2 * Copyright (c) 2009 Yahoo! Inc.
3 * Copyright (c) 2011-2015 LSI Corp.
4 * Copyright (c) 2013-2015 Avago Technologies
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 /* Communications core for Avago Technologies (LSI) MPT2 */
38 /* TODO Move headers to mpsvar */
39 #include <sys/types.h>
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/kernel.h>
43 #include <sys/selinfo.h>
44 #include <sys/module.h>
48 #include <sys/malloc.h>
50 #include <sys/sysctl.h>
51 #include <sys/endian.h>
52 #include <sys/queue.h>
53 #include <sys/kthread.h>
54 #include <sys/taskqueue.h>
57 #include <machine/bus.h>
58 #include <machine/resource.h>
61 #include <machine/stdarg.h>
64 #include <cam/cam_ccb.h>
65 #include <cam/cam_xpt.h>
66 #include <cam/cam_debug.h>
67 #include <cam/cam_sim.h>
68 #include <cam/cam_xpt_sim.h>
69 #include <cam/cam_xpt_periph.h>
70 #include <cam/cam_periph.h>
71 #include <cam/scsi/scsi_all.h>
72 #include <cam/scsi/scsi_message.h>
73 #if __FreeBSD_version >= 900026
74 #include <cam/scsi/smp_all.h>
77 #include <dev/mps/mpi/mpi2_type.h>
78 #include <dev/mps/mpi/mpi2.h>
79 #include <dev/mps/mpi/mpi2_ioc.h>
80 #include <dev/mps/mpi/mpi2_sas.h>
81 #include <dev/mps/mpi/mpi2_cnfg.h>
82 #include <dev/mps/mpi/mpi2_init.h>
83 #include <dev/mps/mpi/mpi2_tool.h>
84 #include <dev/mps/mps_ioctl.h>
85 #include <dev/mps/mpsvar.h>
86 #include <dev/mps/mps_table.h>
87 #include <dev/mps/mps_sas.h>
89 #define MPSSAS_DISCOVERY_TIMEOUT 20
90 #define MPSSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */
93 * static array to check SCSI OpCode for EEDP protection bits
95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP
96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
98 static uint8_t op_code_prot[256] = {
99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
117 MALLOC_DEFINE(M_MPSSAS, "MPSSAS", "MPS SAS memory");
119 static void mpssas_remove_device(struct mps_softc *, struct mps_command *);
120 static void mpssas_remove_complete(struct mps_softc *, struct mps_command *);
121 static void mpssas_action(struct cam_sim *sim, union ccb *ccb);
122 static void mpssas_poll(struct cam_sim *sim);
123 static int mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm,
124 struct mps_command *cm);
125 static void mpssas_scsiio_timeout(void *data);
126 static void mpssas_abort_complete(struct mps_softc *sc, struct mps_command *cm);
127 static void mpssas_direct_drive_io(struct mpssas_softc *sassc,
128 struct mps_command *cm, union ccb *ccb);
129 static void mpssas_action_scsiio(struct mpssas_softc *, union ccb *);
130 static void mpssas_scsiio_complete(struct mps_softc *, struct mps_command *);
131 static void mpssas_action_resetdev(struct mpssas_softc *, union ccb *);
132 #if __FreeBSD_version >= 900026
133 static void mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm);
134 static void mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb,
136 static void mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb);
137 #endif //FreeBSD_version >= 900026
138 static void mpssas_resetdev_complete(struct mps_softc *, struct mps_command *);
139 static void mpssas_async(void *callback_arg, uint32_t code,
140 struct cam_path *path, void *arg);
141 #if (__FreeBSD_version < 901503) || \
142 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006))
143 static void mpssas_check_eedp(struct mps_softc *sc, struct cam_path *path,
144 struct ccb_getdev *cgd);
145 static void mpssas_read_cap_done(struct cam_periph *periph, union ccb *done_ccb);
147 static int mpssas_send_portenable(struct mps_softc *sc);
148 static void mpssas_portenable_complete(struct mps_softc *sc,
149 struct mps_command *cm);
151 struct mpssas_target *
152 mpssas_find_target_by_handle(struct mpssas_softc *sassc, int start, uint16_t handle)
154 struct mpssas_target *target;
157 for (i = start; i < sassc->maxtargets; i++) {
158 target = &sassc->targets[i];
159 if (target->handle == handle)
166 /* we need to freeze the simq during attach and diag reset, to avoid failing
167 * commands before device handles have been found by discovery. Since
168 * discovery involves reading config pages and possibly sending commands,
169 * discovery actions may continue even after we receive the end of discovery
170 * event, so refcount discovery actions instead of assuming we can unfreeze
171 * the simq when we get the event.
174 mpssas_startup_increment(struct mpssas_softc *sassc)
176 MPS_FUNCTRACE(sassc->sc);
178 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) {
179 if (sassc->startup_refcount++ == 0) {
180 /* just starting, freeze the simq */
181 mps_dprint(sassc->sc, MPS_INIT,
182 "%s freezing simq\n", __func__);
183 #if __FreeBSD_version >= 1000039
186 xpt_freeze_simq(sassc->sim, 1);
188 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__,
189 sassc->startup_refcount);
194 mpssas_release_simq_reinit(struct mpssas_softc *sassc)
196 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
197 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
198 xpt_release_simq(sassc->sim, 1);
199 mps_dprint(sassc->sc, MPS_INFO, "Unfreezing SIM queue\n");
204 mpssas_startup_decrement(struct mpssas_softc *sassc)
206 MPS_FUNCTRACE(sassc->sc);
208 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) {
209 if (--sassc->startup_refcount == 0) {
210 /* finished all discovery-related actions, release
211 * the simq and rescan for the latest topology.
213 mps_dprint(sassc->sc, MPS_INIT,
214 "%s releasing simq\n", __func__);
215 sassc->flags &= ~MPSSAS_IN_STARTUP;
216 xpt_release_simq(sassc->sim, 1);
217 #if __FreeBSD_version >= 1000039
220 mpssas_rescan_target(sassc->sc, NULL);
223 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__,
224 sassc->startup_refcount);
228 /* The firmware requires us to stop sending commands when we're doing task
229 * management, so refcount the TMs and keep the simq frozen when any are in
233 mpssas_alloc_tm(struct mps_softc *sc)
235 struct mps_command *tm;
237 tm = mps_alloc_high_priority_command(sc);
242 mpssas_free_tm(struct mps_softc *sc, struct mps_command *tm)
244 int target_id = 0xFFFFFFFF;
250 * For TM's the devq is frozen for the device. Unfreeze it here and
251 * free the resources used for freezing the devq. Must clear the
252 * INRESET flag as well or scsi I/O will not work.
254 if (tm->cm_targ != NULL) {
255 tm->cm_targ->flags &= ~MPSSAS_TARGET_INRESET;
256 target_id = tm->cm_targ->tid;
259 mps_dprint(sc, MPS_INFO, "Unfreezing devq for target ID %d\n",
261 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE);
262 xpt_free_path(tm->cm_ccb->ccb_h.path);
263 xpt_free_ccb(tm->cm_ccb);
266 mps_free_high_priority_command(sc, tm);
270 mpssas_rescan_target(struct mps_softc *sc, struct mpssas_target *targ)
272 struct mpssas_softc *sassc = sc->sassc;
274 target_id_t targetid;
278 pathid = cam_sim_path(sassc->sim);
280 targetid = CAM_TARGET_WILDCARD;
282 targetid = targ - sassc->targets;
285 * Allocate a CCB and schedule a rescan.
287 ccb = xpt_alloc_ccb_nowait();
289 mps_dprint(sc, MPS_ERROR, "unable to alloc CCB for rescan\n");
293 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid,
294 targetid, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
295 mps_dprint(sc, MPS_ERROR, "unable to create path for rescan\n");
300 if (targetid == CAM_TARGET_WILDCARD)
301 ccb->ccb_h.func_code = XPT_SCAN_BUS;
303 ccb->ccb_h.func_code = XPT_SCAN_TGT;
305 mps_dprint(sc, MPS_TRACE, "%s targetid %u\n", __func__, targetid);
310 mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...)
320 /* No need to be in here if debugging isn't enabled */
321 if ((cm->cm_sc->mps_debug & level) == 0)
324 sbuf_new(&sb, str, sizeof(str), 0);
328 if (cm->cm_ccb != NULL) {
329 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str,
331 sbuf_cat(&sb, path_str);
332 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) {
333 scsi_command_string(&cm->cm_ccb->csio, &sb);
334 sbuf_printf(&sb, "length %d ",
335 cm->cm_ccb->csio.dxfer_len);
339 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ",
340 cam_sim_name(cm->cm_sc->sassc->sim),
341 cam_sim_unit(cm->cm_sc->sassc->sim),
342 cam_sim_bus(cm->cm_sc->sassc->sim),
343 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF,
347 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID);
348 sbuf_vprintf(&sb, fmt, ap);
350 mps_print_field(cm->cm_sc, "%s", sbuf_data(&sb));
357 mpssas_remove_volume(struct mps_softc *sc, struct mps_command *tm)
359 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
360 struct mpssas_target *targ;
365 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
366 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
370 /* XXX retry the remove after the diag reset completes? */
371 mps_dprint(sc, MPS_FAULT,
372 "%s NULL reply resetting device 0x%04x\n", __func__,
374 mpssas_free_tm(sc, tm);
378 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
379 MPI2_IOCSTATUS_SUCCESS) {
380 mps_dprint(sc, MPS_ERROR,
381 "IOCStatus = 0x%x while resetting device 0x%x\n",
382 le16toh(reply->IOCStatus), handle);
385 mps_dprint(sc, MPS_XINFO,
386 "Reset aborted %u commands\n", reply->TerminationCount);
387 mps_free_reply(sc, tm->cm_reply_data);
388 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
390 mps_dprint(sc, MPS_XINFO,
391 "clearing target %u handle 0x%04x\n", targ->tid, handle);
394 * Don't clear target if remove fails because things will get confusing.
395 * Leave the devname and sasaddr intact so that we know to avoid reusing
396 * this target id if possible, and so we can assign the same target id
397 * to this device if it comes back in the future.
399 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
400 MPI2_IOCSTATUS_SUCCESS) {
403 targ->encl_handle = 0x0;
404 targ->encl_slot = 0x0;
405 targ->exp_dev_handle = 0x0;
407 targ->linkrate = 0x0;
412 mpssas_free_tm(sc, tm);
417 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal.
418 * Otherwise Volume Delete is same as Bare Drive Removal.
421 mpssas_prepare_volume_remove(struct mpssas_softc *sassc, uint16_t handle)
423 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
424 struct mps_softc *sc;
425 struct mps_command *cm;
426 struct mpssas_target *targ = NULL;
428 MPS_FUNCTRACE(sassc->sc);
433 * If this is a WD controller, determine if the disk should be exposed
434 * to the OS or not. If disk should be exposed, return from this
435 * function without doing anything.
437 if (sc->WD_available && (sc->WD_hide_expose ==
438 MPS_WD_EXPOSE_ALWAYS)) {
443 targ = mpssas_find_target_by_handle(sassc, 0, handle);
445 /* FIXME: what is the action? */
446 /* We don't know about this device? */
447 mps_dprint(sc, MPS_ERROR,
448 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle);
452 targ->flags |= MPSSAS_TARGET_INREMOVAL;
454 cm = mpssas_alloc_tm(sc);
456 mps_dprint(sc, MPS_ERROR,
457 "%s: command alloc failure\n", __func__);
461 mpssas_rescan_target(sc, targ);
463 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req;
464 req->DevHandle = targ->handle;
465 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
466 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
468 /* SAS Hard Link Reset / SATA Link Reset */
469 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
473 cm->cm_desc.HighPriority.RequestFlags =
474 MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
475 cm->cm_complete = mpssas_remove_volume;
476 cm->cm_complete_data = (void *)(uintptr_t)handle;
478 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n",
479 __func__, targ->tid);
480 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD);
482 mps_map_command(sc, cm);
486 * The MPT2 firmware performs debounce on the link to avoid transient link
487 * errors and false removals. When it does decide that link has been lost
488 * and a device need to go away, it expects that the host will perform a
489 * target reset and then an op remove. The reset has the side-effect of
490 * aborting any outstanding requests for the device, which is required for
491 * the op-remove to succeed. It's not clear if the host should check for
492 * the device coming back alive after the reset.
495 mpssas_prepare_remove(struct mpssas_softc *sassc, uint16_t handle)
497 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
498 struct mps_softc *sc;
499 struct mps_command *cm;
500 struct mpssas_target *targ = NULL;
502 MPS_FUNCTRACE(sassc->sc);
506 targ = mpssas_find_target_by_handle(sassc, 0, handle);
508 /* FIXME: what is the action? */
509 /* We don't know about this device? */
510 mps_dprint(sc, MPS_ERROR,
511 "%s : invalid handle 0x%x \n", __func__, handle);
515 targ->flags |= MPSSAS_TARGET_INREMOVAL;
517 cm = mpssas_alloc_tm(sc);
519 mps_dprint(sc, MPS_ERROR,
520 "%s: command alloc failure\n", __func__);
524 mpssas_rescan_target(sc, targ);
526 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req;
527 memset(req, 0, sizeof(*req));
528 req->DevHandle = htole16(targ->handle);
529 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
530 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
532 /* SAS Hard Link Reset / SATA Link Reset */
533 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
537 cm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
538 cm->cm_complete = mpssas_remove_device;
539 cm->cm_complete_data = (void *)(uintptr_t)handle;
541 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n",
542 __func__, targ->tid);
543 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD);
545 mps_map_command(sc, cm);
549 mpssas_remove_device(struct mps_softc *sc, struct mps_command *tm)
551 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
552 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req;
553 struct mpssas_target *targ;
554 struct mps_command *next_cm;
559 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
560 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
564 * Currently there should be no way we can hit this case. It only
565 * happens when we have a failure to allocate chain frames, and
566 * task management commands don't have S/G lists.
568 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
569 mps_dprint(sc, MPS_ERROR,
570 "%s: cm_flags = %#x for remove of handle %#04x! "
571 "This should not happen!\n", __func__, tm->cm_flags,
576 /* XXX retry the remove after the diag reset completes? */
577 mps_dprint(sc, MPS_FAULT,
578 "%s NULL reply resetting device 0x%04x\n", __func__,
580 mpssas_free_tm(sc, tm);
584 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
585 MPI2_IOCSTATUS_SUCCESS) {
586 mps_dprint(sc, MPS_ERROR,
587 "IOCStatus = 0x%x while resetting device 0x%x\n",
588 le16toh(reply->IOCStatus), handle);
591 mps_dprint(sc, MPS_XINFO, "Reset aborted %u commands\n",
592 le32toh(reply->TerminationCount));
593 mps_free_reply(sc, tm->cm_reply_data);
594 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
596 /* Reuse the existing command */
597 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req;
598 memset(req, 0, sizeof(*req));
599 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL;
600 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE;
601 req->DevHandle = htole16(handle);
603 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
604 tm->cm_complete = mpssas_remove_complete;
605 tm->cm_complete_data = (void *)(uintptr_t)handle;
607 mps_map_command(sc, tm);
609 mps_dprint(sc, MPS_XINFO, "clearing target %u handle 0x%04x\n",
611 TAILQ_FOREACH_SAFE(tm, &targ->commands, cm_link, next_cm) {
614 mps_dprint(sc, MPS_XINFO, "Completing missed command %p\n", tm);
615 ccb = tm->cm_complete_data;
616 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
617 mpssas_scsiio_complete(sc, tm);
622 mpssas_remove_complete(struct mps_softc *sc, struct mps_command *tm)
624 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply;
626 struct mpssas_target *targ;
627 struct mpssas_lun *lun;
631 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply;
632 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
635 * Currently there should be no way we can hit this case. It only
636 * happens when we have a failure to allocate chain frames, and
637 * task management commands don't have S/G lists.
639 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
640 mps_dprint(sc, MPS_XINFO,
641 "%s: cm_flags = %#x for remove of handle %#04x! "
642 "This should not happen!\n", __func__, tm->cm_flags,
644 mpssas_free_tm(sc, tm);
649 /* most likely a chip reset */
650 mps_dprint(sc, MPS_FAULT,
651 "%s NULL reply removing device 0x%04x\n", __func__, handle);
652 mpssas_free_tm(sc, tm);
656 mps_dprint(sc, MPS_XINFO,
657 "%s on handle 0x%04x, IOCStatus= 0x%x\n", __func__,
658 handle, le16toh(reply->IOCStatus));
661 * Don't clear target if remove fails because things will get confusing.
662 * Leave the devname and sasaddr intact so that we know to avoid reusing
663 * this target id if possible, and so we can assign the same target id
664 * to this device if it comes back in the future.
666 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
667 MPI2_IOCSTATUS_SUCCESS) {
670 targ->encl_handle = 0x0;
671 targ->encl_slot = 0x0;
672 targ->exp_dev_handle = 0x0;
674 targ->linkrate = 0x0;
678 while(!SLIST_EMPTY(&targ->luns)) {
679 lun = SLIST_FIRST(&targ->luns);
680 SLIST_REMOVE_HEAD(&targ->luns, lun_link);
686 mpssas_free_tm(sc, tm);
690 mpssas_register_events(struct mps_softc *sc)
692 u32 events[MPI2_EVENT_NOTIFY_EVENTMASK_WORDS];
695 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE);
696 setbit(events, MPI2_EVENT_SAS_DISCOVERY);
697 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE);
698 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE);
699 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW);
700 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST);
701 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE);
702 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST);
703 setbit(events, MPI2_EVENT_IR_VOLUME);
704 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK);
705 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS);
706 setbit(events, MPI2_EVENT_LOG_ENTRY_ADDED);
708 mps_register_events(sc, events, mpssas_evt_handler, NULL,
709 &sc->sassc->mpssas_eh);
715 mps_attach_sas(struct mps_softc *sc)
717 struct mpssas_softc *sassc;
722 mps_dprint(sc, MPS_INIT, "%s entered\n", __func__);
724 sassc = malloc(sizeof(struct mpssas_softc), M_MPT2, M_WAITOK|M_ZERO);
726 mps_dprint(sc, MPS_INIT|MPS_ERROR,
727 "Cannot allocate SAS controller memory\n");
732 * XXX MaxTargets could change during a reinit. Since we don't
733 * resize the targets[] array during such an event, cache the value
734 * of MaxTargets here so that we don't get into trouble later. This
735 * should move into the reinit logic.
737 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes;
738 sassc->targets = malloc(sizeof(struct mpssas_target) *
739 sassc->maxtargets, M_MPT2, M_WAITOK|M_ZERO);
740 if(!sassc->targets) {
741 mps_dprint(sc, MPS_INIT|MPS_ERROR,
742 "Cannot allocate SAS target memory\n");
749 if ((sassc->devq = cam_simq_alloc(sc->num_reqs)) == NULL) {
750 mps_dprint(sc, MPS_ERROR, "Cannot allocate SIMQ\n");
755 unit = device_get_unit(sc->mps_dev);
756 sassc->sim = cam_sim_alloc(mpssas_action, mpssas_poll, "mps", sassc,
757 unit, &sc->mps_mtx, sc->num_reqs, sc->num_reqs, sassc->devq);
758 if (sassc->sim == NULL) {
759 mps_dprint(sc, MPS_INIT|MPS_ERROR, "Cannot allocate SIM\n");
764 TAILQ_INIT(&sassc->ev_queue);
766 /* Initialize taskqueue for Event Handling */
767 TASK_INIT(&sassc->ev_task, 0, mpssas_firmware_event_work, sc);
768 sassc->ev_tq = taskqueue_create("mps_taskq", M_NOWAIT | M_ZERO,
769 taskqueue_thread_enqueue, &sassc->ev_tq);
770 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq",
771 device_get_nameunit(sc->mps_dev));
776 * XXX There should be a bus for every port on the adapter, but since
777 * we're just going to fake the topology for now, we'll pretend that
778 * everything is just a target on a single bus.
780 if ((error = xpt_bus_register(sassc->sim, sc->mps_dev, 0)) != 0) {
781 mps_dprint(sc, MPS_INIT|MPS_ERROR,
782 "Error %d registering SCSI bus\n", error);
788 * Assume that discovery events will start right away.
790 * Hold off boot until discovery is complete.
792 sassc->flags |= MPSSAS_IN_STARTUP | MPSSAS_IN_DISCOVERY;
793 sc->sassc->startup_refcount = 0;
794 mpssas_startup_increment(sassc);
796 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/);
799 * Register for async events so we can determine the EEDP
800 * capabilities of devices.
802 status = xpt_create_path(&sassc->path, /*periph*/NULL,
803 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD,
805 if (status != CAM_REQ_CMP) {
806 mps_dprint(sc, MPS_ERROR|MPS_INIT,
807 "Error %#x creating sim path\n", status);
812 #if (__FreeBSD_version >= 1000006) || \
813 ((__FreeBSD_version >= 901503) && (__FreeBSD_version < 1000000))
814 event = AC_ADVINFO_CHANGED;
816 event = AC_FOUND_DEVICE;
818 status = xpt_register_async(event, mpssas_async, sc,
820 if (status != CAM_REQ_CMP) {
821 mps_dprint(sc, MPS_ERROR,
822 "Error %#x registering async handler for "
823 "AC_ADVINFO_CHANGED events\n", status);
824 xpt_free_path(sassc->path);
828 if (status != CAM_REQ_CMP) {
830 * EEDP use is the exception, not the rule.
831 * Warn the user, but do not fail to attach.
833 mps_printf(sc, "EEDP capabilities disabled.\n");
838 mpssas_register_events(sc);
843 mps_dprint(sc, MPS_INIT, "%s exit error= %d\n", __func__, error);
848 mps_detach_sas(struct mps_softc *sc)
850 struct mpssas_softc *sassc;
851 struct mpssas_lun *lun, *lun_tmp;
852 struct mpssas_target *targ;
857 if (sc->sassc == NULL)
861 mps_deregister_events(sc, sassc->mpssas_eh);
864 * Drain and free the event handling taskqueue with the lock
865 * unheld so that any parallel processing tasks drain properly
866 * without deadlocking.
868 if (sassc->ev_tq != NULL)
869 taskqueue_free(sassc->ev_tq);
871 /* Make sure CAM doesn't wedge if we had to bail out early. */
874 /* Deregister our async handler */
875 if (sassc->path != NULL) {
876 xpt_register_async(0, mpssas_async, sc, sassc->path);
877 xpt_free_path(sassc->path);
881 if (sassc->flags & MPSSAS_IN_STARTUP)
882 xpt_release_simq(sassc->sim, 1);
884 if (sassc->sim != NULL) {
885 xpt_bus_deregister(cam_sim_path(sassc->sim));
886 cam_sim_free(sassc->sim, FALSE);
891 if (sassc->devq != NULL)
892 cam_simq_free(sassc->devq);
894 for(i=0; i< sassc->maxtargets ;i++) {
895 targ = &sassc->targets[i];
896 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
900 free(sassc->targets, M_MPT2);
908 mpssas_discovery_end(struct mpssas_softc *sassc)
910 struct mps_softc *sc = sassc->sc;
914 if (sassc->flags & MPSSAS_DISCOVERY_TIMEOUT_PENDING)
915 callout_stop(&sassc->discovery_callout);
918 * After discovery has completed, check the mapping table for any
919 * missing devices and update their missing counts. Only do this once
920 * whenever the driver is initialized so that missing counts aren't
921 * updated unnecessarily. Note that just because discovery has
922 * completed doesn't mean that events have been processed yet. The
923 * check_devices function is a callout timer that checks if ALL devices
924 * are missing. If so, it will wait a little longer for events to
925 * complete and keep resetting itself until some device in the mapping
926 * table is not missing, meaning that event processing has started.
928 if (sc->track_mapping_events) {
929 mps_dprint(sc, MPS_XINFO | MPS_MAPPING, "Discovery has "
930 "completed. Check for missing devices in the mapping "
932 callout_reset(&sc->device_check_callout,
933 MPS_MISSING_CHECK_DELAY * hz, mps_mapping_check_devices,
939 mpssas_action(struct cam_sim *sim, union ccb *ccb)
941 struct mpssas_softc *sassc;
943 sassc = cam_sim_softc(sim);
945 MPS_FUNCTRACE(sassc->sc);
946 mps_dprint(sassc->sc, MPS_TRACE, "ccb func_code 0x%x\n",
947 ccb->ccb_h.func_code);
948 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED);
950 switch (ccb->ccb_h.func_code) {
953 struct ccb_pathinq *cpi = &ccb->cpi;
954 struct mps_softc *sc = sassc->sc;
955 uint8_t sges_per_frame;
957 cpi->version_num = 1;
958 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
959 cpi->target_sprt = 0;
960 #if __FreeBSD_version >= 1000039
961 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN;
963 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED;
965 cpi->hba_eng_cnt = 0;
966 cpi->max_target = sassc->maxtargets - 1;
970 * initiator_id is set here to an ID outside the set of valid
971 * target IDs (including volumes).
973 cpi->initiator_id = sassc->maxtargets;
974 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
975 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN);
976 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
977 cpi->unit_number = cam_sim_unit(sim);
978 cpi->bus_id = cam_sim_bus(sim);
979 cpi->base_transfer_speed = 150000;
980 cpi->transport = XPORT_SAS;
981 cpi->transport_version = 0;
982 cpi->protocol = PROTO_SCSI;
983 cpi->protocol_version = SCSI_REV_SPC;
986 * Max IO Size is Page Size * the following:
987 * ((SGEs per frame - 1 for chain element) *
988 * Max Chain Depth) + 1 for no chain needed in last frame
990 * If user suggests a Max IO size to use, use the smaller of the
991 * user's value and the calculated value as long as the user's
992 * value is larger than 0. The user's value is in pages.
994 sges_per_frame = ((sc->facts->IOCRequestFrameSize * 4) /
995 sizeof(MPI2_SGE_SIMPLE64)) - 1;
996 cpi->maxio = (sges_per_frame * sc->facts->MaxChainDepth) + 1;
997 cpi->maxio *= PAGE_SIZE;
998 if ((sc->max_io_pages > 0) && (sc->max_io_pages * PAGE_SIZE <
1000 cpi->maxio = sc->max_io_pages * PAGE_SIZE;
1001 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1004 case XPT_GET_TRAN_SETTINGS:
1006 struct ccb_trans_settings *cts;
1007 struct ccb_trans_settings_sas *sas;
1008 struct ccb_trans_settings_scsi *scsi;
1009 struct mpssas_target *targ;
1012 sas = &cts->xport_specific.sas;
1013 scsi = &cts->proto_specific.scsi;
1015 KASSERT(cts->ccb_h.target_id < sassc->maxtargets,
1016 ("Target %d out of bounds in XPT_GET_TRANS_SETTINGS\n",
1017 cts->ccb_h.target_id));
1018 targ = &sassc->targets[cts->ccb_h.target_id];
1019 if (targ->handle == 0x0) {
1020 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1024 cts->protocol_version = SCSI_REV_SPC2;
1025 cts->transport = XPORT_SAS;
1026 cts->transport_version = 0;
1028 sas->valid = CTS_SAS_VALID_SPEED;
1029 switch (targ->linkrate) {
1031 sas->bitrate = 150000;
1034 sas->bitrate = 300000;
1037 sas->bitrate = 600000;
1043 cts->protocol = PROTO_SCSI;
1044 scsi->valid = CTS_SCSI_VALID_TQ;
1045 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
1047 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1050 case XPT_CALC_GEOMETRY:
1051 cam_calc_geometry(&ccb->ccg, /*extended*/1);
1052 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1055 mps_dprint(sassc->sc, MPS_XINFO, "mpssas_action XPT_RESET_DEV\n");
1056 mpssas_action_resetdev(sassc, ccb);
1061 mps_dprint(sassc->sc, MPS_XINFO,
1062 "mpssas_action faking success for abort or reset\n");
1063 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1066 mpssas_action_scsiio(sassc, ccb);
1068 #if __FreeBSD_version >= 900026
1070 mpssas_action_smpio(sassc, ccb);
1074 mpssas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL);
1082 mpssas_announce_reset(struct mps_softc *sc, uint32_t ac_code,
1083 target_id_t target_id, lun_id_t lun_id)
1085 path_id_t path_id = cam_sim_path(sc->sassc->sim);
1086 struct cam_path *path;
1088 mps_dprint(sc, MPS_XINFO, "%s code %x target %d lun %jx\n", __func__,
1089 ac_code, target_id, (uintmax_t)lun_id);
1091 if (xpt_create_path(&path, NULL,
1092 path_id, target_id, lun_id) != CAM_REQ_CMP) {
1093 mps_dprint(sc, MPS_ERROR, "unable to create path for reset "
1098 xpt_async(ac_code, path, NULL);
1099 xpt_free_path(path);
1103 mpssas_complete_all_commands(struct mps_softc *sc)
1105 struct mps_command *cm;
1110 mtx_assert(&sc->mps_mtx, MA_OWNED);
1112 /* complete all commands with a NULL reply */
1113 for (i = 1; i < sc->num_reqs; i++) {
1114 cm = &sc->commands[i];
1115 cm->cm_reply = NULL;
1118 if (cm->cm_flags & MPS_CM_FLAGS_POLLED)
1119 cm->cm_flags |= MPS_CM_FLAGS_COMPLETE;
1121 if (cm->cm_complete != NULL) {
1122 mpssas_log_command(cm, MPS_RECOVERY,
1123 "completing cm %p state %x ccb %p for diag reset\n",
1124 cm, cm->cm_state, cm->cm_ccb);
1126 cm->cm_complete(sc, cm);
1130 if (cm->cm_flags & MPS_CM_FLAGS_WAKEUP) {
1131 mpssas_log_command(cm, MPS_RECOVERY,
1132 "waking up cm %p state %x ccb %p for diag reset\n",
1133 cm, cm->cm_state, cm->cm_ccb);
1138 if (cm->cm_sc->io_cmds_active != 0)
1139 cm->cm_sc->io_cmds_active--;
1141 if ((completed == 0) && (cm->cm_state != MPS_CM_STATE_FREE)) {
1142 /* this should never happen, but if it does, log */
1143 mpssas_log_command(cm, MPS_RECOVERY,
1144 "cm %p state %x flags 0x%x ccb %p during diag "
1145 "reset\n", cm, cm->cm_state, cm->cm_flags,
1152 mpssas_handle_reinit(struct mps_softc *sc)
1156 /* Go back into startup mode and freeze the simq, so that CAM
1157 * doesn't send any commands until after we've rediscovered all
1158 * targets and found the proper device handles for them.
1160 * After the reset, portenable will trigger discovery, and after all
1161 * discovery-related activities have finished, the simq will be
1164 mps_dprint(sc, MPS_INIT, "%s startup\n", __func__);
1165 sc->sassc->flags |= MPSSAS_IN_STARTUP;
1166 sc->sassc->flags |= MPSSAS_IN_DISCOVERY;
1167 mpssas_startup_increment(sc->sassc);
1169 /* notify CAM of a bus reset */
1170 mpssas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD,
1173 /* complete and cleanup after all outstanding commands */
1174 mpssas_complete_all_commands(sc);
1176 mps_dprint(sc, MPS_INIT,
1177 "%s startup %u after command completion\n", __func__,
1178 sc->sassc->startup_refcount);
1180 /* zero all the target handles, since they may change after the
1181 * reset, and we have to rediscover all the targets and use the new
1184 for (i = 0; i < sc->sassc->maxtargets; i++) {
1185 if (sc->sassc->targets[i].outstanding != 0)
1186 mps_dprint(sc, MPS_INIT, "target %u outstanding %u\n",
1187 i, sc->sassc->targets[i].outstanding);
1188 sc->sassc->targets[i].handle = 0x0;
1189 sc->sassc->targets[i].exp_dev_handle = 0x0;
1190 sc->sassc->targets[i].outstanding = 0;
1191 sc->sassc->targets[i].flags = MPSSAS_TARGET_INDIAGRESET;
1196 mpssas_tm_timeout(void *data)
1198 struct mps_command *tm = data;
1199 struct mps_softc *sc = tm->cm_sc;
1201 mtx_assert(&sc->mps_mtx, MA_OWNED);
1203 mpssas_log_command(tm, MPS_INFO|MPS_RECOVERY,
1204 "task mgmt %p timed out\n", tm);
1209 mpssas_logical_unit_reset_complete(struct mps_softc *sc, struct mps_command *tm)
1211 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1212 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1213 unsigned int cm_count = 0;
1214 struct mps_command *cm;
1215 struct mpssas_target *targ;
1217 callout_stop(&tm->cm_callout);
1219 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1220 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1224 * Currently there should be no way we can hit this case. It only
1225 * happens when we have a failure to allocate chain frames, and
1226 * task management commands don't have S/G lists.
1227 * XXXSL So should it be an assertion?
1229 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1230 mps_dprint(sc, MPS_ERROR, "%s: cm_flags = %#x for LUN reset! "
1231 "This should not happen!\n", __func__, tm->cm_flags);
1232 mpssas_free_tm(sc, tm);
1236 if (reply == NULL) {
1237 mpssas_log_command(tm, MPS_RECOVERY,
1238 "NULL reset reply for tm %p\n", tm);
1239 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1240 /* this completion was due to a reset, just cleanup */
1242 mpssas_free_tm(sc, tm);
1245 /* we should have gotten a reply. */
1251 mpssas_log_command(tm, MPS_RECOVERY,
1252 "logical unit reset status 0x%x code 0x%x count %u\n",
1253 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1254 le32toh(reply->TerminationCount));
1256 /* See if there are any outstanding commands for this LUN.
1257 * This could be made more efficient by using a per-LU data
1258 * structure of some sort.
1260 TAILQ_FOREACH(cm, &targ->commands, cm_link) {
1261 if (cm->cm_lun == tm->cm_lun)
1265 if (cm_count == 0) {
1266 mpssas_log_command(tm, MPS_RECOVERY|MPS_INFO,
1267 "logical unit %u finished recovery after reset\n",
1270 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
1273 /* we've finished recovery for this logical unit. check and
1274 * see if some other logical unit has a timedout command
1275 * that needs to be processed.
1277 cm = TAILQ_FIRST(&targ->timedout_commands);
1279 mpssas_send_abort(sc, tm, cm);
1283 mpssas_free_tm(sc, tm);
1287 /* if we still have commands for this LUN, the reset
1288 * effectively failed, regardless of the status reported.
1289 * Escalate to a target reset.
1291 mpssas_log_command(tm, MPS_RECOVERY,
1292 "logical unit reset complete for tm %p, but still have %u command(s)\n",
1294 mpssas_send_reset(sc, tm,
1295 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET);
1300 mpssas_target_reset_complete(struct mps_softc *sc, struct mps_command *tm)
1302 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1303 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1304 struct mpssas_target *targ;
1306 callout_stop(&tm->cm_callout);
1308 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1309 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1313 * Currently there should be no way we can hit this case. It only
1314 * happens when we have a failure to allocate chain frames, and
1315 * task management commands don't have S/G lists.
1317 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1318 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x for target reset! "
1319 "This should not happen!\n", __func__, tm->cm_flags);
1320 mpssas_free_tm(sc, tm);
1324 if (reply == NULL) {
1325 mpssas_log_command(tm, MPS_RECOVERY,
1326 "NULL reset reply for tm %p\n", tm);
1327 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1328 /* this completion was due to a reset, just cleanup */
1330 mpssas_free_tm(sc, tm);
1333 /* we should have gotten a reply. */
1339 mpssas_log_command(tm, MPS_RECOVERY,
1340 "target reset status 0x%x code 0x%x count %u\n",
1341 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1342 le32toh(reply->TerminationCount));
1344 if (targ->outstanding == 0) {
1345 /* we've finished recovery for this target and all
1346 * of its logical units.
1348 mpssas_log_command(tm, MPS_RECOVERY|MPS_INFO,
1349 "recovery finished after target reset\n");
1351 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
1355 mpssas_free_tm(sc, tm);
1358 /* after a target reset, if this target still has
1359 * outstanding commands, the reset effectively failed,
1360 * regardless of the status reported. escalate.
1362 mpssas_log_command(tm, MPS_RECOVERY,
1363 "target reset complete for tm %p, but still have %u command(s)\n",
1364 tm, targ->outstanding);
1369 #define MPS_RESET_TIMEOUT 30
1372 mpssas_send_reset(struct mps_softc *sc, struct mps_command *tm, uint8_t type)
1374 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1375 struct mpssas_target *target;
1378 target = tm->cm_targ;
1379 if (target->handle == 0) {
1380 mps_dprint(sc, MPS_ERROR,"%s null devhandle for target_id %d\n",
1381 __func__, target->tid);
1385 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1386 req->DevHandle = htole16(target->handle);
1387 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
1388 req->TaskType = type;
1390 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) {
1391 /* XXX Need to handle invalid LUNs */
1392 MPS_SET_LUN(req->LUN, tm->cm_lun);
1393 tm->cm_targ->logical_unit_resets++;
1394 mpssas_log_command(tm, MPS_RECOVERY|MPS_INFO,
1395 "sending logical unit reset\n");
1396 tm->cm_complete = mpssas_logical_unit_reset_complete;
1397 mpssas_prepare_for_tm(sc, tm, target, tm->cm_lun);
1399 else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) {
1401 * Target reset method =
1402 * SAS Hard Link Reset / SATA Link Reset
1404 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
1405 tm->cm_targ->target_resets++;
1406 mpssas_log_command(tm, MPS_RECOVERY|MPS_INFO,
1407 "sending target reset\n");
1408 tm->cm_complete = mpssas_target_reset_complete;
1409 mpssas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD);
1412 mps_dprint(sc, MPS_ERROR, "unexpected reset type 0x%x\n", type);
1417 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
1418 tm->cm_complete_data = (void *)tm;
1420 callout_reset(&tm->cm_callout, MPS_RESET_TIMEOUT * hz,
1421 mpssas_tm_timeout, tm);
1423 err = mps_map_command(sc, tm);
1425 mpssas_log_command(tm, MPS_RECOVERY,
1426 "error %d sending reset type %u\n",
1434 mpssas_abort_complete(struct mps_softc *sc, struct mps_command *tm)
1436 struct mps_command *cm;
1437 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1438 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1439 struct mpssas_target *targ;
1441 callout_stop(&tm->cm_callout);
1443 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1444 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1448 * Currently there should be no way we can hit this case. It only
1449 * happens when we have a failure to allocate chain frames, and
1450 * task management commands don't have S/G lists.
1452 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1453 mpssas_log_command(tm, MPS_RECOVERY,
1454 "cm_flags = %#x for abort %p TaskMID %u!\n",
1455 tm->cm_flags, tm, le16toh(req->TaskMID));
1456 mpssas_free_tm(sc, tm);
1460 if (reply == NULL) {
1461 mpssas_log_command(tm, MPS_RECOVERY,
1462 "NULL abort reply for tm %p TaskMID %u\n",
1463 tm, le16toh(req->TaskMID));
1464 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1465 /* this completion was due to a reset, just cleanup */
1467 mpssas_free_tm(sc, tm);
1470 /* we should have gotten a reply. */
1476 mpssas_log_command(tm, MPS_RECOVERY,
1477 "abort TaskMID %u status 0x%x code 0x%x count %u\n",
1478 le16toh(req->TaskMID),
1479 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1480 le32toh(reply->TerminationCount));
1482 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands);
1484 /* if there are no more timedout commands, we're done with
1485 * error recovery for this target.
1487 mpssas_log_command(tm, MPS_RECOVERY,
1488 "finished recovery after aborting TaskMID %u\n",
1489 le16toh(req->TaskMID));
1492 mpssas_free_tm(sc, tm);
1494 else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) {
1495 /* abort success, but we have more timedout commands to abort */
1496 mpssas_log_command(tm, MPS_RECOVERY,
1497 "continuing recovery after aborting TaskMID %u\n",
1498 le16toh(req->TaskMID));
1500 mpssas_send_abort(sc, tm, cm);
1503 /* we didn't get a command completion, so the abort
1504 * failed as far as we're concerned. escalate.
1506 mpssas_log_command(tm, MPS_RECOVERY,
1507 "abort failed for TaskMID %u tm %p\n",
1508 le16toh(req->TaskMID), tm);
1510 mpssas_send_reset(sc, tm,
1511 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET);
1515 #define MPS_ABORT_TIMEOUT 5
1518 mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, struct mps_command *cm)
1520 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1521 struct mpssas_target *targ;
1525 if (targ->handle == 0) {
1526 mps_dprint(sc, MPS_ERROR,"%s null devhandle for target_id %d\n",
1527 __func__, cm->cm_ccb->ccb_h.target_id);
1531 mpssas_log_command(cm, MPS_RECOVERY|MPS_INFO,
1532 "Aborting command %p\n", cm);
1534 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1535 req->DevHandle = htole16(targ->handle);
1536 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
1537 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK;
1539 /* XXX Need to handle invalid LUNs */
1540 MPS_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun);
1542 req->TaskMID = htole16(cm->cm_desc.Default.SMID);
1545 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
1546 tm->cm_complete = mpssas_abort_complete;
1547 tm->cm_complete_data = (void *)tm;
1548 tm->cm_targ = cm->cm_targ;
1549 tm->cm_lun = cm->cm_lun;
1551 callout_reset(&tm->cm_callout, MPS_ABORT_TIMEOUT * hz,
1552 mpssas_tm_timeout, tm);
1556 mps_dprint(sc, MPS_INFO, "Sending reset from %s for target ID %d\n",
1557 __func__, targ->tid);
1558 mpssas_prepare_for_tm(sc, tm, targ, tm->cm_lun);
1560 err = mps_map_command(sc, tm);
1562 mps_dprint(sc, MPS_RECOVERY,
1563 "error %d sending abort for cm %p SMID %u\n",
1564 err, cm, req->TaskMID);
1569 mpssas_scsiio_timeout(void *data)
1571 struct mps_softc *sc;
1572 struct mps_command *cm;
1573 struct mpssas_target *targ;
1575 cm = (struct mps_command *)data;
1579 mtx_assert(&sc->mps_mtx, MA_OWNED);
1581 mps_dprint(sc, MPS_XINFO, "Timeout checking cm %p\n", sc);
1584 * Run the interrupt handler to make sure it's not pending. This
1585 * isn't perfect because the command could have already completed
1586 * and been re-used, though this is unlikely.
1588 mps_intr_locked(sc);
1589 if (cm->cm_state == MPS_CM_STATE_FREE) {
1590 mpssas_log_command(cm, MPS_XINFO,
1591 "SCSI command %p almost timed out\n", cm);
1595 if (cm->cm_ccb == NULL) {
1596 mps_dprint(sc, MPS_ERROR, "command timeout with NULL ccb\n");
1603 mpssas_log_command(cm, MPS_ERROR, "command timeout %d cm %p target "
1604 "%u, handle(0x%04x)\n", cm->cm_ccb->ccb_h.timeout, cm, targ->tid,
1607 /* XXX first, check the firmware state, to see if it's still
1608 * operational. if not, do a diag reset.
1610 mpssas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT);
1611 cm->cm_state = MPS_CM_STATE_TIMEDOUT;
1612 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery);
1614 if (targ->tm != NULL) {
1615 /* target already in recovery, just queue up another
1616 * timedout command to be processed later.
1618 mps_dprint(sc, MPS_RECOVERY,
1619 "queued timedout cm %p for processing by tm %p\n",
1622 else if ((targ->tm = mpssas_alloc_tm(sc)) != NULL) {
1623 mps_dprint(sc, MPS_RECOVERY, "timedout cm %p allocated tm %p\n",
1626 /* start recovery by aborting the first timedout command */
1627 mpssas_send_abort(sc, targ->tm, cm);
1630 /* XXX queue this target up for recovery once a TM becomes
1631 * available. The firmware only has a limited number of
1632 * HighPriority credits for the high priority requests used
1633 * for task management, and we ran out.
1635 * Isilon: don't worry about this for now, since we have
1636 * more credits than disks in an enclosure, and limit
1637 * ourselves to one TM per target for recovery.
1639 mps_dprint(sc, MPS_RECOVERY,
1640 "timedout cm %p failed to allocate a tm\n", cm);
1646 mpssas_action_scsiio(struct mpssas_softc *sassc, union ccb *ccb)
1648 MPI2_SCSI_IO_REQUEST *req;
1649 struct ccb_scsiio *csio;
1650 struct mps_softc *sc;
1651 struct mpssas_target *targ;
1652 struct mpssas_lun *lun;
1653 struct mps_command *cm;
1654 uint8_t i, lba_byte, *ref_tag_addr;
1655 uint16_t eedp_flags;
1656 uint32_t mpi_control;
1660 mtx_assert(&sc->mps_mtx, MA_OWNED);
1663 KASSERT(csio->ccb_h.target_id < sassc->maxtargets,
1664 ("Target %d out of bounds in XPT_SCSI_IO\n",
1665 csio->ccb_h.target_id));
1666 targ = &sassc->targets[csio->ccb_h.target_id];
1667 mps_dprint(sc, MPS_TRACE, "ccb %p target flag %x\n", ccb, targ->flags);
1668 if (targ->handle == 0x0) {
1669 mps_dprint(sc, MPS_ERROR, "%s NULL handle for target %u\n",
1670 __func__, csio->ccb_h.target_id);
1671 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1675 if (targ->flags & MPS_TARGET_FLAGS_RAID_COMPONENT) {
1676 mps_dprint(sc, MPS_ERROR, "%s Raid component no SCSI IO "
1677 "supported %u\n", __func__, csio->ccb_h.target_id);
1678 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1683 * Sometimes, it is possible to get a command that is not "In
1684 * Progress" and was actually aborted by the upper layer. Check for
1685 * this here and complete the command without error.
1687 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_INPROG) {
1688 mps_dprint(sc, MPS_TRACE, "%s Command is not in progress for "
1689 "target %u\n", __func__, csio->ccb_h.target_id);
1694 * If devinfo is 0 this will be a volume. In that case don't tell CAM
1695 * that the volume has timed out. We want volumes to be enumerated
1696 * until they are deleted/removed, not just failed.
1698 if (targ->flags & MPSSAS_TARGET_INREMOVAL) {
1699 if (targ->devinfo == 0)
1700 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1702 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT);
1707 if ((sc->mps_flags & MPS_FLAGS_SHUTDOWN) != 0) {
1708 mps_dprint(sc, MPS_INFO, "%s shutting down\n", __func__);
1709 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1715 * If target has a reset in progress, freeze the devq and return. The
1716 * devq will be released when the TM reset is finished.
1718 if (targ->flags & MPSSAS_TARGET_INRESET) {
1719 ccb->ccb_h.status = CAM_BUSY | CAM_DEV_QFRZN;
1720 mps_dprint(sc, MPS_INFO, "%s: Freezing devq for target ID %d\n",
1721 __func__, targ->tid);
1722 xpt_freeze_devq(ccb->ccb_h.path, 1);
1727 cm = mps_alloc_command(sc);
1728 if (cm == NULL || (sc->mps_flags & MPS_FLAGS_DIAGRESET)) {
1730 mps_free_command(sc, cm);
1732 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) {
1733 xpt_freeze_simq(sassc->sim, 1);
1734 sassc->flags |= MPSSAS_QUEUE_FROZEN;
1736 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1737 ccb->ccb_h.status |= CAM_REQUEUE_REQ;
1742 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req;
1743 bzero(req, sizeof(*req));
1744 req->DevHandle = htole16(targ->handle);
1745 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST;
1747 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr);
1748 req->SenseBufferLength = MPS_SENSE_LEN;
1750 req->ChainOffset = 0;
1751 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */
1756 req->DataLength = htole32(csio->dxfer_len);
1757 req->BidirectionalDataLength = 0;
1758 req->IoFlags = htole16(csio->cdb_len);
1761 /* Note: BiDirectional transfers are not supported */
1762 switch (csio->ccb_h.flags & CAM_DIR_MASK) {
1764 mpi_control = MPI2_SCSIIO_CONTROL_READ;
1765 cm->cm_flags |= MPS_CM_FLAGS_DATAIN;
1768 mpi_control = MPI2_SCSIIO_CONTROL_WRITE;
1769 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT;
1773 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER;
1777 if (csio->cdb_len == 32)
1778 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT;
1780 * It looks like the hardware doesn't require an explicit tag
1781 * number for each transaction. SAM Task Management not supported
1784 switch (csio->tag_action) {
1785 case MSG_HEAD_OF_Q_TAG:
1786 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ;
1788 case MSG_ORDERED_Q_TAG:
1789 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ;
1792 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ;
1794 case CAM_TAG_ACTION_NONE:
1795 case MSG_SIMPLE_Q_TAG:
1797 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ;
1800 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits;
1801 req->Control = htole32(mpi_control);
1802 if (MPS_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) {
1803 mps_free_command(sc, cm);
1804 mpssas_set_ccbstatus(ccb, CAM_LUN_INVALID);
1809 if (csio->ccb_h.flags & CAM_CDB_POINTER)
1810 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len);
1812 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len);
1813 req->IoFlags = htole16(csio->cdb_len);
1816 * Check if EEDP is supported and enabled. If it is then check if the
1817 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and
1818 * is formatted for EEDP support. If all of this is true, set CDB up
1819 * for EEDP transfer.
1821 eedp_flags = op_code_prot[req->CDB.CDB32[0]];
1822 if (sc->eedp_enabled && eedp_flags) {
1823 SLIST_FOREACH(lun, &targ->luns, lun_link) {
1824 if (lun->lun_id == csio->ccb_h.target_lun) {
1829 if ((lun != NULL) && (lun->eedp_formatted)) {
1830 req->EEDPBlockSize = htole16(lun->eedp_block_size);
1831 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG |
1832 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG |
1833 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD);
1834 req->EEDPFlags = htole16(eedp_flags);
1837 * If CDB less than 32, fill in Primary Ref Tag with
1838 * low 4 bytes of LBA. If CDB is 32, tag stuff is
1839 * already there. Also, set protection bit. FreeBSD
1840 * currently does not support CDBs bigger than 16, but
1841 * the code doesn't hurt, and will be here for the
1844 if (csio->cdb_len != 32) {
1845 lba_byte = (csio->cdb_len == 16) ? 6 : 2;
1846 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32.
1847 PrimaryReferenceTag;
1848 for (i = 0; i < 4; i++) {
1850 req->CDB.CDB32[lba_byte + i];
1853 req->CDB.EEDP32.PrimaryReferenceTag =
1854 htole32(req->CDB.EEDP32.PrimaryReferenceTag);
1855 req->CDB.EEDP32.PrimaryApplicationTagMask =
1857 req->CDB.CDB32[1] = (req->CDB.CDB32[1] & 0x1F) |
1861 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG;
1862 req->EEDPFlags = htole16(eedp_flags);
1863 req->CDB.CDB32[10] = (req->CDB.CDB32[10] &
1869 cm->cm_length = csio->dxfer_len;
1870 if (cm->cm_length != 0) {
1872 cm->cm_flags |= MPS_CM_FLAGS_USE_CCB;
1876 cm->cm_sge = &req->SGL;
1877 cm->cm_sglsize = (32 - 24) * 4;
1878 cm->cm_desc.SCSIIO.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO;
1879 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle);
1880 cm->cm_complete = mpssas_scsiio_complete;
1881 cm->cm_complete_data = ccb;
1883 cm->cm_lun = csio->ccb_h.target_lun;
1887 * If HBA is a WD and the command is not for a retry, try to build a
1888 * direct I/O message. If failed, or the command is for a retry, send
1889 * the I/O to the IR volume itself.
1891 if (sc->WD_valid_config) {
1892 if (ccb->ccb_h.sim_priv.entries[0].field == MPS_WD_RETRY) {
1893 mpssas_direct_drive_io(sassc, cm, ccb);
1895 mpssas_set_ccbstatus(ccb, CAM_REQ_INPROG);
1899 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING)
1900 if (csio->bio != NULL)
1901 biotrack(csio->bio, __func__);
1903 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0,
1904 mpssas_scsiio_timeout, cm, 0);
1907 targ->outstanding++;
1908 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link);
1909 ccb->ccb_h.status |= CAM_SIM_QUEUED;
1911 mpssas_log_command(cm, MPS_XINFO, "%s cm %p ccb %p outstanding %u\n",
1912 __func__, cm, ccb, targ->outstanding);
1914 mps_map_command(sc, cm);
1919 mps_response_code(struct mps_softc *sc, u8 response_code)
1923 switch (response_code) {
1924 case MPI2_SCSITASKMGMT_RSP_TM_COMPLETE:
1925 desc = "task management request completed";
1927 case MPI2_SCSITASKMGMT_RSP_INVALID_FRAME:
1928 desc = "invalid frame";
1930 case MPI2_SCSITASKMGMT_RSP_TM_NOT_SUPPORTED:
1931 desc = "task management request not supported";
1933 case MPI2_SCSITASKMGMT_RSP_TM_FAILED:
1934 desc = "task management request failed";
1936 case MPI2_SCSITASKMGMT_RSP_TM_SUCCEEDED:
1937 desc = "task management request succeeded";
1939 case MPI2_SCSITASKMGMT_RSP_TM_INVALID_LUN:
1940 desc = "invalid lun";
1943 desc = "overlapped tag attempted";
1945 case MPI2_SCSITASKMGMT_RSP_IO_QUEUED_ON_IOC:
1946 desc = "task queued, however not sent to target";
1952 mps_dprint(sc, MPS_XINFO, "response_code(0x%01x): %s\n",
1953 response_code, desc);
1956 * mps_sc_failed_io_info - translated non-succesfull SCSI_IO request
1959 mps_sc_failed_io_info(struct mps_softc *sc, struct ccb_scsiio *csio,
1960 Mpi2SCSIIOReply_t *mpi_reply)
1964 u16 ioc_status = le16toh(mpi_reply->IOCStatus) &
1965 MPI2_IOCSTATUS_MASK;
1966 u8 scsi_state = mpi_reply->SCSIState;
1967 u8 scsi_status = mpi_reply->SCSIStatus;
1968 char *desc_ioc_state = NULL;
1969 char *desc_scsi_status = NULL;
1970 char *desc_scsi_state = sc->tmp_string;
1971 u32 log_info = le32toh(mpi_reply->IOCLogInfo);
1973 if (log_info == 0x31170000)
1976 switch (ioc_status) {
1977 case MPI2_IOCSTATUS_SUCCESS:
1978 desc_ioc_state = "success";
1980 case MPI2_IOCSTATUS_INVALID_FUNCTION:
1981 desc_ioc_state = "invalid function";
1983 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR:
1984 desc_ioc_state = "scsi recovered error";
1986 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE:
1987 desc_ioc_state = "scsi invalid dev handle";
1989 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
1990 desc_ioc_state = "scsi device not there";
1992 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN:
1993 desc_ioc_state = "scsi data overrun";
1995 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN:
1996 desc_ioc_state = "scsi data underrun";
1998 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR:
1999 desc_ioc_state = "scsi io data error";
2001 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR:
2002 desc_ioc_state = "scsi protocol error";
2004 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED:
2005 desc_ioc_state = "scsi task terminated";
2007 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
2008 desc_ioc_state = "scsi residual mismatch";
2010 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
2011 desc_ioc_state = "scsi task mgmt failed";
2013 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED:
2014 desc_ioc_state = "scsi ioc terminated";
2016 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED:
2017 desc_ioc_state = "scsi ext terminated";
2019 case MPI2_IOCSTATUS_EEDP_GUARD_ERROR:
2020 desc_ioc_state = "eedp guard error";
2022 case MPI2_IOCSTATUS_EEDP_REF_TAG_ERROR:
2023 desc_ioc_state = "eedp ref tag error";
2025 case MPI2_IOCSTATUS_EEDP_APP_TAG_ERROR:
2026 desc_ioc_state = "eedp app tag error";
2029 desc_ioc_state = "unknown";
2033 switch (scsi_status) {
2034 case MPI2_SCSI_STATUS_GOOD:
2035 desc_scsi_status = "good";
2037 case MPI2_SCSI_STATUS_CHECK_CONDITION:
2038 desc_scsi_status = "check condition";
2040 case MPI2_SCSI_STATUS_CONDITION_MET:
2041 desc_scsi_status = "condition met";
2043 case MPI2_SCSI_STATUS_BUSY:
2044 desc_scsi_status = "busy";
2046 case MPI2_SCSI_STATUS_INTERMEDIATE:
2047 desc_scsi_status = "intermediate";
2049 case MPI2_SCSI_STATUS_INTERMEDIATE_CONDMET:
2050 desc_scsi_status = "intermediate condmet";
2052 case MPI2_SCSI_STATUS_RESERVATION_CONFLICT:
2053 desc_scsi_status = "reservation conflict";
2055 case MPI2_SCSI_STATUS_COMMAND_TERMINATED:
2056 desc_scsi_status = "command terminated";
2058 case MPI2_SCSI_STATUS_TASK_SET_FULL:
2059 desc_scsi_status = "task set full";
2061 case MPI2_SCSI_STATUS_ACA_ACTIVE:
2062 desc_scsi_status = "aca active";
2064 case MPI2_SCSI_STATUS_TASK_ABORTED:
2065 desc_scsi_status = "task aborted";
2068 desc_scsi_status = "unknown";
2072 desc_scsi_state[0] = '\0';
2074 desc_scsi_state = " ";
2075 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID)
2076 strcat(desc_scsi_state, "response info ");
2077 if (scsi_state & MPI2_SCSI_STATE_TERMINATED)
2078 strcat(desc_scsi_state, "state terminated ");
2079 if (scsi_state & MPI2_SCSI_STATE_NO_SCSI_STATUS)
2080 strcat(desc_scsi_state, "no status ");
2081 if (scsi_state & MPI2_SCSI_STATE_AUTOSENSE_FAILED)
2082 strcat(desc_scsi_state, "autosense failed ");
2083 if (scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID)
2084 strcat(desc_scsi_state, "autosense valid ");
2086 mps_dprint(sc, MPS_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n",
2087 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status);
2088 /* We can add more detail about underflow data here
2091 mps_dprint(sc, MPS_XINFO, "\tscsi_status(%s)(0x%02x), "
2092 "scsi_state(%s)(0x%02x)\n", desc_scsi_status, scsi_status,
2093 desc_scsi_state, scsi_state);
2095 if (sc->mps_debug & MPS_XINFO &&
2096 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
2097 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : Start :\n");
2098 scsi_sense_print(csio);
2099 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : End :\n");
2102 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) {
2103 response_info = le32toh(mpi_reply->ResponseInfo);
2104 response_bytes = (u8 *)&response_info;
2105 mps_response_code(sc,response_bytes[0]);
2110 mpssas_scsiio_complete(struct mps_softc *sc, struct mps_command *cm)
2112 MPI2_SCSI_IO_REPLY *rep;
2114 struct ccb_scsiio *csio;
2115 struct mpssas_softc *sassc;
2116 struct scsi_vpd_supported_page_list *vpd_list = NULL;
2117 u8 *TLR_bits, TLR_on;
2120 struct mpssas_target *target;
2121 target_id_t target_id;
2124 mps_dprint(sc, MPS_TRACE,
2125 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm,
2126 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply,
2127 cm->cm_targ->outstanding);
2129 callout_stop(&cm->cm_callout);
2130 mtx_assert(&sc->mps_mtx, MA_OWNED);
2133 ccb = cm->cm_complete_data;
2135 target_id = csio->ccb_h.target_id;
2136 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply;
2138 * XXX KDM if the chain allocation fails, does it matter if we do
2139 * the sync and unload here? It is simpler to do it in every case,
2140 * assuming it doesn't cause problems.
2142 if (cm->cm_data != NULL) {
2143 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN)
2144 dir = BUS_DMASYNC_POSTREAD;
2145 else if (cm->cm_flags & MPS_CM_FLAGS_DATAOUT)
2146 dir = BUS_DMASYNC_POSTWRITE;
2147 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir);
2148 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2151 cm->cm_targ->completed++;
2152 cm->cm_targ->outstanding--;
2153 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link);
2154 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED);
2156 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING)
2157 if (ccb->csio.bio != NULL)
2158 biotrack(ccb->csio.bio, __func__);
2161 if (cm->cm_state == MPS_CM_STATE_TIMEDOUT) {
2162 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery);
2163 if (cm->cm_reply != NULL)
2164 mpssas_log_command(cm, MPS_RECOVERY,
2165 "completed timedout cm %p ccb %p during recovery "
2166 "ioc %x scsi %x state %x xfer %u\n",
2168 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2169 le32toh(rep->TransferCount));
2171 mpssas_log_command(cm, MPS_RECOVERY,
2172 "completed timedout cm %p ccb %p during recovery\n",
2174 } else if (cm->cm_targ->tm != NULL) {
2175 if (cm->cm_reply != NULL)
2176 mpssas_log_command(cm, MPS_RECOVERY,
2177 "completed cm %p ccb %p during recovery "
2178 "ioc %x scsi %x state %x xfer %u\n",
2180 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2181 le32toh(rep->TransferCount));
2183 mpssas_log_command(cm, MPS_RECOVERY,
2184 "completed cm %p ccb %p during recovery\n",
2186 } else if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
2187 mpssas_log_command(cm, MPS_RECOVERY,
2188 "reset completed cm %p ccb %p\n",
2192 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
2194 * We ran into an error after we tried to map the command,
2195 * so we're getting a callback without queueing the command
2196 * to the hardware. So we set the status here, and it will
2197 * be retained below. We'll go through the "fast path",
2198 * because there can be no reply when we haven't actually
2199 * gone out to the hardware.
2201 mpssas_set_ccbstatus(ccb, CAM_REQUEUE_REQ);
2204 * Currently the only error included in the mask is
2205 * MPS_CM_FLAGS_CHAIN_FAILED, which means we're out of
2206 * chain frames. We need to freeze the queue until we get
2207 * a command that completed without this error, which will
2208 * hopefully have some chain frames attached that we can
2209 * use. If we wanted to get smarter about it, we would
2210 * only unfreeze the queue in this condition when we're
2211 * sure that we're getting some chain frames back. That's
2212 * probably unnecessary.
2214 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) {
2215 xpt_freeze_simq(sassc->sim, 1);
2216 sassc->flags |= MPSSAS_QUEUE_FROZEN;
2217 mps_dprint(sc, MPS_XINFO, "Error sending command, "
2218 "freezing SIM queue\n");
2223 * If this is a Start Stop Unit command and it was issued by the driver
2224 * during shutdown, decrement the refcount to account for all of the
2225 * commands that were sent. All SSU commands should be completed before
2226 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started
2229 if (sc->SSU_started && (csio->cdb_io.cdb_bytes[0] == START_STOP_UNIT)) {
2230 mps_dprint(sc, MPS_INFO, "Decrementing SSU count.\n");
2234 /* Take the fast path to completion */
2235 if (cm->cm_reply == NULL) {
2236 if (mpssas_get_ccbstatus(ccb) == CAM_REQ_INPROG) {
2237 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0)
2238 mpssas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET);
2240 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2241 ccb->csio.scsi_status = SCSI_STATUS_OK;
2243 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
2244 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2245 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
2246 mps_dprint(sc, MPS_XINFO,
2247 "Unfreezing SIM queue\n");
2252 * There are two scenarios where the status won't be
2253 * CAM_REQ_CMP. The first is if MPS_CM_FLAGS_ERROR_MASK is
2254 * set, the second is in the MPS_FLAGS_DIAGRESET above.
2256 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2258 * Freeze the dev queue so that commands are
2259 * executed in the correct order after error
2262 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2263 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2265 mps_free_command(sc, cm);
2270 mpssas_log_command(cm, MPS_XINFO,
2271 "ioc %x scsi %x state %x xfer %u\n",
2272 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2273 le32toh(rep->TransferCount));
2276 * If this is a Direct Drive I/O, reissue the I/O to the original IR
2277 * Volume if an error occurred (normal I/O retry). Use the original
2278 * CCB, but set a flag that this will be a retry so that it's sent to
2279 * the original volume. Free the command but reuse the CCB.
2281 if (cm->cm_flags & MPS_CM_FLAGS_DD_IO) {
2282 mps_free_command(sc, cm);
2283 ccb->ccb_h.sim_priv.entries[0].field = MPS_WD_RETRY;
2284 mpssas_action_scsiio(sassc, ccb);
2287 ccb->ccb_h.sim_priv.entries[0].field = 0;
2289 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) {
2290 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN:
2291 csio->resid = cm->cm_length - le32toh(rep->TransferCount);
2293 case MPI2_IOCSTATUS_SUCCESS:
2294 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR:
2296 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
2297 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR)
2298 mpssas_log_command(cm, MPS_XINFO, "recovered error\n");
2300 /* Completion failed at the transport level. */
2301 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS |
2302 MPI2_SCSI_STATE_TERMINATED)) {
2303 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2307 /* In a modern packetized environment, an autosense failure
2308 * implies that there's not much else that can be done to
2309 * recover the command.
2311 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) {
2312 mpssas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL);
2317 * CAM doesn't care about SAS Response Info data, but if this is
2318 * the state check if TLR should be done. If not, clear the
2319 * TLR_bits for the target.
2321 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) &&
2322 ((le32toh(rep->ResponseInfo) &
2323 MPI2_SCSI_RI_MASK_REASONCODE) ==
2324 MPS_SCSI_RI_INVALID_FRAME)) {
2325 sc->mapping_table[target_id].TLR_bits =
2326 (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2330 * Intentionally override the normal SCSI status reporting
2331 * for these two cases. These are likely to happen in a
2332 * multi-initiator environment, and we want to make sure that
2333 * CAM retries these commands rather than fail them.
2335 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) ||
2336 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) {
2337 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2341 /* Handle normal status and sense */
2342 csio->scsi_status = rep->SCSIStatus;
2343 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD)
2344 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2346 mpssas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR);
2348 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
2349 int sense_len, returned_sense_len;
2351 returned_sense_len = min(le32toh(rep->SenseCount),
2352 sizeof(struct scsi_sense_data));
2353 if (returned_sense_len < ccb->csio.sense_len)
2354 ccb->csio.sense_resid = ccb->csio.sense_len -
2357 ccb->csio.sense_resid = 0;
2359 sense_len = min(returned_sense_len,
2360 ccb->csio.sense_len - ccb->csio.sense_resid);
2361 bzero(&ccb->csio.sense_data,
2362 sizeof(ccb->csio.sense_data));
2363 bcopy(cm->cm_sense, &ccb->csio.sense_data, sense_len);
2364 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
2368 * Check if this is an INQUIRY command. If it's a VPD inquiry,
2369 * and it's page code 0 (Supported Page List), and there is
2370 * inquiry data, and this is for a sequential access device, and
2371 * the device is an SSP target, and TLR is supported by the
2372 * controller, turn the TLR_bits value ON if page 0x90 is
2375 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) &&
2376 (csio->cdb_io.cdb_bytes[1] & SI_EVPD) &&
2377 (csio->cdb_io.cdb_bytes[2] == SVPD_SUPPORTED_PAGE_LIST) &&
2378 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) &&
2379 (csio->data_ptr != NULL) &&
2380 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) &&
2381 (sc->control_TLR) &&
2382 (sc->mapping_table[target_id].device_info &
2383 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) {
2384 vpd_list = (struct scsi_vpd_supported_page_list *)
2386 TLR_bits = &sc->mapping_table[target_id].TLR_bits;
2387 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2388 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON;
2389 alloc_len = ((u16)csio->cdb_io.cdb_bytes[3] << 8) +
2390 csio->cdb_io.cdb_bytes[4];
2391 alloc_len -= csio->resid;
2392 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) {
2393 if (vpd_list->list[i] == 0x90) {
2401 * If this is a SATA direct-access end device, mark it so that
2402 * a SCSI StartStopUnit command will be sent to it when the
2403 * driver is being shutdown.
2405 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) &&
2406 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) &&
2407 (sc->mapping_table[target_id].device_info &
2408 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) &&
2409 ((sc->mapping_table[target_id].device_info &
2410 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) ==
2411 MPI2_SAS_DEVICE_INFO_END_DEVICE)) {
2412 target = &sassc->targets[target_id];
2413 target->supports_SSU = TRUE;
2414 mps_dprint(sc, MPS_XINFO, "Target %d supports SSU\n",
2418 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE:
2419 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
2421 * If devinfo is 0 this will be a volume. In that case don't
2422 * tell CAM that the volume is not there. We want volumes to
2423 * be enumerated until they are deleted/removed, not just
2426 if (cm->cm_targ->devinfo == 0)
2427 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2429 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2431 case MPI2_IOCSTATUS_INVALID_SGL:
2432 mps_print_scsiio_cmd(sc, cm);
2433 mpssas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR);
2435 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED:
2437 * This is one of the responses that comes back when an I/O
2438 * has been aborted. If it is because of a timeout that we
2439 * initiated, just set the status to CAM_CMD_TIMEOUT.
2440 * Otherwise set it to CAM_REQ_ABORTED. The effect on the
2441 * command is the same (it gets retried, subject to the
2442 * retry counter), the only difference is what gets printed
2445 if (cm->cm_state == MPS_CM_STATE_TIMEDOUT)
2446 mpssas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT);
2448 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2450 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN:
2451 /* resid is ignored for this condition */
2453 mpssas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR);
2455 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED:
2456 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED:
2458 * These can sometimes be transient transport-related
2459 * errors, and sometimes persistent drive-related errors.
2460 * We used to retry these without decrementing the retry
2461 * count by returning CAM_REQUEUE_REQ. Unfortunately, if
2462 * we hit a persistent drive problem that returns one of
2463 * these error codes, we would retry indefinitely. So,
2464 * return CAM_REQ_CMP_ERROR so that we decrement the retry
2465 * count and avoid infinite retries. We're taking the
2466 * potential risk of flagging false failures in the event
2467 * of a topology-related error (e.g. a SAS expander problem
2468 * causes a command addressed to a drive to fail), but
2469 * avoiding getting into an infinite retry loop.
2471 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2472 mpssas_log_command(cm, MPS_INFO,
2473 "terminated ioc %x loginfo %x scsi %x state %x xfer %u\n",
2474 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo),
2475 rep->SCSIStatus, rep->SCSIState,
2476 le32toh(rep->TransferCount));
2478 case MPI2_IOCSTATUS_INVALID_FUNCTION:
2479 case MPI2_IOCSTATUS_INTERNAL_ERROR:
2480 case MPI2_IOCSTATUS_INVALID_VPID:
2481 case MPI2_IOCSTATUS_INVALID_FIELD:
2482 case MPI2_IOCSTATUS_INVALID_STATE:
2483 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED:
2484 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR:
2485 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR:
2486 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
2487 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
2489 mpssas_log_command(cm, MPS_XINFO,
2490 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n",
2491 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo),
2492 rep->SCSIStatus, rep->SCSIState,
2493 le32toh(rep->TransferCount));
2494 csio->resid = cm->cm_length;
2495 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2499 mps_sc_failed_io_info(sc,csio,rep);
2501 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
2502 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2503 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
2504 mps_dprint(sc, MPS_XINFO, "Command completed, "
2505 "unfreezing SIM queue\n");
2508 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2509 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2510 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2513 mps_free_command(sc, cm);
2517 /* All Request reached here are Endian safe */
2519 mpssas_direct_drive_io(struct mpssas_softc *sassc, struct mps_command *cm,
2521 pMpi2SCSIIORequest_t pIO_req;
2522 struct mps_softc *sc = sassc->sc;
2524 uint32_t physLBA, stripe_offset, stripe_unit;
2525 uint32_t io_size, column;
2526 uint8_t *ptrLBA, lba_idx, physLBA_byte, *CDB;
2529 * If this is a valid SCSI command (Read6, Read10, Read16, Write6,
2530 * Write10, or Write16), build a direct I/O message. Otherwise, the I/O
2531 * will be sent to the IR volume itself. Since Read6 and Write6 are a
2532 * bit different than the 10/16 CDBs, handle them separately.
2534 pIO_req = (pMpi2SCSIIORequest_t)cm->cm_req;
2535 CDB = pIO_req->CDB.CDB32;
2538 * Handle 6 byte CDBs.
2540 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_6) ||
2541 (CDB[0] == WRITE_6))) {
2543 * Get the transfer size in blocks.
2545 io_size = (cm->cm_length >> sc->DD_block_exponent);
2548 * Get virtual LBA given in the CDB.
2550 virtLBA = ((uint64_t)(CDB[1] & 0x1F) << 16) |
2551 ((uint64_t)CDB[2] << 8) | (uint64_t)CDB[3];
2554 * Check that LBA range for I/O does not exceed volume's
2557 if ((virtLBA + (uint64_t)io_size - 1) <=
2560 * Check if the I/O crosses a stripe boundary. If not,
2561 * translate the virtual LBA to a physical LBA and set
2562 * the DevHandle for the PhysDisk to be used. If it
2563 * does cross a boundary, do normal I/O. To get the
2564 * right DevHandle to use, get the map number for the
2565 * column, then use that map number to look up the
2566 * DevHandle of the PhysDisk.
2568 stripe_offset = (uint32_t)virtLBA &
2569 (sc->DD_stripe_size - 1);
2570 if ((stripe_offset + io_size) <= sc->DD_stripe_size) {
2571 physLBA = (uint32_t)virtLBA >>
2572 sc->DD_stripe_exponent;
2573 stripe_unit = physLBA / sc->DD_num_phys_disks;
2574 column = physLBA % sc->DD_num_phys_disks;
2575 pIO_req->DevHandle =
2576 htole16(sc->DD_column_map[column].dev_handle);
2577 /* ???? Is this endian safe*/
2578 cm->cm_desc.SCSIIO.DevHandle =
2581 physLBA = (stripe_unit <<
2582 sc->DD_stripe_exponent) + stripe_offset;
2583 ptrLBA = &pIO_req->CDB.CDB32[1];
2584 physLBA_byte = (uint8_t)(physLBA >> 16);
2585 *ptrLBA = physLBA_byte;
2586 ptrLBA = &pIO_req->CDB.CDB32[2];
2587 physLBA_byte = (uint8_t)(physLBA >> 8);
2588 *ptrLBA = physLBA_byte;
2589 ptrLBA = &pIO_req->CDB.CDB32[3];
2590 physLBA_byte = (uint8_t)physLBA;
2591 *ptrLBA = physLBA_byte;
2594 * Set flag that Direct Drive I/O is
2597 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2604 * Handle 10, 12 or 16 byte CDBs.
2606 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_10) ||
2607 (CDB[0] == WRITE_10) || (CDB[0] == READ_16) ||
2608 (CDB[0] == WRITE_16) || (CDB[0] == READ_12) ||
2609 (CDB[0] == WRITE_12))) {
2611 * For 16-byte CDB's, verify that the upper 4 bytes of the CDB
2612 * are 0. If not, this is accessing beyond 2TB so handle it in
2613 * the else section. 10-byte and 12-byte CDB's are OK.
2614 * FreeBSD sends very rare 12 byte READ/WRITE, but driver is
2615 * ready to accept 12byte CDB for Direct IOs.
2617 if ((CDB[0] == READ_10 || CDB[0] == WRITE_10) ||
2618 (CDB[0] == READ_12 || CDB[0] == WRITE_12) ||
2619 !(CDB[2] | CDB[3] | CDB[4] | CDB[5])) {
2621 * Get the transfer size in blocks.
2623 io_size = (cm->cm_length >> sc->DD_block_exponent);
2626 * Get virtual LBA. Point to correct lower 4 bytes of
2627 * LBA in the CDB depending on command.
2629 lba_idx = ((CDB[0] == READ_12) ||
2630 (CDB[0] == WRITE_12) ||
2631 (CDB[0] == READ_10) ||
2632 (CDB[0] == WRITE_10))? 2 : 6;
2633 virtLBA = ((uint64_t)CDB[lba_idx] << 24) |
2634 ((uint64_t)CDB[lba_idx + 1] << 16) |
2635 ((uint64_t)CDB[lba_idx + 2] << 8) |
2636 (uint64_t)CDB[lba_idx + 3];
2639 * Check that LBA range for I/O does not exceed volume's
2642 if ((virtLBA + (uint64_t)io_size - 1) <=
2645 * Check if the I/O crosses a stripe boundary.
2646 * If not, translate the virtual LBA to a
2647 * physical LBA and set the DevHandle for the
2648 * PhysDisk to be used. If it does cross a
2649 * boundary, do normal I/O. To get the right
2650 * DevHandle to use, get the map number for the
2651 * column, then use that map number to look up
2652 * the DevHandle of the PhysDisk.
2654 stripe_offset = (uint32_t)virtLBA &
2655 (sc->DD_stripe_size - 1);
2656 if ((stripe_offset + io_size) <=
2657 sc->DD_stripe_size) {
2658 physLBA = (uint32_t)virtLBA >>
2659 sc->DD_stripe_exponent;
2660 stripe_unit = physLBA /
2661 sc->DD_num_phys_disks;
2663 sc->DD_num_phys_disks;
2664 pIO_req->DevHandle =
2665 htole16(sc->DD_column_map[column].
2667 cm->cm_desc.SCSIIO.DevHandle =
2670 physLBA = (stripe_unit <<
2671 sc->DD_stripe_exponent) +
2674 &pIO_req->CDB.CDB32[lba_idx];
2675 physLBA_byte = (uint8_t)(physLBA >> 24);
2676 *ptrLBA = physLBA_byte;
2678 &pIO_req->CDB.CDB32[lba_idx + 1];
2679 physLBA_byte = (uint8_t)(physLBA >> 16);
2680 *ptrLBA = physLBA_byte;
2682 &pIO_req->CDB.CDB32[lba_idx + 2];
2683 physLBA_byte = (uint8_t)(physLBA >> 8);
2684 *ptrLBA = physLBA_byte;
2686 &pIO_req->CDB.CDB32[lba_idx + 3];
2687 physLBA_byte = (uint8_t)physLBA;
2688 *ptrLBA = physLBA_byte;
2691 * Set flag that Direct Drive I/O is
2694 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2699 * 16-byte CDB and the upper 4 bytes of the CDB are not
2700 * 0. Get the transfer size in blocks.
2702 io_size = (cm->cm_length >> sc->DD_block_exponent);
2707 virtLBA = ((uint64_t)CDB[2] << 54) |
2708 ((uint64_t)CDB[3] << 48) |
2709 ((uint64_t)CDB[4] << 40) |
2710 ((uint64_t)CDB[5] << 32) |
2711 ((uint64_t)CDB[6] << 24) |
2712 ((uint64_t)CDB[7] << 16) |
2713 ((uint64_t)CDB[8] << 8) |
2717 * Check that LBA range for I/O does not exceed volume's
2720 if ((virtLBA + (uint64_t)io_size - 1) <=
2723 * Check if the I/O crosses a stripe boundary.
2724 * If not, translate the virtual LBA to a
2725 * physical LBA and set the DevHandle for the
2726 * PhysDisk to be used. If it does cross a
2727 * boundary, do normal I/O. To get the right
2728 * DevHandle to use, get the map number for the
2729 * column, then use that map number to look up
2730 * the DevHandle of the PhysDisk.
2732 stripe_offset = (uint32_t)virtLBA &
2733 (sc->DD_stripe_size - 1);
2734 if ((stripe_offset + io_size) <=
2735 sc->DD_stripe_size) {
2736 physLBA = (uint32_t)(virtLBA >>
2737 sc->DD_stripe_exponent);
2738 stripe_unit = physLBA /
2739 sc->DD_num_phys_disks;
2741 sc->DD_num_phys_disks;
2742 pIO_req->DevHandle =
2743 htole16(sc->DD_column_map[column].
2745 cm->cm_desc.SCSIIO.DevHandle =
2748 physLBA = (stripe_unit <<
2749 sc->DD_stripe_exponent) +
2753 * Set upper 4 bytes of LBA to 0. We
2754 * assume that the phys disks are less
2755 * than 2 TB's in size. Then, set the
2758 pIO_req->CDB.CDB32[2] = 0;
2759 pIO_req->CDB.CDB32[3] = 0;
2760 pIO_req->CDB.CDB32[4] = 0;
2761 pIO_req->CDB.CDB32[5] = 0;
2762 ptrLBA = &pIO_req->CDB.CDB32[6];
2763 physLBA_byte = (uint8_t)(physLBA >> 24);
2764 *ptrLBA = physLBA_byte;
2765 ptrLBA = &pIO_req->CDB.CDB32[7];
2766 physLBA_byte = (uint8_t)(physLBA >> 16);
2767 *ptrLBA = physLBA_byte;
2768 ptrLBA = &pIO_req->CDB.CDB32[8];
2769 physLBA_byte = (uint8_t)(physLBA >> 8);
2770 *ptrLBA = physLBA_byte;
2771 ptrLBA = &pIO_req->CDB.CDB32[9];
2772 physLBA_byte = (uint8_t)physLBA;
2773 *ptrLBA = physLBA_byte;
2776 * Set flag that Direct Drive I/O is
2779 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2786 #if __FreeBSD_version >= 900026
2788 mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm)
2790 MPI2_SMP_PASSTHROUGH_REPLY *rpl;
2791 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2795 ccb = cm->cm_complete_data;
2798 * Currently there should be no way we can hit this case. It only
2799 * happens when we have a failure to allocate chain frames, and SMP
2800 * commands require two S/G elements only. That should be handled
2801 * in the standard request size.
2803 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
2804 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x on SMP request!\n",
2805 __func__, cm->cm_flags);
2806 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2810 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply;
2812 mps_dprint(sc, MPS_ERROR, "%s: NULL cm_reply!\n", __func__);
2813 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2817 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2818 sasaddr = le32toh(req->SASAddress.Low);
2819 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32;
2821 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
2822 MPI2_IOCSTATUS_SUCCESS ||
2823 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) {
2824 mps_dprint(sc, MPS_XINFO, "%s: IOCStatus %04x SASStatus %02x\n",
2825 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus);
2826 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2830 mps_dprint(sc, MPS_XINFO, "%s: SMP request to SAS address "
2831 "%#jx completed successfully\n", __func__,
2832 (uintmax_t)sasaddr);
2834 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED)
2835 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2837 mpssas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR);
2841 * We sync in both directions because we had DMAs in the S/G list
2842 * in both directions.
2844 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap,
2845 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
2846 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2847 mps_free_command(sc, cm);
2852 mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, uint64_t sasaddr)
2854 struct mps_command *cm;
2855 uint8_t *request, *response;
2856 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2857 struct mps_softc *sc;
2864 * XXX We don't yet support physical addresses here.
2866 switch ((ccb->ccb_h.flags & CAM_DATA_MASK)) {
2867 case CAM_DATA_PADDR:
2868 case CAM_DATA_SG_PADDR:
2869 mps_dprint(sc, MPS_ERROR,
2870 "%s: physical addresses not supported\n", __func__);
2871 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2876 * The chip does not support more than one buffer for the
2877 * request or response.
2879 if ((ccb->smpio.smp_request_sglist_cnt > 1)
2880 || (ccb->smpio.smp_response_sglist_cnt > 1)) {
2881 mps_dprint(sc, MPS_ERROR,
2882 "%s: multiple request or response "
2883 "buffer segments not supported for SMP\n",
2885 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2891 * The CAM_SCATTER_VALID flag was originally implemented
2892 * for the XPT_SCSI_IO CCB, which only has one data pointer.
2893 * We have two. So, just take that flag to mean that we
2894 * might have S/G lists, and look at the S/G segment count
2895 * to figure out whether that is the case for each individual
2898 if (ccb->smpio.smp_request_sglist_cnt != 0) {
2899 bus_dma_segment_t *req_sg;
2901 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request;
2902 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr;
2904 request = ccb->smpio.smp_request;
2906 if (ccb->smpio.smp_response_sglist_cnt != 0) {
2907 bus_dma_segment_t *rsp_sg;
2909 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response;
2910 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr;
2912 response = ccb->smpio.smp_response;
2914 case CAM_DATA_VADDR:
2915 request = ccb->smpio.smp_request;
2916 response = ccb->smpio.smp_response;
2919 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2924 cm = mps_alloc_command(sc);
2926 mps_dprint(sc, MPS_ERROR,
2927 "%s: cannot allocate command\n", __func__);
2928 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
2933 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2934 bzero(req, sizeof(*req));
2935 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH;
2937 /* Allow the chip to use any route to this SAS address. */
2938 req->PhysicalPort = 0xff;
2940 req->RequestDataLength = htole16(ccb->smpio.smp_request_len);
2942 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI;
2944 mps_dprint(sc, MPS_XINFO, "%s: sending SMP request to SAS "
2945 "address %#jx\n", __func__, (uintmax_t)sasaddr);
2947 mpi_init_sge(cm, req, &req->SGL);
2950 * Set up a uio to pass into mps_map_command(). This allows us to
2951 * do one map command, and one busdma call in there.
2953 cm->cm_uio.uio_iov = cm->cm_iovec;
2954 cm->cm_uio.uio_iovcnt = 2;
2955 cm->cm_uio.uio_segflg = UIO_SYSSPACE;
2958 * The read/write flag isn't used by busdma, but set it just in
2959 * case. This isn't exactly accurate, either, since we're going in
2962 cm->cm_uio.uio_rw = UIO_WRITE;
2964 cm->cm_iovec[0].iov_base = request;
2965 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength);
2966 cm->cm_iovec[1].iov_base = response;
2967 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len;
2969 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len +
2970 cm->cm_iovec[1].iov_len;
2973 * Trigger a warning message in mps_data_cb() for the user if we
2974 * wind up exceeding two S/G segments. The chip expects one
2975 * segment for the request and another for the response.
2977 cm->cm_max_segs = 2;
2979 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
2980 cm->cm_complete = mpssas_smpio_complete;
2981 cm->cm_complete_data = ccb;
2984 * Tell the mapping code that we're using a uio, and that this is
2985 * an SMP passthrough request. There is a little special-case
2986 * logic there (in mps_data_cb()) to handle the bidirectional
2989 cm->cm_flags |= MPS_CM_FLAGS_USE_UIO | MPS_CM_FLAGS_SMP_PASS |
2990 MPS_CM_FLAGS_DATAIN | MPS_CM_FLAGS_DATAOUT;
2992 /* The chip data format is little endian. */
2993 req->SASAddress.High = htole32(sasaddr >> 32);
2994 req->SASAddress.Low = htole32(sasaddr);
2997 * XXX Note that we don't have a timeout/abort mechanism here.
2998 * From the manual, it looks like task management requests only
2999 * work for SCSI IO and SATA passthrough requests. We may need to
3000 * have a mechanism to retry requests in the event of a chip reset
3001 * at least. Hopefully the chip will insure that any errors short
3002 * of that are relayed back to the driver.
3004 error = mps_map_command(sc, cm);
3005 if ((error != 0) && (error != EINPROGRESS)) {
3006 mps_dprint(sc, MPS_ERROR,
3007 "%s: error %d returned from mps_map_command()\n",
3015 mps_free_command(sc, cm);
3016 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
3023 mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb)
3025 struct mps_softc *sc;
3026 struct mpssas_target *targ;
3027 uint64_t sasaddr = 0;
3032 * Make sure the target exists.
3034 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets,
3035 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id));
3036 targ = &sassc->targets[ccb->ccb_h.target_id];
3037 if (targ->handle == 0x0) {
3038 mps_dprint(sc, MPS_ERROR,
3039 "%s: target %d does not exist!\n", __func__,
3040 ccb->ccb_h.target_id);
3041 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT);
3047 * If this device has an embedded SMP target, we'll talk to it
3049 * figure out what the expander's address is.
3051 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0)
3052 sasaddr = targ->sasaddr;
3055 * If we don't have a SAS address for the expander yet, try
3056 * grabbing it from the page 0x83 information cached in the
3057 * transport layer for this target. LSI expanders report the
3058 * expander SAS address as the port-associated SAS address in
3059 * Inquiry VPD page 0x83. Maxim expanders don't report it in page
3062 * XXX KDM disable this for now, but leave it commented out so that
3063 * it is obvious that this is another possible way to get the SAS
3066 * The parent handle method below is a little more reliable, and
3067 * the other benefit is that it works for devices other than SES
3068 * devices. So you can send a SMP request to a da(4) device and it
3069 * will get routed to the expander that device is attached to.
3070 * (Assuming the da(4) device doesn't contain an SMP target...)
3074 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path);
3078 * If we still don't have a SAS address for the expander, look for
3079 * the parent device of this device, which is probably the expander.
3082 #ifdef OLD_MPS_PROBE
3083 struct mpssas_target *parent_target;
3086 if (targ->parent_handle == 0x0) {
3087 mps_dprint(sc, MPS_ERROR,
3088 "%s: handle %d does not have a valid "
3089 "parent handle!\n", __func__, targ->handle);
3090 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3093 #ifdef OLD_MPS_PROBE
3094 parent_target = mpssas_find_target_by_handle(sassc, 0,
3095 targ->parent_handle);
3097 if (parent_target == NULL) {
3098 mps_dprint(sc, MPS_ERROR,
3099 "%s: handle %d does not have a valid "
3100 "parent target!\n", __func__, targ->handle);
3101 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3105 if ((parent_target->devinfo &
3106 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
3107 mps_dprint(sc, MPS_ERROR,
3108 "%s: handle %d parent %d does not "
3109 "have an SMP target!\n", __func__,
3110 targ->handle, parent_target->handle);
3111 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3116 sasaddr = parent_target->sasaddr;
3117 #else /* OLD_MPS_PROBE */
3118 if ((targ->parent_devinfo &
3119 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
3120 mps_dprint(sc, MPS_ERROR,
3121 "%s: handle %d parent %d does not "
3122 "have an SMP target!\n", __func__,
3123 targ->handle, targ->parent_handle);
3124 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3128 if (targ->parent_sasaddr == 0x0) {
3129 mps_dprint(sc, MPS_ERROR,
3130 "%s: handle %d parent handle %d does "
3131 "not have a valid SAS address!\n",
3132 __func__, targ->handle, targ->parent_handle);
3133 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3137 sasaddr = targ->parent_sasaddr;
3138 #endif /* OLD_MPS_PROBE */
3143 mps_dprint(sc, MPS_INFO,
3144 "%s: unable to find SAS address for handle %d\n",
3145 __func__, targ->handle);
3146 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3149 mpssas_send_smpcmd(sassc, ccb, sasaddr);
3157 #endif //__FreeBSD_version >= 900026
3160 mpssas_action_resetdev(struct mpssas_softc *sassc, union ccb *ccb)
3162 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3163 struct mps_softc *sc;
3164 struct mps_command *tm;
3165 struct mpssas_target *targ;
3167 MPS_FUNCTRACE(sassc->sc);
3168 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED);
3170 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets,
3171 ("Target %d out of bounds in XPT_RESET_DEV\n",
3172 ccb->ccb_h.target_id));
3174 tm = mps_alloc_command(sc);
3176 mps_dprint(sc, MPS_ERROR,
3177 "command alloc failure in mpssas_action_resetdev\n");
3178 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
3183 targ = &sassc->targets[ccb->ccb_h.target_id];
3184 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3185 req->DevHandle = htole16(targ->handle);
3186 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
3187 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
3189 /* SAS Hard Link Reset / SATA Link Reset */
3190 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
3193 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
3194 tm->cm_complete = mpssas_resetdev_complete;
3195 tm->cm_complete_data = ccb;
3197 targ->flags |= MPSSAS_TARGET_INRESET;
3199 mps_map_command(sc, tm);
3203 mpssas_resetdev_complete(struct mps_softc *sc, struct mps_command *tm)
3205 MPI2_SCSI_TASK_MANAGE_REPLY *resp;
3209 mtx_assert(&sc->mps_mtx, MA_OWNED);
3211 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
3212 ccb = tm->cm_complete_data;
3215 * Currently there should be no way we can hit this case. It only
3216 * happens when we have a failure to allocate chain frames, and
3217 * task management commands don't have S/G lists.
3219 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
3220 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3222 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3224 mps_dprint(sc, MPS_ERROR,
3225 "%s: cm_flags = %#x for reset of handle %#04x! "
3226 "This should not happen!\n", __func__, tm->cm_flags,
3228 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3232 mps_dprint(sc, MPS_XINFO,
3233 "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", __func__,
3234 le16toh(resp->IOCStatus), le32toh(resp->ResponseCode));
3236 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) {
3237 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
3238 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
3242 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3246 mpssas_free_tm(sc, tm);
3251 mpssas_poll(struct cam_sim *sim)
3253 struct mpssas_softc *sassc;
3255 sassc = cam_sim_softc(sim);
3257 if (sassc->sc->mps_debug & MPS_TRACE) {
3258 /* frequent debug messages during a panic just slow
3259 * everything down too much.
3261 mps_printf(sassc->sc, "%s clearing MPS_TRACE\n", __func__);
3262 sassc->sc->mps_debug &= ~MPS_TRACE;
3265 mps_intr_locked(sassc->sc);
3269 mpssas_async(void *callback_arg, uint32_t code, struct cam_path *path,
3272 struct mps_softc *sc;
3274 sc = (struct mps_softc *)callback_arg;
3277 #if (__FreeBSD_version >= 1000006) || \
3278 ((__FreeBSD_version >= 901503) && (__FreeBSD_version < 1000000))
3279 case AC_ADVINFO_CHANGED: {
3280 struct mpssas_target *target;
3281 struct mpssas_softc *sassc;
3282 struct scsi_read_capacity_data_long rcap_buf;
3283 struct ccb_dev_advinfo cdai;
3284 struct mpssas_lun *lun;
3289 buftype = (uintptr_t)arg;
3295 * We're only interested in read capacity data changes.
3297 if (buftype != CDAI_TYPE_RCAPLONG)
3301 * We should have a handle for this, but check to make sure.
3303 KASSERT(xpt_path_target_id(path) < sassc->maxtargets,
3304 ("Target %d out of bounds in mpssas_async\n",
3305 xpt_path_target_id(path)));
3306 target = &sassc->targets[xpt_path_target_id(path)];
3307 if (target->handle == 0)
3310 lunid = xpt_path_lun_id(path);
3312 SLIST_FOREACH(lun, &target->luns, lun_link) {
3313 if (lun->lun_id == lunid) {
3319 if (found_lun == 0) {
3320 lun = malloc(sizeof(struct mpssas_lun), M_MPT2,
3323 mps_dprint(sc, MPS_ERROR, "Unable to alloc "
3324 "LUN for EEDP support.\n");
3327 lun->lun_id = lunid;
3328 SLIST_INSERT_HEAD(&target->luns, lun, lun_link);
3331 bzero(&rcap_buf, sizeof(rcap_buf));
3332 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL);
3333 cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
3334 cdai.ccb_h.flags = CAM_DIR_IN;
3335 cdai.buftype = CDAI_TYPE_RCAPLONG;
3336 #if (__FreeBSD_version >= 1100061) || \
3337 ((__FreeBSD_version >= 1001510) && (__FreeBSD_version < 1100000))
3338 cdai.flags = CDAI_FLAG_NONE;
3342 cdai.bufsiz = sizeof(rcap_buf);
3343 cdai.buf = (uint8_t *)&rcap_buf;
3344 xpt_action((union ccb *)&cdai);
3345 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0)
3346 cam_release_devq(cdai.ccb_h.path,
3349 if ((mpssas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP)
3350 && (rcap_buf.prot & SRC16_PROT_EN)) {
3351 lun->eedp_formatted = TRUE;
3352 lun->eedp_block_size = scsi_4btoul(rcap_buf.length);
3354 lun->eedp_formatted = FALSE;
3355 lun->eedp_block_size = 0;
3360 case AC_FOUND_DEVICE: {
3361 struct ccb_getdev *cgd;
3364 mpssas_check_eedp(sc, path, cgd);
3373 #if (__FreeBSD_version < 901503) || \
3374 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006))
3376 mpssas_check_eedp(struct mps_softc *sc, struct cam_path *path,
3377 struct ccb_getdev *cgd)
3379 struct mpssas_softc *sassc = sc->sassc;
3380 struct ccb_scsiio *csio;
3381 struct scsi_read_capacity_16 *scsi_cmd;
3382 struct scsi_read_capacity_eedp *rcap_buf;
3384 target_id_t targetid;
3387 struct cam_path *local_path;
3388 struct mpssas_target *target;
3389 struct mpssas_lun *lun;
3394 pathid = cam_sim_path(sassc->sim);
3395 targetid = xpt_path_target_id(path);
3396 lunid = xpt_path_lun_id(path);
3398 KASSERT(targetid < sassc->maxtargets,
3399 ("Target %d out of bounds in mpssas_check_eedp\n",
3401 target = &sassc->targets[targetid];
3402 if (target->handle == 0x0)
3406 * Determine if the device is EEDP capable.
3408 * If this flag is set in the inquiry data,
3409 * the device supports protection information,
3410 * and must support the 16 byte read
3411 * capacity command, otherwise continue without
3412 * sending read cap 16
3414 if ((cgd->inq_data.spc3_flags & SPC3_SID_PROTECT) == 0)
3418 * Issue a READ CAPACITY 16 command. This info
3419 * is used to determine if the LUN is formatted
3422 ccb = xpt_alloc_ccb_nowait();
3424 mps_dprint(sc, MPS_ERROR, "Unable to alloc CCB "
3425 "for EEDP support.\n");
3429 if (xpt_create_path(&local_path, xpt_periph,
3430 pathid, targetid, lunid) != CAM_REQ_CMP) {
3431 mps_dprint(sc, MPS_ERROR, "Unable to create "
3432 "path for EEDP support\n");
3438 * If LUN is already in list, don't create a new
3442 SLIST_FOREACH(lun, &target->luns, lun_link) {
3443 if (lun->lun_id == lunid) {
3449 lun = malloc(sizeof(struct mpssas_lun), M_MPT2,
3452 mps_dprint(sc, MPS_ERROR,
3453 "Unable to alloc LUN for EEDP support.\n");
3454 xpt_free_path(local_path);
3458 lun->lun_id = lunid;
3459 SLIST_INSERT_HEAD(&target->luns, lun,
3463 xpt_path_string(local_path, path_str, sizeof(path_str));
3465 mps_dprint(sc, MPS_INFO, "Sending read cap: path %s handle %d\n",
3466 path_str, target->handle);
3469 * Issue a READ CAPACITY 16 command for the LUN.
3470 * The mpssas_read_cap_done function will load
3471 * the read cap info into the LUN struct.
3473 rcap_buf = malloc(sizeof(struct scsi_read_capacity_eedp),
3474 M_MPT2, M_NOWAIT | M_ZERO);
3475 if (rcap_buf == NULL) {
3476 mps_dprint(sc, MPS_FAULT,
3477 "Unable to alloc read capacity buffer for EEDP support.\n");
3478 xpt_free_path(ccb->ccb_h.path);
3482 xpt_setup_ccb(&ccb->ccb_h, local_path, CAM_PRIORITY_XPT);
3484 csio->ccb_h.func_code = XPT_SCSI_IO;
3485 csio->ccb_h.flags = CAM_DIR_IN;
3486 csio->ccb_h.retry_count = 4;
3487 csio->ccb_h.cbfcnp = mpssas_read_cap_done;
3488 csio->ccb_h.timeout = 60000;
3489 csio->data_ptr = (uint8_t *)rcap_buf;
3490 csio->dxfer_len = sizeof(struct scsi_read_capacity_eedp);
3491 csio->sense_len = MPS_SENSE_LEN;
3492 csio->cdb_len = sizeof(*scsi_cmd);
3493 csio->tag_action = MSG_SIMPLE_Q_TAG;
3495 scsi_cmd = (struct scsi_read_capacity_16 *)&csio->cdb_io.cdb_bytes;
3496 bzero(scsi_cmd, sizeof(*scsi_cmd));
3497 scsi_cmd->opcode = 0x9E;
3498 scsi_cmd->service_action = SRC16_SERVICE_ACTION;
3499 ((uint8_t *)scsi_cmd)[13] = sizeof(struct scsi_read_capacity_eedp);
3501 ccb->ccb_h.ppriv_ptr1 = sassc;
3506 mpssas_read_cap_done(struct cam_periph *periph, union ccb *done_ccb)
3508 struct mpssas_softc *sassc;
3509 struct mpssas_target *target;
3510 struct mpssas_lun *lun;
3511 struct scsi_read_capacity_eedp *rcap_buf;
3513 if (done_ccb == NULL)
3516 /* Driver need to release devq, it Scsi command is
3517 * generated by driver internally.
3518 * Currently there is a single place where driver
3519 * calls scsi command internally. In future if driver
3520 * calls more scsi command internally, it needs to release
3521 * devq internally, since those command will not go back to
3524 if ((done_ccb->ccb_h.status & CAM_DEV_QFRZN) ) {
3525 done_ccb->ccb_h.status &= ~CAM_DEV_QFRZN;
3526 xpt_release_devq(done_ccb->ccb_h.path,
3527 /*count*/ 1, /*run_queue*/TRUE);
3530 rcap_buf = (struct scsi_read_capacity_eedp *)done_ccb->csio.data_ptr;
3533 * Get the LUN ID for the path and look it up in the LUN list for the
3536 sassc = (struct mpssas_softc *)done_ccb->ccb_h.ppriv_ptr1;
3537 KASSERT(done_ccb->ccb_h.target_id < sassc->maxtargets,
3538 ("Target %d out of bounds in mpssas_read_cap_done\n",
3539 done_ccb->ccb_h.target_id));
3540 target = &sassc->targets[done_ccb->ccb_h.target_id];
3541 SLIST_FOREACH(lun, &target->luns, lun_link) {
3542 if (lun->lun_id != done_ccb->ccb_h.target_lun)
3546 * Got the LUN in the target's LUN list. Fill it in
3547 * with EEDP info. If the READ CAP 16 command had some
3548 * SCSI error (common if command is not supported), mark
3549 * the lun as not supporting EEDP and set the block size
3552 if ((mpssas_get_ccbstatus(done_ccb) != CAM_REQ_CMP)
3553 || (done_ccb->csio.scsi_status != SCSI_STATUS_OK)) {
3554 lun->eedp_formatted = FALSE;
3555 lun->eedp_block_size = 0;
3559 if (rcap_buf->protect & 0x01) {
3560 mps_dprint(sassc->sc, MPS_INFO, "LUN %d for "
3561 "target ID %d is formatted for EEDP "
3562 "support.\n", done_ccb->ccb_h.target_lun,
3563 done_ccb->ccb_h.target_id);
3564 lun->eedp_formatted = TRUE;
3565 lun->eedp_block_size = scsi_4btoul(rcap_buf->length);
3570 // Finished with this CCB and path.
3571 free(rcap_buf, M_MPT2);
3572 xpt_free_path(done_ccb->ccb_h.path);
3573 xpt_free_ccb(done_ccb);
3575 #endif /* (__FreeBSD_version < 901503) || \
3576 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006)) */
3579 mpssas_prepare_for_tm(struct mps_softc *sc, struct mps_command *tm,
3580 struct mpssas_target *target, lun_id_t lun_id)
3586 * Set the INRESET flag for this target so that no I/O will be sent to
3587 * the target until the reset has completed. If an I/O request does
3588 * happen, the devq will be frozen. The CCB holds the path which is
3589 * used to release the devq. The devq is released and the CCB is freed
3590 * when the TM completes.
3592 ccb = xpt_alloc_ccb_nowait();
3594 path_id = cam_sim_path(sc->sassc->sim);
3595 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id,
3596 target->tid, lun_id) != CAM_REQ_CMP) {
3600 tm->cm_targ = target;
3601 target->flags |= MPSSAS_TARGET_INRESET;
3607 mpssas_startup(struct mps_softc *sc)
3611 * Send the port enable message and set the wait_for_port_enable flag.
3612 * This flag helps to keep the simq frozen until all discovery events
3615 sc->wait_for_port_enable = 1;
3616 mpssas_send_portenable(sc);
3621 mpssas_send_portenable(struct mps_softc *sc)
3623 MPI2_PORT_ENABLE_REQUEST *request;
3624 struct mps_command *cm;
3628 if ((cm = mps_alloc_command(sc)) == NULL)
3630 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req;
3631 request->Function = MPI2_FUNCTION_PORT_ENABLE;
3632 request->MsgFlags = 0;
3634 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
3635 cm->cm_complete = mpssas_portenable_complete;
3639 mps_map_command(sc, cm);
3640 mps_dprint(sc, MPS_XINFO,
3641 "mps_send_portenable finished cm %p req %p complete %p\n",
3642 cm, cm->cm_req, cm->cm_complete);
3647 mpssas_portenable_complete(struct mps_softc *sc, struct mps_command *cm)
3649 MPI2_PORT_ENABLE_REPLY *reply;
3650 struct mpssas_softc *sassc;
3656 * Currently there should be no way we can hit this case. It only
3657 * happens when we have a failure to allocate chain frames, and
3658 * port enable commands don't have S/G lists.
3660 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
3661 mps_dprint(sc, MPS_ERROR, "%s: cm_flags = %#x for port enable! "
3662 "This should not happen!\n", __func__, cm->cm_flags);
3665 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply;
3667 mps_dprint(sc, MPS_FAULT, "Portenable NULL reply\n");
3668 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) !=
3669 MPI2_IOCSTATUS_SUCCESS)
3670 mps_dprint(sc, MPS_FAULT, "Portenable failed\n");
3672 mps_free_command(sc, cm);
3673 if (sc->mps_ich.ich_arg != NULL) {
3674 mps_dprint(sc, MPS_XINFO, "disestablish config intrhook\n");
3675 config_intrhook_disestablish(&sc->mps_ich);
3676 sc->mps_ich.ich_arg = NULL;
3680 * Get WarpDrive info after discovery is complete but before the scan
3681 * starts. At this point, all devices are ready to be exposed to the
3682 * OS. If devices should be hidden instead, take them out of the
3683 * 'targets' array before the scan. The devinfo for a disk will have
3684 * some info and a volume's will be 0. Use that to remove disks.
3686 mps_wd_config_pages(sc);
3689 * Done waiting for port enable to complete. Decrement the refcount.
3690 * If refcount is 0, discovery is complete and a rescan of the bus can
3691 * take place. Since the simq was explicitly frozen before port
3692 * enable, it must be explicitly released here to keep the
3693 * freeze/release count in sync.
3695 sc->wait_for_port_enable = 0;
3696 sc->port_enable_complete = 1;
3697 wakeup(&sc->port_enable_complete);
3698 mpssas_startup_decrement(sassc);
3702 mpssas_check_id(struct mpssas_softc *sassc, int id)
3704 struct mps_softc *sc = sassc->sc;
3708 ids = &sc->exclude_ids[0];
3709 while((name = strsep(&ids, ",")) != NULL) {
3710 if (name[0] == '\0')
3712 if (strtol(name, NULL, 0) == (long)id)
3720 mpssas_realloc_targets(struct mps_softc *sc, int maxtargets)
3722 struct mpssas_softc *sassc;
3723 struct mpssas_lun *lun, *lun_tmp;
3724 struct mpssas_target *targ;
3729 * The number of targets is based on IOC Facts, so free all of
3730 * the allocated LUNs for each target and then the target buffer
3733 for (i=0; i< maxtargets; i++) {
3734 targ = &sassc->targets[i];
3735 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
3739 free(sassc->targets, M_MPT2);
3741 sassc->targets = malloc(sizeof(struct mpssas_target) * maxtargets,
3742 M_MPT2, M_WAITOK|M_ZERO);
3743 if (!sassc->targets) {
3744 panic("%s failed to alloc targets with error %d\n",
projects / FreeBSD / FreeBSD.git / blob