2 * Copyright (c) 2009 Yahoo! Inc.
3 * Copyright (c) 2011-2015 LSI Corp.
4 * Copyright (c) 2013-2015 Avago Technologies
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * Avago Technologies (LSI) MPT-Fusion Host Adapter FreeBSD
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 /* Communications core for Avago Technologies (LSI) MPT2 */
38 /* TODO Move headers to mpsvar */
39 #include <sys/types.h>
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/kernel.h>
43 #include <sys/selinfo.h>
44 #include <sys/module.h>
48 #include <sys/malloc.h>
50 #include <sys/sysctl.h>
51 #include <sys/endian.h>
52 #include <sys/queue.h>
53 #include <sys/kthread.h>
54 #include <sys/taskqueue.h>
57 #include <machine/bus.h>
58 #include <machine/resource.h>
61 #include <machine/stdarg.h>
64 #include <cam/cam_ccb.h>
65 #include <cam/cam_xpt.h>
66 #include <cam/cam_debug.h>
67 #include <cam/cam_sim.h>
68 #include <cam/cam_xpt_sim.h>
69 #include <cam/cam_xpt_periph.h>
70 #include <cam/cam_periph.h>
71 #include <cam/scsi/scsi_all.h>
72 #include <cam/scsi/scsi_message.h>
73 #if __FreeBSD_version >= 900026
74 #include <cam/scsi/smp_all.h>
77 #include <dev/mps/mpi/mpi2_type.h>
78 #include <dev/mps/mpi/mpi2.h>
79 #include <dev/mps/mpi/mpi2_ioc.h>
80 #include <dev/mps/mpi/mpi2_sas.h>
81 #include <dev/mps/mpi/mpi2_cnfg.h>
82 #include <dev/mps/mpi/mpi2_init.h>
83 #include <dev/mps/mpi/mpi2_tool.h>
84 #include <dev/mps/mps_ioctl.h>
85 #include <dev/mps/mpsvar.h>
86 #include <dev/mps/mps_table.h>
87 #include <dev/mps/mps_sas.h>
89 #define MPSSAS_DISCOVERY_TIMEOUT 20
90 #define MPSSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */
93 * static array to check SCSI OpCode for EEDP protection bits
95 #define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP
96 #define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
97 #define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP
98 static uint8_t op_code_prot[256] = {
99 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
101 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
103 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
105 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
106 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
108 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
109 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V,
110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
114 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
117 MALLOC_DEFINE(M_MPSSAS, "MPSSAS", "MPS SAS memory");
119 static void mpssas_remove_device(struct mps_softc *, struct mps_command *);
120 static void mpssas_remove_complete(struct mps_softc *, struct mps_command *);
121 static void mpssas_action(struct cam_sim *sim, union ccb *ccb);
122 static void mpssas_poll(struct cam_sim *sim);
123 static int mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm,
124 struct mps_command *cm);
125 static void mpssas_scsiio_timeout(void *data);
126 static void mpssas_abort_complete(struct mps_softc *sc, struct mps_command *cm);
127 static void mpssas_direct_drive_io(struct mpssas_softc *sassc,
128 struct mps_command *cm, union ccb *ccb);
129 static void mpssas_action_scsiio(struct mpssas_softc *, union ccb *);
130 static void mpssas_scsiio_complete(struct mps_softc *, struct mps_command *);
131 static void mpssas_action_resetdev(struct mpssas_softc *, union ccb *);
132 #if __FreeBSD_version >= 900026
133 static void mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm);
134 static void mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb,
136 static void mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb);
137 #endif //FreeBSD_version >= 900026
138 static void mpssas_resetdev_complete(struct mps_softc *, struct mps_command *);
139 static void mpssas_async(void *callback_arg, uint32_t code,
140 struct cam_path *path, void *arg);
141 #if (__FreeBSD_version < 901503) || \
142 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006))
143 static void mpssas_check_eedp(struct mps_softc *sc, struct cam_path *path,
144 struct ccb_getdev *cgd);
145 static void mpssas_read_cap_done(struct cam_periph *periph, union ccb *done_ccb);
147 static int mpssas_send_portenable(struct mps_softc *sc);
148 static void mpssas_portenable_complete(struct mps_softc *sc,
149 struct mps_command *cm);
151 struct mpssas_target *
152 mpssas_find_target_by_handle(struct mpssas_softc *sassc, int start, uint16_t handle)
154 struct mpssas_target *target;
157 for (i = start; i < sassc->maxtargets; i++) {
158 target = &sassc->targets[i];
159 if (target->handle == handle)
166 /* we need to freeze the simq during attach and diag reset, to avoid failing
167 * commands before device handles have been found by discovery. Since
168 * discovery involves reading config pages and possibly sending commands,
169 * discovery actions may continue even after we receive the end of discovery
170 * event, so refcount discovery actions instead of assuming we can unfreeze
171 * the simq when we get the event.
174 mpssas_startup_increment(struct mpssas_softc *sassc)
176 MPS_FUNCTRACE(sassc->sc);
178 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) {
179 if (sassc->startup_refcount++ == 0) {
180 /* just starting, freeze the simq */
181 mps_dprint(sassc->sc, MPS_INIT,
182 "%s freezing simq\n", __func__);
183 #if __FreeBSD_version >= 1000039
186 xpt_freeze_simq(sassc->sim, 1);
188 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__,
189 sassc->startup_refcount);
194 mpssas_release_simq_reinit(struct mpssas_softc *sassc)
196 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
197 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
198 xpt_release_simq(sassc->sim, 1);
199 mps_dprint(sassc->sc, MPS_INFO, "Unfreezing SIM queue\n");
204 mpssas_startup_decrement(struct mpssas_softc *sassc)
206 MPS_FUNCTRACE(sassc->sc);
208 if ((sassc->flags & MPSSAS_IN_STARTUP) != 0) {
209 if (--sassc->startup_refcount == 0) {
210 /* finished all discovery-related actions, release
211 * the simq and rescan for the latest topology.
213 mps_dprint(sassc->sc, MPS_INIT,
214 "%s releasing simq\n", __func__);
215 sassc->flags &= ~MPSSAS_IN_STARTUP;
216 xpt_release_simq(sassc->sim, 1);
217 #if __FreeBSD_version >= 1000039
220 mpssas_rescan_target(sassc->sc, NULL);
223 mps_dprint(sassc->sc, MPS_INIT, "%s refcount %u\n", __func__,
224 sassc->startup_refcount);
228 /* The firmware requires us to stop sending commands when we're doing task
229 * management, so refcount the TMs and keep the simq frozen when any are in
233 mpssas_alloc_tm(struct mps_softc *sc)
235 struct mps_command *tm;
237 tm = mps_alloc_high_priority_command(sc);
242 mpssas_free_tm(struct mps_softc *sc, struct mps_command *tm)
244 int target_id = 0xFFFFFFFF;
250 * For TM's the devq is frozen for the device. Unfreeze it here and
251 * free the resources used for freezing the devq. Must clear the
252 * INRESET flag as well or scsi I/O will not work.
254 if (tm->cm_targ != NULL) {
255 tm->cm_targ->flags &= ~MPSSAS_TARGET_INRESET;
256 target_id = tm->cm_targ->tid;
259 mps_dprint(sc, MPS_INFO, "Unfreezing devq for target ID %d\n",
261 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE);
262 xpt_free_path(tm->cm_ccb->ccb_h.path);
263 xpt_free_ccb(tm->cm_ccb);
266 mps_free_high_priority_command(sc, tm);
270 mpssas_rescan_target(struct mps_softc *sc, struct mpssas_target *targ)
272 struct mpssas_softc *sassc = sc->sassc;
274 target_id_t targetid;
278 pathid = cam_sim_path(sassc->sim);
280 targetid = CAM_TARGET_WILDCARD;
282 targetid = targ - sassc->targets;
285 * Allocate a CCB and schedule a rescan.
287 ccb = xpt_alloc_ccb_nowait();
289 mps_dprint(sc, MPS_ERROR, "unable to alloc CCB for rescan\n");
293 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid,
294 targetid, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
295 mps_dprint(sc, MPS_ERROR, "unable to create path for rescan\n");
300 if (targetid == CAM_TARGET_WILDCARD)
301 ccb->ccb_h.func_code = XPT_SCAN_BUS;
303 ccb->ccb_h.func_code = XPT_SCAN_TGT;
305 mps_dprint(sc, MPS_TRACE, "%s targetid %u\n", __func__, targetid);
310 mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...)
320 /* No need to be in here if debugging isn't enabled */
321 if ((cm->cm_sc->mps_debug & level) == 0)
324 sbuf_new(&sb, str, sizeof(str), 0);
328 if (cm->cm_ccb != NULL) {
329 xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str,
331 sbuf_cat(&sb, path_str);
332 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) {
333 scsi_command_string(&cm->cm_ccb->csio, &sb);
334 sbuf_printf(&sb, "length %d ",
335 cm->cm_ccb->csio.dxfer_len);
339 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ",
340 cam_sim_name(cm->cm_sc->sassc->sim),
341 cam_sim_unit(cm->cm_sc->sassc->sim),
342 cam_sim_bus(cm->cm_sc->sassc->sim),
343 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF,
347 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID);
348 sbuf_vprintf(&sb, fmt, ap);
350 mps_print_field(cm->cm_sc, "%s", sbuf_data(&sb));
357 mpssas_remove_volume(struct mps_softc *sc, struct mps_command *tm)
359 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
360 struct mpssas_target *targ;
365 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
366 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
370 /* XXX retry the remove after the diag reset completes? */
371 mps_dprint(sc, MPS_FAULT,
372 "%s NULL reply resetting device 0x%04x\n", __func__,
374 mpssas_free_tm(sc, tm);
378 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
379 MPI2_IOCSTATUS_SUCCESS) {
380 mps_dprint(sc, MPS_ERROR,
381 "IOCStatus = 0x%x while resetting device 0x%x\n",
382 le16toh(reply->IOCStatus), handle);
385 mps_dprint(sc, MPS_XINFO,
386 "Reset aborted %u commands\n", reply->TerminationCount);
387 mps_free_reply(sc, tm->cm_reply_data);
388 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
390 mps_dprint(sc, MPS_XINFO,
391 "clearing target %u handle 0x%04x\n", targ->tid, handle);
394 * Don't clear target if remove fails because things will get confusing.
395 * Leave the devname and sasaddr intact so that we know to avoid reusing
396 * this target id if possible, and so we can assign the same target id
397 * to this device if it comes back in the future.
399 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
400 MPI2_IOCSTATUS_SUCCESS) {
403 targ->encl_handle = 0x0;
404 targ->encl_slot = 0x0;
405 targ->exp_dev_handle = 0x0;
407 targ->linkrate = 0x0;
412 mpssas_free_tm(sc, tm);
417 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal.
418 * Otherwise Volume Delete is same as Bare Drive Removal.
421 mpssas_prepare_volume_remove(struct mpssas_softc *sassc, uint16_t handle)
423 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
424 struct mps_softc *sc;
425 struct mps_command *cm;
426 struct mpssas_target *targ = NULL;
428 MPS_FUNCTRACE(sassc->sc);
433 * If this is a WD controller, determine if the disk should be exposed
434 * to the OS or not. If disk should be exposed, return from this
435 * function without doing anything.
437 if (sc->WD_available && (sc->WD_hide_expose ==
438 MPS_WD_EXPOSE_ALWAYS)) {
443 targ = mpssas_find_target_by_handle(sassc, 0, handle);
445 /* FIXME: what is the action? */
446 /* We don't know about this device? */
447 mps_dprint(sc, MPS_ERROR,
448 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle);
452 targ->flags |= MPSSAS_TARGET_INREMOVAL;
454 cm = mpssas_alloc_tm(sc);
456 mps_dprint(sc, MPS_ERROR,
457 "%s: command alloc failure\n", __func__);
461 mpssas_rescan_target(sc, targ);
463 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req;
464 req->DevHandle = targ->handle;
465 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
466 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
468 /* SAS Hard Link Reset / SATA Link Reset */
469 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
473 cm->cm_desc.HighPriority.RequestFlags =
474 MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
475 cm->cm_complete = mpssas_remove_volume;
476 cm->cm_complete_data = (void *)(uintptr_t)handle;
478 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n",
479 __func__, targ->tid);
480 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD);
482 mps_map_command(sc, cm);
486 * The MPT2 firmware performs debounce on the link to avoid transient link
487 * errors and false removals. When it does decide that link has been lost
488 * and a device need to go away, it expects that the host will perform a
489 * target reset and then an op remove. The reset has the side-effect of
490 * aborting any outstanding requests for the device, which is required for
491 * the op-remove to succeed. It's not clear if the host should check for
492 * the device coming back alive after the reset.
495 mpssas_prepare_remove(struct mpssas_softc *sassc, uint16_t handle)
497 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
498 struct mps_softc *sc;
499 struct mps_command *cm;
500 struct mpssas_target *targ = NULL;
502 MPS_FUNCTRACE(sassc->sc);
506 targ = mpssas_find_target_by_handle(sassc, 0, handle);
508 /* FIXME: what is the action? */
509 /* We don't know about this device? */
510 mps_dprint(sc, MPS_ERROR,
511 "%s : invalid handle 0x%x \n", __func__, handle);
515 targ->flags |= MPSSAS_TARGET_INREMOVAL;
517 cm = mpssas_alloc_tm(sc);
519 mps_dprint(sc, MPS_ERROR,
520 "%s: command alloc failure\n", __func__);
524 mpssas_rescan_target(sc, targ);
526 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req;
527 memset(req, 0, sizeof(*req));
528 req->DevHandle = htole16(targ->handle);
529 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
530 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
532 /* SAS Hard Link Reset / SATA Link Reset */
533 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
537 cm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
538 cm->cm_complete = mpssas_remove_device;
539 cm->cm_complete_data = (void *)(uintptr_t)handle;
541 mps_dprint(sc, MPS_INFO, "%s: Sending reset for target ID %d\n",
542 __func__, targ->tid);
543 mpssas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD);
545 mps_map_command(sc, cm);
549 mpssas_remove_device(struct mps_softc *sc, struct mps_command *tm)
551 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
552 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req;
553 struct mpssas_target *targ;
554 struct mps_command *next_cm;
559 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
560 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
564 * Currently there should be no way we can hit this case. It only
565 * happens when we have a failure to allocate chain frames, and
566 * task management commands don't have S/G lists.
568 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
569 mps_dprint(sc, MPS_ERROR,
570 "%s: cm_flags = %#x for remove of handle %#04x! "
571 "This should not happen!\n", __func__, tm->cm_flags,
576 /* XXX retry the remove after the diag reset completes? */
577 mps_dprint(sc, MPS_FAULT,
578 "%s NULL reply resetting device 0x%04x\n", __func__,
580 mpssas_free_tm(sc, tm);
584 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
585 MPI2_IOCSTATUS_SUCCESS) {
586 mps_dprint(sc, MPS_ERROR,
587 "IOCStatus = 0x%x while resetting device 0x%x\n",
588 le16toh(reply->IOCStatus), handle);
591 mps_dprint(sc, MPS_XINFO, "Reset aborted %u commands\n",
592 le32toh(reply->TerminationCount));
593 mps_free_reply(sc, tm->cm_reply_data);
594 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */
596 /* Reuse the existing command */
597 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req;
598 memset(req, 0, sizeof(*req));
599 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL;
600 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE;
601 req->DevHandle = htole16(handle);
603 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
604 tm->cm_complete = mpssas_remove_complete;
605 tm->cm_complete_data = (void *)(uintptr_t)handle;
607 mps_map_command(sc, tm);
609 mps_dprint(sc, MPS_XINFO, "clearing target %u handle 0x%04x\n",
611 TAILQ_FOREACH_SAFE(tm, &targ->commands, cm_link, next_cm) {
614 mps_dprint(sc, MPS_XINFO, "Completing missed command %p\n", tm);
615 ccb = tm->cm_complete_data;
616 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
617 mpssas_scsiio_complete(sc, tm);
622 mpssas_remove_complete(struct mps_softc *sc, struct mps_command *tm)
624 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply;
626 struct mpssas_target *targ;
627 struct mpssas_lun *lun;
631 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply;
632 handle = (uint16_t)(uintptr_t)tm->cm_complete_data;
635 * Currently there should be no way we can hit this case. It only
636 * happens when we have a failure to allocate chain frames, and
637 * task management commands don't have S/G lists.
639 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
640 mps_dprint(sc, MPS_XINFO,
641 "%s: cm_flags = %#x for remove of handle %#04x! "
642 "This should not happen!\n", __func__, tm->cm_flags,
644 mpssas_free_tm(sc, tm);
649 /* most likely a chip reset */
650 mps_dprint(sc, MPS_FAULT,
651 "%s NULL reply removing device 0x%04x\n", __func__, handle);
652 mpssas_free_tm(sc, tm);
656 mps_dprint(sc, MPS_XINFO,
657 "%s on handle 0x%04x, IOCStatus= 0x%x\n", __func__,
658 handle, le16toh(reply->IOCStatus));
661 * Don't clear target if remove fails because things will get confusing.
662 * Leave the devname and sasaddr intact so that we know to avoid reusing
663 * this target id if possible, and so we can assign the same target id
664 * to this device if it comes back in the future.
666 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
667 MPI2_IOCSTATUS_SUCCESS) {
670 targ->encl_handle = 0x0;
671 targ->encl_slot = 0x0;
672 targ->exp_dev_handle = 0x0;
674 targ->linkrate = 0x0;
678 while(!SLIST_EMPTY(&targ->luns)) {
679 lun = SLIST_FIRST(&targ->luns);
680 SLIST_REMOVE_HEAD(&targ->luns, lun_link);
686 mpssas_free_tm(sc, tm);
690 mpssas_register_events(struct mps_softc *sc)
692 u32 events[MPI2_EVENT_NOTIFY_EVENTMASK_WORDS];
695 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE);
696 setbit(events, MPI2_EVENT_SAS_DISCOVERY);
697 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE);
698 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE);
699 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW);
700 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST);
701 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE);
702 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST);
703 setbit(events, MPI2_EVENT_IR_VOLUME);
704 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK);
705 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS);
706 setbit(events, MPI2_EVENT_LOG_ENTRY_ADDED);
708 mps_register_events(sc, events, mpssas_evt_handler, NULL,
709 &sc->sassc->mpssas_eh);
715 mps_attach_sas(struct mps_softc *sc)
717 struct mpssas_softc *sassc;
722 mps_dprint(sc, MPS_INIT, "%s entered\n", __func__);
724 sassc = malloc(sizeof(struct mpssas_softc), M_MPT2, M_WAITOK|M_ZERO);
726 mps_dprint(sc, MPS_INIT|MPS_ERROR,
727 "Cannot allocate SAS controller memory\n");
732 * XXX MaxTargets could change during a reinit. Since we don't
733 * resize the targets[] array during such an event, cache the value
734 * of MaxTargets here so that we don't get into trouble later. This
735 * should move into the reinit logic.
737 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes;
738 sassc->targets = malloc(sizeof(struct mpssas_target) *
739 sassc->maxtargets, M_MPT2, M_WAITOK|M_ZERO);
740 if(!sassc->targets) {
741 mps_dprint(sc, MPS_INIT|MPS_ERROR,
742 "Cannot allocate SAS target memory\n");
749 if ((sassc->devq = cam_simq_alloc(sc->num_reqs)) == NULL) {
750 mps_dprint(sc, MPS_ERROR, "Cannot allocate SIMQ\n");
755 unit = device_get_unit(sc->mps_dev);
756 sassc->sim = cam_sim_alloc(mpssas_action, mpssas_poll, "mps", sassc,
757 unit, &sc->mps_mtx, sc->num_reqs, sc->num_reqs, sassc->devq);
758 if (sassc->sim == NULL) {
759 mps_dprint(sc, MPS_INIT|MPS_ERROR, "Cannot allocate SIM\n");
764 TAILQ_INIT(&sassc->ev_queue);
766 /* Initialize taskqueue for Event Handling */
767 TASK_INIT(&sassc->ev_task, 0, mpssas_firmware_event_work, sc);
768 sassc->ev_tq = taskqueue_create("mps_taskq", M_NOWAIT | M_ZERO,
769 taskqueue_thread_enqueue, &sassc->ev_tq);
770 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq",
771 device_get_nameunit(sc->mps_dev));
776 * XXX There should be a bus for every port on the adapter, but since
777 * we're just going to fake the topology for now, we'll pretend that
778 * everything is just a target on a single bus.
780 if ((error = xpt_bus_register(sassc->sim, sc->mps_dev, 0)) != 0) {
781 mps_dprint(sc, MPS_INIT|MPS_ERROR,
782 "Error %d registering SCSI bus\n", error);
788 * Assume that discovery events will start right away.
790 * Hold off boot until discovery is complete.
792 sassc->flags |= MPSSAS_IN_STARTUP | MPSSAS_IN_DISCOVERY;
793 sc->sassc->startup_refcount = 0;
794 mpssas_startup_increment(sassc);
796 callout_init(&sassc->discovery_callout, 1 /*mpsafe*/);
799 * Register for async events so we can determine the EEDP
800 * capabilities of devices.
802 status = xpt_create_path(&sassc->path, /*periph*/NULL,
803 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD,
805 if (status != CAM_REQ_CMP) {
806 mps_dprint(sc, MPS_ERROR|MPS_INIT,
807 "Error %#x creating sim path\n", status);
812 #if (__FreeBSD_version >= 1000006) || \
813 ((__FreeBSD_version >= 901503) && (__FreeBSD_version < 1000000))
814 event = AC_ADVINFO_CHANGED;
816 event = AC_FOUND_DEVICE;
818 status = xpt_register_async(event, mpssas_async, sc,
820 if (status != CAM_REQ_CMP) {
821 mps_dprint(sc, MPS_ERROR,
822 "Error %#x registering async handler for "
823 "AC_ADVINFO_CHANGED events\n", status);
824 xpt_free_path(sassc->path);
828 if (status != CAM_REQ_CMP) {
830 * EEDP use is the exception, not the rule.
831 * Warn the user, but do not fail to attach.
833 mps_printf(sc, "EEDP capabilities disabled.\n");
838 mpssas_register_events(sc);
843 mps_dprint(sc, MPS_INIT, "%s exit error= %d\n", __func__, error);
848 mps_detach_sas(struct mps_softc *sc)
850 struct mpssas_softc *sassc;
851 struct mpssas_lun *lun, *lun_tmp;
852 struct mpssas_target *targ;
857 if (sc->sassc == NULL)
861 mps_deregister_events(sc, sassc->mpssas_eh);
864 * Drain and free the event handling taskqueue with the lock
865 * unheld so that any parallel processing tasks drain properly
866 * without deadlocking.
868 if (sassc->ev_tq != NULL)
869 taskqueue_free(sassc->ev_tq);
871 /* Make sure CAM doesn't wedge if we had to bail out early. */
874 while (sassc->startup_refcount != 0)
875 mpssas_startup_decrement(sassc);
877 /* Deregister our async handler */
878 if (sassc->path != NULL) {
879 xpt_register_async(0, mpssas_async, sc, sassc->path);
880 xpt_free_path(sassc->path);
884 if (sassc->flags & MPSSAS_IN_STARTUP)
885 xpt_release_simq(sassc->sim, 1);
887 if (sassc->sim != NULL) {
888 xpt_bus_deregister(cam_sim_path(sassc->sim));
889 cam_sim_free(sassc->sim, FALSE);
894 if (sassc->devq != NULL)
895 cam_simq_free(sassc->devq);
897 for(i=0; i< sassc->maxtargets ;i++) {
898 targ = &sassc->targets[i];
899 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
903 free(sassc->targets, M_MPT2);
911 mpssas_discovery_end(struct mpssas_softc *sassc)
913 struct mps_softc *sc = sassc->sc;
917 if (sassc->flags & MPSSAS_DISCOVERY_TIMEOUT_PENDING)
918 callout_stop(&sassc->discovery_callout);
921 * After discovery has completed, check the mapping table for any
922 * missing devices and update their missing counts. Only do this once
923 * whenever the driver is initialized so that missing counts aren't
924 * updated unnecessarily. Note that just because discovery has
925 * completed doesn't mean that events have been processed yet. The
926 * check_devices function is a callout timer that checks if ALL devices
927 * are missing. If so, it will wait a little longer for events to
928 * complete and keep resetting itself until some device in the mapping
929 * table is not missing, meaning that event processing has started.
931 if (sc->track_mapping_events) {
932 mps_dprint(sc, MPS_XINFO | MPS_MAPPING, "Discovery has "
933 "completed. Check for missing devices in the mapping "
935 callout_reset(&sc->device_check_callout,
936 MPS_MISSING_CHECK_DELAY * hz, mps_mapping_check_devices,
942 mpssas_action(struct cam_sim *sim, union ccb *ccb)
944 struct mpssas_softc *sassc;
946 sassc = cam_sim_softc(sim);
948 MPS_FUNCTRACE(sassc->sc);
949 mps_dprint(sassc->sc, MPS_TRACE, "ccb func_code 0x%x\n",
950 ccb->ccb_h.func_code);
951 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED);
953 switch (ccb->ccb_h.func_code) {
956 struct ccb_pathinq *cpi = &ccb->cpi;
957 struct mps_softc *sc = sassc->sc;
958 uint8_t sges_per_frame;
960 cpi->version_num = 1;
961 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
962 cpi->target_sprt = 0;
963 #if __FreeBSD_version >= 1000039
964 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN;
966 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED;
968 cpi->hba_eng_cnt = 0;
969 cpi->max_target = sassc->maxtargets - 1;
973 * initiator_id is set here to an ID outside the set of valid
974 * target IDs (including volumes).
976 cpi->initiator_id = sassc->maxtargets;
977 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
978 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN);
979 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
980 cpi->unit_number = cam_sim_unit(sim);
981 cpi->bus_id = cam_sim_bus(sim);
982 cpi->base_transfer_speed = 150000;
983 cpi->transport = XPORT_SAS;
984 cpi->transport_version = 0;
985 cpi->protocol = PROTO_SCSI;
986 cpi->protocol_version = SCSI_REV_SPC;
989 * Max IO Size is Page Size * the following:
990 * ((SGEs per frame - 1 for chain element) *
991 * Max Chain Depth) + 1 for no chain needed in last frame
993 * If user suggests a Max IO size to use, use the smaller of the
994 * user's value and the calculated value as long as the user's
995 * value is larger than 0. The user's value is in pages.
997 sges_per_frame = ((sc->facts->IOCRequestFrameSize * 4) /
998 sizeof(MPI2_SGE_SIMPLE64)) - 1;
999 cpi->maxio = (sges_per_frame * sc->facts->MaxChainDepth) + 1;
1000 cpi->maxio *= PAGE_SIZE;
1001 if ((sc->max_io_pages > 0) && (sc->max_io_pages * PAGE_SIZE <
1003 cpi->maxio = sc->max_io_pages * PAGE_SIZE;
1004 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1007 case XPT_GET_TRAN_SETTINGS:
1009 struct ccb_trans_settings *cts;
1010 struct ccb_trans_settings_sas *sas;
1011 struct ccb_trans_settings_scsi *scsi;
1012 struct mpssas_target *targ;
1015 sas = &cts->xport_specific.sas;
1016 scsi = &cts->proto_specific.scsi;
1018 KASSERT(cts->ccb_h.target_id < sassc->maxtargets,
1019 ("Target %d out of bounds in XPT_GET_TRANS_SETTINGS\n",
1020 cts->ccb_h.target_id));
1021 targ = &sassc->targets[cts->ccb_h.target_id];
1022 if (targ->handle == 0x0) {
1023 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1027 cts->protocol_version = SCSI_REV_SPC2;
1028 cts->transport = XPORT_SAS;
1029 cts->transport_version = 0;
1031 sas->valid = CTS_SAS_VALID_SPEED;
1032 switch (targ->linkrate) {
1034 sas->bitrate = 150000;
1037 sas->bitrate = 300000;
1040 sas->bitrate = 600000;
1046 cts->protocol = PROTO_SCSI;
1047 scsi->valid = CTS_SCSI_VALID_TQ;
1048 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
1050 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1053 case XPT_CALC_GEOMETRY:
1054 cam_calc_geometry(&ccb->ccg, /*extended*/1);
1055 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1058 mps_dprint(sassc->sc, MPS_XINFO, "mpssas_action XPT_RESET_DEV\n");
1059 mpssas_action_resetdev(sassc, ccb);
1064 mps_dprint(sassc->sc, MPS_XINFO,
1065 "mpssas_action faking success for abort or reset\n");
1066 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1069 mpssas_action_scsiio(sassc, ccb);
1071 #if __FreeBSD_version >= 900026
1073 mpssas_action_smpio(sassc, ccb);
1077 mpssas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL);
1085 mpssas_announce_reset(struct mps_softc *sc, uint32_t ac_code,
1086 target_id_t target_id, lun_id_t lun_id)
1088 path_id_t path_id = cam_sim_path(sc->sassc->sim);
1089 struct cam_path *path;
1091 mps_dprint(sc, MPS_XINFO, "%s code %x target %d lun %jx\n", __func__,
1092 ac_code, target_id, (uintmax_t)lun_id);
1094 if (xpt_create_path(&path, NULL,
1095 path_id, target_id, lun_id) != CAM_REQ_CMP) {
1096 mps_dprint(sc, MPS_ERROR, "unable to create path for reset "
1101 xpt_async(ac_code, path, NULL);
1102 xpt_free_path(path);
1106 mpssas_complete_all_commands(struct mps_softc *sc)
1108 struct mps_command *cm;
1113 mtx_assert(&sc->mps_mtx, MA_OWNED);
1115 /* complete all commands with a NULL reply */
1116 for (i = 1; i < sc->num_reqs; i++) {
1117 cm = &sc->commands[i];
1118 cm->cm_reply = NULL;
1121 if (cm->cm_flags & MPS_CM_FLAGS_POLLED)
1122 cm->cm_flags |= MPS_CM_FLAGS_COMPLETE;
1124 if (cm->cm_complete != NULL) {
1125 mpssas_log_command(cm, MPS_RECOVERY,
1126 "completing cm %p state %x ccb %p for diag reset\n",
1127 cm, cm->cm_state, cm->cm_ccb);
1129 cm->cm_complete(sc, cm);
1133 if (cm->cm_flags & MPS_CM_FLAGS_WAKEUP) {
1134 mpssas_log_command(cm, MPS_RECOVERY,
1135 "waking up cm %p state %x ccb %p for diag reset\n",
1136 cm, cm->cm_state, cm->cm_ccb);
1141 if (cm->cm_sc->io_cmds_active != 0)
1142 cm->cm_sc->io_cmds_active--;
1144 if ((completed == 0) && (cm->cm_state != MPS_CM_STATE_FREE)) {
1145 /* this should never happen, but if it does, log */
1146 mpssas_log_command(cm, MPS_RECOVERY,
1147 "cm %p state %x flags 0x%x ccb %p during diag "
1148 "reset\n", cm, cm->cm_state, cm->cm_flags,
1155 mpssas_handle_reinit(struct mps_softc *sc)
1159 /* Go back into startup mode and freeze the simq, so that CAM
1160 * doesn't send any commands until after we've rediscovered all
1161 * targets and found the proper device handles for them.
1163 * After the reset, portenable will trigger discovery, and after all
1164 * discovery-related activities have finished, the simq will be
1167 mps_dprint(sc, MPS_INIT, "%s startup\n", __func__);
1168 sc->sassc->flags |= MPSSAS_IN_STARTUP;
1169 sc->sassc->flags |= MPSSAS_IN_DISCOVERY;
1170 mpssas_startup_increment(sc->sassc);
1172 /* notify CAM of a bus reset */
1173 mpssas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD,
1176 /* complete and cleanup after all outstanding commands */
1177 mpssas_complete_all_commands(sc);
1179 mps_dprint(sc, MPS_INIT,
1180 "%s startup %u after command completion\n", __func__,
1181 sc->sassc->startup_refcount);
1183 /* zero all the target handles, since they may change after the
1184 * reset, and we have to rediscover all the targets and use the new
1187 for (i = 0; i < sc->sassc->maxtargets; i++) {
1188 if (sc->sassc->targets[i].outstanding != 0)
1189 mps_dprint(sc, MPS_INIT, "target %u outstanding %u\n",
1190 i, sc->sassc->targets[i].outstanding);
1191 sc->sassc->targets[i].handle = 0x0;
1192 sc->sassc->targets[i].exp_dev_handle = 0x0;
1193 sc->sassc->targets[i].outstanding = 0;
1194 sc->sassc->targets[i].flags = MPSSAS_TARGET_INDIAGRESET;
1199 mpssas_tm_timeout(void *data)
1201 struct mps_command *tm = data;
1202 struct mps_softc *sc = tm->cm_sc;
1204 mtx_assert(&sc->mps_mtx, MA_OWNED);
1206 mpssas_log_command(tm, MPS_INFO|MPS_RECOVERY,
1207 "task mgmt %p timed out\n", tm);
1212 mpssas_logical_unit_reset_complete(struct mps_softc *sc, struct mps_command *tm)
1214 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1215 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1216 unsigned int cm_count = 0;
1217 struct mps_command *cm;
1218 struct mpssas_target *targ;
1220 callout_stop(&tm->cm_callout);
1222 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1223 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1227 * Currently there should be no way we can hit this case. It only
1228 * happens when we have a failure to allocate chain frames, and
1229 * task management commands don't have S/G lists.
1230 * XXXSL So should it be an assertion?
1232 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1233 mps_dprint(sc, MPS_RECOVERY|MPS_ERROR,
1234 "%s: cm_flags = %#x for LUN reset! "
1235 "This should not happen!\n", __func__, tm->cm_flags);
1236 mpssas_free_tm(sc, tm);
1240 if (reply == NULL) {
1241 mps_dprint(sc, MPS_RECOVERY, "NULL reset reply for tm %p\n",
1243 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1244 /* this completion was due to a reset, just cleanup */
1245 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing "
1246 "reset, ignoring NULL LUN reset reply\n");
1248 mpssas_free_tm(sc, tm);
1251 /* we should have gotten a reply. */
1252 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on "
1253 "LUN reset attempt, resetting controller\n");
1259 mps_dprint(sc, MPS_RECOVERY,
1260 "logical unit reset status 0x%x code 0x%x count %u\n",
1261 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1262 le32toh(reply->TerminationCount));
1265 * See if there are any outstanding commands for this LUN.
1266 * This could be made more efficient by using a per-LU data
1267 * structure of some sort.
1269 TAILQ_FOREACH(cm, &targ->commands, cm_link) {
1270 if (cm->cm_lun == tm->cm_lun)
1274 if (cm_count == 0) {
1275 mps_dprint(sc, MPS_RECOVERY|MPS_INFO,
1276 "Finished recovery after LUN reset for target %u\n",
1279 mpssas_announce_reset(sc, AC_SENT_BDR, targ->tid, tm->cm_lun);
1282 * We've finished recovery for this logical unit. check and
1283 * see if some other logical unit has a timedout command
1284 * that needs to be processed.
1286 cm = TAILQ_FIRST(&targ->timedout_commands);
1288 mps_dprint(sc, MPS_INFO|MPS_RECOVERY,
1289 "More commands to abort for target %u\n",
1291 mpssas_send_abort(sc, tm, cm);
1294 mpssas_free_tm(sc, tm);
1298 * If we still have commands for this LUN, the reset
1299 * effectively failed, regardless of the status reported.
1300 * Escalate to a target reset.
1302 mps_dprint(sc, MPS_INFO|MPS_RECOVERY,
1303 "logical unit reset complete for target %u, but still "
1304 "have %u command(s), sending target reset\n", targ->tid,
1306 mpssas_send_reset(sc, tm,
1307 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET);
1312 mpssas_target_reset_complete(struct mps_softc *sc, struct mps_command *tm)
1314 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1315 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1316 struct mpssas_target *targ;
1318 callout_stop(&tm->cm_callout);
1320 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1321 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1325 * Currently there should be no way we can hit this case. It only
1326 * happens when we have a failure to allocate chain frames, and
1327 * task management commands don't have S/G lists.
1329 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1330 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x for target reset! "
1331 "This should not happen!\n", __func__, tm->cm_flags);
1332 mpssas_free_tm(sc, tm);
1336 if (reply == NULL) {
1337 mps_dprint(sc, MPS_RECOVERY,
1338 "NULL target reset reply for tm %pi TaskMID %u\n",
1339 tm, le16toh(req->TaskMID));
1340 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1341 /* this completion was due to a reset, just cleanup */
1342 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing "
1343 "reset, ignoring NULL target reset reply\n");
1345 mpssas_free_tm(sc, tm);
1347 /* we should have gotten a reply. */
1348 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on "
1349 "target reset attempt, resetting controller\n");
1355 mps_dprint(sc, MPS_RECOVERY,
1356 "target reset status 0x%x code 0x%x count %u\n",
1357 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1358 le32toh(reply->TerminationCount));
1360 if (targ->outstanding == 0) {
1361 /* we've finished recovery for this target and all
1362 * of its logical units.
1364 mps_dprint(sc, MPS_RECOVERY|MPS_INFO,
1365 "Finished reset recovery for target %u\n", targ->tid);
1367 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
1371 mpssas_free_tm(sc, tm);
1374 * After a target reset, if this target still has
1375 * outstanding commands, the reset effectively failed,
1376 * regardless of the status reported. escalate.
1378 mps_dprint(sc, MPS_INFO|MPS_RECOVERY,
1379 "Target reset complete for target %u, but still have %u "
1380 "command(s), resetting controller\n", targ->tid,
1386 #define MPS_RESET_TIMEOUT 30
1389 mpssas_send_reset(struct mps_softc *sc, struct mps_command *tm, uint8_t type)
1391 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1392 struct mpssas_target *target;
1395 target = tm->cm_targ;
1396 if (target->handle == 0) {
1397 mps_dprint(sc, MPS_ERROR,"%s null devhandle for target_id %d\n",
1398 __func__, target->tid);
1402 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1403 req->DevHandle = htole16(target->handle);
1404 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
1405 req->TaskType = type;
1407 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) {
1408 /* XXX Need to handle invalid LUNs */
1409 MPS_SET_LUN(req->LUN, tm->cm_lun);
1410 tm->cm_targ->logical_unit_resets++;
1411 mps_dprint(sc, MPS_RECOVERY|MPS_INFO,
1412 "Sending logical unit reset to target %u lun %d\n",
1413 target->tid, tm->cm_lun);
1414 tm->cm_complete = mpssas_logical_unit_reset_complete;
1415 mpssas_prepare_for_tm(sc, tm, target, tm->cm_lun);
1416 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) {
1418 * Target reset method =
1419 * SAS Hard Link Reset / SATA Link Reset
1421 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
1422 tm->cm_targ->target_resets++;
1423 mps_dprint(sc, MPS_RECOVERY|MPS_INFO,
1424 "Sending target reset to target %u\n", target->tid);
1425 tm->cm_complete = mpssas_target_reset_complete;
1426 mpssas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD);
1428 mps_dprint(sc, MPS_ERROR, "unexpected reset type 0x%x\n", type);
1433 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
1434 tm->cm_complete_data = (void *)tm;
1436 callout_reset(&tm->cm_callout, MPS_RESET_TIMEOUT * hz,
1437 mpssas_tm_timeout, tm);
1439 err = mps_map_command(sc, tm);
1441 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY,
1442 "error %d sending reset type %u\n",
1450 mpssas_abort_complete(struct mps_softc *sc, struct mps_command *tm)
1452 struct mps_command *cm;
1453 MPI2_SCSI_TASK_MANAGE_REPLY *reply;
1454 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1455 struct mpssas_target *targ;
1457 callout_stop(&tm->cm_callout);
1459 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1460 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
1464 * Currently there should be no way we can hit this case. It only
1465 * happens when we have a failure to allocate chain frames, and
1466 * task management commands don't have S/G lists.
1468 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
1469 mps_dprint(sc, MPS_RECOVERY,
1470 "cm_flags = %#x for abort %p TaskMID %u!\n",
1471 tm->cm_flags, tm, le16toh(req->TaskMID));
1472 mpssas_free_tm(sc, tm);
1476 if (reply == NULL) {
1477 mps_dprint(sc, MPS_RECOVERY,
1478 "NULL abort reply for tm %p TaskMID %u\n",
1479 tm, le16toh(req->TaskMID));
1480 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
1481 /* this completion was due to a reset, just cleanup */
1482 mps_dprint(sc, MPS_RECOVERY, "Hardware undergoing "
1483 "reset, ignoring NULL abort reply\n");
1485 mpssas_free_tm(sc, tm);
1487 /* we should have gotten a reply. */
1488 mps_dprint(sc, MPS_INFO|MPS_RECOVERY, "NULL reply on "
1489 "abort attempt, resetting controller\n");
1495 mps_dprint(sc, MPS_RECOVERY,
1496 "abort TaskMID %u status 0x%x code 0x%x count %u\n",
1497 le16toh(req->TaskMID),
1498 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode),
1499 le32toh(reply->TerminationCount));
1501 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands);
1504 * If there are no more timedout commands, we're done with
1505 * error recovery for this target.
1507 mps_dprint(sc, MPS_INFO|MPS_RECOVERY,
1508 "Finished abort recovery for target %u\n", targ->tid);
1511 mpssas_free_tm(sc, tm);
1512 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) {
1513 /* abort success, but we have more timedout commands to abort */
1514 mps_dprint(sc, MPS_INFO|MPS_RECOVERY,
1515 "Continuing abort recovery for target %u\n", targ->tid);
1517 mpssas_send_abort(sc, tm, cm);
1519 /* we didn't get a command completion, so the abort
1520 * failed as far as we're concerned. escalate.
1522 mps_dprint(sc, MPS_RECOVERY,
1523 "Abort failed for target %u, sending logical unit reset\n",
1526 mpssas_send_reset(sc, tm,
1527 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET);
1531 #define MPS_ABORT_TIMEOUT 5
1534 mpssas_send_abort(struct mps_softc *sc, struct mps_command *tm, struct mps_command *cm)
1536 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
1537 struct mpssas_target *targ;
1541 if (targ->handle == 0) {
1542 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY,
1543 "%s null devhandle for target_id %d\n",
1544 __func__, cm->cm_ccb->ccb_h.target_id);
1548 mpssas_log_command(cm, MPS_RECOVERY|MPS_INFO,
1549 "Aborting command %p\n", cm);
1551 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
1552 req->DevHandle = htole16(targ->handle);
1553 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
1554 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK;
1556 /* XXX Need to handle invalid LUNs */
1557 MPS_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun);
1559 req->TaskMID = htole16(cm->cm_desc.Default.SMID);
1562 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
1563 tm->cm_complete = mpssas_abort_complete;
1564 tm->cm_complete_data = (void *)tm;
1565 tm->cm_targ = cm->cm_targ;
1566 tm->cm_lun = cm->cm_lun;
1568 callout_reset(&tm->cm_callout, MPS_ABORT_TIMEOUT * hz,
1569 mpssas_tm_timeout, tm);
1573 mpssas_prepare_for_tm(sc, tm, targ, tm->cm_lun);
1575 err = mps_map_command(sc, tm);
1577 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY,
1578 "error %d sending abort for cm %p SMID %u\n",
1579 err, cm, req->TaskMID);
1584 mpssas_scsiio_timeout(void *data)
1586 sbintime_t elapsed, now;
1588 struct mps_softc *sc;
1589 struct mps_command *cm;
1590 struct mpssas_target *targ;
1592 cm = (struct mps_command *)data;
1598 mtx_assert(&sc->mps_mtx, MA_OWNED);
1600 mps_dprint(sc, MPS_XINFO|MPS_RECOVERY, "Timeout checking cm %p\n", sc);
1603 * Run the interrupt handler to make sure it's not pending. This
1604 * isn't perfect because the command could have already completed
1605 * and been re-used, though this is unlikely.
1607 mps_intr_locked(sc);
1608 if (cm->cm_state == MPS_CM_STATE_FREE) {
1609 mpssas_log_command(cm, MPS_XINFO,
1610 "SCSI command %p almost timed out\n", cm);
1614 if (cm->cm_ccb == NULL) {
1615 mps_dprint(sc, MPS_ERROR, "command timeout with NULL ccb\n");
1622 elapsed = now - ccb->ccb_h.qos.sim_data;
1623 mpssas_log_command(cm, MPS_INFO|MPS_RECOVERY,
1624 "Command timeout on target %u(0x%04x) %d set, %d.%d elapsed\n",
1625 targ->tid, targ->handle, ccb->ccb_h.timeout,
1626 sbintime_getsec(elapsed), elapsed & 0xffffffff);
1628 /* XXX first, check the firmware state, to see if it's still
1629 * operational. if not, do a diag reset.
1631 mpssas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT);
1632 cm->cm_state = MPS_CM_STATE_TIMEDOUT;
1633 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery);
1635 if (targ->tm != NULL) {
1636 /* target already in recovery, just queue up another
1637 * timedout command to be processed later.
1639 mps_dprint(sc, MPS_RECOVERY,
1640 "queued timedout cm %p for processing by tm %p\n",
1642 } else if ((targ->tm = mpssas_alloc_tm(sc)) != NULL) {
1643 mps_dprint(sc, MPS_RECOVERY|MPS_INFO,
1644 "Sending abort to target %u for SMID %d\n", targ->tid,
1645 cm->cm_desc.Default.SMID);
1646 mps_dprint(sc, MPS_RECOVERY, "timedout cm %p allocated tm %p\n",
1649 /* start recovery by aborting the first timedout command */
1650 mpssas_send_abort(sc, targ->tm, cm);
1652 /* XXX queue this target up for recovery once a TM becomes
1653 * available. The firmware only has a limited number of
1654 * HighPriority credits for the high priority requests used
1655 * for task management, and we ran out.
1657 * Isilon: don't worry about this for now, since we have
1658 * more credits than disks in an enclosure, and limit
1659 * ourselves to one TM per target for recovery.
1661 mps_dprint(sc, MPS_ERROR|MPS_RECOVERY,
1662 "timedout cm %p failed to allocate a tm\n", cm);
1668 mpssas_action_scsiio(struct mpssas_softc *sassc, union ccb *ccb)
1670 MPI2_SCSI_IO_REQUEST *req;
1671 struct ccb_scsiio *csio;
1672 struct mps_softc *sc;
1673 struct mpssas_target *targ;
1674 struct mpssas_lun *lun;
1675 struct mps_command *cm;
1676 uint8_t i, lba_byte, *ref_tag_addr;
1677 uint16_t eedp_flags;
1678 uint32_t mpi_control;
1682 mtx_assert(&sc->mps_mtx, MA_OWNED);
1685 KASSERT(csio->ccb_h.target_id < sassc->maxtargets,
1686 ("Target %d out of bounds in XPT_SCSI_IO\n",
1687 csio->ccb_h.target_id));
1688 targ = &sassc->targets[csio->ccb_h.target_id];
1689 mps_dprint(sc, MPS_TRACE, "ccb %p target flag %x\n", ccb, targ->flags);
1690 if (targ->handle == 0x0) {
1691 mps_dprint(sc, MPS_ERROR, "%s NULL handle for target %u\n",
1692 __func__, csio->ccb_h.target_id);
1693 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1697 if (targ->flags & MPS_TARGET_FLAGS_RAID_COMPONENT) {
1698 mps_dprint(sc, MPS_ERROR, "%s Raid component no SCSI IO "
1699 "supported %u\n", __func__, csio->ccb_h.target_id);
1700 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1705 * Sometimes, it is possible to get a command that is not "In
1706 * Progress" and was actually aborted by the upper layer. Check for
1707 * this here and complete the command without error.
1709 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_INPROG) {
1710 mps_dprint(sc, MPS_TRACE, "%s Command is not in progress for "
1711 "target %u\n", __func__, csio->ccb_h.target_id);
1716 * If devinfo is 0 this will be a volume. In that case don't tell CAM
1717 * that the volume has timed out. We want volumes to be enumerated
1718 * until they are deleted/removed, not just failed.
1720 if (targ->flags & MPSSAS_TARGET_INREMOVAL) {
1721 if (targ->devinfo == 0)
1722 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
1724 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT);
1729 if ((sc->mps_flags & MPS_FLAGS_SHUTDOWN) != 0) {
1730 mps_dprint(sc, MPS_INFO, "%s shutting down\n", __func__);
1731 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
1737 * If target has a reset in progress, freeze the devq and return. The
1738 * devq will be released when the TM reset is finished.
1740 if (targ->flags & MPSSAS_TARGET_INRESET) {
1741 ccb->ccb_h.status = CAM_BUSY | CAM_DEV_QFRZN;
1742 mps_dprint(sc, MPS_INFO, "%s: Freezing devq for target ID %d\n",
1743 __func__, targ->tid);
1744 xpt_freeze_devq(ccb->ccb_h.path, 1);
1749 cm = mps_alloc_command(sc);
1750 if (cm == NULL || (sc->mps_flags & MPS_FLAGS_DIAGRESET)) {
1752 mps_free_command(sc, cm);
1754 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) {
1755 xpt_freeze_simq(sassc->sim, 1);
1756 sassc->flags |= MPSSAS_QUEUE_FROZEN;
1758 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1759 ccb->ccb_h.status |= CAM_REQUEUE_REQ;
1764 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req;
1765 bzero(req, sizeof(*req));
1766 req->DevHandle = htole16(targ->handle);
1767 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST;
1769 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr);
1770 req->SenseBufferLength = MPS_SENSE_LEN;
1772 req->ChainOffset = 0;
1773 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */
1778 req->DataLength = htole32(csio->dxfer_len);
1779 req->BidirectionalDataLength = 0;
1780 req->IoFlags = htole16(csio->cdb_len);
1783 /* Note: BiDirectional transfers are not supported */
1784 switch (csio->ccb_h.flags & CAM_DIR_MASK) {
1786 mpi_control = MPI2_SCSIIO_CONTROL_READ;
1787 cm->cm_flags |= MPS_CM_FLAGS_DATAIN;
1790 mpi_control = MPI2_SCSIIO_CONTROL_WRITE;
1791 cm->cm_flags |= MPS_CM_FLAGS_DATAOUT;
1795 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER;
1799 if (csio->cdb_len == 32)
1800 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT;
1802 * It looks like the hardware doesn't require an explicit tag
1803 * number for each transaction. SAM Task Management not supported
1806 switch (csio->tag_action) {
1807 case MSG_HEAD_OF_Q_TAG:
1808 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ;
1810 case MSG_ORDERED_Q_TAG:
1811 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ;
1814 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ;
1816 case CAM_TAG_ACTION_NONE:
1817 case MSG_SIMPLE_Q_TAG:
1819 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ;
1822 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits;
1823 req->Control = htole32(mpi_control);
1824 if (MPS_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) {
1825 mps_free_command(sc, cm);
1826 mpssas_set_ccbstatus(ccb, CAM_LUN_INVALID);
1831 if (csio->ccb_h.flags & CAM_CDB_POINTER)
1832 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len);
1834 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len);
1835 req->IoFlags = htole16(csio->cdb_len);
1838 * Check if EEDP is supported and enabled. If it is then check if the
1839 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and
1840 * is formatted for EEDP support. If all of this is true, set CDB up
1841 * for EEDP transfer.
1843 eedp_flags = op_code_prot[req->CDB.CDB32[0]];
1844 if (sc->eedp_enabled && eedp_flags) {
1845 SLIST_FOREACH(lun, &targ->luns, lun_link) {
1846 if (lun->lun_id == csio->ccb_h.target_lun) {
1851 if ((lun != NULL) && (lun->eedp_formatted)) {
1852 req->EEDPBlockSize = htole16(lun->eedp_block_size);
1853 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG |
1854 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG |
1855 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD);
1856 req->EEDPFlags = htole16(eedp_flags);
1859 * If CDB less than 32, fill in Primary Ref Tag with
1860 * low 4 bytes of LBA. If CDB is 32, tag stuff is
1861 * already there. Also, set protection bit. FreeBSD
1862 * currently does not support CDBs bigger than 16, but
1863 * the code doesn't hurt, and will be here for the
1866 if (csio->cdb_len != 32) {
1867 lba_byte = (csio->cdb_len == 16) ? 6 : 2;
1868 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32.
1869 PrimaryReferenceTag;
1870 for (i = 0; i < 4; i++) {
1872 req->CDB.CDB32[lba_byte + i];
1875 req->CDB.EEDP32.PrimaryReferenceTag =
1876 htole32(req->CDB.EEDP32.PrimaryReferenceTag);
1877 req->CDB.EEDP32.PrimaryApplicationTagMask =
1879 req->CDB.CDB32[1] = (req->CDB.CDB32[1] & 0x1F) |
1883 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG;
1884 req->EEDPFlags = htole16(eedp_flags);
1885 req->CDB.CDB32[10] = (req->CDB.CDB32[10] &
1891 cm->cm_length = csio->dxfer_len;
1892 if (cm->cm_length != 0) {
1894 cm->cm_flags |= MPS_CM_FLAGS_USE_CCB;
1898 cm->cm_sge = &req->SGL;
1899 cm->cm_sglsize = (32 - 24) * 4;
1900 cm->cm_desc.SCSIIO.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO;
1901 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle);
1902 cm->cm_complete = mpssas_scsiio_complete;
1903 cm->cm_complete_data = ccb;
1905 cm->cm_lun = csio->ccb_h.target_lun;
1909 * If HBA is a WD and the command is not for a retry, try to build a
1910 * direct I/O message. If failed, or the command is for a retry, send
1911 * the I/O to the IR volume itself.
1913 if (sc->WD_valid_config) {
1914 if (ccb->ccb_h.sim_priv.entries[0].field == MPS_WD_RETRY) {
1915 mpssas_direct_drive_io(sassc, cm, ccb);
1917 mpssas_set_ccbstatus(ccb, CAM_REQ_INPROG);
1921 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING)
1922 if (csio->bio != NULL)
1923 biotrack(csio->bio, __func__);
1925 csio->ccb_h.qos.sim_data = sbinuptime();
1926 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0,
1927 mpssas_scsiio_timeout, cm, 0);
1930 targ->outstanding++;
1931 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link);
1932 ccb->ccb_h.status |= CAM_SIM_QUEUED;
1934 mpssas_log_command(cm, MPS_XINFO, "%s cm %p ccb %p outstanding %u\n",
1935 __func__, cm, ccb, targ->outstanding);
1937 mps_map_command(sc, cm);
1942 * mps_sc_failed_io_info - translated non-succesfull SCSI_IO request
1945 mps_sc_failed_io_info(struct mps_softc *sc, struct ccb_scsiio *csio,
1946 Mpi2SCSIIOReply_t *mpi_reply)
1950 u16 ioc_status = le16toh(mpi_reply->IOCStatus) &
1951 MPI2_IOCSTATUS_MASK;
1952 u8 scsi_state = mpi_reply->SCSIState;
1953 u8 scsi_status = mpi_reply->SCSIStatus;
1954 u32 log_info = le32toh(mpi_reply->IOCLogInfo);
1955 const char *desc_ioc_state, *desc_scsi_status;
1957 if (log_info == 0x31170000)
1960 desc_ioc_state = mps_describe_table(mps_iocstatus_string,
1962 desc_scsi_status = mps_describe_table(mps_scsi_status_string,
1965 mps_dprint(sc, MPS_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n",
1966 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status);
1969 *We can add more detail about underflow data here
1972 mps_dprint(sc, MPS_XINFO, "\tscsi_status(%s)(0x%02x), "
1973 "scsi_state %b\n", desc_scsi_status, scsi_status,
1974 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed"
1975 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid");
1977 if (sc->mps_debug & MPS_XINFO &&
1978 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
1979 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : Start :\n");
1980 scsi_sense_print(csio);
1981 mps_dprint(sc, MPS_XINFO, "-> Sense Buffer Data : End :\n");
1984 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) {
1985 response_info = le32toh(mpi_reply->ResponseInfo);
1986 response_bytes = (u8 *)&response_info;
1987 mps_dprint(sc, MPS_XINFO, "response code(0x%1x): %s\n",
1989 mps_describe_table(mps_scsi_taskmgmt_string,
1990 response_bytes[0]));
1995 mpssas_scsiio_complete(struct mps_softc *sc, struct mps_command *cm)
1997 MPI2_SCSI_IO_REPLY *rep;
1999 struct ccb_scsiio *csio;
2000 struct mpssas_softc *sassc;
2001 struct scsi_vpd_supported_page_list *vpd_list = NULL;
2002 u8 *TLR_bits, TLR_on;
2005 struct mpssas_target *target;
2006 target_id_t target_id;
2009 mps_dprint(sc, MPS_TRACE,
2010 "cm %p SMID %u ccb %p reply %p outstanding %u\n", cm,
2011 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply,
2012 cm->cm_targ->outstanding);
2014 callout_stop(&cm->cm_callout);
2015 mtx_assert(&sc->mps_mtx, MA_OWNED);
2018 ccb = cm->cm_complete_data;
2020 target_id = csio->ccb_h.target_id;
2021 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply;
2023 * XXX KDM if the chain allocation fails, does it matter if we do
2024 * the sync and unload here? It is simpler to do it in every case,
2025 * assuming it doesn't cause problems.
2027 if (cm->cm_data != NULL) {
2028 if (cm->cm_flags & MPS_CM_FLAGS_DATAIN)
2029 dir = BUS_DMASYNC_POSTREAD;
2030 else if (cm->cm_flags & MPS_CM_FLAGS_DATAOUT)
2031 dir = BUS_DMASYNC_POSTWRITE;
2032 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir);
2033 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2036 cm->cm_targ->completed++;
2037 cm->cm_targ->outstanding--;
2038 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link);
2039 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED);
2041 #if defined(BUF_TRACKING) || defined(FULL_BUF_TRACKING)
2042 if (ccb->csio.bio != NULL)
2043 biotrack(ccb->csio.bio, __func__);
2046 if (cm->cm_state == MPS_CM_STATE_TIMEDOUT) {
2047 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery);
2048 if (cm->cm_reply != NULL)
2049 mpssas_log_command(cm, MPS_RECOVERY,
2050 "completed timedout cm %p ccb %p during recovery "
2051 "ioc %x scsi %x state %x xfer %u\n",
2053 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2054 le32toh(rep->TransferCount));
2056 mpssas_log_command(cm, MPS_RECOVERY,
2057 "completed timedout cm %p ccb %p during recovery\n",
2059 } else if (cm->cm_targ->tm != NULL) {
2060 if (cm->cm_reply != NULL)
2061 mpssas_log_command(cm, MPS_RECOVERY,
2062 "completed cm %p ccb %p during recovery "
2063 "ioc %x scsi %x state %x xfer %u\n",
2065 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2066 le32toh(rep->TransferCount));
2068 mpssas_log_command(cm, MPS_RECOVERY,
2069 "completed cm %p ccb %p during recovery\n",
2071 } else if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0) {
2072 mpssas_log_command(cm, MPS_RECOVERY,
2073 "reset completed cm %p ccb %p\n",
2077 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
2079 * We ran into an error after we tried to map the command,
2080 * so we're getting a callback without queueing the command
2081 * to the hardware. So we set the status here, and it will
2082 * be retained below. We'll go through the "fast path",
2083 * because there can be no reply when we haven't actually
2084 * gone out to the hardware.
2086 mpssas_set_ccbstatus(ccb, CAM_REQUEUE_REQ);
2089 * Currently the only error included in the mask is
2090 * MPS_CM_FLAGS_CHAIN_FAILED, which means we're out of
2091 * chain frames. We need to freeze the queue until we get
2092 * a command that completed without this error, which will
2093 * hopefully have some chain frames attached that we can
2094 * use. If we wanted to get smarter about it, we would
2095 * only unfreeze the queue in this condition when we're
2096 * sure that we're getting some chain frames back. That's
2097 * probably unnecessary.
2099 if ((sassc->flags & MPSSAS_QUEUE_FROZEN) == 0) {
2100 xpt_freeze_simq(sassc->sim, 1);
2101 sassc->flags |= MPSSAS_QUEUE_FROZEN;
2102 mps_dprint(sc, MPS_XINFO, "Error sending command, "
2103 "freezing SIM queue\n");
2108 * If this is a Start Stop Unit command and it was issued by the driver
2109 * during shutdown, decrement the refcount to account for all of the
2110 * commands that were sent. All SSU commands should be completed before
2111 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started
2114 if (sc->SSU_started && (csio->cdb_io.cdb_bytes[0] == START_STOP_UNIT)) {
2115 mps_dprint(sc, MPS_INFO, "Decrementing SSU count.\n");
2119 /* Take the fast path to completion */
2120 if (cm->cm_reply == NULL) {
2121 if (mpssas_get_ccbstatus(ccb) == CAM_REQ_INPROG) {
2122 if ((sc->mps_flags & MPS_FLAGS_DIAGRESET) != 0)
2123 mpssas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET);
2125 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2126 ccb->csio.scsi_status = SCSI_STATUS_OK;
2128 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
2129 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2130 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
2131 mps_dprint(sc, MPS_XINFO,
2132 "Unfreezing SIM queue\n");
2137 * There are two scenarios where the status won't be
2138 * CAM_REQ_CMP. The first is if MPS_CM_FLAGS_ERROR_MASK is
2139 * set, the second is in the MPS_FLAGS_DIAGRESET above.
2141 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2143 * Freeze the dev queue so that commands are
2144 * executed in the correct order after error
2147 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2148 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2150 mps_free_command(sc, cm);
2155 mpssas_log_command(cm, MPS_XINFO,
2156 "ioc %x scsi %x state %x xfer %u\n",
2157 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState,
2158 le32toh(rep->TransferCount));
2161 * If this is a Direct Drive I/O, reissue the I/O to the original IR
2162 * Volume if an error occurred (normal I/O retry). Use the original
2163 * CCB, but set a flag that this will be a retry so that it's sent to
2164 * the original volume. Free the command but reuse the CCB.
2166 if (cm->cm_flags & MPS_CM_FLAGS_DD_IO) {
2167 mps_free_command(sc, cm);
2168 ccb->ccb_h.sim_priv.entries[0].field = MPS_WD_RETRY;
2169 mpssas_action_scsiio(sassc, ccb);
2172 ccb->ccb_h.sim_priv.entries[0].field = 0;
2174 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) {
2175 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN:
2176 csio->resid = cm->cm_length - le32toh(rep->TransferCount);
2178 case MPI2_IOCSTATUS_SUCCESS:
2179 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR:
2181 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) ==
2182 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR)
2183 mpssas_log_command(cm, MPS_XINFO, "recovered error\n");
2185 /* Completion failed at the transport level. */
2186 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS |
2187 MPI2_SCSI_STATE_TERMINATED)) {
2188 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2192 /* In a modern packetized environment, an autosense failure
2193 * implies that there's not much else that can be done to
2194 * recover the command.
2196 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) {
2197 mpssas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL);
2202 * CAM doesn't care about SAS Response Info data, but if this is
2203 * the state check if TLR should be done. If not, clear the
2204 * TLR_bits for the target.
2206 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) &&
2207 ((le32toh(rep->ResponseInfo) &
2208 MPI2_SCSI_RI_MASK_REASONCODE) ==
2209 MPS_SCSI_RI_INVALID_FRAME)) {
2210 sc->mapping_table[target_id].TLR_bits =
2211 (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2215 * Intentionally override the normal SCSI status reporting
2216 * for these two cases. These are likely to happen in a
2217 * multi-initiator environment, and we want to make sure that
2218 * CAM retries these commands rather than fail them.
2220 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) ||
2221 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) {
2222 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2226 /* Handle normal status and sense */
2227 csio->scsi_status = rep->SCSIStatus;
2228 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD)
2229 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2231 mpssas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR);
2233 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
2234 int sense_len, returned_sense_len;
2236 returned_sense_len = min(le32toh(rep->SenseCount),
2237 sizeof(struct scsi_sense_data));
2238 if (returned_sense_len < ccb->csio.sense_len)
2239 ccb->csio.sense_resid = ccb->csio.sense_len -
2242 ccb->csio.sense_resid = 0;
2244 sense_len = min(returned_sense_len,
2245 ccb->csio.sense_len - ccb->csio.sense_resid);
2246 bzero(&ccb->csio.sense_data,
2247 sizeof(ccb->csio.sense_data));
2248 bcopy(cm->cm_sense, &ccb->csio.sense_data, sense_len);
2249 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
2253 * Check if this is an INQUIRY command. If it's a VPD inquiry,
2254 * and it's page code 0 (Supported Page List), and there is
2255 * inquiry data, and this is for a sequential access device, and
2256 * the device is an SSP target, and TLR is supported by the
2257 * controller, turn the TLR_bits value ON if page 0x90 is
2260 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) &&
2261 (csio->cdb_io.cdb_bytes[1] & SI_EVPD) &&
2262 (csio->cdb_io.cdb_bytes[2] == SVPD_SUPPORTED_PAGE_LIST) &&
2263 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) &&
2264 (csio->data_ptr != NULL) &&
2265 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) &&
2266 (sc->control_TLR) &&
2267 (sc->mapping_table[target_id].device_info &
2268 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) {
2269 vpd_list = (struct scsi_vpd_supported_page_list *)
2271 TLR_bits = &sc->mapping_table[target_id].TLR_bits;
2272 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR;
2273 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON;
2274 alloc_len = ((u16)csio->cdb_io.cdb_bytes[3] << 8) +
2275 csio->cdb_io.cdb_bytes[4];
2276 alloc_len -= csio->resid;
2277 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) {
2278 if (vpd_list->list[i] == 0x90) {
2286 * If this is a SATA direct-access end device, mark it so that
2287 * a SCSI StartStopUnit command will be sent to it when the
2288 * driver is being shutdown.
2290 if ((csio->cdb_io.cdb_bytes[0] == INQUIRY) &&
2291 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) &&
2292 (sc->mapping_table[target_id].device_info &
2293 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) &&
2294 ((sc->mapping_table[target_id].device_info &
2295 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) ==
2296 MPI2_SAS_DEVICE_INFO_END_DEVICE)) {
2297 target = &sassc->targets[target_id];
2298 target->supports_SSU = TRUE;
2299 mps_dprint(sc, MPS_XINFO, "Target %d supports SSU\n",
2303 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE:
2304 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
2306 * If devinfo is 0 this will be a volume. In that case don't
2307 * tell CAM that the volume is not there. We want volumes to
2308 * be enumerated until they are deleted/removed, not just
2311 if (cm->cm_targ->devinfo == 0)
2312 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2314 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2316 case MPI2_IOCSTATUS_INVALID_SGL:
2317 mps_print_scsiio_cmd(sc, cm);
2318 mpssas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR);
2320 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED:
2322 * This is one of the responses that comes back when an I/O
2323 * has been aborted. If it is because of a timeout that we
2324 * initiated, just set the status to CAM_CMD_TIMEOUT.
2325 * Otherwise set it to CAM_REQ_ABORTED. The effect on the
2326 * command is the same (it gets retried, subject to the
2327 * retry counter), the only difference is what gets printed
2330 if (cm->cm_state == MPS_CM_STATE_TIMEDOUT)
2331 mpssas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT);
2333 mpssas_set_ccbstatus(ccb, CAM_REQ_ABORTED);
2335 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN:
2336 /* resid is ignored for this condition */
2338 mpssas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR);
2340 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED:
2341 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED:
2343 * These can sometimes be transient transport-related
2344 * errors, and sometimes persistent drive-related errors.
2345 * We used to retry these without decrementing the retry
2346 * count by returning CAM_REQUEUE_REQ. Unfortunately, if
2347 * we hit a persistent drive problem that returns one of
2348 * these error codes, we would retry indefinitely. So,
2349 * return CAM_REQ_CMP_ERROR so that we decrement the retry
2350 * count and avoid infinite retries. We're taking the
2351 * potential risk of flagging false failures in the event
2352 * of a topology-related error (e.g. a SAS expander problem
2353 * causes a command addressed to a drive to fail), but
2354 * avoiding getting into an infinite retry loop.
2356 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2357 mps_dprint(sc, MPS_INFO,
2358 "Controller reported %s tgt %u SMID %u loginfo %x\n",
2359 mps_describe_table(mps_iocstatus_string,
2360 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK),
2361 target_id, cm->cm_desc.Default.SMID,
2362 le32toh(rep->IOCLogInfo));
2363 mps_dprint(sc, MPS_XINFO,
2364 "SCSIStatus %x SCSIState %x xfercount %u\n",
2365 rep->SCSIStatus, rep->SCSIState,
2366 le32toh(rep->TransferCount));
2368 case MPI2_IOCSTATUS_INVALID_FUNCTION:
2369 case MPI2_IOCSTATUS_INTERNAL_ERROR:
2370 case MPI2_IOCSTATUS_INVALID_VPID:
2371 case MPI2_IOCSTATUS_INVALID_FIELD:
2372 case MPI2_IOCSTATUS_INVALID_STATE:
2373 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED:
2374 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR:
2375 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR:
2376 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
2377 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
2379 mpssas_log_command(cm, MPS_XINFO,
2380 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n",
2381 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo),
2382 rep->SCSIStatus, rep->SCSIState,
2383 le32toh(rep->TransferCount));
2384 csio->resid = cm->cm_length;
2385 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2389 mps_sc_failed_io_info(sc,csio,rep);
2391 if (sassc->flags & MPSSAS_QUEUE_FROZEN) {
2392 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2393 sassc->flags &= ~MPSSAS_QUEUE_FROZEN;
2394 mps_dprint(sc, MPS_XINFO, "Command completed, "
2395 "unfreezing SIM queue\n");
2398 if (mpssas_get_ccbstatus(ccb) != CAM_REQ_CMP) {
2399 ccb->ccb_h.status |= CAM_DEV_QFRZN;
2400 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1);
2403 mps_free_command(sc, cm);
2407 /* All Request reached here are Endian safe */
2409 mpssas_direct_drive_io(struct mpssas_softc *sassc, struct mps_command *cm,
2411 pMpi2SCSIIORequest_t pIO_req;
2412 struct mps_softc *sc = sassc->sc;
2414 uint32_t physLBA, stripe_offset, stripe_unit;
2415 uint32_t io_size, column;
2416 uint8_t *ptrLBA, lba_idx, physLBA_byte, *CDB;
2419 * If this is a valid SCSI command (Read6, Read10, Read16, Write6,
2420 * Write10, or Write16), build a direct I/O message. Otherwise, the I/O
2421 * will be sent to the IR volume itself. Since Read6 and Write6 are a
2422 * bit different than the 10/16 CDBs, handle them separately.
2424 pIO_req = (pMpi2SCSIIORequest_t)cm->cm_req;
2425 CDB = pIO_req->CDB.CDB32;
2428 * Handle 6 byte CDBs.
2430 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_6) ||
2431 (CDB[0] == WRITE_6))) {
2433 * Get the transfer size in blocks.
2435 io_size = (cm->cm_length >> sc->DD_block_exponent);
2438 * Get virtual LBA given in the CDB.
2440 virtLBA = ((uint64_t)(CDB[1] & 0x1F) << 16) |
2441 ((uint64_t)CDB[2] << 8) | (uint64_t)CDB[3];
2444 * Check that LBA range for I/O does not exceed volume's
2447 if ((virtLBA + (uint64_t)io_size - 1) <=
2450 * Check if the I/O crosses a stripe boundary. If not,
2451 * translate the virtual LBA to a physical LBA and set
2452 * the DevHandle for the PhysDisk to be used. If it
2453 * does cross a boundary, do normal I/O. To get the
2454 * right DevHandle to use, get the map number for the
2455 * column, then use that map number to look up the
2456 * DevHandle of the PhysDisk.
2458 stripe_offset = (uint32_t)virtLBA &
2459 (sc->DD_stripe_size - 1);
2460 if ((stripe_offset + io_size) <= sc->DD_stripe_size) {
2461 physLBA = (uint32_t)virtLBA >>
2462 sc->DD_stripe_exponent;
2463 stripe_unit = physLBA / sc->DD_num_phys_disks;
2464 column = physLBA % sc->DD_num_phys_disks;
2465 pIO_req->DevHandle =
2466 htole16(sc->DD_column_map[column].dev_handle);
2467 /* ???? Is this endian safe*/
2468 cm->cm_desc.SCSIIO.DevHandle =
2471 physLBA = (stripe_unit <<
2472 sc->DD_stripe_exponent) + stripe_offset;
2473 ptrLBA = &pIO_req->CDB.CDB32[1];
2474 physLBA_byte = (uint8_t)(physLBA >> 16);
2475 *ptrLBA = physLBA_byte;
2476 ptrLBA = &pIO_req->CDB.CDB32[2];
2477 physLBA_byte = (uint8_t)(physLBA >> 8);
2478 *ptrLBA = physLBA_byte;
2479 ptrLBA = &pIO_req->CDB.CDB32[3];
2480 physLBA_byte = (uint8_t)physLBA;
2481 *ptrLBA = physLBA_byte;
2484 * Set flag that Direct Drive I/O is
2487 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2494 * Handle 10, 12 or 16 byte CDBs.
2496 if ((pIO_req->DevHandle == sc->DD_dev_handle) && ((CDB[0] == READ_10) ||
2497 (CDB[0] == WRITE_10) || (CDB[0] == READ_16) ||
2498 (CDB[0] == WRITE_16) || (CDB[0] == READ_12) ||
2499 (CDB[0] == WRITE_12))) {
2501 * For 16-byte CDB's, verify that the upper 4 bytes of the CDB
2502 * are 0. If not, this is accessing beyond 2TB so handle it in
2503 * the else section. 10-byte and 12-byte CDB's are OK.
2504 * FreeBSD sends very rare 12 byte READ/WRITE, but driver is
2505 * ready to accept 12byte CDB for Direct IOs.
2507 if ((CDB[0] == READ_10 || CDB[0] == WRITE_10) ||
2508 (CDB[0] == READ_12 || CDB[0] == WRITE_12) ||
2509 !(CDB[2] | CDB[3] | CDB[4] | CDB[5])) {
2511 * Get the transfer size in blocks.
2513 io_size = (cm->cm_length >> sc->DD_block_exponent);
2516 * Get virtual LBA. Point to correct lower 4 bytes of
2517 * LBA in the CDB depending on command.
2519 lba_idx = ((CDB[0] == READ_12) ||
2520 (CDB[0] == WRITE_12) ||
2521 (CDB[0] == READ_10) ||
2522 (CDB[0] == WRITE_10))? 2 : 6;
2523 virtLBA = ((uint64_t)CDB[lba_idx] << 24) |
2524 ((uint64_t)CDB[lba_idx + 1] << 16) |
2525 ((uint64_t)CDB[lba_idx + 2] << 8) |
2526 (uint64_t)CDB[lba_idx + 3];
2529 * Check that LBA range for I/O does not exceed volume's
2532 if ((virtLBA + (uint64_t)io_size - 1) <=
2535 * Check if the I/O crosses a stripe boundary.
2536 * If not, translate the virtual LBA to a
2537 * physical LBA and set the DevHandle for the
2538 * PhysDisk to be used. If it does cross a
2539 * boundary, do normal I/O. To get the right
2540 * DevHandle to use, get the map number for the
2541 * column, then use that map number to look up
2542 * the DevHandle of the PhysDisk.
2544 stripe_offset = (uint32_t)virtLBA &
2545 (sc->DD_stripe_size - 1);
2546 if ((stripe_offset + io_size) <=
2547 sc->DD_stripe_size) {
2548 physLBA = (uint32_t)virtLBA >>
2549 sc->DD_stripe_exponent;
2550 stripe_unit = physLBA /
2551 sc->DD_num_phys_disks;
2553 sc->DD_num_phys_disks;
2554 pIO_req->DevHandle =
2555 htole16(sc->DD_column_map[column].
2557 cm->cm_desc.SCSIIO.DevHandle =
2560 physLBA = (stripe_unit <<
2561 sc->DD_stripe_exponent) +
2564 &pIO_req->CDB.CDB32[lba_idx];
2565 physLBA_byte = (uint8_t)(physLBA >> 24);
2566 *ptrLBA = physLBA_byte;
2568 &pIO_req->CDB.CDB32[lba_idx + 1];
2569 physLBA_byte = (uint8_t)(physLBA >> 16);
2570 *ptrLBA = physLBA_byte;
2572 &pIO_req->CDB.CDB32[lba_idx + 2];
2573 physLBA_byte = (uint8_t)(physLBA >> 8);
2574 *ptrLBA = physLBA_byte;
2576 &pIO_req->CDB.CDB32[lba_idx + 3];
2577 physLBA_byte = (uint8_t)physLBA;
2578 *ptrLBA = physLBA_byte;
2581 * Set flag that Direct Drive I/O is
2584 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2589 * 16-byte CDB and the upper 4 bytes of the CDB are not
2590 * 0. Get the transfer size in blocks.
2592 io_size = (cm->cm_length >> sc->DD_block_exponent);
2597 virtLBA = ((uint64_t)CDB[2] << 54) |
2598 ((uint64_t)CDB[3] << 48) |
2599 ((uint64_t)CDB[4] << 40) |
2600 ((uint64_t)CDB[5] << 32) |
2601 ((uint64_t)CDB[6] << 24) |
2602 ((uint64_t)CDB[7] << 16) |
2603 ((uint64_t)CDB[8] << 8) |
2607 * Check that LBA range for I/O does not exceed volume's
2610 if ((virtLBA + (uint64_t)io_size - 1) <=
2613 * Check if the I/O crosses a stripe boundary.
2614 * If not, translate the virtual LBA to a
2615 * physical LBA and set the DevHandle for the
2616 * PhysDisk to be used. If it does cross a
2617 * boundary, do normal I/O. To get the right
2618 * DevHandle to use, get the map number for the
2619 * column, then use that map number to look up
2620 * the DevHandle of the PhysDisk.
2622 stripe_offset = (uint32_t)virtLBA &
2623 (sc->DD_stripe_size - 1);
2624 if ((stripe_offset + io_size) <=
2625 sc->DD_stripe_size) {
2626 physLBA = (uint32_t)(virtLBA >>
2627 sc->DD_stripe_exponent);
2628 stripe_unit = physLBA /
2629 sc->DD_num_phys_disks;
2631 sc->DD_num_phys_disks;
2632 pIO_req->DevHandle =
2633 htole16(sc->DD_column_map[column].
2635 cm->cm_desc.SCSIIO.DevHandle =
2638 physLBA = (stripe_unit <<
2639 sc->DD_stripe_exponent) +
2643 * Set upper 4 bytes of LBA to 0. We
2644 * assume that the phys disks are less
2645 * than 2 TB's in size. Then, set the
2648 pIO_req->CDB.CDB32[2] = 0;
2649 pIO_req->CDB.CDB32[3] = 0;
2650 pIO_req->CDB.CDB32[4] = 0;
2651 pIO_req->CDB.CDB32[5] = 0;
2652 ptrLBA = &pIO_req->CDB.CDB32[6];
2653 physLBA_byte = (uint8_t)(physLBA >> 24);
2654 *ptrLBA = physLBA_byte;
2655 ptrLBA = &pIO_req->CDB.CDB32[7];
2656 physLBA_byte = (uint8_t)(physLBA >> 16);
2657 *ptrLBA = physLBA_byte;
2658 ptrLBA = &pIO_req->CDB.CDB32[8];
2659 physLBA_byte = (uint8_t)(physLBA >> 8);
2660 *ptrLBA = physLBA_byte;
2661 ptrLBA = &pIO_req->CDB.CDB32[9];
2662 physLBA_byte = (uint8_t)physLBA;
2663 *ptrLBA = physLBA_byte;
2666 * Set flag that Direct Drive I/O is
2669 cm->cm_flags |= MPS_CM_FLAGS_DD_IO;
2676 #if __FreeBSD_version >= 900026
2678 mpssas_smpio_complete(struct mps_softc *sc, struct mps_command *cm)
2680 MPI2_SMP_PASSTHROUGH_REPLY *rpl;
2681 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2685 ccb = cm->cm_complete_data;
2688 * Currently there should be no way we can hit this case. It only
2689 * happens when we have a failure to allocate chain frames, and SMP
2690 * commands require two S/G elements only. That should be handled
2691 * in the standard request size.
2693 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
2694 mps_dprint(sc, MPS_ERROR,"%s: cm_flags = %#x on SMP request!\n",
2695 __func__, cm->cm_flags);
2696 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2700 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply;
2702 mps_dprint(sc, MPS_ERROR, "%s: NULL cm_reply!\n", __func__);
2703 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2707 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2708 sasaddr = le32toh(req->SASAddress.Low);
2709 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32;
2711 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) !=
2712 MPI2_IOCSTATUS_SUCCESS ||
2713 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) {
2714 mps_dprint(sc, MPS_XINFO, "%s: IOCStatus %04x SASStatus %02x\n",
2715 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus);
2716 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
2720 mps_dprint(sc, MPS_XINFO, "%s: SMP request to SAS address "
2721 "%#jx completed successfully\n", __func__,
2722 (uintmax_t)sasaddr);
2724 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED)
2725 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
2727 mpssas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR);
2731 * We sync in both directions because we had DMAs in the S/G list
2732 * in both directions.
2734 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap,
2735 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE);
2736 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap);
2737 mps_free_command(sc, cm);
2742 mpssas_send_smpcmd(struct mpssas_softc *sassc, union ccb *ccb, uint64_t sasaddr)
2744 struct mps_command *cm;
2745 uint8_t *request, *response;
2746 MPI2_SMP_PASSTHROUGH_REQUEST *req;
2747 struct mps_softc *sc;
2754 * XXX We don't yet support physical addresses here.
2756 switch ((ccb->ccb_h.flags & CAM_DATA_MASK)) {
2757 case CAM_DATA_PADDR:
2758 case CAM_DATA_SG_PADDR:
2759 mps_dprint(sc, MPS_ERROR,
2760 "%s: physical addresses not supported\n", __func__);
2761 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2766 * The chip does not support more than one buffer for the
2767 * request or response.
2769 if ((ccb->smpio.smp_request_sglist_cnt > 1)
2770 || (ccb->smpio.smp_response_sglist_cnt > 1)) {
2771 mps_dprint(sc, MPS_ERROR,
2772 "%s: multiple request or response "
2773 "buffer segments not supported for SMP\n",
2775 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2781 * The CAM_SCATTER_VALID flag was originally implemented
2782 * for the XPT_SCSI_IO CCB, which only has one data pointer.
2783 * We have two. So, just take that flag to mean that we
2784 * might have S/G lists, and look at the S/G segment count
2785 * to figure out whether that is the case for each individual
2788 if (ccb->smpio.smp_request_sglist_cnt != 0) {
2789 bus_dma_segment_t *req_sg;
2791 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request;
2792 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr;
2794 request = ccb->smpio.smp_request;
2796 if (ccb->smpio.smp_response_sglist_cnt != 0) {
2797 bus_dma_segment_t *rsp_sg;
2799 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response;
2800 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr;
2802 response = ccb->smpio.smp_response;
2804 case CAM_DATA_VADDR:
2805 request = ccb->smpio.smp_request;
2806 response = ccb->smpio.smp_response;
2809 mpssas_set_ccbstatus(ccb, CAM_REQ_INVALID);
2814 cm = mps_alloc_command(sc);
2816 mps_dprint(sc, MPS_ERROR,
2817 "%s: cannot allocate command\n", __func__);
2818 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
2823 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req;
2824 bzero(req, sizeof(*req));
2825 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH;
2827 /* Allow the chip to use any route to this SAS address. */
2828 req->PhysicalPort = 0xff;
2830 req->RequestDataLength = htole16(ccb->smpio.smp_request_len);
2832 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI;
2834 mps_dprint(sc, MPS_XINFO, "%s: sending SMP request to SAS "
2835 "address %#jx\n", __func__, (uintmax_t)sasaddr);
2837 mpi_init_sge(cm, req, &req->SGL);
2840 * Set up a uio to pass into mps_map_command(). This allows us to
2841 * do one map command, and one busdma call in there.
2843 cm->cm_uio.uio_iov = cm->cm_iovec;
2844 cm->cm_uio.uio_iovcnt = 2;
2845 cm->cm_uio.uio_segflg = UIO_SYSSPACE;
2848 * The read/write flag isn't used by busdma, but set it just in
2849 * case. This isn't exactly accurate, either, since we're going in
2852 cm->cm_uio.uio_rw = UIO_WRITE;
2854 cm->cm_iovec[0].iov_base = request;
2855 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength);
2856 cm->cm_iovec[1].iov_base = response;
2857 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len;
2859 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len +
2860 cm->cm_iovec[1].iov_len;
2863 * Trigger a warning message in mps_data_cb() for the user if we
2864 * wind up exceeding two S/G segments. The chip expects one
2865 * segment for the request and another for the response.
2867 cm->cm_max_segs = 2;
2869 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
2870 cm->cm_complete = mpssas_smpio_complete;
2871 cm->cm_complete_data = ccb;
2874 * Tell the mapping code that we're using a uio, and that this is
2875 * an SMP passthrough request. There is a little special-case
2876 * logic there (in mps_data_cb()) to handle the bidirectional
2879 cm->cm_flags |= MPS_CM_FLAGS_USE_UIO | MPS_CM_FLAGS_SMP_PASS |
2880 MPS_CM_FLAGS_DATAIN | MPS_CM_FLAGS_DATAOUT;
2882 /* The chip data format is little endian. */
2883 req->SASAddress.High = htole32(sasaddr >> 32);
2884 req->SASAddress.Low = htole32(sasaddr);
2887 * XXX Note that we don't have a timeout/abort mechanism here.
2888 * From the manual, it looks like task management requests only
2889 * work for SCSI IO and SATA passthrough requests. We may need to
2890 * have a mechanism to retry requests in the event of a chip reset
2891 * at least. Hopefully the chip will insure that any errors short
2892 * of that are relayed back to the driver.
2894 error = mps_map_command(sc, cm);
2895 if ((error != 0) && (error != EINPROGRESS)) {
2896 mps_dprint(sc, MPS_ERROR,
2897 "%s: error %d returned from mps_map_command()\n",
2905 mps_free_command(sc, cm);
2906 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
2913 mpssas_action_smpio(struct mpssas_softc *sassc, union ccb *ccb)
2915 struct mps_softc *sc;
2916 struct mpssas_target *targ;
2917 uint64_t sasaddr = 0;
2922 * Make sure the target exists.
2924 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets,
2925 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id));
2926 targ = &sassc->targets[ccb->ccb_h.target_id];
2927 if (targ->handle == 0x0) {
2928 mps_dprint(sc, MPS_ERROR,
2929 "%s: target %d does not exist!\n", __func__,
2930 ccb->ccb_h.target_id);
2931 mpssas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT);
2937 * If this device has an embedded SMP target, we'll talk to it
2939 * figure out what the expander's address is.
2941 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0)
2942 sasaddr = targ->sasaddr;
2945 * If we don't have a SAS address for the expander yet, try
2946 * grabbing it from the page 0x83 information cached in the
2947 * transport layer for this target. LSI expanders report the
2948 * expander SAS address as the port-associated SAS address in
2949 * Inquiry VPD page 0x83. Maxim expanders don't report it in page
2952 * XXX KDM disable this for now, but leave it commented out so that
2953 * it is obvious that this is another possible way to get the SAS
2956 * The parent handle method below is a little more reliable, and
2957 * the other benefit is that it works for devices other than SES
2958 * devices. So you can send a SMP request to a da(4) device and it
2959 * will get routed to the expander that device is attached to.
2960 * (Assuming the da(4) device doesn't contain an SMP target...)
2964 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path);
2968 * If we still don't have a SAS address for the expander, look for
2969 * the parent device of this device, which is probably the expander.
2972 #ifdef OLD_MPS_PROBE
2973 struct mpssas_target *parent_target;
2976 if (targ->parent_handle == 0x0) {
2977 mps_dprint(sc, MPS_ERROR,
2978 "%s: handle %d does not have a valid "
2979 "parent handle!\n", __func__, targ->handle);
2980 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2983 #ifdef OLD_MPS_PROBE
2984 parent_target = mpssas_find_target_by_handle(sassc, 0,
2985 targ->parent_handle);
2987 if (parent_target == NULL) {
2988 mps_dprint(sc, MPS_ERROR,
2989 "%s: handle %d does not have a valid "
2990 "parent target!\n", __func__, targ->handle);
2991 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
2995 if ((parent_target->devinfo &
2996 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
2997 mps_dprint(sc, MPS_ERROR,
2998 "%s: handle %d parent %d does not "
2999 "have an SMP target!\n", __func__,
3000 targ->handle, parent_target->handle);
3001 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3006 sasaddr = parent_target->sasaddr;
3007 #else /* OLD_MPS_PROBE */
3008 if ((targ->parent_devinfo &
3009 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) {
3010 mps_dprint(sc, MPS_ERROR,
3011 "%s: handle %d parent %d does not "
3012 "have an SMP target!\n", __func__,
3013 targ->handle, targ->parent_handle);
3014 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3018 if (targ->parent_sasaddr == 0x0) {
3019 mps_dprint(sc, MPS_ERROR,
3020 "%s: handle %d parent handle %d does "
3021 "not have a valid SAS address!\n",
3022 __func__, targ->handle, targ->parent_handle);
3023 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3027 sasaddr = targ->parent_sasaddr;
3028 #endif /* OLD_MPS_PROBE */
3033 mps_dprint(sc, MPS_INFO,
3034 "%s: unable to find SAS address for handle %d\n",
3035 __func__, targ->handle);
3036 mpssas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE);
3039 mpssas_send_smpcmd(sassc, ccb, sasaddr);
3047 #endif //__FreeBSD_version >= 900026
3050 mpssas_action_resetdev(struct mpssas_softc *sassc, union ccb *ccb)
3052 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3053 struct mps_softc *sc;
3054 struct mps_command *tm;
3055 struct mpssas_target *targ;
3057 MPS_FUNCTRACE(sassc->sc);
3058 mtx_assert(&sassc->sc->mps_mtx, MA_OWNED);
3060 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets,
3061 ("Target %d out of bounds in XPT_RESET_DEV\n",
3062 ccb->ccb_h.target_id));
3064 tm = mps_alloc_command(sc);
3066 mps_dprint(sc, MPS_ERROR,
3067 "command alloc failure in mpssas_action_resetdev\n");
3068 mpssas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL);
3073 targ = &sassc->targets[ccb->ccb_h.target_id];
3074 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3075 req->DevHandle = htole16(targ->handle);
3076 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
3077 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET;
3079 /* SAS Hard Link Reset / SATA Link Reset */
3080 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET;
3083 tm->cm_desc.HighPriority.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_HIGH_PRIORITY;
3084 tm->cm_complete = mpssas_resetdev_complete;
3085 tm->cm_complete_data = ccb;
3087 targ->flags |= MPSSAS_TARGET_INRESET;
3089 mps_map_command(sc, tm);
3093 mpssas_resetdev_complete(struct mps_softc *sc, struct mps_command *tm)
3095 MPI2_SCSI_TASK_MANAGE_REPLY *resp;
3099 mtx_assert(&sc->mps_mtx, MA_OWNED);
3101 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply;
3102 ccb = tm->cm_complete_data;
3105 * Currently there should be no way we can hit this case. It only
3106 * happens when we have a failure to allocate chain frames, and
3107 * task management commands don't have S/G lists.
3109 if ((tm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
3110 MPI2_SCSI_TASK_MANAGE_REQUEST *req;
3112 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req;
3114 mps_dprint(sc, MPS_ERROR,
3115 "%s: cm_flags = %#x for reset of handle %#04x! "
3116 "This should not happen!\n", __func__, tm->cm_flags,
3118 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3122 mps_dprint(sc, MPS_XINFO,
3123 "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", __func__,
3124 le16toh(resp->IOCStatus), le32toh(resp->ResponseCode));
3126 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) {
3127 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP);
3128 mpssas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid,
3132 mpssas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR);
3136 mpssas_free_tm(sc, tm);
3141 mpssas_poll(struct cam_sim *sim)
3143 struct mpssas_softc *sassc;
3145 sassc = cam_sim_softc(sim);
3147 if (sassc->sc->mps_debug & MPS_TRACE) {
3148 /* frequent debug messages during a panic just slow
3149 * everything down too much.
3151 mps_printf(sassc->sc, "%s clearing MPS_TRACE\n", __func__);
3152 sassc->sc->mps_debug &= ~MPS_TRACE;
3155 mps_intr_locked(sassc->sc);
3159 mpssas_async(void *callback_arg, uint32_t code, struct cam_path *path,
3162 struct mps_softc *sc;
3164 sc = (struct mps_softc *)callback_arg;
3167 #if (__FreeBSD_version >= 1000006) || \
3168 ((__FreeBSD_version >= 901503) && (__FreeBSD_version < 1000000))
3169 case AC_ADVINFO_CHANGED: {
3170 struct mpssas_target *target;
3171 struct mpssas_softc *sassc;
3172 struct scsi_read_capacity_data_long rcap_buf;
3173 struct ccb_dev_advinfo cdai;
3174 struct mpssas_lun *lun;
3179 buftype = (uintptr_t)arg;
3185 * We're only interested in read capacity data changes.
3187 if (buftype != CDAI_TYPE_RCAPLONG)
3191 * We should have a handle for this, but check to make sure.
3193 KASSERT(xpt_path_target_id(path) < sassc->maxtargets,
3194 ("Target %d out of bounds in mpssas_async\n",
3195 xpt_path_target_id(path)));
3196 target = &sassc->targets[xpt_path_target_id(path)];
3197 if (target->handle == 0)
3200 lunid = xpt_path_lun_id(path);
3202 SLIST_FOREACH(lun, &target->luns, lun_link) {
3203 if (lun->lun_id == lunid) {
3209 if (found_lun == 0) {
3210 lun = malloc(sizeof(struct mpssas_lun), M_MPT2,
3213 mps_dprint(sc, MPS_ERROR, "Unable to alloc "
3214 "LUN for EEDP support.\n");
3217 lun->lun_id = lunid;
3218 SLIST_INSERT_HEAD(&target->luns, lun, lun_link);
3221 bzero(&rcap_buf, sizeof(rcap_buf));
3222 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL);
3223 cdai.ccb_h.func_code = XPT_DEV_ADVINFO;
3224 cdai.ccb_h.flags = CAM_DIR_IN;
3225 cdai.buftype = CDAI_TYPE_RCAPLONG;
3226 #if (__FreeBSD_version >= 1100061) || \
3227 ((__FreeBSD_version >= 1001510) && (__FreeBSD_version < 1100000))
3228 cdai.flags = CDAI_FLAG_NONE;
3232 cdai.bufsiz = sizeof(rcap_buf);
3233 cdai.buf = (uint8_t *)&rcap_buf;
3234 xpt_action((union ccb *)&cdai);
3235 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0)
3236 cam_release_devq(cdai.ccb_h.path,
3239 if ((mpssas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP)
3240 && (rcap_buf.prot & SRC16_PROT_EN)) {
3241 lun->eedp_formatted = TRUE;
3242 lun->eedp_block_size = scsi_4btoul(rcap_buf.length);
3244 lun->eedp_formatted = FALSE;
3245 lun->eedp_block_size = 0;
3250 case AC_FOUND_DEVICE: {
3251 struct ccb_getdev *cgd;
3254 mpssas_check_eedp(sc, path, cgd);
3263 #if (__FreeBSD_version < 901503) || \
3264 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006))
3266 mpssas_check_eedp(struct mps_softc *sc, struct cam_path *path,
3267 struct ccb_getdev *cgd)
3269 struct mpssas_softc *sassc = sc->sassc;
3270 struct ccb_scsiio *csio;
3271 struct scsi_read_capacity_16 *scsi_cmd;
3272 struct scsi_read_capacity_eedp *rcap_buf;
3274 target_id_t targetid;
3277 struct cam_path *local_path;
3278 struct mpssas_target *target;
3279 struct mpssas_lun *lun;
3284 pathid = cam_sim_path(sassc->sim);
3285 targetid = xpt_path_target_id(path);
3286 lunid = xpt_path_lun_id(path);
3288 KASSERT(targetid < sassc->maxtargets,
3289 ("Target %d out of bounds in mpssas_check_eedp\n",
3291 target = &sassc->targets[targetid];
3292 if (target->handle == 0x0)
3296 * Determine if the device is EEDP capable.
3298 * If this flag is set in the inquiry data,
3299 * the device supports protection information,
3300 * and must support the 16 byte read
3301 * capacity command, otherwise continue without
3302 * sending read cap 16
3304 if ((cgd->inq_data.spc3_flags & SPC3_SID_PROTECT) == 0)
3308 * Issue a READ CAPACITY 16 command. This info
3309 * is used to determine if the LUN is formatted
3312 ccb = xpt_alloc_ccb_nowait();
3314 mps_dprint(sc, MPS_ERROR, "Unable to alloc CCB "
3315 "for EEDP support.\n");
3319 if (xpt_create_path(&local_path, xpt_periph,
3320 pathid, targetid, lunid) != CAM_REQ_CMP) {
3321 mps_dprint(sc, MPS_ERROR, "Unable to create "
3322 "path for EEDP support\n");
3328 * If LUN is already in list, don't create a new
3332 SLIST_FOREACH(lun, &target->luns, lun_link) {
3333 if (lun->lun_id == lunid) {
3339 lun = malloc(sizeof(struct mpssas_lun), M_MPT2,
3342 mps_dprint(sc, MPS_ERROR,
3343 "Unable to alloc LUN for EEDP support.\n");
3344 xpt_free_path(local_path);
3348 lun->lun_id = lunid;
3349 SLIST_INSERT_HEAD(&target->luns, lun,
3353 xpt_path_string(local_path, path_str, sizeof(path_str));
3355 mps_dprint(sc, MPS_INFO, "Sending read cap: path %s handle %d\n",
3356 path_str, target->handle);
3359 * Issue a READ CAPACITY 16 command for the LUN.
3360 * The mpssas_read_cap_done function will load
3361 * the read cap info into the LUN struct.
3363 rcap_buf = malloc(sizeof(struct scsi_read_capacity_eedp),
3364 M_MPT2, M_NOWAIT | M_ZERO);
3365 if (rcap_buf == NULL) {
3366 mps_dprint(sc, MPS_FAULT,
3367 "Unable to alloc read capacity buffer for EEDP support.\n");
3368 xpt_free_path(ccb->ccb_h.path);
3372 xpt_setup_ccb(&ccb->ccb_h, local_path, CAM_PRIORITY_XPT);
3374 csio->ccb_h.func_code = XPT_SCSI_IO;
3375 csio->ccb_h.flags = CAM_DIR_IN;
3376 csio->ccb_h.retry_count = 4;
3377 csio->ccb_h.cbfcnp = mpssas_read_cap_done;
3378 csio->ccb_h.timeout = 60000;
3379 csio->data_ptr = (uint8_t *)rcap_buf;
3380 csio->dxfer_len = sizeof(struct scsi_read_capacity_eedp);
3381 csio->sense_len = MPS_SENSE_LEN;
3382 csio->cdb_len = sizeof(*scsi_cmd);
3383 csio->tag_action = MSG_SIMPLE_Q_TAG;
3385 scsi_cmd = (struct scsi_read_capacity_16 *)&csio->cdb_io.cdb_bytes;
3386 bzero(scsi_cmd, sizeof(*scsi_cmd));
3387 scsi_cmd->opcode = 0x9E;
3388 scsi_cmd->service_action = SRC16_SERVICE_ACTION;
3389 ((uint8_t *)scsi_cmd)[13] = sizeof(struct scsi_read_capacity_eedp);
3391 ccb->ccb_h.ppriv_ptr1 = sassc;
3396 mpssas_read_cap_done(struct cam_periph *periph, union ccb *done_ccb)
3398 struct mpssas_softc *sassc;
3399 struct mpssas_target *target;
3400 struct mpssas_lun *lun;
3401 struct scsi_read_capacity_eedp *rcap_buf;
3403 if (done_ccb == NULL)
3406 /* Driver need to release devq, it Scsi command is
3407 * generated by driver internally.
3408 * Currently there is a single place where driver
3409 * calls scsi command internally. In future if driver
3410 * calls more scsi command internally, it needs to release
3411 * devq internally, since those command will not go back to
3414 if ((done_ccb->ccb_h.status & CAM_DEV_QFRZN) ) {
3415 done_ccb->ccb_h.status &= ~CAM_DEV_QFRZN;
3416 xpt_release_devq(done_ccb->ccb_h.path,
3417 /*count*/ 1, /*run_queue*/TRUE);
3420 rcap_buf = (struct scsi_read_capacity_eedp *)done_ccb->csio.data_ptr;
3423 * Get the LUN ID for the path and look it up in the LUN list for the
3426 sassc = (struct mpssas_softc *)done_ccb->ccb_h.ppriv_ptr1;
3427 KASSERT(done_ccb->ccb_h.target_id < sassc->maxtargets,
3428 ("Target %d out of bounds in mpssas_read_cap_done\n",
3429 done_ccb->ccb_h.target_id));
3430 target = &sassc->targets[done_ccb->ccb_h.target_id];
3431 SLIST_FOREACH(lun, &target->luns, lun_link) {
3432 if (lun->lun_id != done_ccb->ccb_h.target_lun)
3436 * Got the LUN in the target's LUN list. Fill it in
3437 * with EEDP info. If the READ CAP 16 command had some
3438 * SCSI error (common if command is not supported), mark
3439 * the lun as not supporting EEDP and set the block size
3442 if ((mpssas_get_ccbstatus(done_ccb) != CAM_REQ_CMP)
3443 || (done_ccb->csio.scsi_status != SCSI_STATUS_OK)) {
3444 lun->eedp_formatted = FALSE;
3445 lun->eedp_block_size = 0;
3449 if (rcap_buf->protect & 0x01) {
3450 mps_dprint(sassc->sc, MPS_INFO, "LUN %d for "
3451 "target ID %d is formatted for EEDP "
3452 "support.\n", done_ccb->ccb_h.target_lun,
3453 done_ccb->ccb_h.target_id);
3454 lun->eedp_formatted = TRUE;
3455 lun->eedp_block_size = scsi_4btoul(rcap_buf->length);
3460 // Finished with this CCB and path.
3461 free(rcap_buf, M_MPT2);
3462 xpt_free_path(done_ccb->ccb_h.path);
3463 xpt_free_ccb(done_ccb);
3465 #endif /* (__FreeBSD_version < 901503) || \
3466 ((__FreeBSD_version >= 1000000) && (__FreeBSD_version < 1000006)) */
3469 mpssas_prepare_for_tm(struct mps_softc *sc, struct mps_command *tm,
3470 struct mpssas_target *target, lun_id_t lun_id)
3476 * Set the INRESET flag for this target so that no I/O will be sent to
3477 * the target until the reset has completed. If an I/O request does
3478 * happen, the devq will be frozen. The CCB holds the path which is
3479 * used to release the devq. The devq is released and the CCB is freed
3480 * when the TM completes.
3482 ccb = xpt_alloc_ccb_nowait();
3484 path_id = cam_sim_path(sc->sassc->sim);
3485 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id,
3486 target->tid, lun_id) != CAM_REQ_CMP) {
3490 tm->cm_targ = target;
3491 target->flags |= MPSSAS_TARGET_INRESET;
3497 mpssas_startup(struct mps_softc *sc)
3501 * Send the port enable message and set the wait_for_port_enable flag.
3502 * This flag helps to keep the simq frozen until all discovery events
3505 sc->wait_for_port_enable = 1;
3506 mpssas_send_portenable(sc);
3511 mpssas_send_portenable(struct mps_softc *sc)
3513 MPI2_PORT_ENABLE_REQUEST *request;
3514 struct mps_command *cm;
3518 if ((cm = mps_alloc_command(sc)) == NULL)
3520 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req;
3521 request->Function = MPI2_FUNCTION_PORT_ENABLE;
3522 request->MsgFlags = 0;
3524 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
3525 cm->cm_complete = mpssas_portenable_complete;
3529 mps_map_command(sc, cm);
3530 mps_dprint(sc, MPS_XINFO,
3531 "mps_send_portenable finished cm %p req %p complete %p\n",
3532 cm, cm->cm_req, cm->cm_complete);
3537 mpssas_portenable_complete(struct mps_softc *sc, struct mps_command *cm)
3539 MPI2_PORT_ENABLE_REPLY *reply;
3540 struct mpssas_softc *sassc;
3546 * Currently there should be no way we can hit this case. It only
3547 * happens when we have a failure to allocate chain frames, and
3548 * port enable commands don't have S/G lists.
3550 if ((cm->cm_flags & MPS_CM_FLAGS_ERROR_MASK) != 0) {
3551 mps_dprint(sc, MPS_ERROR, "%s: cm_flags = %#x for port enable! "
3552 "This should not happen!\n", __func__, cm->cm_flags);
3555 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply;
3557 mps_dprint(sc, MPS_FAULT, "Portenable NULL reply\n");
3558 else if (le16toh(reply->IOCStatus & MPI2_IOCSTATUS_MASK) !=
3559 MPI2_IOCSTATUS_SUCCESS)
3560 mps_dprint(sc, MPS_FAULT, "Portenable failed\n");
3562 mps_free_command(sc, cm);
3565 * Get WarpDrive info after discovery is complete but before the scan
3566 * starts. At this point, all devices are ready to be exposed to the
3567 * OS. If devices should be hidden instead, take them out of the
3568 * 'targets' array before the scan. The devinfo for a disk will have
3569 * some info and a volume's will be 0. Use that to remove disks.
3571 mps_wd_config_pages(sc);
3574 * Done waiting for port enable to complete. Decrement the refcount.
3575 * If refcount is 0, discovery is complete and a rescan of the bus can
3576 * take place. Since the simq was explicitly frozen before port
3577 * enable, it must be explicitly released here to keep the
3578 * freeze/release count in sync.
3580 sc->wait_for_port_enable = 0;
3581 sc->port_enable_complete = 1;
3582 wakeup(&sc->port_enable_complete);
3583 mpssas_startup_decrement(sassc);
3587 mpssas_check_id(struct mpssas_softc *sassc, int id)
3589 struct mps_softc *sc = sassc->sc;
3593 ids = &sc->exclude_ids[0];
3594 while((name = strsep(&ids, ",")) != NULL) {
3595 if (name[0] == '\0')
3597 if (strtol(name, NULL, 0) == (long)id)
3605 mpssas_realloc_targets(struct mps_softc *sc, int maxtargets)
3607 struct mpssas_softc *sassc;
3608 struct mpssas_lun *lun, *lun_tmp;
3609 struct mpssas_target *targ;
3614 * The number of targets is based on IOC Facts, so free all of
3615 * the allocated LUNs for each target and then the target buffer
3618 for (i=0; i< maxtargets; i++) {
3619 targ = &sassc->targets[i];
3620 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) {
3624 free(sassc->targets, M_MPT2);
3626 sassc->targets = malloc(sizeof(struct mpssas_target) * maxtargets,
3627 M_MPT2, M_WAITOK|M_ZERO);
3628 if (!sassc->targets) {
3629 panic("%s failed to alloc targets with error %d\n",
projects / FreeBSD / FreeBSD.git / blob