2 * Copyright (c) 2005-2008 Daniel Braniss <danny@cs.huji.ac.il>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 | $Id: iscsi_subr.c,v 1.17 2006/11/26 14:50:43 danny Exp danny $
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
34 #include "opt_iscsi_initiator.h"
36 #include <sys/param.h>
37 #include <sys/kernel.h>
38 #include <sys/callout.h>
39 #include <sys/malloc.h>
41 #include <sys/kthread.h>
43 #include <sys/mutex.h>
45 #include <sys/sysctl.h>
48 #include <cam/cam_ccb.h>
49 #include <cam/cam_sim.h>
50 #include <cam/cam_xpt_sim.h>
51 #include <cam/cam_periph.h>
52 #include <cam/scsi/scsi_message.h>
53 #include <sys/eventhandler.h>
55 #include <dev/iscsi/initiator/iscsi.h>
56 #include <dev/iscsi/initiator/iscsivar.h>
59 | Interface to the SCSI layer
62 iscsi_r2t(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
64 union ccb *ccb = opq->ccb;
65 struct ccb_scsiio *csio = &ccb->csio;
66 pdu_t *opp = &opq->pdu;
67 bhs_t *bhp = &opp->ipdu.bhs;
68 r2t_t *r2t = &pq->pdu.ipdu.r2t;
73 sdebug(4, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt),
74 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W);
78 if(opp->ipdu.scsi_req.W) {
80 u_int ddtl = ntohl(r2t->ddtl);
81 u_int edtl = ntohl(opp->ipdu.scsi_req.edtlen);
82 u_int bleft, bs, dsn, bo;
83 caddr_t bp = csio->data_ptr;
88 if(sp->opt.maxXmitDataSegmentLength > 0) // danny's RFC
89 bs = MIN(sp->opt.maxXmitDataSegmentLength, ddtl);
93 sdebug(4, "edtl=%x ddtl=%x bo=%x dsn=%x bs=%x maxX=%x",
94 edtl, ddtl, bo, dsn, bs, sp->opt.maxXmitDataSegmentLength);
96 wpq = pdu_alloc(sp->isc, M_NOWAIT); // testing ...
98 sdebug(3, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt),
99 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W);
100 sdebug(1, "npdu_max=%d npdu_alloc=%d", sp->isc->npdu_max, sp->isc->npdu_alloc);
102 while((wpq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) {
103 sdebug(2, "waiting...");
104 #if __FreeBSD_version >= 700000
105 pause("isc_r2t", 5*hz);
107 tsleep(sp->isc, 0, "isc_r2t", 5*hz);
111 cmd = &wpq->pdu.ipdu.data_out;
112 cmd->opcode = ISCSI_WRITE_DATA;
113 cmd->lun[0] = r2t->lun[0];
114 cmd->lun[1] = r2t->lun[1];
118 cmd->dsn = htonl(dsn);
121 cmd->F = (bs < bleft)? 0: 1; // is this the last one?
124 wpq->pdu.ds_len = bs;
127 error = isc_qout(sp, wpq);
128 sdebug(6, "bs=%x bo=%x bp=%p dsn=%x error=%d", bs, bo, bp, dsn, error);
140 // XXX: should not happen ...
141 xdebug("huh? opcode=0x%x", bhp->opcode);
146 getSenseData(u_int status, union ccb *ccb, pduq_t *pq)
148 pdu_t *pp = &pq->pdu;
149 struct ccb_scsiio *scsi = (struct ccb_scsiio *)ccb;
150 struct scsi_sense_data *sense = &scsi->sense_data;
151 struct mbuf *m = pq->mp;
152 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp;
154 int sense_len, mustfree = 0;
156 bp = mtod(pq->mp, caddr_t);
157 if((sense_len = scsi_2btoul(bp)) == 0)
159 debug(4, "sense_len=%d", sense_len);
161 | according to the specs, the sense data cannot
162 | be larger than 252 ...
164 if(sense_len > m->m_len) {
165 bp = malloc(sense_len, M_ISCSI, M_WAITOK);
166 debug(3, "calling i_mbufcopy(len=%d)", sense_len);
167 i_mbufcopy(pq->mp, bp, sense_len);
170 scsi->scsi_status = status;
172 bcopy(bp+2, sense, min(sense_len, scsi->sense_len));
173 scsi->sense_resid = 0;
174 if(cmd->flag & (BIT(1)|BIT(2)))
175 scsi->sense_resid = ntohl(pp->ipdu.scsi_rsp.rcnt);
176 debug(3, "sense_len=%d rcnt=%d sense_resid=%d dsl=%d error_code=%x flags=%x",
178 ntohl(pp->ipdu.scsi_rsp.rcnt), scsi->sense_resid,
179 pp->ds_len, sense->error_code, sense->flags);
188 | Some information is from SAM draft.
191 _scsi_done(struct isc_softc *isp, u_int response, u_int status, union ccb *ccb, pduq_t *pq)
193 struct ccb_hdr *ccb_h = &ccb->ccb_h;
197 if(status || response) {
198 debug(3, "response=%x status=%x ccb=%p pq=%p", response, status, ccb, pq);
200 debug(3, "mp=%p buf=%p len=%d", pq->mp, pq->buf, pq->len);
204 case 0: // Command Completed at Target
206 case 0: // Good, all is ok
207 ccb_h->status = CAM_REQ_CMP;
210 case 0x02: // Check Condition
211 if((pq != NULL) && (pq->mp != NULL) && getSenseData(status, ccb, pq))
212 ccb_h->status |= CAM_AUTOSNS_VALID;
214 case 0x14: // Intermediate-Condition Met
215 case 0x10: // Intermediate
216 case 0x04: // Condition Met
217 ccb_h->status |= CAM_SCSI_STATUS_ERROR;
221 ccb_h->status = CAM_BUSY;
224 case 0x18: // Reservation Conflict
225 case 0x28: // Task Set Full
226 ccb_h->status = CAM_REQUEUE_REQ;
229 //case 0x22: // Command Terminated
230 //case 0x30: // ACA Active
231 //case 0x40: // Task Aborted
232 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED;
237 if((response >= 0x80) && (response <= 0xFF)) {
238 // Vendor specific ...
240 case 1: // target failure
241 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED;
244 debug(5, "ccb_h->status=%x", ccb_h->status);
250 | returns the lowest cmdseq that was not acked
253 iscsi_requeue(isc_session_t *sp)
261 sp->flags |= ISC_HOLD;
262 while((pq = i_dqueue_hld(sp)) != NULL) {
264 _scsi_done(sp->isc, 0, 0x28, pq->ccb, NULL);
265 n = ntohl(pq->pdu.ipdu.bhs.CmdSN);
268 sdebug(2, "last=%x n=%x", last, n);
269 pdu_free(sp->isc, pq);
271 sp->flags &= ~ISC_HOLD;
272 return i? last: sp->sn.cmd;
276 i_pdu_flush(isc_session_t *sp)
282 while((pq = i_dqueue_rsp(sp)) != NULL) {
283 pdu_free(sp->isc, pq);
286 while((pq = i_dqueue_rsv(sp)) != NULL) {
287 pdu_free(sp->isc, pq);
290 while((pq = i_dqueue_snd(sp, -1)) != NULL) {
291 pdu_free(sp->isc, pq);
294 while((pq = i_dqueue_hld(sp)) != NULL) {
295 pdu_free(sp->isc, pq);
298 while((pq = i_dqueue_wsnd(sp)) != NULL) {
299 pdu_free(sp->isc, pq);
303 xdebug("%d pdus recovered, should have been ZERO!", n);
307 | called from ism_destroy.
310 iscsi_cleanup(isc_session_t *sp)
316 TAILQ_FOREACH_SAFE(pq, &sp->hld, pq_link, pqtmp) {
317 sdebug(3, "hld pq=%p", pq);
319 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL);
320 TAILQ_REMOVE(&sp->hld, pq, pq_link);
321 pdu_free(sp->isc, pq);
323 while((pq = i_dqueue_snd(sp, BIT(0)|BIT(1)|BIT(2))) != NULL) {
324 sdebug(3, "pq=%p", pq);
326 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL);
327 pdu_free(sp->isc, pq);
334 iscsi_done(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
336 pdu_t *pp = &pq->pdu;
337 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp;
341 _scsi_done(sp->isc, cmd->response, cmd->status, opq->ccb, pq);
343 pdu_free(sp->isc, opq);
346 // see RFC 3720, 10.9.1 page 146
349 | the call to isc_stop_receiver is a kludge,
350 | instead, it should be handled by the userland controller,
351 | but that means that there should be a better way, other than
352 | sending a signal. Somehow, this packet should be supplied to
353 | the userland via read.
356 iscsi_async(isc_session_t *sp, pduq_t *pq)
358 pdu_t *pp = &pq->pdu;
359 async_t *cmd = &pp->ipdu.async;
363 sdebug(3, "asyncevent=0x%x asyncVCode=0x%0x", cmd->asyncEvent, cmd->asyncVCode);
364 switch(cmd->asyncEvent) {
365 case 0: // check status ...
368 case 1: // target request logout
369 isc_stop_receiver(sp); // XXX: temporary solution
372 case 2: // target indicates it wants to drop connection
373 isc_stop_receiver(sp); // XXX: temporary solution
376 case 3: // target indicates it will drop all connections.
377 isc_stop_receiver(sp); // XXX: temporary solution
380 case 4: // target request parameter negotiation
389 iscsi_reject(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
391 union ccb *ccb = opq->ccb;
392 //reject_t *reject = &pq->pdu.ipdu.reject;
395 //XXX: check RFC 10.17.1 (page 176)
396 ccb->ccb_h.status = CAM_REQ_ABORTED;
397 XPT_DONE(sp->isc, ccb);
399 pdu_free(sp->isc, opq);
406 dwl(isc_session_t *sp, int lun, u_char *lp)
413 | mapping LUN to iSCSI LUN
414 | check the SAM-2 specs
415 | hint: maxLUNS is a small number, cam's LUN is 32bits
416 | iSCSI is 64bits, scsi is ?
418 // XXX: check if this will pass the endian test
424 lp[0] = (1 << 5) | ((lun >> 8) & 0x3f);
428 xdebug("lun %d: is unsupported!", lun);
432 for(i = 0; i < sp->target_nluns; i++)
433 if(sp->target_lun[i] == lun)
435 if(sp->target_nluns < ISCSI_MAX_LUNS)
436 sp->target_lun[sp->target_nluns++] = lun;
438 sdebug(3, "nluns=%d lun=%d", sp->target_nluns, lun);
444 | encapsulate the scsi command and
447 scsi_encap(struct cam_sim *sim, union ccb *ccb)
449 struct isc_softc *isp = (struct isc_softc *)cam_sim_softc(sim);
451 struct ccb_scsiio *csio = &ccb->csio;
452 struct ccb_hdr *ccb_h = &ccb->ccb_h;
458 debug(4, "ccb->sp=%p", ccb_h->spriv_ptr0);
459 sp = ccb_h->spriv_ptr0;
461 if((pq = pdu_alloc(isp, M_NOWAIT)) == NULL) {
462 debug(2, "ccb->sp=%p", ccb_h->spriv_ptr0);
463 sdebug(1, "pdu_alloc failed sc->npdu_max=%d npdu_alloc=%d",
464 sp->isc->npdu_max, sp->isc->npdu_alloc);
465 while((pq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) {
466 sdebug(3, "waiting...");
467 #if __FreeBSD_version >= 700000
468 pause("isc_encap", 5*hz);
470 tsleep(sp->isc, 0, "isc_encap", 5*hz);
474 sdebug(3, "freezing");
475 ccb->ccb_h.status = CAM_REQUEUE_REQ;
482 if((sp->flags & ISC_FFPHASE) == 0) {
483 ccb->ccb_h.status = CAM_DEV_NOT_THERE; // CAM_NO_NEXUS;
484 sdebug(3, "no active session with target %d", ccb_h->target_id);
488 cmd = &pq->pdu.ipdu.scsi_req;
489 cmd->opcode = ISCSI_SCSI_CMD;
492 | map tag option, default is UNTAGGED
494 switch(csio->tag_action) {
495 case MSG_SIMPLE_Q_TAG: cmd->attr = iSCSI_TASK_SIMPLE; break;
496 case MSG_HEAD_OF_Q_TAG: cmd->attr = iSCSI_TASK_ORDER; break;
497 case MSG_ORDERED_Q_TAG: cmd->attr = iSCSI_TASK_HOFQ; break;
498 case MSG_ACA_TASK: cmd->attr = iSCSI_TASK_ACA; break;
501 dwl(sp, ccb_h->target_lun, (u_char *)&cmd->lun);
503 if((ccb_h->flags & CAM_CDB_POINTER) != 0) {
504 if((ccb_h->flags & CAM_CDB_PHYS) == 0) {
505 if(csio->cdb_len > 16) {
506 sdebug(3, "oversize cdb %d > 16", csio->cdb_len);
511 sdebug(3, "not phys");
516 if(csio->cdb_len > sizeof(cmd->cdb))
517 xdebug("guevalt! %d > %ld", csio->cdb_len, (long)sizeof(cmd->cdb));
520 ccb_h->flags & CAM_CDB_POINTER? csio->cdb_io.cdb_ptr: csio->cdb_io.cdb_bytes,
523 cmd->W = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT;
524 cmd->R = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN;
525 cmd->edtlen = htonl(csio->dxfer_len);
529 | place it in the out queue
531 if(isc_qout(sp, pq) == 0)
534 ccb->ccb_h.status = CAM_REQ_INVALID;
540 scsi_decap(isc_session_t *sp, pduq_t *opq, pduq_t *pq)
542 union ccb *ccb = opq->ccb;
543 struct ccb_scsiio *csio = &ccb->csio;
544 pdu_t *opp = &opq->pdu;
545 bhs_t *bhp = &opp->ipdu.bhs;
548 sdebug(6, "pq=%p opq=%p bhp->opcode=0x%x len=%d",
549 pq, opq, bhp->opcode, pq->pdu.ds_len);
551 sdebug(1, "itt=0x%x pq=%p opq=%p bhp->opcode=0x%x len=%d",
552 ntohl(pq->pdu.ipdu.bhs.itt),
553 pq, opq, bhp->opcode, pq->pdu.ds_len);
554 xdebug("%d] ccb == NULL!", sp->sid);
557 if(pq->pdu.ds_len != 0) {
558 switch(bhp->opcode) {
559 case ISCSI_SCSI_CMD: {
560 scsi_req_t *cmd = &opp->ipdu.scsi_req;
561 sdebug(5, "itt=0x%x opcode=%x R=%d",
562 ntohl(pq->pdu.ipdu.bhs.itt),
563 pq->pdu.ipdu.bhs.opcode, cmd->R);
565 switch(pq->pdu.ipdu.bhs.opcode) {
566 case ISCSI_READ_DATA: // SCSI Data in
568 caddr_t bp = NULL; // = mtod(pq->mp, caddr_t);
569 data_in_t *rcmd = &pq->pdu.ipdu.data_in;
572 sdebug(5, "copy to=%p from=%p l1=%d l2=%d mp@%p",
573 csio->data_ptr, bp? mtod(pq->mp, caddr_t): 0,
574 ntohl(cmd->edtlen), pq->pdu.ds_len, pq->mp);
575 if(ntohl(cmd->edtlen) >= pq->pdu.ds_len) {
576 int offset, len = pq->pdu.ds_len;
581 offset = ntohl(rcmd->bo);
582 dp = csio->data_ptr + offset;
583 i_mbufcopy(pq->mp, dp, len);
587 xdebug("edtlen=%d < ds_len=%d",
588 ntohl(cmd->edtlen), pq->pdu.ds_len);
593 | contains also the SCSI Status
595 _scsi_done(sp->isc, 0, rcmd->status, opq->ccb, NULL);
604 sdebug(3, "opcode=%02x", bhp->opcode);