2 * Copyright (c) 2009 Yahoo! Inc.
3 * Copyright (c) 2011-2015 LSI Corp.
4 * Copyright (c) 2013-2016 Avago Technologies
5 * Copyright 2000-2020 Broadcom Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 /* Communications core for Avago Technologies (LSI) MPT3 */
38 /* TODO Move headers to mprvar */
39 #include <sys/types.h>
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/kernel.h>
43 #include <sys/selinfo.h>
44 #include <sys/module.h>
48 #include <sys/malloc.h>
50 #include <sys/sysctl.h>
51 #include <sys/endian.h>
52 #include <sys/queue.h>
53 #include <sys/kthread.h>
54 #include <sys/taskqueue.h>
57 #include <machine/bus.h>
58 #include <machine/resource.h>
61 #include <machine/stdarg.h>
64 #include <cam/cam_ccb.h>
65 #include <cam/cam_debug.h>
66 #include <cam/cam_sim.h>
67 #include <cam/cam_xpt_sim.h>
68 #include <cam/cam_xpt_periph.h>
69 #include <cam/cam_periph.h>
70 #include <cam/scsi/scsi_all.h>
71 #include <cam/scsi/scsi_message.h>
72 #include <cam/scsi/smp_all.h>
74 #include <dev/nvme/nvme.h>
76 #include <dev/mpr/mpi/mpi2_type.h>
77 #include <dev/mpr/mpi/mpi2.h>
78 #include <dev/mpr/mpi/mpi2_ioc.h>
79 #include <dev/mpr/mpi/mpi2_sas.h>
80 #include <dev/mpr/mpi/mpi2_pci.h>
81 #include <dev/mpr/mpi/mpi2_cnfg.h>
82 #include <dev/mpr/mpi/mpi2_init.h>
83 #include <dev/mpr/mpi/mpi2_tool.h>
84 #include <dev/mpr/mpr_ioctl.h>
85 #include <dev/mpr/mprvar.h>
86 #include <dev/mpr/mpr_table.h>
87 #include <dev/mpr/mpr_sas.h>
89 #define MPRSAS_DISCOVERY_TIMEOUT 20
90 #define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */
93 * static array to check SCSI OpCode for EEDP protection bits
95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP
96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
98 static uint8_t op_code_prot[256] = {
99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
117 MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory");
119 static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *);
120 static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *);
121 static void mprsas_action(struct cam_sim *sim, union ccb *ccb);
122 static void mprsas_poll(struct cam_sim *sim);
123 static void mprsas_scsiio_timeout(void *data);
124 static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm);
125 static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *);
126 static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *);
127 static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *);
128 static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *);
129 static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm,
130 struct mpr_command *cm);
131 static void mprsas_async(void *callback_arg, uint32_t code,
132 struct cam_path *path, void *arg);
133 static int mprsas_send_portenable(struct mpr_softc *sc);
134 static void mprsas_portenable_complete(struct mpr_softc *sc,
135 struct mpr_command *cm);
137 static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm);
138 static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb,
140 static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb);
142 struct mprsas_target *
143 mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start,
146 struct mprsas_target *target;
149 for (i = start; i < sassc->maxtargets; i++) {
150 target = &sassc->targets[i];
151 if (target->handle == handle)
158 /* we need to freeze the simq during attach and diag reset, to avoid failing
159 * commands before device handles have been found by discovery. Since
160 * discovery involves reading config pages and possibly sending commands,
161 * discovery actions may continue even after we receive the end of discovery
162 * event, so refcount discovery actions instead of assuming we can unfreeze
163 * the simq when we get the event.
166 mprsas_startup_increment(struct mprsas_softc *sassc)
168 MPR_FUNCTRACE(sassc->sc);
170 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) {
171 if (sassc->startup_refcount++ == 0) {
172 /* just starting, freeze the simq */
173 mpr_dprint(sassc->sc, MPR_INIT,
174 "%s freezing simq\n", __func__);
176 xpt_freeze_simq(sassc->sim, 1);
178 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__,
179 sassc->startup_refcount);
184 mprsas_release_simq_reinit(struct mprsas_softc *sassc)
186 if (sassc->flags & MPRSAS_QUEUE_FROZEN) {
187 sassc->flags &= ~MPRSAS_QUEUE_FROZEN;
188 xpt_release_simq(sassc->sim, 1);
189 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n");
194 mprsas_startup_decrement(struct mprsas_softc *sassc)
196 MPR_FUNCTRACE(sassc->sc);
198 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) {
199 if (--sassc->startup_refcount == 0) {
200 /* finished all discovery-related actions, release
201 * the simq and rescan for the latest topology.
203 mpr_dprint(sassc->sc, MPR_INIT,
204 "%s releasing simq\n", __func__);
205 sassc->flags &= ~MPRSAS_IN_STARTUP;
206 xpt_release_simq(sassc->sim, 1);
209 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__,
210 sassc->startup_refcount);
215 * The firmware requires us to stop sending commands when we're doing task
218 * XXX The logic for serializing the device has been made lazy and moved to
219 * mprsas_prepare_for_tm().
222 mprsas_alloc_tm(struct mpr_softc *sc)
224 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
225 struct mpr_command *tm;
228 tm = mpr_alloc_high_priority_command(sc);
232 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
233 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
238 mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm)
246 * For TM's the devq is frozen for the device. Unfreeze it here and
247 * free the resources used for freezing the devq. Must clear the
248 * INRESET flag as well or scsi I/O will not work.
251 mpr_dprint(sc, MPR_XINFO, "Unfreezing devq for target ID %d\n",
253 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET;
254 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE);
255 xpt_free_path(tm->cm_ccb->ccb_h.path);
256 xpt_free_ccb(tm->cm_ccb);
259 mpr_free_high_priority_command(sc, tm);
263 mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ)
265 struct mprsas_softc *sassc = sc->sassc;
267 target_id_t targetid;
271 pathid = cam_sim_path(sassc->sim);
273 targetid = CAM_TARGET_WILDCARD;
275 targetid = targ - sassc->targets;
278 * Allocate a CCB and schedule a rescan.
280 ccb = xpt_alloc_ccb_nowait();
282 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n");
286 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid,
287 CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
288 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n");
293 if (targetid == CAM_TARGET_WILDCARD)
294 ccb->ccb_h.func_code = XPT_SCAN_BUS;
296 ccb->ccb_h.func_code = XPT_SCAN_TGT;
298 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid);
303 mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...)
313 /* No need to be in here if debugging isn't enabled */
314 if ((cm->cm_sc->mpr_debug & level) == 0)
317 sbuf_new(&sb, str, sizeof(str), 0);
321 if (cm->cm_ccb != NULL) {
322 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str,
324 sbuf_cat(&sb, path_str);
325 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) {
326 scsi_command_string(&cm->cm_ccb->csio, &sb);
327 sbuf_printf(&sb, "length %d ",
328 cm->cm_ccb->csio.dxfer_len);
331 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ",
332 cam_sim_name(cm->cm_sc->sassc->sim),
333 cam_sim_unit(cm->cm_sc->sassc->sim),
334 cam_sim_bus(cm->cm_sc->sassc->sim),
335 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF,
339 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID);
340 sbuf_vprintf(&sb, fmt, ap);
342 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb));
348 mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm)
350 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
351 struct mprsas_target *targ;
356 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
357 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
361 /* XXX retry the remove after the diag reset completes? */
362 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device "
363 "0x%04x\n", __func__, handle);
364 mprsas_free_tm(sc, tm);
368 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
369 MPI2_IOCSTATUS_SUCCESS) {
370 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting "
371 "device 0x%x\n", le16toh(reply->IOCStatus), handle);
374 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n",
375 le32toh(reply->TerminationCount));
376 mpr_free_reply(sc, tm->cm_reply_data);
377 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
379 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n",
383 * Don't clear target if remove fails because things will get confusing.
384 * Leave the devname and sasaddr intact so that we know to avoid reusing
385 * this target id if possible, and so we can assign the same target id
386 * to this device if it comes back in the future.
388 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
389 MPI2_IOCSTATUS_SUCCESS) {
392 targ->encl_handle = 0x0;
393 targ->encl_level_valid = 0x0;
394 targ->encl_level = 0x0;
395 targ->connector_name[0] = ' ';
396 targ->connector_name[1] = ' ';
397 targ->connector_name[2] = ' ';
398 targ->connector_name[3] = ' ';
399 targ->encl_slot = 0x0;
400 targ->exp_dev_handle = 0x0;
402 targ->linkrate = 0x0;
405 targ->scsi_req_desc_type = 0;
408 mprsas_free_tm(sc, tm);
412 * Retry mprsas_prepare_remove() if some previous attempt failed to allocate
413 * high priority command due to limit reached.
416 mprsas_prepare_remove_retry(struct mprsas_softc *sassc)
418 struct mprsas_target *target;
421 if ((sassc->flags & MPRSAS_TOREMOVE) == 0)
424 for (i = 0; i < sassc->maxtargets; i++) {
425 target = &sassc->targets[i];
426 if ((target->flags & MPRSAS_TARGET_TOREMOVE) == 0)
428 if (TAILQ_EMPTY(&sassc->sc->high_priority_req_list))
430 target->flags &= ~MPRSAS_TARGET_TOREMOVE;
431 if (target->flags & MPR_TARGET_FLAGS_VOLUME)
432 mprsas_prepare_volume_remove(sassc, target->handle);
434 mprsas_prepare_remove(sassc, target->handle);
436 sassc->flags &= ~MPRSAS_TOREMOVE;
440 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal.
441 * Otherwise Volume Delete is same as Bare Drive Removal.
444 mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle)
446 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
447 struct mpr_softc *sc;
448 struct mpr_command *cm;
449 struct mprsas_target *targ = NULL;
451 MPR_FUNCTRACE(sassc->sc);
454 targ = mprsas_find_target_by_handle(sassc, 0, handle);
456 /* FIXME: what is the action? */
457 /* We don't know about this device? */
458 mpr_dprint(sc, MPR_ERROR,
459 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle);
463 targ->flags |= MPRSAS_TARGET_INREMOVAL;
465 cm = mprsas_alloc_tm(sc);
467 targ->flags |= MPRSAS_TARGET_TOREMOVE;
468 sassc->flags |= MPRSAS_TOREMOVE;
472 mprsas_rescan_target(sc, targ);
474 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req;
475 req->DevHandle = targ->handle;
476 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
478 if (!targ->is_nvme || sc->custom_nvme_tm_handling) {
479 /* SAS Hard Link Reset / SATA Link Reset */
480 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
482 /* PCIe Protocol Level Reset*/
484 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE;
489 cm->cm_complete = mprsas_remove_volume;
490 cm->cm_complete_data = (void *)(uintptr_t)handle;
492 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n",
493 __func__, targ->tid);
494 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD);
496 mpr_map_command(sc, cm);
500 * The firmware performs debounce on the link to avoid transient link errors
501 * and false removals. When it does decide that link has been lost and a
502 * device needs to go away, it expects that the host will perform a target reset
503 * and then an op remove. The reset has the side-effect of aborting any
504 * outstanding requests for the device, which is required for the op-remove to
505 * succeed. It's not clear if the host should check for the device coming back
506 * alive after the reset.
509 mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle)
511 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
512 struct mpr_softc *sc;
513 struct mpr_command *tm;
514 struct mprsas_target *targ = NULL;
516 MPR_FUNCTRACE(sassc->sc);
520 targ = mprsas_find_target_by_handle(sassc, 0, handle);
522 /* FIXME: what is the action? */
523 /* We don't know about this device? */
524 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n",
529 targ->flags |= MPRSAS_TARGET_INREMOVAL;
531 tm = mprsas_alloc_tm(sc);
533 targ->flags |= MPRSAS_TARGET_TOREMOVE;
534 sassc->flags |= MPRSAS_TOREMOVE;
538 mprsas_rescan_target(sc, targ);
540 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
541 req->DevHandle = htole16(targ->handle);
542 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
544 /* SAS Hard Link Reset / SATA Link Reset */
545 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
549 tm->cm_complete = mprsas_remove_device;
550 tm->cm_complete_data = (void *)(uintptr_t)handle;
552 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n",
553 __func__, targ->tid);
554 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD);
556 mpr_map_command(sc, tm);
560 mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm)
562 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
563 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req;
564 struct mprsas_target *targ;
569 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
570 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
574 * Currently there should be no way we can hit this case. It only
575 * happens when we have a failure to allocate chain frames, and
576 * task management commands don't have S/G lists.
578 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
579 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of "
580 "handle %#04x! This should not happen!\n", __func__,
581 tm->cm_flags, handle);
585 /* XXX retry the remove after the diag reset completes? */
586 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device "
587 "0x%04x\n", __func__, handle);
588 mprsas_free_tm(sc, tm);
592 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
593 MPI2_IOCSTATUS_SUCCESS) {
594 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting "
595 "device 0x%x\n", le16toh(reply->IOCStatus), handle);
598 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n",
599 le32toh(reply->TerminationCount));
600 mpr_free_reply(sc, tm->cm_reply_data);
601 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
603 /* Reuse the existing command */
604 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req;
605 memset(req, 0, sizeof(*req));
606 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL;
607 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE;
608 req->DevHandle = htole16(handle);
610 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
611 tm->cm_complete = mprsas_remove_complete;
612 tm->cm_complete_data = (void *)(uintptr_t)handle;
615 * Wait to send the REMOVE_DEVICE until all the commands have cleared.
616 * They should be aborted or time out and we'll kick thus off there
619 if (TAILQ_FIRST(&targ->commands) == NULL) {
620 mpr_dprint(sc, MPR_INFO, "No pending commands: starting remove_device\n");
621 mpr_map_command(sc, tm);
622 targ->pending_remove_tm = NULL;
624 targ->pending_remove_tm = tm;
627 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n",
629 if (targ->encl_level_valid) {
630 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, "
631 "connector name (%4s)\n", targ->encl_level, targ->encl_slot,
632 targ->connector_name);
637 mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm)
639 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply;
641 struct mprsas_target *targ;
642 struct mprsas_lun *lun;
646 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply;
647 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
652 * At this point, we should have no pending commands for the target.
653 * The remove target has just completed.
655 KASSERT(TAILQ_FIRST(&targ->commands) == NULL,
656 ("%s: no commands should be pending\n", __func__));
659 * Currently there should be no way we can hit this case. It only
660 * happens when we have a failure to allocate chain frames, and
661 * task management commands don't have S/G lists.
663 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
664 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of "
665 "handle %#04x! This should not happen!\n", __func__,
666 tm->cm_flags, handle);
667 mprsas_free_tm(sc, tm);
672 /* most likely a chip reset */
673 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device "
674 "0x%04x\n", __func__, handle);
675 mprsas_free_tm(sc, tm);
679 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n",
680 __func__, handle, le16toh(reply->IOCStatus));
683 * Don't clear target if remove fails because things will get confusing.
684 * Leave the devname and sasaddr intact so that we know to avoid reusing
685 * this target id if possible, and so we can assign the same target id
686 * to this device if it comes back in the future.
688 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
689 MPI2_IOCSTATUS_SUCCESS) {
691 targ->encl_handle = 0x0;
692 targ->encl_level_valid = 0x0;
693 targ->encl_level = 0x0;
694 targ->connector_name[0] = ' ';
695 targ->connector_name[1] = ' ';
696 targ->connector_name[2] = ' ';
697 targ->connector_name[3] = ' ';
698 targ->encl_slot = 0x0;
699 targ->exp_dev_handle = 0x0;
701 targ->linkrate = 0x0;
704 targ->scsi_req_desc_type = 0;
706 while (!SLIST_EMPTY(&targ->luns)) {
707 lun = SLIST_FIRST(&targ->luns);
708 SLIST_REMOVE_HEAD(&targ->luns, lun_link);
713 mprsas_free_tm(sc, tm);
717 mprsas_register_events(struct mpr_softc *sc)
722 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE);
723 setbit(events, MPI2_EVENT_SAS_DISCOVERY);
724 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE);
725 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE);
726 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW);
727 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST);
728 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE);
729 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST);
730 setbit(events, MPI2_EVENT_IR_VOLUME);
731 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK);
732 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS);
733 setbit(events, MPI2_EVENT_TEMP_THRESHOLD);
734 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR);
735 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) {
736 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION);
737 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) {
738 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE);
739 setbit(events, MPI2_EVENT_PCIE_ENUMERATION);
740 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST);
744 mpr_register_events(sc, events, mprsas_evt_handler, NULL,
745 &sc->sassc->mprsas_eh);
751 mpr_attach_sas(struct mpr_softc *sc)
753 struct mprsas_softc *sassc;
755 int unit, error = 0, reqs;
758 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__);
760 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO);
763 * XXX MaxTargets could change during a reinit. Since we don't
764 * resize the targets[] array during such an event, cache the value
765 * of MaxTargets here so that we don't get into trouble later. This
766 * should move into the reinit logic.
768 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes;
769 sassc->targets = malloc(sizeof(struct mprsas_target) *
770 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO);
774 reqs = sc->num_reqs - sc->num_prireqs - 1;
775 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) {
776 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n");
781 unit = device_get_unit(sc->mpr_dev);
782 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc,
783 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq);
784 if (sassc->sim == NULL) {
785 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n");
790 TAILQ_INIT(&sassc->ev_queue);
792 /* Initialize taskqueue for Event Handling */
793 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc);
794 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO,
795 taskqueue_thread_enqueue, &sassc->ev_tq);
796 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq",
797 device_get_nameunit(sc->mpr_dev));
802 * XXX There should be a bus for every port on the adapter, but since
803 * we're just going to fake the topology for now, we'll pretend that
804 * everything is just a target on a single bus.
806 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) {
807 mpr_dprint(sc, MPR_INIT|MPR_ERROR,
808 "Error %d registering SCSI bus\n", error);
814 * Assume that discovery events will start right away.
816 * Hold off boot until discovery is complete.
818 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY;
819 sc->sassc->startup_refcount = 0;
820 mprsas_startup_increment(sassc);
822 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/);
827 * Register for async events so we can determine the EEDP
828 * capabilities of devices.
830 status = xpt_create_path(&sassc->path, /*periph*/NULL,
831 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD,
833 if (status != CAM_REQ_CMP) {
834 mpr_dprint(sc, MPR_INIT|MPR_ERROR,
835 "Error %#x creating sim path\n", status);
840 event = AC_ADVINFO_CHANGED;
841 status = xpt_register_async(event, mprsas_async, sc,
844 if (status != CAM_REQ_CMP) {
845 mpr_dprint(sc, MPR_ERROR,
846 "Error %#x registering async handler for "
847 "AC_ADVINFO_CHANGED events\n", status);
848 xpt_free_path(sassc->path);
852 if (status != CAM_REQ_CMP) {
854 * EEDP use is the exception, not the rule.
855 * Warn the user, but do not fail to attach.
857 mpr_printf(sc, "EEDP capabilities disabled.\n");
860 mprsas_register_events(sc);
865 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error);
870 mpr_detach_sas(struct mpr_softc *sc)
872 struct mprsas_softc *sassc;
873 struct mprsas_lun *lun, *lun_tmp;
874 struct mprsas_target *targ;
879 if (sc->sassc == NULL)
883 mpr_deregister_events(sc, sassc->mprsas_eh);
886 * Drain and free the event handling taskqueue with the lock
887 * unheld so that any parallel processing tasks drain properly
888 * without deadlocking.
890 if (sassc->ev_tq != NULL)
891 taskqueue_free(sassc->ev_tq);
893 /* Deregister our async handler */
894 if (sassc->path != NULL) {
895 xpt_register_async(0, mprsas_async, sc, sassc->path);
896 xpt_free_path(sassc->path);
900 /* Make sure CAM doesn't wedge if we had to bail out early. */
903 while (sassc->startup_refcount != 0)
904 mprsas_startup_decrement(sassc);
906 if (sassc->flags & MPRSAS_IN_STARTUP)
907 xpt_release_simq(sassc->sim, 1);
909 if (sassc->sim != NULL) {
910 xpt_bus_deregister(cam_sim_path(sassc->sim));
911 cam_sim_free(sassc->sim, FALSE);
916 if (sassc->devq != NULL)
917 cam_simq_free(sassc->devq);
919 for (i = 0; i < sassc->maxtargets; i++) {
920 targ = &sassc->targets[i];
921 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
925 free(sassc->targets, M_MPR);
933 mprsas_discovery_end(struct mprsas_softc *sassc)
935 struct mpr_softc *sc = sassc->sc;
939 if (sassc->flags & MPRSAS_DISCOVERY_TIMEOUT_PENDING)
940 callout_stop(&sassc->discovery_callout);
943 * After discovery has completed, check the mapping table for any
944 * missing devices and update their missing counts. Only do this once
945 * whenever the driver is initialized so that missing counts aren't
946 * updated unnecessarily. Note that just because discovery has
947 * completed doesn't mean that events have been processed yet. The
948 * check_devices function is a callout timer that checks if ALL devices
949 * are missing. If so, it will wait a little longer for events to
950 * complete and keep resetting itself until some device in the mapping
951 * table is not missing, meaning that event processing has started.
953 if (sc->track_mapping_events) {
954 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has "
955 "completed. Check for missing devices in the mapping "
957 callout_reset(&sc->device_check_callout,
958 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices,
964 mprsas_action(struct cam_sim *sim, union ccb *ccb)
966 struct mprsas_softc *sassc;
968 sassc = cam_sim_softc(sim);
970 MPR_FUNCTRACE(sassc->sc);
971 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n",
972 ccb->ccb_h.func_code);
973 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED);
975 switch (ccb->ccb_h.func_code) {
978 struct ccb_pathinq *cpi = &ccb->cpi;
979 struct mpr_softc *sc = sassc->sc;
981 cpi->version_num = 1;
982 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
983 cpi->target_sprt = 0;
984 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN;
985 cpi->hba_eng_cnt = 0;
986 cpi->max_target = sassc->maxtargets - 1;
990 * initiator_id is set here to an ID outside the set of valid
991 * target IDs (including volumes).
993 cpi->initiator_id = sassc->maxtargets;
994 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
995 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN);
996 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
997 cpi->unit_number = cam_sim_unit(sim);
998 cpi->bus_id = cam_sim_bus(sim);
1000 * XXXSLM-I think this needs to change based on config page or
1001 * something instead of hardcoded to 150000.
1003 cpi->base_transfer_speed = 150000;
1004 cpi->transport = XPORT_SAS;
1005 cpi->transport_version = 0;
1006 cpi->protocol = PROTO_SCSI;
1007 cpi->protocol_version = SCSI_REV_SPC;
1008 cpi->maxio = sc->maxio;
1009 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1012 case XPT_GET_TRAN_SETTINGS:
1014 struct ccb_trans_settings *cts;
1015 struct ccb_trans_settings_sas *sas;
1016 struct ccb_trans_settings_scsi *scsi;
1017 struct mprsas_target *targ;
1020 sas = &cts->xport_specific.sas;
1021 scsi = &cts->proto_specific.scsi;
1023 KASSERT(cts->ccb_h.target_id < sassc->maxtargets,
1024 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n",
1025 cts->ccb_h.target_id));
1026 targ = &sassc->targets[cts->ccb_h.target_id];
1027 if (targ->handle == 0x0) {
1028 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1032 cts->protocol_version = SCSI_REV_SPC2;
1033 cts->transport = XPORT_SAS;
1034 cts->transport_version = 0;
1036 sas->valid = CTS_SAS_VALID_SPEED;
1037 switch (targ->linkrate) {
1039 sas->bitrate = 150000;
1042 sas->bitrate = 300000;
1045 sas->bitrate = 600000;
1048 sas->bitrate = 1200000;
1054 cts->protocol = PROTO_SCSI;
1055 scsi->valid = CTS_SCSI_VALID_TQ;
1056 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
1058 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1061 case XPT_CALC_GEOMETRY:
1062 cam_calc_geometry(&ccb->ccg, /*extended*/1);
1063 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1066 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action "
1068 mprsas_action_resetdev(sassc, ccb);
1073 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success "
1074 "for abort or reset\n");
1075 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1078 mprsas_action_scsiio(sassc, ccb);
1081 mprsas_action_smpio(sassc, ccb);
1084 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL);
1092 mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code,
1093 target_id_t target_id, lun_id_t lun_id)
1095 path_id_t path_id = cam_sim_path(sc->sassc->sim);
1096 struct cam_path *path;
1098 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__,
1099 ac_code, target_id, (uintmax_t)lun_id);
1101 if (xpt_create_path(&path, NULL,
1102 path_id, target_id, lun_id) != CAM_REQ_CMP) {
1103 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset "
1108 xpt_async(ac_code, path, NULL);
1109 xpt_free_path(path);
1113 mprsas_complete_all_commands(struct mpr_softc *sc)
1115 struct mpr_command *cm;
1120 mtx_assert(&sc->mpr_mtx, MA_OWNED);
1122 /* complete all commands with a NULL reply */
1123 for (i = 1; i < sc->num_reqs; i++) {
1124 cm = &sc->commands[i];
1125 if (cm->cm_state == MPR_CM_STATE_FREE)
1128 cm->cm_state = MPR_CM_STATE_BUSY;
1129 cm->cm_reply = NULL;
1132 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) {
1134 free(cm->cm_data, M_MPR);
1138 if (cm->cm_flags & MPR_CM_FLAGS_POLLED)
1139 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE;
1141 if (cm->cm_complete != NULL) {
1142 mprsas_log_command(cm, MPR_RECOVERY,
1143 "completing cm %p state %x ccb %p for diag reset\n",
1144 cm, cm->cm_state, cm->cm_ccb);
1145 cm->cm_complete(sc, cm);
1147 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) {
1148 mprsas_log_command(cm, MPR_RECOVERY,
1149 "waking up cm %p state %x ccb %p for diag reset\n",
1150 cm, cm->cm_state, cm->cm_ccb);
1155 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) {
1156 /* this should never happen, but if it does, log */
1157 mprsas_log_command(cm, MPR_RECOVERY,
1158 "cm %p state %x flags 0x%x ccb %p during diag "
1159 "reset\n", cm, cm->cm_state, cm->cm_flags,
1164 sc->io_cmds_active = 0;
1168 mprsas_handle_reinit(struct mpr_softc *sc)
1172 /* Go back into startup mode and freeze the simq, so that CAM
1173 * doesn't send any commands until after we've rediscovered all
1174 * targets and found the proper device handles for them.
1176 * After the reset, portenable will trigger discovery, and after all
1177 * discovery-related activities have finished, the simq will be
1180 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__);
1181 sc->sassc->flags |= MPRSAS_IN_STARTUP;
1182 sc->sassc->flags |= MPRSAS_IN_DISCOVERY;
1183 mprsas_startup_increment(sc->sassc);
1185 /* notify CAM of a bus reset */
1186 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD,
1189 /* complete and cleanup after all outstanding commands */
1190 mprsas_complete_all_commands(sc);
1192 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n",
1193 __func__, sc->sassc->startup_refcount);
1195 /* zero all the target handles, since they may change after the
1196 * reset, and we have to rediscover all the targets and use the new
1199 for (i = 0; i < sc->sassc->maxtargets; i++) {
1200 if (sc->sassc->targets[i].outstanding != 0)
1201 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n",
1202 i, sc->sassc->targets[i].outstanding);
1203 sc->sassc->targets[i].handle = 0x0;
1204 sc->sassc->targets[i].exp_dev_handle = 0x0;
1205 sc->sassc->targets[i].outstanding = 0;
1206 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET;
1210 mprsas_tm_timeout(void *data)
1212 struct mpr_command *tm = data;
1213 struct mpr_softc *sc = tm->cm_sc;
1215 mtx_assert(&sc->mpr_mtx, MA_OWNED);
1217 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed "
1220 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE,
1221 ("command not inqueue, state = %u\n", tm->cm_state));
1223 tm->cm_state = MPR_CM_STATE_BUSY;
1228 mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm)
1230 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1231 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1232 unsigned int cm_count = 0;
1233 struct mpr_command *cm;
1234 struct mprsas_target *targ;
1236 callout_stop(&tm->cm_callout);
1238 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1239 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1243 * Currently there should be no way we can hit this case. It only
1244 * happens when we have a failure to allocate chain frames, and
1245 * task management commands don't have S/G lists.
1247 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
1248 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR,
1249 "%s: cm_flags = %#x for LUN reset! "
1250 "This should not happen!\n", __func__, tm->cm_flags);
1251 mprsas_free_tm(sc, tm);
1255 if (reply == NULL) {
1256 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n",
1258 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) {
1259 /* this completion was due to a reset, just cleanup */
1260 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing "
1261 "reset, ignoring NULL LUN reset reply\n");
1263 mprsas_free_tm(sc, tm);
1266 /* we should have gotten a reply. */
1267 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on "
1268 "LUN reset attempt, resetting controller\n");
1274 mpr_dprint(sc, MPR_RECOVERY,
1275 "logical unit reset status 0x%x code 0x%x count %u\n",
1276 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1277 le32toh(reply->TerminationCount));
1280 * See if there are any outstanding commands for this LUN.
1281 * This could be made more efficient by using a per-LU data
1282 * structure of some sort.
1284 TAILQ_FOREACH(cm, &targ->commands, cm_link) {
1285 if (cm->cm_lun == tm->cm_lun)
1289 if (cm_count == 0) {
1290 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1291 "Finished recovery after LUN reset for target %u\n",
1294 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid,
1298 * We've finished recovery for this logical unit. check and
1299 * see if some other logical unit has a timedout command
1300 * that needs to be processed.
1302 cm = TAILQ_FIRST(&targ->timedout_commands);
1304 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1305 "More commands to abort for target %u\n", targ->tid);
1306 mprsas_send_abort(sc, tm, cm);
1309 mprsas_free_tm(sc, tm);
1312 /* if we still have commands for this LUN, the reset
1313 * effectively failed, regardless of the status reported.
1314 * Escalate to a target reset.
1316 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1317 "logical unit reset complete for target %u, but still "
1318 "have %u command(s), sending target reset\n", targ->tid,
1320 if (!targ->is_nvme || sc->custom_nvme_tm_handling)
1321 mprsas_send_reset(sc, tm,
1322 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET);
1329 mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm)
1331 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1332 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1333 struct mprsas_target *targ;
1335 callout_stop(&tm->cm_callout);
1337 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1338 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1342 * Currently there should be no way we can hit this case. It only
1343 * happens when we have a failure to allocate chain frames, and
1344 * task management commands don't have S/G lists.
1346 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
1347 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target "
1348 "reset! This should not happen!\n", __func__, tm->cm_flags);
1349 mprsas_free_tm(sc, tm);
1353 if (reply == NULL) {
1354 mpr_dprint(sc, MPR_RECOVERY,
1355 "NULL target reset reply for tm %p TaskMID %u\n",
1356 tm, le16toh(req->TaskMID));
1357 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) {
1358 /* this completion was due to a reset, just cleanup */
1359 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing "
1360 "reset, ignoring NULL target reset reply\n");
1362 mprsas_free_tm(sc, tm);
1365 /* we should have gotten a reply. */
1366 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on "
1367 "target reset attempt, resetting controller\n");
1373 mpr_dprint(sc, MPR_RECOVERY,
1374 "target reset status 0x%x code 0x%x count %u\n",
1375 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1376 le32toh(reply->TerminationCount));
1378 if (targ->outstanding == 0) {
1380 * We've finished recovery for this target and all
1381 * of its logical units.
1383 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1384 "Finished reset recovery for target %u\n", targ->tid);
1386 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
1390 mprsas_free_tm(sc, tm);
1393 * After a target reset, if this target still has
1394 * outstanding commands, the reset effectively failed,
1395 * regardless of the status reported. escalate.
1397 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1398 "Target reset complete for target %u, but still have %u "
1399 "command(s), resetting controller\n", targ->tid,
1405 #define MPR_RESET_TIMEOUT 30
1408 mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type)
1410 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1411 struct mprsas_target *target;
1414 target = tm->cm_targ;
1415 if (target->handle == 0) {
1416 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id "
1417 "%d\n", __func__, target->tid);
1421 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1422 req->DevHandle = htole16(target->handle);
1423 req->TaskType = type;
1425 if (!target->is_nvme || sc->custom_nvme_tm_handling) {
1426 timeout = MPR_RESET_TIMEOUT;
1428 * Target reset method =
1429 * SAS Hard Link Reset / SATA Link Reset
1431 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
1433 timeout = (target->controller_reset_timeout) ? (
1434 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT);
1435 /* PCIe Protocol Level Reset*/
1437 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE;
1440 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) {
1441 /* XXX Need to handle invalid LUNs */
1442 MPR_SET_LUN(req->LUN, tm->cm_lun);
1443 tm->cm_targ->logical_unit_resets++;
1444 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1445 "Sending logical unit reset to target %u lun %d\n",
1446 target->tid, tm->cm_lun);
1447 tm->cm_complete = mprsas_logical_unit_reset_complete;
1448 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun);
1449 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) {
1450 tm->cm_targ->target_resets++;
1451 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1452 "Sending target reset to target %u\n", target->tid);
1453 tm->cm_complete = mprsas_target_reset_complete;
1454 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD);
1457 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type);
1461 if (target->encl_level_valid) {
1462 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1463 "At enclosure level %d, slot %d, connector name (%4s)\n",
1464 target->encl_level, target->encl_slot,
1465 target->connector_name);
1469 tm->cm_complete_data = (void *)tm;
1471 callout_reset(&tm->cm_callout, timeout * hz,
1472 mprsas_tm_timeout, tm);
1474 err = mpr_map_command(sc, tm);
1476 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY,
1477 "error %d sending reset type %u\n", err, type);
1483 mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm)
1485 struct mpr_command *cm;
1486 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1487 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1488 struct mprsas_target *targ;
1490 callout_stop(&tm->cm_callout);
1492 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1493 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1497 * Currently there should be no way we can hit this case. It only
1498 * happens when we have a failure to allocate chain frames, and
1499 * task management commands don't have S/G lists.
1501 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
1502 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR,
1503 "cm_flags = %#x for abort %p TaskMID %u!\n",
1504 tm->cm_flags, tm, le16toh(req->TaskMID));
1505 mprsas_free_tm(sc, tm);
1509 if (reply == NULL) {
1510 mpr_dprint(sc, MPR_RECOVERY,
1511 "NULL abort reply for tm %p TaskMID %u\n",
1512 tm, le16toh(req->TaskMID));
1513 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) {
1514 /* this completion was due to a reset, just cleanup */
1515 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing "
1516 "reset, ignoring NULL abort reply\n");
1518 mprsas_free_tm(sc, tm);
1520 /* we should have gotten a reply. */
1521 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on "
1522 "abort attempt, resetting controller\n");
1528 mpr_dprint(sc, MPR_RECOVERY,
1529 "abort TaskMID %u status 0x%x code 0x%x count %u\n",
1530 le16toh(req->TaskMID),
1531 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1532 le32toh(reply->TerminationCount));
1534 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands);
1537 * if there are no more timedout commands, we're done with
1538 * error recovery for this target.
1540 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1541 "Finished abort recovery for target %u\n", targ->tid);
1543 mprsas_free_tm(sc, tm);
1544 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) {
1545 /* abort success, but we have more timedout commands to abort */
1546 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1547 "Continuing abort recovery for target %u\n", targ->tid);
1548 mprsas_send_abort(sc, tm, cm);
1551 * we didn't get a command completion, so the abort
1552 * failed as far as we're concerned. escalate.
1554 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1555 "Abort failed for target %u, sending logical unit reset\n",
1558 mprsas_send_reset(sc, tm,
1559 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET);
1563 #define MPR_ABORT_TIMEOUT 5
1566 mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm,
1567 struct mpr_command *cm)
1569 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1570 struct mprsas_target *targ;
1574 if (targ->handle == 0) {
1575 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY,
1576 "%s null devhandle for target_id %d\n",
1577 __func__, cm->cm_ccb->ccb_h.target_id);
1581 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO,
1582 "Aborting command %p\n", cm);
1584 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1585 req->DevHandle = htole16(targ->handle);
1586 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK;
1588 /* XXX Need to handle invalid LUNs */
1589 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun);
1591 req->TaskMID = htole16(cm->cm_desc.Default.SMID);
1594 tm->cm_complete = mprsas_abort_complete;
1595 tm->cm_complete_data = (void *)tm;
1596 tm->cm_targ = cm->cm_targ;
1597 tm->cm_lun = cm->cm_lun;
1599 if (!targ->is_nvme || sc->custom_nvme_tm_handling)
1600 timeout = MPR_ABORT_TIMEOUT;
1602 timeout = sc->nvme_abort_timeout;
1604 callout_reset(&tm->cm_callout, timeout * hz,
1605 mprsas_tm_timeout, tm);
1609 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun);
1611 err = mpr_map_command(sc, tm);
1613 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY,
1614 "error %d sending abort for cm %p SMID %u\n",
1615 err, cm, req->TaskMID);
1620 mprsas_scsiio_timeout(void *data)
1622 sbintime_t elapsed, now;
1624 struct mpr_softc *sc;
1625 struct mpr_command *cm;
1626 struct mprsas_target *targ;
1628 cm = (struct mpr_command *)data;
1634 mtx_assert(&sc->mpr_mtx, MA_OWNED);
1636 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm);
1639 * Run the interrupt handler to make sure it's not pending. This
1640 * isn't perfect because the command could have already completed
1641 * and been re-used, though this is unlikely.
1643 mpr_intr_locked(sc);
1644 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) {
1645 mprsas_log_command(cm, MPR_XINFO,
1646 "SCSI command %p almost timed out\n", cm);
1650 if (cm->cm_ccb == NULL) {
1651 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n");
1658 elapsed = now - ccb->ccb_h.qos.sim_data;
1659 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY,
1660 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n",
1661 targ->tid, targ->handle, ccb->ccb_h.timeout,
1662 sbintime_getsec(elapsed), elapsed & 0xffffffff);
1663 if (targ->encl_level_valid) {
1664 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY,
1665 "At enclosure level %d, slot %d, connector name (%4s)\n",
1666 targ->encl_level, targ->encl_slot, targ->connector_name);
1669 /* XXX first, check the firmware state, to see if it's still
1670 * operational. if not, do a diag reset.
1672 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT);
1673 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT;
1674 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery);
1676 if (targ->tm != NULL) {
1677 /* target already in recovery, just queue up another
1678 * timedout command to be processed later.
1680 mpr_dprint(sc, MPR_RECOVERY, "queued timedout cm %p for "
1681 "processing by tm %p\n", cm, targ->tm);
1683 else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) {
1684 /* start recovery by aborting the first timedout command */
1685 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO,
1686 "Sending abort to target %u for SMID %d\n", targ->tid,
1687 cm->cm_desc.Default.SMID);
1688 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n",
1690 mprsas_send_abort(sc, targ->tm, cm);
1693 /* XXX queue this target up for recovery once a TM becomes
1694 * available. The firmware only has a limited number of
1695 * HighPriority credits for the high priority requests used
1696 * for task management, and we ran out.
1698 * Isilon: don't worry about this for now, since we have
1699 * more credits than disks in an enclosure, and limit
1700 * ourselves to one TM per target for recovery.
1702 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY,
1703 "timedout cm %p failed to allocate a tm\n", cm);
1708 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent
1710 * Return 0 - for success,
1711 * 1 - to immediately return back the command with success status to CAM
1712 * negative value - to fallback to firmware path i.e. issue scsi unmap
1713 * to FW without any translation.
1716 mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm,
1717 union ccb *ccb, struct mprsas_target *targ)
1719 Mpi26NVMeEncapsulatedRequest_t *req = NULL;
1720 struct ccb_scsiio *csio;
1721 struct unmap_parm_list *plist;
1722 struct nvme_dsm_range *nvme_dsm_ranges = NULL;
1723 struct nvme_command *c;
1725 uint16_t ndesc, list_len, data_length;
1726 struct mpr_prp_page *prp_page_info;
1727 uint64_t nvme_dsm_ranges_dma_handle;
1730 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]);
1732 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n");
1736 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT);
1738 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to "
1739 "save UNMAP data\n");
1743 /* Copy SCSI unmap data to a local buffer */
1744 bcopy(csio->data_ptr, plist, csio->dxfer_len);
1746 /* return back the unmap command to CAM with success status,
1747 * if number of descripts is zero.
1749 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4;
1751 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in "
1752 "UNMAP cmd is Zero\n");
1757 data_length = ndesc * sizeof(struct nvme_dsm_range);
1758 if (data_length > targ->MDTS) {
1759 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than "
1760 "Device's MDTS: %d\n", data_length, targ->MDTS);
1765 prp_page_info = mpr_alloc_prp_page(sc);
1766 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for "
1767 "UNMAP command.\n", __func__));
1770 * Insert the allocated PRP page into the command's PRP page list. This
1771 * will be freed when the command is freed.
1773 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link);
1775 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page;
1776 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr;
1778 bzero(nvme_dsm_ranges, data_length);
1780 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data
1781 * for each descriptors contained in SCSI UNMAP data.
1783 for (i = 0; i < ndesc; i++) {
1784 nvme_dsm_ranges[i].length =
1785 htole32(be32toh(plist->desc[i].nlb));
1786 nvme_dsm_ranges[i].starting_lba =
1787 htole64(be64toh(plist->desc[i].slba));
1788 nvme_dsm_ranges[i].attributes = 0;
1791 /* Build MPI2.6's NVMe Encapsulated Request Message */
1792 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req;
1793 bzero(req, sizeof(*req));
1794 req->DevHandle = htole16(targ->handle);
1795 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED;
1796 req->Flags = MPI26_NVME_FLAGS_WRITE;
1797 req->ErrorResponseBaseAddress.High =
1798 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32));
1799 req->ErrorResponseBaseAddress.Low =
1800 htole32(cm->cm_sense_busaddr);
1801 req->ErrorResponseAllocationLength =
1802 htole16(sizeof(struct nvme_completion));
1803 req->EncapsulatedCommandLength =
1804 htole16(sizeof(struct nvme_command));
1805 req->DataLength = htole32(data_length);
1807 /* Build NVMe DSM command */
1808 c = (struct nvme_command *) req->NVMe_Command;
1809 c->opc = NVME_OPC_DATASET_MANAGEMENT;
1810 c->nsid = htole32(csio->ccb_h.target_lun + 1);
1811 c->cdw10 = htole32(ndesc - 1);
1812 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE);
1814 cm->cm_length = data_length;
1817 cm->cm_complete = mprsas_scsiio_complete;
1818 cm->cm_complete_data = ccb;
1820 cm->cm_lun = csio->ccb_h.target_lun;
1823 cm->cm_desc.Default.RequestFlags =
1824 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED;
1826 csio->ccb_h.qos.sim_data = sbinuptime();
1827 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0,
1828 mprsas_scsiio_timeout, cm, 0);
1831 targ->outstanding++;
1832 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link);
1833 ccb->ccb_h.status |= CAM_SIM_QUEUED;
1835 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n",
1836 __func__, cm, ccb, targ->outstanding);
1838 mpr_build_nvme_prp(sc, cm, req,
1839 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length);
1840 mpr_map_command(sc, cm);
1848 mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb)
1850 MPI2_SCSI_IO_REQUEST *req;
1851 struct ccb_scsiio *csio;
1852 struct mpr_softc *sc;
1853 struct mprsas_target *targ;
1854 struct mprsas_lun *lun;
1855 struct mpr_command *cm;
1856 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode;
1857 uint16_t eedp_flags;
1858 uint32_t mpi_control;
1863 mtx_assert(&sc->mpr_mtx, MA_OWNED);
1866 KASSERT(csio->ccb_h.target_id < sassc->maxtargets,
1867 ("Target %d out of bounds in XPT_SCSI_IO\n",
1868 csio->ccb_h.target_id));
1869 targ = &sassc->targets[csio->ccb_h.target_id];
1870 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags);
1871 if (targ->handle == 0x0) {
1872 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n",
1873 __func__, csio->ccb_h.target_id);
1874 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1878 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) {
1879 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO "
1880 "supported %u\n", __func__, csio->ccb_h.target_id);
1881 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1886 * Sometimes, it is possible to get a command that is not "In
1887 * Progress" and was actually aborted by the upper layer. Check for
1888 * this here and complete the command without error.
1890 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) {
1891 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for "
1892 "target %u\n", __func__, csio->ccb_h.target_id);
1897 * If devinfo is 0 this will be a volume. In that case don't tell CAM
1898 * that the volume has timed out. We want volumes to be enumerated
1899 * until they are deleted/removed, not just failed. In either event,
1900 * we're removing the target due to a firmware event telling us
1901 * the device is now gone (as opposed to some transient event). Since
1902 * we're opting to remove failed devices from the OS's view, we need
1903 * to propagate that status up the stack.
1905 if (targ->flags & MPRSAS_TARGET_INREMOVAL) {
1906 if (targ->devinfo == 0)
1907 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1909 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1914 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) {
1915 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__);
1916 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1922 * If target has a reset in progress, the devq should be frozen.
1923 * Geting here we likely hit a race, so just requeue.
1925 if (targ->flags & MPRSAS_TARGET_INRESET) {
1926 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN;
1927 xpt_freeze_devq(ccb->ccb_h.path, 1);
1932 cm = mpr_alloc_command(sc);
1933 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) {
1935 mpr_free_command(sc, cm);
1937 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) {
1938 xpt_freeze_simq(sassc->sim, 1);
1939 sassc->flags |= MPRSAS_QUEUE_FROZEN;
1941 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1942 ccb->ccb_h.status |= CAM_REQUEUE_REQ;
1947 /* For NVME device's issue UNMAP command directly to NVME drives by
1948 * constructing equivalent native NVMe DataSetManagement command.
1950 scsi_opcode = scsiio_cdb_ptr(csio)[0];
1951 if (scsi_opcode == UNMAP &&
1953 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) {
1954 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ);
1955 if (rc == 1) { /* return command to CAM with success status */
1956 mpr_free_command(sc, cm);
1957 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
1960 } else if (!rc) /* Issued NVMe Encapsulated Request Message */
1964 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req;
1965 bzero(req, sizeof(*req));
1966 req->DevHandle = htole16(targ->handle);
1967 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST;
1969 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr);
1970 req->SenseBufferLength = MPR_SENSE_LEN;
1972 req->ChainOffset = 0;
1973 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */
1978 req->DataLength = htole32(csio->dxfer_len);
1979 req->BidirectionalDataLength = 0;
1980 req->IoFlags = htole16(csio->cdb_len);
1983 /* Note: BiDirectional transfers are not supported */
1984 switch (csio->ccb_h.flags & CAM_DIR_MASK) {
1986 mpi_control = MPI2_SCSIIO_CONTROL_READ;
1987 cm->cm_flags |= MPR_CM_FLAGS_DATAIN;
1990 mpi_control = MPI2_SCSIIO_CONTROL_WRITE;
1991 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT;
1995 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER;
1999 if (csio->cdb_len == 32)
2000 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT;
2002 * It looks like the hardware doesn't require an explicit tag
2003 * number for each transaction. SAM Task Management not supported
2006 switch (csio->tag_action) {
2007 case MSG_HEAD_OF_Q_TAG:
2008 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ;
2010 case MSG_ORDERED_Q_TAG:
2011 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ;
2014 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ;
2016 case CAM_TAG_ACTION_NONE:
2017 case MSG_SIMPLE_Q_TAG:
2019 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ;
2022 mpi_control |= (csio->priority << MPI2_SCSIIO_CONTROL_CMDPRI_SHIFT) &
2023 MPI2_SCSIIO_CONTROL_CMDPRI_MASK;
2024 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits;
2025 req->Control = htole32(mpi_control);
2027 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) {
2028 mpr_free_command(sc, cm);
2029 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID);
2034 if (csio->ccb_h.flags & CAM_CDB_POINTER)
2035 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len);
2037 KASSERT(csio->cdb_len <= IOCDBLEN,
2038 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER "
2039 "is not set", csio->cdb_len));
2040 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len);
2042 req->IoFlags = htole16(csio->cdb_len);
2045 * Check if EEDP is supported and enabled. If it is then check if the
2046 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and
2047 * is formatted for EEDP support. If all of this is true, set CDB up
2048 * for EEDP transfer.
2050 eedp_flags = op_code_prot[req->CDB.CDB32[0]];
2051 if (sc->eedp_enabled && eedp_flags) {
2052 SLIST_FOREACH(lun, &targ->luns, lun_link) {
2053 if (lun->lun_id == csio->ccb_h.target_lun) {
2058 if ((lun != NULL) && (lun->eedp_formatted)) {
2059 req->EEDPBlockSize = htole32(lun->eedp_block_size);
2060 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG |
2061 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG |
2062 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD);
2063 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) {
2065 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE;
2067 req->EEDPFlags = htole16(eedp_flags);
2070 * If CDB less than 32, fill in Primary Ref Tag with
2071 * low 4 bytes of LBA. If CDB is 32, tag stuff is
2072 * already there. Also, set protection bit. FreeBSD
2073 * currently does not support CDBs bigger than 16, but
2074 * the code doesn't hurt, and will be here for the
2077 if (csio->cdb_len != 32) {
2078 lba_byte = (csio->cdb_len == 16) ? 6 : 2;
2079 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32.
2080 PrimaryReferenceTag;
2081 for (i = 0; i < 4; i++) {
2083 req->CDB.CDB32[lba_byte + i];
2086 req->CDB.EEDP32.PrimaryReferenceTag =
2088 CDB.EEDP32.PrimaryReferenceTag);
2089 req->CDB.EEDP32.PrimaryApplicationTagMask =
2092 (req->CDB.CDB32[1] & 0x1F) | 0x20;
2095 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG;
2096 req->EEDPFlags = htole16(eedp_flags);
2097 req->CDB.CDB32[10] = (req->CDB.CDB32[10] &
2103 cm->cm_length = csio->dxfer_len;
2104 if (cm->cm_length != 0) {
2106 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB;
2110 cm->cm_sge = &req->SGL;
2111 cm->cm_sglsize = (32 - 24) * 4;
2112 cm->cm_complete = mprsas_scsiio_complete;
2113 cm->cm_complete_data = ccb;
2115 cm->cm_lun = csio->ccb_h.target_lun;
2118 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0)
2119 * and set descriptor type.
2121 if (targ->scsi_req_desc_type ==
2122 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) {
2123 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH;
2124 cm->cm_desc.FastPathSCSIIO.RequestFlags =
2125 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO;
2126 if (!sc->atomic_desc_capable) {
2127 cm->cm_desc.FastPathSCSIIO.DevHandle =
2128 htole16(targ->handle);
2131 cm->cm_desc.SCSIIO.RequestFlags =
2132 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO;
2133 if (!sc->atomic_desc_capable)
2134 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle);
2137 csio->ccb_h.qos.sim_data = sbinuptime();
2138 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0,
2139 mprsas_scsiio_timeout, cm, 0);
2142 targ->outstanding++;
2143 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link);
2144 ccb->ccb_h.status |= CAM_SIM_QUEUED;
2146 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n",
2147 __func__, cm, ccb, targ->outstanding);
2149 mpr_map_command(sc, cm);
2154 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request
2157 mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio,
2158 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ)
2162 u16 ioc_status = le16toh(mpi_reply->IOCStatus) &
2163 MPI2_IOCSTATUS_MASK;
2164 u8 scsi_state = mpi_reply->SCSIState;
2165 u8 scsi_status = mpi_reply->SCSIStatus;
2166 char *desc_ioc_state = NULL;
2167 char *desc_scsi_status = NULL;
2168 u32 log_info = le32toh(mpi_reply->IOCLogInfo);
2170 if (log_info == 0x31170000)
2173 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string,
2175 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string,
2178 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n",
2179 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status);
2180 if (targ->encl_level_valid) {
2181 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, "
2182 "connector name (%4s)\n", targ->encl_level, targ->encl_slot,
2183 targ->connector_name);
2187 * We can add more detail about underflow data here
2190 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), "
2191 "scsi_state %b\n", desc_scsi_status, scsi_status,
2192 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed"
2193 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid");
2195 if (sc->mpr_debug & MPR_XINFO &&
2196 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
2197 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n");
2198 scsi_sense_print(csio);
2199 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n");
2202 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) {
2203 response_info = le32toh(mpi_reply->ResponseInfo);
2204 response_bytes = (u8 *)&response_info;
2205 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n",
2207 mpr_describe_table(mpr_scsi_taskmgmt_string,
2208 response_bytes[0]));
2212 /** mprsas_nvme_trans_status_code
2214 * Convert Native NVMe command error status to
2215 * equivalent SCSI error status.
2217 * Returns appropriate scsi_status
2220 mprsas_nvme_trans_status_code(uint16_t nvme_status,
2221 struct mpr_command *cm)
2223 u8 status = MPI2_SCSI_STATUS_GOOD;
2224 int skey, asc, ascq;
2225 union ccb *ccb = cm->cm_complete_data;
2226 int returned_sense_len;
2229 sct = NVME_STATUS_GET_SCT(nvme_status);
2230 sc = NVME_STATUS_GET_SC(nvme_status);
2232 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2233 skey = SSD_KEY_ILLEGAL_REQUEST;
2234 asc = SCSI_ASC_NO_SENSE;
2235 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2238 case NVME_SCT_GENERIC:
2240 case NVME_SC_SUCCESS:
2241 status = MPI2_SCSI_STATUS_GOOD;
2242 skey = SSD_KEY_NO_SENSE;
2243 asc = SCSI_ASC_NO_SENSE;
2244 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2246 case NVME_SC_INVALID_OPCODE:
2247 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2248 skey = SSD_KEY_ILLEGAL_REQUEST;
2249 asc = SCSI_ASC_ILLEGAL_COMMAND;
2250 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2252 case NVME_SC_INVALID_FIELD:
2253 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2254 skey = SSD_KEY_ILLEGAL_REQUEST;
2255 asc = SCSI_ASC_INVALID_CDB;
2256 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2258 case NVME_SC_DATA_TRANSFER_ERROR:
2259 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2260 skey = SSD_KEY_MEDIUM_ERROR;
2261 asc = SCSI_ASC_NO_SENSE;
2262 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2264 case NVME_SC_ABORTED_POWER_LOSS:
2265 status = MPI2_SCSI_STATUS_TASK_ABORTED;
2266 skey = SSD_KEY_ABORTED_COMMAND;
2267 asc = SCSI_ASC_WARNING;
2268 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED;
2270 case NVME_SC_INTERNAL_DEVICE_ERROR:
2271 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2272 skey = SSD_KEY_HARDWARE_ERROR;
2273 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE;
2274 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2276 case NVME_SC_ABORTED_BY_REQUEST:
2277 case NVME_SC_ABORTED_SQ_DELETION:
2278 case NVME_SC_ABORTED_FAILED_FUSED:
2279 case NVME_SC_ABORTED_MISSING_FUSED:
2280 status = MPI2_SCSI_STATUS_TASK_ABORTED;
2281 skey = SSD_KEY_ABORTED_COMMAND;
2282 asc = SCSI_ASC_NO_SENSE;
2283 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2285 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT:
2286 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2287 skey = SSD_KEY_ILLEGAL_REQUEST;
2288 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID;
2289 ascq = SCSI_ASCQ_INVALID_LUN_ID;
2291 case NVME_SC_LBA_OUT_OF_RANGE:
2292 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2293 skey = SSD_KEY_ILLEGAL_REQUEST;
2294 asc = SCSI_ASC_ILLEGAL_BLOCK;
2295 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2297 case NVME_SC_CAPACITY_EXCEEDED:
2298 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2299 skey = SSD_KEY_MEDIUM_ERROR;
2300 asc = SCSI_ASC_NO_SENSE;
2301 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2303 case NVME_SC_NAMESPACE_NOT_READY:
2304 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2305 skey = SSD_KEY_NOT_READY;
2306 asc = SCSI_ASC_LUN_NOT_READY;
2307 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2311 case NVME_SCT_COMMAND_SPECIFIC:
2313 case NVME_SC_INVALID_FORMAT:
2314 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2315 skey = SSD_KEY_ILLEGAL_REQUEST;
2316 asc = SCSI_ASC_FORMAT_COMMAND_FAILED;
2317 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED;
2319 case NVME_SC_CONFLICTING_ATTRIBUTES:
2320 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2321 skey = SSD_KEY_ILLEGAL_REQUEST;
2322 asc = SCSI_ASC_INVALID_CDB;
2323 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2327 case NVME_SCT_MEDIA_ERROR:
2329 case NVME_SC_WRITE_FAULTS:
2330 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2331 skey = SSD_KEY_MEDIUM_ERROR;
2332 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT;
2333 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2335 case NVME_SC_UNRECOVERED_READ_ERROR:
2336 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2337 skey = SSD_KEY_MEDIUM_ERROR;
2338 asc = SCSI_ASC_UNRECOVERED_READ_ERROR;
2339 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2341 case NVME_SC_GUARD_CHECK_ERROR:
2342 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2343 skey = SSD_KEY_MEDIUM_ERROR;
2344 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED;
2345 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED;
2347 case NVME_SC_APPLICATION_TAG_CHECK_ERROR:
2348 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2349 skey = SSD_KEY_MEDIUM_ERROR;
2350 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED;
2351 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED;
2353 case NVME_SC_REFERENCE_TAG_CHECK_ERROR:
2354 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2355 skey = SSD_KEY_MEDIUM_ERROR;
2356 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED;
2357 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED;
2359 case NVME_SC_COMPARE_FAILURE:
2360 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2361 skey = SSD_KEY_MISCOMPARE;
2362 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY;
2363 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE;
2365 case NVME_SC_ACCESS_DENIED:
2366 status = MPI2_SCSI_STATUS_CHECK_CONDITION;
2367 skey = SSD_KEY_ILLEGAL_REQUEST;
2368 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID;
2369 ascq = SCSI_ASCQ_INVALID_LUN_ID;
2375 returned_sense_len = sizeof(struct scsi_sense_data);
2376 if (returned_sense_len < ccb->csio.sense_len)
2377 ccb->csio.sense_resid = ccb->csio.sense_len -
2380 ccb->csio.sense_resid = 0;
2382 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED,
2383 1, skey, asc, ascq, SSD_ELEM_NONE);
2384 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
2389 /** mprsas_complete_nvme_unmap
2391 * Complete native NVMe command issued using NVMe Encapsulated
2395 mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm)
2397 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply;
2398 struct nvme_completion *nvme_completion = NULL;
2399 u8 scsi_status = MPI2_SCSI_STATUS_GOOD;
2401 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply;
2402 if (le16toh(mpi_reply->ErrorResponseCount)){
2403 nvme_completion = (struct nvme_completion *)cm->cm_sense;
2404 scsi_status = mprsas_nvme_trans_status_code(
2405 nvme_completion->status, cm);
2411 mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm)
2413 MPI2_SCSI_IO_REPLY *rep;
2415 struct ccb_scsiio *csio;
2416 struct mprsas_softc *sassc;
2417 struct scsi_vpd_supported_page_list *vpd_list = NULL;
2418 u8 *TLR_bits, TLR_on, *scsi_cdb;
2421 struct mprsas_target *target;
2422 target_id_t target_id;
2426 callout_stop(&cm->cm_callout);
2427 mtx_assert(&sc->mpr_mtx, MA_OWNED);
2430 ccb = cm->cm_complete_data;
2432 target_id = csio->ccb_h.target_id;
2433 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply;
2434 mpr_dprint(sc, MPR_TRACE,
2435 "cm %p SMID %u ccb %p reply %p outstanding %u csio->scsi_status 0x%x,"
2436 "csio->dxfer_len 0x%x, csio->msg_le 0x%xn\n", cm,
2437 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply,
2438 cm->cm_targ->outstanding, csio->scsi_status,
2439 csio->dxfer_len, csio->msg_len);
2441 * XXX KDM if the chain allocation fails, does it matter if we do
2442 * the sync and unload here? It is simpler to do it in every case,
2443 * assuming it doesn't cause problems.
2445 if (cm->cm_data != NULL) {
2446 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN)
2447 dir = BUS_DMASYNC_POSTREAD;
2448 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT)
2449 dir = BUS_DMASYNC_POSTWRITE;
2450 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir);
2451 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2454 cm->cm_targ->completed++;
2455 cm->cm_targ->outstanding--;
2456 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link);
2457 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED);
2459 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) {
2460 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery);
2461 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY,
2462 ("Not busy for CM_FLAGS_TIMEDOUT: %u\n", cm->cm_state));
2463 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY;
2464 if (cm->cm_reply != NULL)
2465 mprsas_log_command(cm, MPR_RECOVERY,
2466 "completed timedout cm %p ccb %p during recovery "
2467 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb,
2468 le16toh(rep->IOCStatus), rep->SCSIStatus,
2469 rep->SCSIState, le32toh(rep->TransferCount));
2471 mprsas_log_command(cm, MPR_RECOVERY,
2472 "completed timedout cm %p ccb %p during recovery\n",
2474 } else if (cm->cm_targ->tm != NULL) {
2475 if (cm->cm_reply != NULL)
2476 mprsas_log_command(cm, MPR_RECOVERY,
2477 "completed cm %p ccb %p during recovery "
2478 "ioc %x scsi %x state %x xfer %u\n",
2479 cm, cm->cm_ccb, le16toh(rep->IOCStatus),
2480 rep->SCSIStatus, rep->SCSIState,
2481 le32toh(rep->TransferCount));
2483 mprsas_log_command(cm, MPR_RECOVERY,
2484 "completed cm %p ccb %p during recovery\n",
2486 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) {
2487 mprsas_log_command(cm, MPR_RECOVERY,
2488 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb);
2491 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
2493 * We ran into an error after we tried to map the command,
2494 * so we're getting a callback without queueing the command
2495 * to the hardware. So we set the status here, and it will
2496 * be retained below. We'll go through the "fast path",
2497 * because there can be no reply when we haven't actually
2498 * gone out to the hardware.
2500 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ);
2503 * Currently the only error included in the mask is
2504 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of
2505 * chain frames. We need to freeze the queue until we get
2506 * a command that completed without this error, which will
2507 * hopefully have some chain frames attached that we can
2508 * use. If we wanted to get smarter about it, we would
2509 * only unfreeze the queue in this condition when we're
2510 * sure that we're getting some chain frames back. That's
2511 * probably unnecessary.
2513 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) {
2514 xpt_freeze_simq(sassc->sim, 1);
2515 sassc->flags |= MPRSAS_QUEUE_FROZEN;
2516 mpr_dprint(sc, MPR_XINFO, "Error sending command, "
2517 "freezing SIM queue\n");
2522 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER
2523 * flag, and use it in a few places in the rest of this function for
2524 * convenience. Use the macro if available.
2526 scsi_cdb = scsiio_cdb_ptr(csio);
2529 * If this is a Start Stop Unit command and it was issued by the driver
2530 * during shutdown, decrement the refcount to account for all of the
2531 * commands that were sent. All SSU commands should be completed before
2532 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started
2535 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) {
2536 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n");
2540 /* Take the fast path to completion */
2541 if (cm->cm_reply == NULL) {
2542 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) {
2543 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0)
2544 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET);
2546 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
2547 csio->scsi_status = SCSI_STATUS_OK;
2549 if (sassc->flags & MPRSAS_QUEUE_FROZEN) {
2550 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2551 sassc->flags &= ~MPRSAS_QUEUE_FROZEN;
2552 mpr_dprint(sc, MPR_XINFO,
2553 "Unfreezing SIM queue\n");
2558 * There are two scenarios where the status won't be
2559 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is
2560 * set, the second is in the MPR_FLAGS_DIAGRESET above.
2562 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2564 * Freeze the dev queue so that commands are
2565 * executed in the correct order after error
2568 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2569 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2571 mpr_free_command(sc, cm);
2576 target = &sassc->targets[target_id];
2577 if (scsi_cdb[0] == UNMAP &&
2579 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) {
2580 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm);
2581 csio->scsi_status = rep->SCSIStatus;
2584 mprsas_log_command(cm, MPR_XINFO,
2585 "ioc %x scsi %x state %x xfer %u\n",
2586 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2587 le32toh(rep->TransferCount));
2589 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) {
2590 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN:
2591 csio->resid = cm->cm_length - le32toh(rep->TransferCount);
2593 case MPI2_IOCSTATUS_SUCCESS:
2594 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR:
2595 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
2596 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR)
2597 mprsas_log_command(cm, MPR_XINFO, "recovered error\n");
2599 /* Completion failed at the transport level. */
2600 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS |
2601 MPI2_SCSI_STATE_TERMINATED)) {
2602 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2606 /* In a modern packetized environment, an autosense failure
2607 * implies that there's not much else that can be done to
2608 * recover the command.
2610 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) {
2611 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL);
2616 * CAM doesn't care about SAS Response Info data, but if this is
2617 * the state check if TLR should be done. If not, clear the
2618 * TLR_bits for the target.
2620 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) &&
2621 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE)
2622 == MPR_SCSI_RI_INVALID_FRAME)) {
2623 sc->mapping_table[target_id].TLR_bits =
2624 (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2628 * Intentionally override the normal SCSI status reporting
2629 * for these two cases. These are likely to happen in a
2630 * multi-initiator environment, and we want to make sure that
2631 * CAM retries these commands rather than fail them.
2633 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) ||
2634 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) {
2635 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2639 /* Handle normal status and sense */
2640 csio->scsi_status = rep->SCSIStatus;
2641 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD)
2642 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
2644 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR);
2646 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
2647 int sense_len, returned_sense_len;
2649 returned_sense_len = min(le32toh(rep->SenseCount),
2650 sizeof(struct scsi_sense_data));
2651 if (returned_sense_len < csio->sense_len)
2652 csio->sense_resid = csio->sense_len -
2655 csio->sense_resid = 0;
2657 sense_len = min(returned_sense_len,
2658 csio->sense_len - csio->sense_resid);
2659 bzero(&csio->sense_data, sizeof(csio->sense_data));
2660 bcopy(cm->cm_sense, &csio->sense_data, sense_len);
2661 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
2665 * Check if this is an INQUIRY command. If it's a VPD inquiry,
2666 * and it's page code 0 (Supported Page List), and there is
2667 * inquiry data, and this is for a sequential access device, and
2668 * the device is an SSP target, and TLR is supported by the
2669 * controller, turn the TLR_bits value ON if page 0x90 is
2672 if ((scsi_cdb[0] == INQUIRY) &&
2673 (scsi_cdb[1] & SI_EVPD) &&
2674 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) &&
2675 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) &&
2676 (csio->data_ptr != NULL) &&
2677 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) &&
2678 (sc->control_TLR) &&
2679 (sc->mapping_table[target_id].device_info &
2680 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) {
2681 vpd_list = (struct scsi_vpd_supported_page_list *)
2683 TLR_bits = &sc->mapping_table[target_id].TLR_bits;
2684 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2685 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON;
2686 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4];
2687 alloc_len -= csio->resid;
2688 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) {
2689 if (vpd_list->list[i] == 0x90) {
2697 * If this is a SATA direct-access end device, mark it so that
2698 * a SCSI StartStopUnit command will be sent to it when the
2699 * driver is being shutdown.
2701 if ((scsi_cdb[0] == INQUIRY) &&
2702 (csio->data_ptr != NULL) &&
2703 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) &&
2704 (sc->mapping_table[target_id].device_info &
2705 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) &&
2706 ((sc->mapping_table[target_id].device_info &
2707 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) ==
2708 MPI2_SAS_DEVICE_INFO_END_DEVICE)) {
2709 target = &sassc->targets[target_id];
2710 target->supports_SSU = TRUE;
2711 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n",
2715 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE:
2716 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
2718 * If devinfo is 0 this will be a volume. In that case don't
2719 * tell CAM that the volume is not there. We want volumes to
2720 * be enumerated until they are deleted/removed, not just
2723 if (cm->cm_targ->devinfo == 0)
2724 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
2726 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2728 case MPI2_IOCSTATUS_INVALID_SGL:
2729 mpr_print_scsiio_cmd(sc, cm);
2730 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR);
2732 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED:
2734 * This is one of the responses that comes back when an I/O
2735 * has been aborted. If it is because of a timeout that we
2736 * initiated, just set the status to CAM_CMD_TIMEOUT.
2737 * Otherwise set it to CAM_REQ_ABORTED. The effect on the
2738 * command is the same (it gets retried, subject to the
2739 * retry counter), the only difference is what gets printed
2742 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT)
2743 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT);
2745 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2747 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN:
2748 /* resid is ignored for this condition */
2750 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR);
2752 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED:
2753 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED:
2755 * These can sometimes be transient transport-related
2756 * errors, and sometimes persistent drive-related errors.
2757 * We used to retry these without decrementing the retry
2758 * count by returning CAM_REQUEUE_REQ. Unfortunately, if
2759 * we hit a persistent drive problem that returns one of
2760 * these error codes, we would retry indefinitely. So,
2761 * return CAM_REQ_CMP_ERROR so that we decrement the retry
2762 * count and avoid infinite retries. We're taking the
2763 * potential risk of flagging false failures in the event
2764 * of a topology-related error (e.g. a SAS expander problem
2765 * causes a command addressed to a drive to fail), but
2766 * avoiding getting into an infinite retry loop. However,
2767 * if we get them while were moving a device, we should
2768 * fail the request as 'not there' because the device
2769 * is effectively gone.
2771 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL)
2772 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2774 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2775 mpr_dprint(sc, MPR_INFO,
2776 "Controller reported %s tgt %u SMID %u loginfo %x%s\n",
2777 mpr_describe_table(mpr_iocstatus_string,
2778 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK),
2779 target_id, cm->cm_desc.Default.SMID,
2780 le32toh(rep->IOCLogInfo),
2781 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : "");
2782 mpr_dprint(sc, MPR_XINFO,
2783 "SCSIStatus %x SCSIState %x xfercount %u\n",
2784 rep->SCSIStatus, rep->SCSIState,
2785 le32toh(rep->TransferCount));
2787 case MPI2_IOCSTATUS_INVALID_FUNCTION:
2788 case MPI2_IOCSTATUS_INTERNAL_ERROR:
2789 case MPI2_IOCSTATUS_INVALID_VPID:
2790 case MPI2_IOCSTATUS_INVALID_FIELD:
2791 case MPI2_IOCSTATUS_INVALID_STATE:
2792 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED:
2793 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR:
2794 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR:
2795 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
2796 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
2798 mprsas_log_command(cm, MPR_XINFO,
2799 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n",
2800 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo),
2801 rep->SCSIStatus, rep->SCSIState,
2802 le32toh(rep->TransferCount));
2803 csio->resid = cm->cm_length;
2805 if (scsi_cdb[0] == UNMAP &&
2807 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR)
2808 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
2810 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2815 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ);
2817 if (sassc->flags & MPRSAS_QUEUE_FROZEN) {
2818 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2819 sassc->flags &= ~MPRSAS_QUEUE_FROZEN;
2820 mpr_dprint(sc, MPR_XINFO, "Command completed, unfreezing SIM "
2824 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2825 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2826 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2830 * Check to see if we're removing the device. If so, and this is the
2831 * last command on the queue, proceed with the deferred removal of the
2832 * device. Note, for removing a volume, this won't trigger because
2833 * pending_remove_tm will be NULL.
2835 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) {
2836 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL &&
2837 cm->cm_targ->pending_remove_tm != NULL) {
2838 mpr_dprint(sc, MPR_INFO, "Last pending command complete: starting remove_device\n");
2839 mpr_map_command(sc, cm->cm_targ->pending_remove_tm);
2840 cm->cm_targ->pending_remove_tm = NULL;
2844 mpr_free_command(sc, cm);
2849 mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm)
2851 MPI2_SMP_PASSTHROUGH_REPLY *rpl;
2852 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2856 ccb = cm->cm_complete_data;
2859 * Currently there should be no way we can hit this case. It only
2860 * happens when we have a failure to allocate chain frames, and SMP
2861 * commands require two S/G elements only. That should be handled
2862 * in the standard request size.
2864 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
2865 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP "
2866 "request!\n", __func__, cm->cm_flags);
2867 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2871 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply;
2873 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__);
2874 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2878 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2879 sasaddr = le32toh(req->SASAddress.Low);
2880 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32;
2882 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
2883 MPI2_IOCSTATUS_SUCCESS ||
2884 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) {
2885 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n",
2886 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus);
2887 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2891 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx "
2892 "completed successfully\n", __func__, (uintmax_t)sasaddr);
2894 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED)
2895 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
2897 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR);
2901 * We sync in both directions because we had DMAs in the S/G list
2902 * in both directions.
2904 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap,
2905 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
2906 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2907 mpr_free_command(sc, cm);
2912 mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr)
2914 struct mpr_command *cm;
2915 uint8_t *request, *response;
2916 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2917 struct mpr_softc *sc;
2925 switch (ccb->ccb_h.flags & CAM_DATA_MASK) {
2926 case CAM_DATA_PADDR:
2927 case CAM_DATA_SG_PADDR:
2929 * XXX We don't yet support physical addresses here.
2931 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not "
2932 "supported\n", __func__);
2933 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2938 * The chip does not support more than one buffer for the
2939 * request or response.
2941 if ((ccb->smpio.smp_request_sglist_cnt > 1)
2942 || (ccb->smpio.smp_response_sglist_cnt > 1)) {
2943 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or "
2944 "response buffer segments not supported for SMP\n",
2946 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2952 * The CAM_SCATTER_VALID flag was originally implemented
2953 * for the XPT_SCSI_IO CCB, which only has one data pointer.
2954 * We have two. So, just take that flag to mean that we
2955 * might have S/G lists, and look at the S/G segment count
2956 * to figure out whether that is the case for each individual
2959 if (ccb->smpio.smp_request_sglist_cnt != 0) {
2960 bus_dma_segment_t *req_sg;
2962 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request;
2963 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr;
2965 request = ccb->smpio.smp_request;
2967 if (ccb->smpio.smp_response_sglist_cnt != 0) {
2968 bus_dma_segment_t *rsp_sg;
2970 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response;
2971 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr;
2973 response = ccb->smpio.smp_response;
2975 case CAM_DATA_VADDR:
2976 request = ccb->smpio.smp_request;
2977 response = ccb->smpio.smp_response;
2980 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2985 cm = mpr_alloc_command(sc);
2987 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n",
2989 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
2994 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2995 bzero(req, sizeof(*req));
2996 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH;
2998 /* Allow the chip to use any route to this SAS address. */
2999 req->PhysicalPort = 0xff;
3001 req->RequestDataLength = htole16(ccb->smpio.smp_request_len);
3003 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI;
3005 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address "
3006 "%#jx\n", __func__, (uintmax_t)sasaddr);
3008 mpr_init_sge(cm, req, &req->SGL);
3011 * Set up a uio to pass into mpr_map_command(). This allows us to
3012 * do one map command, and one busdma call in there.
3014 cm->cm_uio.uio_iov = cm->cm_iovec;
3015 cm->cm_uio.uio_iovcnt = 2;
3016 cm->cm_uio.uio_segflg = UIO_SYSSPACE;
3019 * The read/write flag isn't used by busdma, but set it just in
3020 * case. This isn't exactly accurate, either, since we're going in
3023 cm->cm_uio.uio_rw = UIO_WRITE;
3025 cm->cm_iovec[0].iov_base = request;
3026 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength);
3027 cm->cm_iovec[1].iov_base = response;
3028 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len;
3030 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len +
3031 cm->cm_iovec[1].iov_len;
3034 * Trigger a warning message in mpr_data_cb() for the user if we
3035 * wind up exceeding two S/G segments. The chip expects one
3036 * segment for the request and another for the response.
3038 cm->cm_max_segs = 2;
3040 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
3041 cm->cm_complete = mprsas_smpio_complete;
3042 cm->cm_complete_data = ccb;
3045 * Tell the mapping code that we're using a uio, and that this is
3046 * an SMP passthrough request. There is a little special-case
3047 * logic there (in mpr_data_cb()) to handle the bidirectional
3050 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS |
3051 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT;
3053 /* The chip data format is little endian. */
3054 req->SASAddress.High = htole32(sasaddr >> 32);
3055 req->SASAddress.Low = htole32(sasaddr);
3058 * XXX Note that we don't have a timeout/abort mechanism here.
3059 * From the manual, it looks like task management requests only
3060 * work for SCSI IO and SATA passthrough requests. We may need to
3061 * have a mechanism to retry requests in the event of a chip reset
3062 * at least. Hopefully the chip will insure that any errors short
3063 * of that are relayed back to the driver.
3065 error = mpr_map_command(sc, cm);
3066 if ((error != 0) && (error != EINPROGRESS)) {
3067 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from "
3068 "mpr_map_command()\n", __func__, error);
3075 mpr_free_command(sc, cm);
3076 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
3082 mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb)
3084 struct mpr_softc *sc;
3085 struct mprsas_target *targ;
3086 uint64_t sasaddr = 0;
3091 * Make sure the target exists.
3093 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets,
3094 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id));
3095 targ = &sassc->targets[ccb->ccb_h.target_id];
3096 if (targ->handle == 0x0) {
3097 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n",
3098 __func__, ccb->ccb_h.target_id);
3099 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT);
3105 * If this device has an embedded SMP target, we'll talk to it
3107 * figure out what the expander's address is.
3109 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0)
3110 sasaddr = targ->sasaddr;
3113 * If we don't have a SAS address for the expander yet, try
3114 * grabbing it from the page 0x83 information cached in the
3115 * transport layer for this target. LSI expanders report the
3116 * expander SAS address as the port-associated SAS address in
3117 * Inquiry VPD page 0x83. Maxim expanders don't report it in page
3120 * XXX KDM disable this for now, but leave it commented out so that
3121 * it is obvious that this is another possible way to get the SAS
3124 * The parent handle method below is a little more reliable, and
3125 * the other benefit is that it works for devices other than SES
3126 * devices. So you can send a SMP request to a da(4) device and it
3127 * will get routed to the expander that device is attached to.
3128 * (Assuming the da(4) device doesn't contain an SMP target...)
3132 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path);
3136 * If we still don't have a SAS address for the expander, look for
3137 * the parent device of this device, which is probably the expander.
3140 #ifdef OLD_MPR_PROBE
3141 struct mprsas_target *parent_target;
3144 if (targ->parent_handle == 0x0) {
3145 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have "
3146 "a valid parent handle!\n", __func__, targ->handle);
3147 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3150 #ifdef OLD_MPR_PROBE
3151 parent_target = mprsas_find_target_by_handle(sassc, 0,
3152 targ->parent_handle);
3154 if (parent_target == NULL) {
3155 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have "
3156 "a valid parent target!\n", __func__, targ->handle);
3157 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3161 if ((parent_target->devinfo &
3162 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
3163 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d "
3164 "does not have an SMP target!\n", __func__,
3165 targ->handle, parent_target->handle);
3166 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3170 sasaddr = parent_target->sasaddr;
3171 #else /* OLD_MPR_PROBE */
3172 if ((targ->parent_devinfo &
3173 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
3174 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d "
3175 "does not have an SMP target!\n", __func__,
3176 targ->handle, targ->parent_handle);
3177 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3180 if (targ->parent_sasaddr == 0x0) {
3181 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle "
3182 "%d does not have a valid SAS address!\n", __func__,
3183 targ->handle, targ->parent_handle);
3184 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3188 sasaddr = targ->parent_sasaddr;
3189 #endif /* OLD_MPR_PROBE */
3193 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for "
3194 "handle %d\n", __func__, targ->handle);
3195 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3198 mprsas_send_smpcmd(sassc, ccb, sasaddr);
3208 mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb)
3210 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3211 struct mpr_softc *sc;
3212 struct mpr_command *tm;
3213 struct mprsas_target *targ;
3215 MPR_FUNCTRACE(sassc->sc);
3216 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED);
3218 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of "
3219 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id));
3221 tm = mprsas_alloc_tm(sc);
3223 mpr_dprint(sc, MPR_ERROR, "command alloc failure in "
3224 "mprsas_action_resetdev\n");
3225 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
3230 targ = &sassc->targets[ccb->ccb_h.target_id];
3231 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3232 req->DevHandle = htole16(targ->handle);
3233 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
3235 if (!targ->is_nvme || sc->custom_nvme_tm_handling) {
3236 /* SAS Hard Link Reset / SATA Link Reset */
3237 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
3239 /* PCIe Protocol Level Reset*/
3241 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE;
3245 tm->cm_complete = mprsas_resetdev_complete;
3246 tm->cm_complete_data = ccb;
3248 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n",
3249 __func__, targ->tid);
3252 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD);
3253 mpr_map_command(sc, tm);
3257 mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm)
3259 MPI2_SCSI_TASK_MANAGE_REPLY *resp;
3263 mtx_assert(&sc->mpr_mtx, MA_OWNED);
3265 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
3266 ccb = tm->cm_complete_data;
3269 * Currently there should be no way we can hit this case. It only
3270 * happens when we have a failure to allocate chain frames, and
3271 * task management commands don't have S/G lists.
3273 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
3274 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3276 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3278 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of "
3279 "handle %#04x! This should not happen!\n", __func__,
3280 tm->cm_flags, req->DevHandle);
3281 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3285 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n",
3286 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode));
3288 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) {
3289 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP);
3290 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
3294 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3298 mprsas_free_tm(sc, tm);
3303 mprsas_poll(struct cam_sim *sim)
3305 struct mprsas_softc *sassc;
3307 sassc = cam_sim_softc(sim);
3309 if (sassc->sc->mpr_debug & MPR_TRACE) {
3310 /* frequent debug messages during a panic just slow
3311 * everything down too much.
3313 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n",
3315 sassc->sc->mpr_debug &= ~MPR_TRACE;
3318 mpr_intr_locked(sassc->sc);
3322 mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path,
3325 struct mpr_softc *sc;
3327 sc = (struct mpr_softc *)callback_arg;
3331 case AC_ADVINFO_CHANGED: {
3332 struct mprsas_target *target;
3333 struct mprsas_softc *sassc;
3334 struct scsi_read_capacity_data_long rcap_buf;
3335 struct ccb_dev_advinfo cdai;
3336 struct mprsas_lun *lun;
3341 buftype = (uintptr_t)arg;
3347 * We're only interested in read capacity data changes.
3349 if (buftype != CDAI_TYPE_RCAPLONG)
3353 * We should have a handle for this, but check to make sure.
3355 KASSERT(xpt_path_target_id(path) < sassc->maxtargets,
3356 ("Target %d out of bounds in mprsas_async\n",
3357 xpt_path_target_id(path)));
3358 target = &sassc->targets[xpt_path_target_id(path)];
3359 if (target->handle == 0)
3362 lunid = xpt_path_lun_id(path);
3364 SLIST_FOREACH(lun, &target->luns, lun_link) {
3365 if (lun->lun_id == lunid) {
3371 if (found_lun == 0) {
3372 lun = malloc(sizeof(struct mprsas_lun), M_MPR,
3375 mpr_dprint(sc, MPR_ERROR, "Unable to alloc "
3376 "LUN for EEDP support.\n");
3379 lun->lun_id = lunid;
3380 SLIST_INSERT_HEAD(&target->luns, lun, lun_link);
3383 bzero(&rcap_buf, sizeof(rcap_buf));
3384 bzero(&cdai, sizeof(cdai));
3385 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL);
3386 cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
3387 cdai.ccb_h.flags = CAM_DIR_IN;
3388 cdai.buftype = CDAI_TYPE_RCAPLONG;
3389 cdai.flags = CDAI_FLAG_NONE;
3390 cdai.bufsiz = sizeof(rcap_buf);
3391 cdai.buf = (uint8_t *)&rcap_buf;
3392 xpt_action((union ccb *)&cdai);
3393 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0)
3394 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE);
3396 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP)
3397 && (rcap_buf.prot & SRC16_PROT_EN)) {
3398 switch (rcap_buf.prot & SRC16_P_TYPE) {
3401 lun->eedp_formatted = TRUE;
3402 lun->eedp_block_size =
3403 scsi_4btoul(rcap_buf.length);
3407 lun->eedp_formatted = FALSE;
3408 lun->eedp_block_size = 0;
3412 lun->eedp_formatted = FALSE;
3413 lun->eedp_block_size = 0;
3424 * Freeze the devq and set the INRESET flag so that no I/O will be sent to
3425 * the target until the reset has completed. The CCB holds the path which
3426 * is used to release the devq. The devq is released and the CCB is freed
3427 * when the TM completes.
3430 mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm,
3431 struct mprsas_target *target, lun_id_t lun_id)
3436 ccb = xpt_alloc_ccb_nowait();
3438 path_id = cam_sim_path(sc->sassc->sim);
3439 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id,
3440 target->tid, lun_id) != CAM_REQ_CMP) {
3443 mpr_dprint(sc, MPR_XINFO,
3444 "%s: Freezing devq for target ID %d\n",
3445 __func__, target->tid);
3446 xpt_freeze_devq(ccb->ccb_h.path, 1);
3448 tm->cm_targ = target;
3449 target->flags |= MPRSAS_TARGET_INRESET;
3455 mprsas_startup(struct mpr_softc *sc)
3458 * Send the port enable message and set the wait_for_port_enable flag.
3459 * This flag helps to keep the simq frozen until all discovery events
3462 sc->wait_for_port_enable = 1;
3463 mprsas_send_portenable(sc);
3468 mprsas_send_portenable(struct mpr_softc *sc)
3470 MPI2_PORT_ENABLE_REQUEST *request;
3471 struct mpr_command *cm;
3475 if ((cm = mpr_alloc_command(sc)) == NULL)
3477 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req;
3478 request->Function = MPI2_FUNCTION_PORT_ENABLE;
3479 request->MsgFlags = 0;
3481 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
3482 cm->cm_complete = mprsas_portenable_complete;
3486 mpr_map_command(sc, cm);
3487 mpr_dprint(sc, MPR_XINFO,
3488 "mpr_send_portenable finished cm %p req %p complete %p\n",
3489 cm, cm->cm_req, cm->cm_complete);
3494 mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm)
3496 MPI2_PORT_ENABLE_REPLY *reply;
3497 struct mprsas_softc *sassc;
3503 * Currently there should be no way we can hit this case. It only
3504 * happens when we have a failure to allocate chain frames, and
3505 * port enable commands don't have S/G lists.
3507 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) {
3508 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! "
3509 "This should not happen!\n", __func__, cm->cm_flags);
3512 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply;
3514 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n");
3515 else if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
3516 MPI2_IOCSTATUS_SUCCESS)
3517 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n");
3519 mpr_free_command(sc, cm);
3521 * Done waiting for port enable to complete. Decrement the refcount.
3522 * If refcount is 0, discovery is complete and a rescan of the bus can
3525 sc->wait_for_port_enable = 0;
3526 sc->port_enable_complete = 1;
3527 wakeup(&sc->port_enable_complete);
3528 mprsas_startup_decrement(sassc);
3532 mprsas_check_id(struct mprsas_softc *sassc, int id)
3534 struct mpr_softc *sc = sassc->sc;
3538 ids = &sc->exclude_ids[0];
3539 while((name = strsep(&ids, ",")) != NULL) {
3540 if (name[0] == '\0')
3542 if (strtol(name, NULL, 0) == (long)id)
3550 mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets)
3552 struct mprsas_softc *sassc;
3553 struct mprsas_lun *lun, *lun_tmp;
3554 struct mprsas_target *targ;
3559 * The number of targets is based on IOC Facts, so free all of
3560 * the allocated LUNs for each target and then the target buffer
3563 for (i=0; i< maxtargets; i++) {
3564 targ = &sassc->targets[i];
3565 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
3569 free(sassc->targets, M_MPR);
3571 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets,
3572 M_MPR, M_WAITOK|M_ZERO);
projects / FreeBSD / FreeBSD.git / blob