %d WWNN "
2928 "%#jx WWPN %#jx\n", fe->port_name, fe->port_type,
2929 fe->physical_port, fe->virtual_port,
2930 (uintmax_t)fe->wwnn, (uintmax_t)fe->wwpn);
2933 * Frontends are not required to support the dump
2936 if (fe->fe_dump == NULL)
2941 printf("CTL Frontend information end\n");
2945 struct ctl_lun_req *lun_req;
2946 struct ctl_backend_driver *backend;
2948 lun_req = (struct ctl_lun_req *)addr;
2950 backend = ctl_backend_find(lun_req->backend);
2951 if (backend == NULL) {
2952 lun_req->status = CTL_LUN_ERROR;
2953 snprintf(lun_req->error_str,
2954 sizeof(lun_req->error_str),
2955 "Backend \"%s\" not found.",
2959 if (lun_req->num_be_args > 0) {
2960 lun_req->kern_be_args = ctl_copyin_args(
2961 lun_req->num_be_args,
2964 sizeof(lun_req->error_str));
2965 if (lun_req->kern_be_args == NULL) {
2966 lun_req->status = CTL_LUN_ERROR;
2971 retval = backend->ioctl(dev, cmd, addr, flag, td);
2973 if (lun_req->num_be_args > 0) {
2974 ctl_free_args(lun_req->num_be_args,
2975 lun_req->kern_be_args);
2979 case CTL_LUN_LIST: {
2981 struct ctl_lun *lun;
2982 struct ctl_lun_list *list;
2984 list = (struct ctl_lun_list *)addr;
2987 * Allocate a fixed length sbuf here, based on the length
2988 * of the user's buffer. We could allocate an auto-extending
2989 * buffer, and then tell the user how much larger our
2990 * amount of data is than his buffer, but that presents
2993 * 1. The sbuf(9) routines use a blocking malloc, and so
2994 * we can't hold a lock while calling them with an
2995 * auto-extending buffer.
2997 * 2. There is not currently a LUN reference counting
2998 * mechanism, outside of outstanding transactions on
2999 * the LUN's OOA queue. So a LUN could go away on us
3000 * while we're getting the LUN number, backend-specific
3001 * information, etc. Thus, given the way things
3002 * currently work, we need to hold the CTL lock while
3003 * grabbing LUN information.
3005 * So, from the user's standpoint, the best thing to do is
3006 * allocate what he thinks is a reasonable buffer length,
3007 * and then if he gets a CTL_LUN_LIST_NEED_MORE_SPACE error,
3008 * double the buffer length and try again. (And repeat
3009 * that until he succeeds.)
3011 sb = sbuf_new(NULL, NULL, list->alloc_len, SBUF_FIXEDLEN);
3013 list->status = CTL_LUN_LIST_ERROR;
3014 snprintf(list->error_str, sizeof(list->error_str),
3015 "Unable to allocate %d bytes for LUN list",
3020 sbuf_printf(sb, "<ctllunlist>\n");
3022 mtx_lock(&softc->ctl_lock);
3024 STAILQ_FOREACH(lun, &softc->lun_list, links) {
3025 retval = sbuf_printf(sb, "<lun id=\"%ju\">\n",
3026 (uintmax_t)lun->lun);
3029 * Bail out as soon as we see that we've overfilled
3035 retval = sbuf_printf(sb, "<backend_type>%s"
3036 "</backend_type>\n",
3037 (lun->backend == NULL) ? "none" :
3038 lun->backend->name);
3043 retval = sbuf_printf(sb, "<lun_type>%d</lun_type>\n",
3044 lun->be_lun->lun_type);
3049 if (lun->backend == NULL) {
3050 retval = sbuf_printf(sb, "</lun>\n");
3056 retval = sbuf_printf(sb, "<size>%ju</size>\n",
3057 (lun->be_lun->maxlba > 0) ?
3058 lun->be_lun->maxlba + 1 : 0);
3063 retval = sbuf_printf(sb, "<blocksize>%u</blocksize>\n",
3064 lun->be_lun->blocksize);
3069 retval = sbuf_printf(sb, "<serial_number>");
3074 retval = ctl_sbuf_printf_esc(sb,
3075 lun->be_lun->serial_num);
3080 retval = sbuf_printf(sb, "</serial_number>\n");
3085 retval = sbuf_printf(sb, "<device_id>");
3090 retval = ctl_sbuf_printf_esc(sb,lun->be_lun->device_id);
3095 retval = sbuf_printf(sb, "</device_id>\n");
3100 if (lun->backend->lun_info == NULL) {
3101 retval = sbuf_printf(sb, "</lun>\n");
3107 retval =lun->backend->lun_info(lun->be_lun->be_lun, sb);
3112 retval = sbuf_printf(sb, "</lun>\n");
3117 mtx_unlock(&softc->ctl_lock);
3120 || ((retval = sbuf_printf(sb, "</ctllunlist>\n")) != 0)) {
3123 list->status = CTL_LUN_LIST_NEED_MORE_SPACE;
3124 snprintf(list->error_str, sizeof(list->error_str),
3125 "Out of space, %d bytes is too small",
3132 retval = copyout(sbuf_data(sb), list->lun_xml,
3135 list->fill_len = sbuf_len(sb) + 1;
3136 list->status = CTL_LUN_LIST_OK;
3141 /* XXX KDM should we fix this? */
3143 struct ctl_backend_driver *backend;
3150 * We encode the backend type as the ioctl type for backend
3151 * ioctls. So parse it out here, and then search for a
3152 * backend of this type.
3154 type = _IOC_TYPE(cmd);
3156 STAILQ_FOREACH(backend, &softc->be_list, links) {
3157 if (backend->type == type) {
3163 printf("ctl: unknown ioctl command %#lx or backend "
3168 retval = backend->ioctl(dev, cmd, addr, flag, td);
3178 ctl_get_initindex(struct ctl_nexus *nexus)
3180 if (nexus->targ_port < CTL_MAX_PORTS)
3181 return (nexus->initid.id +
3182 (nexus->targ_port * CTL_MAX_INIT_PER_PORT));
3184 return (nexus->initid.id +
3185 ((nexus->targ_port - CTL_MAX_PORTS) *
3186 CTL_MAX_INIT_PER_PORT));
3190 ctl_get_resindex(struct ctl_nexus *nexus)
3192 return (nexus->initid.id + (nexus->targ_port * CTL_MAX_INIT_PER_PORT));
3196 ctl_port_idx(int port_num)
3198 if (port_num < CTL_MAX_PORTS)
3201 return(port_num - CTL_MAX_PORTS);
3205 * Note: This only works for bitmask sizes that are at least 32 bits, and
3206 * that are a power of 2.
3209 ctl_ffz(uint32_t *mask, uint32_t size)
3211 uint32_t num_chunks, num_pieces;
3214 num_chunks = (size >> 5);
3215 if (num_chunks == 0)
3217 num_pieces = ctl_min((sizeof(uint32_t) * 8), size);
3219 for (i = 0; i < num_chunks; i++) {
3220 for (j = 0; j < num_pieces; j++) {
3221 if ((mask[i] & (1 << j)) == 0)
3222 return ((i << 5) + j);
3230 ctl_set_mask(uint32_t *mask, uint32_t bit)
3232 uint32_t chunk, piece;
3235 piece = bit % (sizeof(uint32_t) * 8);
3237 if ((mask[chunk] & (1 << piece)) != 0)
3240 mask[chunk] |= (1 << piece);
3246 ctl_clear_mask(uint32_t *mask, uint32_t bit)
3248 uint32_t chunk, piece;
3251 piece = bit % (sizeof(uint32_t) * 8);
3253 if ((mask[chunk] & (1 << piece)) == 0)
3256 mask[chunk] &= ~(1 << piece);
3262 ctl_is_set(uint32_t *mask, uint32_t bit)
3264 uint32_t chunk, piece;
3267 piece = bit % (sizeof(uint32_t) * 8);
3269 if ((mask[chunk] & (1 << piece)) == 0)
3277 * The bus, target and lun are optional, they can be filled in later.
3278 * can_wait is used to determine whether we can wait on the malloc or not.
3281 ctl_malloc_io(ctl_io_type io_type, uint32_t targ_port, uint32_t targ_target,
3282 uint32_t targ_lun, int can_wait)
3287 io = (union ctl_io *)malloc(sizeof(*io), M_CTL, M_WAITOK);
3289 io = (union ctl_io *)malloc(sizeof(*io), M_CTL, M_NOWAIT);
3292 io->io_hdr.io_type = io_type;
3293 io->io_hdr.targ_port = targ_port;
3295 * XXX KDM this needs to change/go away. We need to move
3296 * to a preallocated pool of ctl_scsiio structures.
3298 io->io_hdr.nexus.targ_target.id = targ_target;
3299 io->io_hdr.nexus.targ_lun = targ_lun;
3306 ctl_kfree_io(union ctl_io *io)
3313 * ctl_softc, pool_type, total_ctl_io are passed in.
3314 * npool is passed out.
3317 ctl_pool_create(struct ctl_softc *ctl_softc, ctl_pool_type pool_type,
3318 uint32_t total_ctl_io, struct ctl_io_pool **npool)
3321 union ctl_io *cur_io, *next_io;
3322 struct ctl_io_pool *pool;
3327 pool = (struct ctl_io_pool *)malloc(sizeof(*pool), M_CTL,
3334 pool->type = pool_type;
3335 pool->ctl_softc = ctl_softc;
3337 mtx_lock(&ctl_softc->pool_lock);
3338 pool->id = ctl_softc->cur_pool_id++;
3339 mtx_unlock(&ctl_softc->pool_lock);
3341 pool->flags = CTL_POOL_FLAG_NONE;
3342 pool->refcount = 1; /* Reference for validity. */
3343 STAILQ_INIT(&pool->free_queue);
3346 * XXX KDM other options here:
3347 * - allocate a page at a time
3348 * - allocate one big chunk of memory.
3349 * Page allocation might work well, but would take a little more
3352 for (i = 0; i < total_ctl_io; i++) {
3353 cur_io = (union ctl_io *)malloc(sizeof(*cur_io), M_CTL,
3355 if (cur_io == NULL) {
3359 cur_io->io_hdr.pool = pool;
3360 STAILQ_INSERT_TAIL(&pool->free_queue, &cur_io->io_hdr, links);
3361 pool->total_ctl_io++;
3362 pool->free_ctl_io++;
3366 for (cur_io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue);
3367 cur_io != NULL; cur_io = next_io) {
3368 next_io = (union ctl_io *)STAILQ_NEXT(&cur_io->io_hdr,
3370 STAILQ_REMOVE(&pool->free_queue, &cur_io->io_hdr,
3372 free(cur_io, M_CTL);
3378 mtx_lock(&ctl_softc->pool_lock);
3379 ctl_softc->num_pools++;
3380 STAILQ_INSERT_TAIL(&ctl_softc->io_pools, pool, links);
3382 * Increment our usage count if this is an external consumer, so we
3383 * can't get unloaded until the external consumer (most likely a
3384 * FETD) unloads and frees his pool.
3386 * XXX KDM will this increment the caller's module use count, or
3390 if ((pool_type != CTL_POOL_EMERGENCY)
3391 && (pool_type != CTL_POOL_INTERNAL)
3392 && (pool_type != CTL_POOL_IOCTL)
3393 && (pool_type != CTL_POOL_4OTHERSC))
3397 mtx_unlock(&ctl_softc->pool_lock);
3407 ctl_pool_acquire(struct ctl_io_pool *pool)
3410 mtx_assert(&pool->ctl_softc->pool_lock, MA_OWNED);
3412 if (pool->flags & CTL_POOL_FLAG_INVALID)
3421 ctl_pool_release(struct ctl_io_pool *pool)
3423 struct ctl_softc *ctl_softc = pool->ctl_softc;
3426 mtx_assert(&ctl_softc->pool_lock, MA_OWNED);
3428 if (--pool->refcount != 0)
3431 while ((io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue)) != NULL) {
3432 STAILQ_REMOVE(&pool->free_queue, &io->io_hdr, ctl_io_hdr,
3437 STAILQ_REMOVE(&ctl_softc->io_pools, pool, ctl_io_pool, links);
3438 ctl_softc->num_pools--;
3441 * XXX KDM will this decrement the caller's usage count or mine?
3444 if ((pool->type != CTL_POOL_EMERGENCY)
3445 && (pool->type != CTL_POOL_INTERNAL)
3446 && (pool->type != CTL_POOL_IOCTL))
3454 ctl_pool_free(struct ctl_io_pool *pool)
3456 struct ctl_softc *ctl_softc;
3461 ctl_softc = pool->ctl_softc;
3462 mtx_lock(&ctl_softc->pool_lock);
3463 pool->flags |= CTL_POOL_FLAG_INVALID;
3464 ctl_pool_release(pool);
3465 mtx_unlock(&ctl_softc->pool_lock);
3469 * This routine does not block (except for spinlocks of course).
3470 * It tries to allocate a ctl_io union from the caller's pool as quickly as
3474 ctl_alloc_io(void *pool_ref)
3477 struct ctl_softc *ctl_softc;
3478 struct ctl_io_pool *pool, *npool;
3479 struct ctl_io_pool *emergency_pool;
3481 pool = (struct ctl_io_pool *)pool_ref;
3484 printf("%s: pool is NULL\n", __func__);
3488 emergency_pool = NULL;
3490 ctl_softc = pool->ctl_softc;
3492 mtx_lock(&ctl_softc->pool_lock);
3494 * First, try to get the io structure from the user's pool.
3496 if (ctl_pool_acquire(pool) == 0) {
3497 io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue);
3499 STAILQ_REMOVE_HEAD(&pool->free_queue, links);
3500 pool->total_allocated++;
3501 pool->free_ctl_io--;
3502 mtx_unlock(&ctl_softc->pool_lock);
3505 ctl_pool_release(pool);
3508 * If he doesn't have any io structures left, search for an
3509 * emergency pool and grab one from there.
3511 STAILQ_FOREACH(npool, &ctl_softc->io_pools, links) {
3512 if (npool->type != CTL_POOL_EMERGENCY)
3515 if (ctl_pool_acquire(npool) != 0)
3518 emergency_pool = npool;
3520 io = (union ctl_io *)STAILQ_FIRST(&npool->free_queue);
3522 STAILQ_REMOVE_HEAD(&npool->free_queue, links);
3523 npool->total_allocated++;
3524 npool->free_ctl_io--;
3525 mtx_unlock(&ctl_softc->pool_lock);
3528 ctl_pool_release(npool);
3531 /* Drop the spinlock before we malloc */
3532 mtx_unlock(&ctl_softc->pool_lock);
3535 * The emergency pool (if it exists) didn't have one, so try an
3536 * atomic (i.e. nonblocking) malloc and see if we get lucky.
3538 io = (union ctl_io *)malloc(sizeof(*io), M_CTL, M_NOWAIT);
3541 * If the emergency pool exists but is empty, add this
3542 * ctl_io to its list when it gets freed.
3544 if (emergency_pool != NULL) {
3545 mtx_lock(&ctl_softc->pool_lock);
3546 if (ctl_pool_acquire(emergency_pool) == 0) {
3547 io->io_hdr.pool = emergency_pool;
3548 emergency_pool->total_ctl_io++;
3550 * Need to bump this, otherwise
3551 * total_allocated and total_freed won't
3552 * match when we no longer have anything
3555 emergency_pool->total_allocated++;
3557 mtx_unlock(&ctl_softc->pool_lock);
3559 io->io_hdr.pool = NULL;
3566 ctl_free_io(union ctl_io *io)
3572 * If this ctl_io has a pool, return it to that pool.
3574 if (io->io_hdr.pool != NULL) {
3575 struct ctl_io_pool *pool;
3577 struct ctl_softc *ctl_softc;
3578 union ctl_io *tmp_io;
3579 unsigned long xflags;
3582 ctl_softc = control_softc;
3585 pool = (struct ctl_io_pool *)io->io_hdr.pool;
3587 mtx_lock(&pool->ctl_softc->pool_lock);
3591 for (i = 0, tmp_io = (union ctl_io *)STAILQ_FIRST(
3592 &ctl_softc->task_queue); tmp_io != NULL; i++,
3593 tmp_io = (union ctl_io *)STAILQ_NEXT(&tmp_io->io_hdr,
3596 printf("%s: %p is still on the task queue!\n",
3598 printf("%s: (%d): type %d "
3599 "msg %d cdb %x iptl: "
3600 "%d:%d:%d:%d tag 0x%04x "
3603 tmp_io->io_hdr.io_type,
3604 tmp_io->io_hdr.msg_type,
3605 tmp_io->scsiio.cdb[0],
3606 tmp_io->io_hdr.nexus.initid.id,
3607 tmp_io->io_hdr.nexus.targ_port,
3608 tmp_io->io_hdr.nexus.targ_target.id,
3609 tmp_io->io_hdr.nexus.targ_lun,
3610 (tmp_io->io_hdr.io_type ==
3612 tmp_io->taskio.tag_num :
3613 tmp_io->scsiio.tag_num,
3615 panic("I/O still on the task queue!");
3619 io->io_hdr.io_type = 0xff;
3620 STAILQ_INSERT_TAIL(&pool->free_queue, &io->io_hdr, links);
3621 pool->total_freed++;
3622 pool->free_ctl_io++;
3623 ctl_pool_release(pool);
3624 mtx_unlock(&pool->ctl_softc->pool_lock);
3627 * Otherwise, just free it. We probably malloced it and
3628 * the emergency pool wasn't available.
3636 ctl_zero_io(union ctl_io *io)
3644 * May need to preserve linked list pointers at some point too.
3646 pool_ref = io->io_hdr.pool;
3648 memset(io, 0, sizeof(*io));
3650 io->io_hdr.pool = pool_ref;
3654 * This routine is currently used for internal copies of ctl_ios that need
3655 * to persist for some reason after we've already returned status to the
3656 * FETD. (Thus the flag set.)
3659 * Note that this makes a blind copy of all fields in the ctl_io, except
3660 * for the pool reference. This includes any memory that has been
3661 * allocated! That memory will no longer be valid after done has been
3662 * called, so this would be VERY DANGEROUS for command that actually does
3663 * any reads or writes. Right now (11/7/2005), this is only used for immediate
3664 * start and stop commands, which don't transfer any data, so this is not a
3665 * problem. If it is used for anything else, the caller would also need to
3666 * allocate data buffer space and this routine would need to be modified to
3667 * copy the data buffer(s) as well.
3670 ctl_copy_io(union ctl_io *src, union ctl_io *dest)
3679 * May need to preserve linked list pointers at some point too.
3681 pool_ref = dest->io_hdr.pool;
3683 memcpy(dest, src, ctl_min(sizeof(*src), sizeof(*dest)));
3685 dest->io_hdr.pool = pool_ref;
3687 * We need to know that this is an internal copy, and doesn't need
3688 * to get passed back to the FETD that allocated it.
3690 dest->io_hdr.flags |= CTL_FLAG_INT_COPY;
3695 ctl_update_power_subpage(struct copan_power_subpage *page)
3697 int num_luns, num_partitions, config_type;
3698 struct ctl_softc *softc;
3699 cs_BOOL_t aor_present, shelf_50pct_power;
3700 cs_raidset_personality_t rs_type;
3701 int max_active_luns;
3703 softc = control_softc;
3705 /* subtract out the processor LUN */
3706 num_luns = softc->num_luns - 1;
3708 * Default to 7 LUNs active, which was the only number we allowed
3711 max_active_luns = 7;
3713 num_partitions = config_GetRsPartitionInfo();
3714 config_type = config_GetConfigType();
3715 shelf_50pct_power = config_GetShelfPowerMode();
3716 aor_present = config_IsAorRsPresent();
3718 rs_type = ddb_GetRsRaidType(1);
3719 if ((rs_type != CS_RAIDSET_PERSONALITY_RAID5)
3720 && (rs_type != CS_RAIDSET_PERSONALITY_RAID1)) {
3721 EPRINT(0, "Unsupported RS type %d!", rs_type);
3725 page->total_luns = num_luns;
3727 switch (config_type) {
3730 * In a 40 drive configuration, it doesn't matter what DC
3731 * cards we have, whether we have AOR enabled or not,
3732 * partitioning or not, or what type of RAIDset we have.
3733 * In that scenario, we can power up every LUN we present
3736 max_active_luns = num_luns;
3740 if (shelf_50pct_power == CS_FALSE) {
3742 if (aor_present == CS_TRUE) {
3744 CS_RAIDSET_PERSONALITY_RAID5) {
3745 max_active_luns = 7;
3746 } else if (rs_type ==
3747 CS_RAIDSET_PERSONALITY_RAID1){
3748 max_active_luns = 14;
3750 /* XXX KDM now what?? */
3754 CS_RAIDSET_PERSONALITY_RAID5) {
3755 max_active_luns = 8;
3756 } else if (rs_type ==
3757 CS_RAIDSET_PERSONALITY_RAID1){
3758 max_active_luns = 16;
3760 /* XXX KDM now what?? */
3766 * With 50% power in a 64 drive configuration, we
3767 * can power all LUNs we present.
3769 max_active_luns = num_luns;
3773 if (shelf_50pct_power == CS_FALSE) {
3775 if (aor_present == CS_TRUE) {
3777 CS_RAIDSET_PERSONALITY_RAID5) {
3778 max_active_luns = 7;
3779 } else if (rs_type ==
3780 CS_RAIDSET_PERSONALITY_RAID1){
3781 max_active_luns = 14;
3783 /* XXX KDM now what?? */
3787 CS_RAIDSET_PERSONALITY_RAID5) {
3788 max_active_luns = 8;
3789 } else if (rs_type ==
3790 CS_RAIDSET_PERSONALITY_RAID1){
3791 max_active_luns = 16;
3793 /* XXX KDM now what?? */
3798 if (aor_present == CS_TRUE) {
3800 CS_RAIDSET_PERSONALITY_RAID5) {
3801 max_active_luns = 14;
3802 } else if (rs_type ==
3803 CS_RAIDSET_PERSONALITY_RAID1){
3805 * We're assuming here that disk
3806 * caching is enabled, and so we're
3807 * able to power up half of each
3808 * LUN, and cache all writes.
3810 max_active_luns = num_luns;
3812 /* XXX KDM now what?? */
3816 CS_RAIDSET_PERSONALITY_RAID5) {
3817 max_active_luns = 15;
3818 } else if (rs_type ==
3819 CS_RAIDSET_PERSONALITY_RAID1){
3820 max_active_luns = 30;
3822 /* XXX KDM now what?? */
3829 * In this case, we have an unknown configuration, so we
3830 * just use the default from above.
3835 page->max_active_luns = max_active_luns;
3837 printk("%s: total_luns = %d, max_active_luns = %d\n", __func__,
3838 page->total_luns, page->max_active_luns);
3841 #endif /* NEEDTOPORT */
3844 * This routine could be used in the future to load default and/or saved
3845 * mode page parameters for a particuar lun.
3848 ctl_init_page_index(struct ctl_lun *lun)
3851 struct ctl_page_index *page_index;
3852 struct ctl_softc *softc;
3854 memcpy(&lun->mode_pages.index, page_index_template,
3855 sizeof(page_index_template));
3857 softc = lun->ctl_softc;
3859 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
3861 page_index = &lun->mode_pages.index[i];
3863 * If this is a disk-only mode page, there's no point in
3864 * setting it up. For some pages, we have to have some
3865 * basic information about the disk in order to calculate the
3868 if ((lun->be_lun->lun_type != T_DIRECT)
3869 && (page_index->page_flags & CTL_PAGE_FLAG_DISK_ONLY))
3872 switch (page_index->page_code & SMPH_PC_MASK) {
3873 case SMS_FORMAT_DEVICE_PAGE: {
3874 struct scsi_format_page *format_page;
3876 if (page_index->subpage != SMS_SUBPAGE_PAGE_0)
3877 panic("subpage is incorrect!");
3880 * Sectors per track are set above. Bytes per
3881 * sector need to be set here on a per-LUN basis.
3883 memcpy(&lun->mode_pages.format_page[CTL_PAGE_CURRENT],
3884 &format_page_default,
3885 sizeof(format_page_default));
3886 memcpy(&lun->mode_pages.format_page[
3887 CTL_PAGE_CHANGEABLE], &format_page_changeable,
3888 sizeof(format_page_changeable));
3889 memcpy(&lun->mode_pages.format_page[CTL_PAGE_DEFAULT],
3890 &format_page_default,
3891 sizeof(format_page_default));
3892 memcpy(&lun->mode_pages.format_page[CTL_PAGE_SAVED],
3893 &format_page_default,
3894 sizeof(format_page_default));
3896 format_page = &lun->mode_pages.format_page[
3898 scsi_ulto2b(lun->be_lun->blocksize,
3899 format_page->bytes_per_sector);
3901 format_page = &lun->mode_pages.format_page[
3903 scsi_ulto2b(lun->be_lun->blocksize,
3904 format_page->bytes_per_sector);
3906 format_page = &lun->mode_pages.format_page[
3908 scsi_ulto2b(lun->be_lun->blocksize,
3909 format_page->bytes_per_sector);
3911 page_index->page_data =
3912 (uint8_t *)lun->mode_pages.format_page;
3915 case SMS_RIGID_DISK_PAGE: {
3916 struct scsi_rigid_disk_page *rigid_disk_page;
3917 uint32_t sectors_per_cylinder;
3921 #endif /* !__XSCALE__ */
3923 if (page_index->subpage != SMS_SUBPAGE_PAGE_0)
3924 panic("invalid subpage value %d",
3925 page_index->subpage);
3928 * Rotation rate and sectors per track are set
3929 * above. We calculate the cylinders here based on
3930 * capacity. Due to the number of heads and
3931 * sectors per track we're using, smaller arrays
3932 * may turn out to have 0 cylinders. Linux and
3933 * FreeBSD don't pay attention to these mode pages
3934 * to figure out capacity, but Solaris does. It
3935 * seems to deal with 0 cylinders just fine, and
3936 * works out a fake geometry based on the capacity.
3938 memcpy(&lun->mode_pages.rigid_disk_page[
3939 CTL_PAGE_CURRENT], &rigid_disk_page_default,
3940 sizeof(rigid_disk_page_default));
3941 memcpy(&lun->mode_pages.rigid_disk_page[
3942 CTL_PAGE_CHANGEABLE],&rigid_disk_page_changeable,
3943 sizeof(rigid_disk_page_changeable));
3944 memcpy(&lun->mode_pages.rigid_disk_page[
3945 CTL_PAGE_DEFAULT], &rigid_disk_page_default,
3946 sizeof(rigid_disk_page_default));
3947 memcpy(&lun->mode_pages.rigid_disk_page[
3948 CTL_PAGE_SAVED], &rigid_disk_page_default,
3949 sizeof(rigid_disk_page_default));
3951 sectors_per_cylinder = CTL_DEFAULT_SECTORS_PER_TRACK *
3955 * The divide method here will be more accurate,
3956 * probably, but results in floating point being
3957 * used in the kernel on i386 (__udivdi3()). On the
3958 * XScale, though, __udivdi3() is implemented in
3961 * The shift method for cylinder calculation is
3962 * accurate if sectors_per_cylinder is a power of
3963 * 2. Otherwise it might be slightly off -- you
3964 * might have a bit of a truncation problem.
3967 cylinders = (lun->be_lun->maxlba + 1) /
3968 sectors_per_cylinder;
3970 for (shift = 31; shift > 0; shift--) {
3971 if (sectors_per_cylinder & (1 << shift))
3974 cylinders = (lun->be_lun->maxlba + 1) >> shift;
3978 * We've basically got 3 bytes, or 24 bits for the
3979 * cylinder size in the mode page. If we're over,
3980 * just round down to 2^24.
3982 if (cylinders > 0xffffff)
3983 cylinders = 0xffffff;
3985 rigid_disk_page = &lun->mode_pages.rigid_disk_page[
3987 scsi_ulto3b(cylinders, rigid_disk_page->cylinders);
3989 rigid_disk_page = &lun->mode_pages.rigid_disk_page[
3991 scsi_ulto3b(cylinders, rigid_disk_page->cylinders);
3993 rigid_disk_page = &lun->mode_pages.rigid_disk_page[
3995 scsi_ulto3b(cylinders, rigid_disk_page->cylinders);
3997 page_index->page_data =
3998 (uint8_t *)lun->mode_pages.rigid_disk_page;
4001 case SMS_CACHING_PAGE: {
4003 if (page_index->subpage != SMS_SUBPAGE_PAGE_0)
4004 panic("invalid subpage value %d",
4005 page_index->subpage);
4007 * Defaults should be okay here, no calculations
4010 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_CURRENT],
4011 &caching_page_default,
4012 sizeof(caching_page_default));
4013 memcpy(&lun->mode_pages.caching_page[
4014 CTL_PAGE_CHANGEABLE], &caching_page_changeable,
4015 sizeof(caching_page_changeable));
4016 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_DEFAULT],
4017 &caching_page_default,
4018 sizeof(caching_page_default));
4019 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_SAVED],
4020 &caching_page_default,
4021 sizeof(caching_page_default));
4022 page_index->page_data =
4023 (uint8_t *)lun->mode_pages.caching_page;
4026 case SMS_CONTROL_MODE_PAGE: {
4028 if (page_index->subpage != SMS_SUBPAGE_PAGE_0)
4029 panic("invalid subpage value %d",
4030 page_index->subpage);
4033 * Defaults should be okay here, no calculations
4036 memcpy(&lun->mode_pages.control_page[CTL_PAGE_CURRENT],
4037 &control_page_default,
4038 sizeof(control_page_default));
4039 memcpy(&lun->mode_pages.control_page[
4040 CTL_PAGE_CHANGEABLE], &control_page_changeable,
4041 sizeof(control_page_changeable));
4042 memcpy(&lun->mode_pages.control_page[CTL_PAGE_DEFAULT],
4043 &control_page_default,
4044 sizeof(control_page_default));
4045 memcpy(&lun->mode_pages.control_page[CTL_PAGE_SAVED],
4046 &control_page_default,
4047 sizeof(control_page_default));
4048 page_index->page_data =
4049 (uint8_t *)lun->mode_pages.control_page;
4053 case SMS_VENDOR_SPECIFIC_PAGE:{
4054 switch (page_index->subpage) {
4055 case PWR_SUBPAGE_CODE: {
4056 struct copan_power_subpage *current_page,
4059 memcpy(&lun->mode_pages.power_subpage[
4061 &power_page_default,
4062 sizeof(power_page_default));
4063 memcpy(&lun->mode_pages.power_subpage[
4064 CTL_PAGE_CHANGEABLE],
4065 &power_page_changeable,
4066 sizeof(power_page_changeable));
4067 memcpy(&lun->mode_pages.power_subpage[
4069 &power_page_default,
4070 sizeof(power_page_default));
4071 memcpy(&lun->mode_pages.power_subpage[
4073 &power_page_default,
4074 sizeof(power_page_default));
4075 page_index->page_data =
4076 (uint8_t *)lun->mode_pages.power_subpage;
4078 current_page = (struct copan_power_subpage *)
4079 (page_index->page_data +
4080 (page_index->page_len *
4082 saved_page = (struct copan_power_subpage *)
4083 (page_index->page_data +
4084 (page_index->page_len *
4088 case APS_SUBPAGE_CODE: {
4089 struct copan_aps_subpage *current_page,
4092 // This gets set multiple times but
4093 // it should always be the same. It's
4094 // only done during init so who cares.
4095 index_to_aps_page = i;
4097 memcpy(&lun->mode_pages.aps_subpage[
4100 sizeof(aps_page_default));
4101 memcpy(&lun->mode_pages.aps_subpage[
4102 CTL_PAGE_CHANGEABLE],
4103 &aps_page_changeable,
4104 sizeof(aps_page_changeable));
4105 memcpy(&lun->mode_pages.aps_subpage[
4108 sizeof(aps_page_default));
4109 memcpy(&lun->mode_pages.aps_subpage[
4112 sizeof(aps_page_default));
4113 page_index->page_data =
4114 (uint8_t *)lun->mode_pages.aps_subpage;
4116 current_page = (struct copan_aps_subpage *)
4117 (page_index->page_data +
4118 (page_index->page_len *
4120 saved_page = (struct copan_aps_subpage *)
4121 (page_index->page_data +
4122 (page_index->page_len *
4126 case DBGCNF_SUBPAGE_CODE: {
4127 struct copan_debugconf_subpage *current_page,
4130 memcpy(&lun->mode_pages.debugconf_subpage[
4132 &debugconf_page_default,
4133 sizeof(debugconf_page_default));
4134 memcpy(&lun->mode_pages.debugconf_subpage[
4135 CTL_PAGE_CHANGEABLE],
4136 &debugconf_page_changeable,
4137 sizeof(debugconf_page_changeable));
4138 memcpy(&lun->mode_pages.debugconf_subpage[
4140 &debugconf_page_default,
4141 sizeof(debugconf_page_default));
4142 memcpy(&lun->mode_pages.debugconf_subpage[
4144 &debugconf_page_default,
4145 sizeof(debugconf_page_default));
4146 page_index->page_data =
4147 (uint8_t *)lun->mode_pages.debugconf_subpage;
4149 current_page = (struct copan_debugconf_subpage *)
4150 (page_index->page_data +
4151 (page_index->page_len *
4153 saved_page = (struct copan_debugconf_subpage *)
4154 (page_index->page_data +
4155 (page_index->page_len *
4160 panic("invalid subpage value %d",
4161 page_index->subpage);
4167 panic("invalid page value %d",
4168 page_index->page_code & SMPH_PC_MASK);
4173 return (CTL_RETVAL_COMPLETE);
4180 * - caller allocates and zeros LUN storage, or passes in a NULL LUN if he
4181 * wants us to allocate the LUN and he can block.
4182 * - ctl_softc is always set
4183 * - be_lun is set if the LUN has a backend (needed for disk LUNs)
4185 * Returns 0 for success, non-zero (errno) for failure.
4188 ctl_alloc_lun(struct ctl_softc *ctl_softc, struct ctl_lun *ctl_lun,
4189 struct ctl_be_lun *const be_lun, struct ctl_id target_id)
4191 struct ctl_lun *nlun, *lun;
4192 struct ctl_frontend *fe;
4193 int lun_number, i, lun_malloced;
4199 * We currently only support Direct Access or Processor LUN types.
4201 switch (be_lun->lun_type) {
4209 be_lun->lun_config_status(be_lun->be_lun,
4210 CTL_LUN_CONFIG_FAILURE);
4213 if (ctl_lun == NULL) {
4214 lun = malloc(sizeof(*lun), M_CTL, M_WAITOK);
4221 memset(lun, 0, sizeof(*lun));
4223 lun->flags = CTL_LUN_MALLOCED;
4225 mtx_lock(&ctl_softc->ctl_lock);
4227 * See if the caller requested a particular LUN number. If so, see
4228 * if it is available. Otherwise, allocate the first available LUN.
4230 if (be_lun->flags & CTL_LUN_FLAG_ID_REQ) {
4231 if ((be_lun->req_lun_id > (CTL_MAX_LUNS - 1))
4232 || (ctl_is_set(ctl_softc->ctl_lun_mask, be_lun->req_lun_id))) {
4233 mtx_unlock(&ctl_softc->ctl_lock);
4234 if (be_lun->req_lun_id > (CTL_MAX_LUNS - 1)) {
4235 printf("ctl: requested LUN ID %d is higher "
4236 "than CTL_MAX_LUNS - 1 (%d)\n",
4237 be_lun->req_lun_id, CTL_MAX_LUNS - 1);
4240 * XXX KDM return an error, or just assign
4241 * another LUN ID in this case??
4243 printf("ctl: requested LUN ID %d is already "
4244 "in use\n", be_lun->req_lun_id);
4246 if (lun->flags & CTL_LUN_MALLOCED)
4248 be_lun->lun_config_status(be_lun->be_lun,
4249 CTL_LUN_CONFIG_FAILURE);
4252 lun_number = be_lun->req_lun_id;
4254 lun_number = ctl_ffz(ctl_softc->ctl_lun_mask, CTL_MAX_LUNS);
4255 if (lun_number == -1) {
4256 mtx_unlock(&ctl_softc->ctl_lock);
4257 printf("ctl: can't allocate LUN on target %ju, out of "
4258 "LUNs\n", (uintmax_t)target_id.id);
4259 if (lun->flags & CTL_LUN_MALLOCED)
4261 be_lun->lun_config_status(be_lun->be_lun,
4262 CTL_LUN_CONFIG_FAILURE);
4266 ctl_set_mask(ctl_softc->ctl_lun_mask, lun_number);
4268 lun->target = target_id;
4269 lun->lun = lun_number;
4270 lun->be_lun = be_lun;
4272 * The processor LUN is always enabled. Disk LUNs come on line
4273 * disabled, and must be enabled by the backend.
4275 lun->flags |= CTL_LUN_DISABLED;
4276 lun->backend = be_lun->be;
4277 be_lun->ctl_lun = lun;
4278 be_lun->lun_id = lun_number;
4279 atomic_add_int(&be_lun->be->num_luns, 1);
4280 if (be_lun->flags & CTL_LUN_FLAG_POWERED_OFF)
4281 lun->flags |= CTL_LUN_STOPPED;
4283 if (be_lun->flags & CTL_LUN_FLAG_INOPERABLE)
4284 lun->flags |= CTL_LUN_INOPERABLE;
4286 if (be_lun->flags & CTL_LUN_FLAG_PRIMARY)
4287 lun->flags |= CTL_LUN_PRIMARY_SC;
4289 lun->ctl_softc = ctl_softc;
4290 TAILQ_INIT(&lun->ooa_queue);
4291 TAILQ_INIT(&lun->blocked_queue);
4292 STAILQ_INIT(&lun->error_list);
4295 * Initialize the mode page index.
4297 ctl_init_page_index(lun);
4300 * Set the poweron UA for all initiators on this LUN only.
4302 for (i = 0; i < CTL_MAX_INITIATORS; i++)
4303 lun->pending_sense[i].ua_pending = CTL_UA_POWERON;
4306 * Now, before we insert this lun on the lun list, set the lun
4307 * inventory changed UA for all other luns.
4309 STAILQ_FOREACH(nlun, &ctl_softc->lun_list, links) {
4310 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
4311 nlun->pending_sense[i].ua_pending |= CTL_UA_LUN_CHANGE;
4315 STAILQ_INSERT_TAIL(&ctl_softc->lun_list, lun, links);
4317 ctl_softc->ctl_luns[lun_number] = lun;
4319 ctl_softc->num_luns++;
4321 /* Setup statistics gathering */
4322 lun->stats.device_type = be_lun->lun_type;
4323 lun->stats.lun_number = lun_number;
4324 if (lun->stats.device_type == T_DIRECT)
4325 lun->stats.blocksize = be_lun->blocksize;
4327 lun->stats.flags = CTL_LUN_STATS_NO_BLOCKSIZE;
4328 for (i = 0;i < CTL_MAX_PORTS;i++)
4329 lun->stats.ports[i].targ_port = i;
4331 mtx_unlock(&ctl_softc->ctl_lock);
4333 lun->be_lun->lun_config_status(lun->be_lun->be_lun, CTL_LUN_CONFIG_OK);
4336 * Run through each registered FETD and bring it online if it isn't
4337 * already. Enable the target ID if it hasn't been enabled, and
4338 * enable this particular LUN.
4340 STAILQ_FOREACH(fe, &ctl_softc->fe_list, links) {
4344 * XXX KDM this only works for ONE TARGET ID. We'll need
4345 * to do things differently if we go to a multiple target
4348 if ((fe->status & CTL_PORT_STATUS_TARG_ONLINE) == 0) {
4350 retval = fe->targ_enable(fe->targ_lun_arg, target_id);
4352 printf("ctl_alloc_lun: FETD %s port %d "
4353 "returned error %d for targ_enable on "
4354 "target %ju\n", fe->port_name,
4355 fe->targ_port, retval,
4356 (uintmax_t)target_id.id);
4358 fe->status |= CTL_PORT_STATUS_TARG_ONLINE;
4361 retval = fe->lun_enable(fe->targ_lun_arg, target_id,lun_number);
4363 printf("ctl_alloc_lun: FETD %s port %d returned error "
4364 "%d for lun_enable on target %ju lun %d\n",
4365 fe->port_name, fe->targ_port, retval,
4366 (uintmax_t)target_id.id, lun_number);
4368 fe->status |= CTL_PORT_STATUS_LUN_ONLINE;
4376 * - LUN has already been marked invalid and any pending I/O has been taken
4380 ctl_free_lun(struct ctl_lun *lun)
4382 struct ctl_softc *softc;
4384 struct ctl_frontend *fe;
4386 struct ctl_lun *nlun;
4387 union ctl_io *io, *next_io;
4390 softc = lun->ctl_softc;
4392 mtx_assert(&softc->ctl_lock, MA_OWNED);
4394 STAILQ_REMOVE(&softc->lun_list, lun, ctl_lun, links);
4396 ctl_clear_mask(softc->ctl_lun_mask, lun->lun);
4398 softc->ctl_luns[lun->lun] = NULL;
4400 if (TAILQ_FIRST(&lun->ooa_queue) != NULL) {
4401 printf("ctl_free_lun: aieee!! freeing a LUN with "
4402 "outstanding I/O!!\n");
4406 * If we have anything pending on the RtR queue, remove it.
4408 for (io = (union ctl_io *)STAILQ_FIRST(&softc->rtr_queue); io != NULL;
4410 next_io = (union ctl_io *)STAILQ_NEXT(&io->io_hdr, links);
4411 if ((io->io_hdr.nexus.targ_target.id == lun->target.id)
4412 && (io->io_hdr.nexus.targ_lun == lun->lun))
4413 STAILQ_REMOVE(&softc->rtr_queue, &io->io_hdr,
4418 * Then remove everything from the blocked queue.
4420 for (io = (union ctl_io *)TAILQ_FIRST(&lun->blocked_queue); io != NULL;
4422 next_io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr,blocked_links);
4423 TAILQ_REMOVE(&lun->blocked_queue, &io->io_hdr, blocked_links);
4424 io->io_hdr.flags &= ~CTL_FLAG_BLOCKED;
4428 * Now clear out the OOA queue, and free all the I/O.
4429 * XXX KDM should we notify the FETD here? We probably need to
4430 * quiesce the LUN before deleting it.
4432 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); io != NULL;
4434 next_io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr, ooa_links);
4435 TAILQ_REMOVE(&lun->ooa_queue, &io->io_hdr, ooa_links);
4442 * XXX KDM this scheme only works for a single target/multiple LUN
4443 * setup. It needs to be revamped for a multiple target scheme.
4445 * XXX KDM this results in fe->lun_disable() getting called twice,
4446 * once when ctl_disable_lun() is called, and a second time here.
4447 * We really need to re-think the LUN disable semantics. There
4448 * should probably be several steps/levels to LUN removal:
4453 * Right now we only have a disable method when communicating to
4454 * the front end ports, at least for individual LUNs.
4457 STAILQ_FOREACH(fe, &softc->fe_list, links) {
4460 retval = fe->lun_disable(fe->targ_lun_arg, lun->target,
4463 printf("ctl_free_lun: FETD %s port %d returned error "
4464 "%d for lun_disable on target %ju lun %jd\n",
4465 fe->port_name, fe->targ_port, retval,
4466 (uintmax_t)lun->target.id, (intmax_t)lun->lun);
4469 if (STAILQ_FIRST(&softc->lun_list) == NULL) {
4470 fe->status &= ~CTL_PORT_STATUS_LUN_ONLINE;
4472 retval = fe->targ_disable(fe->targ_lun_arg,lun->target);
4474 printf("ctl_free_lun: FETD %s port %d "
4475 "returned error %d for targ_disable on "
4476 "target %ju\n", fe->port_name,
4477 fe->targ_port, retval,
4478 (uintmax_t)lun->target.id);
4480 fe->status &= ~CTL_PORT_STATUS_TARG_ONLINE;
4482 if ((fe->status & CTL_PORT_STATUS_TARG_ONLINE) != 0)
4486 fe->port_offline(fe->onoff_arg);
4487 fe->status &= ~CTL_PORT_STATUS_ONLINE;
4494 * Tell the backend to free resources, if this LUN has a backend.
4496 atomic_subtract_int(&lun->be_lun->be->num_luns, 1);
4497 lun->be_lun->lun_shutdown(lun->be_lun->be_lun);
4499 if (lun->flags & CTL_LUN_MALLOCED)
4502 STAILQ_FOREACH(nlun, &softc->lun_list, links) {
4503 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
4504 nlun->pending_sense[i].ua_pending |= CTL_UA_LUN_CHANGE;
4512 ctl_create_lun(struct ctl_be_lun *be_lun)
4514 struct ctl_softc *ctl_softc;
4516 ctl_softc = control_softc;
4519 * ctl_alloc_lun() should handle all potential failure cases.
4521 ctl_alloc_lun(ctl_softc, NULL, be_lun, ctl_softc->target);
4525 ctl_add_lun(struct ctl_be_lun *be_lun)
4527 struct ctl_softc *ctl_softc;
4529 ctl_softc = control_softc;
4531 mtx_lock(&ctl_softc->ctl_lock);
4532 STAILQ_INSERT_TAIL(&ctl_softc->pending_lun_queue, be_lun, links);
4533 mtx_unlock(&ctl_softc->ctl_lock);
4535 ctl_wakeup_thread();
4541 ctl_enable_lun(struct ctl_be_lun *be_lun)
4543 struct ctl_softc *ctl_softc;
4544 struct ctl_frontend *fe, *nfe;
4545 struct ctl_lun *lun;
4548 ctl_softc = control_softc;
4550 lun = (struct ctl_lun *)be_lun->ctl_lun;
4552 mtx_lock(&ctl_softc->ctl_lock);
4553 if ((lun->flags & CTL_LUN_DISABLED) == 0) {
4555 * eh? Why did we get called if the LUN is already
4558 mtx_unlock(&ctl_softc->ctl_lock);
4561 lun->flags &= ~CTL_LUN_DISABLED;
4563 for (fe = STAILQ_FIRST(&ctl_softc->fe_list); fe != NULL; fe = nfe) {
4564 nfe = STAILQ_NEXT(fe, links);
4567 * Drop the lock while we call the FETD's enable routine.
4568 * This can lead to a callback into CTL (at least in the
4569 * case of the internal initiator frontend.
4571 mtx_unlock(&ctl_softc->ctl_lock);
4572 retval = fe->lun_enable(fe->targ_lun_arg, lun->target,lun->lun);
4573 mtx_lock(&ctl_softc->ctl_lock);
4575 printf("%s: FETD %s port %d returned error "
4576 "%d for lun_enable on target %ju lun %jd\n",
4577 __func__, fe->port_name, fe->targ_port, retval,
4578 (uintmax_t)lun->target.id, (intmax_t)lun->lun);
4582 /* NOTE: TODO: why does lun enable affect port status? */
4583 fe->status |= CTL_PORT_STATUS_LUN_ONLINE;
4588 mtx_unlock(&ctl_softc->ctl_lock);
4594 ctl_disable_lun(struct ctl_be_lun *be_lun)
4596 struct ctl_softc *ctl_softc;
4597 struct ctl_frontend *fe;
4598 struct ctl_lun *lun;
4601 ctl_softc = control_softc;
4603 lun = (struct ctl_lun *)be_lun->ctl_lun;
4605 mtx_lock(&ctl_softc->ctl_lock);
4607 if (lun->flags & CTL_LUN_DISABLED) {
4608 mtx_unlock(&ctl_softc->ctl_lock);
4611 lun->flags |= CTL_LUN_DISABLED;
4613 STAILQ_FOREACH(fe, &ctl_softc->fe_list, links) {
4614 mtx_unlock(&ctl_softc->ctl_lock);
4616 * Drop the lock before we call the frontend's disable
4617 * routine, to avoid lock order reversals.
4619 * XXX KDM what happens if the frontend list changes while
4620 * we're traversing it? It's unlikely, but should be handled.
4622 retval = fe->lun_disable(fe->targ_lun_arg, lun->target,
4624 mtx_lock(&ctl_softc->ctl_lock);
4626 printf("ctl_alloc_lun: FETD %s port %d returned error "
4627 "%d for lun_disable on target %ju lun %jd\n",
4628 fe->port_name, fe->targ_port, retval,
4629 (uintmax_t)lun->target.id, (intmax_t)lun->lun);
4633 mtx_unlock(&ctl_softc->ctl_lock);
4639 ctl_start_lun(struct ctl_be_lun *be_lun)
4641 struct ctl_softc *ctl_softc;
4642 struct ctl_lun *lun;
4644 ctl_softc = control_softc;
4646 lun = (struct ctl_lun *)be_lun->ctl_lun;
4648 mtx_lock(&ctl_softc->ctl_lock);
4649 lun->flags &= ~CTL_LUN_STOPPED;
4650 mtx_unlock(&ctl_softc->ctl_lock);
4656 ctl_stop_lun(struct ctl_be_lun *be_lun)
4658 struct ctl_softc *ctl_softc;
4659 struct ctl_lun *lun;
4661 ctl_softc = control_softc;
4663 lun = (struct ctl_lun *)be_lun->ctl_lun;
4665 mtx_lock(&ctl_softc->ctl_lock);
4666 lun->flags |= CTL_LUN_STOPPED;
4667 mtx_unlock(&ctl_softc->ctl_lock);
4673 ctl_lun_offline(struct ctl_be_lun *be_lun)
4675 struct ctl_softc *ctl_softc;
4676 struct ctl_lun *lun;
4678 ctl_softc = control_softc;
4680 lun = (struct ctl_lun *)be_lun->ctl_lun;
4682 mtx_lock(&ctl_softc->ctl_lock);
4683 lun->flags |= CTL_LUN_OFFLINE;
4684 mtx_unlock(&ctl_softc->ctl_lock);
4690 ctl_lun_online(struct ctl_be_lun *be_lun)
4692 struct ctl_softc *ctl_softc;
4693 struct ctl_lun *lun;
4695 ctl_softc = control_softc;
4697 lun = (struct ctl_lun *)be_lun->ctl_lun;
4699 mtx_lock(&ctl_softc->ctl_lock);
4700 lun->flags &= ~CTL_LUN_OFFLINE;
4701 mtx_unlock(&ctl_softc->ctl_lock);
4707 ctl_invalidate_lun(struct ctl_be_lun *be_lun)
4709 struct ctl_softc *ctl_softc;
4710 struct ctl_lun *lun;
4712 ctl_softc = control_softc;
4714 lun = (struct ctl_lun *)be_lun->ctl_lun;
4716 mtx_lock(&ctl_softc->ctl_lock);
4719 * The LUN needs to be disabled before it can be marked invalid.
4721 if ((lun->flags & CTL_LUN_DISABLED) == 0) {
4722 mtx_unlock(&ctl_softc->ctl_lock);
4726 * Mark the LUN invalid.
4728 lun->flags |= CTL_LUN_INVALID;
4731 * If there is nothing in the OOA queue, go ahead and free the LUN.
4732 * If we have something in the OOA queue, we'll free it when the
4733 * last I/O completes.
4735 if (TAILQ_FIRST(&lun->ooa_queue) == NULL)
4737 mtx_unlock(&ctl_softc->ctl_lock);
4743 ctl_lun_inoperable(struct ctl_be_lun *be_lun)
4745 struct ctl_softc *ctl_softc;
4746 struct ctl_lun *lun;
4748 ctl_softc = control_softc;
4749 lun = (struct ctl_lun *)be_lun->ctl_lun;
4751 mtx_lock(&ctl_softc->ctl_lock);
4752 lun->flags |= CTL_LUN_INOPERABLE;
4753 mtx_unlock(&ctl_softc->ctl_lock);
4759 ctl_lun_operable(struct ctl_be_lun *be_lun)
4761 struct ctl_softc *ctl_softc;
4762 struct ctl_lun *lun;
4764 ctl_softc = control_softc;
4765 lun = (struct ctl_lun *)be_lun->ctl_lun;
4767 mtx_lock(&ctl_softc->ctl_lock);
4768 lun->flags &= ~CTL_LUN_INOPERABLE;
4769 mtx_unlock(&ctl_softc->ctl_lock);
4775 ctl_lun_power_lock(struct ctl_be_lun *be_lun, struct ctl_nexus *nexus,
4778 struct ctl_softc *softc;
4779 struct ctl_lun *lun;
4780 struct copan_aps_subpage *current_sp;
4781 struct ctl_page_index *page_index;
4784 softc = control_softc;
4786 mtx_lock(&softc->ctl_lock);
4788 lun = (struct ctl_lun *)be_lun->ctl_lun;
4791 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
4792 if ((lun->mode_pages.index[i].page_code & SMPH_PC_MASK) !=
4796 if (lun->mode_pages.index[i].subpage != APS_SUBPAGE_CODE)
4798 page_index = &lun->mode_pages.index[i];
4801 if (page_index == NULL) {
4802 mtx_unlock(&softc->ctl_lock);
4803 printf("%s: APS subpage not found for lun %ju!\n", __func__,
4804 (uintmax_t)lun->lun);
4808 if ((softc->aps_locked_lun != 0)
4809 && (softc->aps_locked_lun != lun->lun)) {
4810 printf("%s: attempt to lock LUN %llu when %llu is already "
4812 mtx_unlock(&softc->ctl_lock);
4817 current_sp = (struct copan_aps_subpage *)(page_index->page_data +
4818 (page_index->page_len * CTL_PAGE_CURRENT));
4821 current_sp->lock_active = APS_LOCK_ACTIVE;
4822 softc->aps_locked_lun = lun->lun;
4824 current_sp->lock_active = 0;
4825 softc->aps_locked_lun = 0;
4830 * If we're in HA mode, try to send the lock message to the other
4833 if (ctl_is_single == 0) {
4835 union ctl_ha_msg lock_msg;
4837 lock_msg.hdr.nexus = *nexus;
4838 lock_msg.hdr.msg_type = CTL_MSG_APS_LOCK;
4840 lock_msg.aps.lock_flag = 1;
4842 lock_msg.aps.lock_flag = 0;
4843 isc_retval = ctl_ha_msg_send(CTL_HA_CHAN_CTL, &lock_msg,
4844 sizeof(lock_msg), 0);
4845 if (isc_retval > CTL_HA_STATUS_SUCCESS) {
4846 printf("%s: APS (lock=%d) error returned from "
4847 "ctl_ha_msg_send: %d\n", __func__, lock, isc_retval);
4848 mtx_unlock(&softc->ctl_lock);
4853 mtx_unlock(&softc->ctl_lock);
4859 ctl_lun_capacity_changed(struct ctl_be_lun *be_lun)
4861 struct ctl_lun *lun;
4862 struct ctl_softc *softc;
4865 softc = control_softc;
4867 mtx_lock(&softc->ctl_lock);
4869 lun = (struct ctl_lun *)be_lun->ctl_lun;
4871 for (i = 0; i < CTL_MAX_INITIATORS; i++)
4872 lun->pending_sense[i].ua_pending |= CTL_UA_CAPACITY_CHANGED;
4874 mtx_unlock(&softc->ctl_lock);
4878 * Backend "memory move is complete" callback for requests that never
4879 * make it down to say RAIDCore's configuration code.
4882 ctl_config_move_done(union ctl_io *io)
4886 retval = CTL_RETVAL_COMPLETE;
4889 CTL_DEBUG_PRINT(("ctl_config_move_done\n"));
4891 * XXX KDM this shouldn't happen, but what if it does?
4893 if (io->io_hdr.io_type != CTL_IO_SCSI)
4894 panic("I/O type isn't CTL_IO_SCSI!");
4896 if ((io->io_hdr.port_status == 0)
4897 && ((io->io_hdr.flags & CTL_FLAG_ABORT) == 0)
4898 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE))
4899 io->io_hdr.status = CTL_SUCCESS;
4900 else if ((io->io_hdr.port_status != 0)
4901 && ((io->io_hdr.flags & CTL_FLAG_ABORT) == 0)
4902 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE)){
4904 * For hardware error sense keys, the sense key
4905 * specific value is defined to be a retry count,
4906 * but we use it to pass back an internal FETD
4907 * error code. XXX KDM Hopefully the FETD is only
4908 * using 16 bits for an error code, since that's
4909 * all the space we have in the sks field.
4911 ctl_set_internal_failure(&io->scsiio,
4914 io->io_hdr.port_status);
4915 free(io->scsiio.kern_data_ptr, M_CTL);
4920 if (((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_IN)
4921 || ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SUCCESS)
4922 || ((io->io_hdr.flags & CTL_FLAG_ABORT) != 0)) {
4924 * XXX KDM just assuming a single pointer here, and not a
4925 * S/G list. If we start using S/G lists for config data,
4926 * we'll need to know how to clean them up here as well.
4928 free(io->scsiio.kern_data_ptr, M_CTL);
4929 /* Hopefully the user has already set the status... */
4933 * XXX KDM now we need to continue data movement. Some
4935 * - call ctl_scsiio() again? We don't do this for data
4936 * writes, because for those at least we know ahead of
4937 * time where the write will go and how long it is. For
4938 * config writes, though, that information is largely
4939 * contained within the write itself, thus we need to
4940 * parse out the data again.
4942 * - Call some other function once the data is in?
4946 * XXX KDM call ctl_scsiio() again for now, and check flag
4947 * bits to see whether we're allocated or not.
4949 retval = ctl_scsiio(&io->scsiio);
4956 * This gets called by a backend driver when it is done with a
4957 * configuration write.
4960 ctl_config_write_done(union ctl_io *io)
4963 * If the IO_CONT flag is set, we need to call the supplied
4964 * function to continue processing the I/O, instead of completing
4967 * If there is an error, though, we don't want to keep processing.
4968 * Instead, just send status back to the initiator.
4970 if ((io->io_hdr.flags & CTL_FLAG_IO_CONT)
4971 && (((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE)
4972 || ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS))) {
4973 io->scsiio.io_cont(io);
4977 * Since a configuration write can be done for commands that actually
4978 * have data allocated, like write buffer, and commands that have
4979 * no data, like start/stop unit, we need to check here.
4981 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_OUT)
4982 free(io->scsiio.kern_data_ptr, M_CTL);
4987 * SCSI release command.
4990 ctl_scsi_release(struct ctl_scsiio *ctsio)
4992 int length, longid, thirdparty_id, resv_id;
4993 struct ctl_softc *ctl_softc;
4994 struct ctl_lun *lun;
4999 CTL_DEBUG_PRINT(("ctl_scsi_release\n"));
5001 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5002 ctl_softc = control_softc;
5004 switch (ctsio->cdb[0]) {
5006 struct scsi_release *cdb;
5008 cdb = (struct scsi_release *)ctsio->cdb;
5009 if ((cdb->byte2 & 0x1f) != 0) {
5010 ctl_set_invalid_field(ctsio,
5016 ctl_done((union ctl_io *)ctsio);
5017 return (CTL_RETVAL_COMPLETE);
5022 struct scsi_release_10 *cdb;
5024 cdb = (struct scsi_release_10 *)ctsio->cdb;
5026 if ((cdb->byte2 & SR10_EXTENT) != 0) {
5027 ctl_set_invalid_field(ctsio,
5033 ctl_done((union ctl_io *)ctsio);
5034 return (CTL_RETVAL_COMPLETE);
5038 if ((cdb->byte2 & SR10_3RDPTY) != 0) {
5039 ctl_set_invalid_field(ctsio,
5045 ctl_done((union ctl_io *)ctsio);
5046 return (CTL_RETVAL_COMPLETE);
5049 if (cdb->byte2 & SR10_LONGID)
5052 thirdparty_id = cdb->thirdparty_id;
5054 resv_id = cdb->resv_id;
5055 length = scsi_2btoul(cdb->length);
5062 * XXX KDM right now, we only support LUN reservation. We don't
5063 * support 3rd party reservations, or extent reservations, which
5064 * might actually need the parameter list. If we've gotten this
5065 * far, we've got a LUN reservation. Anything else got kicked out
5066 * above. So, according to SPC, ignore the length.
5070 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0)
5072 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK);
5073 ctsio->kern_data_len = length;
5074 ctsio->kern_total_len = length;
5075 ctsio->kern_data_resid = 0;
5076 ctsio->kern_rel_offset = 0;
5077 ctsio->kern_sg_entries = 0;
5078 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
5079 ctsio->be_move_done = ctl_config_move_done;
5080 ctl_datamove((union ctl_io *)ctsio);
5082 return (CTL_RETVAL_COMPLETE);
5086 thirdparty_id = scsi_8btou64(ctsio->kern_data_ptr);
5088 mtx_lock(&ctl_softc->ctl_lock);
5091 * According to SPC, it is not an error for an intiator to attempt
5092 * to release a reservation on a LUN that isn't reserved, or that
5093 * is reserved by another initiator. The reservation can only be
5094 * released, though, by the initiator who made it or by one of
5095 * several reset type events.
5097 if (lun->flags & CTL_LUN_RESERVED) {
5098 if ((ctsio->io_hdr.nexus.initid.id == lun->rsv_nexus.initid.id)
5099 && (ctsio->io_hdr.nexus.targ_port == lun->rsv_nexus.targ_port)
5100 && (ctsio->io_hdr.nexus.targ_target.id ==
5101 lun->rsv_nexus.targ_target.id)) {
5102 lun->flags &= ~CTL_LUN_RESERVED;
5106 ctsio->scsi_status = SCSI_STATUS_OK;
5107 ctsio->io_hdr.status = CTL_SUCCESS;
5109 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) {
5110 free(ctsio->kern_data_ptr, M_CTL);
5111 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED;
5114 mtx_unlock(&ctl_softc->ctl_lock);
5116 ctl_done((union ctl_io *)ctsio);
5117 return (CTL_RETVAL_COMPLETE);
5121 ctl_scsi_reserve(struct ctl_scsiio *ctsio)
5123 int extent, thirdparty, longid;
5124 int resv_id, length;
5125 uint64_t thirdparty_id;
5126 struct ctl_softc *ctl_softc;
5127 struct ctl_lun *lun;
5136 CTL_DEBUG_PRINT(("ctl_reserve\n"));
5138 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5139 ctl_softc = control_softc;
5141 switch (ctsio->cdb[0]) {
5143 struct scsi_reserve *cdb;
5145 cdb = (struct scsi_reserve *)ctsio->cdb;
5146 if ((cdb->byte2 & 0x1f) != 0) {
5147 ctl_set_invalid_field(ctsio,
5153 ctl_done((union ctl_io *)ctsio);
5154 return (CTL_RETVAL_COMPLETE);
5156 resv_id = cdb->resv_id;
5157 length = scsi_2btoul(cdb->length);
5161 struct scsi_reserve_10 *cdb;
5163 cdb = (struct scsi_reserve_10 *)ctsio->cdb;
5165 if ((cdb->byte2 & SR10_EXTENT) != 0) {
5166 ctl_set_invalid_field(ctsio,
5172 ctl_done((union ctl_io *)ctsio);
5173 return (CTL_RETVAL_COMPLETE);
5175 if ((cdb->byte2 & SR10_3RDPTY) != 0) {
5176 ctl_set_invalid_field(ctsio,
5182 ctl_done((union ctl_io *)ctsio);
5183 return (CTL_RETVAL_COMPLETE);
5185 if (cdb->byte2 & SR10_LONGID)
5188 thirdparty_id = cdb->thirdparty_id;
5190 resv_id = cdb->resv_id;
5191 length = scsi_2btoul(cdb->length);
5197 * XXX KDM right now, we only support LUN reservation. We don't
5198 * support 3rd party reservations, or extent reservations, which
5199 * might actually need the parameter list. If we've gotten this
5200 * far, we've got a LUN reservation. Anything else got kicked out
5201 * above. So, according to SPC, ignore the length.
5205 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0)
5207 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK);
5208 ctsio->kern_data_len = length;
5209 ctsio->kern_total_len = length;
5210 ctsio->kern_data_resid = 0;
5211 ctsio->kern_rel_offset = 0;
5212 ctsio->kern_sg_entries = 0;
5213 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
5214 ctsio->be_move_done = ctl_config_move_done;
5215 ctl_datamove((union ctl_io *)ctsio);
5217 return (CTL_RETVAL_COMPLETE);
5221 thirdparty_id = scsi_8btou64(ctsio->kern_data_ptr);
5223 mtx_lock(&ctl_softc->ctl_lock);
5224 if (lun->flags & CTL_LUN_RESERVED) {
5225 if ((ctsio->io_hdr.nexus.initid.id != lun->rsv_nexus.initid.id)
5226 || (ctsio->io_hdr.nexus.targ_port != lun->rsv_nexus.targ_port)
5227 || (ctsio->io_hdr.nexus.targ_target.id !=
5228 lun->rsv_nexus.targ_target.id)) {
5229 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT;
5230 ctsio->io_hdr.status = CTL_SCSI_ERROR;
5235 lun->flags |= CTL_LUN_RESERVED;
5236 lun->rsv_nexus = ctsio->io_hdr.nexus;
5238 ctsio->scsi_status = SCSI_STATUS_OK;
5239 ctsio->io_hdr.status = CTL_SUCCESS;
5242 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) {
5243 free(ctsio->kern_data_ptr, M_CTL);
5244 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED;
5247 mtx_unlock(&ctl_softc->ctl_lock);
5249 ctl_done((union ctl_io *)ctsio);
5250 return (CTL_RETVAL_COMPLETE);
5254 ctl_start_stop(struct ctl_scsiio *ctsio)
5256 struct scsi_start_stop_unit *cdb;
5257 struct ctl_lun *lun;
5258 struct ctl_softc *ctl_softc;
5261 CTL_DEBUG_PRINT(("ctl_start_stop\n"));
5263 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5264 ctl_softc = control_softc;
5267 cdb = (struct scsi_start_stop_unit *)ctsio->cdb;
5271 * We don't support the immediate bit on a stop unit. In order to
5272 * do that, we would need to code up a way to know that a stop is
5273 * pending, and hold off any new commands until it completes, one
5274 * way or another. Then we could accept or reject those commands
5275 * depending on its status. We would almost need to do the reverse
5276 * of what we do below for an immediate start -- return the copy of
5277 * the ctl_io to the FETD with status to send to the host (and to
5278 * free the copy!) and then free the original I/O once the stop
5279 * actually completes. That way, the OOA queue mechanism can work
5280 * to block commands that shouldn't proceed. Another alternative
5281 * would be to put the copy in the queue in place of the original,
5282 * and return the original back to the caller. That could be
5285 if ((cdb->byte2 & SSS_IMMED)
5286 && ((cdb->how & SSS_START) == 0)) {
5287 ctl_set_invalid_field(ctsio,
5293 ctl_done((union ctl_io *)ctsio);
5294 return (CTL_RETVAL_COMPLETE);
5298 * We don't support the power conditions field. We need to check
5299 * this prior to checking the load/eject and start/stop bits.
5301 if ((cdb->how & SSS_PC_MASK) != SSS_PC_START_VALID) {
5302 ctl_set_invalid_field(ctsio,
5308 ctl_done((union ctl_io *)ctsio);
5309 return (CTL_RETVAL_COMPLETE);
5313 * Media isn't removable, so we can't load or eject it.
5315 if ((cdb->how & SSS_LOEJ) != 0) {
5316 ctl_set_invalid_field(ctsio,
5322 ctl_done((union ctl_io *)ctsio);
5323 return (CTL_RETVAL_COMPLETE);
5326 if ((lun->flags & CTL_LUN_PR_RESERVED)
5327 && ((cdb->how & SSS_START)==0)) {
5330 residx = ctl_get_resindex(&ctsio->io_hdr.nexus);
5331 if (!lun->per_res[residx].registered
5332 || (lun->pr_res_idx!=residx && lun->res_type < 4)) {
5334 ctl_set_reservation_conflict(ctsio);
5335 ctl_done((union ctl_io *)ctsio);
5336 return (CTL_RETVAL_COMPLETE);
5341 * If there is no backend on this device, we can't start or stop
5342 * it. In theory we shouldn't get any start/stop commands in the
5343 * first place at this level if the LUN doesn't have a backend.
5344 * That should get stopped by the command decode code.
5346 if (lun->backend == NULL) {
5347 ctl_set_invalid_opcode(ctsio);
5348 ctl_done((union ctl_io *)ctsio);
5349 return (CTL_RETVAL_COMPLETE);
5353 * XXX KDM Copan-specific offline behavior.
5354 * Figure out a reasonable way to port this?
5357 mtx_lock(&ctl_softc->ctl_lock);
5359 if (((cdb->byte2 & SSS_ONOFFLINE) == 0)
5360 && (lun->flags & CTL_LUN_OFFLINE)) {
5362 * If the LUN is offline, and the on/offline bit isn't set,
5363 * reject the start or stop. Otherwise, let it through.
5365 mtx_unlock(&ctl_softc->ctl_lock);
5366 ctl_set_lun_not_ready(ctsio);
5367 ctl_done((union ctl_io *)ctsio);
5369 mtx_unlock(&ctl_softc->ctl_lock);
5370 #endif /* NEEDTOPORT */
5372 * This could be a start or a stop when we're online,
5373 * or a stop/offline or start/online. A start or stop when
5374 * we're offline is covered in the case above.
5377 * In the non-immediate case, we send the request to
5378 * the backend and return status to the user when
5381 * In the immediate case, we allocate a new ctl_io
5382 * to hold a copy of the request, and send that to
5383 * the backend. We then set good status on the
5384 * user's request and return it immediately.
5386 if (cdb->byte2 & SSS_IMMED) {
5387 union ctl_io *new_io;
5389 new_io = ctl_alloc_io(ctsio->io_hdr.pool);
5390 if (new_io == NULL) {
5391 ctl_set_busy(ctsio);
5392 ctl_done((union ctl_io *)ctsio);
5394 ctl_copy_io((union ctl_io *)ctsio,
5396 retval = lun->backend->config_write(new_io);
5397 ctl_set_success(ctsio);
5398 ctl_done((union ctl_io *)ctsio);
5401 retval = lun->backend->config_write(
5402 (union ctl_io *)ctsio);
5411 * We support the SYNCHRONIZE CACHE command (10 and 16 byte versions), but
5412 * we don't really do anything with the LBA and length fields if the user
5413 * passes them in. Instead we'll just flush out the cache for the entire
5417 ctl_sync_cache(struct ctl_scsiio *ctsio)
5419 struct ctl_lun *lun;
5420 struct ctl_softc *ctl_softc;
5421 uint64_t starting_lba;
5422 uint32_t block_count;
5426 CTL_DEBUG_PRINT(("ctl_sync_cache\n"));
5428 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5429 ctl_softc = control_softc;
5434 switch (ctsio->cdb[0]) {
5435 case SYNCHRONIZE_CACHE: {
5436 struct scsi_sync_cache *cdb;
5437 cdb = (struct scsi_sync_cache *)ctsio->cdb;
5439 if (cdb->byte2 & SSC_RELADR)
5442 if (cdb->byte2 & SSC_IMMED)
5445 starting_lba = scsi_4btoul(cdb->begin_lba);
5446 block_count = scsi_2btoul(cdb->lb_count);
5449 case SYNCHRONIZE_CACHE_16: {
5450 struct scsi_sync_cache_16 *cdb;
5451 cdb = (struct scsi_sync_cache_16 *)ctsio->cdb;
5453 if (cdb->byte2 & SSC_RELADR)
5456 if (cdb->byte2 & SSC_IMMED)
5459 starting_lba = scsi_8btou64(cdb->begin_lba);
5460 block_count = scsi_4btoul(cdb->lb_count);
5464 ctl_set_invalid_opcode(ctsio);
5465 ctl_done((union ctl_io *)ctsio);
5467 break; /* NOTREACHED */
5472 * We don't support the immediate bit. Since it's in the
5473 * same place for the 10 and 16 byte SYNCHRONIZE CACHE
5474 * commands, we can just return the same error in either
5477 ctl_set_invalid_field(ctsio,
5483 ctl_done((union ctl_io *)ctsio);
5489 * We don't support the reladr bit either. It can only be
5490 * used with linked commands, and we don't support linked
5491 * commands. Since the bit is in the same place for the
5492 * 10 and 16 byte SYNCHRONIZE CACHE * commands, we can
5493 * just return the same error in either case.
5495 ctl_set_invalid_field(ctsio,
5501 ctl_done((union ctl_io *)ctsio);
5506 * We check the LBA and length, but don't do anything with them.
5507 * A SYNCHRONIZE CACHE will cause the entire cache for this lun to
5508 * get flushed. This check will just help satisfy anyone who wants
5509 * to see an error for an out of range LBA.
5511 if ((starting_lba + block_count) > (lun->be_lun->maxlba + 1)) {
5512 ctl_set_lba_out_of_range(ctsio);
5513 ctl_done((union ctl_io *)ctsio);
5518 * If this LUN has no backend, we can't flush the cache anyway.
5520 if (lun->backend == NULL) {
5521 ctl_set_invalid_opcode(ctsio);
5522 ctl_done((union ctl_io *)ctsio);
5527 * Check to see whether we're configured to send the SYNCHRONIZE
5528 * CACHE command directly to the back end.
5530 mtx_lock(&ctl_softc->ctl_lock);
5531 if ((ctl_softc->flags & CTL_FLAG_REAL_SYNC)
5532 && (++(lun->sync_count) >= lun->sync_interval)) {
5533 lun->sync_count = 0;
5534 mtx_unlock(&ctl_softc->ctl_lock);
5535 retval = lun->backend->config_write((union ctl_io *)ctsio);
5537 mtx_unlock(&ctl_softc->ctl_lock);
5538 ctl_set_success(ctsio);
5539 ctl_done((union ctl_io *)ctsio);
5548 ctl_format(struct ctl_scsiio *ctsio)
5550 struct scsi_format *cdb;
5551 struct ctl_lun *lun;
5552 struct ctl_softc *ctl_softc;
5553 int length, defect_list_len;
5555 CTL_DEBUG_PRINT(("ctl_format\n"));
5557 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5558 ctl_softc = control_softc;
5560 cdb = (struct scsi_format *)ctsio->cdb;
5563 if (cdb->byte2 & SF_FMTDATA) {
5564 if (cdb->byte2 & SF_LONGLIST)
5565 length = sizeof(struct scsi_format_header_long);
5567 length = sizeof(struct scsi_format_header_short);
5570 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0)
5572 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK);
5573 ctsio->kern_data_len = length;
5574 ctsio->kern_total_len = length;
5575 ctsio->kern_data_resid = 0;
5576 ctsio->kern_rel_offset = 0;
5577 ctsio->kern_sg_entries = 0;
5578 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
5579 ctsio->be_move_done = ctl_config_move_done;
5580 ctl_datamove((union ctl_io *)ctsio);
5582 return (CTL_RETVAL_COMPLETE);
5585 defect_list_len = 0;
5587 if (cdb->byte2 & SF_FMTDATA) {
5588 if (cdb->byte2 & SF_LONGLIST) {
5589 struct scsi_format_header_long *header;
5591 header = (struct scsi_format_header_long *)
5592 ctsio->kern_data_ptr;
5594 defect_list_len = scsi_4btoul(header->defect_list_len);
5595 if (defect_list_len != 0) {
5596 ctl_set_invalid_field(ctsio,
5605 struct scsi_format_header_short *header;
5607 header = (struct scsi_format_header_short *)
5608 ctsio->kern_data_ptr;
5610 defect_list_len = scsi_2btoul(header->defect_list_len);
5611 if (defect_list_len != 0) {
5612 ctl_set_invalid_field(ctsio,
5624 * The format command will clear out the "Medium format corrupted"
5625 * status if set by the configuration code. That status is really
5626 * just a way to notify the host that we have lost the media, and
5627 * get them to issue a command that will basically make them think
5628 * they're blowing away the media.
5630 mtx_lock(&ctl_softc->ctl_lock);
5631 lun->flags &= ~CTL_LUN_INOPERABLE;
5632 mtx_unlock(&ctl_softc->ctl_lock);
5634 ctsio->scsi_status = SCSI_STATUS_OK;
5635 ctsio->io_hdr.status = CTL_SUCCESS;
5638 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) {
5639 free(ctsio->kern_data_ptr, M_CTL);
5640 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED;
5643 ctl_done((union ctl_io *)ctsio);
5644 return (CTL_RETVAL_COMPLETE);
5648 ctl_write_buffer(struct ctl_scsiio *ctsio)
5650 struct scsi_write_buffer *cdb;
5651 struct copan_page_header *header;
5652 struct ctl_lun *lun;
5653 struct ctl_softc *ctl_softc;
5654 int buffer_offset, len;
5659 retval = CTL_RETVAL_COMPLETE;
5661 CTL_DEBUG_PRINT(("ctl_write_buffer\n"));
5663 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5664 ctl_softc = control_softc;
5665 cdb = (struct scsi_write_buffer *)ctsio->cdb;
5667 if ((cdb->byte2 & RWB_MODE) != RWB_MODE_DATA) {
5668 ctl_set_invalid_field(ctsio,
5674 ctl_done((union ctl_io *)ctsio);
5675 return (CTL_RETVAL_COMPLETE);
5677 if (cdb->buffer_id != 0) {
5678 ctl_set_invalid_field(ctsio,
5684 ctl_done((union ctl_io *)ctsio);
5685 return (CTL_RETVAL_COMPLETE);
5688 len = scsi_3btoul(cdb->length);
5689 buffer_offset = scsi_3btoul(cdb->offset);
5691 if (len > sizeof(lun->write_buffer)) {
5692 ctl_set_invalid_field(ctsio,
5698 ctl_done((union ctl_io *)ctsio);
5699 return (CTL_RETVAL_COMPLETE);
5702 if (buffer_offset != 0) {
5703 ctl_set_invalid_field(ctsio,
5709 ctl_done((union ctl_io *)ctsio);
5710 return (CTL_RETVAL_COMPLETE);
5714 * If we've got a kernel request that hasn't been malloced yet,
5715 * malloc it and tell the caller the data buffer is here.
5717 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) {
5718 ctsio->kern_data_ptr = lun->write_buffer;
5719 ctsio->kern_data_len = len;
5720 ctsio->kern_total_len = len;
5721 ctsio->kern_data_resid = 0;
5722 ctsio->kern_rel_offset = 0;
5723 ctsio->kern_sg_entries = 0;
5724 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
5725 ctsio->be_move_done = ctl_config_move_done;
5726 ctl_datamove((union ctl_io *)ctsio);
5728 return (CTL_RETVAL_COMPLETE);
5731 ctl_done((union ctl_io *)ctsio);
5733 return (CTL_RETVAL_COMPLETE);
5737 * Note that this function currently doesn't actually do anything inside
5738 * CTL to enforce things if the DQue bit is turned on.
5740 * Also note that this function can't be used in the default case, because
5741 * the DQue bit isn't set in the changeable mask for the control mode page
5742 * anyway. This is just here as an example for how to implement a page
5743 * handler, and a placeholder in case we want to allow the user to turn
5744 * tagged queueing on and off.
5746 * The D_SENSE bit handling is functional, however, and will turn
5747 * descriptor sense on and off for a given LUN.
5750 ctl_control_page_handler(struct ctl_scsiio *ctsio,
5751 struct ctl_page_index *page_index, uint8_t *page_ptr)
5753 struct scsi_control_page *current_cp, *saved_cp, *user_cp;
5754 struct ctl_lun *lun;
5755 struct ctl_softc *softc;
5759 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5760 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus);
5763 user_cp = (struct scsi_control_page *)page_ptr;
5764 current_cp = (struct scsi_control_page *)
5765 (page_index->page_data + (page_index->page_len *
5767 saved_cp = (struct scsi_control_page *)
5768 (page_index->page_data + (page_index->page_len *
5771 softc = control_softc;
5773 mtx_lock(&softc->ctl_lock);
5774 if (((current_cp->rlec & SCP_DSENSE) == 0)
5775 && ((user_cp->rlec & SCP_DSENSE) != 0)) {
5777 * Descriptor sense is currently turned off and the user
5778 * wants to turn it on.
5780 current_cp->rlec |= SCP_DSENSE;
5781 saved_cp->rlec |= SCP_DSENSE;
5782 lun->flags |= CTL_LUN_SENSE_DESC;
5784 } else if (((current_cp->rlec & SCP_DSENSE) != 0)
5785 && ((user_cp->rlec & SCP_DSENSE) == 0)) {
5787 * Descriptor sense is currently turned on, and the user
5788 * wants to turn it off.
5790 current_cp->rlec &= ~SCP_DSENSE;
5791 saved_cp->rlec &= ~SCP_DSENSE;
5792 lun->flags &= ~CTL_LUN_SENSE_DESC;
5795 if (current_cp->queue_flags & SCP_QUEUE_DQUE) {
5796 if (user_cp->queue_flags & SCP_QUEUE_DQUE) {
5798 csevent_log(CSC_CTL | CSC_SHELF_SW |
5800 csevent_LogType_Trace,
5801 csevent_Severity_Information,
5802 csevent_AlertLevel_Green,
5803 csevent_FRU_Firmware,
5804 csevent_FRU_Unknown,
5805 "Received untagged to untagged transition");
5806 #endif /* NEEDTOPORT */
5809 csevent_log(CSC_CTL | CSC_SHELF_SW |
5811 csevent_LogType_ConfigChange,
5812 csevent_Severity_Information,
5813 csevent_AlertLevel_Green,
5814 csevent_FRU_Firmware,
5815 csevent_FRU_Unknown,
5816 "Received untagged to tagged "
5817 "queueing transition");
5818 #endif /* NEEDTOPORT */
5820 current_cp->queue_flags &= ~SCP_QUEUE_DQUE;
5821 saved_cp->queue_flags &= ~SCP_QUEUE_DQUE;
5825 if (user_cp->queue_flags & SCP_QUEUE_DQUE) {
5827 csevent_log(CSC_CTL | CSC_SHELF_SW |
5829 csevent_LogType_ConfigChange,
5830 csevent_Severity_Warning,
5831 csevent_AlertLevel_Yellow,
5832 csevent_FRU_Firmware,
5833 csevent_FRU_Unknown,
5834 "Received tagged queueing to untagged "
5836 #endif /* NEEDTOPORT */
5838 current_cp->queue_flags |= SCP_QUEUE_DQUE;
5839 saved_cp->queue_flags |= SCP_QUEUE_DQUE;
5843 csevent_log(CSC_CTL | CSC_SHELF_SW |
5845 csevent_LogType_Trace,
5846 csevent_Severity_Information,
5847 csevent_AlertLevel_Green,
5848 csevent_FRU_Firmware,
5849 csevent_FRU_Unknown,
5850 "Received tagged queueing to tagged "
5851 "queueing transition");
5852 #endif /* NEEDTOPORT */
5858 * Let other initiators know that the mode
5859 * parameters for this LUN have changed.
5861 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
5865 lun->pending_sense[i].ua_pending |=
5869 mtx_unlock(&softc->ctl_lock);
5875 ctl_power_sp_handler(struct ctl_scsiio *ctsio,
5876 struct ctl_page_index *page_index, uint8_t *page_ptr)
5882 ctl_power_sp_sense_handler(struct ctl_scsiio *ctsio,
5883 struct ctl_page_index *page_index, int pc)
5885 struct copan_power_subpage *page;
5887 page = (struct copan_power_subpage *)page_index->page_data +
5888 (page_index->page_len * pc);
5891 case SMS_PAGE_CTRL_CHANGEABLE >> 6:
5893 * We don't update the changable bits for this page.
5896 case SMS_PAGE_CTRL_CURRENT >> 6:
5897 case SMS_PAGE_CTRL_DEFAULT >> 6:
5898 case SMS_PAGE_CTRL_SAVED >> 6:
5900 ctl_update_power_subpage(page);
5905 EPRINT(0, "Invalid PC %d!!", pc);
5914 ctl_aps_sp_handler(struct ctl_scsiio *ctsio,
5915 struct ctl_page_index *page_index, uint8_t *page_ptr)
5917 struct copan_aps_subpage *user_sp;
5918 struct copan_aps_subpage *current_sp;
5919 union ctl_modepage_info *modepage_info;
5920 struct ctl_softc *softc;
5921 struct ctl_lun *lun;
5924 retval = CTL_RETVAL_COMPLETE;
5925 current_sp = (struct copan_aps_subpage *)(page_index->page_data +
5926 (page_index->page_len * CTL_PAGE_CURRENT));
5927 softc = control_softc;
5928 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
5930 user_sp = (struct copan_aps_subpage *)page_ptr;
5932 modepage_info = (union ctl_modepage_info *)
5933 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes;
5935 modepage_info->header.page_code = page_index->page_code & SMPH_PC_MASK;
5936 modepage_info->header.subpage = page_index->subpage;
5937 modepage_info->aps.lock_active = user_sp->lock_active;
5939 mtx_lock(&softc->ctl_lock);
5942 * If there is a request to lock the LUN and another LUN is locked
5943 * this is an error. If the requested LUN is already locked ignore
5944 * the request. If no LUN is locked attempt to lock it.
5945 * if there is a request to unlock the LUN and the LUN is currently
5946 * locked attempt to unlock it. Otherwise ignore the request. i.e.
5947 * if another LUN is locked or no LUN is locked.
5949 if (user_sp->lock_active & APS_LOCK_ACTIVE) {
5950 if (softc->aps_locked_lun == lun->lun) {
5952 * This LUN is already locked, so we're done.
5954 retval = CTL_RETVAL_COMPLETE;
5955 } else if (softc->aps_locked_lun == 0) {
5957 * No one has the lock, pass the request to the
5960 retval = lun->backend->config_write(
5961 (union ctl_io *)ctsio);
5964 * Someone else has the lock, throw out the request.
5966 ctl_set_already_locked(ctsio);
5967 free(ctsio->kern_data_ptr, M_CTL);
5968 ctl_done((union ctl_io *)ctsio);
5971 * Set the return value so that ctl_do_mode_select()
5972 * won't try to complete the command. We already
5973 * completed it here.
5975 retval = CTL_RETVAL_ERROR;
5977 } else if (softc->aps_locked_lun == lun->lun) {
5979 * This LUN is locked, so pass the unlock request to the
5982 retval = lun->backend->config_write((union ctl_io *)ctsio);
5984 mtx_unlock(&softc->ctl_lock);
5990 ctl_debugconf_sp_select_handler(struct ctl_scsiio *ctsio,
5991 struct ctl_page_index *page_index,
5997 c = ((struct copan_debugconf_subpage *)page_ptr)->ctl_time_io_secs;
6002 CTL_DEBUG_PRINT(("set ctl_time_io_secs to %d\n", ctl_time_io_secs));
6003 printf("set ctl_time_io_secs to %d\n", ctl_time_io_secs);
6004 printf("page data:");
6006 printf(" %.2x",page_ptr[i]);
6012 ctl_debugconf_sp_sense_handler(struct ctl_scsiio *ctsio,
6013 struct ctl_page_index *page_index,
6016 struct copan_debugconf_subpage *page;
6018 page = (struct copan_debugconf_subpage *)page_index->page_data +
6019 (page_index->page_len * pc);
6022 case SMS_PAGE_CTRL_CHANGEABLE >> 6:
6023 case SMS_PAGE_CTRL_DEFAULT >> 6:
6024 case SMS_PAGE_CTRL_SAVED >> 6:
6026 * We don't update the changable or default bits for this page.
6029 case SMS_PAGE_CTRL_CURRENT >> 6:
6030 page->ctl_time_io_secs[0] = ctl_time_io_secs >> 8;
6031 page->ctl_time_io_secs[1] = ctl_time_io_secs >> 0;
6035 EPRINT(0, "Invalid PC %d!!", pc);
6036 #endif /* NEEDTOPORT */
6044 ctl_do_mode_select(union ctl_io *io)
6046 struct scsi_mode_page_header *page_header;
6047 struct ctl_page_index *page_index;
6048 struct ctl_scsiio *ctsio;
6049 int control_dev, page_len;
6050 int page_len_offset, page_len_size;
6051 union ctl_modepage_info *modepage_info;
6052 struct ctl_lun *lun;
6053 int *len_left, *len_used;
6056 ctsio = &io->scsiio;
6059 retval = CTL_RETVAL_COMPLETE;
6061 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6063 if (lun->be_lun->lun_type != T_DIRECT)
6068 modepage_info = (union ctl_modepage_info *)
6069 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes;
6070 len_left = &modepage_info->header.len_left;
6071 len_used = &modepage_info->header.len_used;
6075 page_header = (struct scsi_mode_page_header *)
6076 (ctsio->kern_data_ptr + *len_used);
6078 if (*len_left == 0) {
6079 free(ctsio->kern_data_ptr, M_CTL);
6080 ctl_set_success(ctsio);
6081 ctl_done((union ctl_io *)ctsio);
6082 return (CTL_RETVAL_COMPLETE);
6083 } else if (*len_left < sizeof(struct scsi_mode_page_header)) {
6085 free(ctsio->kern_data_ptr, M_CTL);
6086 ctl_set_param_len_error(ctsio);
6087 ctl_done((union ctl_io *)ctsio);
6088 return (CTL_RETVAL_COMPLETE);
6090 } else if ((page_header->page_code & SMPH_SPF)
6091 && (*len_left < sizeof(struct scsi_mode_page_header_sp))) {
6093 free(ctsio->kern_data_ptr, M_CTL);
6094 ctl_set_param_len_error(ctsio);
6095 ctl_done((union ctl_io *)ctsio);
6096 return (CTL_RETVAL_COMPLETE);
6101 * XXX KDM should we do something with the block descriptor?
6103 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
6105 if ((control_dev != 0)
6106 && (lun->mode_pages.index[i].page_flags &
6107 CTL_PAGE_FLAG_DISK_ONLY))
6110 if ((lun->mode_pages.index[i].page_code & SMPH_PC_MASK) !=
6111 (page_header->page_code & SMPH_PC_MASK))
6115 * If neither page has a subpage code, then we've got a
6118 if (((lun->mode_pages.index[i].page_code & SMPH_SPF) == 0)
6119 && ((page_header->page_code & SMPH_SPF) == 0)) {
6120 page_index = &lun->mode_pages.index[i];
6121 page_len = page_header->page_length;
6126 * If both pages have subpages, then the subpage numbers
6129 if ((lun->mode_pages.index[i].page_code & SMPH_SPF)
6130 && (page_header->page_code & SMPH_SPF)) {
6131 struct scsi_mode_page_header_sp *sph;
6133 sph = (struct scsi_mode_page_header_sp *)page_header;
6135 if (lun->mode_pages.index[i].subpage ==
6137 page_index = &lun->mode_pages.index[i];
6138 page_len = scsi_2btoul(sph->page_length);
6145 * If we couldn't find the page, or if we don't have a mode select
6146 * handler for it, send back an error to the user.
6148 if ((page_index == NULL)
6149 || (page_index->select_handler == NULL)) {
6150 ctl_set_invalid_field(ctsio,
6153 /*field*/ *len_used,
6156 free(ctsio->kern_data_ptr, M_CTL);
6157 ctl_done((union ctl_io *)ctsio);
6158 return (CTL_RETVAL_COMPLETE);
6161 if (page_index->page_code & SMPH_SPF) {
6162 page_len_offset = 2;
6166 page_len_offset = 1;
6170 * If the length the initiator gives us isn't the one we specify in
6171 * the mode page header, or if they didn't specify enough data in
6172 * the CDB to avoid truncating this page, kick out the request.
6174 if ((page_len != (page_index->page_len - page_len_offset -
6176 || (*len_left < page_index->page_len)) {
6179 ctl_set_invalid_field(ctsio,
6182 /*field*/ *len_used + page_len_offset,
6185 free(ctsio->kern_data_ptr, M_CTL);
6186 ctl_done((union ctl_io *)ctsio);
6187 return (CTL_RETVAL_COMPLETE);
6191 * Run through the mode page, checking to make sure that the bits
6192 * the user changed are actually legal for him to change.
6194 for (i = 0; i < page_index->page_len; i++) {
6195 uint8_t *user_byte, *change_mask, *current_byte;
6199 user_byte = (uint8_t *)page_header + i;
6200 change_mask = page_index->page_data +
6201 (page_index->page_len * CTL_PAGE_CHANGEABLE) + i;
6202 current_byte = page_index->page_data +
6203 (page_index->page_len * CTL_PAGE_CURRENT) + i;
6206 * Check to see whether the user set any bits in this byte
6207 * that he is not allowed to set.
6209 if ((*user_byte & ~(*change_mask)) ==
6210 (*current_byte & ~(*change_mask)))
6214 * Go through bit by bit to determine which one is illegal.
6217 for (j = 7; j >= 0; j--) {
6218 if ((((1 << i) & ~(*change_mask)) & *user_byte) !=
6219 (((1 << i) & ~(*change_mask)) & *current_byte)) {
6224 ctl_set_invalid_field(ctsio,
6227 /*field*/ *len_used + i,
6230 free(ctsio->kern_data_ptr, M_CTL);
6231 ctl_done((union ctl_io *)ctsio);
6232 return (CTL_RETVAL_COMPLETE);
6236 * Decrement these before we call the page handler, since we may
6237 * end up getting called back one way or another before the handler
6238 * returns to this context.
6240 *len_left -= page_index->page_len;
6241 *len_used += page_index->page_len;
6243 retval = page_index->select_handler(ctsio, page_index,
6244 (uint8_t *)page_header);
6247 * If the page handler returns CTL_RETVAL_QUEUED, then we need to
6248 * wait until this queued command completes to finish processing
6249 * the mode page. If it returns anything other than
6250 * CTL_RETVAL_COMPLETE (e.g. CTL_RETVAL_ERROR), then it should have
6251 * already set the sense information, freed the data pointer, and
6252 * completed the io for us.
6254 if (retval != CTL_RETVAL_COMPLETE)
6255 goto bailout_no_done;
6258 * If the initiator sent us more than one page, parse the next one.
6263 ctl_set_success(ctsio);
6264 free(ctsio->kern_data_ptr, M_CTL);
6265 ctl_done((union ctl_io *)ctsio);
6269 return (CTL_RETVAL_COMPLETE);
6274 ctl_mode_select(struct ctl_scsiio *ctsio)
6276 int param_len, pf, sp;
6277 int header_size, bd_len;
6278 int len_left, len_used;
6279 struct ctl_page_index *page_index;
6280 struct ctl_lun *lun;
6281 int control_dev, page_len;
6282 union ctl_modepage_info *modepage_info;
6294 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6296 if (lun->be_lun->lun_type != T_DIRECT)
6301 switch (ctsio->cdb[0]) {
6302 case MODE_SELECT_6: {
6303 struct scsi_mode_select_6 *cdb;
6305 cdb = (struct scsi_mode_select_6 *)ctsio->cdb;
6307 pf = (cdb->byte2 & SMS_PF) ? 1 : 0;
6308 sp = (cdb->byte2 & SMS_SP) ? 1 : 0;
6310 param_len = cdb->length;
6311 header_size = sizeof(struct scsi_mode_header_6);
6314 case MODE_SELECT_10: {
6315 struct scsi_mode_select_10 *cdb;
6317 cdb = (struct scsi_mode_select_10 *)ctsio->cdb;
6319 pf = (cdb->byte2 & SMS_PF) ? 1 : 0;
6320 sp = (cdb->byte2 & SMS_SP) ? 1 : 0;
6322 param_len = scsi_2btoul(cdb->length);
6323 header_size = sizeof(struct scsi_mode_header_10);
6327 ctl_set_invalid_opcode(ctsio);
6328 ctl_done((union ctl_io *)ctsio);
6329 return (CTL_RETVAL_COMPLETE);
6330 break; /* NOTREACHED */
6335 * "A parameter list length of zero indicates that the Data-Out Buffer
6336 * shall be empty. This condition shall not be considered as an error."
6338 if (param_len == 0) {
6339 ctl_set_success(ctsio);
6340 ctl_done((union ctl_io *)ctsio);
6341 return (CTL_RETVAL_COMPLETE);
6345 * Since we'll hit this the first time through, prior to
6346 * allocation, we don't need to free a data buffer here.
6348 if (param_len < header_size) {
6349 ctl_set_param_len_error(ctsio);
6350 ctl_done((union ctl_io *)ctsio);
6351 return (CTL_RETVAL_COMPLETE);
6355 * Allocate the data buffer and grab the user's data. In theory,
6356 * we shouldn't have to sanity check the parameter list length here
6357 * because the maximum size is 64K. We should be able to malloc
6358 * that much without too many problems.
6360 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) {
6361 ctsio->kern_data_ptr = malloc(param_len, M_CTL, M_WAITOK);
6362 ctsio->kern_data_len = param_len;
6363 ctsio->kern_total_len = param_len;
6364 ctsio->kern_data_resid = 0;
6365 ctsio->kern_rel_offset = 0;
6366 ctsio->kern_sg_entries = 0;
6367 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
6368 ctsio->be_move_done = ctl_config_move_done;
6369 ctl_datamove((union ctl_io *)ctsio);
6371 return (CTL_RETVAL_COMPLETE);
6374 switch (ctsio->cdb[0]) {
6375 case MODE_SELECT_6: {
6376 struct scsi_mode_header_6 *mh6;
6378 mh6 = (struct scsi_mode_header_6 *)ctsio->kern_data_ptr;
6379 bd_len = mh6->blk_desc_len;
6382 case MODE_SELECT_10: {
6383 struct scsi_mode_header_10 *mh10;
6385 mh10 = (struct scsi_mode_header_10 *)ctsio->kern_data_ptr;
6386 bd_len = scsi_2btoul(mh10->blk_desc_len);
6390 panic("Invalid CDB type %#x", ctsio->cdb[0]);
6394 if (param_len < (header_size + bd_len)) {
6395 free(ctsio->kern_data_ptr, M_CTL);
6396 ctl_set_param_len_error(ctsio);
6397 ctl_done((union ctl_io *)ctsio);
6398 return (CTL_RETVAL_COMPLETE);
6402 * Set the IO_CONT flag, so that if this I/O gets passed to
6403 * ctl_config_write_done(), it'll get passed back to
6404 * ctl_do_mode_select() for further processing, or completion if
6407 ctsio->io_hdr.flags |= CTL_FLAG_IO_CONT;
6408 ctsio->io_cont = ctl_do_mode_select;
6410 modepage_info = (union ctl_modepage_info *)
6411 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes;
6413 memset(modepage_info, 0, sizeof(*modepage_info));
6415 len_left = param_len - header_size - bd_len;
6416 len_used = header_size + bd_len;
6418 modepage_info->header.len_left = len_left;
6419 modepage_info->header.len_used = len_used;
6421 return (ctl_do_mode_select((union ctl_io *)ctsio));
6425 ctl_mode_sense(struct ctl_scsiio *ctsio)
6427 struct ctl_lun *lun;
6428 int pc, page_code, dbd, llba, subpage;
6429 int alloc_len, page_len, header_len, total_len;
6430 struct scsi_mode_block_descr *block_desc;
6431 struct ctl_page_index *page_index;
6439 CTL_DEBUG_PRINT(("ctl_mode_sense\n"));
6441 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6443 if (lun->be_lun->lun_type != T_DIRECT)
6448 switch (ctsio->cdb[0]) {
6449 case MODE_SENSE_6: {
6450 struct scsi_mode_sense_6 *cdb;
6452 cdb = (struct scsi_mode_sense_6 *)ctsio->cdb;
6454 header_len = sizeof(struct scsi_mode_hdr_6);
6455 if (cdb->byte2 & SMS_DBD)
6458 header_len += sizeof(struct scsi_mode_block_descr);
6460 pc = (cdb->page & SMS_PAGE_CTRL_MASK) >> 6;
6461 page_code = cdb->page & SMS_PAGE_CODE;
6462 subpage = cdb->subpage;
6463 alloc_len = cdb->length;
6466 case MODE_SENSE_10: {
6467 struct scsi_mode_sense_10 *cdb;
6469 cdb = (struct scsi_mode_sense_10 *)ctsio->cdb;
6471 header_len = sizeof(struct scsi_mode_hdr_10);
6473 if (cdb->byte2 & SMS_DBD)
6476 header_len += sizeof(struct scsi_mode_block_descr);
6477 if (cdb->byte2 & SMS10_LLBAA)
6479 pc = (cdb->page & SMS_PAGE_CTRL_MASK) >> 6;
6480 page_code = cdb->page & SMS_PAGE_CODE;
6481 subpage = cdb->subpage;
6482 alloc_len = scsi_2btoul(cdb->length);
6486 ctl_set_invalid_opcode(ctsio);
6487 ctl_done((union ctl_io *)ctsio);
6488 return (CTL_RETVAL_COMPLETE);
6489 break; /* NOTREACHED */
6493 * We have to make a first pass through to calculate the size of
6494 * the pages that match the user's query. Then we allocate enough
6495 * memory to hold it, and actually copy the data into the buffer.
6497 switch (page_code) {
6498 case SMS_ALL_PAGES_PAGE: {
6504 * At the moment, values other than 0 and 0xff here are
6505 * reserved according to SPC-3.
6507 if ((subpage != SMS_SUBPAGE_PAGE_0)
6508 && (subpage != SMS_SUBPAGE_ALL)) {
6509 ctl_set_invalid_field(ctsio,
6515 ctl_done((union ctl_io *)ctsio);
6516 return (CTL_RETVAL_COMPLETE);
6519 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
6520 if ((control_dev != 0)
6521 && (lun->mode_pages.index[i].page_flags &
6522 CTL_PAGE_FLAG_DISK_ONLY))
6526 * We don't use this subpage if the user didn't
6527 * request all subpages.
6529 if ((lun->mode_pages.index[i].subpage != 0)
6530 && (subpage == SMS_SUBPAGE_PAGE_0))
6534 printf("found page %#x len %d\n",
6535 lun->mode_pages.index[i].page_code &
6537 lun->mode_pages.index[i].page_len);
6539 page_len += lun->mode_pages.index[i].page_len;
6548 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
6549 /* Look for the right page code */
6550 if ((lun->mode_pages.index[i].page_code &
6551 SMPH_PC_MASK) != page_code)
6554 /* Look for the right subpage or the subpage wildcard*/
6555 if ((lun->mode_pages.index[i].subpage != subpage)
6556 && (subpage != SMS_SUBPAGE_ALL))
6559 /* Make sure the page is supported for this dev type */
6560 if ((control_dev != 0)
6561 && (lun->mode_pages.index[i].page_flags &
6562 CTL_PAGE_FLAG_DISK_ONLY))
6566 printf("found page %#x len %d\n",
6567 lun->mode_pages.index[i].page_code &
6569 lun->mode_pages.index[i].page_len);
6572 page_len += lun->mode_pages.index[i].page_len;
6575 if (page_len == 0) {
6576 ctl_set_invalid_field(ctsio,
6582 ctl_done((union ctl_io *)ctsio);
6583 return (CTL_RETVAL_COMPLETE);
6589 total_len = header_len + page_len;
6591 printf("header_len = %d, page_len = %d, total_len = %d\n",
6592 header_len, page_len, total_len);
6595 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO);
6596 ctsio->kern_sg_entries = 0;
6597 ctsio->kern_data_resid = 0;
6598 ctsio->kern_rel_offset = 0;
6599 if (total_len < alloc_len) {
6600 ctsio->residual = alloc_len - total_len;
6601 ctsio->kern_data_len = total_len;
6602 ctsio->kern_total_len = total_len;
6604 ctsio->residual = 0;
6605 ctsio->kern_data_len = alloc_len;
6606 ctsio->kern_total_len = alloc_len;
6609 switch (ctsio->cdb[0]) {
6610 case MODE_SENSE_6: {
6611 struct scsi_mode_hdr_6 *header;
6613 header = (struct scsi_mode_hdr_6 *)ctsio->kern_data_ptr;
6615 header->datalen = ctl_min(total_len - 1, 254);
6618 header->block_descr_len = 0;
6620 header->block_descr_len =
6621 sizeof(struct scsi_mode_block_descr);
6622 block_desc = (struct scsi_mode_block_descr *)&header[1];
6625 case MODE_SENSE_10: {
6626 struct scsi_mode_hdr_10 *header;
6629 header = (struct scsi_mode_hdr_10 *)ctsio->kern_data_ptr;
6631 datalen = ctl_min(total_len - 2, 65533);
6632 scsi_ulto2b(datalen, header->datalen);
6634 scsi_ulto2b(0, header->block_descr_len);
6636 scsi_ulto2b(sizeof(struct scsi_mode_block_descr),
6637 header->block_descr_len);
6638 block_desc = (struct scsi_mode_block_descr *)&header[1];
6642 panic("invalid CDB type %#x", ctsio->cdb[0]);
6643 break; /* NOTREACHED */
6647 * If we've got a disk, use its blocksize in the block
6648 * descriptor. Otherwise, just set it to 0.
6651 if (control_dev != 0)
6652 scsi_ulto3b(lun->be_lun->blocksize,
6653 block_desc->block_len);
6655 scsi_ulto3b(0, block_desc->block_len);
6658 switch (page_code) {
6659 case SMS_ALL_PAGES_PAGE: {
6662 data_used = header_len;
6663 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
6664 struct ctl_page_index *page_index;
6666 page_index = &lun->mode_pages.index[i];
6668 if ((control_dev != 0)
6669 && (page_index->page_flags &
6670 CTL_PAGE_FLAG_DISK_ONLY))
6674 * We don't use this subpage if the user didn't
6675 * request all subpages. We already checked (above)
6676 * to make sure the user only specified a subpage
6677 * of 0 or 0xff in the SMS_ALL_PAGES_PAGE case.
6679 if ((page_index->subpage != 0)
6680 && (subpage == SMS_SUBPAGE_PAGE_0))
6684 * Call the handler, if it exists, to update the
6685 * page to the latest values.
6687 if (page_index->sense_handler != NULL)
6688 page_index->sense_handler(ctsio, page_index,pc);
6690 memcpy(ctsio->kern_data_ptr + data_used,
6691 page_index->page_data +
6692 (page_index->page_len * pc),
6693 page_index->page_len);
6694 data_used += page_index->page_len;
6701 data_used = header_len;
6703 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) {
6704 struct ctl_page_index *page_index;
6706 page_index = &lun->mode_pages.index[i];
6708 /* Look for the right page code */
6709 if ((page_index->page_code & SMPH_PC_MASK) != page_code)
6712 /* Look for the right subpage or the subpage wildcard*/
6713 if ((page_index->subpage != subpage)
6714 && (subpage != SMS_SUBPAGE_ALL))
6717 /* Make sure the page is supported for this dev type */
6718 if ((control_dev != 0)
6719 && (page_index->page_flags &
6720 CTL_PAGE_FLAG_DISK_ONLY))
6724 * Call the handler, if it exists, to update the
6725 * page to the latest values.
6727 if (page_index->sense_handler != NULL)
6728 page_index->sense_handler(ctsio, page_index,pc);
6730 memcpy(ctsio->kern_data_ptr + data_used,
6731 page_index->page_data +
6732 (page_index->page_len * pc),
6733 page_index->page_len);
6734 data_used += page_index->page_len;
6740 ctsio->scsi_status = SCSI_STATUS_OK;
6742 ctsio->be_move_done = ctl_config_move_done;
6743 ctl_datamove((union ctl_io *)ctsio);
6745 return (CTL_RETVAL_COMPLETE);
6749 ctl_read_capacity(struct ctl_scsiio *ctsio)
6751 struct scsi_read_capacity *cdb;
6752 struct scsi_read_capacity_data *data;
6753 struct ctl_lun *lun;
6756 CTL_DEBUG_PRINT(("ctl_read_capacity\n"));
6758 cdb = (struct scsi_read_capacity *)ctsio->cdb;
6760 lba = scsi_4btoul(cdb->addr);
6761 if (((cdb->pmi & SRC_PMI) == 0)
6763 ctl_set_invalid_field(/*ctsio*/ ctsio,
6769 ctl_done((union ctl_io *)ctsio);
6770 return (CTL_RETVAL_COMPLETE);
6773 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6775 ctsio->kern_data_ptr = malloc(sizeof(*data), M_CTL, M_WAITOK | M_ZERO);
6776 data = (struct scsi_read_capacity_data *)ctsio->kern_data_ptr;
6777 ctsio->residual = 0;
6778 ctsio->kern_data_len = sizeof(*data);
6779 ctsio->kern_total_len = sizeof(*data);
6780 ctsio->kern_data_resid = 0;
6781 ctsio->kern_rel_offset = 0;
6782 ctsio->kern_sg_entries = 0;
6785 * If the maximum LBA is greater than 0xfffffffe, the user must
6786 * issue a SERVICE ACTION IN (16) command, with the read capacity
6787 * serivce action set.
6789 if (lun->be_lun->maxlba > 0xfffffffe)
6790 scsi_ulto4b(0xffffffff, data->addr);
6792 scsi_ulto4b(lun->be_lun->maxlba, data->addr);
6795 * XXX KDM this may not be 512 bytes...
6797 scsi_ulto4b(lun->be_lun->blocksize, data->length);
6799 ctsio->scsi_status = SCSI_STATUS_OK;
6801 ctsio->be_move_done = ctl_config_move_done;
6802 ctl_datamove((union ctl_io *)ctsio);
6804 return (CTL_RETVAL_COMPLETE);
6808 ctl_read_capacity_16(struct ctl_scsiio *ctsio)
6810 struct scsi_read_capacity_16 *cdb;
6811 struct scsi_read_capacity_data_long *data;
6812 struct ctl_lun *lun;
6816 CTL_DEBUG_PRINT(("ctl_read_capacity_16\n"));
6818 cdb = (struct scsi_read_capacity_16 *)ctsio->cdb;
6820 alloc_len = scsi_4btoul(cdb->alloc_len);
6821 lba = scsi_8btou64(cdb->addr);
6823 if ((cdb->reladr & SRC16_PMI)
6825 ctl_set_invalid_field(/*ctsio*/ ctsio,
6831 ctl_done((union ctl_io *)ctsio);
6832 return (CTL_RETVAL_COMPLETE);
6835 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6837 ctsio->kern_data_ptr = malloc(sizeof(*data), M_CTL, M_WAITOK | M_ZERO);
6838 data = (struct scsi_read_capacity_data_long *)ctsio->kern_data_ptr;
6840 if (sizeof(*data) < alloc_len) {
6841 ctsio->residual = alloc_len - sizeof(*data);
6842 ctsio->kern_data_len = sizeof(*data);
6843 ctsio->kern_total_len = sizeof(*data);
6845 ctsio->residual = 0;
6846 ctsio->kern_data_len = alloc_len;
6847 ctsio->kern_total_len = alloc_len;
6849 ctsio->kern_data_resid = 0;
6850 ctsio->kern_rel_offset = 0;
6851 ctsio->kern_sg_entries = 0;
6853 scsi_u64to8b(lun->be_lun->maxlba, data->addr);
6854 /* XXX KDM this may not be 512 bytes... */
6855 scsi_ulto4b(lun->be_lun->blocksize, data->length);
6856 data->prot_lbppbe = lun->be_lun->pblockexp & SRC16_LBPPBE;
6857 scsi_ulto2b(lun->be_lun->pblockoff & SRC16_LALBA_A, data->lalba_lbp);
6859 ctsio->scsi_status = SCSI_STATUS_OK;
6861 ctsio->be_move_done = ctl_config_move_done;
6862 ctl_datamove((union ctl_io *)ctsio);
6864 return (CTL_RETVAL_COMPLETE);
6868 ctl_service_action_in(struct ctl_scsiio *ctsio)
6870 struct scsi_service_action_in *cdb;
6873 CTL_DEBUG_PRINT(("ctl_service_action_in\n"));
6875 cdb = (struct scsi_service_action_in *)ctsio->cdb;
6877 retval = CTL_RETVAL_COMPLETE;
6879 switch (cdb->service_action) {
6880 case SRC16_SERVICE_ACTION:
6881 retval = ctl_read_capacity_16(ctsio);
6884 ctl_set_invalid_field(/*ctsio*/ ctsio,
6890 ctl_done((union ctl_io *)ctsio);
6898 ctl_maintenance_in(struct ctl_scsiio *ctsio)
6900 struct scsi_maintenance_in *cdb;
6902 int alloc_len, total_len = 0;
6903 int num_target_port_groups, single;
6904 struct ctl_lun *lun;
6905 struct ctl_softc *softc;
6906 struct scsi_target_group_data *rtg_ptr;
6907 struct scsi_target_port_group_descriptor *tpg_desc_ptr1, *tpg_desc_ptr2;
6908 struct scsi_target_port_descriptor *tp_desc_ptr1_1, *tp_desc_ptr1_2,
6909 *tp_desc_ptr2_1, *tp_desc_ptr2_2;
6911 CTL_DEBUG_PRINT(("ctl_maintenance_in\n"));
6913 cdb = (struct scsi_maintenance_in *)ctsio->cdb;
6914 softc = control_softc;
6915 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
6917 retval = CTL_RETVAL_COMPLETE;
6919 if ((cdb->byte2 & SERVICE_ACTION_MASK) != SA_RPRT_TRGT_GRP) {
6920 ctl_set_invalid_field(/*ctsio*/ ctsio,
6926 ctl_done((union ctl_io *)ctsio);
6930 mtx_lock(&softc->ctl_lock);
6931 single = ctl_is_single;
6932 mtx_unlock(&softc->ctl_lock);
6935 num_target_port_groups = NUM_TARGET_PORT_GROUPS - 1;
6937 num_target_port_groups = NUM_TARGET_PORT_GROUPS;
6939 total_len = sizeof(struct scsi_target_group_data) +
6940 sizeof(struct scsi_target_port_group_descriptor) *
6941 num_target_port_groups +
6942 sizeof(struct scsi_target_port_descriptor) *
6943 NUM_PORTS_PER_GRP * num_target_port_groups;
6945 alloc_len = scsi_4btoul(cdb->length);
6947 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO);
6949 ctsio->kern_sg_entries = 0;
6951 if (total_len < alloc_len) {
6952 ctsio->residual = alloc_len - total_len;
6953 ctsio->kern_data_len = total_len;
6954 ctsio->kern_total_len = total_len;
6956 ctsio->residual = 0;
6957 ctsio->kern_data_len = alloc_len;
6958 ctsio->kern_total_len = alloc_len;
6960 ctsio->kern_data_resid = 0;
6961 ctsio->kern_rel_offset = 0;
6963 rtg_ptr = (struct scsi_target_group_data *)ctsio->kern_data_ptr;
6965 tpg_desc_ptr1 = &rtg_ptr->groups[0];
6966 tp_desc_ptr1_1 = &tpg_desc_ptr1->descriptors[0];
6967 tp_desc_ptr1_2 = (struct scsi_target_port_descriptor *)
6968 &tp_desc_ptr1_1->desc_list[0];
6971 tpg_desc_ptr2 = (struct scsi_target_port_group_descriptor *)
6972 &tp_desc_ptr1_2->desc_list[0];
6973 tp_desc_ptr2_1 = &tpg_desc_ptr2->descriptors[0];
6974 tp_desc_ptr2_2 = (struct scsi_target_port_descriptor *)
6975 &tp_desc_ptr2_1->desc_list[0];
6977 tpg_desc_ptr2 = NULL;
6978 tp_desc_ptr2_1 = NULL;
6979 tp_desc_ptr2_2 = NULL;
6982 scsi_ulto4b(total_len - 4, rtg_ptr->length);
6984 if (ctsio->io_hdr.nexus.targ_port < CTL_MAX_PORTS) {
6985 if (lun->flags & CTL_LUN_PRIMARY_SC) {
6986 tpg_desc_ptr1->pref_state = TPG_PRIMARY;
6987 tpg_desc_ptr2->pref_state =
6988 TPG_ASYMMETRIC_ACCESS_NONOPTIMIZED;
6990 tpg_desc_ptr1->pref_state =
6991 TPG_ASYMMETRIC_ACCESS_NONOPTIMIZED;
6992 tpg_desc_ptr2->pref_state = TPG_PRIMARY;
6995 if (lun->flags & CTL_LUN_PRIMARY_SC) {
6996 tpg_desc_ptr1->pref_state =
6997 TPG_ASYMMETRIC_ACCESS_NONOPTIMIZED;
6998 tpg_desc_ptr2->pref_state = TPG_PRIMARY;
7000 tpg_desc_ptr1->pref_state = TPG_PRIMARY;
7001 tpg_desc_ptr2->pref_state =
7002 TPG_ASYMMETRIC_ACCESS_NONOPTIMIZED;
7006 tpg_desc_ptr1->pref_state = TPG_PRIMARY;
7008 tpg_desc_ptr1->support = 0;
7009 tpg_desc_ptr1->target_port_group[1] = 1;
7010 tpg_desc_ptr1->status = TPG_IMPLICIT;
7011 tpg_desc_ptr1->target_port_count= NUM_PORTS_PER_GRP;
7014 tpg_desc_ptr2->support = 0;
7015 tpg_desc_ptr2->target_port_group[1] = 2;
7016 tpg_desc_ptr2->status = TPG_IMPLICIT;
7017 tpg_desc_ptr2->target_port_count = NUM_PORTS_PER_GRP;
7019 tp_desc_ptr1_1->relative_target_port_identifier[1] = 1;
7020 tp_desc_ptr1_2->relative_target_port_identifier[1] = 2;
7022 tp_desc_ptr2_1->relative_target_port_identifier[1] = 9;
7023 tp_desc_ptr2_2->relative_target_port_identifier[1] = 10;
7025 if (ctsio->io_hdr.nexus.targ_port < CTL_MAX_PORTS) {
7026 tp_desc_ptr1_1->relative_target_port_identifier[1] = 1;
7027 tp_desc_ptr1_2->relative_target_port_identifier[1] = 2;
7029 tp_desc_ptr1_1->relative_target_port_identifier[1] = 9;
7030 tp_desc_ptr1_2->relative_target_port_identifier[1] = 10;
7034 ctsio->be_move_done = ctl_config_move_done;
7036 CTL_DEBUG_PRINT(("buf = %x %x %x %x %x %x %x %x\n",
7037 ctsio->kern_data_ptr[0], ctsio->kern_data_ptr[1],
7038 ctsio->kern_data_ptr[2], ctsio->kern_data_ptr[3],
7039 ctsio->kern_data_ptr[4], ctsio->kern_data_ptr[5],
7040 ctsio->kern_data_ptr[6], ctsio->kern_data_ptr[7]));
7042 ctl_datamove((union ctl_io *)ctsio);
7047 ctl_persistent_reserve_in(struct ctl_scsiio *ctsio)
7049 struct scsi_per_res_in *cdb;
7050 int alloc_len, total_len = 0;
7051 /* struct scsi_per_res_in_rsrv in_data; */
7052 struct ctl_lun *lun;
7053 struct ctl_softc *softc;
7055 CTL_DEBUG_PRINT(("ctl_persistent_reserve_in\n"));
7057 softc = control_softc;
7059 cdb = (struct scsi_per_res_in *)ctsio->cdb;
7061 alloc_len = scsi_2btoul(cdb->length);
7063 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
7066 mtx_lock(&softc->ctl_lock);
7067 switch (cdb->action) {
7068 case SPRI_RK: /* read keys */
7069 total_len = sizeof(struct scsi_per_res_in_keys) +
7071 sizeof(struct scsi_per_res_key);
7073 case SPRI_RR: /* read reservation */
7074 if (lun->flags & CTL_LUN_PR_RESERVED)
7075 total_len = sizeof(struct scsi_per_res_in_rsrv);
7077 total_len = sizeof(struct scsi_per_res_in_header);
7079 case SPRI_RC: /* report capabilities */
7080 total_len = sizeof(struct scsi_per_res_cap);
7082 case SPRI_RS: /* read full status */
7084 mtx_unlock(&softc->ctl_lock);
7085 ctl_set_invalid_field(ctsio,
7091 ctl_done((union ctl_io *)ctsio);
7092 return (CTL_RETVAL_COMPLETE);
7093 break; /* NOTREACHED */
7095 mtx_unlock(&softc->ctl_lock);
7097 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO);
7099 if (total_len < alloc_len) {
7100 ctsio->residual = alloc_len - total_len;
7101 ctsio->kern_data_len = total_len;
7102 ctsio->kern_total_len = total_len;
7104 ctsio->residual = 0;
7105 ctsio->kern_data_len = alloc_len;
7106 ctsio->kern_total_len = alloc_len;
7109 ctsio->kern_data_resid = 0;
7110 ctsio->kern_rel_offset = 0;
7111 ctsio->kern_sg_entries = 0;
7113 mtx_lock(&softc->ctl_lock);
7114 switch (cdb->action) {
7115 case SPRI_RK: { // read keys
7116 struct scsi_per_res_in_keys *res_keys;
7119 res_keys = (struct scsi_per_res_in_keys*)ctsio->kern_data_ptr;
7122 * We had to drop the lock to allocate our buffer, which
7123 * leaves time for someone to come in with another
7124 * persistent reservation. (That is unlikely, though,
7125 * since this should be the only persistent reservation
7126 * command active right now.)
7128 if (total_len != (sizeof(struct scsi_per_res_in_keys) +
7129 (lun->pr_key_count *
7130 sizeof(struct scsi_per_res_key)))){
7131 mtx_unlock(&softc->ctl_lock);
7132 free(ctsio->kern_data_ptr, M_CTL);
7133 printf("%s: reservation length changed, retrying\n",
7138 scsi_ulto4b(lun->PRGeneration, res_keys->header.generation);
7140 scsi_ulto4b(sizeof(struct scsi_per_res_key) *
7141 lun->pr_key_count, res_keys->header.length);
7143 for (i = 0, key_count = 0; i < 2*CTL_MAX_INITIATORS; i++) {
7144 if (!lun->per_res[i].registered)
7148 * We used lun->pr_key_count to calculate the
7149 * size to allocate. If it turns out the number of
7150 * initiators with the registered flag set is
7151 * larger than that (i.e. they haven't been kept in
7152 * sync), we've got a problem.
7154 if (key_count >= lun->pr_key_count) {
7156 csevent_log(CSC_CTL | CSC_SHELF_SW |
7158 csevent_LogType_Fault,
7159 csevent_AlertLevel_Yellow,
7160 csevent_FRU_ShelfController,
7161 csevent_FRU_Firmware,
7162 csevent_FRU_Unknown,
7163 "registered keys %d >= key "
7164 "count %d", key_count,
7170 memcpy(res_keys->keys[key_count].key,
7171 lun->per_res[i].res_key.key,
7172 ctl_min(sizeof(res_keys->keys[key_count].key),
7173 sizeof(lun->per_res[i].res_key)));
7178 case SPRI_RR: { // read reservation
7179 struct scsi_per_res_in_rsrv *res;
7180 int tmp_len, header_only;
7182 res = (struct scsi_per_res_in_rsrv *)ctsio->kern_data_ptr;
7184 scsi_ulto4b(lun->PRGeneration, res->header.generation);
7186 if (lun->flags & CTL_LUN_PR_RESERVED)
7188 tmp_len = sizeof(struct scsi_per_res_in_rsrv);
7189 scsi_ulto4b(sizeof(struct scsi_per_res_in_rsrv_data),
7190 res->header.length);
7193 tmp_len = sizeof(struct scsi_per_res_in_header);
7194 scsi_ulto4b(0, res->header.length);
7199 * We had to drop the lock to allocate our buffer, which
7200 * leaves time for someone to come in with another
7201 * persistent reservation. (That is unlikely, though,
7202 * since this should be the only persistent reservation
7203 * command active right now.)
7205 if (tmp_len != total_len) {
7206 mtx_unlock(&softc->ctl_lock);
7207 free(ctsio->kern_data_ptr, M_CTL);
7208 printf("%s: reservation status changed, retrying\n",
7214 * No reservation held, so we're done.
7216 if (header_only != 0)
7220 * If the registration is an All Registrants type, the key
7221 * is 0, since it doesn't really matter.
7223 if (lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS) {
7224 memcpy(res->data.reservation,
7225 &lun->per_res[lun->pr_res_idx].res_key,
7226 sizeof(struct scsi_per_res_key));
7228 res->data.scopetype = lun->res_type;
7231 case SPRI_RC: //report capabilities
7233 struct scsi_per_res_cap *res_cap;
7236 res_cap = (struct scsi_per_res_cap *)ctsio->kern_data_ptr;
7237 scsi_ulto2b(sizeof(*res_cap), res_cap->length);
7238 res_cap->flags2 |= SPRI_TMV;
7239 type_mask = SPRI_TM_WR_EX_AR |
7245 scsi_ulto2b(type_mask, res_cap->type_mask);
7248 case SPRI_RS: //read full status
7251 * This is a bug, because we just checked for this above,
7252 * and should have returned an error.
7254 panic("Invalid PR type %x", cdb->action);
7255 break; /* NOTREACHED */
7257 mtx_unlock(&softc->ctl_lock);
7259 ctsio->be_move_done = ctl_config_move_done;
7261 CTL_DEBUG_PRINT(("buf = %x %x %x %x %x %x %x %x\n",
7262 ctsio->kern_data_ptr[0], ctsio->kern_data_ptr[1],
7263 ctsio->kern_data_ptr[2], ctsio->kern_data_ptr[3],
7264 ctsio->kern_data_ptr[4], ctsio->kern_data_ptr[5],
7265 ctsio->kern_data_ptr[6], ctsio->kern_data_ptr[7]));
7267 ctl_datamove((union ctl_io *)ctsio);
7269 return (CTL_RETVAL_COMPLETE);
7273 * Returns 0 if ctl_persistent_reserve_out() should continue, non-zero if
7277 ctl_pro_preempt(struct ctl_softc *softc, struct ctl_lun *lun, uint64_t res_key,
7278 uint64_t sa_res_key, uint8_t type, uint32_t residx,
7279 struct ctl_scsiio *ctsio, struct scsi_per_res_out *cdb,
7280 struct scsi_per_res_out_parms* param)
7282 union ctl_ha_msg persis_io;
7288 if (sa_res_key == 0) {
7289 mtx_lock(&softc->ctl_lock);
7290 if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) {
7291 /* validate scope and type */
7292 if ((cdb->scope_type & SPR_SCOPE_MASK) !=
7294 mtx_unlock(&softc->ctl_lock);
7295 ctl_set_invalid_field(/*ctsio*/ ctsio,
7301 ctl_done((union ctl_io *)ctsio);
7305 if (type>8 || type==2 || type==4 || type==0) {
7306 mtx_unlock(&softc->ctl_lock);
7307 ctl_set_invalid_field(/*ctsio*/ ctsio,
7313 ctl_done((union ctl_io *)ctsio);
7317 /* temporarily unregister this nexus */
7318 lun->per_res[residx].registered = 0;
7321 * Unregister everybody else and build UA for
7324 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7325 if (lun->per_res[i].registered == 0)
7329 && i <CTL_MAX_INITIATORS)
7330 lun->pending_sense[i].ua_pending |=
7332 else if (persis_offset
7333 && i >= persis_offset)
7334 lun->pending_sense[i-persis_offset
7337 lun->per_res[i].registered = 0;
7338 memset(&lun->per_res[i].res_key, 0,
7339 sizeof(struct scsi_per_res_key));
7341 lun->per_res[residx].registered = 1;
7342 lun->pr_key_count = 1;
7343 lun->res_type = type;
7344 if (lun->res_type != SPR_TYPE_WR_EX_AR
7345 && lun->res_type != SPR_TYPE_EX_AC_AR)
7346 lun->pr_res_idx = residx;
7348 mtx_unlock(&softc->ctl_lock);
7349 /* send msg to other side */
7350 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
7351 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
7352 persis_io.pr.pr_info.action = CTL_PR_PREEMPT;
7353 persis_io.pr.pr_info.residx = lun->pr_res_idx;
7354 persis_io.pr.pr_info.res_type = type;
7355 memcpy(persis_io.pr.pr_info.sa_res_key,
7356 param->serv_act_res_key,
7357 sizeof(param->serv_act_res_key));
7358 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
7359 &persis_io, sizeof(persis_io), 0)) >
7360 CTL_HA_STATUS_SUCCESS) {
7361 printf("CTL:Persis Out error returned "
7362 "from ctl_ha_msg_send %d\n",
7366 /* not all registrants */
7367 mtx_unlock(&softc->ctl_lock);
7368 free(ctsio->kern_data_ptr, M_CTL);
7369 ctl_set_invalid_field(ctsio,
7375 ctl_done((union ctl_io *)ctsio);
7378 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS
7379 || !(lun->flags & CTL_LUN_PR_RESERVED)) {
7382 mtx_lock(&softc->ctl_lock);
7383 if (res_key == sa_res_key) {
7386 * The spec implies this is not good but doesn't
7387 * say what to do. There are two choices either
7388 * generate a res conflict or check condition
7389 * with illegal field in parameter data. Since
7390 * that is what is done when the sa_res_key is
7391 * zero I'll take that approach since this has
7392 * to do with the sa_res_key.
7394 mtx_unlock(&softc->ctl_lock);
7395 free(ctsio->kern_data_ptr, M_CTL);
7396 ctl_set_invalid_field(ctsio,
7402 ctl_done((union ctl_io *)ctsio);
7406 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7407 if (lun->per_res[i].registered
7408 && memcmp(param->serv_act_res_key,
7409 lun->per_res[i].res_key.key,
7410 sizeof(struct scsi_per_res_key)) != 0)
7414 lun->per_res[i].registered = 0;
7415 memset(&lun->per_res[i].res_key, 0,
7416 sizeof(struct scsi_per_res_key));
7417 lun->pr_key_count--;
7420 && i < CTL_MAX_INITIATORS)
7421 lun->pending_sense[i].ua_pending |=
7423 else if (persis_offset
7424 && i >= persis_offset)
7425 lun->pending_sense[i-persis_offset].ua_pending|=
7428 mtx_unlock(&softc->ctl_lock);
7430 free(ctsio->kern_data_ptr, M_CTL);
7431 ctl_set_reservation_conflict(ctsio);
7432 ctl_done((union ctl_io *)ctsio);
7433 return (CTL_RETVAL_COMPLETE);
7435 /* send msg to other side */
7436 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
7437 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
7438 persis_io.pr.pr_info.action = CTL_PR_PREEMPT;
7439 persis_io.pr.pr_info.residx = lun->pr_res_idx;
7440 persis_io.pr.pr_info.res_type = type;
7441 memcpy(persis_io.pr.pr_info.sa_res_key,
7442 param->serv_act_res_key,
7443 sizeof(param->serv_act_res_key));
7444 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
7445 &persis_io, sizeof(persis_io), 0)) >
7446 CTL_HA_STATUS_SUCCESS) {
7447 printf("CTL:Persis Out error returned from "
7448 "ctl_ha_msg_send %d\n", isc_retval);
7451 /* Reserved but not all registrants */
7452 /* sa_res_key is res holder */
7453 if (memcmp(param->serv_act_res_key,
7454 lun->per_res[lun->pr_res_idx].res_key.key,
7455 sizeof(struct scsi_per_res_key)) == 0) {
7456 /* validate scope and type */
7457 if ((cdb->scope_type & SPR_SCOPE_MASK) !=
7459 ctl_set_invalid_field(/*ctsio*/ ctsio,
7465 ctl_done((union ctl_io *)ctsio);
7469 if (type>8 || type==2 || type==4 || type==0) {
7470 ctl_set_invalid_field(/*ctsio*/ ctsio,
7476 ctl_done((union ctl_io *)ctsio);
7482 * if sa_res_key != res_key remove all
7483 * registrants w/sa_res_key and generate UA
7484 * for these registrants(Registrations
7485 * Preempted) if it wasn't an exclusive
7486 * reservation generate UA(Reservations
7487 * Preempted) for all other registered nexuses
7488 * if the type has changed. Establish the new
7489 * reservation and holder. If res_key and
7490 * sa_res_key are the same do the above
7491 * except don't unregister the res holder.
7495 * Temporarily unregister so it won't get
7496 * removed or UA generated
7498 lun->per_res[residx].registered = 0;
7499 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7500 if (lun->per_res[i].registered == 0)
7503 if (memcmp(param->serv_act_res_key,
7504 lun->per_res[i].res_key.key,
7505 sizeof(struct scsi_per_res_key)) == 0) {
7506 lun->per_res[i].registered = 0;
7507 memset(&lun->per_res[i].res_key,
7509 sizeof(struct scsi_per_res_key));
7510 lun->pr_key_count--;
7513 && i < CTL_MAX_INITIATORS)
7514 lun->pending_sense[i
7517 else if (persis_offset
7518 && i >= persis_offset)
7520 i-persis_offset].ua_pending |=
7522 } else if (type != lun->res_type
7523 && (lun->res_type == SPR_TYPE_WR_EX_RO
7524 || lun->res_type ==SPR_TYPE_EX_AC_RO)){
7526 && i < CTL_MAX_INITIATORS)
7527 lun->pending_sense[i
7530 else if (persis_offset
7531 && i >= persis_offset)
7538 lun->per_res[residx].registered = 1;
7539 lun->res_type = type;
7540 if (lun->res_type != SPR_TYPE_WR_EX_AR
7541 && lun->res_type != SPR_TYPE_EX_AC_AR)
7542 lun->pr_res_idx = residx;
7545 CTL_PR_ALL_REGISTRANTS;
7547 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
7548 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
7549 persis_io.pr.pr_info.action = CTL_PR_PREEMPT;
7550 persis_io.pr.pr_info.residx = lun->pr_res_idx;
7551 persis_io.pr.pr_info.res_type = type;
7552 memcpy(persis_io.pr.pr_info.sa_res_key,
7553 param->serv_act_res_key,
7554 sizeof(param->serv_act_res_key));
7555 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
7556 &persis_io, sizeof(persis_io), 0)) >
7557 CTL_HA_STATUS_SUCCESS) {
7558 printf("CTL:Persis Out error returned "
7559 "from ctl_ha_msg_send %d\n",
7564 * sa_res_key is not the res holder just
7565 * remove registrants
7568 mtx_lock(&softc->ctl_lock);
7570 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7571 if (memcmp(param->serv_act_res_key,
7572 lun->per_res[i].res_key.key,
7573 sizeof(struct scsi_per_res_key)) != 0)
7577 lun->per_res[i].registered = 0;
7578 memset(&lun->per_res[i].res_key, 0,
7579 sizeof(struct scsi_per_res_key));
7580 lun->pr_key_count--;
7583 && i < CTL_MAX_INITIATORS)
7584 lun->pending_sense[i].ua_pending |=
7586 else if (persis_offset
7587 && i >= persis_offset)
7589 i-persis_offset].ua_pending |=
7594 mtx_unlock(&softc->ctl_lock);
7595 free(ctsio->kern_data_ptr, M_CTL);
7596 ctl_set_reservation_conflict(ctsio);
7597 ctl_done((union ctl_io *)ctsio);
7600 mtx_unlock(&softc->ctl_lock);
7601 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
7602 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
7603 persis_io.pr.pr_info.action = CTL_PR_PREEMPT;
7604 persis_io.pr.pr_info.residx = lun->pr_res_idx;
7605 persis_io.pr.pr_info.res_type = type;
7606 memcpy(persis_io.pr.pr_info.sa_res_key,
7607 param->serv_act_res_key,
7608 sizeof(param->serv_act_res_key));
7609 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
7610 &persis_io, sizeof(persis_io), 0)) >
7611 CTL_HA_STATUS_SUCCESS) {
7612 printf("CTL:Persis Out error returned "
7613 "from ctl_ha_msg_send %d\n",
7619 lun->PRGeneration++;
7625 ctl_pro_preempt_other(struct ctl_lun *lun, union ctl_ha_msg *msg)
7629 if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS
7630 || lun->pr_res_idx == CTL_PR_NO_RESERVATION
7631 || memcmp(&lun->per_res[lun->pr_res_idx].res_key,
7632 msg->pr.pr_info.sa_res_key,
7633 sizeof(struct scsi_per_res_key)) != 0) {
7634 uint64_t sa_res_key;
7635 sa_res_key = scsi_8btou64(msg->pr.pr_info.sa_res_key);
7637 if (sa_res_key == 0) {
7638 /* temporarily unregister this nexus */
7639 lun->per_res[msg->pr.pr_info.residx].registered = 0;
7642 * Unregister everybody else and build UA for
7645 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7646 if (lun->per_res[i].registered == 0)
7650 && i < CTL_MAX_INITIATORS)
7651 lun->pending_sense[i].ua_pending |=
7653 else if (persis_offset && i >= persis_offset)
7654 lun->pending_sense[i -
7655 persis_offset].ua_pending |=
7657 lun->per_res[i].registered = 0;
7658 memset(&lun->per_res[i].res_key, 0,
7659 sizeof(struct scsi_per_res_key));
7662 lun->per_res[msg->pr.pr_info.residx].registered = 1;
7663 lun->pr_key_count = 1;
7664 lun->res_type = msg->pr.pr_info.res_type;
7665 if (lun->res_type != SPR_TYPE_WR_EX_AR
7666 && lun->res_type != SPR_TYPE_EX_AC_AR)
7667 lun->pr_res_idx = msg->pr.pr_info.residx;
7669 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7670 if (memcmp(msg->pr.pr_info.sa_res_key,
7671 lun->per_res[i].res_key.key,
7672 sizeof(struct scsi_per_res_key)) != 0)
7675 lun->per_res[i].registered = 0;
7676 memset(&lun->per_res[i].res_key, 0,
7677 sizeof(struct scsi_per_res_key));
7678 lun->pr_key_count--;
7681 && i < persis_offset)
7682 lun->pending_sense[i].ua_pending |=
7684 else if (persis_offset
7685 && i >= persis_offset)
7686 lun->pending_sense[i -
7687 persis_offset].ua_pending |=
7693 * Temporarily unregister so it won't get removed
7696 lun->per_res[msg->pr.pr_info.residx].registered = 0;
7697 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) {
7698 if (lun->per_res[i].registered == 0)
7701 if (memcmp(msg->pr.pr_info.sa_res_key,
7702 lun->per_res[i].res_key.key,
7703 sizeof(struct scsi_per_res_key)) == 0) {
7704 lun->per_res[i].registered = 0;
7705 memset(&lun->per_res[i].res_key, 0,
7706 sizeof(struct scsi_per_res_key));
7707 lun->pr_key_count--;
7709 && i < CTL_MAX_INITIATORS)
7710 lun->pending_sense[i].ua_pending |=
7712 else if (persis_offset
7713 && i >= persis_offset)
7714 lun->pending_sense[i -
7715 persis_offset].ua_pending |=
7717 } else if (msg->pr.pr_info.res_type != lun->res_type
7718 && (lun->res_type == SPR_TYPE_WR_EX_RO
7719 || lun->res_type == SPR_TYPE_EX_AC_RO)) {
7721 && i < persis_offset)
7722 lun->pending_sense[i
7725 else if (persis_offset
7726 && i >= persis_offset)
7727 lun->pending_sense[i -
7728 persis_offset].ua_pending |=
7732 lun->per_res[msg->pr.pr_info.residx].registered = 1;
7733 lun->res_type = msg->pr.pr_info.res_type;
7734 if (lun->res_type != SPR_TYPE_WR_EX_AR
7735 && lun->res_type != SPR_TYPE_EX_AC_AR)
7736 lun->pr_res_idx = msg->pr.pr_info.residx;
7738 lun->pr_res_idx = CTL_PR_ALL_REGISTRANTS;
7740 lun->PRGeneration++;
7746 ctl_persistent_reserve_out(struct ctl_scsiio *ctsio)
7750 u_int32_t param_len;
7751 struct scsi_per_res_out *cdb;
7752 struct ctl_lun *lun;
7753 struct scsi_per_res_out_parms* param;
7754 struct ctl_softc *softc;
7756 uint64_t res_key, sa_res_key;
7758 union ctl_ha_msg persis_io;
7761 CTL_DEBUG_PRINT(("ctl_persistent_reserve_out\n"));
7763 retval = CTL_RETVAL_COMPLETE;
7765 softc = control_softc;
7767 cdb = (struct scsi_per_res_out *)ctsio->cdb;
7768 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
7771 * We only support whole-LUN scope. The scope & type are ignored for
7772 * register, register and ignore existing key and clear.
7773 * We sometimes ignore scope and type on preempts too!!
7774 * Verify reservation type here as well.
7776 type = cdb->scope_type & SPR_TYPE_MASK;
7777 if ((cdb->action == SPRO_RESERVE)
7778 || (cdb->action == SPRO_RELEASE)) {
7779 if ((cdb->scope_type & SPR_SCOPE_MASK) != SPR_LU_SCOPE) {
7780 ctl_set_invalid_field(/*ctsio*/ ctsio,
7786 ctl_done((union ctl_io *)ctsio);
7787 return (CTL_RETVAL_COMPLETE);
7790 if (type>8 || type==2 || type==4 || type==0) {
7791 ctl_set_invalid_field(/*ctsio*/ ctsio,
7797 ctl_done((union ctl_io *)ctsio);
7798 return (CTL_RETVAL_COMPLETE);
7802 switch (cdb->action & SPRO_ACTION_MASK) {
7813 ctl_set_invalid_field(/*ctsio*/ ctsio,
7819 ctl_done((union ctl_io *)ctsio);
7820 return (CTL_RETVAL_COMPLETE);
7821 break; /* NOTREACHED */
7824 param_len = scsi_4btoul(cdb->length);
7826 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) {
7827 ctsio->kern_data_ptr = malloc(param_len, M_CTL, M_WAITOK);
7828 ctsio->kern_data_len = param_len;
7829 ctsio->kern_total_len = param_len;
7830 ctsio->kern_data_resid = 0;
7831 ctsio->kern_rel_offset = 0;
7832 ctsio->kern_sg_entries = 0;
7833 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED;
7834 ctsio->be_move_done = ctl_config_move_done;
7835 ctl_datamove((union ctl_io *)ctsio);
7837 return (CTL_RETVAL_COMPLETE);
7840 param = (struct scsi_per_res_out_parms *)ctsio->kern_data_ptr;
7842 residx = ctl_get_resindex(&ctsio->io_hdr.nexus);
7843 res_key = scsi_8btou64(param->res_key.key);
7844 sa_res_key = scsi_8btou64(param->serv_act_res_key);
7847 * Validate the reservation key here except for SPRO_REG_IGNO
7848 * This must be done for all other service actions
7850 if ((cdb->action & SPRO_ACTION_MASK) != SPRO_REG_IGNO) {
7851 mtx_lock(&softc->ctl_lock);
7852 if (lun->per_res[residx].registered) {
7853 if (memcmp(param->res_key.key,
7854 lun->per_res[residx].res_key.key,
7855 ctl_min(sizeof(param->res_key),
7856 sizeof(lun->per_res[residx].res_key))) != 0) {
7858 * The current key passed in doesn't match
7859 * the one the initiator previously
7862 mtx_unlock(&softc->ctl_lock);
7863 free(ctsio->kern_data_ptr, M_CTL);
7864 ctl_set_reservation_conflict(ctsio);
7865 ctl_done((union ctl_io *)ctsio);
7866 return (CTL_RETVAL_COMPLETE);
7868 } else if ((cdb->action & SPRO_ACTION_MASK) != SPRO_REGISTER) {
7870 * We are not registered
7872 mtx_unlock(&softc->ctl_lock);
7873 free(ctsio->kern_data_ptr, M_CTL);
7874 ctl_set_reservation_conflict(ctsio);
7875 ctl_done((union ctl_io *)ctsio);
7876 return (CTL_RETVAL_COMPLETE);
7877 } else if (res_key != 0) {
7879 * We are not registered and trying to register but
7880 * the register key isn't zero.
7882 mtx_unlock(&softc->ctl_lock);
7883 free(ctsio->kern_data_ptr, M_CTL);
7884 ctl_set_reservation_conflict(ctsio);
7885 ctl_done((union ctl_io *)ctsio);
7886 return (CTL_RETVAL_COMPLETE);
7888 mtx_unlock(&softc->ctl_lock);
7891 switch (cdb->action & SPRO_ACTION_MASK) {
7893 case SPRO_REG_IGNO: {
7896 printf("Registration received\n");
7900 * We don't support any of these options, as we report in
7901 * the read capabilities request (see
7902 * ctl_persistent_reserve_in(), above).
7904 if ((param->flags & SPR_SPEC_I_PT)
7905 || (param->flags & SPR_ALL_TG_PT)
7906 || (param->flags & SPR_APTPL)) {
7909 if (param->flags & SPR_APTPL)
7911 else if (param->flags & SPR_ALL_TG_PT)
7913 else /* SPR_SPEC_I_PT */
7916 free(ctsio->kern_data_ptr, M_CTL);
7917 ctl_set_invalid_field(ctsio,
7923 ctl_done((union ctl_io *)ctsio);
7924 return (CTL_RETVAL_COMPLETE);
7927 mtx_lock(&softc->ctl_lock);
7930 * The initiator wants to clear the
7933 if (sa_res_key == 0) {
7935 && (cdb->action & SPRO_ACTION_MASK) == SPRO_REGISTER)
7936 || ((cdb->action & SPRO_ACTION_MASK) == SPRO_REG_IGNO
7937 && !lun->per_res[residx].registered)) {
7938 mtx_unlock(&softc->ctl_lock);
7942 lun->per_res[residx].registered = 0;
7943 memset(&lun->per_res[residx].res_key,
7944 0, sizeof(lun->per_res[residx].res_key));
7945 lun->pr_key_count--;
7947 if (residx == lun->pr_res_idx) {
7948 lun->flags &= ~CTL_LUN_PR_RESERVED;
7949 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
7951 if ((lun->res_type == SPR_TYPE_WR_EX_RO
7952 || lun->res_type == SPR_TYPE_EX_AC_RO)
7953 && lun->pr_key_count) {
7955 * If the reservation is a registrants
7956 * only type we need to generate a UA
7957 * for other registered inits. The
7958 * sense code should be RESERVATIONS
7962 for (i = 0; i < CTL_MAX_INITIATORS;i++){
7964 i+persis_offset].registered
7967 lun->pending_sense[i
7973 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) {
7974 if (lun->pr_key_count==0) {
7975 lun->flags &= ~CTL_LUN_PR_RESERVED;
7977 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
7980 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
7981 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
7982 persis_io.pr.pr_info.action = CTL_PR_UNREG_KEY;
7983 persis_io.pr.pr_info.residx = residx;
7984 if ((isc_retval = ctl_ha_msg_send(CTL_HA_CHAN_CTL,
7985 &persis_io, sizeof(persis_io), 0 )) >
7986 CTL_HA_STATUS_SUCCESS) {
7987 printf("CTL:Persis Out error returned from "
7988 "ctl_ha_msg_send %d\n", isc_retval);
7990 mtx_unlock(&softc->ctl_lock);
7991 } else /* sa_res_key != 0 */ {
7994 * If we aren't registered currently then increment
7995 * the key count and set the registered flag.
7997 if (!lun->per_res[residx].registered) {
7998 lun->pr_key_count++;
7999 lun->per_res[residx].registered = 1;
8002 memcpy(&lun->per_res[residx].res_key,
8003 param->serv_act_res_key,
8004 ctl_min(sizeof(param->serv_act_res_key),
8005 sizeof(lun->per_res[residx].res_key)));
8007 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
8008 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
8009 persis_io.pr.pr_info.action = CTL_PR_REG_KEY;
8010 persis_io.pr.pr_info.residx = residx;
8011 memcpy(persis_io.pr.pr_info.sa_res_key,
8012 param->serv_act_res_key,
8013 sizeof(param->serv_act_res_key));
8014 mtx_unlock(&softc->ctl_lock);
8015 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
8016 &persis_io, sizeof(persis_io), 0)) >
8017 CTL_HA_STATUS_SUCCESS) {
8018 printf("CTL:Persis Out error returned from "
8019 "ctl_ha_msg_send %d\n", isc_retval);
8022 lun->PRGeneration++;
8028 printf("Reserve executed type %d\n", type);
8030 mtx_lock(&softc->ctl_lock);
8031 if (lun->flags & CTL_LUN_PR_RESERVED) {
8033 * if this isn't the reservation holder and it's
8034 * not a "all registrants" type or if the type is
8035 * different then we have a conflict
8037 if ((lun->pr_res_idx != residx
8038 && lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS)
8039 || lun->res_type != type) {
8040 mtx_unlock(&softc->ctl_lock);
8041 free(ctsio->kern_data_ptr, M_CTL);
8042 ctl_set_reservation_conflict(ctsio);
8043 ctl_done((union ctl_io *)ctsio);
8044 return (CTL_RETVAL_COMPLETE);
8046 } else /* create a reservation */ {
8048 * If it's not an "all registrants" type record
8049 * reservation holder
8051 if (type != SPR_TYPE_WR_EX_AR
8052 && type != SPR_TYPE_EX_AC_AR)
8053 lun->pr_res_idx = residx; /* Res holder */
8055 lun->pr_res_idx = CTL_PR_ALL_REGISTRANTS;
8057 lun->flags |= CTL_LUN_PR_RESERVED;
8058 lun->res_type = type;
8060 mtx_unlock(&softc->ctl_lock);
8062 /* send msg to other side */
8063 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
8064 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
8065 persis_io.pr.pr_info.action = CTL_PR_RESERVE;
8066 persis_io.pr.pr_info.residx = lun->pr_res_idx;
8067 persis_io.pr.pr_info.res_type = type;
8068 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
8069 &persis_io, sizeof(persis_io), 0)) >
8070 CTL_HA_STATUS_SUCCESS) {
8071 printf("CTL:Persis Out error returned from "
8072 "ctl_ha_msg_send %d\n", isc_retval);
8078 mtx_lock(&softc->ctl_lock);
8079 if ((lun->flags & CTL_LUN_PR_RESERVED) == 0) {
8080 /* No reservation exists return good status */
8081 mtx_unlock(&softc->ctl_lock);
8085 * Is this nexus a reservation holder?
8087 if (lun->pr_res_idx != residx
8088 && lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS) {
8090 * not a res holder return good status but
8093 mtx_unlock(&softc->ctl_lock);
8097 if (lun->res_type != type) {
8098 mtx_unlock(&softc->ctl_lock);
8099 free(ctsio->kern_data_ptr, M_CTL);
8100 ctl_set_illegal_pr_release(ctsio);
8101 ctl_done((union ctl_io *)ctsio);
8102 return (CTL_RETVAL_COMPLETE);
8105 /* okay to release */
8106 lun->flags &= ~CTL_LUN_PR_RESERVED;
8107 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8111 * if this isn't an exclusive access
8112 * res generate UA for all other
8115 if (type != SPR_TYPE_EX_AC
8116 && type != SPR_TYPE_WR_EX) {
8118 * temporarily unregister so we don't generate UA
8120 lun->per_res[residx].registered = 0;
8122 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
8123 if (lun->per_res[i+persis_offset].registered
8126 lun->pending_sense[i].ua_pending |=
8130 lun->per_res[residx].registered = 1;
8132 mtx_unlock(&softc->ctl_lock);
8133 /* Send msg to other side */
8134 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
8135 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
8136 persis_io.pr.pr_info.action = CTL_PR_RELEASE;
8137 if ((isc_retval=ctl_ha_msg_send( CTL_HA_CHAN_CTL, &persis_io,
8138 sizeof(persis_io), 0)) > CTL_HA_STATUS_SUCCESS) {
8139 printf("CTL:Persis Out error returned from "
8140 "ctl_ha_msg_send %d\n", isc_retval);
8145 /* send msg to other side */
8147 mtx_lock(&softc->ctl_lock);
8148 lun->flags &= ~CTL_LUN_PR_RESERVED;
8150 lun->pr_key_count = 0;
8151 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8154 memset(&lun->per_res[residx].res_key,
8155 0, sizeof(lun->per_res[residx].res_key));
8156 lun->per_res[residx].registered = 0;
8158 for (i=0; i < 2*CTL_MAX_INITIATORS; i++)
8159 if (lun->per_res[i].registered) {
8160 if (!persis_offset && i < CTL_MAX_INITIATORS)
8161 lun->pending_sense[i].ua_pending |=
8163 else if (persis_offset && i >= persis_offset)
8164 lun->pending_sense[i-persis_offset
8165 ].ua_pending |= CTL_UA_RES_PREEMPT;
8167 memset(&lun->per_res[i].res_key,
8168 0, sizeof(struct scsi_per_res_key));
8169 lun->per_res[i].registered = 0;
8171 lun->PRGeneration++;
8172 mtx_unlock(&softc->ctl_lock);
8173 persis_io.hdr.nexus = ctsio->io_hdr.nexus;
8174 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION;
8175 persis_io.pr.pr_info.action = CTL_PR_CLEAR;
8176 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, &persis_io,
8177 sizeof(persis_io), 0)) > CTL_HA_STATUS_SUCCESS) {
8178 printf("CTL:Persis Out error returned from "
8179 "ctl_ha_msg_send %d\n", isc_retval);
8183 case SPRO_PREEMPT: {
8186 nretval = ctl_pro_preempt(softc, lun, res_key, sa_res_key, type,
8187 residx, ctsio, cdb, param);
8189 return (CTL_RETVAL_COMPLETE);
8195 free(ctsio->kern_data_ptr, M_CTL);
8196 ctl_set_invalid_field(/*ctsio*/ ctsio,
8202 ctl_done((union ctl_io *)ctsio);
8203 return (CTL_RETVAL_COMPLETE);
8204 break; /* NOTREACHED */
8208 free(ctsio->kern_data_ptr, M_CTL);
8209 ctl_set_success(ctsio);
8210 ctl_done((union ctl_io *)ctsio);
8216 * This routine is for handling a message from the other SC pertaining to
8217 * persistent reserve out. All the error checking will have been done
8218 * so only perorming the action need be done here to keep the two
8222 ctl_hndl_per_res_out_on_other_sc(union ctl_ha_msg *msg)
8224 struct ctl_lun *lun;
8225 struct ctl_softc *softc;
8228 softc = control_softc;
8230 mtx_lock(&softc->ctl_lock);
8232 lun = softc->ctl_luns[msg->hdr.nexus.targ_lun];
8233 switch(msg->pr.pr_info.action) {
8234 case CTL_PR_REG_KEY:
8235 if (!lun->per_res[msg->pr.pr_info.residx].registered) {
8236 lun->per_res[msg->pr.pr_info.residx].registered = 1;
8237 lun->pr_key_count++;
8239 lun->PRGeneration++;
8240 memcpy(&lun->per_res[msg->pr.pr_info.residx].res_key,
8241 msg->pr.pr_info.sa_res_key,
8242 sizeof(struct scsi_per_res_key));
8245 case CTL_PR_UNREG_KEY:
8246 lun->per_res[msg->pr.pr_info.residx].registered = 0;
8247 memset(&lun->per_res[msg->pr.pr_info.residx].res_key,
8248 0, sizeof(struct scsi_per_res_key));
8249 lun->pr_key_count--;
8251 /* XXX Need to see if the reservation has been released */
8252 /* if so do we need to generate UA? */
8253 if (msg->pr.pr_info.residx == lun->pr_res_idx) {
8254 lun->flags &= ~CTL_LUN_PR_RESERVED;
8255 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8257 if ((lun->res_type == SPR_TYPE_WR_EX_RO
8258 || lun->res_type == SPR_TYPE_EX_AC_RO)
8259 && lun->pr_key_count) {
8261 * If the reservation is a registrants
8262 * only type we need to generate a UA
8263 * for other registered inits. The
8264 * sense code should be RESERVATIONS
8268 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
8270 persis_offset].registered == 0)
8273 lun->pending_sense[i
8279 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) {
8280 if (lun->pr_key_count==0) {
8281 lun->flags &= ~CTL_LUN_PR_RESERVED;
8283 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8286 lun->PRGeneration++;
8289 case CTL_PR_RESERVE:
8290 lun->flags |= CTL_LUN_PR_RESERVED;
8291 lun->res_type = msg->pr.pr_info.res_type;
8292 lun->pr_res_idx = msg->pr.pr_info.residx;
8296 case CTL_PR_RELEASE:
8298 * if this isn't an exclusive access res generate UA for all
8299 * other registrants.
8301 if (lun->res_type != SPR_TYPE_EX_AC
8302 && lun->res_type != SPR_TYPE_WR_EX) {
8303 for (i = 0; i < CTL_MAX_INITIATORS; i++)
8304 if (lun->per_res[i+persis_offset].registered)
8305 lun->pending_sense[i].ua_pending |=
8309 lun->flags &= ~CTL_LUN_PR_RESERVED;
8310 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8314 case CTL_PR_PREEMPT:
8315 ctl_pro_preempt_other(lun, msg);
8318 lun->flags &= ~CTL_LUN_PR_RESERVED;
8320 lun->pr_key_count = 0;
8321 lun->pr_res_idx = CTL_PR_NO_RESERVATION;
8323 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) {
8324 if (lun->per_res[i].registered == 0)
8327 && i < CTL_MAX_INITIATORS)
8328 lun->pending_sense[i].ua_pending |=
8330 else if (persis_offset
8331 && i >= persis_offset)
8332 lun->pending_sense[i-persis_offset].ua_pending|=
8334 memset(&lun->per_res[i].res_key, 0,
8335 sizeof(struct scsi_per_res_key));
8336 lun->per_res[i].registered = 0;
8338 lun->PRGeneration++;
8342 mtx_unlock(&softc->ctl_lock);
8346 ctl_read_write(struct ctl_scsiio *ctsio)
8348 struct ctl_lun *lun;
8349 struct ctl_lba_len lbalen;
8351 uint32_t num_blocks;
8352 int reladdr, fua, dpo, ebp;
8356 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8358 CTL_DEBUG_PRINT(("ctl_read_write: command: %#x\n", ctsio->cdb[0]));
8365 retval = CTL_RETVAL_COMPLETE;
8367 isread = ctsio->cdb[0] == READ_6 || ctsio->cdb[0] == READ_10
8368 || ctsio->cdb[0] == READ_12 || ctsio->cdb[0] == READ_16;
8369 if (lun->flags & CTL_LUN_PR_RESERVED && isread) {
8373 * XXX KDM need a lock here.
8375 residx = ctl_get_resindex(&ctsio->io_hdr.nexus);
8376 if ((lun->res_type == SPR_TYPE_EX_AC
8377 && residx != lun->pr_res_idx)
8378 || ((lun->res_type == SPR_TYPE_EX_AC_RO
8379 || lun->res_type == SPR_TYPE_EX_AC_AR)
8380 && !lun->per_res[residx].registered)) {
8381 ctl_set_reservation_conflict(ctsio);
8382 ctl_done((union ctl_io *)ctsio);
8383 return (CTL_RETVAL_COMPLETE);
8387 switch (ctsio->cdb[0]) {
8390 struct scsi_rw_6 *cdb;
8392 cdb = (struct scsi_rw_6 *)ctsio->cdb;
8394 lba = scsi_3btoul(cdb->addr);
8395 /* only 5 bits are valid in the most significant address byte */
8397 num_blocks = cdb->length;
8399 * This is correct according to SBC-2.
8401 if (num_blocks == 0)
8407 struct scsi_rw_10 *cdb;
8409 cdb = (struct scsi_rw_10 *)ctsio->cdb;
8411 if (cdb->byte2 & SRW10_RELADDR)
8413 if (cdb->byte2 & SRW10_FUA)
8415 if (cdb->byte2 & SRW10_DPO)
8418 if ((cdb->opcode == WRITE_10)
8419 && (cdb->byte2 & SRW10_EBP))
8422 lba = scsi_4btoul(cdb->addr);
8423 num_blocks = scsi_2btoul(cdb->length);
8426 case WRITE_VERIFY_10: {
8427 struct scsi_write_verify_10 *cdb;
8429 cdb = (struct scsi_write_verify_10 *)ctsio->cdb;
8432 * XXX KDM we should do actual write verify support at some
8433 * point. This is obviously fake, we're just translating
8434 * things to a write. So we don't even bother checking the
8435 * BYTCHK field, since we don't do any verification. If
8436 * the user asks for it, we'll just pretend we did it.
8438 if (cdb->byte2 & SWV_DPO)
8441 lba = scsi_4btoul(cdb->addr);
8442 num_blocks = scsi_2btoul(cdb->length);
8447 struct scsi_rw_12 *cdb;
8449 cdb = (struct scsi_rw_12 *)ctsio->cdb;
8451 if (cdb->byte2 & SRW12_RELADDR)
8453 if (cdb->byte2 & SRW12_FUA)
8455 if (cdb->byte2 & SRW12_DPO)
8457 lba = scsi_4btoul(cdb->addr);
8458 num_blocks = scsi_4btoul(cdb->length);
8461 case WRITE_VERIFY_12: {
8462 struct scsi_write_verify_12 *cdb;
8464 cdb = (struct scsi_write_verify_12 *)ctsio->cdb;
8466 if (cdb->byte2 & SWV_DPO)
8469 lba = scsi_4btoul(cdb->addr);
8470 num_blocks = scsi_4btoul(cdb->length);
8476 struct scsi_rw_16 *cdb;
8478 cdb = (struct scsi_rw_16 *)ctsio->cdb;
8480 if (cdb->byte2 & SRW12_RELADDR)
8482 if (cdb->byte2 & SRW12_FUA)
8484 if (cdb->byte2 & SRW12_DPO)
8487 lba = scsi_8btou64(cdb->addr);
8488 num_blocks = scsi_4btoul(cdb->length);
8491 case WRITE_VERIFY_16: {
8492 struct scsi_write_verify_16 *cdb;
8494 cdb = (struct scsi_write_verify_16 *)ctsio->cdb;
8496 if (cdb->byte2 & SWV_DPO)
8499 lba = scsi_8btou64(cdb->addr);
8500 num_blocks = scsi_4btoul(cdb->length);
8505 * We got a command we don't support. This shouldn't
8506 * happen, commands should be filtered out above us.
8508 ctl_set_invalid_opcode(ctsio);
8509 ctl_done((union ctl_io *)ctsio);
8511 return (CTL_RETVAL_COMPLETE);
8512 break; /* NOTREACHED */
8516 * XXX KDM what do we do with the DPO and FUA bits? FUA might be
8517 * interesting for us, but if RAIDCore is in write-back mode,
8518 * getting it to do write-through for a particular transaction may
8522 * We don't support relative addressing. That also requires
8523 * supporting linked commands, which we don't do.
8526 ctl_set_invalid_field(ctsio,
8532 ctl_done((union ctl_io *)ctsio);
8533 return (CTL_RETVAL_COMPLETE);
8537 * The first check is to make sure we're in bounds, the second
8538 * check is to catch wrap-around problems. If the lba + num blocks
8539 * is less than the lba, then we've wrapped around and the block
8540 * range is invalid anyway.
8542 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1))
8543 || ((lba + num_blocks) < lba)) {
8544 ctl_set_lba_out_of_range(ctsio);
8545 ctl_done((union ctl_io *)ctsio);
8546 return (CTL_RETVAL_COMPLETE);
8550 * According to SBC-3, a transfer length of 0 is not an error.
8551 * Note that this cannot happen with WRITE(6) or READ(6), since 0
8552 * translates to 256 blocks for those commands.
8554 if (num_blocks == 0) {
8555 ctl_set_success(ctsio);
8556 ctl_done((union ctl_io *)ctsio);
8557 return (CTL_RETVAL_COMPLETE);
8561 lbalen.len = num_blocks;
8562 memcpy(ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN].bytes, &lbalen,
8565 CTL_DEBUG_PRINT(("ctl_read_write: calling data_submit()\n"));
8567 retval = lun->backend->data_submit((union ctl_io *)ctsio);
8573 ctl_report_luns(struct ctl_scsiio *ctsio)
8575 struct scsi_report_luns *cdb;
8576 struct scsi_report_luns_data *lun_data;
8577 struct ctl_lun *lun, *request_lun;
8578 int num_luns, retval;
8579 uint32_t alloc_len, lun_datalen;
8580 int num_filled, well_known;
8583 retval = CTL_RETVAL_COMPLETE;
8586 cdb = (struct scsi_report_luns *)ctsio->cdb;
8588 CTL_DEBUG_PRINT(("ctl_report_luns\n"));
8590 mtx_lock(&control_softc->ctl_lock);
8591 num_luns = control_softc->num_luns;
8592 mtx_unlock(&control_softc->ctl_lock);
8594 switch (cdb->select_report) {
8595 case RPL_REPORT_DEFAULT:
8596 case RPL_REPORT_ALL:
8598 case RPL_REPORT_WELLKNOWN:
8603 ctl_set_invalid_field(ctsio,
8609 ctl_done((union ctl_io *)ctsio);
8611 break; /* NOTREACHED */
8614 alloc_len = scsi_4btoul(cdb->length);
8616 * The initiator has to allocate at least 16 bytes for this request,
8617 * so he can at least get the header and the first LUN. Otherwise
8618 * we reject the request (per SPC-3 rev 14, section 6.21).
8620 if (alloc_len < (sizeof(struct scsi_report_luns_data) +
8621 sizeof(struct scsi_report_luns_lundata))) {
8622 ctl_set_invalid_field(ctsio,
8628 ctl_done((union ctl_io *)ctsio);
8632 request_lun = (struct ctl_lun *)
8633 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8635 lun_datalen = sizeof(*lun_data) +
8636 (num_luns * sizeof(struct scsi_report_luns_lundata));
8638 ctsio->kern_data_ptr = malloc(lun_datalen, M_CTL, M_WAITOK | M_ZERO);
8639 lun_data = (struct scsi_report_luns_data *)ctsio->kern_data_ptr;
8640 ctsio->kern_sg_entries = 0;
8642 if (lun_datalen < alloc_len) {
8643 ctsio->residual = alloc_len - lun_datalen;
8644 ctsio->kern_data_len = lun_datalen;
8645 ctsio->kern_total_len = lun_datalen;
8647 ctsio->residual = 0;
8648 ctsio->kern_data_len = alloc_len;
8649 ctsio->kern_total_len = alloc_len;
8651 ctsio->kern_data_resid = 0;
8652 ctsio->kern_rel_offset = 0;
8653 ctsio->kern_sg_entries = 0;
8655 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus);
8658 * We set this to the actual data length, regardless of how much
8659 * space we actually have to return results. If the user looks at
8660 * this value, he'll know whether or not he allocated enough space
8661 * and reissue the command if necessary. We don't support well
8662 * known logical units, so if the user asks for that, return none.
8664 scsi_ulto4b(lun_datalen - 8, lun_data->length);
8666 mtx_lock(&control_softc->ctl_lock);
8667 for (num_filled = 0, lun = STAILQ_FIRST(&control_softc->lun_list);
8668 (lun != NULL) && (num_filled < num_luns);
8669 lun = STAILQ_NEXT(lun, links)) {
8671 if (lun->lun <= 0xff) {
8673 * Peripheral addressing method, bus number 0.
8675 lun_data->luns[num_filled].lundata[0] =
8676 RPL_LUNDATA_ATYP_PERIPH;
8677 lun_data->luns[num_filled].lundata[1] = lun->lun;
8679 } else if (lun->lun <= 0x3fff) {
8681 * Flat addressing method.
8683 lun_data->luns[num_filled].lundata[0] =
8684 RPL_LUNDATA_ATYP_FLAT |
8685 (lun->lun & RPL_LUNDATA_FLAT_LUN_MASK);
8686 #ifdef OLDCTLHEADERS
8687 (SRLD_ADDR_FLAT << SRLD_ADDR_SHIFT) |
8688 (lun->lun & SRLD_BUS_LUN_MASK);
8690 lun_data->luns[num_filled].lundata[1] =
8691 #ifdef OLDCTLHEADERS
8692 lun->lun >> SRLD_BUS_LUN_BITS;
8694 lun->lun >> RPL_LUNDATA_FLAT_LUN_BITS;
8697 printf("ctl_report_luns: bogus LUN number %jd, "
8698 "skipping\n", (intmax_t)lun->lun);
8701 * According to SPC-3, rev 14 section 6.21:
8703 * "The execution of a REPORT LUNS command to any valid and
8704 * installed logical unit shall clear the REPORTED LUNS DATA
8705 * HAS CHANGED unit attention condition for all logical
8706 * units of that target with respect to the requesting
8707 * initiator. A valid and installed logical unit is one
8708 * having a PERIPHERAL QUALIFIER of 000b in the standard
8709 * INQUIRY data (see 6.4.2)."
8711 * If request_lun is NULL, the LUN this report luns command
8712 * was issued to is either disabled or doesn't exist. In that
8713 * case, we shouldn't clear any pending lun change unit
8716 if (request_lun != NULL)
8717 lun->pending_sense[initidx].ua_pending &=
8720 mtx_unlock(&control_softc->ctl_lock);
8723 * We can only return SCSI_STATUS_CHECK_COND when we can't satisfy
8726 ctsio->scsi_status = SCSI_STATUS_OK;
8728 ctsio->be_move_done = ctl_config_move_done;
8729 ctl_datamove((union ctl_io *)ctsio);
8735 ctl_request_sense(struct ctl_scsiio *ctsio)
8737 struct scsi_request_sense *cdb;
8738 struct scsi_sense_data *sense_ptr;
8739 struct ctl_lun *lun;
8742 scsi_sense_data_type sense_format;
8744 cdb = (struct scsi_request_sense *)ctsio->cdb;
8746 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8748 CTL_DEBUG_PRINT(("ctl_request_sense\n"));
8751 * Determine which sense format the user wants.
8753 if (cdb->byte2 & SRS_DESC)
8754 sense_format = SSD_TYPE_DESC;
8756 sense_format = SSD_TYPE_FIXED;
8758 ctsio->kern_data_ptr = malloc(sizeof(*sense_ptr), M_CTL, M_WAITOK);
8759 sense_ptr = (struct scsi_sense_data *)ctsio->kern_data_ptr;
8760 ctsio->kern_sg_entries = 0;
8763 * struct scsi_sense_data, which is currently set to 256 bytes, is
8764 * larger than the largest allowed value for the length field in the
8765 * REQUEST SENSE CDB, which is 252 bytes as of SPC-4.
8767 ctsio->residual = 0;
8768 ctsio->kern_data_len = cdb->length;
8769 ctsio->kern_total_len = cdb->length;
8771 ctsio->kern_data_resid = 0;
8772 ctsio->kern_rel_offset = 0;
8773 ctsio->kern_sg_entries = 0;
8776 * If we don't have a LUN, we don't have any pending sense.
8782 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus);
8784 * Check for pending sense, and then for pending unit attentions.
8785 * Pending sense gets returned first, then pending unit attentions.
8787 mtx_lock(&lun->ctl_softc->ctl_lock);
8788 if (ctl_is_set(lun->have_ca, initidx)) {
8789 scsi_sense_data_type stored_format;
8792 * Check to see which sense format was used for the stored
8795 stored_format = scsi_sense_type(
8796 &lun->pending_sense[initidx].sense);
8799 * If the user requested a different sense format than the
8800 * one we stored, then we need to convert it to the other
8801 * format. If we're going from descriptor to fixed format
8802 * sense data, we may lose things in translation, depending
8803 * on what options were used.
8805 * If the stored format is SSD_TYPE_NONE (i.e. invalid),
8806 * for some reason we'll just copy it out as-is.
8808 if ((stored_format == SSD_TYPE_FIXED)
8809 && (sense_format == SSD_TYPE_DESC))
8810 ctl_sense_to_desc((struct scsi_sense_data_fixed *)
8811 &lun->pending_sense[initidx].sense,
8812 (struct scsi_sense_data_desc *)sense_ptr);
8813 else if ((stored_format == SSD_TYPE_DESC)
8814 && (sense_format == SSD_TYPE_FIXED))
8815 ctl_sense_to_fixed((struct scsi_sense_data_desc *)
8816 &lun->pending_sense[initidx].sense,
8817 (struct scsi_sense_data_fixed *)sense_ptr);
8819 memcpy(sense_ptr, &lun->pending_sense[initidx].sense,
8820 ctl_min(sizeof(*sense_ptr),
8821 sizeof(lun->pending_sense[initidx].sense)));
8823 ctl_clear_mask(lun->have_ca, initidx);
8825 } else if (lun->pending_sense[initidx].ua_pending != CTL_UA_NONE) {
8826 ctl_ua_type ua_type;
8828 ua_type = ctl_build_ua(lun->pending_sense[initidx].ua_pending,
8829 sense_ptr, sense_format);
8830 if (ua_type != CTL_UA_NONE) {
8832 /* We're reporting this UA, so clear it */
8833 lun->pending_sense[initidx].ua_pending &= ~ua_type;
8836 mtx_unlock(&lun->ctl_softc->ctl_lock);
8839 * We already have a pending error, return it.
8841 if (have_error != 0) {
8843 * We report the SCSI status as OK, since the status of the
8844 * request sense command itself is OK.
8846 ctsio->scsi_status = SCSI_STATUS_OK;
8849 * We report 0 for the sense length, because we aren't doing
8850 * autosense in this case. We're reporting sense as
8853 ctsio->sense_len = 0;
8855 ctsio->be_move_done = ctl_config_move_done;
8856 ctl_datamove((union ctl_io *)ctsio);
8858 return (CTL_RETVAL_COMPLETE);
8864 * No sense information to report, so we report that everything is
8867 ctl_set_sense_data(sense_ptr,
8870 /*current_error*/ 1,
8871 /*sense_key*/ SSD_KEY_NO_SENSE,
8876 ctsio->scsi_status = SCSI_STATUS_OK;
8879 * We report 0 for the sense length, because we aren't doing
8880 * autosense in this case. We're reporting sense as parameter data.
8882 ctsio->sense_len = 0;
8883 ctsio->be_move_done = ctl_config_move_done;
8884 ctl_datamove((union ctl_io *)ctsio);
8886 return (CTL_RETVAL_COMPLETE);
8890 ctl_tur(struct ctl_scsiio *ctsio)
8892 struct ctl_lun *lun;
8894 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8896 CTL_DEBUG_PRINT(("ctl_tur\n"));
8901 ctsio->scsi_status = SCSI_STATUS_OK;
8902 ctsio->io_hdr.status = CTL_SUCCESS;
8904 ctl_done((union ctl_io *)ctsio);
8906 return (CTL_RETVAL_COMPLETE);
8911 ctl_cmddt_inquiry(struct ctl_scsiio *ctsio)
8918 ctl_inquiry_evpd_supported(struct ctl_scsiio *ctsio, int alloc_len)
8920 struct scsi_vpd_supported_pages *pages;
8922 struct ctl_lun *lun;
8924 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8926 sup_page_size = sizeof(struct scsi_vpd_supported_pages) +
8927 SCSI_EVPD_NUM_SUPPORTED_PAGES;
8928 ctsio->kern_data_ptr = malloc(sup_page_size, M_CTL, M_WAITOK | M_ZERO);
8929 pages = (struct scsi_vpd_supported_pages *)ctsio->kern_data_ptr;
8930 ctsio->kern_sg_entries = 0;
8932 if (sup_page_size < alloc_len) {
8933 ctsio->residual = alloc_len - sup_page_size;
8934 ctsio->kern_data_len = sup_page_size;
8935 ctsio->kern_total_len = sup_page_size;
8937 ctsio->residual = 0;
8938 ctsio->kern_data_len = alloc_len;
8939 ctsio->kern_total_len = alloc_len;
8941 ctsio->kern_data_resid = 0;
8942 ctsio->kern_rel_offset = 0;
8943 ctsio->kern_sg_entries = 0;
8946 * The control device is always connected. The disk device, on the
8947 * other hand, may not be online all the time. Need to change this
8948 * to figure out whether the disk device is actually online or not.
8951 pages->device = (SID_QUAL_LU_CONNECTED << 5) |
8952 lun->be_lun->lun_type;
8954 pages->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT;
8956 pages->length = SCSI_EVPD_NUM_SUPPORTED_PAGES;
8957 /* Supported VPD pages */
8958 pages->page_list[0] = SVPD_SUPPORTED_PAGES;
8960 pages->page_list[1] = SVPD_UNIT_SERIAL_NUMBER;
8961 /* Device Identification */
8962 pages->page_list[2] = SVPD_DEVICE_ID;
8964 ctsio->scsi_status = SCSI_STATUS_OK;
8966 ctsio->be_move_done = ctl_config_move_done;
8967 ctl_datamove((union ctl_io *)ctsio);
8969 return (CTL_RETVAL_COMPLETE);
8973 ctl_inquiry_evpd_serial(struct ctl_scsiio *ctsio, int alloc_len)
8975 struct scsi_vpd_unit_serial_number *sn_ptr;
8976 struct ctl_lun *lun;
8977 #ifndef CTL_USE_BACKEND_SN
8981 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
8983 ctsio->kern_data_ptr = malloc(sizeof(*sn_ptr), M_CTL, M_WAITOK | M_ZERO);
8984 sn_ptr = (struct scsi_vpd_unit_serial_number *)ctsio->kern_data_ptr;
8985 ctsio->kern_sg_entries = 0;
8987 if (sizeof(*sn_ptr) < alloc_len) {
8988 ctsio->residual = alloc_len - sizeof(*sn_ptr);
8989 ctsio->kern_data_len = sizeof(*sn_ptr);
8990 ctsio->kern_total_len = sizeof(*sn_ptr);
8992 ctsio->residual = 0;
8993 ctsio->kern_data_len = alloc_len;
8994 ctsio->kern_total_len = alloc_len;
8996 ctsio->kern_data_resid = 0;
8997 ctsio->kern_rel_offset = 0;
8998 ctsio->kern_sg_entries = 0;
9001 * The control device is always connected. The disk device, on the
9002 * other hand, may not be online all the time. Need to change this
9003 * to figure out whether the disk device is actually online or not.
9006 sn_ptr->device = (SID_QUAL_LU_CONNECTED << 5) |
9007 lun->be_lun->lun_type;
9009 sn_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT;
9011 sn_ptr->page_code = SVPD_UNIT_SERIAL_NUMBER;
9012 sn_ptr->length = ctl_min(sizeof(*sn_ptr) - 4, CTL_SN_LEN);
9013 #ifdef CTL_USE_BACKEND_SN
9015 * If we don't have a LUN, we just leave the serial number as
9018 memset(sn_ptr->serial_num, 0x20, sizeof(sn_ptr->serial_num));
9020 strncpy((char *)sn_ptr->serial_num,
9021 (char *)lun->be_lun->serial_num, CTL_SN_LEN);
9025 * Note that we're using a non-unique serial number here,
9027 snprintf(tmpstr, sizeof(tmpstr), "MYSERIALNUMIS000");
9028 memset(sn_ptr->serial_num, 0x20, sizeof(sn_ptr->serial_num));
9029 strncpy(sn_ptr->serial_num, tmpstr, ctl_min(CTL_SN_LEN,
9030 ctl_min(sizeof(tmpstr), sizeof(*sn_ptr) - 4)));
9032 ctsio->scsi_status = SCSI_STATUS_OK;
9034 ctsio->be_move_done = ctl_config_move_done;
9035 ctl_datamove((union ctl_io *)ctsio);
9037 return (CTL_RETVAL_COMPLETE);
9042 ctl_inquiry_evpd_devid(struct ctl_scsiio *ctsio, int alloc_len)
9044 struct scsi_vpd_device_id *devid_ptr;
9045 struct scsi_vpd_id_descriptor *desc, *desc1;
9046 struct scsi_vpd_id_descriptor *desc2, *desc3; /* for types 4h and 5h */
9047 struct scsi_vpd_id_t10 *t10id;
9048 struct ctl_softc *ctl_softc;
9049 struct ctl_lun *lun;
9050 struct ctl_frontend *fe;
9051 #ifndef CTL_USE_BACKEND_SN
9053 #endif /* CTL_USE_BACKEND_SN */
9056 ctl_softc = control_softc;
9057 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
9059 devid_len = sizeof(struct scsi_vpd_device_id) +
9060 sizeof(struct scsi_vpd_id_descriptor) +
9061 sizeof(struct scsi_vpd_id_t10) + CTL_DEVID_LEN +
9062 sizeof(struct scsi_vpd_id_descriptor) + CTL_WWPN_LEN +
9063 sizeof(struct scsi_vpd_id_descriptor) +
9064 sizeof(struct scsi_vpd_id_rel_trgt_port_id) +
9065 sizeof(struct scsi_vpd_id_descriptor) +
9066 sizeof(struct scsi_vpd_id_trgt_port_grp_id);
9068 ctsio->kern_data_ptr = malloc(devid_len, M_CTL, M_WAITOK | M_ZERO);
9069 devid_ptr = (struct scsi_vpd_device_id *)ctsio->kern_data_ptr;
9070 ctsio->kern_sg_entries = 0;
9072 if (devid_len < alloc_len) {
9073 ctsio->residual = alloc_len - devid_len;
9074 ctsio->kern_data_len = devid_len;
9075 ctsio->kern_total_len = devid_len;
9077 ctsio->residual = 0;
9078 ctsio->kern_data_len = alloc_len;
9079 ctsio->kern_total_len = alloc_len;
9081 ctsio->kern_data_resid = 0;
9082 ctsio->kern_rel_offset = 0;
9083 ctsio->kern_sg_entries = 0;
9085 desc = (struct scsi_vpd_id_descriptor *)devid_ptr->desc_list;
9086 t10id = (struct scsi_vpd_id_t10 *)&desc->identifier[0];
9087 desc1 = (struct scsi_vpd_id_descriptor *)(&desc->identifier[0] +
9088 sizeof(struct scsi_vpd_id_t10) + CTL_DEVID_LEN);
9089 desc2 = (struct scsi_vpd_id_descriptor *)(&desc1->identifier[0] +
9091 desc3 = (struct scsi_vpd_id_descriptor *)(&desc2->identifier[0] +
9092 sizeof(struct scsi_vpd_id_rel_trgt_port_id));
9095 * The control device is always connected. The disk device, on the
9096 * other hand, may not be online all the time.
9099 devid_ptr->device = (SID_QUAL_LU_CONNECTED << 5) |
9100 lun->be_lun->lun_type;
9102 devid_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT;
9104 devid_ptr->page_code = SVPD_DEVICE_ID;
9106 scsi_ulto2b(devid_len - 4, devid_ptr->length);
9108 mtx_lock(&ctl_softc->ctl_lock);
9110 fe = ctl_softc->ctl_ports[ctl_port_idx(ctsio->io_hdr.nexus.targ_port)];
9113 * For Fibre channel,
9115 if (fe->port_type == CTL_PORT_FC)
9117 desc->proto_codeset = (SCSI_PROTO_FC << 4) |
9118 SVPD_ID_CODESET_ASCII;
9119 desc1->proto_codeset = (SCSI_PROTO_FC << 4) |
9120 SVPD_ID_CODESET_BINARY;
9124 desc->proto_codeset = (SCSI_PROTO_SPI << 4) |
9125 SVPD_ID_CODESET_ASCII;
9126 desc1->proto_codeset = (SCSI_PROTO_SPI << 4) |
9127 SVPD_ID_CODESET_BINARY;
9129 desc2->proto_codeset = desc3->proto_codeset = desc1->proto_codeset;
9130 mtx_unlock(&ctl_softc->ctl_lock);
9133 * We're using a LUN association here. i.e., this device ID is a
9134 * per-LUN identifier.
9136 desc->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_LUN | SVPD_ID_TYPE_T10;
9137 desc->length = sizeof(*t10id) + CTL_DEVID_LEN;
9138 strncpy((char *)t10id->vendor, CTL_VENDOR, sizeof(t10id->vendor));
9141 * desc1 is for the WWPN which is a port asscociation.
9143 desc1->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_PORT | SVPD_ID_TYPE_NAA;
9144 desc1->length = CTL_WWPN_LEN;
9145 /* XXX Call Reggie's get_WWNN func here then add port # to the end */
9146 /* For testing just create the WWPN */
9148 ddb_GetWWNN((char *)desc1->identifier);
9150 /* NOTE: if the port is 0 or 8 we don't want to subtract 1 */
9151 /* This is so Copancontrol will return something sane */
9152 if (ctsio->io_hdr.nexus.targ_port!=0 &&
9153 ctsio->io_hdr.nexus.targ_port!=8)
9154 desc1->identifier[7] += ctsio->io_hdr.nexus.targ_port-1;
9156 desc1->identifier[7] += ctsio->io_hdr.nexus.targ_port;
9159 be64enc(desc1->identifier, fe->wwpn);
9162 * desc2 is for the Relative Target Port(type 4h) identifier
9164 desc2->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_PORT
9165 | SVPD_ID_TYPE_RELTARG;
9168 /* NOTE: if the port is 0 or 8 we don't want to subtract 1 */
9169 /* This is so Copancontrol will return something sane */
9170 if (ctsio->io_hdr.nexus.targ_port!=0 &&
9171 ctsio->io_hdr.nexus.targ_port!=8)
9172 desc2->identifier[3] = ctsio->io_hdr.nexus.targ_port - 1;
9174 desc2->identifier[3] = ctsio->io_hdr.nexus.targ_port;
9178 * desc3 is for the Target Port Group(type 5h) identifier
9180 desc3->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_PORT
9181 | SVPD_ID_TYPE_TPORTGRP;
9183 if (ctsio->io_hdr.nexus.targ_port < CTL_MAX_PORTS || ctl_is_single)
9184 desc3->identifier[3] = 1;
9186 desc3->identifier[3] = 2;
9188 #ifdef CTL_USE_BACKEND_SN
9190 * If we've actually got a backend, copy the device id from the
9191 * per-LUN data. Otherwise, set it to all spaces.
9195 * Copy the backend's LUN ID.
9197 strncpy((char *)t10id->vendor_spec_id,
9198 (char *)lun->be_lun->device_id, CTL_DEVID_LEN);
9201 * No backend, set this to spaces.
9203 memset(t10id->vendor_spec_id, 0x20, CTL_DEVID_LEN);
9206 snprintf(tmpstr, sizeof(tmpstr), "MYDEVICEIDIS%4d",
9207 (lun != NULL) ? (int)lun->lun : 0);
9208 strncpy(t10id->vendor_spec_id, tmpstr, ctl_min(CTL_DEVID_LEN,
9212 ctsio->scsi_status = SCSI_STATUS_OK;
9214 ctsio->be_move_done = ctl_config_move_done;
9215 ctl_datamove((union ctl_io *)ctsio);
9217 return (CTL_RETVAL_COMPLETE);
9221 ctl_inquiry_evpd(struct ctl_scsiio *ctsio)
9223 struct scsi_inquiry *cdb;
9224 int alloc_len, retval;
9226 cdb = (struct scsi_inquiry *)ctsio->cdb;
9228 retval = CTL_RETVAL_COMPLETE;
9230 alloc_len = scsi_2btoul(cdb->length);
9232 switch (cdb->page_code) {
9233 case SVPD_SUPPORTED_PAGES:
9234 retval = ctl_inquiry_evpd_supported(ctsio, alloc_len);
9236 case SVPD_UNIT_SERIAL_NUMBER:
9237 retval = ctl_inquiry_evpd_serial(ctsio, alloc_len);
9239 case SVPD_DEVICE_ID:
9240 retval = ctl_inquiry_evpd_devid(ctsio, alloc_len);
9243 ctl_set_invalid_field(ctsio,
9249 ctl_done((union ctl_io *)ctsio);
9250 retval = CTL_RETVAL_COMPLETE;
9258 ctl_inquiry_std(struct ctl_scsiio *ctsio)
9260 struct scsi_inquiry_data *inq_ptr;
9261 struct scsi_inquiry *cdb;
9262 struct ctl_softc *ctl_softc;
9263 struct ctl_lun *lun;
9267 ctl_softc = control_softc;
9270 * Figure out whether we're talking to a Fibre Channel port or not.
9271 * We treat the ioctl front end, and any SCSI adapters, as packetized
9274 mtx_lock(&ctl_softc->ctl_lock);
9275 if (ctl_softc->ctl_ports[ctl_port_idx(ctsio->io_hdr.nexus.targ_port)]->port_type !=
9280 mtx_unlock(&ctl_softc->ctl_lock);
9282 lun = ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
9283 cdb = (struct scsi_inquiry *)ctsio->cdb;
9284 alloc_len = scsi_2btoul(cdb->length);
9287 * We malloc the full inquiry data size here and fill it
9288 * in. If the user only asks for less, we'll give him
9291 ctsio->kern_data_ptr = malloc(sizeof(*inq_ptr), M_CTL, M_WAITOK | M_ZERO);
9292 inq_ptr = (struct scsi_inquiry_data *)ctsio->kern_data_ptr;
9293 ctsio->kern_sg_entries = 0;
9294 ctsio->kern_data_resid = 0;
9295 ctsio->kern_rel_offset = 0;
9297 if (sizeof(*inq_ptr) < alloc_len) {
9298 ctsio->residual = alloc_len - sizeof(*inq_ptr);
9299 ctsio->kern_data_len = sizeof(*inq_ptr);
9300 ctsio->kern_total_len = sizeof(*inq_ptr);
9302 ctsio->residual = 0;
9303 ctsio->kern_data_len = alloc_len;
9304 ctsio->kern_total_len = alloc_len;
9308 * If we have a LUN configured, report it as connected. Otherwise,
9309 * report that it is offline or no device is supported, depending
9310 * on the value of inquiry_pq_no_lun.
9312 * According to the spec (SPC-4 r34), the peripheral qualifier
9313 * SID_QUAL_LU_OFFLINE (001b) is used in the following scenario:
9315 * "A peripheral device having the specified peripheral device type
9316 * is not connected to this logical unit. However, the device
9317 * server is capable of supporting the specified peripheral device
9318 * type on this logical unit."
9320 * According to the same spec, the peripheral qualifier
9321 * SID_QUAL_BAD_LU (011b) is used in this scenario:
9323 * "The device server is not capable of supporting a peripheral
9324 * device on this logical unit. For this peripheral qualifier the
9325 * peripheral device type shall be set to 1Fh. All other peripheral
9326 * device type values are reserved for this peripheral qualifier."
9328 * Given the text, it would seem that we probably want to report that
9329 * the LUN is offline here. There is no LUN connected, but we can
9330 * support a LUN at the given LUN number.
9332 * In the real world, though, it sounds like things are a little
9335 * - Linux, when presented with a LUN with the offline peripheral
9336 * qualifier, will create an sg driver instance for it. So when
9337 * you attach it to CTL, you wind up with a ton of sg driver
9338 * instances. (One for every LUN that Linux bothered to probe.)
9339 * Linux does this despite the fact that it issues a REPORT LUNs
9340 * to LUN 0 to get the inventory of supported LUNs.
9342 * - There is other anecdotal evidence (from Emulex folks) about
9343 * arrays that use the offline peripheral qualifier for LUNs that
9344 * are on the "passive" path in an active/passive array.
9346 * So the solution is provide a hopefully reasonable default
9347 * (return bad/no LUN) and allow the user to change the behavior
9348 * with a tunable/sysctl variable.
9351 inq_ptr->device = (SID_QUAL_LU_CONNECTED << 5) |
9352 lun->be_lun->lun_type;
9353 else if (ctl_softc->inquiry_pq_no_lun == 0)
9354 inq_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT;
9356 inq_ptr->device = (SID_QUAL_BAD_LU << 5) | T_NODEVICE;
9358 /* RMB in byte 2 is 0 */
9359 inq_ptr->version = SCSI_REV_SPC3;
9362 * According to SAM-3, even if a device only supports a single
9363 * level of LUN addressing, it should still set the HISUP bit:
9365 * 4.9.1 Logical unit numbers overview
9367 * All logical unit number formats described in this standard are
9368 * hierarchical in structure even when only a single level in that
9369 * hierarchy is used. The HISUP bit shall be set to one in the
9370 * standard INQUIRY data (see SPC-2) when any logical unit number
9371 * format described in this standard is used. Non-hierarchical
9372 * formats are outside the scope of this standard.
9374 * Therefore we set the HiSup bit here.
9376 * The reponse format is 2, per SPC-3.
9378 inq_ptr->response_format = SID_HiSup | 2;
9380 inq_ptr->additional_length = sizeof(*inq_ptr) - 4;
9381 CTL_DEBUG_PRINT(("additional_length = %d\n",
9382 inq_ptr->additional_length));
9384 inq_ptr->spc3_flags = SPC3_SID_TPGS_IMPLICIT;
9385 /* 16 bit addressing */
9387 inq_ptr->spc2_flags = SPC2_SID_ADDR16;
9388 /* XXX set the SID_MultiP bit here if we're actually going to
9389 respond on multiple ports */
9390 inq_ptr->spc2_flags |= SPC2_SID_MultiP;
9392 /* 16 bit data bus, synchronous transfers */
9393 /* XXX these flags don't apply for FC */
9395 inq_ptr->flags = SID_WBus16 | SID_Sync;
9397 * XXX KDM do we want to support tagged queueing on the control
9401 || (lun->be_lun->lun_type != T_PROCESSOR))
9402 inq_ptr->flags |= SID_CmdQue;
9404 * Per SPC-3, unused bytes in ASCII strings are filled with spaces.
9405 * We have 8 bytes for the vendor name, and 16 bytes for the device
9406 * name and 4 bytes for the revision.
9408 strncpy(inq_ptr->vendor, CTL_VENDOR, sizeof(inq_ptr->vendor));
9410 strcpy(inq_ptr->product, CTL_DIRECT_PRODUCT);
9412 switch (lun->be_lun->lun_type) {
9414 strcpy(inq_ptr->product, CTL_DIRECT_PRODUCT);
9417 strcpy(inq_ptr->product, CTL_PROCESSOR_PRODUCT);
9420 strcpy(inq_ptr->product, CTL_UNKNOWN_PRODUCT);
9426 * XXX make this a macro somewhere so it automatically gets
9427 * incremented when we make changes.
9429 strncpy(inq_ptr->revision, "0001", sizeof(inq_ptr->revision));
9432 * For parallel SCSI, we support double transition and single
9433 * transition clocking. We also support QAS (Quick Arbitration
9434 * and Selection) and Information Unit transfers on both the
9435 * control and array devices.
9438 inq_ptr->spi3data = SID_SPI_CLOCK_DT_ST | SID_SPI_QAS |
9442 scsi_ulto2b(0x0060, inq_ptr->version1);
9443 /* SPC-3 (no version claimed) XXX should we claim a version? */
9444 scsi_ulto2b(0x0300, inq_ptr->version2);
9446 /* FCP-2 ANSI INCITS.350:2003 */
9447 scsi_ulto2b(0x0917, inq_ptr->version3);
9449 /* SPI-4 ANSI INCITS.362:200x */
9450 scsi_ulto2b(0x0B56, inq_ptr->version3);
9454 /* SBC-2 (no version claimed) XXX should we claim a version? */
9455 scsi_ulto2b(0x0320, inq_ptr->version4);
9457 switch (lun->be_lun->lun_type) {
9460 * SBC-2 (no version claimed) XXX should we claim a
9463 scsi_ulto2b(0x0320, inq_ptr->version4);
9471 ctsio->scsi_status = SCSI_STATUS_OK;
9472 if (ctsio->kern_data_len > 0) {
9473 ctsio->be_move_done = ctl_config_move_done;
9474 ctl_datamove((union ctl_io *)ctsio);
9476 ctsio->io_hdr.status = CTL_SUCCESS;
9477 ctl_done((union ctl_io *)ctsio);
9480 return (CTL_RETVAL_COMPLETE);
9484 ctl_inquiry(struct ctl_scsiio *ctsio)
9486 struct scsi_inquiry *cdb;
9489 cdb = (struct scsi_inquiry *)ctsio->cdb;
9493 CTL_DEBUG_PRINT(("ctl_inquiry\n"));
9496 * Right now, we don't support the CmdDt inquiry information.
9497 * This would be nice to support in the future. When we do
9498 * support it, we should change this test so that it checks to make
9499 * sure SI_EVPD and SI_CMDDT aren't both set at the same time.
9502 if (((cdb->byte2 & SI_EVPD)
9503 && (cdb->byte2 & SI_CMDDT)))
9505 if (cdb->byte2 & SI_CMDDT) {
9507 * Point to the SI_CMDDT bit. We might change this
9508 * when we support SI_CMDDT, but since both bits would be
9509 * "wrong", this should probably just stay as-is then.
9511 ctl_set_invalid_field(ctsio,
9517 ctl_done((union ctl_io *)ctsio);
9518 return (CTL_RETVAL_COMPLETE);
9520 if (cdb->byte2 & SI_EVPD)
9521 retval = ctl_inquiry_evpd(ctsio);
9523 else if (cdb->byte2 & SI_CMDDT)
9524 retval = ctl_inquiry_cmddt(ctsio);
9527 retval = ctl_inquiry_std(ctsio);
9533 * For known CDB types, parse the LBA and length.
9536 ctl_get_lba_len(union ctl_io *io, uint64_t *lba, uint32_t *len)
9538 if (io->io_hdr.io_type != CTL_IO_SCSI)
9541 switch (io->scsiio.cdb[0]) {
9544 struct scsi_rw_6 *cdb;
9546 cdb = (struct scsi_rw_6 *)io->scsiio.cdb;
9548 *lba = scsi_3btoul(cdb->addr);
9549 /* only 5 bits are valid in the most significant address byte */
9556 struct scsi_rw_10 *cdb;
9558 cdb = (struct scsi_rw_10 *)io->scsiio.cdb;
9560 *lba = scsi_4btoul(cdb->addr);
9561 *len = scsi_2btoul(cdb->length);
9564 case WRITE_VERIFY_10: {
9565 struct scsi_write_verify_10 *cdb;
9567 cdb = (struct scsi_write_verify_10 *)io->scsiio.cdb;
9569 *lba = scsi_4btoul(cdb->addr);
9570 *len = scsi_2btoul(cdb->length);
9575 struct scsi_rw_12 *cdb;
9577 cdb = (struct scsi_rw_12 *)io->scsiio.cdb;
9579 *lba = scsi_4btoul(cdb->addr);
9580 *len = scsi_4btoul(cdb->length);
9583 case WRITE_VERIFY_12: {
9584 struct scsi_write_verify_12 *cdb;
9586 cdb = (struct scsi_write_verify_12 *)io->scsiio.cdb;
9588 *lba = scsi_4btoul(cdb->addr);
9589 *len = scsi_4btoul(cdb->length);
9594 struct scsi_rw_16 *cdb;
9596 cdb = (struct scsi_rw_16 *)io->scsiio.cdb;
9598 *lba = scsi_8btou64(cdb->addr);
9599 *len = scsi_4btoul(cdb->length);
9602 case WRITE_VERIFY_16: {
9603 struct scsi_write_verify_16 *cdb;
9605 cdb = (struct scsi_write_verify_16 *)io->scsiio.cdb;
9608 *lba = scsi_8btou64(cdb->addr);
9609 *len = scsi_4btoul(cdb->length);
9614 break; /* NOTREACHED */
9621 ctl_extent_check_lba(uint64_t lba1, uint32_t len1, uint64_t lba2, uint32_t len2)
9623 uint64_t endlba1, endlba2;
9625 endlba1 = lba1 + len1 - 1;
9626 endlba2 = lba2 + len2 - 1;
9628 if ((endlba1 < lba2)
9629 || (endlba2 < lba1))
9630 return (CTL_ACTION_PASS);
9632 return (CTL_ACTION_BLOCK);
9636 ctl_extent_check(union ctl_io *io1, union ctl_io *io2)
9638 uint64_t lba1, lba2;
9639 uint32_t len1, len2;
9642 retval = ctl_get_lba_len(io1, &lba1, &len1);
9644 return (CTL_ACTION_ERROR);
9646 retval = ctl_get_lba_len(io2, &lba2, &len2);
9648 return (CTL_ACTION_ERROR);
9650 return (ctl_extent_check_lba(lba1, len1, lba2, len2));
9654 ctl_check_for_blockage(union ctl_io *pending_io, union ctl_io *ooa_io)
9656 struct ctl_cmd_entry *pending_entry, *ooa_entry;
9657 ctl_serialize_action *serialize_row;
9660 * The initiator attempted multiple untagged commands at the same
9661 * time. Can't do that.
9663 if ((pending_io->scsiio.tag_type == CTL_TAG_UNTAGGED)
9664 && (ooa_io->scsiio.tag_type == CTL_TAG_UNTAGGED)
9665 && ((pending_io->io_hdr.nexus.targ_port ==
9666 ooa_io->io_hdr.nexus.targ_port)
9667 && (pending_io->io_hdr.nexus.initid.id ==
9668 ooa_io->io_hdr.nexus.initid.id))
9669 && ((ooa_io->io_hdr.flags & CTL_FLAG_ABORT) == 0))
9670 return (CTL_ACTION_OVERLAP);
9673 * The initiator attempted to send multiple tagged commands with
9674 * the same ID. (It's fine if different initiators have the same
9677 * Even if all of those conditions are true, we don't kill the I/O
9678 * if the command ahead of us has been aborted. We won't end up
9679 * sending it to the FETD, and it's perfectly legal to resend a
9680 * command with the same tag number as long as the previous
9681 * instance of this tag number has been aborted somehow.
9683 if ((pending_io->scsiio.tag_type != CTL_TAG_UNTAGGED)
9684 && (ooa_io->scsiio.tag_type != CTL_TAG_UNTAGGED)
9685 && (pending_io->scsiio.tag_num == ooa_io->scsiio.tag_num)
9686 && ((pending_io->io_hdr.nexus.targ_port ==
9687 ooa_io->io_hdr.nexus.targ_port)
9688 && (pending_io->io_hdr.nexus.initid.id ==
9689 ooa_io->io_hdr.nexus.initid.id))
9690 && ((ooa_io->io_hdr.flags & CTL_FLAG_ABORT) == 0))
9691 return (CTL_ACTION_OVERLAP_TAG);
9694 * If we get a head of queue tag, SAM-3 says that we should
9695 * immediately execute it.
9697 * What happens if this command would normally block for some other
9698 * reason? e.g. a request sense with a head of queue tag
9699 * immediately after a write. Normally that would block, but this
9700 * will result in its getting executed immediately...
9702 * We currently return "pass" instead of "skip", so we'll end up
9703 * going through the rest of the queue to check for overlapped tags.
9705 * XXX KDM check for other types of blockage first??
9707 if (pending_io->scsiio.tag_type == CTL_TAG_HEAD_OF_QUEUE)
9708 return (CTL_ACTION_PASS);
9711 * Ordered tags have to block until all items ahead of them
9712 * have completed. If we get called with an ordered tag, we always
9713 * block, if something else is ahead of us in the queue.
9715 if (pending_io->scsiio.tag_type == CTL_TAG_ORDERED)
9716 return (CTL_ACTION_BLOCK);
9719 * Simple tags get blocked until all head of queue and ordered tags
9720 * ahead of them have completed. I'm lumping untagged commands in
9721 * with simple tags here. XXX KDM is that the right thing to do?
9723 if (((pending_io->scsiio.tag_type == CTL_TAG_UNTAGGED)
9724 || (pending_io->scsiio.tag_type == CTL_TAG_SIMPLE))
9725 && ((ooa_io->scsiio.tag_type == CTL_TAG_HEAD_OF_QUEUE)
9726 || (ooa_io->scsiio.tag_type == CTL_TAG_ORDERED)))
9727 return (CTL_ACTION_BLOCK);
9729 pending_entry = &ctl_cmd_table[pending_io->scsiio.cdb[0]];
9730 ooa_entry = &ctl_cmd_table[ooa_io->scsiio.cdb[0]];
9732 serialize_row = ctl_serialize_table[ooa_entry->seridx];
9734 switch (serialize_row[pending_entry->seridx]) {
9736 return (CTL_ACTION_BLOCK);
9737 break; /* NOTREACHED */
9738 case CTL_SER_EXTENT:
9739 return (ctl_extent_check(pending_io, ooa_io));
9740 break; /* NOTREACHED */
9742 return (CTL_ACTION_PASS);
9743 break; /* NOTREACHED */
9745 return (CTL_ACTION_SKIP);
9748 panic("invalid serialization value %d",
9749 serialize_row[pending_entry->seridx]);
9750 break; /* NOTREACHED */
9753 return (CTL_ACTION_ERROR);
9757 * Check for blockage or overlaps against the OOA (Order Of Arrival) queue.
9759 * - pending_io is generally either incoming, or on the blocked queue
9760 * - starting I/O is the I/O we want to start the check with.
9763 ctl_check_ooa(struct ctl_lun *lun, union ctl_io *pending_io,
9764 union ctl_io *starting_io)
9766 union ctl_io *ooa_io;
9769 mtx_assert(&control_softc->ctl_lock, MA_OWNED);
9772 * Run back along the OOA queue, starting with the current
9773 * blocked I/O and going through every I/O before it on the
9774 * queue. If starting_io is NULL, we'll just end up returning
9777 for (ooa_io = starting_io; ooa_io != NULL;
9778 ooa_io = (union ctl_io *)TAILQ_PREV(&ooa_io->io_hdr, ctl_ooaq,
9782 * This routine just checks to see whether
9783 * cur_blocked is blocked by ooa_io, which is ahead
9784 * of it in the queue. It doesn't queue/dequeue
9787 action = ctl_check_for_blockage(pending_io, ooa_io);
9789 case CTL_ACTION_BLOCK:
9790 case CTL_ACTION_OVERLAP:
9791 case CTL_ACTION_OVERLAP_TAG:
9792 case CTL_ACTION_SKIP:
9793 case CTL_ACTION_ERROR:
9795 break; /* NOTREACHED */
9796 case CTL_ACTION_PASS:
9799 panic("invalid action %d", action);
9800 break; /* NOTREACHED */
9804 return (CTL_ACTION_PASS);
9809 * - An I/O has just completed, and has been removed from the per-LUN OOA
9810 * queue, so some items on the blocked queue may now be unblocked.
9813 ctl_check_blocked(struct ctl_lun *lun)
9815 union ctl_io *cur_blocked, *next_blocked;
9817 mtx_assert(&control_softc->ctl_lock, MA_OWNED);
9820 * Run forward from the head of the blocked queue, checking each
9821 * entry against the I/Os prior to it on the OOA queue to see if
9822 * there is still any blockage.
9824 * We cannot use the TAILQ_FOREACH() macro, because it can't deal
9825 * with our removing a variable on it while it is traversing the
9828 for (cur_blocked = (union ctl_io *)TAILQ_FIRST(&lun->blocked_queue);
9829 cur_blocked != NULL; cur_blocked = next_blocked) {
9830 union ctl_io *prev_ooa;
9833 next_blocked = (union ctl_io *)TAILQ_NEXT(&cur_blocked->io_hdr,
9836 prev_ooa = (union ctl_io *)TAILQ_PREV(&cur_blocked->io_hdr,
9837 ctl_ooaq, ooa_links);
9840 * If cur_blocked happens to be the first item in the OOA
9841 * queue now, prev_ooa will be NULL, and the action
9842 * returned will just be CTL_ACTION_PASS.
9844 action = ctl_check_ooa(lun, cur_blocked, prev_ooa);
9847 case CTL_ACTION_BLOCK:
9848 /* Nothing to do here, still blocked */
9850 case CTL_ACTION_OVERLAP:
9851 case CTL_ACTION_OVERLAP_TAG:
9853 * This shouldn't happen! In theory we've already
9854 * checked this command for overlap...
9857 case CTL_ACTION_PASS:
9858 case CTL_ACTION_SKIP: {
9859 struct ctl_softc *softc;
9860 struct ctl_cmd_entry *entry;
9866 * The skip case shouldn't happen, this transaction
9867 * should have never made it onto the blocked queue.
9870 * This I/O is no longer blocked, we can remove it
9871 * from the blocked queue. Since this is a TAILQ
9872 * (doubly linked list), we can do O(1) removals
9873 * from any place on the list.
9875 TAILQ_REMOVE(&lun->blocked_queue, &cur_blocked->io_hdr,
9877 cur_blocked->io_hdr.flags &= ~CTL_FLAG_BLOCKED;
9879 if (cur_blocked->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC){
9881 * Need to send IO back to original side to
9884 union ctl_ha_msg msg_info;
9886 msg_info.hdr.original_sc =
9887 cur_blocked->io_hdr.original_sc;
9888 msg_info.hdr.serializing_sc = cur_blocked;
9889 msg_info.hdr.msg_type = CTL_MSG_R2R;
9890 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
9891 &msg_info, sizeof(msg_info), 0)) >
9892 CTL_HA_STATUS_SUCCESS) {
9893 printf("CTL:Check Blocked error from "
9894 "ctl_ha_msg_send %d\n",
9899 opcode = cur_blocked->scsiio.cdb[0];
9900 entry = &ctl_cmd_table[opcode];
9901 softc = control_softc;
9903 initidx = ctl_get_initindex(&cur_blocked->io_hdr.nexus);
9906 * Check this I/O for LUN state changes that may
9907 * have happened while this command was blocked.
9908 * The LUN state may have been changed by a command
9909 * ahead of us in the queue, so we need to re-check
9910 * for any states that can be caused by SCSI
9913 if (ctl_scsiio_lun_check(softc, lun, entry,
9914 &cur_blocked->scsiio) == 0) {
9915 cur_blocked->io_hdr.flags |=
9916 CTL_FLAG_IS_WAS_ON_RTR;
9917 STAILQ_INSERT_TAIL(&lun->ctl_softc->rtr_queue,
9918 &cur_blocked->io_hdr, links);
9920 * In the non CTL_DONE_THREAD case, we need
9921 * to wake up the work thread here. When
9922 * we're processing completed requests from
9923 * the work thread context, we'll pop back
9924 * around and end up pulling things off the
9925 * RtR queue. When we aren't processing
9926 * things from the work thread context,
9927 * though, we won't ever check the RtR queue.
9928 * So we need to wake up the thread to clear
9929 * things off the queue. Otherwise this
9930 * transaction will just sit on the RtR queue
9931 * until a new I/O comes in. (Which may or
9932 * may not happen...)
9934 #ifndef CTL_DONE_THREAD
9935 ctl_wakeup_thread();
9938 ctl_done_lock(cur_blocked, /*have_lock*/ 1);
9943 * This probably shouldn't happen -- we shouldn't
9944 * get CTL_ACTION_ERROR, or anything else.
9950 return (CTL_RETVAL_COMPLETE);
9954 * This routine (with one exception) checks LUN flags that can be set by
9955 * commands ahead of us in the OOA queue. These flags have to be checked
9956 * when a command initially comes in, and when we pull a command off the
9957 * blocked queue and are preparing to execute it. The reason we have to
9958 * check these flags for commands on the blocked queue is that the LUN
9959 * state may have been changed by a command ahead of us while we're on the
9962 * Ordering is somewhat important with these checks, so please pay
9963 * careful attention to the placement of any new checks.
9966 ctl_scsiio_lun_check(struct ctl_softc *ctl_softc, struct ctl_lun *lun,
9967 struct ctl_cmd_entry *entry, struct ctl_scsiio *ctsio)
9974 * If this shelf is a secondary shelf controller, we have to reject
9975 * any media access commands.
9978 /* No longer needed for HA */
9979 if (((ctl_softc->flags & CTL_FLAG_MASTER_SHELF) == 0)
9980 && ((entry->flags & CTL_CMD_FLAG_OK_ON_SECONDARY) == 0)) {
9981 ctl_set_lun_standby(ctsio);
9988 * Check for a reservation conflict. If this command isn't allowed
9989 * even on reserved LUNs, and if this initiator isn't the one who
9990 * reserved us, reject the command with a reservation conflict.
9992 if ((lun->flags & CTL_LUN_RESERVED)
9993 && ((entry->flags & CTL_CMD_FLAG_ALLOW_ON_RESV) == 0)) {
9994 if ((ctsio->io_hdr.nexus.initid.id != lun->rsv_nexus.initid.id)
9995 || (ctsio->io_hdr.nexus.targ_port != lun->rsv_nexus.targ_port)
9996 || (ctsio->io_hdr.nexus.targ_target.id !=
9997 lun->rsv_nexus.targ_target.id)) {
9998 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT;
9999 ctsio->io_hdr.status = CTL_SCSI_ERROR;
10005 if ( (lun->flags & CTL_LUN_PR_RESERVED)
10006 && ((entry->flags & CTL_CMD_FLAG_ALLOW_ON_PR_RESV) == 0)) {
10009 residx = ctl_get_resindex(&ctsio->io_hdr.nexus);
10011 * if we aren't registered or it's a res holder type
10012 * reservation and this isn't the res holder then set a
10014 * NOTE: Commands which might be allowed on write exclusive
10015 * type reservations are checked in the particular command
10016 * for a conflict. Read and SSU are the only ones.
10018 if (!lun->per_res[residx].registered
10019 || (residx != lun->pr_res_idx && lun->res_type < 4)) {
10020 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT;
10021 ctsio->io_hdr.status = CTL_SCSI_ERROR;
10028 if ((lun->flags & CTL_LUN_OFFLINE)
10029 && ((entry->flags & CTL_CMD_FLAG_OK_ON_OFFLINE) == 0)) {
10030 ctl_set_lun_not_ready(ctsio);
10036 * If the LUN is stopped, see if this particular command is allowed
10037 * for a stopped lun. Otherwise, reject it with 0x04,0x02.
10039 if ((lun->flags & CTL_LUN_STOPPED)
10040 && ((entry->flags & CTL_CMD_FLAG_OK_ON_STOPPED) == 0)) {
10041 /* "Logical unit not ready, initializing cmd. required" */
10042 ctl_set_lun_stopped(ctsio);
10047 if ((lun->flags & CTL_LUN_INOPERABLE)
10048 && ((entry->flags & CTL_CMD_FLAG_OK_ON_INOPERABLE) == 0)) {
10049 /* "Medium format corrupted" */
10050 ctl_set_medium_format_corrupted(ctsio);
10061 ctl_failover_io(union ctl_io *io, int have_lock)
10063 ctl_set_busy(&io->scsiio);
10064 ctl_done_lock(io, have_lock);
10070 struct ctl_lun *lun;
10071 struct ctl_softc *ctl_softc;
10072 union ctl_io *next_io, *pending_io;
10077 ctl_softc = control_softc;
10079 mtx_lock(&ctl_softc->ctl_lock);
10081 * Remove any cmds from the other SC from the rtr queue. These
10082 * will obviously only be for LUNs for which we're the primary.
10083 * We can't send status or get/send data for these commands.
10084 * Since they haven't been executed yet, we can just remove them.
10085 * We'll either abort them or delete them below, depending on
10086 * which HA mode we're in.
10088 for (io = (union ctl_io *)STAILQ_FIRST(&ctl_softc->rtr_queue);
10089 io != NULL; io = next_io) {
10090 next_io = (union ctl_io *)STAILQ_NEXT(&io->io_hdr, links);
10091 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)
10092 STAILQ_REMOVE(&ctl_softc->rtr_queue, &io->io_hdr,
10093 ctl_io_hdr, links);
10096 for (lun_idx=0; lun_idx < ctl_softc->num_luns; lun_idx++) {
10097 lun = ctl_softc->ctl_luns[lun_idx];
10102 * Processor LUNs are primary on both sides.
10103 * XXX will this always be true?
10105 if (lun->be_lun->lun_type == T_PROCESSOR)
10108 if ((lun->flags & CTL_LUN_PRIMARY_SC)
10109 && (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY)) {
10110 printf("FAILOVER: primary lun %d\n", lun_idx);
10112 * Remove all commands from the other SC. First from the
10113 * blocked queue then from the ooa queue. Once we have
10114 * removed them. Call ctl_check_blocked to see if there
10115 * is anything that can run.
10117 for (io = (union ctl_io *)TAILQ_FIRST(
10118 &lun->blocked_queue); io != NULL; io = next_io) {
10120 next_io = (union ctl_io *)TAILQ_NEXT(
10121 &io->io_hdr, blocked_links);
10123 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) {
10124 TAILQ_REMOVE(&lun->blocked_queue,
10125 &io->io_hdr,blocked_links);
10126 io->io_hdr.flags &= ~CTL_FLAG_BLOCKED;
10127 TAILQ_REMOVE(&lun->ooa_queue,
10128 &io->io_hdr, ooa_links);
10134 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue);
10135 io != NULL; io = next_io) {
10137 next_io = (union ctl_io *)TAILQ_NEXT(
10138 &io->io_hdr, ooa_links);
10140 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) {
10142 TAILQ_REMOVE(&lun->ooa_queue,
10149 ctl_check_blocked(lun);
10150 } else if ((lun->flags & CTL_LUN_PRIMARY_SC)
10151 && (ctl_softc->ha_mode == CTL_HA_MODE_XFER)) {
10153 printf("FAILOVER: primary lun %d\n", lun_idx);
10155 * Abort all commands from the other SC. We can't
10156 * send status back for them now. These should get
10157 * cleaned up when they are completed or come out
10158 * for a datamove operation.
10160 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue);
10161 io != NULL; io = next_io) {
10162 next_io = (union ctl_io *)TAILQ_NEXT(
10163 &io->io_hdr, ooa_links);
10165 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)
10166 io->io_hdr.flags |= CTL_FLAG_ABORT;
10168 } else if (((lun->flags & CTL_LUN_PRIMARY_SC) == 0)
10169 && (ctl_softc->ha_mode == CTL_HA_MODE_XFER)) {
10171 printf("FAILOVER: secondary lun %d\n", lun_idx);
10173 lun->flags |= CTL_LUN_PRIMARY_SC;
10176 * We send all I/O that was sent to this controller
10177 * and redirected to the other side back with
10178 * busy status, and have the initiator retry it.
10179 * Figuring out how much data has been transferred,
10180 * etc. and picking up where we left off would be
10183 * XXX KDM need to remove I/O from the blocked
10186 for (pending_io = (union ctl_io *)TAILQ_FIRST(
10187 &lun->ooa_queue); pending_io != NULL;
10188 pending_io = next_io) {
10190 next_io = (union ctl_io *)TAILQ_NEXT(
10191 &pending_io->io_hdr, ooa_links);
10193 pending_io->io_hdr.flags &=
10194 ~CTL_FLAG_SENT_2OTHER_SC;
10196 if (pending_io->io_hdr.flags &
10197 CTL_FLAG_IO_ACTIVE) {
10198 pending_io->io_hdr.flags |=
10201 ctl_set_busy(&pending_io->scsiio);
10202 ctl_done_lock(pending_io,
10208 * Build Unit Attention
10210 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
10211 lun->pending_sense[i].ua_pending |=
10212 CTL_UA_ASYM_ACC_CHANGE;
10214 } else if (((lun->flags & CTL_LUN_PRIMARY_SC) == 0)
10215 && (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY)) {
10216 printf("FAILOVER: secondary lun %d\n", lun_idx);
10218 * if the first io on the OOA is not on the RtR queue
10221 lun->flags |= CTL_LUN_PRIMARY_SC;
10223 pending_io = (union ctl_io *)TAILQ_FIRST(
10225 if (pending_io==NULL) {
10226 printf("Nothing on OOA queue\n");
10230 pending_io->io_hdr.flags &= ~CTL_FLAG_SENT_2OTHER_SC;
10231 if ((pending_io->io_hdr.flags &
10232 CTL_FLAG_IS_WAS_ON_RTR) == 0) {
10233 pending_io->io_hdr.flags |=
10234 CTL_FLAG_IS_WAS_ON_RTR;
10235 STAILQ_INSERT_TAIL(&ctl_softc->rtr_queue,
10236 &pending_io->io_hdr, links);
10241 printf("Tag 0x%04x is running\n",
10242 pending_io->scsiio.tag_num);
10246 next_io = (union ctl_io *)TAILQ_NEXT(
10247 &pending_io->io_hdr, ooa_links);
10248 for (pending_io=next_io; pending_io != NULL;
10249 pending_io = next_io) {
10250 pending_io->io_hdr.flags &=
10251 ~CTL_FLAG_SENT_2OTHER_SC;
10252 next_io = (union ctl_io *)TAILQ_NEXT(
10253 &pending_io->io_hdr, ooa_links);
10254 if (pending_io->io_hdr.flags &
10255 CTL_FLAG_IS_WAS_ON_RTR) {
10257 printf("Tag 0x%04x is running\n",
10258 pending_io->scsiio.tag_num);
10263 switch (ctl_check_ooa(lun, pending_io,
10264 (union ctl_io *)TAILQ_PREV(
10265 &pending_io->io_hdr, ctl_ooaq,
10268 case CTL_ACTION_BLOCK:
10269 TAILQ_INSERT_TAIL(&lun->blocked_queue,
10270 &pending_io->io_hdr,
10272 pending_io->io_hdr.flags |=
10275 case CTL_ACTION_PASS:
10276 case CTL_ACTION_SKIP:
10277 pending_io->io_hdr.flags |=
10278 CTL_FLAG_IS_WAS_ON_RTR;
10279 STAILQ_INSERT_TAIL(
10280 &ctl_softc->rtr_queue,
10281 &pending_io->io_hdr, links);
10283 case CTL_ACTION_OVERLAP:
10284 ctl_set_overlapped_cmd(
10285 (struct ctl_scsiio *)pending_io);
10286 ctl_done_lock(pending_io,
10289 case CTL_ACTION_OVERLAP_TAG:
10290 ctl_set_overlapped_tag(
10291 (struct ctl_scsiio *)pending_io,
10292 pending_io->scsiio.tag_num & 0xff);
10293 ctl_done_lock(pending_io,
10296 case CTL_ACTION_ERROR:
10298 ctl_set_internal_failure(
10299 (struct ctl_scsiio *)pending_io,
10302 ctl_done_lock(pending_io,
10309 * Build Unit Attention
10311 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
10312 lun->pending_sense[i].ua_pending |=
10313 CTL_UA_ASYM_ACC_CHANGE;
10316 panic("Unhandled HA mode failover, LUN flags = %#x, "
10317 "ha_mode = #%x", lun->flags, ctl_softc->ha_mode);
10321 mtx_unlock(&ctl_softc->ctl_lock);
10325 ctl_scsiio_precheck(struct ctl_softc *ctl_softc, struct ctl_scsiio *ctsio)
10327 struct ctl_lun *lun;
10328 struct ctl_cmd_entry *entry;
10337 opcode = ctsio->cdb[0];
10339 mtx_lock(&ctl_softc->ctl_lock);
10341 if ((ctsio->io_hdr.nexus.targ_lun < CTL_MAX_LUNS)
10342 && (ctl_softc->ctl_luns[ctsio->io_hdr.nexus.targ_lun] != NULL)) {
10343 lun = ctl_softc->ctl_luns[ctsio->io_hdr.nexus.targ_lun];
10345 * If the LUN is invalid, pretend that it doesn't exist.
10346 * It will go away as soon as all pending I/O has been
10349 if (lun->flags & CTL_LUN_DISABLED) {
10352 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr = lun;
10353 ctsio->io_hdr.ctl_private[CTL_PRIV_BACKEND_LUN].ptr =
10355 if (lun->be_lun->lun_type == T_PROCESSOR) {
10356 ctsio->io_hdr.flags |= CTL_FLAG_CONTROL_DEV;
10360 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr = NULL;
10361 ctsio->io_hdr.ctl_private[CTL_PRIV_BACKEND_LUN].ptr = NULL;
10364 entry = &ctl_cmd_table[opcode];
10366 ctsio->io_hdr.flags &= ~CTL_FLAG_DATA_MASK;
10367 ctsio->io_hdr.flags |= entry->flags & CTL_FLAG_DATA_MASK;
10370 * Check to see whether we can send this command to LUNs that don't
10371 * exist. This should pretty much only be the case for inquiry
10372 * and request sense. Further checks, below, really require having
10373 * a LUN, so we can't really check the command anymore. Just put
10374 * it on the rtr queue.
10377 if (entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS)
10380 ctl_set_unsupported_lun(ctsio);
10381 mtx_unlock(&ctl_softc->ctl_lock);
10382 ctl_done((union ctl_io *)ctsio);
10386 * Every I/O goes into the OOA queue for a particular LUN, and
10387 * stays there until completion.
10389 TAILQ_INSERT_TAIL(&lun->ooa_queue, &ctsio->io_hdr, ooa_links);
10392 * Make sure we support this particular command on this LUN.
10393 * e.g., we don't support writes to the control LUN.
10395 switch (lun->be_lun->lun_type) {
10397 if (((entry->flags & CTL_CMD_FLAG_OK_ON_PROC) == 0)
10398 && ((entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS)
10400 ctl_set_invalid_opcode(ctsio);
10401 mtx_unlock(&ctl_softc->ctl_lock);
10402 ctl_done((union ctl_io *)ctsio);
10407 if (((entry->flags & CTL_CMD_FLAG_OK_ON_SLUN) == 0)
10408 && ((entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS)
10410 ctl_set_invalid_opcode(ctsio);
10411 mtx_unlock(&ctl_softc->ctl_lock);
10412 ctl_done((union ctl_io *)ctsio);
10417 printf("Unsupported CTL LUN type %d\n",
10418 lun->be_lun->lun_type);
10419 panic("Unsupported CTL LUN type %d\n",
10420 lun->be_lun->lun_type);
10421 break; /* NOTREACHED */
10425 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus);
10428 * If we've got a request sense, it'll clear the contingent
10429 * allegiance condition. Otherwise, if we have a CA condition for
10430 * this initiator, clear it, because it sent down a command other
10431 * than request sense.
10433 if ((opcode != REQUEST_SENSE)
10434 && (ctl_is_set(lun->have_ca, initidx)))
10435 ctl_clear_mask(lun->have_ca, initidx);
10438 * If the command has this flag set, it handles its own unit
10439 * attention reporting, we shouldn't do anything. Otherwise we
10440 * check for any pending unit attentions, and send them back to the
10441 * initiator. We only do this when a command initially comes in,
10442 * not when we pull it off the blocked queue.
10444 * According to SAM-3, section 5.3.2, the order that things get
10445 * presented back to the host is basically unit attentions caused
10446 * by some sort of reset event, busy status, reservation conflicts
10447 * or task set full, and finally any other status.
10449 * One issue here is that some of the unit attentions we report
10450 * don't fall into the "reset" category (e.g. "reported luns data
10451 * has changed"). So reporting it here, before the reservation
10452 * check, may be technically wrong. I guess the only thing to do
10453 * would be to check for and report the reset events here, and then
10454 * check for the other unit attention types after we check for a
10455 * reservation conflict.
10457 * XXX KDM need to fix this
10459 if ((entry->flags & CTL_CMD_FLAG_NO_SENSE) == 0) {
10460 ctl_ua_type ua_type;
10462 ua_type = lun->pending_sense[initidx].ua_pending;
10463 if (ua_type != CTL_UA_NONE) {
10464 scsi_sense_data_type sense_format;
10467 sense_format = (lun->flags &
10468 CTL_LUN_SENSE_DESC) ? SSD_TYPE_DESC :
10471 sense_format = SSD_TYPE_FIXED;
10473 ua_type = ctl_build_ua(ua_type, &ctsio->sense_data,
10475 if (ua_type != CTL_UA_NONE) {
10476 ctsio->scsi_status = SCSI_STATUS_CHECK_COND;
10477 ctsio->io_hdr.status = CTL_SCSI_ERROR |
10479 ctsio->sense_len = SSD_FULL_SIZE;
10480 lun->pending_sense[initidx].ua_pending &=
10482 mtx_unlock(&ctl_softc->ctl_lock);
10483 ctl_done((union ctl_io *)ctsio);
10490 if (ctl_scsiio_lun_check(ctl_softc, lun, entry, ctsio) != 0) {
10491 mtx_unlock(&ctl_softc->ctl_lock);
10492 ctl_done((union ctl_io *)ctsio);
10497 * XXX CHD this is where we want to send IO to other side if
10498 * this LUN is secondary on this SC. We will need to make a copy
10499 * of the IO and flag the IO on this side as SENT_2OTHER and the flag
10500 * the copy we send as FROM_OTHER.
10501 * We also need to stuff the address of the original IO so we can
10502 * find it easily. Something similar will need be done on the other
10503 * side so when we are done we can find the copy.
10505 if ((lun->flags & CTL_LUN_PRIMARY_SC) == 0) {
10506 union ctl_ha_msg msg_info;
10509 ctsio->io_hdr.flags |= CTL_FLAG_SENT_2OTHER_SC;
10511 msg_info.hdr.msg_type = CTL_MSG_SERIALIZE;
10512 msg_info.hdr.original_sc = (union ctl_io *)ctsio;
10514 printf("1. ctsio %p\n", ctsio);
10516 msg_info.hdr.serializing_sc = NULL;
10517 msg_info.hdr.nexus = ctsio->io_hdr.nexus;
10518 msg_info.scsi.tag_num = ctsio->tag_num;
10519 msg_info.scsi.tag_type = ctsio->tag_type;
10520 memcpy(msg_info.scsi.cdb, ctsio->cdb, CTL_MAX_CDBLEN);
10522 ctsio->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE;
10524 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL,
10525 (void *)&msg_info, sizeof(msg_info), 0)) >
10526 CTL_HA_STATUS_SUCCESS) {
10527 printf("CTL:precheck, ctl_ha_msg_send returned %d\n",
10529 printf("CTL:opcode is %x\n",opcode);
10532 printf("CTL:Precheck sent msg, opcode is %x\n",opcode);
10537 * XXX KDM this I/O is off the incoming queue, but hasn't
10538 * been inserted on any other queue. We may need to come
10539 * up with a holding queue while we wait for serialization
10540 * so that we have an idea of what we're waiting for from
10543 goto bailout_unlock;
10546 switch (ctl_check_ooa(lun, (union ctl_io *)ctsio,
10547 (union ctl_io *)TAILQ_PREV(&ctsio->io_hdr,
10548 ctl_ooaq, ooa_links))) {
10549 case CTL_ACTION_BLOCK:
10550 ctsio->io_hdr.flags |= CTL_FLAG_BLOCKED;
10551 TAILQ_INSERT_TAIL(&lun->blocked_queue, &ctsio->io_hdr,
10553 goto bailout_unlock;
10554 break; /* NOTREACHED */
10555 case CTL_ACTION_PASS:
10556 case CTL_ACTION_SKIP:
10558 break; /* NOTREACHED */
10559 case CTL_ACTION_OVERLAP:
10560 ctl_set_overlapped_cmd(ctsio);
10561 mtx_unlock(&ctl_softc->ctl_lock);
10562 ctl_done((union ctl_io *)ctsio);
10564 break; /* NOTREACHED */
10565 case CTL_ACTION_OVERLAP_TAG:
10566 ctl_set_overlapped_tag(ctsio, ctsio->tag_num & 0xff);
10567 mtx_unlock(&ctl_softc->ctl_lock);
10568 ctl_done((union ctl_io *)ctsio);
10570 break; /* NOTREACHED */
10571 case CTL_ACTION_ERROR:
10573 ctl_set_internal_failure(ctsio,
10575 /*retry_count*/ 0);
10576 mtx_unlock(&ctl_softc->ctl_lock);
10577 ctl_done((union ctl_io *)ctsio);
10579 break; /* NOTREACHED */
10582 goto bailout_unlock;
10585 ctsio->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR;
10586 STAILQ_INSERT_TAIL(&ctl_softc->rtr_queue, &ctsio->io_hdr, links);
10589 mtx_unlock(&ctl_softc->ctl_lock);
10596 ctl_scsiio(struct ctl_scsiio *ctsio)
10599 struct ctl_cmd_entry *entry;
10601 retval = CTL_RETVAL_COMPLETE;
10603 CTL_DEBUG_PRINT(("ctl_scsiio cdb[0]=%02X\n", ctsio->cdb[0]));
10605 entry = &ctl_cmd_table[ctsio->cdb[0]];
10608 * If this I/O has been aborted, just send it straight to
10609 * ctl_done() without executing it.
10611 if (ctsio->io_hdr.flags & CTL_FLAG_ABORT) {
10612 ctl_done((union ctl_io *)ctsio);
10617 * All the checks should have been handled by ctl_scsiio_precheck().
10618 * We should be clear now to just execute the I/O.
10620 retval = entry->execute(ctsio);
10627 * Since we only implement one target right now, a bus reset simply resets
10628 * our single target.
10631 ctl_bus_reset(struct ctl_softc *ctl_softc, union ctl_io *io)
10633 return(ctl_target_reset(ctl_softc, io, CTL_UA_BUS_RESET));
10637 ctl_target_reset(struct ctl_softc *ctl_softc, union ctl_io *io,
10638 ctl_ua_type ua_type)
10640 struct ctl_lun *lun;
10643 if (!(io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) {
10644 union ctl_ha_msg msg_info;
10646 io->io_hdr.flags |= CTL_FLAG_SENT_2OTHER_SC;
10647 msg_info.hdr.nexus = io->io_hdr.nexus;
10648 if (ua_type==CTL_UA_TARG_RESET)
10649 msg_info.task.task_action = CTL_TASK_TARGET_RESET;
10651 msg_info.task.task_action = CTL_TASK_BUS_RESET;
10652 msg_info.hdr.msg_type = CTL_MSG_MANAGE_TASKS;
10653 msg_info.hdr.original_sc = NULL;
10654 msg_info.hdr.serializing_sc = NULL;
10655 if (CTL_HA_STATUS_SUCCESS != ctl_ha_msg_send(CTL_HA_CHAN_CTL,
10656 (void *)&msg_info, sizeof(msg_info), 0)) {
10661 STAILQ_FOREACH(lun, &ctl_softc->lun_list, links)
10662 retval += ctl_lun_reset(lun, io, ua_type);
10668 * The LUN should always be set. The I/O is optional, and is used to
10669 * distinguish between I/Os sent by this initiator, and by other
10670 * initiators. We set unit attention for initiators other than this one.
10671 * SAM-3 is vague on this point. It does say that a unit attention should
10672 * be established for other initiators when a LUN is reset (see section
10673 * 5.7.3), but it doesn't specifically say that the unit attention should
10674 * be established for this particular initiator when a LUN is reset. Here
10675 * is the relevant text, from SAM-3 rev 8:
10677 * 5.7.2 When a SCSI initiator port aborts its own tasks
10679 * When a SCSI initiator port causes its own task(s) to be aborted, no
10680 * notification that the task(s) have been aborted shall be returned to
10681 * the SCSI initiator port other than the completion response for the
10682 * command or task management function action that caused the task(s) to
10683 * be aborted and notification(s) associated with related effects of the
10684 * action (e.g., a reset unit attention condition).
10686 * XXX KDM for now, we're setting unit attention for all initiators.
10689 ctl_lun_reset(struct ctl_lun *lun, union ctl_io *io, ctl_ua_type ua_type)
10693 uint32_t initindex;
10698 * Run through the OOA queue and abort each I/O.
10701 TAILQ_FOREACH((struct ctl_io_hdr *)xio, &lun->ooa_queue, ooa_links) {
10703 for (xio = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); xio != NULL;
10704 xio = (union ctl_io *)TAILQ_NEXT(&xio->io_hdr, ooa_links)) {
10705 xio->io_hdr.flags |= CTL_FLAG_ABORT;
10709 * This version sets unit attention for every
10712 initindex = ctl_get_initindex(&io->io_hdr.nexus);
10713 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
10714 if (initindex == i)
10716 lun->pending_sense[i].ua_pending |= ua_type;
10721 * A reset (any kind, really) clears reservations established with
10722 * RESERVE/RELEASE. It does not clear reservations established
10723 * with PERSISTENT RESERVE OUT, but we don't support that at the
10724 * moment anyway. See SPC-2, section 5.6. SPC-3 doesn't address
10725 * reservations made with the RESERVE/RELEASE commands, because
10726 * those commands are obsolete in SPC-3.
10728 lun->flags &= ~CTL_LUN_RESERVED;
10730 for (i = 0; i < CTL_MAX_INITIATORS; i++) {
10731 ctl_clear_mask(lun->have_ca, i);
10732 lun->pending_sense[i].ua_pending |= ua_type;
10739 ctl_abort_task(union ctl_io *io)
10742 struct ctl_lun *lun;
10743 struct ctl_softc *ctl_softc;
10746 char printbuf[128];
10750 ctl_softc = control_softc;
10756 if ((io->io_hdr.nexus.targ_lun < CTL_MAX_LUNS)
10757 && (ctl_softc->ctl_luns[io->io_hdr.nexus.targ_lun] != NULL))
10758 lun = ctl_softc->ctl_luns[io->io_hdr.nexus.targ_lun];
10763 printf("ctl_abort_task: called for lun %lld, tag %d type %d\n",
10764 lun->lun, io->taskio.tag_num, io->taskio.tag_type);
10768 * Run through the OOA queue and attempt to find the given I/O.
10769 * The target port, initiator ID, tag type and tag number have to
10770 * match the values that we got from the initiator. If we have an
10771 * untagged command to abort, simply abort the first untagged command
10772 * we come to. We only allow one untagged command at a time of course.
10775 TAILQ_FOREACH((struct ctl_io_hdr *)xio, &lun->ooa_queue, ooa_links) {
10777 for (xio = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); xio != NULL;
10778 xio = (union ctl_io *)TAILQ_NEXT(&xio->io_hdr, ooa_links)) {
10780 sbuf_new(&sb, printbuf, sizeof(printbuf), SBUF_FIXEDLEN);
10782 sbuf_printf(&sb, "LUN %lld tag %d type %d%s%s%s%s: ",
10783 lun->lun, xio->scsiio.tag_num,
10784 xio->scsiio.tag_type,
10785 (xio->io_hdr.blocked_links.tqe_prev
10786 == NULL) ? "" : " BLOCKED",
10787 (xio->io_hdr.flags &
10788 CTL_FLAG_DMA_INPROG) ? " DMA" : "",
10789 (xio->io_hdr.flags &
10790 CTL_FLAG_ABORT) ? " ABORT" : "",
10791 (xio->io_hdr.flags &
10792 CTL_FLAG_IS_WAS_ON_RTR ? " RTR" : ""));
10793 ctl_scsi_command_string(&xio->scsiio, NULL, &sb);
10795 printf("%s\n", sbuf_data(&sb));
10798 if ((xio->io_hdr.nexus.targ_port == io->io_hdr.nexus.targ_port)
10799 && (xio->io_hdr.nexus.initid.id ==
10800 io->io_hdr.nexus.initid.id)) {
10802 * If the abort says that the task is untagged, the
10803 * task in the queue must be untagged. Otherwise,
10804 * we just check to see whether the tag numbers
10805 * match. This is because the QLogic firmware
10806 * doesn't pass back the tag type in an abort
10810 if (((xio->scsiio.tag_type == CTL_TAG_UNTAGGED)
10811 && (io->taskio.tag_type == CTL_TAG_UNTAGGED))
10812 || (xio->scsiio.tag_num == io->taskio.tag_num)) {
10815 * XXX KDM we've got problems with FC, because it
10816 * doesn't send down a tag type with aborts. So we
10817 * can only really go by the tag number...
10818 * This may cause problems with parallel SCSI.
10819 * Need to figure that out!!
10821 if (xio->scsiio.tag_num == io->taskio.tag_num) {
10822 xio->io_hdr.flags |= CTL_FLAG_ABORT;
10824 if ((io->io_hdr.flags &
10825 CTL_FLAG_FROM_OTHER_SC) == 0 &&
10826 !(lun->flags & CTL_LUN_PRIMARY_SC)) {
10827 union ctl_ha_msg msg_info;
10829 io->io_hdr.flags |=
10830 CTL_FLAG_SENT_2OTHER_SC;
10831 msg_info.hdr.nexus = io->io_hdr.nexus;
10832 msg_info.task.task_action =
10833 CTL_TASK_ABORT_TASK;
10834 msg_info.task.tag_num =
10835 io->taskio.tag_num;
10836 msg_info.task.tag_type =
10837 io->taskio.tag_type;
10838 msg_info.hdr.msg_type =
10839 CTL_MSG_MANAGE_TASKS;
10840 msg_info.hdr.original_sc = NULL;
10841 msg_info.hdr.serializing_sc = NULL;
10843 printf("Sent Abort to other side\n");
10845 if (CTL_HA_STATUS_SUCCESS !=
10846 ctl_ha_msg_send(CTL_HA_CHAN_CTL,
10848 sizeof(msg_info), 0)) {
10852 printf("ctl_abort_task: found I/O to abort\n");
10863 * This isn't really an error. It's entirely possible for
10864 * the abort and command completion to cross on the wire.
10865 * This is more of an informative/diagnostic error.
10868 printf("ctl_abort_task: ABORT sent for nonexistent I/O: "
10869 "%d:%d:%d:%d tag %d type %d\n",
10870 io->io_hdr.nexus.initid.id,
10871 io->io_hdr.nexus.targ_port,
10872 io->io_hdr.nexus.targ_target.id,
10873 io->io_hdr.nexus.targ_lun, io->taskio.tag_num,
10874 io->taskio.tag_type);
10882 * This routine cannot block! It must be callable from an interrupt
10883 * handler as well as from the work thread.
10886 ctl_run_task_queue(struct ctl_softc *ctl_softc)
10888 union ctl_io *io, *next_io;
10890 mtx_assert(&ctl_softc->ctl_lock, MA_OWNED);
10892 CTL_DEBUG_PRINT(("ctl_run_task_queue\n"));
10894 for (io = (union ctl_io *)STAILQ_FIRST(&ctl_softc->task_queue);
10895 io != NULL; io = next_io) {
10897 const char *task_desc;
10899 next_io = (union ctl_io *)STAILQ_NEXT(&io->io_hdr, links);
10903 switch (io->io_hdr.io_type) {
10904 case CTL_IO_TASK: {
10905 task_desc = ctl_scsi_task_string(&io->taskio);
10906 if (task_desc != NULL) {
10908 csevent_log(CSC_CTL | CSC_SHELF_SW |
10910 csevent_LogType_Trace,
10911 csevent_Severity_Information,
10912 csevent_AlertLevel_Green,
10913 csevent_FRU_Firmware,
10914 csevent_FRU_Unknown,
10915 "CTL: received task: %s",task_desc);
10919 csevent_log(CSC_CTL | CSC_SHELF_SW |
10921 csevent_LogType_Trace,
10922 csevent_Severity_Information,
10923 csevent_AlertLevel_Green,
10924 csevent_FRU_Firmware,
10925 csevent_FRU_Unknown,
10926 "CTL: received unknown task "
10928 io->taskio.task_action,
10929 io->taskio.task_action);
10932 switch (io->taskio.task_action) {
10933 case CTL_TASK_ABORT_TASK:
10934 retval = ctl_abort_task(io);
10936 case CTL_TASK_ABORT_TASK_SET:
10938 case CTL_TASK_CLEAR_ACA:
10940 case CTL_TASK_CLEAR_TASK_SET:
10942 case CTL_TASK_LUN_RESET: {
10943 struct ctl_lun *lun;
10947 targ_lun = io->io_hdr.nexus.targ_lun;
10949 if ((targ_lun < CTL_MAX_LUNS)
10950 && (ctl_softc->ctl_luns[targ_lun] != NULL))
10951 lun = ctl_softc->ctl_luns[targ_lun];
10957 if (!(io->io_hdr.flags &
10958 CTL_FLAG_FROM_OTHER_SC)) {
10959 union ctl_ha_msg msg_info;
10961 io->io_hdr.flags |=
10962 CTL_FLAG_SENT_2OTHER_SC;
10963 msg_info.hdr.msg_type =
10964 CTL_MSG_MANAGE_TASKS;
10965 msg_info.hdr.nexus = io->io_hdr.nexus;
10966 msg_info.task.task_action =
10967 CTL_TASK_LUN_RESET;
10968 msg_info.hdr.original_sc = NULL;
10969 msg_info.hdr.serializing_sc = NULL;
10970 if (CTL_HA_STATUS_SUCCESS !=
10971 ctl_ha_msg_send(CTL_HA_CHAN_CTL,
10973 sizeof(msg_info), 0)) {
10977 retval = ctl_lun_reset(lun, io,
10981 case CTL_TASK_TARGET_RESET:
10982 retval = ctl_target_reset(ctl_softc, io,
10983 CTL_UA_TARG_RESET);
10985 case CTL_TASK_BUS_RESET:
10986 retval = ctl_bus_reset(ctl_softc, io);
10988 case CTL_TASK_PORT_LOGIN:
10990 case CTL_TASK_PORT_LOGOUT:
10993 printf("ctl_run_task_queue: got unknown task "
10994 "management event %d\n",
10995 io->taskio.task_action);
10999 io->io_hdr.status = CTL_SUCCESS;
11001 io->io_hdr.status = CTL_ERROR;
11003 STAILQ_REMOVE(&ctl_softc->task_queue, &io->io_hdr,
11004 ctl_io_hdr, links);
11006 * This will queue this I/O to the done queue, but the
11007 * work thread won't be able to process it until we
11008 * return and the lock is released.
11010 ctl_done_lock(io, /*have_lock*/ 1);
11015 printf("%s: invalid I/O type %d msg %d cdb %x"
11016 " iptl: %ju:%d:%ju:%d tag 0x%04x\n",
11017 __func__, io->io_hdr.io_type,
11018 io->io_hdr.msg_type, io->scsiio.cdb[0],
11019 (uintmax_t)io->io_hdr.nexus.initid.id,
11020 io->io_hdr.nexus.targ_port,
11021 (uintmax_t)io->io_hdr.nexus.targ_target.id,
11022 io->io_hdr.nexus.targ_lun,
11023 (io->io_hdr.io_type == CTL_IO_TASK) ?
11024 io->taskio.tag_num : io->scsiio.tag_num);
11025 STAILQ_REMOVE(&ctl_softc->task_queue, &io->io_hdr,
11026 ctl_io_hdr, links);
11033 ctl_softc->flags &= ~CTL_FLAG_TASK_PENDING;
11037 * For HA operation. Handle commands that come in from the other
11041 ctl_handle_isc(union ctl_io *io)
11044 struct ctl_lun *lun;
11045 struct ctl_softc *ctl_softc;
11047 ctl_softc = control_softc;
11049 lun = ctl_softc->ctl_luns[io->io_hdr.nexus.targ_lun];
11051 switch (io->io_hdr.msg_type) {
11052 case CTL_MSG_SERIALIZE:
11053 free_io = ctl_serialize_other_sc_cmd(&io->scsiio,
11056 case CTL_MSG_R2R: {
11058 struct ctl_cmd_entry *entry;
11061 * This is only used in SER_ONLY mode.
11064 opcode = io->scsiio.cdb[0];
11065 entry = &ctl_cmd_table[opcode];
11066 mtx_lock(&ctl_softc->ctl_lock);
11067 if (ctl_scsiio_lun_check(ctl_softc, lun,
11068 entry, (struct ctl_scsiio *)io) != 0) {
11069 ctl_done_lock(io, /*have_lock*/ 1);
11070 mtx_unlock(&ctl_softc->ctl_lock);
11073 io->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR;
11074 STAILQ_INSERT_TAIL(&ctl_softc->rtr_queue,
11075 &io->io_hdr, links);
11076 mtx_unlock(&ctl_softc->ctl_lock);
11079 case CTL_MSG_FINISH_IO:
11080 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) {
11082 ctl_done_lock(io, /*have_lock*/ 0);
11085 mtx_lock(&ctl_softc->ctl_lock);
11086 TAILQ_REMOVE(&lun->ooa_queue, &io->io_hdr,
11088 STAILQ_REMOVE(&ctl_softc->task_queue,
11089 &io->io_hdr, ctl_io_hdr, links);
11090 ctl_check_blocked(lun);
11091 mtx_unlock(&ctl_softc->ctl_lock);
11094 case CTL_MSG_PERS_ACTION:
11095 ctl_hndl_per_res_out_on_other_sc(
11096 (union ctl_ha_msg *)&io->presio.pr_msg);
11099 case CTL_MSG_BAD_JUJU:
11101 ctl_done_lock(io, /*have_lock*/ 0);
11103 case CTL_MSG_DATAMOVE:
11104 /* Only used in XFER mode */
11106 ctl_datamove_remote(io);
11108 case CTL_MSG_DATAMOVE_DONE:
11109 /* Only used in XFER mode */
11111 io->scsiio.be_move_done(io);
11115 printf("%s: Invalid message type %d\n",
11116 __func__, io->io_hdr.msg_type);
11126 * Returns the match type in the case of a match, or CTL_LUN_PAT_NONE if
11127 * there is no match.
11129 static ctl_lun_error_pattern
11130 ctl_cmd_pattern_match(struct ctl_scsiio *ctsio, struct ctl_error_desc *desc)
11132 struct ctl_cmd_entry *entry;
11133 ctl_lun_error_pattern filtered_pattern, pattern;
11136 pattern = desc->error_pattern;
11139 * XXX KDM we need more data passed into this function to match a
11140 * custom pattern, and we actually need to implement custom pattern
11143 if (pattern & CTL_LUN_PAT_CMD)
11144 return (CTL_LUN_PAT_CMD);
11146 if ((pattern & CTL_LUN_PAT_MASK) == CTL_LUN_PAT_ANY)
11147 return (CTL_LUN_PAT_ANY);
11149 opcode = ctsio->cdb[0];
11150 entry = &ctl_cmd_table[opcode];
11152 filtered_pattern = entry->pattern & pattern;
11155 * If the user requested specific flags in the pattern (e.g.
11156 * CTL_LUN_PAT_RANGE), make sure the command supports all of those
11159 * If the user did not specify any flags, it doesn't matter whether
11160 * or not the command supports the flags.
11162 if ((filtered_pattern & ~CTL_LUN_PAT_MASK) !=
11163 (pattern & ~CTL_LUN_PAT_MASK))
11164 return (CTL_LUN_PAT_NONE);
11167 * If the user asked for a range check, see if the requested LBA
11168 * range overlaps with this command's LBA range.
11170 if (filtered_pattern & CTL_LUN_PAT_RANGE) {
11176 retval = ctl_get_lba_len((union ctl_io *)ctsio, &lba1, &len1);
11178 return (CTL_LUN_PAT_NONE);
11180 action = ctl_extent_check_lba(lba1, len1, desc->lba_range.lba,
11181 desc->lba_range.len);
11183 * A "pass" means that the LBA ranges don't overlap, so
11184 * this doesn't match the user's range criteria.
11186 if (action == CTL_ACTION_PASS)
11187 return (CTL_LUN_PAT_NONE);
11190 return (filtered_pattern);
11194 ctl_inject_error(struct ctl_lun *lun, union ctl_io *io)
11196 struct ctl_error_desc *desc, *desc2;
11198 mtx_assert(&control_softc->ctl_lock, MA_OWNED);
11200 STAILQ_FOREACH_SAFE(desc, &lun->error_list, links, desc2) {
11201 ctl_lun_error_pattern pattern;
11203 * Check to see whether this particular command matches
11204 * the pattern in the descriptor.
11206 pattern = ctl_cmd_pattern_match(&io->scsiio, desc);
11207 if ((pattern & CTL_LUN_PAT_MASK) == CTL_LUN_PAT_NONE)
11210 switch (desc->lun_error & CTL_LUN_INJ_TYPE) {
11211 case CTL_LUN_INJ_ABORTED:
11212 ctl_set_aborted(&io->scsiio);
11214 case CTL_LUN_INJ_MEDIUM_ERR:
11215 ctl_set_medium_error(&io->scsiio);
11217 case CTL_LUN_INJ_UA:
11218 /* 29h/00h POWER ON, RESET, OR BUS DEVICE RESET
11220 ctl_set_ua(&io->scsiio, 0x29, 0x00);
11222 case CTL_LUN_INJ_CUSTOM:
11224 * We're assuming the user knows what he is doing.
11225 * Just copy the sense information without doing
11228 bcopy(&desc->custom_sense, &io->scsiio.sense_data,
11229 ctl_min(sizeof(desc->custom_sense),
11230 sizeof(io->scsiio.sense_data)));
11231 io->scsiio.scsi_status = SCSI_STATUS_CHECK_COND;
11232 io->scsiio.sense_len = SSD_FULL_SIZE;
11233 io->io_hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE;
11235 case CTL_LUN_INJ_NONE:
11238 * If this is an error injection type we don't know
11239 * about, clear the continuous flag (if it is set)
11240 * so it will get deleted below.
11242 desc->lun_error &= ~CTL_LUN_INJ_CONTINUOUS;
11246 * By default, each error injection action is a one-shot
11248 if (desc->lun_error & CTL_LUN_INJ_CONTINUOUS)
11251 STAILQ_REMOVE(&lun->error_list, desc, ctl_error_desc, links);
11257 #ifdef CTL_IO_DELAY
11259 ctl_datamove_timer_wakeup(void *arg)
11263 io = (union ctl_io *)arg;
11267 #endif /* CTL_IO_DELAY */
11270 ctl_datamove(union ctl_io *io)
11272 void (*fe_datamove)(union ctl_io *io);
11274 mtx_assert(&control_softc->ctl_lock, MA_NOTOWNED);
11276 CTL_DEBUG_PRINT(("ctl_datamove\n"));
11279 if ((time_uptime - io->io_hdr.start_time) > ctl_time_io_secs) {
11284 ctl_scsi_path_string(io, path_str, sizeof(path_str));
11285 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN);
11287 sbuf_cat(&sb, path_str);
11288 switch (io->io_hdr.io_type) {
11290 ctl_scsi_command_string(&io->scsiio, NULL, &sb);
11291 sbuf_printf(&sb, "\n");
11292 sbuf_cat(&sb, path_str);
11293 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n",
11294 io->scsiio.tag_num, io->scsiio.tag_type);
11297 sbuf_printf(&sb, "Task I/O type: %d, Tag: 0x%04x, "
11298 "Tag Type: %d\n", io->taskio.task_action,
11299 io->taskio.tag_num, io->taskio.tag_type);
11302 printf("Invalid CTL I/O type %d\n", io->io_hdr.io_type);
11303 panic("Invalid CTL I/O type %d\n", io->io_hdr.io_type);
11306 sbuf_cat(&sb, path_str);
11307 sbuf_printf(&sb, "ctl_datamove: %jd seconds\n",
11308 (intmax_t)time_uptime - io->io_hdr.start_time);
11310 printf("%s", sbuf_data(&sb));
11312 #endif /* CTL_TIME_IO */
11314 mtx_lock(&control_softc->ctl_lock);
11315 #ifdef CTL_IO_DELAY
11316 if (io->io_hdr.flags & CTL_FLAG_DELAY_DONE) {
11317 struct ctl_lun *lun;
11319 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
11321 io->io_hdr.flags &= ~CTL_FLAG_DELAY_DONE;
11323 struct ctl_lun *lun;
11325 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
11327 && (lun->delay_info.datamove_delay > 0)) {
11328 struct callout *callout;
11330 callout = (struct callout *)&io->io_hdr.timer_bytes;
11331 callout_init(callout, /*mpsafe*/ 1);
11332 io->io_hdr.flags |= CTL_FLAG_DELAY_DONE;
11333 callout_reset(callout,
11334 lun->delay_info.datamove_delay * hz,
11335 ctl_datamove_timer_wakeup, io);
11336 if (lun->delay_info.datamove_type ==
11337 CTL_DELAY_TYPE_ONESHOT)
11338 lun->delay_info.datamove_delay = 0;
11339 mtx_unlock(&control_softc->ctl_lock);
11345 * If we have any pending task management commands, process them
11346 * first. This is necessary to eliminate a race condition with the
11349 * - FETD submits a task management command, like an abort.
11350 * - Back end calls fe_datamove() to move the data for the aborted
11351 * command. The FETD can't really accept it, but if it did, it
11352 * would end up transmitting data for a command that the initiator
11353 * told us to abort.
11355 * We close the race by processing all pending task management
11356 * commands here (we can't block!), and then check this I/O to see
11357 * if it has been aborted. If so, return it to the back end with
11358 * bad status, so the back end can say return an error to the back end
11359 * and then when the back end returns an error, we can return the
11360 * aborted command to the FETD, so it can clean up its resources.
11362 if (control_softc->flags & CTL_FLAG_TASK_PENDING)
11363 ctl_run_task_queue(control_softc);
11366 * This command has been aborted. Set the port status, so we fail
11369 if (io->io_hdr.flags & CTL_FLAG_ABORT) {
11370 printf("ctl_datamove: tag 0x%04x on (%ju:%d:%ju:%d) aborted\n",
11371 io->scsiio.tag_num,(uintmax_t)io->io_hdr.nexus.initid.id,
11372 io->io_hdr.nexus.targ_port,
11373 (uintmax_t)io->io_hdr.nexus.targ_target.id,
11374 io->io_hdr.nexus.targ_lun);
11375 io->io_hdr.status = CTL_CMD_ABORTED;
11376 io->io_hdr.port_status = 31337;
11377 mtx_unlock(&control_softc->ctl_lock);
11379 * Note that the backend, in this case, will get the
11380 * callback in its context. In other cases it may get
11381 * called in the frontend's interrupt thread context.
11383 io->scsiio.be_move_done(io);
11388 * If we're in XFER mode and this I/O is from the other shelf
11389 * controller, we need to send the DMA to the other side to
11390 * actually transfer the data to/from the host. In serialize only
11391 * mode the transfer happens below CTL and ctl_datamove() is only
11392 * called on the machine that originally received the I/O.
11394 if ((control_softc->ha_mode == CTL_HA_MODE_XFER)
11395 && (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) {
11396 union ctl_ha_msg msg;
11397 uint32_t sg_entries_sent;
11401 memset(&msg, 0, sizeof(msg));
11402 msg.hdr.msg_type = CTL_MSG_DATAMOVE;
11403 msg.hdr.original_sc = io->io_hdr.original_sc;
11404 msg.hdr.serializing_sc = io;
11405 msg.hdr.nexus = io->io_hdr.nexus;
11406 msg.dt.flags = io->io_hdr.flags;
11408 * We convert everything into a S/G list here. We can't
11409 * pass by reference, only by value between controllers.
11410 * So we can't pass a pointer to the S/G list, only as many
11411 * S/G entries as we can fit in here. If it's possible for
11412 * us to get more than CTL_HA_MAX_SG_ENTRIES S/G entries,
11413 * then we need to break this up into multiple transfers.
11415 if (io->scsiio.kern_sg_entries == 0) {
11416 msg.dt.kern_sg_entries = 1;
11418 * If this is in cached memory, flush the cache
11419 * before we send the DMA request to the other
11420 * controller. We want to do this in either the
11421 * read or the write case. The read case is
11422 * straightforward. In the write case, we want to
11423 * make sure nothing is in the local cache that
11424 * could overwrite the DMAed data.
11426 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) {
11428 * XXX KDM use bus_dmamap_sync() here.
11433 * Convert to a physical address if this is a
11436 if (io->io_hdr.flags & CTL_FLAG_BUS_ADDR) {
11437 msg.dt.sg_list[0].addr =
11438 io->scsiio.kern_data_ptr;
11441 * XXX KDM use busdma here!
11444 msg.dt.sg_list[0].addr = (void *)
11445 vtophys(io->scsiio.kern_data_ptr);
11449 msg.dt.sg_list[0].len = io->scsiio.kern_data_len;
11452 struct ctl_sg_entry *sgl;
11455 msg.dt.kern_sg_entries = io->scsiio.kern_sg_entries;
11456 sgl = (struct ctl_sg_entry *)io->scsiio.kern_data_ptr;
11457 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) {
11459 * XXX KDM use bus_dmamap_sync() here.
11464 msg.dt.kern_data_len = io->scsiio.kern_data_len;
11465 msg.dt.kern_total_len = io->scsiio.kern_total_len;
11466 msg.dt.kern_data_resid = io->scsiio.kern_data_resid;
11467 msg.dt.kern_rel_offset = io->scsiio.kern_rel_offset;
11468 msg.dt.sg_sequence = 0;
11471 * Loop until we've sent all of the S/G entries. On the
11472 * other end, we'll recompose these S/G entries into one
11473 * contiguous list before passing it to the
11475 for (sg_entries_sent = 0; sg_entries_sent <
11476 msg.dt.kern_sg_entries; msg.dt.sg_sequence++) {
11477 msg.dt.cur_sg_entries = ctl_min((sizeof(msg.dt.sg_list)/
11478 sizeof(msg.dt.sg_list[0])),
11479 msg.dt.kern_sg_entries - sg_entries_sent);
11481 if (do_sg_copy != 0) {
11482 struct ctl_sg_entry *sgl;
11485 sgl = (struct ctl_sg_entry *)
11486 io->scsiio.kern_data_ptr;
11488 * If this is in cached memory, flush the cache
11489 * before we send the DMA request to the other
11490 * controller. We want to do this in either
11491 * the * read or the write case. The read
11492 * case is straightforward. In the write
11493 * case, we want to make sure nothing is
11494 * in the local cache that could overwrite
11498 for (i = sg_entries_sent, j = 0;
11499 i < msg.dt.cur_sg_entries; i++, j++) {
11500 if ((io->io_hdr.flags &
11501 CTL_FLAG_NO_DATASYNC) == 0) {
11503 * XXX KDM use bus_dmamap_sync()
11506 if ((io->io_hdr.flags &
11507 CTL_FLAG_BUS_ADDR) == 0) {
11509 * XXX KDM use busdma.
11512 msg.dt.sg_list[j].addr =(void *)
11513 vtophys(sgl[i].addr);
11516 msg.dt.sg_list[j].addr =
11519 msg.dt.sg_list[j].len = sgl[i].len;
11523 sg_entries_sent += msg.dt.cur_sg_entries;
11524 if (sg_entries_sent >= msg.dt.kern_sg_entries)
11525 msg.dt.sg_last = 1;
11527 msg.dt.sg_last = 0;
11530 * XXX KDM drop and reacquire the lock here?
11532 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg,
11533 sizeof(msg), 0) > CTL_HA_STATUS_SUCCESS) {
11535 * XXX do something here.
11539 msg.dt.sent_sg_entries = sg_entries_sent;
11541 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE;
11542 if (io->io_hdr.flags & CTL_FLAG_FAILOVER)
11543 ctl_failover_io(io, /*have_lock*/ 1);
11548 * Lookup the fe_datamove() function for this particular
11552 control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove;
11553 mtx_unlock(&control_softc->ctl_lock);
11560 ctl_send_datamove_done(union ctl_io *io, int have_lock)
11562 union ctl_ha_msg msg;
11565 memset(&msg, 0, sizeof(msg));
11567 msg.hdr.msg_type = CTL_MSG_DATAMOVE_DONE;
11568 msg.hdr.original_sc = io;
11569 msg.hdr.serializing_sc = io->io_hdr.serializing_sc;
11570 msg.hdr.nexus = io->io_hdr.nexus;
11571 msg.hdr.status = io->io_hdr.status;
11572 msg.scsi.tag_num = io->scsiio.tag_num;
11573 msg.scsi.tag_type = io->scsiio.tag_type;
11574 msg.scsi.scsi_status = io->scsiio.scsi_status;
11575 memcpy(&msg.scsi.sense_data, &io->scsiio.sense_data,
11576 sizeof(io->scsiio.sense_data));
11577 msg.scsi.sense_len = io->scsiio.sense_len;
11578 msg.scsi.sense_residual = io->scsiio.sense_residual;
11579 msg.scsi.fetd_status = io->io_hdr.port_status;
11580 msg.scsi.residual = io->scsiio.residual;
11581 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE;
11583 if (io->io_hdr.flags & CTL_FLAG_FAILOVER) {
11584 ctl_failover_io(io, /*have_lock*/ have_lock);
11588 isc_status = ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, sizeof(msg), 0);
11589 if (isc_status > CTL_HA_STATUS_SUCCESS) {
11590 /* XXX do something if this fails */
11596 * The DMA to the remote side is done, now we need to tell the other side
11597 * we're done so it can continue with its data movement.
11600 ctl_datamove_remote_write_cb(struct ctl_ha_dt_req *rq)
11606 if (rq->ret != CTL_HA_STATUS_SUCCESS) {
11607 printf("%s: ISC DMA write failed with error %d", __func__,
11609 ctl_set_internal_failure(&io->scsiio,
11611 /*retry_count*/ rq->ret);
11614 ctl_dt_req_free(rq);
11617 * In this case, we had to malloc the memory locally. Free it.
11619 if ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0) {
11621 for (i = 0; i < io->scsiio.kern_sg_entries; i++)
11622 free(io->io_hdr.local_sglist[i].addr, M_CTL);
11625 * The data is in local and remote memory, so now we need to send
11626 * status (good or back) back to the other side.
11628 ctl_send_datamove_done(io, /*have_lock*/ 0);
11632 * We've moved the data from the host/controller into local memory. Now we
11633 * need to push it over to the remote controller's memory.
11636 ctl_datamove_remote_dm_write_cb(union ctl_io *io)
11642 retval = ctl_datamove_remote_xfer(io, CTL_HA_DT_CMD_WRITE,
11643 ctl_datamove_remote_write_cb);
11649 ctl_datamove_remote_write(union ctl_io *io)
11652 void (*fe_datamove)(union ctl_io *io);
11655 * - Get the data from the host/HBA into local memory.
11656 * - DMA memory from the local controller to the remote controller.
11657 * - Send status back to the remote controller.
11660 retval = ctl_datamove_remote_sgl_setup(io);
11664 /* Switch the pointer over so the FETD knows what to do */
11665 io->scsiio.kern_data_ptr = (uint8_t *)io->io_hdr.local_sglist;
11668 * Use a custom move done callback, since we need to send completion
11669 * back to the other controller, not to the backend on this side.
11671 io->scsiio.be_move_done = ctl_datamove_remote_dm_write_cb;
11673 fe_datamove = control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove;
11682 ctl_datamove_remote_dm_read_cb(union ctl_io *io)
11691 * In this case, we had to malloc the memory locally. Free it.
11693 if ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0) {
11695 for (i = 0; i < io->scsiio.kern_sg_entries; i++)
11696 free(io->io_hdr.local_sglist[i].addr, M_CTL);
11700 scsi_path_string(io, path_str, sizeof(path_str));
11701 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN);
11702 sbuf_cat(&sb, path_str);
11703 scsi_command_string(&io->scsiio, NULL, &sb);
11704 sbuf_printf(&sb, "\n");
11705 sbuf_cat(&sb, path_str);
11706 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n",
11707 io->scsiio.tag_num, io->scsiio.tag_type);
11708 sbuf_cat(&sb, path_str);
11709 sbuf_printf(&sb, "%s: flags %#x, status %#x\n", __func__,
11710 io->io_hdr.flags, io->io_hdr.status);
11712 printk("%s", sbuf_data(&sb));
11717 * The read is done, now we need to send status (good or bad) back
11718 * to the other side.
11720 ctl_send_datamove_done(io, /*have_lock*/ 0);
11726 ctl_datamove_remote_read_cb(struct ctl_ha_dt_req *rq)
11729 void (*fe_datamove)(union ctl_io *io);
11733 if (rq->ret != CTL_HA_STATUS_SUCCESS) {
11734 printf("%s: ISC DMA read failed with error %d", __func__,
11736 ctl_set_internal_failure(&io->scsiio,
11738 /*retry_count*/ rq->ret);
11741 ctl_dt_req_free(rq);
11743 /* Switch the pointer over so the FETD knows what to do */
11744 io->scsiio.kern_data_ptr = (uint8_t *)io->io_hdr.local_sglist;
11747 * Use a custom move done callback, since we need to send completion
11748 * back to the other controller, not to the backend on this side.
11750 io->scsiio.be_move_done = ctl_datamove_remote_dm_read_cb;
11752 /* XXX KDM add checks like the ones in ctl_datamove? */
11754 fe_datamove = control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove;
11760 ctl_datamove_remote_sgl_setup(union ctl_io *io)
11762 struct ctl_sg_entry *local_sglist, *remote_sglist;
11763 struct ctl_sg_entry *local_dma_sglist, *remote_dma_sglist;
11764 struct ctl_softc *softc;
11769 softc = control_softc;
11771 local_sglist = io->io_hdr.local_sglist;
11772 local_dma_sglist = io->io_hdr.local_dma_sglist;
11773 remote_sglist = io->io_hdr.remote_sglist;
11774 remote_dma_sglist = io->io_hdr.remote_dma_sglist;
11776 if (io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) {
11777 for (i = 0; i < io->scsiio.kern_sg_entries; i++) {
11778 local_sglist[i].len = remote_sglist[i].len;
11781 * XXX Detect the situation where the RS-level I/O
11782 * redirector on the other side has already read the
11783 * data off of the AOR RS on this side, and
11784 * transferred it to remote (mirror) memory on the
11785 * other side. Since we already have the data in
11786 * memory here, we just need to use it.
11788 * XXX KDM this can probably be removed once we
11789 * get the cache device code in and take the
11790 * current AOR implementation out.
11793 if ((remote_sglist[i].addr >=
11794 (void *)vtophys(softc->mirr->addr))
11795 && (remote_sglist[i].addr <
11796 ((void *)vtophys(softc->mirr->addr) +
11797 CacheMirrorOffset))) {
11798 local_sglist[i].addr = remote_sglist[i].addr -
11800 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) ==
11802 io->io_hdr.flags |= CTL_FLAG_REDIR_DONE;
11804 local_sglist[i].addr = remote_sglist[i].addr +
11809 printf("%s: local %p, remote %p, len %d\n",
11810 __func__, local_sglist[i].addr,
11811 remote_sglist[i].addr, local_sglist[i].len);
11815 uint32_t len_to_go;
11818 * In this case, we don't have automatically allocated
11819 * memory for this I/O on this controller. This typically
11820 * happens with internal CTL I/O -- e.g. inquiry, mode
11821 * sense, etc. Anything coming from RAIDCore will have
11822 * a mirror area available.
11824 len_to_go = io->scsiio.kern_data_len;
11827 * Clear the no datasync flag, we have to use malloced
11830 io->io_hdr.flags &= ~CTL_FLAG_NO_DATASYNC;
11833 * The difficult thing here is that the size of the various
11834 * S/G segments may be different than the size from the
11835 * remote controller. That'll make it harder when DMAing
11836 * the data back to the other side.
11838 for (i = 0; (i < sizeof(io->io_hdr.remote_sglist) /
11839 sizeof(io->io_hdr.remote_sglist[0])) &&
11840 (len_to_go > 0); i++) {
11841 local_sglist[i].len = ctl_min(len_to_go, 131072);
11842 CTL_SIZE_8B(local_dma_sglist[i].len,
11843 local_sglist[i].len);
11844 local_sglist[i].addr =
11845 malloc(local_dma_sglist[i].len, M_CTL,M_WAITOK);
11847 local_dma_sglist[i].addr = local_sglist[i].addr;
11849 if (local_sglist[i].addr == NULL) {
11852 printf("malloc failed for %zd bytes!",
11853 local_dma_sglist[i].len);
11854 for (j = 0; j < i; j++) {
11855 free(local_sglist[j].addr, M_CTL);
11857 ctl_set_internal_failure(&io->scsiio,
11859 /*retry_count*/ 4857);
11861 goto bailout_error;
11864 /* XXX KDM do we need a sync here? */
11866 len_to_go -= local_sglist[i].len;
11869 * Reset the number of S/G entries accordingly. The
11870 * original number of S/G entries is available in
11873 io->scsiio.kern_sg_entries = i;
11876 printf("%s: kern_sg_entries = %d\n", __func__,
11877 io->scsiio.kern_sg_entries);
11878 for (i = 0; i < io->scsiio.kern_sg_entries; i++)
11879 printf("%s: sg[%d] = %p, %d (DMA: %d)\n", __func__, i,
11880 local_sglist[i].addr, local_sglist[i].len,
11881 local_dma_sglist[i].len);
11890 ctl_send_datamove_done(io, /*have_lock*/ 0);
11896 ctl_datamove_remote_xfer(union ctl_io *io, unsigned command,
11897 ctl_ha_dt_cb callback)
11899 struct ctl_ha_dt_req *rq;
11900 struct ctl_sg_entry *remote_sglist, *local_sglist;
11901 struct ctl_sg_entry *remote_dma_sglist, *local_dma_sglist;
11902 uint32_t local_used, remote_used, total_used;
11908 rq = ctl_dt_req_alloc();
11911 * If we failed to allocate the request, and if the DMA didn't fail
11912 * anyway, set busy status. This is just a resource allocation
11916 && ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_STATUS_NONE))
11917 ctl_set_busy(&io->scsiio);
11919 if ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_STATUS_NONE) {
11922 ctl_dt_req_free(rq);
11925 * The data move failed. We need to return status back
11926 * to the other controller. No point in trying to DMA
11927 * data to the remote controller.
11930 ctl_send_datamove_done(io, /*have_lock*/ 0);
11937 local_sglist = io->io_hdr.local_sglist;
11938 local_dma_sglist = io->io_hdr.local_dma_sglist;
11939 remote_sglist = io->io_hdr.remote_sglist;
11940 remote_dma_sglist = io->io_hdr.remote_dma_sglist;
11945 if (io->io_hdr.flags & CTL_FLAG_REDIR_DONE) {
11946 rq->ret = CTL_HA_STATUS_SUCCESS;
11953 * Pull/push the data over the wire from/to the other controller.
11954 * This takes into account the possibility that the local and
11955 * remote sglists may not be identical in terms of the size of
11956 * the elements and the number of elements.
11958 * One fundamental assumption here is that the length allocated for
11959 * both the local and remote sglists is identical. Otherwise, we've
11960 * essentially got a coding error of some sort.
11962 for (i = 0, j = 0; total_used < io->scsiio.kern_data_len; ) {
11964 uint32_t cur_len, dma_length;
11967 rq->id = CTL_HA_DATA_CTL;
11968 rq->command = command;
11972 * Both pointers should be aligned. But it is possible
11973 * that the allocation length is not. They should both
11974 * also have enough slack left over at the end, though,
11975 * to round up to the next 8 byte boundary.
11977 cur_len = ctl_min(local_sglist[i].len - local_used,
11978 remote_sglist[j].len - remote_used);
11981 * In this case, we have a size issue and need to decrease
11982 * the size, except in the case where we actually have less
11983 * than 8 bytes left. In that case, we need to increase
11984 * the DMA length to get the last bit.
11986 if ((cur_len & 0x7) != 0) {
11987 if (cur_len > 0x7) {
11988 cur_len = cur_len - (cur_len & 0x7);
11989 dma_length = cur_len;
11991 CTL_SIZE_8B(dma_length, cur_len);
11995 dma_length = cur_len;
11998 * If we had to allocate memory for this I/O, instead of using
11999 * the non-cached mirror memory, we'll need to flush the cache
12000 * before trying to DMA to the other controller.
12002 * We could end up doing this multiple times for the same
12003 * segment if we have a larger local segment than remote
12004 * segment. That shouldn't be an issue.
12006 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) {
12008 * XXX KDM use bus_dmamap_sync() here.
12012 rq->size = dma_length;
12014 tmp_ptr = (uint8_t *)local_sglist[i].addr;
12015 tmp_ptr += local_used;
12017 /* Use physical addresses when talking to ISC hardware */
12018 if ((io->io_hdr.flags & CTL_FLAG_BUS_ADDR) == 0) {
12019 /* XXX KDM use busdma */
12021 rq->local = vtophys(tmp_ptr);
12024 rq->local = tmp_ptr;
12026 tmp_ptr = (uint8_t *)remote_sglist[j].addr;
12027 tmp_ptr += remote_used;
12028 rq->remote = tmp_ptr;
12030 rq->callback = NULL;
12032 local_used += cur_len;
12033 if (local_used >= local_sglist[i].len) {
12038 remote_used += cur_len;
12039 if (remote_used >= remote_sglist[j].len) {
12043 total_used += cur_len;
12045 if (total_used >= io->scsiio.kern_data_len)
12046 rq->callback = callback;
12048 if ((rq->size & 0x7) != 0) {
12049 printf("%s: warning: size %d is not on 8b boundary\n",
12050 __func__, rq->size);
12052 if (((uintptr_t)rq->local & 0x7) != 0) {
12053 printf("%s: warning: local %p not on 8b boundary\n",
12054 __func__, rq->local);
12056 if (((uintptr_t)rq->remote & 0x7) != 0) {
12057 printf("%s: warning: remote %p not on 8b boundary\n",
12058 __func__, rq->local);
12061 printf("%s: %s: local %#x remote %#x size %d\n", __func__,
12062 (command == CTL_HA_DT_CMD_WRITE) ? "WRITE" : "READ",
12063 rq->local, rq->remote, rq->size);
12066 isc_ret = ctl_dt_single(rq);
12067 if (isc_ret == CTL_HA_STATUS_WAIT)
12070 if (isc_ret == CTL_HA_STATUS_DISCONNECT) {
12071 rq->ret = CTL_HA_STATUS_SUCCESS;
12085 ctl_datamove_remote_read(union ctl_io *io)
12091 * This will send an error to the other controller in the case of a
12094 retval = ctl_datamove_remote_sgl_setup(io);
12098 retval = ctl_datamove_remote_xfer(io, CTL_HA_DT_CMD_READ,
12099 ctl_datamove_remote_read_cb);
12101 && ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0)) {
12103 * Make sure we free memory if there was an error.. The
12104 * ctl_datamove_remote_xfer() function will send the
12105 * datamove done message, or call the callback with an
12106 * error if there is a problem.
12108 for (i = 0; i < io->scsiio.kern_sg_entries; i++)
12109 free(io->io_hdr.local_sglist[i].addr, M_CTL);
12116 * Process a datamove request from the other controller. This is used for
12117 * XFER mode only, not SER_ONLY mode. For writes, we DMA into local memory
12118 * first. Once that is complete, the data gets DMAed into the remote
12119 * controller's memory. For reads, we DMA from the remote controller's
12120 * memory into our memory first, and then move it out to the FETD.
12123 ctl_datamove_remote(union ctl_io *io)
12125 struct ctl_softc *softc;
12127 softc = control_softc;
12129 mtx_assert(&softc->ctl_lock, MA_NOTOWNED);
12132 * Note that we look for an aborted I/O here, but don't do some of
12133 * the other checks that ctl_datamove() normally does. We don't
12134 * need to run the task queue, because this I/O is on the ISC
12135 * queue, which is executed by the work thread after the task queue.
12136 * We don't need to run the datamove delay code, since that should
12137 * have been done if need be on the other controller.
12139 mtx_lock(&softc->ctl_lock);
12141 if (io->io_hdr.flags & CTL_FLAG_ABORT) {
12143 printf("%s: tag 0x%04x on (%d:%d:%d:%d) aborted\n", __func__,
12144 io->scsiio.tag_num, io->io_hdr.nexus.initid.id,
12145 io->io_hdr.nexus.targ_port,
12146 io->io_hdr.nexus.targ_target.id,
12147 io->io_hdr.nexus.targ_lun);
12148 io->io_hdr.status = CTL_CMD_ABORTED;
12149 io->io_hdr.port_status = 31338;
12151 mtx_unlock(&softc->ctl_lock);
12153 ctl_send_datamove_done(io, /*have_lock*/ 0);
12158 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_OUT) {
12159 mtx_unlock(&softc->ctl_lock);
12160 ctl_datamove_remote_write(io);
12161 } else if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_IN){
12162 mtx_unlock(&softc->ctl_lock);
12163 ctl_datamove_remote_read(io);
12165 union ctl_ha_msg msg;
12166 struct scsi_sense_data *sense;
12170 memset(&msg, 0, sizeof(msg));
12172 msg.hdr.msg_type = CTL_MSG_BAD_JUJU;
12173 msg.hdr.status = CTL_SCSI_ERROR;
12174 msg.scsi.scsi_status = SCSI_STATUS_CHECK_COND;
12176 retry_count = 4243;
12178 sense = &msg.scsi.sense_data;
12179 sks[0] = SSD_SCS_VALID;
12180 sks[1] = (retry_count >> 8) & 0xff;
12181 sks[2] = retry_count & 0xff;
12183 /* "Internal target failure" */
12184 scsi_set_sense_data(sense,
12185 /*sense_format*/ SSD_TYPE_NONE,
12186 /*current_error*/ 1,
12187 /*sense_key*/ SSD_KEY_HARDWARE_ERROR,
12190 /*type*/ SSD_ELEM_SKS,
12191 /*size*/ sizeof(sks),
12195 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE;
12196 if (io->io_hdr.flags & CTL_FLAG_FAILOVER) {
12197 ctl_failover_io(io, /*have_lock*/ 1);
12198 mtx_unlock(&softc->ctl_lock);
12202 mtx_unlock(&softc->ctl_lock);
12204 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, sizeof(msg), 0) >
12205 CTL_HA_STATUS_SUCCESS) {
12206 /* XXX KDM what to do if this fails? */
12214 ctl_process_done(union ctl_io *io, int have_lock)
12216 struct ctl_lun *lun;
12217 struct ctl_softc *ctl_softc;
12218 void (*fe_done)(union ctl_io *io);
12219 uint32_t targ_port = ctl_port_idx(io->io_hdr.nexus.targ_port);
12221 CTL_DEBUG_PRINT(("ctl_process_done\n"));
12224 control_softc->ctl_ports[targ_port]->fe_done;
12227 if ((time_uptime - io->io_hdr.start_time) > ctl_time_io_secs) {
12232 ctl_scsi_path_string(io, path_str, sizeof(path_str));
12233 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN);
12235 sbuf_cat(&sb, path_str);
12236 switch (io->io_hdr.io_type) {
12238 ctl_scsi_command_string(&io->scsiio, NULL, &sb);
12239 sbuf_printf(&sb, "\n");
12240 sbuf_cat(&sb, path_str);
12241 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n",
12242 io->scsiio.tag_num, io->scsiio.tag_type);
12245 sbuf_printf(&sb, "Task I/O type: %d, Tag: 0x%04x, "
12246 "Tag Type: %d\n", io->taskio.task_action,
12247 io->taskio.tag_num, io->taskio.tag_type);
12250 printf("Invalid CTL I/O type %d\n", io->io_hdr.io_type);
12251 panic("Invalid CTL I/O type %d\n", io->io_hdr.io_type);
12254 sbuf_cat(&sb, path_str);
12255 sbuf_printf(&sb, "ctl_process_done: %jd seconds\n",
12256 (intmax_t)time_uptime - io->io_hdr.start_time);
12258 printf("%s", sbuf_data(&sb));
12260 #endif /* CTL_TIME_IO */
12262 switch (io->io_hdr.io_type) {
12266 ctl_io_error_print(io, NULL);
12267 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)
12271 return (CTL_RETVAL_COMPLETE);
12274 printf("ctl_process_done: invalid io type %d\n",
12275 io->io_hdr.io_type);
12276 panic("ctl_process_done: invalid io type %d\n",
12277 io->io_hdr.io_type);
12278 break; /* NOTREACHED */
12281 lun = (struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
12283 CTL_DEBUG_PRINT(("NULL LUN for lun %d\n",
12284 io->io_hdr.nexus.targ_lun));
12288 ctl_softc = lun->ctl_softc;
12291 * Remove this from the OOA queue.
12293 if (have_lock == 0)
12294 mtx_lock(&ctl_softc->ctl_lock);
12297 * Check to see if we have any errors to inject here. We only
12298 * inject errors for commands that don't already have errors set.
12300 if ((STAILQ_FIRST(&lun->error_list) != NULL)
12301 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS))
12302 ctl_inject_error(lun, io);
12305 * XXX KDM how do we treat commands that aren't completed
12308 * XXX KDM should we also track I/O latency?
12310 if ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS) {
12311 uint32_t blocksize;
12313 struct bintime cur_bt;
12316 if ((lun->be_lun != NULL)
12317 && (lun->be_lun->blocksize != 0))
12318 blocksize = lun->be_lun->blocksize;
12322 switch (io->io_hdr.io_type) {
12323 case CTL_IO_SCSI: {
12325 struct ctl_lba_len lbalen;
12328 switch (io->scsiio.cdb[0]) {
12339 case WRITE_VERIFY_10:
12340 case WRITE_VERIFY_12:
12341 case WRITE_VERIFY_16:
12342 memcpy(&lbalen, io->io_hdr.ctl_private[
12343 CTL_PRIV_LBA_LEN].bytes, sizeof(lbalen));
12346 lun->stats.ports[targ_port].bytes[CTL_STATS_READ] +=
12347 lbalen.len * blocksize;
12348 lun->stats.ports[targ_port].operations[CTL_STATS_READ]++;
12352 &lun->stats.ports[targ_port].dma_time[CTL_STATS_READ],
12353 &io->io_hdr.dma_bt);
12354 lun->stats.ports[targ_port].num_dmas[CTL_STATS_READ] +=
12355 io->io_hdr.num_dmas;
12356 getbintime(&cur_bt);
12357 bintime_sub(&cur_bt,
12358 &io->io_hdr.start_bt);
12361 &lun->stats.ports[targ_port].time[CTL_STATS_READ],
12365 cs_prof_gettime(&cur_ticks);
12366 lun->stats.time[CTL_STATS_READ] +=
12368 io->io_hdr.start_ticks;
12371 lun->stats.time[CTL_STATS_READ] +=
12372 jiffies - io->io_hdr.start_time;
12374 #endif /* CTL_TIME_IO */
12376 lun->stats.ports[targ_port].bytes[CTL_STATS_WRITE] +=
12377 lbalen.len * blocksize;
12378 lun->stats.ports[targ_port].operations[
12379 CTL_STATS_WRITE]++;
12383 &lun->stats.ports[targ_port].dma_time[CTL_STATS_WRITE],
12384 &io->io_hdr.dma_bt);
12385 lun->stats.ports[targ_port].num_dmas[CTL_STATS_WRITE] +=
12386 io->io_hdr.num_dmas;
12387 getbintime(&cur_bt);
12388 bintime_sub(&cur_bt,
12389 &io->io_hdr.start_bt);
12392 &lun->stats.ports[targ_port].time[CTL_STATS_WRITE],
12395 cs_prof_gettime(&cur_ticks);
12396 lun->stats.ports[targ_port].time[CTL_STATS_WRITE] +=
12398 io->io_hdr.start_ticks;
12399 lun->stats.ports[targ_port].time[CTL_STATS_WRITE] +=
12400 jiffies - io->io_hdr.start_time;
12402 #endif /* CTL_TIME_IO */
12406 lun->stats.ports[targ_port].operations[CTL_STATS_NO_IO]++;
12410 &lun->stats.ports[targ_port].dma_time[CTL_STATS_NO_IO],
12411 &io->io_hdr.dma_bt);
12412 lun->stats.ports[targ_port].num_dmas[CTL_STATS_NO_IO] +=
12413 io->io_hdr.num_dmas;
12414 getbintime(&cur_bt);
12415 bintime_sub(&cur_bt, &io->io_hdr.start_bt);
12417 bintime_add(&lun->stats.ports[targ_port].time[CTL_STATS_NO_IO],
12421 cs_prof_gettime(&cur_ticks);
12422 lun->stats.ports[targ_port].time[CTL_STATS_NO_IO] +=
12424 io->io_hdr.start_ticks;
12425 lun->stats.ports[targ_port].time[CTL_STATS_NO_IO] +=
12426 jiffies - io->io_hdr.start_time;
12428 #endif /* CTL_TIME_IO */
12438 TAILQ_REMOVE(&lun->ooa_queue, &io->io_hdr, ooa_links);
12441 * Run through the blocked queue on this LUN and see if anything
12442 * has become unblocked, now that this transaction is done.
12444 ctl_check_blocked(lun);
12447 * If the LUN has been invalidated, free it if there is nothing
12448 * left on its OOA queue.
12450 if ((lun->flags & CTL_LUN_INVALID)
12451 && (TAILQ_FIRST(&lun->ooa_queue) == NULL))
12455 * If this command has been aborted, make sure we set the status
12456 * properly. The FETD is responsible for freeing the I/O and doing
12457 * whatever it needs to do to clean up its state.
12459 if (io->io_hdr.flags & CTL_FLAG_ABORT)
12460 io->io_hdr.status = CTL_CMD_ABORTED;
12463 * We print out status for every task management command. For SCSI
12464 * commands, we filter out any unit attention errors; they happen
12465 * on every boot, and would clutter up the log. Note: task
12466 * management commands aren't printed here, they are printed above,
12467 * since they should never even make it down here.
12469 switch (io->io_hdr.io_type) {
12470 case CTL_IO_SCSI: {
12471 int error_code, sense_key, asc, ascq;
12475 if (((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SCSI_ERROR)
12476 && (io->scsiio.scsi_status == SCSI_STATUS_CHECK_COND)) {
12478 * Since this is just for printing, no need to
12479 * show errors here.
12481 scsi_extract_sense_len(&io->scsiio.sense_data,
12482 io->scsiio.sense_len,
12487 /*show_errors*/ 0);
12490 if (((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SUCCESS)
12491 && (((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SCSI_ERROR)
12492 || (io->scsiio.scsi_status != SCSI_STATUS_CHECK_COND)
12493 || (sense_key != SSD_KEY_UNIT_ATTENTION))) {
12495 if ((time_uptime - ctl_softc->last_print_jiffies) <= 0){
12496 ctl_softc->skipped_prints++;
12497 if (have_lock == 0)
12498 mtx_unlock(&ctl_softc->ctl_lock);
12500 uint32_t skipped_prints;
12502 skipped_prints = ctl_softc->skipped_prints;
12504 ctl_softc->skipped_prints = 0;
12505 ctl_softc->last_print_jiffies = time_uptime;
12507 if (have_lock == 0)
12508 mtx_unlock(&ctl_softc->ctl_lock);
12509 if (skipped_prints > 0) {
12511 csevent_log(CSC_CTL | CSC_SHELF_SW |
12513 csevent_LogType_Trace,
12514 csevent_Severity_Information,
12515 csevent_AlertLevel_Green,
12516 csevent_FRU_Firmware,
12517 csevent_FRU_Unknown,
12518 "High CTL error volume, %d prints "
12519 "skipped", skipped_prints);
12522 ctl_io_error_print(io, NULL);
12525 if (have_lock == 0)
12526 mtx_unlock(&ctl_softc->ctl_lock);
12531 if (have_lock == 0)
12532 mtx_unlock(&ctl_softc->ctl_lock);
12533 ctl_io_error_print(io, NULL);
12536 if (have_lock == 0)
12537 mtx_unlock(&ctl_softc->ctl_lock);
12542 * Tell the FETD or the other shelf controller we're done with this
12543 * command. Note that only SCSI commands get to this point. Task
12544 * management commands are completed above.
12546 * We only send status to the other controller if we're in XFER
12547 * mode. In SER_ONLY mode, the I/O is done on the controller that
12548 * received the I/O (from CTL's perspective), and so the status is
12551 * XXX KDM if we hold the lock here, we could cause a deadlock
12552 * if the frontend comes back in in this context to queue
12555 if ((ctl_softc->ha_mode == CTL_HA_MODE_XFER)
12556 && (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) {
12557 union ctl_ha_msg msg;
12559 memset(&msg, 0, sizeof(msg));
12560 msg.hdr.msg_type = CTL_MSG_FINISH_IO;
12561 msg.hdr.original_sc = io->io_hdr.original_sc;
12562 msg.hdr.nexus = io->io_hdr.nexus;
12563 msg.hdr.status = io->io_hdr.status;
12564 msg.scsi.scsi_status = io->scsiio.scsi_status;
12565 msg.scsi.tag_num = io->scsiio.tag_num;
12566 msg.scsi.tag_type = io->scsiio.tag_type;
12567 msg.scsi.sense_len = io->scsiio.sense_len;
12568 msg.scsi.sense_residual = io->scsiio.sense_residual;
12569 msg.scsi.residual = io->scsiio.residual;
12570 memcpy(&msg.scsi.sense_data, &io->scsiio.sense_data,
12571 sizeof(io->scsiio.sense_data));
12573 * We copy this whether or not this is an I/O-related
12574 * command. Otherwise, we'd have to go and check to see
12575 * whether it's a read/write command, and it really isn't
12578 memcpy(&msg.scsi.lbalen,
12579 &io->io_hdr.ctl_private[CTL_PRIV_LBA_LEN].bytes,
12580 sizeof(msg.scsi.lbalen));
12582 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg,
12583 sizeof(msg), 0) > CTL_HA_STATUS_SUCCESS) {
12584 /* XXX do something here */
12593 return (CTL_RETVAL_COMPLETE);
12597 * Front end should call this if it doesn't do autosense. When the request
12598 * sense comes back in from the initiator, we'll dequeue this and send it.
12601 ctl_queue_sense(union ctl_io *io)
12603 struct ctl_lun *lun;
12604 struct ctl_softc *ctl_softc;
12607 ctl_softc = control_softc;
12609 CTL_DEBUG_PRINT(("ctl_queue_sense\n"));
12612 * LUN lookup will likely move to the ctl_work_thread() once we
12613 * have our new queueing infrastructure (that doesn't put things on
12614 * a per-LUN queue initially). That is so that we can handle
12615 * things like an INQUIRY to a LUN that we don't have enabled. We
12616 * can't deal with that right now.
12618 mtx_lock(&ctl_softc->ctl_lock);
12621 * If we don't have a LUN for this, just toss the sense
12624 if ((io->io_hdr.nexus.targ_lun < CTL_MAX_LUNS)
12625 && (ctl_softc->ctl_luns[io->io_hdr.nexus.targ_lun] != NULL))
12626 lun = ctl_softc->ctl_luns[io->io_hdr.nexus.targ_lun];
12630 initidx = ctl_get_initindex(&io->io_hdr.nexus);
12633 * Already have CA set for this LUN...toss the sense information.
12635 if (ctl_is_set(lun->have_ca, initidx))
12638 memcpy(&lun->pending_sense[initidx].sense, &io->scsiio.sense_data,
12639 ctl_min(sizeof(lun->pending_sense[initidx].sense),
12640 sizeof(io->scsiio.sense_data)));
12641 ctl_set_mask(lun->have_ca, initidx);
12644 mtx_unlock(&ctl_softc->ctl_lock);
12648 return (CTL_RETVAL_COMPLETE);
12652 * Primary command inlet from frontend ports. All SCSI and task I/O
12653 * requests must go through this function.
12656 ctl_queue(union ctl_io *io)
12658 struct ctl_softc *ctl_softc;
12660 CTL_DEBUG_PRINT(("ctl_queue cdb[0]=%02X\n", io->scsiio.cdb[0]));
12662 ctl_softc = control_softc;
12665 io->io_hdr.start_time = time_uptime;
12666 getbintime(&io->io_hdr.start_bt);
12667 #endif /* CTL_TIME_IO */
12669 mtx_lock(&ctl_softc->ctl_lock);
12671 switch (io->io_hdr.io_type) {
12673 STAILQ_INSERT_TAIL(&ctl_softc->incoming_queue, &io->io_hdr,
12677 STAILQ_INSERT_TAIL(&ctl_softc->task_queue, &io->io_hdr, links);
12679 * Set the task pending flag. This is necessary to close a
12680 * race condition with the FETD:
12682 * - FETD submits a task management command, like an abort.
12683 * - Back end calls fe_datamove() to move the data for the
12684 * aborted command. The FETD can't really accept it, but
12685 * if it did, it would end up transmitting data for a
12686 * command that the initiator told us to abort.
12688 * We close the race condition by setting the flag here,
12689 * and checking it in ctl_datamove(), before calling the
12690 * FETD's fe_datamove routine. If we've got a task
12691 * pending, we run the task queue and then check to see
12692 * whether our particular I/O has been aborted.
12694 ctl_softc->flags |= CTL_FLAG_TASK_PENDING;
12697 mtx_unlock(&ctl_softc->ctl_lock);
12698 printf("ctl_queue: unknown I/O type %d\n", io->io_hdr.io_type);
12700 break; /* NOTREACHED */
12702 mtx_unlock(&ctl_softc->ctl_lock);
12704 ctl_wakeup_thread();
12706 return (CTL_RETVAL_COMPLETE);
12709 #ifdef CTL_IO_DELAY
12711 ctl_done_timer_wakeup(void *arg)
12715 io = (union ctl_io *)arg;
12716 ctl_done_lock(io, /*have_lock*/ 0);
12718 #endif /* CTL_IO_DELAY */
12721 ctl_done_lock(union ctl_io *io, int have_lock)
12723 struct ctl_softc *ctl_softc;
12724 #ifndef CTL_DONE_THREAD
12726 #endif /* !CTL_DONE_THREAD */
12728 ctl_softc = control_softc;
12730 if (have_lock == 0)
12731 mtx_lock(&ctl_softc->ctl_lock);
12734 * Enable this to catch duplicate completion issues.
12737 if (io->io_hdr.flags & CTL_FLAG_ALREADY_DONE) {
12738 printf("%s: type %d msg %d cdb %x iptl: "
12739 "%d:%d:%d:%d tag 0x%04x "
12740 "flag %#x status %x\n",
12742 io->io_hdr.io_type,
12743 io->io_hdr.msg_type,
12745 io->io_hdr.nexus.initid.id,
12746 io->io_hdr.nexus.targ_port,
12747 io->io_hdr.nexus.targ_target.id,
12748 io->io_hdr.nexus.targ_lun,
12749 (io->io_hdr.io_type ==
12751 io->taskio.tag_num :
12752 io->scsiio.tag_num,
12754 io->io_hdr.status);
12756 io->io_hdr.flags |= CTL_FLAG_ALREADY_DONE;
12760 * This is an internal copy of an I/O, and should not go through
12761 * the normal done processing logic.
12763 if (io->io_hdr.flags & CTL_FLAG_INT_COPY) {
12764 if (have_lock == 0)
12765 mtx_unlock(&ctl_softc->ctl_lock);
12770 * We need to send a msg to the serializing shelf to finish the IO
12771 * as well. We don't send a finish message to the other shelf if
12772 * this is a task management command. Task management commands
12773 * aren't serialized in the OOA queue, but rather just executed on
12774 * both shelf controllers for commands that originated on that
12777 if ((io->io_hdr.flags & CTL_FLAG_SENT_2OTHER_SC)
12778 && (io->io_hdr.io_type != CTL_IO_TASK)) {
12779 union ctl_ha_msg msg_io;
12781 msg_io.hdr.msg_type = CTL_MSG_FINISH_IO;
12782 msg_io.hdr.serializing_sc = io->io_hdr.serializing_sc;
12783 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_io,
12784 sizeof(msg_io), 0 ) != CTL_HA_STATUS_SUCCESS) {
12786 /* continue on to finish IO */
12788 #ifdef CTL_IO_DELAY
12789 if (io->io_hdr.flags & CTL_FLAG_DELAY_DONE) {
12790 struct ctl_lun *lun;
12792 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
12794 io->io_hdr.flags &= ~CTL_FLAG_DELAY_DONE;
12796 struct ctl_lun *lun;
12798 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
12801 && (lun->delay_info.done_delay > 0)) {
12802 struct callout *callout;
12804 callout = (struct callout *)&io->io_hdr.timer_bytes;
12805 callout_init(callout, /*mpsafe*/ 1);
12806 io->io_hdr.flags |= CTL_FLAG_DELAY_DONE;
12807 callout_reset(callout,
12808 lun->delay_info.done_delay * hz,
12809 ctl_done_timer_wakeup, io);
12810 if (lun->delay_info.done_type == CTL_DELAY_TYPE_ONESHOT)
12811 lun->delay_info.done_delay = 0;
12812 if (have_lock == 0)
12813 mtx_unlock(&ctl_softc->ctl_lock);
12817 #endif /* CTL_IO_DELAY */
12819 STAILQ_INSERT_TAIL(&ctl_softc->done_queue, &io->io_hdr, links);
12821 #ifdef CTL_DONE_THREAD
12822 if (have_lock == 0)
12823 mtx_unlock(&ctl_softc->ctl_lock);
12825 ctl_wakeup_thread();
12826 #else /* CTL_DONE_THREAD */
12827 for (xio = (union ctl_io *)STAILQ_FIRST(&ctl_softc->done_queue);
12829 xio =(union ctl_io *)STAILQ_FIRST(&ctl_softc->done_queue)) {
12831 STAILQ_REMOVE_HEAD(&ctl_softc->done_queue, links);
12833 ctl_process_done(xio, /*have_lock*/ 1);
12835 if (have_lock == 0)
12836 mtx_unlock(&ctl_softc->ctl_lock);
12837 #endif /* CTL_DONE_THREAD */
12841 ctl_done(union ctl_io *io)
12843 ctl_done_lock(io, /*have_lock*/ 0);
12847 ctl_isc(struct ctl_scsiio *ctsio)
12849 struct ctl_lun *lun;
12852 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr;
12854 CTL_DEBUG_PRINT(("ctl_isc: command: %02x\n", ctsio->cdb[0]));
12856 CTL_DEBUG_PRINT(("ctl_isc: calling data_submit()\n"));
12858 retval = lun->backend->data_submit((union ctl_io *)ctsio);
12865 ctl_work_thread(void *arg)
12867 struct ctl_softc *softc;
12869 struct ctl_be_lun *be_lun;
12872 CTL_DEBUG_PRINT(("ctl_work_thread starting\n"));
12874 softc = (struct ctl_softc *)arg;
12878 mtx_lock(&softc->ctl_lock);
12883 * We handle the queues in this order:
12884 * - task management
12886 * - done queue (to free up resources, unblock other commands)
12890 * If those queues are empty, we break out of the loop and
12893 io = (union ctl_io *)STAILQ_FIRST(&softc->task_queue);
12895 ctl_run_task_queue(softc);
12898 io = (union ctl_io *)STAILQ_FIRST(&softc->isc_queue);
12900 STAILQ_REMOVE_HEAD(&softc->isc_queue, links);
12901 ctl_handle_isc(io);
12904 io = (union ctl_io *)STAILQ_FIRST(&softc->done_queue);
12906 STAILQ_REMOVE_HEAD(&softc->done_queue, links);
12907 /* clear any blocked commands, call fe_done */
12908 mtx_unlock(&softc->ctl_lock);
12911 * Call this without a lock for now. This will
12912 * depend on whether there is any way the FETD can
12913 * sleep or deadlock if called with the CTL lock
12916 retval = ctl_process_done(io, /*have_lock*/ 0);
12917 mtx_lock(&softc->ctl_lock);
12920 if (!ctl_pause_rtr) {
12921 io = (union ctl_io *)STAILQ_FIRST(&softc->rtr_queue);
12923 STAILQ_REMOVE_HEAD(&softc->rtr_queue, links);
12924 mtx_unlock(&softc->ctl_lock);
12928 io = (union ctl_io *)STAILQ_FIRST(&softc->incoming_queue);
12930 STAILQ_REMOVE_HEAD(&softc->incoming_queue, links);
12931 mtx_unlock(&softc->ctl_lock);
12932 ctl_scsiio_precheck(softc, &io->scsiio);
12933 mtx_lock(&softc->ctl_lock);
12937 * We might want to move this to a separate thread, so that
12938 * configuration requests (in this case LUN creations)
12939 * won't impact the I/O path.
12941 be_lun = STAILQ_FIRST(&softc->pending_lun_queue);
12942 if (be_lun != NULL) {
12943 STAILQ_REMOVE_HEAD(&softc->pending_lun_queue, links);
12944 mtx_unlock(&softc->ctl_lock);
12945 ctl_create_lun(be_lun);
12946 mtx_lock(&softc->ctl_lock);
12950 /* XXX KDM use the PDROP flag?? */
12951 /* Sleep until we have something to do. */
12952 mtx_sleep(softc, &softc->ctl_lock, PRIBIO, "ctl_work", 0);
12954 /* Back to the top of the loop to see what woke us up. */
12958 retval = ctl_scsiio(&io->scsiio);
12960 case CTL_RETVAL_COMPLETE:
12964 * Probably need to make sure this doesn't happen.
12968 mtx_lock(&softc->ctl_lock);
12973 ctl_wakeup_thread()
12975 struct ctl_softc *softc;
12977 softc = control_softc;
12982 /* Initialization and failover */
12985 ctl_init_isc_msg(void)
12987 printf("CTL: Still calling this thing\n");
12992 * Initializes component into configuration defined by bootMode
12994 * returns hasc_Status:
12996 * ERROR - fatal error
12998 static ctl_ha_comp_status
12999 ctl_isc_init(struct ctl_ha_component *c)
13001 ctl_ha_comp_status ret = CTL_HA_COMP_STATUS_OK;
13008 * Starts component in state requested. If component starts successfully,
13009 * it must set its own state to the requestrd state
13010 * When requested state is HASC_STATE_HA, the component may refine it
13011 * by adding _SLAVE or _MASTER flags.
13012 * Currently allowed state transitions are:
13013 * UNKNOWN->HA - initial startup
13014 * UNKNOWN->SINGLE - initial startup when no parter detected
13015 * HA->SINGLE - failover
13016 * returns ctl_ha_comp_status:
13017 * OK - component successfully started in requested state
13018 * FAILED - could not start the requested state, failover may
13020 * ERROR - fatal error detected, no future startup possible
13022 static ctl_ha_comp_status
13023 ctl_isc_start(struct ctl_ha_component *c, ctl_ha_state state)
13025 ctl_ha_comp_status ret = CTL_HA_COMP_STATUS_OK;
13027 // UNKNOWN->HA or UNKNOWN->SINGLE (bootstrap)
13028 if (c->state == CTL_HA_STATE_UNKNOWN ) {
13030 if (ctl_ha_msg_create(CTL_HA_CHAN_CTL, ctl_isc_event_handler)
13031 != CTL_HA_STATUS_SUCCESS) {
13032 printf("ctl_isc_start: ctl_ha_msg_create failed.\n");
13033 ret = CTL_HA_COMP_STATUS_ERROR;
13035 } else if (CTL_HA_STATE_IS_HA(c->state)
13036 && CTL_HA_STATE_IS_SINGLE(state)){
13037 // HA->SINGLE transition
13041 printf("ctl_isc_start:Invalid state transition %X->%X\n",
13043 ret = CTL_HA_COMP_STATUS_ERROR;
13045 if (CTL_HA_STATE_IS_SINGLE(state))
13054 * Quiesce component
13055 * The component must clear any error conditions (set status to OK) and
13056 * prepare itself to another Start call
13057 * returns ctl_ha_comp_status:
13061 static ctl_ha_comp_status
13062 ctl_isc_quiesce(struct ctl_ha_component *c)
13064 int ret = CTL_HA_COMP_STATUS_OK;
13071 struct ctl_ha_component ctl_ha_component_ctlisc =
13074 .state = CTL_HA_STATE_UNKNOWN,
13075 .init = ctl_isc_init,
13076 .start = ctl_isc_start,
13077 .quiesce = ctl_isc_quiesce