2 * FreeBSD/CAM specific routines for LSI '909 FC adapters.
5 * Copyright (c) 2000, 2001 by Greg Ansley
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice immediately at the beginning of the file, without modification,
12 * this list of conditions, and the following disclaimer.
13 * 2. The name of the author may not be used to endorse or promote products
14 * derived from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
20 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * Copyright (c) 2002, 2006 by Matthew Jacob
30 * All rights reserved.
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions are
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
38 * substantially similar to the "NO WARRANTY" disclaimer below
39 * ("Disclaimer") and any redistribution must be conditioned upon including
40 * a substantially similar Disclaimer requirement for further binary
42 * 3. Neither the names of the above listed copyright holders nor the names
43 * of any contributors may be used to endorse or promote products derived
44 * from this software without specific prior written permission.
46 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
47 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
50 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
51 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
52 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
53 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
54 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
55 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT
56 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
58 * Support from Chris Ellsworth in order to make SAS adapters work
59 * is gratefully acknowledged.
61 * Support from LSI-Logic has also gone a great deal toward making this a
62 * workable subsystem and is gratefully acknowledged.
65 * Copyright (c) 2004, Avid Technology, Inc. and its contributors.
66 * Copyright (c) 2005, WHEEL Sp. z o.o.
67 * Copyright (c) 2004, 2005 Justin T. Gibbs
68 * All rights reserved.
70 * Redistribution and use in source and binary forms, with or without
71 * modification, are permitted provided that the following conditions are
73 * 1. Redistributions of source code must retain the above copyright
74 * notice, this list of conditions and the following disclaimer.
75 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
76 * substantially similar to the "NO WARRANTY" disclaimer below
77 * ("Disclaimer") and any redistribution must be conditioned upon including
78 * a substantially similar Disclaimer requirement for further binary
80 * 3. Neither the names of the above listed copyright holders nor the names
81 * of any contributors may be used to endorse or promote products derived
82 * from this software without specific prior written permission.
84 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
85 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
86 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
87 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
88 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
89 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
90 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
91 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
92 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
93 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT
94 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
96 #include <sys/cdefs.h>
97 __FBSDID("$FreeBSD$");
99 #include <dev/mpt/mpt.h>
100 #include <dev/mpt/mpt_cam.h>
101 #include <dev/mpt/mpt_raid.h>
103 #include "dev/mpt/mpilib/mpi_ioc.h" /* XXX Fix Event Handling!!! */
104 #include "dev/mpt/mpilib/mpi_init.h"
105 #include "dev/mpt/mpilib/mpi_targ.h"
106 #include "dev/mpt/mpilib/mpi_fc.h"
107 #include "dev/mpt/mpilib/mpi_sas.h"
109 #include <sys/callout.h>
110 #include <sys/kthread.h>
111 #include <sys/sysctl.h>
113 #if __FreeBSD_version >= 700025
114 #ifndef CAM_NEW_TRAN_CODE
115 #define CAM_NEW_TRAN_CODE 1
119 static void mpt_poll(struct cam_sim *);
120 static timeout_t mpt_timeout;
121 static void mpt_action(struct cam_sim *, union ccb *);
123 mpt_get_spi_settings(struct mpt_softc *, struct ccb_trans_settings *);
124 static void mpt_setwidth(struct mpt_softc *, int, int);
125 static void mpt_setsync(struct mpt_softc *, int, int, int);
126 static int mpt_update_spi_config(struct mpt_softc *, int);
128 static mpt_reply_handler_t mpt_scsi_reply_handler;
129 static mpt_reply_handler_t mpt_scsi_tmf_reply_handler;
130 static mpt_reply_handler_t mpt_fc_els_reply_handler;
131 static int mpt_scsi_reply_frame_handler(struct mpt_softc *, request_t *,
132 MSG_DEFAULT_REPLY *);
133 static int mpt_bus_reset(struct mpt_softc *, target_id_t, lun_id_t, int);
134 static int mpt_fc_reset_link(struct mpt_softc *, int);
136 static int mpt_spawn_recovery_thread(struct mpt_softc *mpt);
137 static void mpt_terminate_recovery_thread(struct mpt_softc *mpt);
138 static void mpt_recovery_thread(void *arg);
139 static void mpt_recover_commands(struct mpt_softc *mpt);
141 static int mpt_scsi_send_tmf(struct mpt_softc *, u_int, u_int, u_int,
142 u_int, u_int, u_int, int);
144 static void mpt_fc_post_els(struct mpt_softc *mpt, request_t *, int);
145 static void mpt_post_target_command(struct mpt_softc *, request_t *, int);
146 static int mpt_add_els_buffers(struct mpt_softc *mpt);
147 static int mpt_add_target_commands(struct mpt_softc *mpt);
148 static int mpt_enable_lun(struct mpt_softc *, target_id_t, lun_id_t);
149 static int mpt_disable_lun(struct mpt_softc *, target_id_t, lun_id_t);
150 static void mpt_target_start_io(struct mpt_softc *, union ccb *);
151 static cam_status mpt_abort_target_ccb(struct mpt_softc *, union ccb *);
152 static int mpt_abort_target_cmd(struct mpt_softc *, request_t *);
153 static void mpt_scsi_tgt_status(struct mpt_softc *, union ccb *, request_t *,
154 uint8_t, uint8_t const *);
156 mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *, request_t *, mpt_task_mgmt_t,
157 tgt_resource_t *, int);
158 static void mpt_tgt_dump_tgt_state(struct mpt_softc *, request_t *);
159 static void mpt_tgt_dump_req_state(struct mpt_softc *, request_t *);
160 static mpt_reply_handler_t mpt_scsi_tgt_reply_handler;
161 static mpt_reply_handler_t mpt_sata_pass_reply_handler;
163 static uint32_t scsi_io_handler_id = MPT_HANDLER_ID_NONE;
164 static uint32_t scsi_tmf_handler_id = MPT_HANDLER_ID_NONE;
165 static uint32_t fc_els_handler_id = MPT_HANDLER_ID_NONE;
166 static uint32_t sata_pass_handler_id = MPT_HANDLER_ID_NONE;
168 static mpt_probe_handler_t mpt_cam_probe;
169 static mpt_attach_handler_t mpt_cam_attach;
170 static mpt_enable_handler_t mpt_cam_enable;
171 static mpt_ready_handler_t mpt_cam_ready;
172 static mpt_event_handler_t mpt_cam_event;
173 static mpt_reset_handler_t mpt_cam_ioc_reset;
174 static mpt_detach_handler_t mpt_cam_detach;
176 static struct mpt_personality mpt_cam_personality =
179 .probe = mpt_cam_probe,
180 .attach = mpt_cam_attach,
181 .enable = mpt_cam_enable,
182 .ready = mpt_cam_ready,
183 .event = mpt_cam_event,
184 .reset = mpt_cam_ioc_reset,
185 .detach = mpt_cam_detach,
188 DECLARE_MPT_PERSONALITY(mpt_cam, SI_ORDER_SECOND);
189 MODULE_DEPEND(mpt_cam, cam, 1, 1, 1);
191 int mpt_enable_sata_wc = -1;
192 TUNABLE_INT("hw.mpt.enable_sata_wc", &mpt_enable_sata_wc);
195 mpt_cam_probe(struct mpt_softc *mpt)
200 * Only attach to nodes that support the initiator or target role
201 * (or want to) or have RAID physical devices that need CAM pass-thru
204 if (mpt->do_cfg_role) {
205 role = mpt->cfg_role;
209 if ((role & (MPT_ROLE_TARGET|MPT_ROLE_INITIATOR)) != 0 ||
210 (mpt->ioc_page2 != NULL && mpt->ioc_page2->MaxPhysDisks != 0)) {
217 mpt_cam_attach(struct mpt_softc *mpt)
219 struct cam_devq *devq;
220 mpt_handler_t handler;
225 TAILQ_INIT(&mpt->request_timeout_list);
226 maxq = (mpt->ioc_facts.GlobalCredits < MPT_MAX_REQUESTS(mpt))?
227 mpt->ioc_facts.GlobalCredits : MPT_MAX_REQUESTS(mpt);
229 handler.reply_handler = mpt_scsi_reply_handler;
230 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
231 &scsi_io_handler_id);
237 handler.reply_handler = mpt_scsi_tmf_reply_handler;
238 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
239 &scsi_tmf_handler_id);
246 * If we're fibre channel and could support target mode, we register
247 * an ELS reply handler and give it resources.
249 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) {
250 handler.reply_handler = mpt_fc_els_reply_handler;
251 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
257 if (mpt_add_els_buffers(mpt) == FALSE) {
262 maxq -= mpt->els_cmds_allocated;
266 * If we support target mode, we register a reply handler for it,
267 * but don't add command resources until we actually enable target
270 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) {
271 handler.reply_handler = mpt_scsi_tgt_reply_handler;
272 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
273 &mpt->scsi_tgt_handler_id);
281 handler.reply_handler = mpt_sata_pass_reply_handler;
282 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
283 &sata_pass_handler_id);
291 * We keep one request reserved for timeout TMF requests.
293 mpt->tmf_req = mpt_get_request(mpt, FALSE);
294 if (mpt->tmf_req == NULL) {
295 mpt_prt(mpt, "Unable to allocate dedicated TMF request!\n");
302 * Mark the request as free even though not on the free list.
303 * There is only one TMF request allowed to be outstanding at
304 * a time and the TMF routines perform their own allocation
305 * tracking using the standard state flags.
307 mpt->tmf_req->state = REQ_STATE_FREE;
311 * The rest of this is CAM foo, for which we need to drop our lock
315 if (mpt_spawn_recovery_thread(mpt) != 0) {
316 mpt_prt(mpt, "Unable to spawn recovery thread!\n");
322 * Create the device queue for our SIM(s).
324 devq = cam_simq_alloc(maxq);
326 mpt_prt(mpt, "Unable to allocate CAM SIMQ!\n");
332 * Construct our SIM entry.
335 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq);
336 if (mpt->sim == NULL) {
337 mpt_prt(mpt, "Unable to allocate CAM SIM!\n");
344 * Register exactly this bus.
347 if (mpt_xpt_bus_register(mpt->sim, mpt->dev, 0) != CAM_SUCCESS) {
348 mpt_prt(mpt, "Bus registration Failed!\n");
354 if (xpt_create_path(&mpt->path, NULL, cam_sim_path(mpt->sim),
355 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
356 mpt_prt(mpt, "Unable to allocate Path!\n");
364 * Only register a second bus for RAID physical
365 * devices if the controller supports RAID.
367 if (mpt->ioc_page2 == NULL || mpt->ioc_page2->MaxPhysDisks == 0) {
372 * Create a "bus" to export all hidden disks to CAM.
375 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq);
376 if (mpt->phydisk_sim == NULL) {
377 mpt_prt(mpt, "Unable to allocate Physical Disk CAM SIM!\n");
386 if (mpt_xpt_bus_register(mpt->phydisk_sim, mpt->dev, 1) !=
388 mpt_prt(mpt, "Physical Disk Bus registration Failed!\n");
394 if (xpt_create_path(&mpt->phydisk_path, NULL,
395 cam_sim_path(mpt->phydisk_sim),
396 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
397 mpt_prt(mpt, "Unable to allocate Physical Disk Path!\n");
403 mpt_lprt(mpt, MPT_PRT_DEBUG, "attached cam\n");
412 * Read FC configuration information
415 mpt_read_config_info_fc(struct mpt_softc *mpt)
417 struct sysctl_ctx_list *ctx;
418 struct sysctl_oid *tree;
419 char *topology = NULL;
422 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 0,
423 0, &mpt->mpt_fcport_page0.Header, FALSE, 5000);
427 mpt_lprt(mpt, MPT_PRT_DEBUG, "FC Port Page 0 Header: %x %x %x %x\n",
428 mpt->mpt_fcport_page0.Header.PageVersion,
429 mpt->mpt_fcport_page0.Header.PageLength,
430 mpt->mpt_fcport_page0.Header.PageNumber,
431 mpt->mpt_fcport_page0.Header.PageType);
434 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_fcport_page0.Header,
435 sizeof(mpt->mpt_fcport_page0), FALSE, 5000);
437 mpt_prt(mpt, "failed to read FC Port Page 0\n");
440 mpt2host_config_page_fc_port_0(&mpt->mpt_fcport_page0);
442 mpt->mpt_fcport_speed = mpt->mpt_fcport_page0.CurrentSpeed;
444 switch (mpt->mpt_fcport_page0.Flags &
445 MPI_FCPORTPAGE0_FLAGS_ATTACH_TYPE_MASK) {
446 case MPI_FCPORTPAGE0_FLAGS_ATTACH_NO_INIT:
447 mpt->mpt_fcport_speed = 0;
448 topology = "<NO LOOP>";
450 case MPI_FCPORTPAGE0_FLAGS_ATTACH_POINT_TO_POINT:
453 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PRIVATE_LOOP:
454 topology = "NL-Port";
456 case MPI_FCPORTPAGE0_FLAGS_ATTACH_FABRIC_DIRECT:
459 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PUBLIC_LOOP:
460 topology = "FL-Port";
463 mpt->mpt_fcport_speed = 0;
468 mpt_lprt(mpt, MPT_PRT_INFO,
469 "FC Port Page 0: Topology <%s> WWNN 0x%08x%08x WWPN 0x%08x%08x "
470 "Speed %u-Gbit\n", topology,
471 mpt->mpt_fcport_page0.WWNN.High,
472 mpt->mpt_fcport_page0.WWNN.Low,
473 mpt->mpt_fcport_page0.WWPN.High,
474 mpt->mpt_fcport_page0.WWPN.Low,
475 mpt->mpt_fcport_speed);
477 ctx = device_get_sysctl_ctx(mpt->dev);
478 tree = device_get_sysctl_tree(mpt->dev);
480 snprintf(mpt->scinfo.fc.wwnn, sizeof (mpt->scinfo.fc.wwnn),
481 "0x%08x%08x", mpt->mpt_fcport_page0.WWNN.High,
482 mpt->mpt_fcport_page0.WWNN.Low);
484 snprintf(mpt->scinfo.fc.wwpn, sizeof (mpt->scinfo.fc.wwpn),
485 "0x%08x%08x", mpt->mpt_fcport_page0.WWPN.High,
486 mpt->mpt_fcport_page0.WWPN.Low);
488 SYSCTL_ADD_STRING(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
489 "wwnn", CTLFLAG_RD, mpt->scinfo.fc.wwnn, 0,
490 "World Wide Node Name");
492 SYSCTL_ADD_STRING(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
493 "wwpn", CTLFLAG_RD, mpt->scinfo.fc.wwpn, 0,
494 "World Wide Port Name");
501 * Set FC configuration information.
504 mpt_set_initial_config_fc(struct mpt_softc *mpt)
506 CONFIG_PAGE_FC_PORT_1 fc;
511 r = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 1, 0,
512 &fc.Header, FALSE, 5000);
514 mpt_prt(mpt, "failed to read FC page 1 header\n");
515 return (mpt_fc_reset_link(mpt, 1));
518 r = mpt_read_cfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_NVRAM, 0,
519 &fc.Header, sizeof (fc), FALSE, 5000);
521 mpt_prt(mpt, "failed to read FC page 1\n");
522 return (mpt_fc_reset_link(mpt, 1));
524 mpt2host_config_page_fc_port_1(&fc);
527 * Check our flags to make sure we support the role we want.
533 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT) {
534 role |= MPT_ROLE_INITIATOR;
536 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) {
537 role |= MPT_ROLE_TARGET;
540 fl &= ~MPI_FCPORTPAGE1_FLAGS_PROT_MASK;
542 if (mpt->do_cfg_role == 0) {
543 role = mpt->cfg_role;
545 mpt->do_cfg_role = 0;
548 if (role != mpt->cfg_role) {
549 if (mpt->cfg_role & MPT_ROLE_INITIATOR) {
550 if ((role & MPT_ROLE_INITIATOR) == 0) {
551 mpt_prt(mpt, "adding initiator role\n");
552 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT;
555 mpt_prt(mpt, "keeping initiator role\n");
557 } else if (role & MPT_ROLE_INITIATOR) {
558 mpt_prt(mpt, "removing initiator role\n");
561 if (mpt->cfg_role & MPT_ROLE_TARGET) {
562 if ((role & MPT_ROLE_TARGET) == 0) {
563 mpt_prt(mpt, "adding target role\n");
564 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG;
567 mpt_prt(mpt, "keeping target role\n");
569 } else if (role & MPT_ROLE_TARGET) {
570 mpt_prt(mpt, "removing target role\n");
573 mpt->role = mpt->cfg_role;
576 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) {
577 if ((fl & MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID) == 0) {
578 mpt_prt(mpt, "adding OXID option\n");
579 fl |= MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID;
586 host2mpt_config_page_fc_port_1(&fc);
587 r = mpt_write_cfg_page(mpt,
588 MPI_CONFIG_ACTION_PAGE_WRITE_NVRAM, 0, &fc.Header,
589 sizeof(fc), FALSE, 5000);
591 mpt_prt(mpt, "failed to update NVRAM with changes\n");
594 mpt_prt(mpt, "NOTE: NVRAM changes will not take "
595 "effect until next reboot or IOC reset\n");
601 mptsas_sas_io_unit_pg0(struct mpt_softc *mpt, struct mptsas_portinfo *portinfo)
603 ConfigExtendedPageHeader_t hdr;
604 struct mptsas_phyinfo *phyinfo;
605 SasIOUnitPage0_t *buffer;
608 error = mpt_read_extcfg_header(mpt, MPI_SASIOUNITPAGE0_PAGEVERSION,
609 0, 0, MPI_CONFIG_EXTPAGETYPE_SAS_IO_UNIT,
613 if (hdr.ExtPageLength == 0) {
618 len = hdr.ExtPageLength * 4;
619 buffer = malloc(len, M_DEVBUF, M_NOWAIT|M_ZERO);
620 if (buffer == NULL) {
625 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
626 0, &hdr, buffer, len, 0, 10000);
628 free(buffer, M_DEVBUF);
632 portinfo->num_phys = buffer->NumPhys;
633 portinfo->phy_info = malloc(sizeof(*portinfo->phy_info) *
634 portinfo->num_phys, M_DEVBUF, M_NOWAIT|M_ZERO);
635 if (portinfo->phy_info == NULL) {
636 free(buffer, M_DEVBUF);
641 for (i = 0; i < portinfo->num_phys; i++) {
642 phyinfo = &portinfo->phy_info[i];
643 phyinfo->phy_num = i;
644 phyinfo->port_id = buffer->PhyData[i].Port;
645 phyinfo->negotiated_link_rate =
646 buffer->PhyData[i].NegotiatedLinkRate;
648 le16toh(buffer->PhyData[i].ControllerDevHandle);
651 free(buffer, M_DEVBUF);
657 mptsas_sas_phy_pg0(struct mpt_softc *mpt, struct mptsas_phyinfo *phy_info,
658 uint32_t form, uint32_t form_specific)
660 ConfigExtendedPageHeader_t hdr;
661 SasPhyPage0_t *buffer;
664 error = mpt_read_extcfg_header(mpt, MPI_SASPHY0_PAGEVERSION, 0, 0,
665 MPI_CONFIG_EXTPAGETYPE_SAS_PHY, &hdr,
669 if (hdr.ExtPageLength == 0) {
674 buffer = malloc(sizeof(SasPhyPage0_t), M_DEVBUF, M_NOWAIT|M_ZERO);
675 if (buffer == NULL) {
680 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
681 form + form_specific, &hdr, buffer,
682 sizeof(SasPhyPage0_t), 0, 10000);
684 free(buffer, M_DEVBUF);
688 phy_info->hw_link_rate = buffer->HwLinkRate;
689 phy_info->programmed_link_rate = buffer->ProgrammedLinkRate;
690 phy_info->identify.dev_handle = le16toh(buffer->OwnerDevHandle);
691 phy_info->attached.dev_handle = le16toh(buffer->AttachedDevHandle);
693 free(buffer, M_DEVBUF);
699 mptsas_sas_device_pg0(struct mpt_softc *mpt, struct mptsas_devinfo *device_info,
700 uint32_t form, uint32_t form_specific)
702 ConfigExtendedPageHeader_t hdr;
703 SasDevicePage0_t *buffer;
704 uint64_t sas_address;
707 bzero(device_info, sizeof(*device_info));
708 error = mpt_read_extcfg_header(mpt, MPI_SASDEVICE0_PAGEVERSION, 0, 0,
709 MPI_CONFIG_EXTPAGETYPE_SAS_DEVICE,
713 if (hdr.ExtPageLength == 0) {
718 buffer = malloc(sizeof(SasDevicePage0_t), M_DEVBUF, M_NOWAIT|M_ZERO);
719 if (buffer == NULL) {
724 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
725 form + form_specific, &hdr, buffer,
726 sizeof(SasDevicePage0_t), 0, 10000);
728 free(buffer, M_DEVBUF);
732 device_info->dev_handle = le16toh(buffer->DevHandle);
733 device_info->parent_dev_handle = le16toh(buffer->ParentDevHandle);
734 device_info->enclosure_handle = le16toh(buffer->EnclosureHandle);
735 device_info->slot = le16toh(buffer->Slot);
736 device_info->phy_num = buffer->PhyNum;
737 device_info->physical_port = buffer->PhysicalPort;
738 device_info->target_id = buffer->TargetID;
739 device_info->bus = buffer->Bus;
740 bcopy(&buffer->SASAddress, &sas_address, sizeof(uint64_t));
741 device_info->sas_address = le64toh(sas_address);
742 device_info->device_info = le32toh(buffer->DeviceInfo);
744 free(buffer, M_DEVBUF);
750 * Read SAS configuration information. Nothing to do yet.
753 mpt_read_config_info_sas(struct mpt_softc *mpt)
755 struct mptsas_portinfo *portinfo;
756 struct mptsas_phyinfo *phyinfo;
759 portinfo = malloc(sizeof(*portinfo), M_DEVBUF, M_NOWAIT|M_ZERO);
760 if (portinfo == NULL)
763 error = mptsas_sas_io_unit_pg0(mpt, portinfo);
765 free(portinfo, M_DEVBUF);
769 for (i = 0; i < portinfo->num_phys; i++) {
770 phyinfo = &portinfo->phy_info[i];
771 error = mptsas_sas_phy_pg0(mpt, phyinfo,
772 (MPI_SAS_PHY_PGAD_FORM_PHY_NUMBER <<
773 MPI_SAS_PHY_PGAD_FORM_SHIFT), i);
776 error = mptsas_sas_device_pg0(mpt, &phyinfo->identify,
777 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE <<
778 MPI_SAS_DEVICE_PGAD_FORM_SHIFT),
782 phyinfo->identify.phy_num = phyinfo->phy_num = i;
783 if (phyinfo->attached.dev_handle)
784 error = mptsas_sas_device_pg0(mpt,
786 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE <<
787 MPI_SAS_DEVICE_PGAD_FORM_SHIFT),
788 phyinfo->attached.dev_handle);
792 mpt->sas_portinfo = portinfo;
797 mptsas_set_sata_wc(struct mpt_softc *mpt, struct mptsas_devinfo *devinfo,
800 SataPassthroughRequest_t *pass;
804 req = mpt_get_request(mpt, 0);
808 pass = req->req_vbuf;
809 bzero(pass, sizeof(SataPassthroughRequest_t));
810 pass->Function = MPI_FUNCTION_SATA_PASSTHROUGH;
811 pass->TargetID = devinfo->target_id;
812 pass->Bus = devinfo->bus;
813 pass->PassthroughFlags = 0;
814 pass->ConnectionRate = MPI_SATA_PT_REQ_CONNECT_RATE_NEGOTIATED;
815 pass->DataLength = 0;
816 pass->MsgContext = htole32(req->index | sata_pass_handler_id);
817 pass->CommandFIS[0] = 0x27;
818 pass->CommandFIS[1] = 0x80;
819 pass->CommandFIS[2] = 0xef;
820 pass->CommandFIS[3] = (enabled) ? 0x02 : 0x82;
821 pass->CommandFIS[7] = 0x40;
822 pass->CommandFIS[15] = 0x08;
824 mpt_check_doorbell(mpt);
825 mpt_send_cmd(mpt, req);
826 error = mpt_wait_req(mpt, req, REQ_STATE_DONE, REQ_STATE_DONE, 0,
829 mpt_free_request(mpt, req);
830 printf("error %d sending passthrough\n", error);
834 status = le16toh(req->IOCStatus);
835 if (status != MPI_IOCSTATUS_SUCCESS) {
836 mpt_free_request(mpt, req);
837 printf("IOCSTATUS %d\n", status);
841 mpt_free_request(mpt, req);
845 * Set SAS configuration information. Nothing to do yet.
848 mpt_set_initial_config_sas(struct mpt_softc *mpt)
850 struct mptsas_phyinfo *phyinfo;
853 if ((mpt_enable_sata_wc != -1) && (mpt->sas_portinfo != NULL)) {
854 for (i = 0; i < mpt->sas_portinfo->num_phys; i++) {
855 phyinfo = &mpt->sas_portinfo->phy_info[i];
856 if (phyinfo->attached.dev_handle == 0)
858 if ((phyinfo->attached.device_info &
859 MPI_SAS_DEVICE_INFO_SATA_DEVICE) == 0)
862 device_printf(mpt->dev,
863 "%sabling SATA WC on phy %d\n",
864 (mpt_enable_sata_wc) ? "En" : "Dis", i);
865 mptsas_set_sata_wc(mpt, &phyinfo->attached,
874 mpt_sata_pass_reply_handler(struct mpt_softc *mpt, request_t *req,
875 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
879 if (reply_frame != NULL) {
880 req->IOCStatus = le16toh(reply_frame->IOCStatus);
882 req->state &= ~REQ_STATE_QUEUED;
883 req->state |= REQ_STATE_DONE;
884 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
885 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) {
887 } else if ((req->state & REQ_STATE_TIMEDOUT) != 0) {
889 * Whew- we can free this request (late completion)
891 mpt_free_request(mpt, req);
899 * Read SCSI configuration information
902 mpt_read_config_info_spi(struct mpt_softc *mpt)
906 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 0, 0,
907 &mpt->mpt_port_page0.Header, FALSE, 5000);
911 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 0 Header: %x %x %x %x\n",
912 mpt->mpt_port_page0.Header.PageVersion,
913 mpt->mpt_port_page0.Header.PageLength,
914 mpt->mpt_port_page0.Header.PageNumber,
915 mpt->mpt_port_page0.Header.PageType);
917 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 1, 0,
918 &mpt->mpt_port_page1.Header, FALSE, 5000);
922 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 1 Header: %x %x %x %x\n",
923 mpt->mpt_port_page1.Header.PageVersion,
924 mpt->mpt_port_page1.Header.PageLength,
925 mpt->mpt_port_page1.Header.PageNumber,
926 mpt->mpt_port_page1.Header.PageType);
928 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 2, 0,
929 &mpt->mpt_port_page2.Header, FALSE, 5000);
933 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 2 Header: %x %x %x %x\n",
934 mpt->mpt_port_page2.Header.PageVersion,
935 mpt->mpt_port_page2.Header.PageLength,
936 mpt->mpt_port_page2.Header.PageNumber,
937 mpt->mpt_port_page2.Header.PageType);
939 for (i = 0; i < 16; i++) {
940 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE,
941 0, i, &mpt->mpt_dev_page0[i].Header, FALSE, 5000);
945 mpt_lprt(mpt, MPT_PRT_DEBUG,
946 "SPI Target %d Device Page 0 Header: %x %x %x %x\n", i,
947 mpt->mpt_dev_page0[i].Header.PageVersion,
948 mpt->mpt_dev_page0[i].Header.PageLength,
949 mpt->mpt_dev_page0[i].Header.PageNumber,
950 mpt->mpt_dev_page0[i].Header.PageType);
952 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE,
953 1, i, &mpt->mpt_dev_page1[i].Header, FALSE, 5000);
957 mpt_lprt(mpt, MPT_PRT_DEBUG,
958 "SPI Target %d Device Page 1 Header: %x %x %x %x\n", i,
959 mpt->mpt_dev_page1[i].Header.PageVersion,
960 mpt->mpt_dev_page1[i].Header.PageLength,
961 mpt->mpt_dev_page1[i].Header.PageNumber,
962 mpt->mpt_dev_page1[i].Header.PageType);
966 * At this point, we don't *have* to fail. As long as we have
967 * valid config header information, we can (barely) lurch
971 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page0.Header,
972 sizeof(mpt->mpt_port_page0), FALSE, 5000);
974 mpt_prt(mpt, "failed to read SPI Port Page 0\n");
976 mpt2host_config_page_scsi_port_0(&mpt->mpt_port_page0);
977 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
978 "SPI Port Page 0: Capabilities %x PhysicalInterface %x\n",
979 mpt->mpt_port_page0.Capabilities,
980 mpt->mpt_port_page0.PhysicalInterface);
983 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page1.Header,
984 sizeof(mpt->mpt_port_page1), FALSE, 5000);
986 mpt_prt(mpt, "failed to read SPI Port Page 1\n");
988 mpt2host_config_page_scsi_port_1(&mpt->mpt_port_page1);
989 mpt_lprt(mpt, MPT_PRT_DEBUG,
990 "SPI Port Page 1: Configuration %x OnBusTimerValue %x\n",
991 mpt->mpt_port_page1.Configuration,
992 mpt->mpt_port_page1.OnBusTimerValue);
995 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page2.Header,
996 sizeof(mpt->mpt_port_page2), FALSE, 5000);
998 mpt_prt(mpt, "failed to read SPI Port Page 2\n");
1000 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1001 "Port Page 2: Flags %x Settings %x\n",
1002 mpt->mpt_port_page2.PortFlags,
1003 mpt->mpt_port_page2.PortSettings);
1004 mpt2host_config_page_scsi_port_2(&mpt->mpt_port_page2);
1005 for (i = 0; i < 16; i++) {
1006 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1007 " Port Page 2 Tgt %d: timo %x SF %x Flags %x\n",
1008 i, mpt->mpt_port_page2.DeviceSettings[i].Timeout,
1009 mpt->mpt_port_page2.DeviceSettings[i].SyncFactor,
1010 mpt->mpt_port_page2.DeviceSettings[i].DeviceFlags);
1014 for (i = 0; i < 16; i++) {
1015 rv = mpt_read_cur_cfg_page(mpt, i,
1016 &mpt->mpt_dev_page0[i].Header, sizeof(*mpt->mpt_dev_page0),
1020 "cannot read SPI Target %d Device Page 0\n", i);
1023 mpt2host_config_page_scsi_device_0(&mpt->mpt_dev_page0[i]);
1024 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1025 "target %d page 0: Negotiated Params %x Information %x\n",
1026 i, mpt->mpt_dev_page0[i].NegotiatedParameters,
1027 mpt->mpt_dev_page0[i].Information);
1029 rv = mpt_read_cur_cfg_page(mpt, i,
1030 &mpt->mpt_dev_page1[i].Header, sizeof(*mpt->mpt_dev_page1),
1034 "cannot read SPI Target %d Device Page 1\n", i);
1037 mpt2host_config_page_scsi_device_1(&mpt->mpt_dev_page1[i]);
1038 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1039 "target %d page 1: Requested Params %x Configuration %x\n",
1040 i, mpt->mpt_dev_page1[i].RequestedParameters,
1041 mpt->mpt_dev_page1[i].Configuration);
1047 * Validate SPI configuration information.
1049 * In particular, validate SPI Port Page 1.
1052 mpt_set_initial_config_spi(struct mpt_softc *mpt)
1054 int error, i, pp1val;
1056 mpt->mpt_disc_enable = 0xff;
1057 mpt->mpt_tag_enable = 0;
1059 pp1val = ((1 << mpt->mpt_ini_id) <<
1060 MPI_SCSIPORTPAGE1_CFG_SHIFT_PORT_RESPONSE_ID) | mpt->mpt_ini_id;
1061 if (mpt->mpt_port_page1.Configuration != pp1val) {
1062 CONFIG_PAGE_SCSI_PORT_1 tmp;
1064 mpt_prt(mpt, "SPI Port Page 1 Config value bad (%x)- should "
1065 "be %x\n", mpt->mpt_port_page1.Configuration, pp1val);
1066 tmp = mpt->mpt_port_page1;
1067 tmp.Configuration = pp1val;
1068 host2mpt_config_page_scsi_port_1(&tmp);
1069 error = mpt_write_cur_cfg_page(mpt, 0,
1070 &tmp.Header, sizeof(tmp), FALSE, 5000);
1074 error = mpt_read_cur_cfg_page(mpt, 0,
1075 &tmp.Header, sizeof(tmp), FALSE, 5000);
1079 mpt2host_config_page_scsi_port_1(&tmp);
1080 if (tmp.Configuration != pp1val) {
1082 "failed to reset SPI Port Page 1 Config value\n");
1085 mpt->mpt_port_page1 = tmp;
1089 * The purpose of this exercise is to get
1090 * all targets back to async/narrow.
1092 * We skip this step if the BIOS has already negotiated
1093 * speeds with the targets.
1095 i = mpt->mpt_port_page2.PortSettings &
1096 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS;
1097 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS) {
1098 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1099 "honoring BIOS transfer negotiations\n");
1101 for (i = 0; i < 16; i++) {
1102 mpt->mpt_dev_page1[i].RequestedParameters = 0;
1103 mpt->mpt_dev_page1[i].Configuration = 0;
1104 (void) mpt_update_spi_config(mpt, i);
1111 mpt_cam_enable(struct mpt_softc *mpt)
1119 if (mpt_read_config_info_fc(mpt)) {
1122 if (mpt_set_initial_config_fc(mpt)) {
1125 } else if (mpt->is_sas) {
1126 if (mpt_read_config_info_sas(mpt)) {
1129 if (mpt_set_initial_config_sas(mpt)) {
1132 } else if (mpt->is_spi) {
1133 if (mpt_read_config_info_spi(mpt)) {
1136 if (mpt_set_initial_config_spi(mpt)) {
1148 mpt_cam_ready(struct mpt_softc *mpt)
1152 * If we're in target mode, hang out resources now
1153 * so we don't cause the world to hang talking to us.
1155 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) {
1157 * Try to add some target command resources
1160 if (mpt_add_target_commands(mpt) == FALSE) {
1161 mpt_prt(mpt, "failed to add target commands\n");
1169 mpt_cam_detach(struct mpt_softc *mpt)
1171 mpt_handler_t handler;
1175 mpt_terminate_recovery_thread(mpt);
1177 handler.reply_handler = mpt_scsi_reply_handler;
1178 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1179 scsi_io_handler_id);
1180 handler.reply_handler = mpt_scsi_tmf_reply_handler;
1181 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1182 scsi_tmf_handler_id);
1183 handler.reply_handler = mpt_fc_els_reply_handler;
1184 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1186 handler.reply_handler = mpt_scsi_tgt_reply_handler;
1187 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1188 mpt->scsi_tgt_handler_id);
1189 handler.reply_handler = mpt_sata_pass_reply_handler;
1190 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1191 sata_pass_handler_id);
1193 if (mpt->tmf_req != NULL) {
1194 mpt->tmf_req->state = REQ_STATE_ALLOCATED;
1195 mpt_free_request(mpt, mpt->tmf_req);
1196 mpt->tmf_req = NULL;
1198 if (mpt->sas_portinfo != NULL) {
1199 free(mpt->sas_portinfo, M_DEVBUF);
1200 mpt->sas_portinfo = NULL;
1203 if (mpt->sim != NULL) {
1204 xpt_free_path(mpt->path);
1205 xpt_bus_deregister(cam_sim_path(mpt->sim));
1206 cam_sim_free(mpt->sim, TRUE);
1210 if (mpt->phydisk_sim != NULL) {
1211 xpt_free_path(mpt->phydisk_path);
1212 xpt_bus_deregister(cam_sim_path(mpt->phydisk_sim));
1213 cam_sim_free(mpt->phydisk_sim, TRUE);
1214 mpt->phydisk_sim = NULL;
1219 /* This routine is used after a system crash to dump core onto the swap device.
1222 mpt_poll(struct cam_sim *sim)
1224 struct mpt_softc *mpt;
1226 mpt = (struct mpt_softc *)cam_sim_softc(sim);
1231 * Watchdog timeout routine for SCSI requests.
1234 mpt_timeout(void *arg)
1237 struct mpt_softc *mpt;
1240 ccb = (union ccb *)arg;
1241 mpt = ccb->ccb_h.ccb_mpt_ptr;
1243 MPT_LOCK_ASSERT(mpt);
1244 req = ccb->ccb_h.ccb_req_ptr;
1245 mpt_prt(mpt, "request %p:%u timed out for ccb %p (req->ccb %p)\n", req,
1246 req->serno, ccb, req->ccb);
1247 /* XXX: WHAT ARE WE TRYING TO DO HERE? */
1248 if ((req->state & REQ_STATE_QUEUED) == REQ_STATE_QUEUED) {
1249 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
1250 TAILQ_INSERT_TAIL(&mpt->request_timeout_list, req, links);
1251 req->state |= REQ_STATE_TIMEDOUT;
1252 mpt_wakeup_recovery_thread(mpt);
1257 * Callback routine from "bus_dmamap_load" or, in simple cases, called directly.
1259 * Takes a list of physical segments and builds the SGL for SCSI IO command
1260 * and forwards the commard to the IOC after one last check that CAM has not
1261 * aborted the transaction.
1264 mpt_execute_req_a64(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error)
1266 request_t *req, *trq;
1269 struct mpt_softc *mpt;
1270 bus_addr_t chain_list_addr;
1271 int first_lim, seg, this_seg_lim;
1272 uint32_t addr, cur_off, flags, nxt_off, tf;
1274 MSG_REQUEST_HEADER *hdrp;
1279 req = (request_t *)arg;
1282 mpt = ccb->ccb_h.ccb_mpt_ptr;
1283 req = ccb->ccb_h.ccb_req_ptr;
1285 hdrp = req->req_vbuf;
1286 mpt_off = req->req_vbuf;
1288 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1293 switch (hdrp->Function) {
1294 case MPI_FUNCTION_SCSI_IO_REQUEST:
1295 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
1297 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL;
1299 case MPI_FUNCTION_TARGET_ASSIST:
1301 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL;
1304 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req_a64\n",
1311 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1313 mpt_prt(mpt, "segment count %d too large (max %u)\n",
1314 nseg, mpt->max_seg_cnt);
1319 if (error != EFBIG && error != ENOMEM) {
1320 mpt_prt(mpt, "mpt_execute_req_a64: err %d\n", error);
1322 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) {
1324 mpt_freeze_ccb(ccb);
1325 if (error == EFBIG) {
1326 status = CAM_REQ_TOO_BIG;
1327 } else if (error == ENOMEM) {
1328 if (mpt->outofbeer == 0) {
1330 xpt_freeze_simq(mpt->sim, 1);
1331 mpt_lprt(mpt, MPT_PRT_DEBUG,
1334 status = CAM_REQUEUE_REQ;
1336 status = CAM_REQ_CMP_ERR;
1338 mpt_set_ccb_status(ccb, status);
1340 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1341 request_t *cmd_req =
1342 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1343 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1344 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1345 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1347 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1348 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
1350 mpt_free_request(mpt, req);
1355 * No data to transfer?
1356 * Just make a single simple SGL with zero length.
1359 if (mpt->verbose >= MPT_PRT_DEBUG) {
1360 int tidx = ((char *)sglp) - mpt_off;
1361 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx);
1365 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp;
1366 MPI_pSGE_SET_FLAGS(se1,
1367 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER |
1368 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST));
1369 se1->FlagsLength = htole32(se1->FlagsLength);
1374 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_64_BIT_ADDRESSING;
1376 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
1377 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1380 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1381 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1385 if (!(ccb->ccb_h.flags & (CAM_SG_LIST_PHYS|CAM_DATA_PHYS))) {
1386 bus_dmasync_op_t op;
1388 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1389 op = BUS_DMASYNC_PREREAD;
1391 op = BUS_DMASYNC_PREWRITE;
1394 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1395 op = BUS_DMASYNC_PREWRITE;
1397 op = BUS_DMASYNC_PREREAD;
1400 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
1404 * Okay, fill in what we can at the end of the command frame.
1405 * If we have up to MPT_NSGL_FIRST, we can fit them all into
1406 * the command frame.
1408 * Otherwise, we fill up through MPT_NSGL_FIRST less one
1409 * SIMPLE64 pointers and start doing CHAIN64 entries after
1413 if (nseg < MPT_NSGL_FIRST(mpt)) {
1417 * Leave room for CHAIN element
1419 first_lim = MPT_NSGL_FIRST(mpt) - 1;
1422 se = (SGE_SIMPLE64 *) sglp;
1423 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) {
1425 memset(se, 0, sizeof (*se));
1426 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1427 se->Address.Low = htole32(dm_segs->ds_addr & 0xffffffff);
1428 if (sizeof(bus_addr_t) > 4) {
1429 addr = ((uint64_t)dm_segs->ds_addr) >> 32;
1430 /* SAS1078 36GB limitation WAR */
1431 if (mpt->is_1078 && (((uint64_t)dm_segs->ds_addr +
1432 MPI_SGE_LENGTH(se->FlagsLength)) >> 32) == 9) {
1434 tf |= MPI_SGE_FLAGS_LOCAL_ADDRESS;
1436 se->Address.High = htole32(addr);
1438 if (seg == first_lim - 1) {
1439 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1441 if (seg == nseg - 1) {
1442 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1443 MPI_SGE_FLAGS_END_OF_BUFFER;
1445 MPI_pSGE_SET_FLAGS(se, tf);
1446 se->FlagsLength = htole32(se->FlagsLength);
1454 * Tell the IOC where to find the first chain element.
1456 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2;
1457 nxt_off = MPT_RQSL(mpt);
1461 * Make up the rest of the data segments out of a chain element
1462 * (contained in the current request frame) which points to
1463 * SIMPLE64 elements in the next request frame, possibly ending
1464 * with *another* chain element (if there's more).
1466 while (seg < nseg) {
1468 * Point to the chain descriptor. Note that the chain
1469 * descriptor is at the end of the *previous* list (whether
1472 ce = (SGE_CHAIN64 *) se;
1475 * Before we change our current pointer, make sure we won't
1476 * overflow the request area with this frame. Note that we
1477 * test against 'greater than' here as it's okay in this case
1478 * to have next offset be just outside the request area.
1480 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) {
1481 nxt_off = MPT_REQUEST_AREA;
1486 * Set our SGE element pointer to the beginning of the chain
1487 * list and update our next chain list offset.
1489 se = (SGE_SIMPLE64 *) &mpt_off[nxt_off];
1491 nxt_off += MPT_RQSL(mpt);
1494 * Now initialize the chain descriptor.
1496 memset(ce, 0, sizeof (*ce));
1499 * Get the physical address of the chain list.
1501 chain_list_addr = trq->req_pbuf;
1502 chain_list_addr += cur_off;
1503 if (sizeof (bus_addr_t) > 4) {
1505 htole32(((uint64_t)chain_list_addr) >> 32);
1507 ce->Address.Low = htole32(chain_list_addr & 0xffffffff);
1508 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT |
1509 MPI_SGE_FLAGS_64_BIT_ADDRESSING;
1512 * If we have more than a frame's worth of segments left,
1513 * set up the chain list to have the last element be another
1516 if ((nseg - seg) > MPT_NSGL(mpt)) {
1517 this_seg_lim = seg + MPT_NSGL(mpt) - 1;
1519 * The length of the chain is the length in bytes of the
1520 * number of segments plus the next chain element.
1522 * The next chain descriptor offset is the length,
1523 * in words, of the number of segments.
1525 ce->Length = (this_seg_lim - seg) *
1526 sizeof (SGE_SIMPLE64);
1527 ce->NextChainOffset = ce->Length >> 2;
1528 ce->Length += sizeof (SGE_CHAIN64);
1530 this_seg_lim = nseg;
1531 ce->Length = (this_seg_lim - seg) *
1532 sizeof (SGE_SIMPLE64);
1534 ce->Length = htole16(ce->Length);
1537 * Fill in the chain list SGE elements with our segment data.
1539 * If we're the last element in this chain list, set the last
1540 * element flag. If we're the completely last element period,
1541 * set the end of list and end of buffer flags.
1543 while (seg < this_seg_lim) {
1545 memset(se, 0, sizeof (*se));
1546 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1547 se->Address.Low = htole32(dm_segs->ds_addr &
1549 if (sizeof (bus_addr_t) > 4) {
1550 addr = ((uint64_t)dm_segs->ds_addr) >> 32;
1551 /* SAS1078 36GB limitation WAR */
1553 (((uint64_t)dm_segs->ds_addr +
1554 MPI_SGE_LENGTH(se->FlagsLength)) >>
1557 tf |= MPI_SGE_FLAGS_LOCAL_ADDRESS;
1559 se->Address.High = htole32(addr);
1561 if (seg == this_seg_lim - 1) {
1562 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1564 if (seg == nseg - 1) {
1565 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1566 MPI_SGE_FLAGS_END_OF_BUFFER;
1568 MPI_pSGE_SET_FLAGS(se, tf);
1569 se->FlagsLength = htole32(se->FlagsLength);
1577 * If we have more segments to do and we've used up all of
1578 * the space in a request area, go allocate another one
1579 * and chain to that.
1581 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) {
1584 nrq = mpt_get_request(mpt, FALSE);
1592 * Append the new request area on the tail of our list.
1594 if ((trq = req->chain) == NULL) {
1597 while (trq->chain != NULL) {
1603 mpt_off = trq->req_vbuf;
1604 if (mpt->verbose >= MPT_PRT_DEBUG) {
1605 memset(mpt_off, 0xff, MPT_REQUEST_AREA);
1613 * Last time we need to check if this CCB needs to be aborted.
1615 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) {
1616 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1617 request_t *cmd_req =
1618 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1619 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1620 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1621 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1624 "mpt_execute_req_a64: I/O cancelled (status 0x%x)\n",
1625 ccb->ccb_h.status & CAM_STATUS_MASK);
1626 if (nseg && (ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
1627 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
1629 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1630 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
1632 mpt_free_request(mpt, req);
1636 ccb->ccb_h.status |= CAM_SIM_QUEUED;
1637 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) {
1638 mpt_req_timeout(req, (ccb->ccb_h.timeout * hz) / 1000,
1641 if (mpt->verbose > MPT_PRT_DEBUG) {
1643 mpt_print_request(req->req_vbuf);
1644 for (trq = req->chain; trq; trq = trq->chain) {
1645 printf(" Additional Chain Area %d\n", nc++);
1646 mpt_dump_sgl(trq->req_vbuf, 0);
1650 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1651 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1652 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
1653 #ifdef WE_TRUST_AUTO_GOOD_STATUS
1654 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
1655 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
1656 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
1658 tgt->state = TGT_STATE_MOVING_DATA;
1661 tgt->state = TGT_STATE_MOVING_DATA;
1664 mpt_send_cmd(mpt, req);
1668 mpt_execute_req(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error)
1670 request_t *req, *trq;
1673 struct mpt_softc *mpt;
1675 uint32_t flags, nxt_off;
1677 MSG_REQUEST_HEADER *hdrp;
1682 req = (request_t *)arg;
1685 mpt = ccb->ccb_h.ccb_mpt_ptr;
1686 req = ccb->ccb_h.ccb_req_ptr;
1688 hdrp = req->req_vbuf;
1689 mpt_off = req->req_vbuf;
1692 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1697 switch (hdrp->Function) {
1698 case MPI_FUNCTION_SCSI_IO_REQUEST:
1699 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
1700 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL;
1702 case MPI_FUNCTION_TARGET_ASSIST:
1704 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL;
1707 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req\n",
1714 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1716 mpt_prt(mpt, "segment count %d too large (max %u)\n",
1717 nseg, mpt->max_seg_cnt);
1722 if (error != EFBIG && error != ENOMEM) {
1723 mpt_prt(mpt, "mpt_execute_req: err %d\n", error);
1725 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) {
1727 mpt_freeze_ccb(ccb);
1728 if (error == EFBIG) {
1729 status = CAM_REQ_TOO_BIG;
1730 } else if (error == ENOMEM) {
1731 if (mpt->outofbeer == 0) {
1733 xpt_freeze_simq(mpt->sim, 1);
1734 mpt_lprt(mpt, MPT_PRT_DEBUG,
1737 status = CAM_REQUEUE_REQ;
1739 status = CAM_REQ_CMP_ERR;
1741 mpt_set_ccb_status(ccb, status);
1743 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1744 request_t *cmd_req =
1745 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1746 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1747 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1748 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1750 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1751 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
1753 mpt_free_request(mpt, req);
1758 * No data to transfer?
1759 * Just make a single simple SGL with zero length.
1762 if (mpt->verbose >= MPT_PRT_DEBUG) {
1763 int tidx = ((char *)sglp) - mpt_off;
1764 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx);
1768 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp;
1769 MPI_pSGE_SET_FLAGS(se1,
1770 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER |
1771 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST));
1772 se1->FlagsLength = htole32(se1->FlagsLength);
1777 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT;
1779 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
1780 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1783 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1784 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1788 if (!(ccb->ccb_h.flags & (CAM_SG_LIST_PHYS|CAM_DATA_PHYS))) {
1789 bus_dmasync_op_t op;
1791 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1792 op = BUS_DMASYNC_PREREAD;
1794 op = BUS_DMASYNC_PREWRITE;
1797 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1798 op = BUS_DMASYNC_PREWRITE;
1800 op = BUS_DMASYNC_PREREAD;
1803 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
1807 * Okay, fill in what we can at the end of the command frame.
1808 * If we have up to MPT_NSGL_FIRST, we can fit them all into
1809 * the command frame.
1811 * Otherwise, we fill up through MPT_NSGL_FIRST less one
1812 * SIMPLE32 pointers and start doing CHAIN32 entries after
1816 if (nseg < MPT_NSGL_FIRST(mpt)) {
1820 * Leave room for CHAIN element
1822 first_lim = MPT_NSGL_FIRST(mpt) - 1;
1825 se = (SGE_SIMPLE32 *) sglp;
1826 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) {
1829 memset(se, 0,sizeof (*se));
1830 se->Address = htole32(dm_segs->ds_addr);
1832 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1834 if (seg == first_lim - 1) {
1835 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1837 if (seg == nseg - 1) {
1838 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1839 MPI_SGE_FLAGS_END_OF_BUFFER;
1841 MPI_pSGE_SET_FLAGS(se, tf);
1842 se->FlagsLength = htole32(se->FlagsLength);
1850 * Tell the IOC where to find the first chain element.
1852 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2;
1853 nxt_off = MPT_RQSL(mpt);
1857 * Make up the rest of the data segments out of a chain element
1858 * (contained in the current request frame) which points to
1859 * SIMPLE32 elements in the next request frame, possibly ending
1860 * with *another* chain element (if there's more).
1862 while (seg < nseg) {
1864 uint32_t tf, cur_off;
1865 bus_addr_t chain_list_addr;
1868 * Point to the chain descriptor. Note that the chain
1869 * descriptor is at the end of the *previous* list (whether
1872 ce = (SGE_CHAIN32 *) se;
1875 * Before we change our current pointer, make sure we won't
1876 * overflow the request area with this frame. Note that we
1877 * test against 'greater than' here as it's okay in this case
1878 * to have next offset be just outside the request area.
1880 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) {
1881 nxt_off = MPT_REQUEST_AREA;
1886 * Set our SGE element pointer to the beginning of the chain
1887 * list and update our next chain list offset.
1889 se = (SGE_SIMPLE32 *) &mpt_off[nxt_off];
1891 nxt_off += MPT_RQSL(mpt);
1894 * Now initialize the chain descriptor.
1896 memset(ce, 0, sizeof (*ce));
1899 * Get the physical address of the chain list.
1901 chain_list_addr = trq->req_pbuf;
1902 chain_list_addr += cur_off;
1906 ce->Address = htole32(chain_list_addr);
1907 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT;
1911 * If we have more than a frame's worth of segments left,
1912 * set up the chain list to have the last element be another
1915 if ((nseg - seg) > MPT_NSGL(mpt)) {
1916 this_seg_lim = seg + MPT_NSGL(mpt) - 1;
1918 * The length of the chain is the length in bytes of the
1919 * number of segments plus the next chain element.
1921 * The next chain descriptor offset is the length,
1922 * in words, of the number of segments.
1924 ce->Length = (this_seg_lim - seg) *
1925 sizeof (SGE_SIMPLE32);
1926 ce->NextChainOffset = ce->Length >> 2;
1927 ce->Length += sizeof (SGE_CHAIN32);
1929 this_seg_lim = nseg;
1930 ce->Length = (this_seg_lim - seg) *
1931 sizeof (SGE_SIMPLE32);
1933 ce->Length = htole16(ce->Length);
1936 * Fill in the chain list SGE elements with our segment data.
1938 * If we're the last element in this chain list, set the last
1939 * element flag. If we're the completely last element period,
1940 * set the end of list and end of buffer flags.
1942 while (seg < this_seg_lim) {
1943 memset(se, 0, sizeof (*se));
1944 se->Address = htole32(dm_segs->ds_addr);
1946 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1948 if (seg == this_seg_lim - 1) {
1949 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1951 if (seg == nseg - 1) {
1952 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1953 MPI_SGE_FLAGS_END_OF_BUFFER;
1955 MPI_pSGE_SET_FLAGS(se, tf);
1956 se->FlagsLength = htole32(se->FlagsLength);
1964 * If we have more segments to do and we've used up all of
1965 * the space in a request area, go allocate another one
1966 * and chain to that.
1968 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) {
1971 nrq = mpt_get_request(mpt, FALSE);
1979 * Append the new request area on the tail of our list.
1981 if ((trq = req->chain) == NULL) {
1984 while (trq->chain != NULL) {
1990 mpt_off = trq->req_vbuf;
1991 if (mpt->verbose >= MPT_PRT_DEBUG) {
1992 memset(mpt_off, 0xff, MPT_REQUEST_AREA);
2000 * Last time we need to check if this CCB needs to be aborted.
2002 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) {
2003 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
2004 request_t *cmd_req =
2005 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
2006 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
2007 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
2008 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
2011 "mpt_execute_req: I/O cancelled (status 0x%x)\n",
2012 ccb->ccb_h.status & CAM_STATUS_MASK);
2013 if (nseg && (ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
2014 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
2016 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2017 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
2019 mpt_free_request(mpt, req);
2023 ccb->ccb_h.status |= CAM_SIM_QUEUED;
2024 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) {
2025 mpt_req_timeout(req, (ccb->ccb_h.timeout * hz) / 1000,
2028 if (mpt->verbose > MPT_PRT_DEBUG) {
2030 mpt_print_request(req->req_vbuf);
2031 for (trq = req->chain; trq; trq = trq->chain) {
2032 printf(" Additional Chain Area %d\n", nc++);
2033 mpt_dump_sgl(trq->req_vbuf, 0);
2037 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
2038 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
2039 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
2040 #ifdef WE_TRUST_AUTO_GOOD_STATUS
2041 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
2042 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
2043 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
2045 tgt->state = TGT_STATE_MOVING_DATA;
2048 tgt->state = TGT_STATE_MOVING_DATA;
2051 mpt_send_cmd(mpt, req);
2055 mpt_start(struct cam_sim *sim, union ccb *ccb)
2058 struct mpt_softc *mpt;
2059 MSG_SCSI_IO_REQUEST *mpt_req;
2060 struct ccb_scsiio *csio = &ccb->csio;
2061 struct ccb_hdr *ccbh = &ccb->ccb_h;
2062 bus_dmamap_callback_t *cb;
2066 /* Get the pointer for the physical addapter */
2067 mpt = ccb->ccb_h.ccb_mpt_ptr;
2068 raid_passthru = (sim == mpt->phydisk_sim);
2070 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
2071 if (mpt->outofbeer == 0) {
2073 xpt_freeze_simq(mpt->sim, 1);
2074 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
2076 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2077 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
2082 mpt_req_not_spcl(mpt, req, "mpt_start", __LINE__);
2085 if (sizeof (bus_addr_t) > 4) {
2086 cb = mpt_execute_req_a64;
2088 cb = mpt_execute_req;
2092 * Link the ccb and the request structure so we can find
2093 * the other knowing either the request or the ccb
2096 ccb->ccb_h.ccb_req_ptr = req;
2098 /* Now we build the command for the IOC */
2099 mpt_req = req->req_vbuf;
2100 memset(mpt_req, 0, sizeof (MSG_SCSI_IO_REQUEST));
2102 mpt_req->Function = MPI_FUNCTION_SCSI_IO_REQUEST;
2103 if (raid_passthru) {
2104 mpt_req->Function = MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH;
2105 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) {
2106 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2107 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE);
2111 mpt_req->Bus = 0; /* we never set bus here */
2113 tgt = ccb->ccb_h.target_id;
2114 mpt_req->Bus = 0; /* XXX */
2117 mpt_req->SenseBufferLength =
2118 (csio->sense_len < MPT_SENSE_SIZE) ?
2119 csio->sense_len : MPT_SENSE_SIZE;
2122 * We use the message context to find the request structure when we
2123 * Get the command completion interrupt from the IOC.
2125 mpt_req->MsgContext = htole32(req->index | scsi_io_handler_id);
2127 /* Which physical device to do the I/O on */
2128 mpt_req->TargetID = tgt;
2130 /* We assume a single level LUN type */
2131 if (ccb->ccb_h.target_lun >= MPT_MAX_LUNS) {
2132 mpt_req->LUN[0] = 0x40 | ((ccb->ccb_h.target_lun >> 8) & 0x3f);
2133 mpt_req->LUN[1] = ccb->ccb_h.target_lun & 0xff;
2135 mpt_req->LUN[1] = ccb->ccb_h.target_lun;
2138 /* Set the direction of the transfer */
2139 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
2140 mpt_req->Control = MPI_SCSIIO_CONTROL_READ;
2141 } else if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
2142 mpt_req->Control = MPI_SCSIIO_CONTROL_WRITE;
2144 mpt_req->Control = MPI_SCSIIO_CONTROL_NODATATRANSFER;
2147 if ((ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) != 0) {
2148 switch(ccb->csio.tag_action) {
2149 case MSG_HEAD_OF_Q_TAG:
2150 mpt_req->Control |= MPI_SCSIIO_CONTROL_HEADOFQ;
2153 mpt_req->Control |= MPI_SCSIIO_CONTROL_ACAQ;
2155 case MSG_ORDERED_Q_TAG:
2156 mpt_req->Control |= MPI_SCSIIO_CONTROL_ORDEREDQ;
2158 case MSG_SIMPLE_Q_TAG:
2160 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ;
2164 if (mpt->is_fc || mpt->is_sas) {
2165 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ;
2167 /* XXX No such thing for a target doing packetized. */
2168 mpt_req->Control |= MPI_SCSIIO_CONTROL_UNTAGGED;
2173 if (ccb->ccb_h.flags & CAM_DIS_DISCONNECT) {
2174 mpt_req->Control |= MPI_SCSIIO_CONTROL_NO_DISCONNECT;
2177 mpt_req->Control = htole32(mpt_req->Control);
2179 /* Copy the scsi command block into place */
2180 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) {
2181 bcopy(csio->cdb_io.cdb_ptr, mpt_req->CDB, csio->cdb_len);
2183 bcopy(csio->cdb_io.cdb_bytes, mpt_req->CDB, csio->cdb_len);
2186 mpt_req->CDBLength = csio->cdb_len;
2187 mpt_req->DataLength = htole32(csio->dxfer_len);
2188 mpt_req->SenseBufferLowAddr = htole32(req->sense_pbuf);
2191 * Do a *short* print here if we're set to MPT_PRT_DEBUG
2193 if (mpt->verbose == MPT_PRT_DEBUG) {
2195 mpt_prt(mpt, "mpt_start: %s op 0x%x ",
2196 (mpt_req->Function == MPI_FUNCTION_SCSI_IO_REQUEST)?
2197 "SCSI_IO_REQUEST" : "SCSI_IO_PASSTHRU", mpt_req->CDB[0]);
2198 df = mpt_req->Control & MPI_SCSIIO_CONTROL_DATADIRECTION_MASK;
2199 if (df != MPI_SCSIIO_CONTROL_NODATATRANSFER) {
2200 mpt_prtc(mpt, "(%s %u byte%s ",
2201 (df == MPI_SCSIIO_CONTROL_READ)?
2202 "read" : "write", csio->dxfer_len,
2203 (csio->dxfer_len == 1)? ")" : "s)");
2205 mpt_prtc(mpt, "tgt %u lun %u req %p:%u\n", tgt,
2206 ccb->ccb_h.target_lun, req, req->serno);
2210 * If we have any data to send with this command map it into bus space.
2212 if ((ccbh->flags & CAM_DIR_MASK) != CAM_DIR_NONE) {
2213 if ((ccbh->flags & CAM_SCATTER_VALID) == 0) {
2215 * We've been given a pointer to a single buffer.
2217 if ((ccbh->flags & CAM_DATA_PHYS) == 0) {
2219 * Virtual address that needs to translated into
2220 * one or more physical address ranges.
2223 int s = splsoftvm();
2224 error = bus_dmamap_load(mpt->buffer_dmat,
2225 req->dmap, csio->data_ptr, csio->dxfer_len,
2228 if (error == EINPROGRESS) {
2230 * So as to maintain ordering,
2231 * freeze the controller queue
2232 * until our mapping is
2235 xpt_freeze_simq(mpt->sim, 1);
2236 ccbh->status |= CAM_RELEASE_SIMQ;
2240 * We have been given a pointer to single
2243 struct bus_dma_segment seg;
2245 (bus_addr_t)(vm_offset_t)csio->data_ptr;
2246 seg.ds_len = csio->dxfer_len;
2247 (*cb)(req, &seg, 1, 0);
2251 * We have been given a list of addresses.
2252 * This case could be easily supported but they are not
2253 * currently generated by the CAM subsystem so there
2254 * is no point in wasting the time right now.
2256 struct bus_dma_segment *segs;
2257 if ((ccbh->flags & CAM_SG_LIST_PHYS) == 0) {
2258 (*cb)(req, NULL, 0, EFAULT);
2260 /* Just use the segments provided */
2261 segs = (struct bus_dma_segment *)csio->data_ptr;
2262 (*cb)(req, segs, csio->sglist_cnt, 0);
2266 (*cb)(req, NULL, 0, 0);
2271 mpt_bus_reset(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun,
2278 error = mpt_scsi_send_tmf(mpt,
2279 (tgt != CAM_TARGET_WILDCARD || lun != CAM_LUN_WILDCARD) ?
2280 MPI_SCSITASKMGMT_TASKTYPE_TARGET_RESET :
2281 MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS,
2282 mpt->is_fc ? MPI_SCSITASKMGMT_MSGFLAGS_LIP_RESET_OPTION : 0,
2283 0, /* XXX How do I get the channel ID? */
2284 tgt != CAM_TARGET_WILDCARD ? tgt : 0,
2285 lun != CAM_LUN_WILDCARD ? lun : 0,
2290 * mpt_scsi_send_tmf hard resets on failure, so no
2291 * need to do so here.
2294 "mpt_bus_reset: mpt_scsi_send_tmf returned %d\n", error);
2298 /* Wait for bus reset to be processed by the IOC. */
2299 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE,
2300 REQ_STATE_DONE, sleep_ok, 5000);
2302 status = le16toh(mpt->tmf_req->IOCStatus);
2303 response = mpt->tmf_req->ResponseCode;
2304 mpt->tmf_req->state = REQ_STATE_FREE;
2307 mpt_prt(mpt, "mpt_bus_reset: Reset timed-out. "
2308 "Resetting controller.\n");
2309 mpt_reset(mpt, TRUE);
2313 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) {
2314 mpt_prt(mpt, "mpt_bus_reset: TMF IOC Status 0x%x. "
2315 "Resetting controller.\n", status);
2316 mpt_reset(mpt, TRUE);
2320 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED &&
2321 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) {
2322 mpt_prt(mpt, "mpt_bus_reset: TMF Response 0x%x. "
2323 "Resetting controller.\n", response);
2324 mpt_reset(mpt, TRUE);
2331 mpt_fc_reset_link(struct mpt_softc *mpt, int dowait)
2335 PTR_MSG_FC_PRIMITIVE_SEND_REQUEST fc;
2337 req = mpt_get_request(mpt, FALSE);
2342 memset(fc, 0, sizeof(*fc));
2343 fc->SendFlags = MPI_FC_PRIM_SEND_FLAGS_RESET_LINK;
2344 fc->Function = MPI_FUNCTION_FC_PRIMITIVE_SEND;
2345 fc->MsgContext = htole32(req->index | fc_els_handler_id);
2346 mpt_send_cmd(mpt, req);
2348 r = mpt_wait_req(mpt, req, REQ_STATE_DONE,
2349 REQ_STATE_DONE, FALSE, 60 * 1000);
2351 mpt_free_request(mpt, req);
2358 mpt_cam_event(struct mpt_softc *mpt, request_t *req,
2359 MSG_EVENT_NOTIFY_REPLY *msg)
2361 uint32_t data0, data1;
2363 data0 = le32toh(msg->Data[0]);
2364 data1 = le32toh(msg->Data[1]);
2365 switch(msg->Event & 0xFF) {
2366 case MPI_EVENT_UNIT_ATTENTION:
2367 mpt_prt(mpt, "UNIT ATTENTION: Bus: 0x%02x TargetID: 0x%02x\n",
2368 (data0 >> 8) & 0xff, data0 & 0xff);
2371 case MPI_EVENT_IOC_BUS_RESET:
2372 /* We generated a bus reset */
2373 mpt_prt(mpt, "IOC Generated Bus Reset Port: %d\n",
2374 (data0 >> 8) & 0xff);
2375 xpt_async(AC_BUS_RESET, mpt->path, NULL);
2378 case MPI_EVENT_EXT_BUS_RESET:
2379 /* Someone else generated a bus reset */
2380 mpt_prt(mpt, "External Bus Reset Detected\n");
2382 * These replies don't return EventData like the MPI
2385 xpt_async(AC_BUS_RESET, mpt->path, NULL);
2388 case MPI_EVENT_RESCAN:
2389 #if __FreeBSD_version >= 600000
2394 * In general this means a device has been added to the loop.
2396 mpt_prt(mpt, "Rescan Port: %d\n", (data0 >> 8) & 0xff);
2397 if (mpt->ready == 0) {
2400 if (mpt->phydisk_sim) {
2401 pathid = cam_sim_path(mpt->phydisk_sim);
2403 pathid = cam_sim_path(mpt->sim);
2406 * Allocate a CCB, create a wildcard path for this bus,
2407 * and schedule a rescan.
2409 ccb = xpt_alloc_ccb_nowait();
2411 mpt_prt(mpt, "unable to alloc CCB for rescan\n");
2415 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, pathid,
2416 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
2417 mpt_prt(mpt, "unable to create path for rescan\n");
2425 mpt_prt(mpt, "Rescan Port: %d\n", (data0 >> 8) & 0xff);
2428 case MPI_EVENT_LINK_STATUS_CHANGE:
2429 mpt_prt(mpt, "Port %d: LinkState: %s\n",
2430 (data1 >> 8) & 0xff,
2431 ((data0 & 0xff) == 0)? "Failed" : "Active");
2434 case MPI_EVENT_LOOP_STATE_CHANGE:
2435 switch ((data0 >> 16) & 0xff) {
2438 "Port 0x%x: FC LinkEvent: LIP(%02x,%02x) "
2439 "(Loop Initialization)\n",
2440 (data1 >> 8) & 0xff,
2441 (data0 >> 8) & 0xff,
2443 switch ((data0 >> 8) & 0xff) {
2445 if ((data0 & 0xff) == 0xF7) {
2446 mpt_prt(mpt, "Device needs AL_PA\n");
2448 mpt_prt(mpt, "Device %02x doesn't like "
2454 if ((data0 & 0xff) == 0xF7) {
2455 mpt_prt(mpt, "Device had loop failure "
2456 "at its receiver prior to acquiring"
2459 mpt_prt(mpt, "Device %02x detected loop"
2460 " failure at its receiver\n",
2465 mpt_prt(mpt, "Device %02x requests that device "
2466 "%02x reset itself\n",
2468 (data0 >> 8) & 0xFF);
2473 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: "
2474 "LPE(%02x,%02x) (Loop Port Enable)\n",
2475 (data1 >> 8) & 0xff, /* Port */
2476 (data0 >> 8) & 0xff, /* Character 3 */
2477 (data0 ) & 0xff /* Character 4 */);
2480 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: "
2481 "LPB(%02x,%02x) (Loop Port Bypass)\n",
2482 (data1 >> 8) & 0xff, /* Port */
2483 (data0 >> 8) & 0xff, /* Character 3 */
2484 (data0 ) & 0xff /* Character 4 */);
2487 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: Unknown "
2488 "FC event (%02x %02x %02x)\n",
2489 (data1 >> 8) & 0xff, /* Port */
2490 (data0 >> 16) & 0xff, /* Event */
2491 (data0 >> 8) & 0xff, /* Character 3 */
2492 (data0 ) & 0xff /* Character 4 */);
2496 case MPI_EVENT_LOGOUT:
2497 mpt_prt(mpt, "FC Logout Port: %d N_PortID: %02x\n",
2498 (data1 >> 8) & 0xff, data0);
2500 case MPI_EVENT_QUEUE_FULL:
2502 struct cam_sim *sim;
2503 struct cam_path *tmppath;
2504 struct ccb_relsim crs;
2505 PTR_EVENT_DATA_QUEUE_FULL pqf;
2508 pqf = (PTR_EVENT_DATA_QUEUE_FULL)msg->Data;
2509 pqf->CurrentDepth = le16toh(pqf->CurrentDepth);
2510 mpt_prt(mpt, "QUEUE FULL EVENT: Bus 0x%02x Target 0x%02x Depth "
2511 "%d\n", pqf->Bus, pqf->TargetID, pqf->CurrentDepth);
2512 if (mpt->phydisk_sim && mpt_is_raid_member(mpt,
2513 pqf->TargetID) != 0) {
2514 sim = mpt->phydisk_sim;
2518 for (lun_id = 0; lun_id < MPT_MAX_LUNS; lun_id++) {
2519 if (xpt_create_path(&tmppath, NULL, cam_sim_path(sim),
2520 pqf->TargetID, lun_id) != CAM_REQ_CMP) {
2521 mpt_prt(mpt, "unable to create a path to send "
2525 xpt_setup_ccb(&crs.ccb_h, tmppath, 5);
2526 crs.ccb_h.func_code = XPT_REL_SIMQ;
2527 crs.ccb_h.flags = CAM_DEV_QFREEZE;
2528 crs.release_flags = RELSIM_ADJUST_OPENINGS;
2529 crs.openings = pqf->CurrentDepth - 1;
2530 xpt_action((union ccb *)&crs);
2531 if (crs.ccb_h.status != CAM_REQ_CMP) {
2532 mpt_prt(mpt, "XPT_REL_SIMQ failed\n");
2534 xpt_free_path(tmppath);
2538 case MPI_EVENT_IR_RESYNC_UPDATE:
2539 mpt_prt(mpt, "IR resync update %d completed\n",
2540 (data0 >> 16) & 0xff);
2542 case MPI_EVENT_SAS_DEVICE_STATUS_CHANGE:
2545 struct cam_sim *sim;
2546 struct cam_path *tmppath;
2547 PTR_EVENT_DATA_SAS_DEVICE_STATUS_CHANGE psdsc;
2549 psdsc = (PTR_EVENT_DATA_SAS_DEVICE_STATUS_CHANGE)msg->Data;
2550 if (mpt->phydisk_sim && mpt_is_raid_member(mpt,
2551 psdsc->TargetID) != 0)
2552 sim = mpt->phydisk_sim;
2555 switch(psdsc->ReasonCode) {
2556 case MPI_EVENT_SAS_DEV_STAT_RC_ADDED:
2557 ccb = xpt_alloc_ccb_nowait();
2560 "unable to alloc CCB for rescan\n");
2563 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph,
2564 cam_sim_path(sim), psdsc->TargetID,
2565 CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
2567 "unable to create path for rescan\n");
2573 case MPI_EVENT_SAS_DEV_STAT_RC_NOT_RESPONDING:
2574 if (xpt_create_path(&tmppath, NULL, cam_sim_path(sim),
2575 psdsc->TargetID, CAM_LUN_WILDCARD) !=
2578 "unable to create path for async event");
2581 xpt_async(AC_LOST_DEVICE, tmppath, NULL);
2582 xpt_free_path(tmppath);
2584 case MPI_EVENT_SAS_DEV_STAT_RC_CMPL_INTERNAL_DEV_RESET:
2585 case MPI_EVENT_SAS_DEV_STAT_RC_CMPL_TASK_ABORT_INTERNAL:
2586 case MPI_EVENT_SAS_DEV_STAT_RC_INTERNAL_DEVICE_RESET:
2589 mpt_lprt(mpt, MPT_PRT_WARN,
2590 "SAS device status change: Bus: 0x%02x TargetID: "
2591 "0x%02x ReasonCode: 0x%02x\n", psdsc->Bus,
2592 psdsc->TargetID, psdsc->ReasonCode);
2597 case MPI_EVENT_SAS_DISCOVERY_ERROR:
2599 PTR_EVENT_DATA_DISCOVERY_ERROR pde;
2601 pde = (PTR_EVENT_DATA_DISCOVERY_ERROR)msg->Data;
2602 pde->DiscoveryStatus = le32toh(pde->DiscoveryStatus);
2603 mpt_lprt(mpt, MPT_PRT_WARN,
2604 "SAS discovery error: Port: 0x%02x Status: 0x%08x\n",
2605 pde->Port, pde->DiscoveryStatus);
2608 case MPI_EVENT_EVENT_CHANGE:
2609 case MPI_EVENT_INTEGRATED_RAID:
2611 case MPI_EVENT_LOG_ENTRY_ADDED:
2612 case MPI_EVENT_SAS_DISCOVERY:
2613 case MPI_EVENT_SAS_PHY_LINK_STATUS:
2614 case MPI_EVENT_SAS_SES:
2617 mpt_lprt(mpt, MPT_PRT_WARN, "mpt_cam_event: 0x%x\n",
2625 * Reply path for all SCSI I/O requests, called from our
2626 * interrupt handler by extracting our handler index from
2627 * the MsgContext field of the reply from the IOC.
2629 * This routine is optimized for the common case of a
2630 * completion without error. All exception handling is
2631 * offloaded to non-inlined helper routines to minimize
2635 mpt_scsi_reply_handler(struct mpt_softc *mpt, request_t *req,
2636 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2638 MSG_SCSI_IO_REQUEST *scsi_req;
2641 if (req->state == REQ_STATE_FREE) {
2642 mpt_prt(mpt, "mpt_scsi_reply_handler: req already free\n");
2646 scsi_req = (MSG_SCSI_IO_REQUEST *)req->req_vbuf;
2649 mpt_prt(mpt, "mpt_scsi_reply_handler: req %p:%u with no ccb\n",
2654 mpt_req_untimeout(req, mpt_timeout, ccb);
2655 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2657 if ((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) {
2658 bus_dmasync_op_t op;
2660 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN)
2661 op = BUS_DMASYNC_POSTREAD;
2663 op = BUS_DMASYNC_POSTWRITE;
2664 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
2665 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
2668 if (reply_frame == NULL) {
2670 * Context only reply, completion without error status.
2672 ccb->csio.resid = 0;
2673 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
2674 ccb->csio.scsi_status = SCSI_STATUS_OK;
2676 mpt_scsi_reply_frame_handler(mpt, req, reply_frame);
2679 if (mpt->outofbeer) {
2680 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2682 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
2684 if (scsi_req->CDB[0] == INQUIRY && (scsi_req->CDB[1] & SI_EVPD) == 0) {
2685 struct scsi_inquiry_data *iq =
2686 (struct scsi_inquiry_data *)ccb->csio.data_ptr;
2687 if (scsi_req->Function ==
2688 MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
2690 * Fake out the device type so that only the
2691 * pass-thru device will attach.
2693 iq->device &= ~0x1F;
2694 iq->device |= T_NODEVICE;
2697 if (mpt->verbose == MPT_PRT_DEBUG) {
2698 mpt_prt(mpt, "mpt_scsi_reply_handler: %p:%u complete\n",
2701 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
2703 if ((req->state & REQ_STATE_TIMEDOUT) == 0) {
2704 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2706 mpt_prt(mpt, "completing timedout/aborted req %p:%u\n",
2708 TAILQ_REMOVE(&mpt->request_timeout_list, req, links);
2710 KASSERT((req->state & REQ_STATE_NEED_WAKEUP) == 0,
2711 ("CCB req needed wakeup"));
2713 mpt_req_not_spcl(mpt, req, "mpt_scsi_reply_handler", __LINE__);
2715 mpt_free_request(mpt, req);
2720 mpt_scsi_tmf_reply_handler(struct mpt_softc *mpt, request_t *req,
2721 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2723 MSG_SCSI_TASK_MGMT_REPLY *tmf_reply;
2725 KASSERT(req == mpt->tmf_req, ("TMF Reply not using mpt->tmf_req"));
2727 mpt_req_not_spcl(mpt, req, "mpt_scsi_tmf_reply_handler", __LINE__);
2729 tmf_reply = (MSG_SCSI_TASK_MGMT_REPLY *)reply_frame;
2730 /* Record IOC Status and Response Code of TMF for any waiters. */
2731 req->IOCStatus = le16toh(tmf_reply->IOCStatus);
2732 req->ResponseCode = tmf_reply->ResponseCode;
2734 mpt_lprt(mpt, MPT_PRT_DEBUG, "TMF complete: req %p:%u status 0x%x\n",
2735 req, req->serno, le16toh(tmf_reply->IOCStatus));
2736 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2737 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) {
2738 req->state |= REQ_STATE_DONE;
2741 mpt->tmf_req->state = REQ_STATE_FREE;
2747 * XXX: Move to definitions file
2765 mpt_fc_els_send_response(struct mpt_softc *mpt, request_t *req,
2766 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp, U8 length)
2769 MSG_LINK_SERVICE_RSP_REQUEST tmp;
2770 PTR_MSG_LINK_SERVICE_RSP_REQUEST rsp;
2773 * We are going to reuse the ELS request to send this response back.
2776 memset(rsp, 0, sizeof(*rsp));
2778 #ifdef USE_IMMEDIATE_LINK_DATA
2780 * Apparently the IMMEDIATE stuff doesn't seem to work.
2782 rsp->RspFlags = LINK_SERVICE_RSP_FLAGS_IMMEDIATE;
2784 rsp->RspLength = length;
2785 rsp->Function = MPI_FUNCTION_FC_LINK_SRVC_RSP;
2786 rsp->MsgContext = htole32(req->index | fc_els_handler_id);
2789 * Copy over information from the original reply frame to
2790 * it's correct place in the response.
2792 memcpy((U8 *)rsp + 0x0c, (U8 *)rp + 0x1c, 24);
2795 * And now copy back the temporary area to the original frame.
2797 memcpy(req->req_vbuf, rsp, sizeof (MSG_LINK_SERVICE_RSP_REQUEST));
2798 rsp = req->req_vbuf;
2800 #ifdef USE_IMMEDIATE_LINK_DATA
2801 memcpy((U8 *)&rsp->SGL, &((U8 *)req->req_vbuf)[MPT_RQSL(mpt)], length);
2804 PTR_SGE_SIMPLE32 se = (PTR_SGE_SIMPLE32) &rsp->SGL;
2805 bus_addr_t paddr = req->req_pbuf;
2806 paddr += MPT_RQSL(mpt);
2809 MPI_SGE_FLAGS_HOST_TO_IOC |
2810 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
2811 MPI_SGE_FLAGS_LAST_ELEMENT |
2812 MPI_SGE_FLAGS_END_OF_LIST |
2813 MPI_SGE_FLAGS_END_OF_BUFFER;
2814 fl <<= MPI_SGE_FLAGS_SHIFT;
2816 se->FlagsLength = htole32(fl);
2817 se->Address = htole32((uint32_t) paddr);
2824 mpt_send_cmd(mpt, req);
2828 mpt_fc_els_reply_handler(struct mpt_softc *mpt, request_t *req,
2829 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2831 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp =
2832 (PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY) reply_frame;
2836 U16 status = le16toh(reply_frame->IOCStatus);
2839 int do_refresh = TRUE;
2842 KASSERT(mpt_req_on_free_list(mpt, req) == 0,
2843 ("fc_els_reply_handler: req %p:%u for function %x on freelist!",
2844 req, req->serno, rp->Function));
2845 if (rp->Function != MPI_FUNCTION_FC_PRIMITIVE_SEND) {
2846 mpt_req_spcl(mpt, req, "fc_els_reply_handler", __LINE__);
2848 mpt_req_not_spcl(mpt, req, "fc_els_reply_handler", __LINE__);
2851 mpt_lprt(mpt, MPT_PRT_DEBUG,
2852 "FC_ELS Complete: req %p:%u, reply %p function %x\n",
2853 req, req->serno, reply_frame, reply_frame->Function);
2855 if (status != MPI_IOCSTATUS_SUCCESS) {
2856 mpt_prt(mpt, "ELS REPLY STATUS 0x%x for Function %x\n",
2857 status, reply_frame->Function);
2858 if (status == MPI_IOCSTATUS_INVALID_STATE) {
2860 * XXX: to get around shutdown issue
2869 * If the function of a link service response, we recycle the
2870 * response to be a refresh for a new link service request.
2872 * The request pointer is bogus in this case and we have to fetch
2873 * it based upon the TransactionContext.
2875 if (rp->Function == MPI_FUNCTION_FC_LINK_SRVC_RSP) {
2876 /* Freddie Uncle Charlie Katie */
2877 /* We don't get the IOINDEX as part of the Link Svc Rsp */
2878 for (ioindex = 0; ioindex < mpt->els_cmds_allocated; ioindex++)
2879 if (mpt->els_cmd_ptrs[ioindex] == req) {
2883 KASSERT(ioindex < mpt->els_cmds_allocated,
2884 ("can't find my mommie!"));
2886 /* remove from active list as we're going to re-post it */
2887 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2888 req->state &= ~REQ_STATE_QUEUED;
2889 req->state |= REQ_STATE_DONE;
2890 mpt_fc_post_els(mpt, req, ioindex);
2894 if (rp->Function == MPI_FUNCTION_FC_PRIMITIVE_SEND) {
2895 /* remove from active list as we're done */
2896 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2897 req->state &= ~REQ_STATE_QUEUED;
2898 req->state |= REQ_STATE_DONE;
2899 if (req->state & REQ_STATE_TIMEDOUT) {
2900 mpt_lprt(mpt, MPT_PRT_DEBUG,
2901 "Sync Primitive Send Completed After Timeout\n");
2902 mpt_free_request(mpt, req);
2903 } else if ((req->state & REQ_STATE_NEED_WAKEUP) == 0) {
2904 mpt_lprt(mpt, MPT_PRT_DEBUG,
2905 "Async Primitive Send Complete\n");
2906 mpt_free_request(mpt, req);
2908 mpt_lprt(mpt, MPT_PRT_DEBUG,
2909 "Sync Primitive Send Complete- Waking Waiter\n");
2915 if (rp->Function != MPI_FUNCTION_FC_LINK_SRVC_BUF_POST) {
2916 mpt_prt(mpt, "unexpected ELS_REPLY: Function 0x%x Flags %x "
2917 "Length %d Message Flags %x\n", rp->Function, rp->Flags,
2918 rp->MsgLength, rp->MsgFlags);
2922 if (rp->MsgLength <= 5) {
2924 * This is just a ack of an original ELS buffer post
2926 mpt_lprt(mpt, MPT_PRT_DEBUG,
2927 "RECV'd ACK of FC_ELS buf post %p:%u\n", req, req->serno);
2932 rctl = (le32toh(rp->Rctl_Did) & MPI_FC_RCTL_MASK) >> MPI_FC_RCTL_SHIFT;
2933 type = (le32toh(rp->Type_Fctl) & MPI_FC_TYPE_MASK) >> MPI_FC_TYPE_SHIFT;
2935 elsbuf = &((U32 *)req->req_vbuf)[MPT_RQSL(mpt)/sizeof (U32)];
2936 cmd = be32toh(elsbuf[0]) >> 24;
2938 if (rp->Flags & MPI_LS_BUF_POST_REPLY_FLAG_NO_RSP_NEEDED) {
2939 mpt_lprt(mpt, MPT_PRT_ALWAYS, "ELS_REPLY: response unneeded\n");
2943 ioindex = le32toh(rp->TransactionContext);
2944 req = mpt->els_cmd_ptrs[ioindex];
2946 if (rctl == ELS && type == 1) {
2950 * Send back a PRLI ACC
2952 mpt_prt(mpt, "PRLI from 0x%08x%08x\n",
2953 le32toh(rp->Wwn.PortNameHigh),
2954 le32toh(rp->Wwn.PortNameLow));
2955 elsbuf[0] = htobe32(0x02100014);
2956 elsbuf[1] |= htobe32(0x00000100);
2957 elsbuf[4] = htobe32(0x00000002);
2958 if (mpt->role & MPT_ROLE_TARGET)
2959 elsbuf[4] |= htobe32(0x00000010);
2960 if (mpt->role & MPT_ROLE_INITIATOR)
2961 elsbuf[4] |= htobe32(0x00000020);
2962 /* remove from active list as we're done */
2963 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2964 req->state &= ~REQ_STATE_QUEUED;
2965 req->state |= REQ_STATE_DONE;
2966 mpt_fc_els_send_response(mpt, req, rp, 20);
2970 memset(elsbuf, 0, 5 * (sizeof (U32)));
2971 elsbuf[0] = htobe32(0x02100014);
2972 elsbuf[1] = htobe32(0x08000100);
2973 mpt_prt(mpt, "PRLO from 0x%08x%08x\n",
2974 le32toh(rp->Wwn.PortNameHigh),
2975 le32toh(rp->Wwn.PortNameLow));
2976 /* remove from active list as we're done */
2977 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2978 req->state &= ~REQ_STATE_QUEUED;
2979 req->state |= REQ_STATE_DONE;
2980 mpt_fc_els_send_response(mpt, req, rp, 20);
2984 mpt_prt(mpt, "ELS TYPE 1 COMMAND: %x\n", cmd);
2987 } else if (rctl == ABTS && type == 0) {
2988 uint16_t rx_id = le16toh(rp->Rxid);
2989 uint16_t ox_id = le16toh(rp->Oxid);
2990 request_t *tgt_req = NULL;
2993 "ELS: ABTS OX_ID 0x%x RX_ID 0x%x from 0x%08x%08x\n",
2994 ox_id, rx_id, le32toh(rp->Wwn.PortNameHigh),
2995 le32toh(rp->Wwn.PortNameLow));
2996 if (rx_id >= mpt->mpt_max_tgtcmds) {
2997 mpt_prt(mpt, "Bad RX_ID 0x%x\n", rx_id);
2998 } else if (mpt->tgt_cmd_ptrs == NULL) {
2999 mpt_prt(mpt, "No TGT CMD PTRS\n");
3001 tgt_req = mpt->tgt_cmd_ptrs[rx_id];
3004 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, tgt_req);
3009 * Check to make sure we have the correct command
3010 * The reply descriptor in the target state should
3011 * should contain an IoIndex that should match the
3014 * It'd be nice to have OX_ID to crosscheck with
3017 ct_id = GET_IO_INDEX(tgt->reply_desc);
3019 if (ct_id != rx_id) {
3020 mpt_lprt(mpt, MPT_PRT_ERROR, "ABORT Mismatch: "
3021 "RX_ID received=0x%x; RX_ID in cmd=0x%x\n",
3029 "CCB (%p): lun %u flags %x status %x\n",
3030 ccb, ccb->ccb_h.target_lun,
3031 ccb->ccb_h.flags, ccb->ccb_h.status);
3033 mpt_prt(mpt, "target state 0x%x resid %u xfrd %u rpwrd "
3034 "%x nxfers %x\n", tgt->state,
3035 tgt->resid, tgt->bytes_xfered, tgt->reply_desc,
3038 if (mpt_abort_target_cmd(mpt, tgt_req)) {
3039 mpt_prt(mpt, "unable to start TargetAbort\n");
3042 mpt_prt(mpt, "no back pointer for RX_ID 0x%x\n", rx_id);
3044 memset(elsbuf, 0, 5 * (sizeof (U32)));
3045 elsbuf[0] = htobe32(0);
3046 elsbuf[1] = htobe32((ox_id << 16) | rx_id);
3047 elsbuf[2] = htobe32(0x000ffff);
3049 * Dork with the reply frame so that the response to it
3052 rp->Rctl_Did += ((BA_ACC - ABTS) << MPI_FC_RCTL_SHIFT);
3053 /* remove from active list as we're done */
3054 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
3055 req->state &= ~REQ_STATE_QUEUED;
3056 req->state |= REQ_STATE_DONE;
3057 mpt_fc_els_send_response(mpt, req, rp, 12);
3060 mpt_prt(mpt, "ELS: RCTL %x TYPE %x CMD %x\n", rctl, type, cmd);
3062 if (do_refresh == TRUE) {
3063 /* remove from active list as we're done */
3064 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
3065 req->state &= ~REQ_STATE_QUEUED;
3066 req->state |= REQ_STATE_DONE;
3067 mpt_fc_post_els(mpt, req, ioindex);
3073 * Clean up all SCSI Initiator personality state in response
3074 * to a controller reset.
3077 mpt_cam_ioc_reset(struct mpt_softc *mpt, int type)
3081 * The pending list is already run down by
3082 * the generic handler. Perform the same
3083 * operation on the timed out request list.
3085 mpt_complete_request_chain(mpt, &mpt->request_timeout_list,
3086 MPI_IOCSTATUS_INVALID_STATE);
3089 * XXX: We need to repost ELS and Target Command Buffers?
3093 * Inform the XPT that a bus reset has occurred.
3095 xpt_async(AC_BUS_RESET, mpt->path, NULL);
3099 * Parse additional completion information in the reply
3100 * frame for SCSI I/O requests.
3103 mpt_scsi_reply_frame_handler(struct mpt_softc *mpt, request_t *req,
3104 MSG_DEFAULT_REPLY *reply_frame)
3107 MSG_SCSI_IO_REPLY *scsi_io_reply;
3111 MPT_DUMP_REPLY_FRAME(mpt, reply_frame);
3112 KASSERT(reply_frame->Function == MPI_FUNCTION_SCSI_IO_REQUEST
3113 || reply_frame->Function == MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH,
3114 ("MPT SCSI I/O Handler called with incorrect reply type"));
3115 KASSERT((reply_frame->MsgFlags & MPI_MSGFLAGS_CONTINUATION_REPLY) == 0,
3116 ("MPT SCSI I/O Handler called with continuation reply"));
3118 scsi_io_reply = (MSG_SCSI_IO_REPLY *)reply_frame;
3119 ioc_status = le16toh(scsi_io_reply->IOCStatus);
3120 ioc_status &= MPI_IOCSTATUS_MASK;
3121 sstate = scsi_io_reply->SCSIState;
3125 ccb->csio.dxfer_len - le32toh(scsi_io_reply->TransferCount);
3127 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_VALID) != 0
3128 && (ccb->ccb_h.flags & (CAM_SENSE_PHYS | CAM_SENSE_PTR)) == 0) {
3129 uint32_t sense_returned;
3131 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
3133 sense_returned = le32toh(scsi_io_reply->SenseCount);
3134 if (sense_returned < ccb->csio.sense_len)
3135 ccb->csio.sense_resid = ccb->csio.sense_len -
3138 ccb->csio.sense_resid = 0;
3140 bzero(&ccb->csio.sense_data, sizeof(ccb->csio.sense_data));
3141 bcopy(req->sense_vbuf, &ccb->csio.sense_data,
3142 min(ccb->csio.sense_len, sense_returned));
3145 if ((sstate & MPI_SCSI_STATE_QUEUE_TAG_REJECTED) != 0) {
3147 * Tag messages rejected, but non-tagged retry
3150 mpt_set_tags(mpt, devinfo, MPT_QUEUE_NONE);
3154 switch(ioc_status) {
3155 case MPI_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
3158 * Linux driver indicates that a zero
3159 * transfer length with this error code
3160 * indicates a CRC error.
3162 * No need to swap the bytes for checking
3165 if (scsi_io_reply->TransferCount == 0) {
3166 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY);
3170 case MPI_IOCSTATUS_SCSI_DATA_UNDERRUN:
3171 case MPI_IOCSTATUS_SUCCESS:
3172 case MPI_IOCSTATUS_SCSI_RECOVERED_ERROR:
3173 if ((sstate & MPI_SCSI_STATE_NO_SCSI_STATUS) != 0) {
3175 * Status was never returned for this transaction.
3177 mpt_set_ccb_status(ccb, CAM_UNEXP_BUSFREE);
3178 } else if (scsi_io_reply->SCSIStatus != SCSI_STATUS_OK) {
3179 ccb->csio.scsi_status = scsi_io_reply->SCSIStatus;
3180 mpt_set_ccb_status(ccb, CAM_SCSI_STATUS_ERROR);
3181 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_FAILED) != 0)
3182 mpt_set_ccb_status(ccb, CAM_AUTOSENSE_FAIL);
3183 } else if ((sstate & MPI_SCSI_STATE_RESPONSE_INFO_VALID) != 0) {
3185 /* XXX Handle SPI-Packet and FCP-2 response info. */
3186 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3188 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3190 case MPI_IOCSTATUS_SCSI_DATA_OVERRUN:
3191 mpt_set_ccb_status(ccb, CAM_DATA_RUN_ERR);
3193 case MPI_IOCSTATUS_SCSI_IO_DATA_ERROR:
3194 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY);
3196 case MPI_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
3198 * Since selection timeouts and "device really not
3199 * there" are grouped into this error code, report
3200 * selection timeout. Selection timeouts are
3201 * typically retried before giving up on the device
3202 * whereas "device not there" errors are considered
3205 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT);
3207 case MPI_IOCSTATUS_SCSI_PROTOCOL_ERROR:
3208 mpt_set_ccb_status(ccb, CAM_SEQUENCE_FAIL);
3210 case MPI_IOCSTATUS_SCSI_INVALID_BUS:
3211 mpt_set_ccb_status(ccb, CAM_PATH_INVALID);
3213 case MPI_IOCSTATUS_SCSI_INVALID_TARGETID:
3214 mpt_set_ccb_status(ccb, CAM_TID_INVALID);
3216 case MPI_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
3217 ccb->ccb_h.status = CAM_UA_TERMIO;
3219 case MPI_IOCSTATUS_INVALID_STATE:
3221 * The IOC has been reset. Emulate a bus reset.
3224 case MPI_IOCSTATUS_SCSI_EXT_TERMINATED:
3225 ccb->ccb_h.status = CAM_SCSI_BUS_RESET;
3227 case MPI_IOCSTATUS_SCSI_TASK_TERMINATED:
3228 case MPI_IOCSTATUS_SCSI_IOC_TERMINATED:
3230 * Don't clobber any timeout status that has
3231 * already been set for this transaction. We
3232 * want the SCSI layer to be able to differentiate
3233 * between the command we aborted due to timeout
3234 * and any innocent bystanders.
3236 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG)
3238 mpt_set_ccb_status(ccb, CAM_REQ_TERMIO);
3241 case MPI_IOCSTATUS_INSUFFICIENT_RESOURCES:
3242 mpt_set_ccb_status(ccb, CAM_RESRC_UNAVAIL);
3244 case MPI_IOCSTATUS_BUSY:
3245 mpt_set_ccb_status(ccb, CAM_BUSY);
3247 case MPI_IOCSTATUS_INVALID_FUNCTION:
3248 case MPI_IOCSTATUS_INVALID_SGL:
3249 case MPI_IOCSTATUS_INTERNAL_ERROR:
3250 case MPI_IOCSTATUS_INVALID_FIELD:
3253 * Some of the above may need to kick
3254 * of a recovery action!!!!
3256 ccb->ccb_h.status = CAM_UNREC_HBA_ERROR;
3260 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) {
3261 mpt_freeze_ccb(ccb);
3268 mpt_action(struct cam_sim *sim, union ccb *ccb)
3270 struct mpt_softc *mpt;
3271 struct ccb_trans_settings *cts;
3276 CAM_DEBUG(ccb->ccb_h.path, CAM_DEBUG_TRACE, ("mpt_action\n"));
3278 mpt = (struct mpt_softc *)cam_sim_softc(sim);
3279 raid_passthru = (sim == mpt->phydisk_sim);
3280 MPT_LOCK_ASSERT(mpt);
3282 tgt = ccb->ccb_h.target_id;
3283 lun = ccb->ccb_h.target_lun;
3284 if (raid_passthru &&
3285 ccb->ccb_h.func_code != XPT_PATH_INQ &&
3286 ccb->ccb_h.func_code != XPT_RESET_BUS &&
3287 ccb->ccb_h.func_code != XPT_RESET_DEV) {
3288 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) {
3289 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3290 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE);
3295 ccb->ccb_h.ccb_mpt_ptr = mpt;
3297 switch (ccb->ccb_h.func_code) {
3298 case XPT_SCSI_IO: /* Execute the requested I/O operation */
3300 * Do a couple of preliminary checks...
3302 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) {
3303 if ((ccb->ccb_h.flags & CAM_CDB_PHYS) != 0) {
3304 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3305 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3309 /* Max supported CDB length is 16 bytes */
3310 /* XXX Unless we implement the new 32byte message type */
3311 if (ccb->csio.cdb_len >
3312 sizeof (((PTR_MSG_SCSI_IO_REQUEST)0)->CDB)) {
3313 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3314 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3317 #ifdef MPT_TEST_MULTIPATH
3318 if (mpt->failure_id == ccb->ccb_h.target_id) {
3319 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3320 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT);
3324 ccb->csio.scsi_status = SCSI_STATUS_OK;
3325 mpt_start(sim, ccb);
3329 if (raid_passthru) {
3330 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3331 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3335 if (ccb->ccb_h.func_code == XPT_RESET_BUS) {
3337 xpt_print(ccb->ccb_h.path, "reset bus\n");
3340 xpt_print(ccb->ccb_h.path, "reset device\n");
3342 (void) mpt_bus_reset(mpt, tgt, lun, FALSE);
3345 * mpt_bus_reset is always successful in that it
3346 * will fall back to a hard reset should a bus
3347 * reset attempt fail.
3349 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3350 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3355 union ccb *accb = ccb->cab.abort_ccb;
3356 switch (accb->ccb_h.func_code) {
3357 case XPT_ACCEPT_TARGET_IO:
3358 case XPT_IMMEDIATE_NOTIFY:
3359 ccb->ccb_h.status = mpt_abort_target_ccb(mpt, ccb);
3361 case XPT_CONT_TARGET_IO:
3362 mpt_prt(mpt, "cannot abort active CTIOs yet\n");
3363 ccb->ccb_h.status = CAM_UA_ABORT;
3366 ccb->ccb_h.status = CAM_UA_ABORT;
3369 ccb->ccb_h.status = CAM_REQ_INVALID;
3375 #ifdef CAM_NEW_TRAN_CODE
3376 #define IS_CURRENT_SETTINGS(c) ((c)->type == CTS_TYPE_CURRENT_SETTINGS)
3378 #define IS_CURRENT_SETTINGS(c) ((c)->flags & CCB_TRANS_CURRENT_SETTINGS)
3380 #define DP_DISC_ENABLE 0x1
3381 #define DP_DISC_DISABL 0x2
3382 #define DP_DISC (DP_DISC_ENABLE|DP_DISC_DISABL)
3384 #define DP_TQING_ENABLE 0x4
3385 #define DP_TQING_DISABL 0x8
3386 #define DP_TQING (DP_TQING_ENABLE|DP_TQING_DISABL)
3388 #define DP_WIDE 0x10
3389 #define DP_NARROW 0x20
3390 #define DP_WIDTH (DP_WIDE|DP_NARROW)
3392 #define DP_SYNC 0x40
3394 case XPT_SET_TRAN_SETTINGS: /* Nexus Settings */
3396 #ifdef CAM_NEW_TRAN_CODE
3397 struct ccb_trans_settings_scsi *scsi;
3398 struct ccb_trans_settings_spi *spi;
3407 if (mpt->is_fc || mpt->is_sas) {
3408 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3412 #ifdef CAM_NEW_TRAN_CODE
3413 scsi = &cts->proto_specific.scsi;
3414 spi = &cts->xport_specific.spi;
3417 * We can be called just to valid transport and proto versions
3419 if (scsi->valid == 0 && spi->valid == 0) {
3420 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3426 * Skip attempting settings on RAID volume disks.
3427 * Other devices on the bus get the normal treatment.
3429 if (mpt->phydisk_sim && raid_passthru == 0 &&
3430 mpt_is_raid_volume(mpt, tgt) != 0) {
3431 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3432 "no transfer settings for RAID vols\n");
3433 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3437 i = mpt->mpt_port_page2.PortSettings &
3438 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS;
3439 j = mpt->mpt_port_page2.PortFlags &
3440 MPI_SCSIPORTPAGE2_PORT_FLAGS_DV_MASK;
3441 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS &&
3442 j == MPI_SCSIPORTPAGE2_PORT_FLAGS_OFF_DV) {
3443 mpt_lprt(mpt, MPT_PRT_ALWAYS,
3444 "honoring BIOS transfer negotiations\n");
3445 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3453 #ifndef CAM_NEW_TRAN_CODE
3454 if ((cts->valid & CCB_TRANS_DISC_VALID) != 0) {
3455 dval |= (cts->flags & CCB_TRANS_DISC_ENB) ?
3456 DP_DISC_ENABLE : DP_DISC_DISABL;
3459 if ((cts->valid & CCB_TRANS_TQ_VALID) != 0) {
3460 dval |= (cts->flags & CCB_TRANS_TAG_ENB) ?
3461 DP_TQING_ENABLE : DP_TQING_DISABL;
3464 if ((cts->valid & CCB_TRANS_BUS_WIDTH_VALID) != 0) {
3465 dval |= cts->bus_width ? DP_WIDE : DP_NARROW;
3468 if ((cts->valid & CCB_TRANS_SYNC_RATE_VALID) &&
3469 (cts->valid & CCB_TRANS_SYNC_OFFSET_VALID)) {
3471 period = cts->sync_period;
3472 offset = cts->sync_offset;
3475 if ((spi->valid & CTS_SPI_VALID_DISC) != 0) {
3476 dval |= ((spi->flags & CTS_SPI_FLAGS_DISC_ENB) != 0) ?
3477 DP_DISC_ENABLE : DP_DISC_DISABL;
3480 if ((scsi->valid & CTS_SCSI_VALID_TQ) != 0) {
3481 dval |= ((scsi->flags & CTS_SCSI_FLAGS_TAG_ENB) != 0) ?
3482 DP_TQING_ENABLE : DP_TQING_DISABL;
3485 if ((spi->valid & CTS_SPI_VALID_BUS_WIDTH) != 0) {
3486 dval |= (spi->bus_width == MSG_EXT_WDTR_BUS_16_BIT) ?
3487 DP_WIDE : DP_NARROW;
3490 if (spi->valid & CTS_SPI_VALID_SYNC_OFFSET) {
3492 offset = spi->sync_offset;
3494 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr =
3495 &mpt->mpt_dev_page1[tgt];
3496 offset = ptr->RequestedParameters;
3497 offset &= MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK;
3498 offset >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET;
3500 if (spi->valid & CTS_SPI_VALID_SYNC_RATE) {
3502 period = spi->sync_period;
3504 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr =
3505 &mpt->mpt_dev_page1[tgt];
3506 period = ptr->RequestedParameters;
3507 period &= MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK;
3508 period >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD;
3511 if (dval & DP_DISC_ENABLE) {
3512 mpt->mpt_disc_enable |= (1 << tgt);
3513 } else if (dval & DP_DISC_DISABL) {
3514 mpt->mpt_disc_enable &= ~(1 << tgt);
3516 if (dval & DP_TQING_ENABLE) {
3517 mpt->mpt_tag_enable |= (1 << tgt);
3518 } else if (dval & DP_TQING_DISABL) {
3519 mpt->mpt_tag_enable &= ~(1 << tgt);
3521 if (dval & DP_WIDTH) {
3522 mpt_setwidth(mpt, tgt, 1);
3524 if (dval & DP_SYNC) {
3525 mpt_setsync(mpt, tgt, period, offset);
3528 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3531 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3532 "set [%d]: 0x%x period 0x%x offset %d\n",
3533 tgt, dval, period, offset);
3534 if (mpt_update_spi_config(mpt, tgt)) {
3535 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3537 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3541 case XPT_GET_TRAN_SETTINGS:
3543 #ifdef CAM_NEW_TRAN_CODE
3544 struct ccb_trans_settings_scsi *scsi;
3546 cts->protocol = PROTO_SCSI;
3548 struct ccb_trans_settings_fc *fc =
3549 &cts->xport_specific.fc;
3550 cts->protocol_version = SCSI_REV_SPC;
3551 cts->transport = XPORT_FC;
3552 cts->transport_version = 0;
3553 fc->valid = CTS_FC_VALID_SPEED;
3554 fc->bitrate = 100000;
3555 } else if (mpt->is_sas) {
3556 struct ccb_trans_settings_sas *sas =
3557 &cts->xport_specific.sas;
3558 cts->protocol_version = SCSI_REV_SPC2;
3559 cts->transport = XPORT_SAS;
3560 cts->transport_version = 0;
3561 sas->valid = CTS_SAS_VALID_SPEED;
3562 sas->bitrate = 300000;
3564 cts->protocol_version = SCSI_REV_2;
3565 cts->transport = XPORT_SPI;
3566 cts->transport_version = 2;
3567 if (mpt_get_spi_settings(mpt, cts) != 0) {
3568 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3572 scsi = &cts->proto_specific.scsi;
3573 scsi->valid = CTS_SCSI_VALID_TQ;
3574 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
3578 cts->flags = CCB_TRANS_TAG_ENB | CCB_TRANS_DISC_ENB;
3579 cts->valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3580 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3581 } else if (mpt->is_sas) {
3582 cts->flags = CCB_TRANS_TAG_ENB | CCB_TRANS_DISC_ENB;
3583 cts->valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3584 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3585 } else if (mpt_get_spi_settings(mpt, cts) != 0) {
3586 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3590 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3593 case XPT_CALC_GEOMETRY:
3595 struct ccb_calc_geometry *ccg;
3598 if (ccg->block_size == 0) {
3599 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3600 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3603 cam_calc_geometry(ccg, /* extended */ 1);
3604 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__));
3607 case XPT_PATH_INQ: /* Path routing inquiry */
3609 struct ccb_pathinq *cpi = &ccb->cpi;
3611 cpi->version_num = 1;
3612 cpi->target_sprt = 0;
3613 cpi->hba_eng_cnt = 0;
3614 cpi->max_target = mpt->port_facts[0].MaxDevices - 1;
3615 cpi->maxio = (mpt->max_cam_seg_cnt - 1) * PAGE_SIZE;
3617 * FC cards report MAX_DEVICES of 512, but
3618 * the MSG_SCSI_IO_REQUEST target id field
3619 * is only 8 bits. Until we fix the driver
3620 * to support 'channels' for bus overflow,
3623 if (cpi->max_target > 255) {
3624 cpi->max_target = 255;
3628 * VMware ESX reports > 16 devices and then dies when we probe.
3630 if (mpt->is_spi && cpi->max_target > 15) {
3631 cpi->max_target = 15;
3636 cpi->max_lun = MPT_MAX_LUNS;
3637 cpi->initiator_id = mpt->mpt_ini_id;
3638 cpi->bus_id = cam_sim_bus(sim);
3641 * The base speed is the speed of the underlying connection.
3643 #ifdef CAM_NEW_TRAN_CODE
3644 cpi->protocol = PROTO_SCSI;
3646 cpi->hba_misc = PIM_NOBUSRESET;
3647 cpi->base_transfer_speed = 100000;
3648 cpi->hba_inquiry = PI_TAG_ABLE;
3649 cpi->transport = XPORT_FC;
3650 cpi->transport_version = 0;
3651 cpi->protocol_version = SCSI_REV_SPC;
3652 } else if (mpt->is_sas) {
3653 cpi->hba_misc = PIM_NOBUSRESET;
3654 cpi->base_transfer_speed = 300000;
3655 cpi->hba_inquiry = PI_TAG_ABLE;
3656 cpi->transport = XPORT_SAS;
3657 cpi->transport_version = 0;
3658 cpi->protocol_version = SCSI_REV_SPC2;
3660 cpi->hba_misc = PIM_SEQSCAN;
3661 cpi->base_transfer_speed = 3300;
3662 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
3663 cpi->transport = XPORT_SPI;
3664 cpi->transport_version = 2;
3665 cpi->protocol_version = SCSI_REV_2;
3669 cpi->hba_misc = PIM_NOBUSRESET;
3670 cpi->base_transfer_speed = 100000;
3671 cpi->hba_inquiry = PI_TAG_ABLE;
3672 } else if (mpt->is_sas) {
3673 cpi->hba_misc = PIM_NOBUSRESET;
3674 cpi->base_transfer_speed = 300000;
3675 cpi->hba_inquiry = PI_TAG_ABLE;
3677 cpi->hba_misc = PIM_SEQSCAN;
3678 cpi->base_transfer_speed = 3300;
3679 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
3684 * We give our fake RAID passhtru bus a width that is MaxVolumes
3685 * wide and restrict it to one lun.
3687 if (raid_passthru) {
3688 cpi->max_target = mpt->ioc_page2->MaxPhysDisks - 1;
3689 cpi->initiator_id = cpi->max_target + 1;
3693 if ((mpt->role & MPT_ROLE_INITIATOR) == 0) {
3694 cpi->hba_misc |= PIM_NOINITIATOR;
3696 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) {
3698 PIT_PROCESSOR | PIT_DISCONNECT | PIT_TERM_IO;
3700 cpi->target_sprt = 0;
3702 strncpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
3703 strncpy(cpi->hba_vid, "LSI", HBA_IDLEN);
3704 strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
3705 cpi->unit_number = cam_sim_unit(sim);
3706 cpi->ccb_h.status = CAM_REQ_CMP;
3709 case XPT_EN_LUN: /* Enable LUN as a target */
3713 if (ccb->cel.enable)
3714 result = mpt_enable_lun(mpt,
3715 ccb->ccb_h.target_id, ccb->ccb_h.target_lun);
3717 result = mpt_disable_lun(mpt,
3718 ccb->ccb_h.target_id, ccb->ccb_h.target_lun);
3720 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3722 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3726 case XPT_NOTIFY_ACKNOWLEDGE: /* recycle notify ack */
3727 case XPT_IMMEDIATE_NOTIFY: /* Add Immediate Notify Resource */
3728 case XPT_ACCEPT_TARGET_IO: /* Add Accept Target IO Resource */
3730 tgt_resource_t *trtp;
3731 lun_id_t lun = ccb->ccb_h.target_lun;
3732 ccb->ccb_h.sim_priv.entries[0].field = 0;
3733 ccb->ccb_h.sim_priv.entries[1].ptr = mpt;
3734 ccb->ccb_h.flags = 0;
3736 if (lun == CAM_LUN_WILDCARD) {
3737 if (ccb->ccb_h.target_id != CAM_TARGET_WILDCARD) {
3738 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3741 trtp = &mpt->trt_wildcard;
3742 } else if (lun >= MPT_MAX_LUNS) {
3743 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3746 trtp = &mpt->trt[lun];
3748 if (ccb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
3749 mpt_lprt(mpt, MPT_PRT_DEBUG1,
3750 "Put FREE ATIO %p lun %d\n", ccb, lun);
3751 STAILQ_INSERT_TAIL(&trtp->atios, &ccb->ccb_h,
3753 } else if (ccb->ccb_h.func_code == XPT_IMMEDIATE_NOTIFY) {
3754 mpt_lprt(mpt, MPT_PRT_DEBUG1,
3755 "Put FREE INOT lun %d\n", lun);
3756 STAILQ_INSERT_TAIL(&trtp->inots, &ccb->ccb_h,
3759 mpt_lprt(mpt, MPT_PRT_ALWAYS, "Got Notify ACK\n");
3761 mpt_set_ccb_status(ccb, CAM_REQ_INPROG);
3764 case XPT_CONT_TARGET_IO:
3765 mpt_target_start_io(mpt, ccb);
3769 ccb->ccb_h.status = CAM_REQ_INVALID;
3776 mpt_get_spi_settings(struct mpt_softc *mpt, struct ccb_trans_settings *cts)
3778 #ifdef CAM_NEW_TRAN_CODE
3779 struct ccb_trans_settings_scsi *scsi = &cts->proto_specific.scsi;
3780 struct ccb_trans_settings_spi *spi = &cts->xport_specific.spi;
3783 uint32_t dval, pval, oval;
3786 if (IS_CURRENT_SETTINGS(cts) == 0) {
3787 tgt = cts->ccb_h.target_id;
3788 } else if (xpt_path_sim(cts->ccb_h.path) == mpt->phydisk_sim) {
3789 if (mpt_map_physdisk(mpt, (union ccb *)cts, &tgt)) {
3793 tgt = cts->ccb_h.target_id;
3797 * We aren't looking at Port Page 2 BIOS settings here-
3798 * sometimes these have been known to be bogus XXX.
3800 * For user settings, we pick the max from port page 0
3802 * For current settings we read the current settings out from
3803 * device page 0 for that target.
3805 if (IS_CURRENT_SETTINGS(cts)) {
3806 CONFIG_PAGE_SCSI_DEVICE_0 tmp;
3809 tmp = mpt->mpt_dev_page0[tgt];
3810 rv = mpt_read_cur_cfg_page(mpt, tgt, &tmp.Header,
3811 sizeof(tmp), FALSE, 5000);
3813 mpt_prt(mpt, "can't get tgt %d config page 0\n", tgt);
3816 mpt2host_config_page_scsi_device_0(&tmp);
3818 mpt_lprt(mpt, MPT_PRT_DEBUG,
3819 "mpt_get_spi_settings[%d]: current NP %x Info %x\n", tgt,
3820 tmp.NegotiatedParameters, tmp.Information);
3821 dval |= (tmp.NegotiatedParameters & MPI_SCSIDEVPAGE0_NP_WIDE) ?
3822 DP_WIDE : DP_NARROW;
3823 dval |= (mpt->mpt_disc_enable & (1 << tgt)) ?
3824 DP_DISC_ENABLE : DP_DISC_DISABL;
3825 dval |= (mpt->mpt_tag_enable & (1 << tgt)) ?
3826 DP_TQING_ENABLE : DP_TQING_DISABL;
3827 oval = tmp.NegotiatedParameters;
3828 oval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_OFFSET_MASK;
3829 oval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_OFFSET;
3830 pval = tmp.NegotiatedParameters;
3831 pval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_PERIOD_MASK;
3832 pval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_PERIOD;
3833 mpt->mpt_dev_page0[tgt] = tmp;
3835 dval = DP_WIDE|DP_DISC_ENABLE|DP_TQING_ENABLE|DP_SYNC;
3836 oval = mpt->mpt_port_page0.Capabilities;
3837 oval = MPI_SCSIPORTPAGE0_CAP_GET_MAX_SYNC_OFFSET(oval);
3838 pval = mpt->mpt_port_page0.Capabilities;
3839 pval = MPI_SCSIPORTPAGE0_CAP_GET_MIN_SYNC_PERIOD(pval);
3842 #ifndef CAM_NEW_TRAN_CODE
3843 cts->flags &= ~(CCB_TRANS_DISC_ENB|CCB_TRANS_TAG_ENB);
3845 cts->sync_period = pval;
3846 cts->sync_offset = oval;
3847 cts->valid |= CCB_TRANS_SYNC_RATE_VALID;
3848 cts->valid |= CCB_TRANS_SYNC_OFFSET_VALID;
3849 cts->valid |= CCB_TRANS_BUS_WIDTH_VALID;
3850 if (dval & DP_WIDE) {
3851 cts->bus_width = MSG_EXT_WDTR_BUS_16_BIT;
3853 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3855 if (cts->ccb_h.target_lun != CAM_LUN_WILDCARD) {
3856 cts->valid |= CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3857 if (dval & DP_DISC_ENABLE) {
3858 cts->flags |= CCB_TRANS_DISC_ENB;
3860 if (dval & DP_TQING_ENABLE) {
3861 cts->flags |= CCB_TRANS_TAG_ENB;
3869 spi->sync_offset = oval;
3870 spi->sync_period = pval;
3871 spi->valid |= CTS_SPI_VALID_SYNC_OFFSET;
3872 spi->valid |= CTS_SPI_VALID_SYNC_RATE;
3873 spi->valid |= CTS_SPI_VALID_BUS_WIDTH;
3874 if (dval & DP_WIDE) {
3875 spi->bus_width = MSG_EXT_WDTR_BUS_16_BIT;
3877 spi->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3879 if (cts->ccb_h.target_lun != CAM_LUN_WILDCARD) {
3880 scsi->valid = CTS_SCSI_VALID_TQ;
3881 if (dval & DP_TQING_ENABLE) {
3882 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB;
3884 spi->valid |= CTS_SPI_VALID_DISC;
3885 if (dval & DP_DISC_ENABLE) {
3886 spi->flags |= CTS_SPI_FLAGS_DISC_ENB;
3890 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3891 "mpt_get_spi_settings[%d]: %s flags 0x%x per 0x%x off=%d\n", tgt,
3892 IS_CURRENT_SETTINGS(cts)? "ACTIVE" : "NVRAM ", dval, pval, oval);
3897 mpt_setwidth(struct mpt_softc *mpt, int tgt, int onoff)
3899 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr;
3901 ptr = &mpt->mpt_dev_page1[tgt];
3903 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_WIDE;
3905 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_WIDE;
3910 mpt_setsync(struct mpt_softc *mpt, int tgt, int period, int offset)
3912 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr;
3914 ptr = &mpt->mpt_dev_page1[tgt];
3915 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK;
3916 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK;
3917 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_DT;
3918 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_QAS;
3919 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_IU;
3923 ptr->RequestedParameters |=
3924 period << MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD;
3925 ptr->RequestedParameters |=
3926 offset << MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET;
3928 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_DT;
3931 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_QAS;
3932 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_IU;
3937 mpt_update_spi_config(struct mpt_softc *mpt, int tgt)
3939 CONFIG_PAGE_SCSI_DEVICE_1 tmp;
3942 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3943 "mpt_update_spi_config[%d].page1: Requested Params 0x%08x\n",
3944 tgt, mpt->mpt_dev_page1[tgt].RequestedParameters);
3945 tmp = mpt->mpt_dev_page1[tgt];
3946 host2mpt_config_page_scsi_device_1(&tmp);
3947 rv = mpt_write_cur_cfg_page(mpt, tgt,
3948 &tmp.Header, sizeof(tmp), FALSE, 5000);
3950 mpt_prt(mpt, "mpt_update_spi_config: write cur page failed\n");
3956 /****************************** Timeout Recovery ******************************/
3958 mpt_spawn_recovery_thread(struct mpt_softc *mpt)
3962 error = mpt_kthread_create(mpt_recovery_thread, mpt,
3963 &mpt->recovery_thread, /*flags*/0,
3964 /*altstack*/0, "mpt_recovery%d", mpt->unit);
3969 mpt_terminate_recovery_thread(struct mpt_softc *mpt)
3972 if (mpt->recovery_thread == NULL) {
3975 mpt->shutdwn_recovery = 1;
3978 * Sleep on a slightly different location
3979 * for this interlock just for added safety.
3981 mpt_sleep(mpt, &mpt->recovery_thread, PUSER, "thtrm", 0);
3985 mpt_recovery_thread(void *arg)
3987 struct mpt_softc *mpt;
3989 mpt = (struct mpt_softc *)arg;
3992 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
3993 if (mpt->shutdwn_recovery == 0) {
3994 mpt_sleep(mpt, mpt, PUSER, "idle", 0);
3997 if (mpt->shutdwn_recovery != 0) {
4000 mpt_recover_commands(mpt);
4002 mpt->recovery_thread = NULL;
4003 wakeup(&mpt->recovery_thread);
4005 mpt_kthread_exit(0);
4009 mpt_scsi_send_tmf(struct mpt_softc *mpt, u_int type, u_int flags,
4010 u_int channel, u_int target, u_int lun, u_int abort_ctx, int sleep_ok)
4012 MSG_SCSI_TASK_MGMT *tmf_req;
4016 * Wait for any current TMF request to complete.
4017 * We're only allowed to issue one TMF at a time.
4019 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_FREE, REQ_STATE_FREE,
4020 sleep_ok, MPT_TMF_MAX_TIMEOUT);
4022 mpt_reset(mpt, TRUE);
4026 mpt_assign_serno(mpt, mpt->tmf_req);
4027 mpt->tmf_req->state = REQ_STATE_ALLOCATED|REQ_STATE_QUEUED;
4029 tmf_req = (MSG_SCSI_TASK_MGMT *)mpt->tmf_req->req_vbuf;
4030 memset(tmf_req, 0, sizeof(*tmf_req));
4031 tmf_req->TargetID = target;
4032 tmf_req->Bus = channel;
4033 tmf_req->Function = MPI_FUNCTION_SCSI_TASK_MGMT;
4034 tmf_req->TaskType = type;
4035 tmf_req->MsgFlags = flags;
4036 tmf_req->MsgContext =
4037 htole32(mpt->tmf_req->index | scsi_tmf_handler_id);
4038 if (lun > MPT_MAX_LUNS) {
4039 tmf_req->LUN[0] = 0x40 | ((lun >> 8) & 0x3f);
4040 tmf_req->LUN[1] = lun & 0xff;
4042 tmf_req->LUN[1] = lun;
4044 tmf_req->TaskMsgContext = abort_ctx;
4046 mpt_lprt(mpt, MPT_PRT_DEBUG,
4047 "Issuing TMF %p:%u with MsgContext of 0x%x\n", mpt->tmf_req,
4048 mpt->tmf_req->serno, tmf_req->MsgContext);
4049 if (mpt->verbose > MPT_PRT_DEBUG) {
4050 mpt_print_request(tmf_req);
4053 KASSERT(mpt_req_on_pending_list(mpt, mpt->tmf_req) == 0,
4054 ("mpt_scsi_send_tmf: tmf_req already on pending list"));
4055 TAILQ_INSERT_HEAD(&mpt->request_pending_list, mpt->tmf_req, links);
4056 error = mpt_send_handshake_cmd(mpt, sizeof(*tmf_req), tmf_req);
4057 if (error != MPT_OK) {
4058 TAILQ_REMOVE(&mpt->request_pending_list, mpt->tmf_req, links);
4059 mpt->tmf_req->state = REQ_STATE_FREE;
4060 mpt_reset(mpt, TRUE);
4066 * When a command times out, it is placed on the requeust_timeout_list
4067 * and we wake our recovery thread. The MPT-Fusion architecture supports
4068 * only a single TMF operation at a time, so we serially abort/bdr, etc,
4069 * the timedout transactions. The next TMF is issued either by the
4070 * completion handler of the current TMF waking our recovery thread,
4071 * or the TMF timeout handler causing a hard reset sequence.
4074 mpt_recover_commands(struct mpt_softc *mpt)
4080 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
4082 * No work to do- leave.
4084 mpt_prt(mpt, "mpt_recover_commands: no requests.\n");
4089 * Flush any commands whose completion coincides with their timeout.
4093 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
4095 * The timedout commands have already
4096 * completed. This typically means
4097 * that either the timeout value was on
4098 * the hairy edge of what the device
4099 * requires or - more likely - interrupts
4100 * are not happening.
4102 mpt_prt(mpt, "Timedout requests already complete. "
4103 "Interrupts may not be functioning.\n");
4104 mpt_enable_ints(mpt);
4109 * We have no visibility into the current state of the
4110 * controller, so attempt to abort the commands in the
4111 * order they timed-out. For initiator commands, we
4112 * depend on the reply handler pulling requests off
4115 while ((req = TAILQ_FIRST(&mpt->request_timeout_list)) != NULL) {
4118 MSG_REQUEST_HEADER *hdrp = req->req_vbuf;
4120 mpt_prt(mpt, "attempting to abort req %p:%u function %x\n",
4121 req, req->serno, hdrp->Function);
4124 mpt_prt(mpt, "null ccb in timed out request. "
4125 "Resetting Controller.\n");
4126 mpt_reset(mpt, TRUE);
4129 mpt_set_ccb_status(ccb, CAM_CMD_TIMEOUT);
4132 * Check to see if this is not an initiator command and
4133 * deal with it differently if it is.
4135 switch (hdrp->Function) {
4136 case MPI_FUNCTION_SCSI_IO_REQUEST:
4137 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
4141 * XXX: FIX ME: need to abort target assists...
4143 mpt_prt(mpt, "just putting it back on the pend q\n");
4144 TAILQ_REMOVE(&mpt->request_timeout_list, req, links);
4145 TAILQ_INSERT_HEAD(&mpt->request_pending_list, req,
4150 error = mpt_scsi_send_tmf(mpt,
4151 MPI_SCSITASKMGMT_TASKTYPE_ABORT_TASK,
4152 0, 0, ccb->ccb_h.target_id, ccb->ccb_h.target_lun,
4153 htole32(req->index | scsi_io_handler_id), TRUE);
4157 * mpt_scsi_send_tmf hard resets on failure, so no
4158 * need to do so here. Our queue should be emptied
4159 * by the hard reset.
4164 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE,
4165 REQ_STATE_DONE, TRUE, 500);
4167 status = le16toh(mpt->tmf_req->IOCStatus);
4168 response = mpt->tmf_req->ResponseCode;
4169 mpt->tmf_req->state = REQ_STATE_FREE;
4173 * If we've errored out,, reset the controller.
4175 mpt_prt(mpt, "mpt_recover_commands: abort timed-out. "
4176 "Resetting controller\n");
4177 mpt_reset(mpt, TRUE);
4181 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) {
4182 mpt_prt(mpt, "mpt_recover_commands: IOC Status 0x%x. "
4183 "Resetting controller.\n", status);
4184 mpt_reset(mpt, TRUE);
4188 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED &&
4189 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) {
4190 mpt_prt(mpt, "mpt_recover_commands: TMF Response 0x%x. "
4191 "Resetting controller.\n", response);
4192 mpt_reset(mpt, TRUE);
4195 mpt_prt(mpt, "abort of req %p:%u completed\n", req, req->serno);
4199 /************************ Target Mode Support ****************************/
4201 mpt_fc_post_els(struct mpt_softc *mpt, request_t *req, int ioindex)
4203 MSG_LINK_SERVICE_BUFFER_POST_REQUEST *fc;
4204 PTR_SGE_TRANSACTION32 tep;
4205 PTR_SGE_SIMPLE32 se;
4209 paddr = req->req_pbuf;
4210 paddr += MPT_RQSL(mpt);
4213 memset(fc, 0, MPT_REQUEST_AREA);
4214 fc->BufferCount = 1;
4215 fc->Function = MPI_FUNCTION_FC_LINK_SRVC_BUF_POST;
4216 fc->MsgContext = htole32(req->index | fc_els_handler_id);
4219 * Okay, set up ELS buffer pointers. ELS buffer pointers
4220 * consist of a TE SGL element (with details length of zero)
4221 * followed by a SIMPLE SGL element which holds the address
4225 tep = (PTR_SGE_TRANSACTION32) &fc->SGL;
4227 tep->ContextSize = 4;
4229 tep->TransactionContext[0] = htole32(ioindex);
4231 se = (PTR_SGE_SIMPLE32) &tep->TransactionDetails[0];
4233 MPI_SGE_FLAGS_HOST_TO_IOC |
4234 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
4235 MPI_SGE_FLAGS_LAST_ELEMENT |
4236 MPI_SGE_FLAGS_END_OF_LIST |
4237 MPI_SGE_FLAGS_END_OF_BUFFER;
4238 fl <<= MPI_SGE_FLAGS_SHIFT;
4239 fl |= (MPT_NRFM(mpt) - MPT_RQSL(mpt));
4240 se->FlagsLength = htole32(fl);
4241 se->Address = htole32((uint32_t) paddr);
4242 mpt_lprt(mpt, MPT_PRT_DEBUG,
4243 "add ELS index %d ioindex %d for %p:%u\n",
4244 req->index, ioindex, req, req->serno);
4245 KASSERT(((req->state & REQ_STATE_LOCKED) != 0),
4246 ("mpt_fc_post_els: request not locked"));
4247 mpt_send_cmd(mpt, req);
4251 mpt_post_target_command(struct mpt_softc *mpt, request_t *req, int ioindex)
4253 PTR_MSG_TARGET_CMD_BUFFER_POST_REQUEST fc;
4254 PTR_CMD_BUFFER_DESCRIPTOR cb;
4257 paddr = req->req_pbuf;
4258 paddr += MPT_RQSL(mpt);
4259 memset(req->req_vbuf, 0, MPT_REQUEST_AREA);
4260 MPT_TGT_STATE(mpt, req)->state = TGT_STATE_LOADING;
4263 fc->BufferCount = 1;
4264 fc->Function = MPI_FUNCTION_TARGET_CMD_BUFFER_POST;
4265 fc->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4267 cb = &fc->Buffer[0];
4268 cb->IoIndex = htole16(ioindex);
4269 cb->u.PhysicalAddress32 = htole32((U32) paddr);
4271 mpt_check_doorbell(mpt);
4272 mpt_send_cmd(mpt, req);
4276 mpt_add_els_buffers(struct mpt_softc *mpt)
4280 if (mpt->is_fc == 0) {
4284 if (mpt->els_cmds_allocated) {
4288 mpt->els_cmd_ptrs = malloc(MPT_MAX_ELS * sizeof (request_t *),
4289 M_DEVBUF, M_NOWAIT | M_ZERO);
4291 if (mpt->els_cmd_ptrs == NULL) {
4296 * Feed the chip some ELS buffer resources
4298 for (i = 0; i < MPT_MAX_ELS; i++) {
4299 request_t *req = mpt_get_request(mpt, FALSE);
4303 req->state |= REQ_STATE_LOCKED;
4304 mpt->els_cmd_ptrs[i] = req;
4305 mpt_fc_post_els(mpt, req, i);
4309 mpt_prt(mpt, "unable to add ELS buffer resources\n");
4310 free(mpt->els_cmd_ptrs, M_DEVBUF);
4311 mpt->els_cmd_ptrs = NULL;
4314 if (i != MPT_MAX_ELS) {
4315 mpt_lprt(mpt, MPT_PRT_INFO,
4316 "only added %d of %d ELS buffers\n", i, MPT_MAX_ELS);
4318 mpt->els_cmds_allocated = i;
4323 mpt_add_target_commands(struct mpt_softc *mpt)
4327 if (mpt->tgt_cmd_ptrs) {
4331 max = MPT_MAX_REQUESTS(mpt) >> 1;
4332 if (max > mpt->mpt_max_tgtcmds) {
4333 max = mpt->mpt_max_tgtcmds;
4336 malloc(max * sizeof (request_t *), M_DEVBUF, M_NOWAIT | M_ZERO);
4337 if (mpt->tgt_cmd_ptrs == NULL) {
4339 "mpt_add_target_commands: could not allocate cmd ptrs\n");
4343 for (i = 0; i < max; i++) {
4346 req = mpt_get_request(mpt, FALSE);
4350 req->state |= REQ_STATE_LOCKED;
4351 mpt->tgt_cmd_ptrs[i] = req;
4352 mpt_post_target_command(mpt, req, i);
4357 mpt_lprt(mpt, MPT_PRT_ERROR, "could not add any target bufs\n");
4358 free(mpt->tgt_cmd_ptrs, M_DEVBUF);
4359 mpt->tgt_cmd_ptrs = NULL;
4363 mpt->tgt_cmds_allocated = i;
4366 mpt_lprt(mpt, MPT_PRT_INFO,
4367 "added %d of %d target bufs\n", i, max);
4373 mpt_enable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun)
4376 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) {
4378 } else if (lun >= MPT_MAX_LUNS) {
4380 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) {
4383 if (mpt->tenabled == 0) {
4385 (void) mpt_fc_reset_link(mpt, 0);
4389 if (lun == CAM_LUN_WILDCARD) {
4390 mpt->trt_wildcard.enabled = 1;
4392 mpt->trt[lun].enabled = 1;
4398 mpt_disable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun)
4402 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) {
4404 } else if (lun >= MPT_MAX_LUNS) {
4406 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) {
4409 if (lun == CAM_LUN_WILDCARD) {
4410 mpt->trt_wildcard.enabled = 0;
4412 mpt->trt[lun].enabled = 0;
4414 for (i = 0; i < MPT_MAX_LUNS; i++) {
4415 if (mpt->trt[lun].enabled) {
4419 if (i == MPT_MAX_LUNS && mpt->twildcard == 0) {
4421 (void) mpt_fc_reset_link(mpt, 0);
4429 * Called with MPT lock held
4432 mpt_target_start_io(struct mpt_softc *mpt, union ccb *ccb)
4434 struct ccb_scsiio *csio = &ccb->csio;
4435 request_t *cmd_req = MPT_TAG_2_REQ(mpt, csio->tag_id);
4436 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
4438 switch (tgt->state) {
4439 case TGT_STATE_IN_CAM:
4441 case TGT_STATE_MOVING_DATA:
4442 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4443 xpt_freeze_simq(mpt->sim, 1);
4444 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4445 tgt->ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
4449 mpt_prt(mpt, "ccb %p flags 0x%x tag 0x%08x had bad request "
4450 "starting I/O\n", ccb, csio->ccb_h.flags, csio->tag_id);
4451 mpt_tgt_dump_req_state(mpt, cmd_req);
4452 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
4457 if (csio->dxfer_len) {
4458 bus_dmamap_callback_t *cb;
4459 PTR_MSG_TARGET_ASSIST_REQUEST ta;
4462 KASSERT((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE,
4463 ("dxfer_len %u but direction is NONE", csio->dxfer_len));
4465 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4466 if (mpt->outofbeer == 0) {
4468 xpt_freeze_simq(mpt->sim, 1);
4469 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
4471 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4472 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4476 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG;
4477 if (sizeof (bus_addr_t) > 4) {
4478 cb = mpt_execute_req_a64;
4480 cb = mpt_execute_req;
4484 ccb->ccb_h.ccb_req_ptr = req;
4487 * Record the currently active ccb and the
4488 * request for it in our target state area.
4493 memset(req->req_vbuf, 0, MPT_RQSL(mpt));
4497 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp =
4499 ta->QueueTag = ssp->InitiatorTag;
4500 } else if (mpt->is_spi) {
4501 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp =
4503 ta->QueueTag = sp->Tag;
4505 ta->Function = MPI_FUNCTION_TARGET_ASSIST;
4506 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4507 ta->ReplyWord = htole32(tgt->reply_desc);
4508 if (csio->ccb_h.target_lun > MPT_MAX_LUNS) {
4510 0x40 | ((csio->ccb_h.target_lun >> 8) & 0x3f);
4511 ta->LUN[1] = csio->ccb_h.target_lun & 0xff;
4513 ta->LUN[1] = csio->ccb_h.target_lun;
4516 ta->RelativeOffset = tgt->bytes_xfered;
4517 ta->DataLength = ccb->csio.dxfer_len;
4518 if (ta->DataLength > tgt->resid) {
4519 ta->DataLength = tgt->resid;
4523 * XXX Should be done after data transfer completes?
4525 tgt->resid -= csio->dxfer_len;
4526 tgt->bytes_xfered += csio->dxfer_len;
4528 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
4529 ta->TargetAssistFlags |=
4530 TARGET_ASSIST_FLAGS_DATA_DIRECTION;
4533 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4534 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
4535 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
4536 ta->TargetAssistFlags |=
4537 TARGET_ASSIST_FLAGS_AUTO_STATUS;
4540 tgt->state = TGT_STATE_SETTING_UP_FOR_DATA;
4542 mpt_lprt(mpt, MPT_PRT_DEBUG,
4543 "DATA_CCB %p tag %x %u bytes %u resid flg %x req %p:%u "
4544 "nxtstate=%d\n", csio, csio->tag_id, csio->dxfer_len,
4545 tgt->resid, ccb->ccb_h.flags, req, req->serno, tgt->state);
4547 if ((ccb->ccb_h.flags & CAM_SCATTER_VALID) == 0) {
4548 if ((ccb->ccb_h.flags & CAM_DATA_PHYS) == 0) {
4550 int s = splsoftvm();
4551 error = bus_dmamap_load(mpt->buffer_dmat,
4552 req->dmap, csio->data_ptr, csio->dxfer_len,
4555 if (error == EINPROGRESS) {
4556 xpt_freeze_simq(mpt->sim, 1);
4557 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
4561 * We have been given a pointer to single
4564 struct bus_dma_segment seg;
4565 seg.ds_addr = (bus_addr_t)
4566 (vm_offset_t)csio->data_ptr;
4567 seg.ds_len = csio->dxfer_len;
4568 (*cb)(req, &seg, 1, 0);
4572 * We have been given a list of addresses.
4573 * This case could be easily supported but they are not
4574 * currently generated by the CAM subsystem so there
4575 * is no point in wasting the time right now.
4577 struct bus_dma_segment *sgs;
4578 if ((ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
4579 (*cb)(req, NULL, 0, EFAULT);
4581 /* Just use the segments provided */
4582 sgs = (struct bus_dma_segment *)csio->data_ptr;
4583 (*cb)(req, sgs, csio->sglist_cnt, 0);
4587 uint8_t *sp = NULL, sense[MPT_SENSE_SIZE];
4590 * XXX: I don't know why this seems to happen, but
4591 * XXX: completing the CCB seems to make things happy.
4592 * XXX: This seems to happen if the initiator requests
4593 * XXX: enough data that we have to do multiple CTIOs.
4595 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) {
4596 mpt_lprt(mpt, MPT_PRT_DEBUG,
4597 "Meaningless STATUS CCB (%p): flags %x status %x "
4598 "resid %d bytes_xfered %u\n", ccb, ccb->ccb_h.flags,
4599 ccb->ccb_h.status, tgt->resid, tgt->bytes_xfered);
4600 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
4601 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4605 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
4607 memcpy(sp, &csio->sense_data,
4608 min(csio->sense_len, MPT_SENSE_SIZE));
4610 mpt_scsi_tgt_status(mpt, ccb, cmd_req, csio->scsi_status, sp);
4615 mpt_scsi_tgt_local(struct mpt_softc *mpt, request_t *cmd_req,
4616 uint32_t lun, int send, uint8_t *data, size_t length)
4618 mpt_tgt_state_t *tgt;
4619 PTR_MSG_TARGET_ASSIST_REQUEST ta;
4627 * We enter with resid set to the data load for the command.
4629 tgt = MPT_TGT_STATE(mpt, cmd_req);
4630 if (length == 0 || tgt->resid == 0) {
4632 mpt_scsi_tgt_status(mpt, NULL, cmd_req, 0, NULL);
4636 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4637 mpt_prt(mpt, "out of resources- dropping local response\n");
4643 memset(req->req_vbuf, 0, MPT_RQSL(mpt));
4647 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp = cmd_req->req_vbuf;
4648 ta->QueueTag = ssp->InitiatorTag;
4649 } else if (mpt->is_spi) {
4650 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp = cmd_req->req_vbuf;
4651 ta->QueueTag = sp->Tag;
4653 ta->Function = MPI_FUNCTION_TARGET_ASSIST;
4654 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4655 ta->ReplyWord = htole32(tgt->reply_desc);
4656 if (lun > MPT_MAX_LUNS) {
4657 ta->LUN[0] = 0x40 | ((lun >> 8) & 0x3f);
4658 ta->LUN[1] = lun & 0xff;
4662 ta->RelativeOffset = 0;
4663 ta->DataLength = length;
4665 dptr = req->req_vbuf;
4666 dptr += MPT_RQSL(mpt);
4667 pptr = req->req_pbuf;
4668 pptr += MPT_RQSL(mpt);
4669 memcpy(dptr, data, min(length, MPT_RQSL(mpt)));
4671 se = (SGE_SIMPLE32 *) &ta->SGL[0];
4672 memset(se, 0,sizeof (*se));
4674 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT;
4676 ta->TargetAssistFlags |= TARGET_ASSIST_FLAGS_DATA_DIRECTION;
4677 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
4680 MPI_pSGE_SET_LENGTH(se, length);
4681 flags |= MPI_SGE_FLAGS_LAST_ELEMENT;
4682 flags |= MPI_SGE_FLAGS_END_OF_LIST | MPI_SGE_FLAGS_END_OF_BUFFER;
4683 MPI_pSGE_SET_FLAGS(se, flags);
4687 tgt->resid -= length;
4688 tgt->bytes_xfered = length;
4689 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4690 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
4692 tgt->state = TGT_STATE_MOVING_DATA;
4694 mpt_send_cmd(mpt, req);
4698 * Abort queued up CCBs
4701 mpt_abort_target_ccb(struct mpt_softc *mpt, union ccb *ccb)
4703 struct mpt_hdr_stailq *lp;
4704 struct ccb_hdr *srch;
4706 union ccb *accb = ccb->cab.abort_ccb;
4707 tgt_resource_t *trtp;
4709 mpt_lprt(mpt, MPT_PRT_DEBUG, "aborting ccb %p\n", accb);
4711 if (ccb->ccb_h.target_lun == CAM_LUN_WILDCARD) {
4712 trtp = &mpt->trt_wildcard;
4714 trtp = &mpt->trt[ccb->ccb_h.target_lun];
4717 if (accb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
4719 } else if (accb->ccb_h.func_code == XPT_IMMEDIATE_NOTIFY) {
4722 return (CAM_REQ_INVALID);
4725 STAILQ_FOREACH(srch, lp, sim_links.stqe) {
4726 if (srch == &accb->ccb_h) {
4728 STAILQ_REMOVE(lp, srch, ccb_hdr, sim_links.stqe);
4733 accb->ccb_h.status = CAM_REQ_ABORTED;
4735 return (CAM_REQ_CMP);
4737 mpt_prt(mpt, "mpt_abort_tgt_ccb: CCB %p not found\n", ccb);
4738 return (CAM_PATH_INVALID);
4742 * Ask the MPT to abort the current target command
4745 mpt_abort_target_cmd(struct mpt_softc *mpt, request_t *cmd_req)
4749 PTR_MSG_TARGET_MODE_ABORT abtp;
4751 req = mpt_get_request(mpt, FALSE);
4755 abtp = req->req_vbuf;
4756 memset(abtp, 0, sizeof (*abtp));
4758 abtp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4759 abtp->AbortType = TARGET_MODE_ABORT_TYPE_EXACT_IO;
4760 abtp->Function = MPI_FUNCTION_TARGET_MODE_ABORT;
4761 abtp->ReplyWord = htole32(MPT_TGT_STATE(mpt, cmd_req)->reply_desc);
4763 if (mpt->is_fc || mpt->is_sas) {
4764 mpt_send_cmd(mpt, req);
4766 error = mpt_send_handshake_cmd(mpt, sizeof(*req), req);
4772 * WE_TRUST_AUTO_GOOD_STATUS- I've found that setting
4773 * TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS leads the
4774 * FC929 to set bogus FC_RSP fields (nonzero residuals
4775 * but w/o RESID fields set). This causes QLogic initiators
4776 * to think maybe that a frame was lost.
4778 * WE_CAN_USE_AUTO_REPOST- we can't use AUTO_REPOST because
4779 * we use allocated requests to do TARGET_ASSIST and we
4780 * need to know when to release them.
4784 mpt_scsi_tgt_status(struct mpt_softc *mpt, union ccb *ccb, request_t *cmd_req,
4785 uint8_t status, uint8_t const *sense_data)
4788 mpt_tgt_state_t *tgt;
4789 PTR_MSG_TARGET_STATUS_SEND_REQUEST tp;
4795 cmd_vbuf = cmd_req->req_vbuf;
4796 cmd_vbuf += MPT_RQSL(mpt);
4797 tgt = MPT_TGT_STATE(mpt, cmd_req);
4799 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4800 if (mpt->outofbeer == 0) {
4802 xpt_freeze_simq(mpt->sim, 1);
4803 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
4806 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4807 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4811 "could not allocate status request- dropping\n");
4817 ccb->ccb_h.ccb_mpt_ptr = mpt;
4818 ccb->ccb_h.ccb_req_ptr = req;
4822 * Record the currently active ccb, if any, and the
4823 * request for it in our target state area.
4827 tgt->state = TGT_STATE_SENDING_STATUS;
4830 paddr = req->req_pbuf;
4831 paddr += MPT_RQSL(mpt);
4833 memset(tp, 0, sizeof (*tp));
4834 tp->Function = MPI_FUNCTION_TARGET_STATUS_SEND;
4836 PTR_MPI_TARGET_FCP_CMD_BUFFER fc =
4837 (PTR_MPI_TARGET_FCP_CMD_BUFFER) cmd_vbuf;
4841 sts_vbuf = req->req_vbuf;
4842 sts_vbuf += MPT_RQSL(mpt);
4843 rsp = (uint32_t *) sts_vbuf;
4844 memcpy(tp->LUN, fc->FcpLun, sizeof (tp->LUN));
4847 * The MPI_TARGET_FCP_RSP_BUFFER define is unfortunate.
4848 * It has to be big-endian in memory and is organized
4849 * in 32 bit words, which are much easier to deal with
4850 * as words which are swizzled as needed.
4852 * All we're filling here is the FC_RSP payload.
4853 * We may just have the chip synthesize it if
4854 * we have no residual and an OK status.
4857 memset(rsp, 0, sizeof (MPI_TARGET_FCP_RSP_BUFFER));
4861 rsp[2] |= 0x800; /* XXXX NEED MNEMONIC!!!! */
4862 rsp[3] = htobe32(tgt->resid);
4863 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4864 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4867 if (status == SCSI_STATUS_CHECK_COND) {
4870 rsp[2] |= 0x200; /* XXXX NEED MNEMONIC!!!! */
4871 rsp[4] = htobe32(MPT_SENSE_SIZE);
4873 memcpy(&rsp[8], sense_data, MPT_SENSE_SIZE);
4875 mpt_prt(mpt, "mpt_scsi_tgt_status: CHECK CONDI"
4876 "TION but no sense data?\n");
4877 memset(&rsp, 0, MPT_SENSE_SIZE);
4879 for (i = 8; i < (8 + (MPT_SENSE_SIZE >> 2)); i++) {
4880 rsp[i] = htobe32(rsp[i]);
4882 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4883 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4886 #ifndef WE_TRUST_AUTO_GOOD_STATUS
4887 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4889 rsp[2] = htobe32(rsp[2]);
4890 } else if (mpt->is_sas) {
4891 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp =
4892 (PTR_MPI_TARGET_SSP_CMD_BUFFER) cmd_vbuf;
4893 memcpy(tp->LUN, ssp->LogicalUnitNumber, sizeof (tp->LUN));
4895 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp =
4896 (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) cmd_vbuf;
4897 tp->StatusCode = status;
4898 tp->QueueTag = htole16(sp->Tag);
4899 memcpy(tp->LUN, sp->LogicalUnitNumber, sizeof (tp->LUN));
4902 tp->ReplyWord = htole32(tgt->reply_desc);
4903 tp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4905 #ifdef WE_CAN_USE_AUTO_REPOST
4906 tp->MsgFlags = TARGET_STATUS_SEND_FLAGS_REPOST_CMD_BUFFER;
4908 if (status == SCSI_STATUS_OK && resplen == 0) {
4909 tp->MsgFlags |= TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS;
4911 tp->StatusDataSGE.u.Address32 = htole32((uint32_t) paddr);
4913 MPI_SGE_FLAGS_HOST_TO_IOC |
4914 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
4915 MPI_SGE_FLAGS_LAST_ELEMENT |
4916 MPI_SGE_FLAGS_END_OF_LIST |
4917 MPI_SGE_FLAGS_END_OF_BUFFER;
4918 fl <<= MPI_SGE_FLAGS_SHIFT;
4920 tp->StatusDataSGE.FlagsLength = htole32(fl);
4923 mpt_lprt(mpt, MPT_PRT_DEBUG,
4924 "STATUS_CCB %p (wit%s sense) tag %x req %p:%u resid %u\n",
4925 ccb, sense_data?"h" : "hout", ccb? ccb->csio.tag_id : -1, req,
4926 req->serno, tgt->resid);
4928 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG;
4929 mpt_req_timeout(req, 60 * hz, mpt_timeout, ccb);
4931 mpt_send_cmd(mpt, req);
4935 mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *mpt, request_t *req, mpt_task_mgmt_t fc,
4936 tgt_resource_t *trtp, int init_id)
4938 struct ccb_immediate_notify *inot;
4939 mpt_tgt_state_t *tgt;
4941 tgt = MPT_TGT_STATE(mpt, req);
4942 inot = (struct ccb_immediate_notify *) STAILQ_FIRST(&trtp->inots);
4944 mpt_lprt(mpt, MPT_PRT_WARN, "no INOTSs- sending back BSY\n");
4945 mpt_scsi_tgt_status(mpt, NULL, req, SCSI_STATUS_BUSY, NULL);
4948 STAILQ_REMOVE_HEAD(&trtp->inots, sim_links.stqe);
4949 mpt_lprt(mpt, MPT_PRT_DEBUG1,
4950 "Get FREE INOT %p lun %d\n", inot, inot->ccb_h.target_lun);
4952 inot->initiator_id = init_id; /* XXX */
4954 * This is a somewhat grotesque attempt to map from task management
4955 * to old style SCSI messages. God help us all.
4958 case MPT_ABORT_TASK_SET:
4959 inot->arg = MSG_ABORT_TAG;
4961 case MPT_CLEAR_TASK_SET:
4962 inot->arg = MSG_CLEAR_TASK_SET;
4964 case MPT_TARGET_RESET:
4965 inot->arg = MSG_TARGET_RESET;
4968 inot->arg = MSG_CLEAR_ACA;
4970 case MPT_TERMINATE_TASK:
4971 inot->arg = MSG_ABORT_TAG;
4974 inot->arg = MSG_NOOP;
4978 * XXX KDM we need the sequence/tag number for the target of the
4979 * task management operation, especially if it is an abort.
4981 tgt->ccb = (union ccb *) inot;
4982 inot->ccb_h.status = CAM_MESSAGE_RECV|CAM_DEV_QFRZN;
4983 xpt_done((union ccb *)inot);
4987 mpt_scsi_tgt_atio(struct mpt_softc *mpt, request_t *req, uint32_t reply_desc)
4989 static uint8_t null_iqd[SHORT_INQUIRY_LENGTH] = {
4990 0x7f, 0x00, 0x02, 0x02, 0x20, 0x00, 0x00, 0x32,
4991 'F', 'R', 'E', 'E', 'B', 'S', 'D', ' ',
4992 'L', 'S', 'I', '-', 'L', 'O', 'G', 'I',
4993 'C', ' ', 'N', 'U', 'L', 'D', 'E', 'V',
4996 struct ccb_accept_tio *atiop;
4999 mpt_tgt_state_t *tgt;
5000 tgt_resource_t *trtp = NULL;
5005 mpt_task_mgmt_t fct = MPT_NIL_TMT_VALUE;
5009 * Stash info for the current command where we can get at it later.
5011 vbuf = req->req_vbuf;
5012 vbuf += MPT_RQSL(mpt);
5015 * Get our state pointer set up.
5017 tgt = MPT_TGT_STATE(mpt, req);
5018 if (tgt->state != TGT_STATE_LOADED) {
5019 mpt_tgt_dump_req_state(mpt, req);
5020 panic("bad target state in mpt_scsi_tgt_atio");
5022 memset(tgt, 0, sizeof (mpt_tgt_state_t));
5023 tgt->state = TGT_STATE_IN_CAM;
5024 tgt->reply_desc = reply_desc;
5025 ioindex = GET_IO_INDEX(reply_desc);
5026 if (mpt->verbose >= MPT_PRT_DEBUG) {
5027 mpt_dump_data(mpt, "mpt_scsi_tgt_atio response", vbuf,
5028 max(sizeof (MPI_TARGET_FCP_CMD_BUFFER),
5029 max(sizeof (MPI_TARGET_SSP_CMD_BUFFER),
5030 sizeof (MPI_TARGET_SCSI_SPI_CMD_BUFFER))));
5033 PTR_MPI_TARGET_FCP_CMD_BUFFER fc;
5034 fc = (PTR_MPI_TARGET_FCP_CMD_BUFFER) vbuf;
5035 if (fc->FcpCntl[2]) {
5037 * Task Management Request
5039 switch (fc->FcpCntl[2]) {
5041 fct = MPT_ABORT_TASK_SET;
5044 fct = MPT_CLEAR_TASK_SET;
5047 fct = MPT_TARGET_RESET;
5050 fct = MPT_CLEAR_ACA;
5053 fct = MPT_TERMINATE_TASK;
5056 mpt_prt(mpt, "CORRUPTED TASK MGMT BITS: 0x%x\n",
5058 mpt_scsi_tgt_status(mpt, 0, req,
5063 switch (fc->FcpCntl[1]) {
5065 tag_action = MSG_SIMPLE_Q_TAG;
5068 tag_action = MSG_HEAD_OF_Q_TAG;
5071 tag_action = MSG_ORDERED_Q_TAG;
5075 * Bah. Ignore Untagged Queing and ACA
5077 tag_action = MSG_SIMPLE_Q_TAG;
5081 tgt->resid = be32toh(fc->FcpDl);
5083 lunptr = fc->FcpLun;
5084 itag = be16toh(fc->OptionalOxid);
5085 } else if (mpt->is_sas) {
5086 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp;
5087 ssp = (PTR_MPI_TARGET_SSP_CMD_BUFFER) vbuf;
5089 lunptr = ssp->LogicalUnitNumber;
5090 itag = ssp->InitiatorTag;
5092 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp;
5093 sp = (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) vbuf;
5095 lunptr = sp->LogicalUnitNumber;
5100 * Generate a simple lun
5102 switch (lunptr[0] & 0xc0) {
5104 lun = ((lunptr[0] & 0x3f) << 8) | lunptr[1];
5110 mpt_lprt(mpt, MPT_PRT_ERROR, "cannot handle this type lun\n");
5116 * Deal with non-enabled or bad luns here.
5118 if (lun >= MPT_MAX_LUNS || mpt->tenabled == 0 ||
5119 mpt->trt[lun].enabled == 0) {
5120 if (mpt->twildcard) {
5121 trtp = &mpt->trt_wildcard;
5122 } else if (fct == MPT_NIL_TMT_VALUE) {
5124 * In this case, we haven't got an upstream listener
5125 * for either a specific lun or wildcard luns. We
5126 * have to make some sensible response. For regular
5127 * inquiry, just return some NOT HERE inquiry data.
5128 * For VPD inquiry, report illegal field in cdb.
5129 * For REQUEST SENSE, just return NO SENSE data.
5130 * REPORT LUNS gets illegal command.
5131 * All other commands get 'no such device'.
5133 uint8_t *sp, cond, buf[MPT_SENSE_SIZE];
5136 memset(buf, 0, MPT_SENSE_SIZE);
5137 cond = SCSI_STATUS_CHECK_COND;
5142 tgt->tag_id = MPT_MAKE_TAGID(mpt, req, ioindex);
5152 len = min(tgt->resid, cdbp[4]);
5153 len = min(len, sizeof (null_iqd));
5154 mpt_lprt(mpt, MPT_PRT_DEBUG,
5155 "local inquiry %ld bytes\n", (long) len);
5156 mpt_scsi_tgt_local(mpt, req, lun, 1,
5163 len = min(tgt->resid, cdbp[4]);
5164 len = min(len, sizeof (buf));
5165 mpt_lprt(mpt, MPT_PRT_DEBUG,
5166 "local reqsense %ld bytes\n", (long) len);
5167 mpt_scsi_tgt_local(mpt, req, lun, 1,
5172 mpt_lprt(mpt, MPT_PRT_DEBUG, "REPORT LUNS\n");
5176 mpt_lprt(mpt, MPT_PRT_DEBUG,
5177 "CMD 0x%x to unmanaged lun %u\n",
5182 mpt_scsi_tgt_status(mpt, NULL, req, cond, sp);
5185 /* otherwise, leave trtp NULL */
5187 trtp = &mpt->trt[lun];
5191 * Deal with any task management
5193 if (fct != MPT_NIL_TMT_VALUE) {
5195 mpt_prt(mpt, "task mgmt function %x but no listener\n",
5197 mpt_scsi_tgt_status(mpt, 0, req,
5200 mpt_scsi_tgt_tsk_mgmt(mpt, req, fct, trtp,
5201 GET_INITIATOR_INDEX(reply_desc));
5207 atiop = (struct ccb_accept_tio *) STAILQ_FIRST(&trtp->atios);
5208 if (atiop == NULL) {
5209 mpt_lprt(mpt, MPT_PRT_WARN,
5210 "no ATIOs for lun %u- sending back %s\n", lun,
5211 mpt->tenabled? "QUEUE FULL" : "BUSY");
5212 mpt_scsi_tgt_status(mpt, NULL, req,
5213 mpt->tenabled? SCSI_STATUS_QUEUE_FULL : SCSI_STATUS_BUSY,
5217 STAILQ_REMOVE_HEAD(&trtp->atios, sim_links.stqe);
5218 mpt_lprt(mpt, MPT_PRT_DEBUG1,
5219 "Get FREE ATIO %p lun %d\n", atiop, atiop->ccb_h.target_lun);
5220 atiop->ccb_h.ccb_mpt_ptr = mpt;
5221 atiop->ccb_h.status = CAM_CDB_RECVD;
5222 atiop->ccb_h.target_lun = lun;
5223 atiop->sense_len = 0;
5224 atiop->init_id = GET_INITIATOR_INDEX(reply_desc);
5225 atiop->cdb_len = mpt_cdblen(cdbp[0], 16);
5226 memcpy(atiop->cdb_io.cdb_bytes, cdbp, atiop->cdb_len);
5229 * The tag we construct here allows us to find the
5230 * original request that the command came in with.
5232 * This way we don't have to depend on anything but the
5233 * tag to find things when CCBs show back up from CAM.
5235 atiop->tag_id = MPT_MAKE_TAGID(mpt, req, ioindex);
5236 tgt->tag_id = atiop->tag_id;
5238 atiop->tag_action = tag_action;
5239 atiop->ccb_h.flags = CAM_TAG_ACTION_VALID;
5241 if (mpt->verbose >= MPT_PRT_DEBUG) {
5243 mpt_prt(mpt, "START_CCB %p for lun %u CDB=<", atiop,
5244 atiop->ccb_h.target_lun);
5245 for (i = 0; i < atiop->cdb_len; i++) {
5246 mpt_prtc(mpt, "%02x%c", cdbp[i] & 0xff,
5247 (i == (atiop->cdb_len - 1))? '>' : ' ');
5249 mpt_prtc(mpt, " itag %x tag %x rdesc %x dl=%u\n",
5250 itag, atiop->tag_id, tgt->reply_desc, tgt->resid);
5253 xpt_done((union ccb *)atiop);
5257 mpt_tgt_dump_tgt_state(struct mpt_softc *mpt, request_t *req)
5259 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req);
5261 mpt_prt(mpt, "req %p:%u tgt:rdesc 0x%x resid %u xfrd %u ccb %p treq %p "
5262 "nx %d tag 0x%08x state=%d\n", req, req->serno, tgt->reply_desc,
5263 tgt->resid, tgt->bytes_xfered, tgt->ccb, tgt->req, tgt->nxfers,
5264 tgt->tag_id, tgt->state);
5268 mpt_tgt_dump_req_state(struct mpt_softc *mpt, request_t *req)
5271 mpt_prt(mpt, "req %p:%u index %u (%x) state %x\n", req, req->serno,
5272 req->index, req->index, req->state);
5273 mpt_tgt_dump_tgt_state(mpt, req);
5277 mpt_scsi_tgt_reply_handler(struct mpt_softc *mpt, request_t *req,
5278 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
5284 if (reply_frame == NULL) {
5286 * Figure out what the state of the command is.
5288 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req);
5291 mpt_req_spcl(mpt, req, "turbo scsi_tgt_reply", __LINE__);
5293 mpt_req_not_spcl(mpt, tgt->req,
5294 "turbo scsi_tgt_reply associated req", __LINE__);
5297 switch(tgt->state) {
5298 case TGT_STATE_LOADED:
5300 * This is a new command starting.
5302 mpt_scsi_tgt_atio(mpt, req, reply_desc);
5304 case TGT_STATE_MOVING_DATA:
5306 uint8_t *sp = NULL, sense[MPT_SENSE_SIZE];
5309 if (tgt->req == NULL) {
5310 panic("mpt: turbo target reply with null "
5311 "associated request moving data");
5315 if (tgt->is_local == 0) {
5316 panic("mpt: turbo target reply with "
5317 "null associated ccb moving data");
5320 mpt_lprt(mpt, MPT_PRT_DEBUG,
5321 "TARGET_ASSIST local done\n");
5322 TAILQ_REMOVE(&mpt->request_pending_list,
5324 mpt_free_request(mpt, tgt->req);
5326 mpt_scsi_tgt_status(mpt, NULL, req,
5332 mpt_req_untimeout(req, mpt_timeout, ccb);
5333 mpt_lprt(mpt, MPT_PRT_DEBUG,
5334 "TARGET_ASSIST %p (req %p:%u) done tag 0x%x\n",
5335 ccb, tgt->req, tgt->req->serno, ccb->csio.tag_id);
5337 * Free the Target Assist Request
5339 KASSERT(tgt->req->ccb == ccb,
5340 ("tgt->req %p:%u tgt->req->ccb %p", tgt->req,
5341 tgt->req->serno, tgt->req->ccb));
5342 TAILQ_REMOVE(&mpt->request_pending_list,
5344 mpt_free_request(mpt, tgt->req);
5348 * Do we need to send status now? That is, are
5349 * we done with all our data transfers?
5351 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) {
5352 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
5353 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
5354 KASSERT(ccb->ccb_h.status,
5355 ("zero ccb sts at %d", __LINE__));
5356 tgt->state = TGT_STATE_IN_CAM;
5357 if (mpt->outofbeer) {
5358 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
5360 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
5366 * Otherwise, send status (and sense)
5368 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
5370 memcpy(sp, &ccb->csio.sense_data,
5371 min(ccb->csio.sense_len, MPT_SENSE_SIZE));
5373 mpt_scsi_tgt_status(mpt, ccb, req,
5374 ccb->csio.scsi_status, sp);
5377 case TGT_STATE_SENDING_STATUS:
5378 case TGT_STATE_MOVING_DATA_AND_STATUS:
5383 if (tgt->req == NULL) {
5384 panic("mpt: turbo target reply with null "
5385 "associated request sending status");
5392 TGT_STATE_MOVING_DATA_AND_STATUS) {
5395 mpt_req_untimeout(req, mpt_timeout, ccb);
5396 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
5397 ccb->ccb_h.status |= CAM_SENT_SENSE;
5399 mpt_lprt(mpt, MPT_PRT_DEBUG,
5400 "TARGET_STATUS tag %x sts %x flgs %x req "
5401 "%p\n", ccb->csio.tag_id, ccb->ccb_h.status,
5402 ccb->ccb_h.flags, tgt->req);
5404 * Free the Target Send Status Request
5406 KASSERT(tgt->req->ccb == ccb,
5407 ("tgt->req %p:%u tgt->req->ccb %p",
5408 tgt->req, tgt->req->serno, tgt->req->ccb));
5410 * Notify CAM that we're done
5412 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
5413 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
5414 KASSERT(ccb->ccb_h.status,
5415 ("ZERO ccb sts at %d", __LINE__));
5418 mpt_lprt(mpt, MPT_PRT_DEBUG,
5419 "TARGET_STATUS non-CAM for req %p:%u\n",
5420 tgt->req, tgt->req->serno);
5422 TAILQ_REMOVE(&mpt->request_pending_list,
5424 mpt_free_request(mpt, tgt->req);
5428 * And re-post the Command Buffer.
5429 * This will reset the state.
5431 ioindex = GET_IO_INDEX(reply_desc);
5432 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5434 mpt_post_target_command(mpt, req, ioindex);
5437 * And post a done for anyone who cares
5440 if (mpt->outofbeer) {
5441 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
5443 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
5449 case TGT_STATE_NIL: /* XXX This Never Happens XXX */
5450 tgt->state = TGT_STATE_LOADED;
5453 mpt_prt(mpt, "Unknown Target State 0x%x in Context "
5454 "Reply Function\n", tgt->state);
5459 status = le16toh(reply_frame->IOCStatus);
5460 if (status != MPI_IOCSTATUS_SUCCESS) {
5461 dbg = MPT_PRT_ERROR;
5463 dbg = MPT_PRT_DEBUG1;
5467 "SCSI_TGT REPLY: req=%p:%u reply=%p func=%x IOCstatus 0x%x\n",
5468 req, req->serno, reply_frame, reply_frame->Function, status);
5470 switch (reply_frame->Function) {
5471 case MPI_FUNCTION_TARGET_CMD_BUFFER_POST:
5473 mpt_tgt_state_t *tgt;
5475 mpt_req_spcl(mpt, req, "tgt reply BUFFER POST", __LINE__);
5477 if (status != MPI_IOCSTATUS_SUCCESS) {
5483 tgt = MPT_TGT_STATE(mpt, req);
5484 KASSERT(tgt->state == TGT_STATE_LOADING,
5485 ("bad state 0x%x on reply to buffer post", tgt->state));
5486 mpt_assign_serno(mpt, req);
5487 tgt->state = TGT_STATE_LOADED;
5490 case MPI_FUNCTION_TARGET_ASSIST:
5492 mpt_req_not_spcl(mpt, req, "tgt reply TARGET ASSIST", __LINE__);
5494 mpt_prt(mpt, "target assist completion\n");
5495 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5496 mpt_free_request(mpt, req);
5498 case MPI_FUNCTION_TARGET_STATUS_SEND:
5500 mpt_req_not_spcl(mpt, req, "tgt reply STATUS SEND", __LINE__);
5502 mpt_prt(mpt, "status send completion\n");
5503 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5504 mpt_free_request(mpt, req);
5506 case MPI_FUNCTION_TARGET_MODE_ABORT:
5508 PTR_MSG_TARGET_MODE_ABORT_REPLY abtrp =
5509 (PTR_MSG_TARGET_MODE_ABORT_REPLY) reply_frame;
5510 PTR_MSG_TARGET_MODE_ABORT abtp =
5511 (PTR_MSG_TARGET_MODE_ABORT) req->req_vbuf;
5512 uint32_t cc = GET_IO_INDEX(le32toh(abtp->ReplyWord));
5514 mpt_req_not_spcl(mpt, req, "tgt reply TMODE ABORT", __LINE__);
5516 mpt_prt(mpt, "ABORT RX_ID 0x%x Complete; status 0x%x cnt %u\n",
5517 cc, le16toh(abtrp->IOCStatus), le32toh(abtrp->AbortCount));
5518 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5519 mpt_free_request(mpt, req);
5523 mpt_prt(mpt, "Unknown Target Address Reply Function code: "
5524 "0x%x\n", reply_frame->Function);
projects / FreeBSD / FreeBSD.git / blob