2 * FreeBSD/CAM specific routines for LSI '909 FC adapters.
5 * Copyright (c) 2000, 2001 by Greg Ansley
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice immediately at the beginning of the file, without modification,
12 * this list of conditions, and the following disclaimer.
13 * 2. The name of the author may not be used to endorse or promote products
14 * derived from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
20 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * Copyright (c) 2002, 2006 by Matthew Jacob
30 * All rights reserved.
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions are
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
38 * substantially similar to the "NO WARRANTY" disclaimer below
39 * ("Disclaimer") and any redistribution must be conditioned upon including
40 * a substantially similar Disclaimer requirement for further binary
42 * 3. Neither the names of the above listed copyright holders nor the names
43 * of any contributors may be used to endorse or promote products derived
44 * from this software without specific prior written permission.
46 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
47 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
50 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
51 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
52 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
53 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
54 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
55 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT
56 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
58 * Support from Chris Ellsworth in order to make SAS adapters work
59 * is gratefully acknowledged.
61 * Support from LSI-Logic has also gone a great deal toward making this a
62 * workable subsystem and is gratefully acknowledged.
65 * Copyright (c) 2004, Avid Technology, Inc. and its contributors.
66 * Copyright (c) 2005, WHEEL Sp. z o.o.
67 * Copyright (c) 2004, 2005 Justin T. Gibbs
68 * All rights reserved.
70 * Redistribution and use in source and binary forms, with or without
71 * modification, are permitted provided that the following conditions are
73 * 1. Redistributions of source code must retain the above copyright
74 * notice, this list of conditions and the following disclaimer.
75 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
76 * substantially similar to the "NO WARRANTY" disclaimer below
77 * ("Disclaimer") and any redistribution must be conditioned upon including
78 * a substantially similar Disclaimer requirement for further binary
80 * 3. Neither the names of the above listed copyright holders nor the names
81 * of any contributors may be used to endorse or promote products derived
82 * from this software without specific prior written permission.
84 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
85 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
86 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
87 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
88 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
89 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
90 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
91 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
92 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
93 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT
94 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
96 #include <sys/cdefs.h>
97 __FBSDID("$FreeBSD$");
99 #include <dev/mpt/mpt.h>
100 #include <dev/mpt/mpt_cam.h>
101 #include <dev/mpt/mpt_raid.h>
103 #include "dev/mpt/mpilib/mpi_ioc.h" /* XXX Fix Event Handling!!! */
104 #include "dev/mpt/mpilib/mpi_init.h"
105 #include "dev/mpt/mpilib/mpi_targ.h"
106 #include "dev/mpt/mpilib/mpi_fc.h"
107 #include "dev/mpt/mpilib/mpi_sas.h"
108 #if __FreeBSD_version >= 500000
109 #include <sys/sysctl.h>
111 #include <sys/callout.h>
112 #include <sys/kthread.h>
114 #if __FreeBSD_version >= 700025
115 #ifndef CAM_NEW_TRAN_CODE
116 #define CAM_NEW_TRAN_CODE 1
120 static void mpt_poll(struct cam_sim *);
121 static timeout_t mpt_timeout;
122 static void mpt_action(struct cam_sim *, union ccb *);
124 mpt_get_spi_settings(struct mpt_softc *, struct ccb_trans_settings *);
125 static void mpt_setwidth(struct mpt_softc *, int, int);
126 static void mpt_setsync(struct mpt_softc *, int, int, int);
127 static int mpt_update_spi_config(struct mpt_softc *, int);
128 static void mpt_calc_geometry(struct ccb_calc_geometry *ccg, int extended);
130 static mpt_reply_handler_t mpt_scsi_reply_handler;
131 static mpt_reply_handler_t mpt_scsi_tmf_reply_handler;
132 static mpt_reply_handler_t mpt_fc_els_reply_handler;
133 static int mpt_scsi_reply_frame_handler(struct mpt_softc *, request_t *,
134 MSG_DEFAULT_REPLY *);
135 static int mpt_bus_reset(struct mpt_softc *, target_id_t, lun_id_t, int);
136 static int mpt_fc_reset_link(struct mpt_softc *, int);
138 static int mpt_spawn_recovery_thread(struct mpt_softc *mpt);
139 static void mpt_terminate_recovery_thread(struct mpt_softc *mpt);
140 static void mpt_recovery_thread(void *arg);
141 static void mpt_recover_commands(struct mpt_softc *mpt);
143 static int mpt_scsi_send_tmf(struct mpt_softc *, u_int, u_int, u_int,
144 u_int, u_int, u_int, int);
146 static void mpt_fc_post_els(struct mpt_softc *mpt, request_t *, int);
147 static void mpt_post_target_command(struct mpt_softc *, request_t *, int);
148 static int mpt_add_els_buffers(struct mpt_softc *mpt);
149 static int mpt_add_target_commands(struct mpt_softc *mpt);
150 static int mpt_enable_lun(struct mpt_softc *, target_id_t, lun_id_t);
151 static int mpt_disable_lun(struct mpt_softc *, target_id_t, lun_id_t);
152 static void mpt_target_start_io(struct mpt_softc *, union ccb *);
153 static cam_status mpt_abort_target_ccb(struct mpt_softc *, union ccb *);
154 static int mpt_abort_target_cmd(struct mpt_softc *, request_t *);
155 static void mpt_scsi_tgt_status(struct mpt_softc *, union ccb *, request_t *,
156 uint8_t, uint8_t const *);
158 mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *, request_t *, mpt_task_mgmt_t,
159 tgt_resource_t *, int);
160 static void mpt_tgt_dump_tgt_state(struct mpt_softc *, request_t *);
161 static void mpt_tgt_dump_req_state(struct mpt_softc *, request_t *);
162 static mpt_reply_handler_t mpt_scsi_tgt_reply_handler;
163 static mpt_reply_handler_t mpt_sata_pass_reply_handler;
165 static uint32_t scsi_io_handler_id = MPT_HANDLER_ID_NONE;
166 static uint32_t scsi_tmf_handler_id = MPT_HANDLER_ID_NONE;
167 static uint32_t fc_els_handler_id = MPT_HANDLER_ID_NONE;
168 static uint32_t sata_pass_handler_id = MPT_HANDLER_ID_NONE;
170 static mpt_probe_handler_t mpt_cam_probe;
171 static mpt_attach_handler_t mpt_cam_attach;
172 static mpt_enable_handler_t mpt_cam_enable;
173 static mpt_ready_handler_t mpt_cam_ready;
174 static mpt_event_handler_t mpt_cam_event;
175 static mpt_reset_handler_t mpt_cam_ioc_reset;
176 static mpt_detach_handler_t mpt_cam_detach;
178 static struct mpt_personality mpt_cam_personality =
181 .probe = mpt_cam_probe,
182 .attach = mpt_cam_attach,
183 .enable = mpt_cam_enable,
184 .ready = mpt_cam_ready,
185 .event = mpt_cam_event,
186 .reset = mpt_cam_ioc_reset,
187 .detach = mpt_cam_detach,
190 DECLARE_MPT_PERSONALITY(mpt_cam, SI_ORDER_SECOND);
191 MODULE_DEPEND(mpt_cam, cam, 1, 1, 1);
193 int mpt_enable_sata_wc = -1;
194 TUNABLE_INT("hw.mpt.enable_sata_wc", &mpt_enable_sata_wc);
197 mpt_cam_probe(struct mpt_softc *mpt)
202 * Only attach to nodes that support the initiator or target role
203 * (or want to) or have RAID physical devices that need CAM pass-thru
206 if (mpt->do_cfg_role) {
207 role = mpt->cfg_role;
211 if ((role & (MPT_ROLE_TARGET|MPT_ROLE_INITIATOR)) != 0 ||
212 (mpt->ioc_page2 != NULL && mpt->ioc_page2->MaxPhysDisks != 0)) {
219 mpt_cam_attach(struct mpt_softc *mpt)
221 struct cam_devq *devq;
222 mpt_handler_t handler;
227 TAILQ_INIT(&mpt->request_timeout_list);
228 maxq = (mpt->ioc_facts.GlobalCredits < MPT_MAX_REQUESTS(mpt))?
229 mpt->ioc_facts.GlobalCredits : MPT_MAX_REQUESTS(mpt);
231 handler.reply_handler = mpt_scsi_reply_handler;
232 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
233 &scsi_io_handler_id);
239 handler.reply_handler = mpt_scsi_tmf_reply_handler;
240 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
241 &scsi_tmf_handler_id);
248 * If we're fibre channel and could support target mode, we register
249 * an ELS reply handler and give it resources.
251 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) {
252 handler.reply_handler = mpt_fc_els_reply_handler;
253 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
259 if (mpt_add_els_buffers(mpt) == FALSE) {
264 maxq -= mpt->els_cmds_allocated;
268 * If we support target mode, we register a reply handler for it,
269 * but don't add command resources until we actually enable target
272 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) {
273 handler.reply_handler = mpt_scsi_tgt_reply_handler;
274 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
275 &mpt->scsi_tgt_handler_id);
283 handler.reply_handler = mpt_sata_pass_reply_handler;
284 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler,
285 &sata_pass_handler_id);
293 * We keep one request reserved for timeout TMF requests.
295 mpt->tmf_req = mpt_get_request(mpt, FALSE);
296 if (mpt->tmf_req == NULL) {
297 mpt_prt(mpt, "Unable to allocate dedicated TMF request!\n");
304 * Mark the request as free even though not on the free list.
305 * There is only one TMF request allowed to be outstanding at
306 * a time and the TMF routines perform their own allocation
307 * tracking using the standard state flags.
309 mpt->tmf_req->state = REQ_STATE_FREE;
313 * The rest of this is CAM foo, for which we need to drop our lock
317 if (mpt_spawn_recovery_thread(mpt) != 0) {
318 mpt_prt(mpt, "Unable to spawn recovery thread!\n");
324 * Create the device queue for our SIM(s).
326 devq = cam_simq_alloc(maxq);
328 mpt_prt(mpt, "Unable to allocate CAM SIMQ!\n");
334 * Construct our SIM entry.
337 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq);
338 if (mpt->sim == NULL) {
339 mpt_prt(mpt, "Unable to allocate CAM SIM!\n");
346 * Register exactly this bus.
349 if (mpt_xpt_bus_register(mpt->sim, mpt->dev, 0) != CAM_SUCCESS) {
350 mpt_prt(mpt, "Bus registration Failed!\n");
356 if (xpt_create_path(&mpt->path, NULL, cam_sim_path(mpt->sim),
357 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
358 mpt_prt(mpt, "Unable to allocate Path!\n");
366 * Only register a second bus for RAID physical
367 * devices if the controller supports RAID.
369 if (mpt->ioc_page2 == NULL || mpt->ioc_page2->MaxPhysDisks == 0) {
374 * Create a "bus" to export all hidden disks to CAM.
377 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq);
378 if (mpt->phydisk_sim == NULL) {
379 mpt_prt(mpt, "Unable to allocate Physical Disk CAM SIM!\n");
388 if (mpt_xpt_bus_register(mpt->phydisk_sim, mpt->dev, 1) !=
390 mpt_prt(mpt, "Physical Disk Bus registration Failed!\n");
396 if (xpt_create_path(&mpt->phydisk_path, NULL,
397 cam_sim_path(mpt->phydisk_sim),
398 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
399 mpt_prt(mpt, "Unable to allocate Physical Disk Path!\n");
405 mpt_lprt(mpt, MPT_PRT_DEBUG, "attached cam\n");
414 * Read FC configuration information
417 mpt_read_config_info_fc(struct mpt_softc *mpt)
419 char *topology = NULL;
422 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 0,
423 0, &mpt->mpt_fcport_page0.Header, FALSE, 5000);
427 mpt_lprt(mpt, MPT_PRT_DEBUG, "FC Port Page 0 Header: %x %x %x %x\n",
428 mpt->mpt_fcport_page0.Header.PageVersion,
429 mpt->mpt_fcport_page0.Header.PageLength,
430 mpt->mpt_fcport_page0.Header.PageNumber,
431 mpt->mpt_fcport_page0.Header.PageType);
434 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_fcport_page0.Header,
435 sizeof(mpt->mpt_fcport_page0), FALSE, 5000);
437 mpt_prt(mpt, "failed to read FC Port Page 0\n");
441 mpt->mpt_fcport_speed = mpt->mpt_fcport_page0.CurrentSpeed;
443 switch (mpt->mpt_fcport_page0.Flags &
444 MPI_FCPORTPAGE0_FLAGS_ATTACH_TYPE_MASK) {
445 case MPI_FCPORTPAGE0_FLAGS_ATTACH_NO_INIT:
446 mpt->mpt_fcport_speed = 0;
447 topology = "<NO LOOP>";
449 case MPI_FCPORTPAGE0_FLAGS_ATTACH_POINT_TO_POINT:
452 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PRIVATE_LOOP:
453 topology = "NL-Port";
455 case MPI_FCPORTPAGE0_FLAGS_ATTACH_FABRIC_DIRECT:
458 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PUBLIC_LOOP:
459 topology = "FL-Port";
462 mpt->mpt_fcport_speed = 0;
467 mpt_lprt(mpt, MPT_PRT_INFO,
468 "FC Port Page 0: Topology <%s> WWNN 0x%08x%08x WWPN 0x%08x%08x "
469 "Speed %u-Gbit\n", topology,
470 mpt->mpt_fcport_page0.WWNN.High,
471 mpt->mpt_fcport_page0.WWNN.Low,
472 mpt->mpt_fcport_page0.WWPN.High,
473 mpt->mpt_fcport_page0.WWPN.Low,
474 mpt->mpt_fcport_speed);
475 #if __FreeBSD_version >= 500000
478 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(mpt->dev);
479 struct sysctl_oid *tree = device_get_sysctl_tree(mpt->dev);
481 snprintf(mpt->scinfo.fc.wwnn,
482 sizeof (mpt->scinfo.fc.wwnn), "0x%08x%08x",
483 mpt->mpt_fcport_page0.WWNN.High,
484 mpt->mpt_fcport_page0.WWNN.Low);
486 snprintf(mpt->scinfo.fc.wwpn,
487 sizeof (mpt->scinfo.fc.wwpn), "0x%08x%08x",
488 mpt->mpt_fcport_page0.WWPN.High,
489 mpt->mpt_fcport_page0.WWPN.Low);
491 SYSCTL_ADD_STRING(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
492 "wwnn", CTLFLAG_RD, mpt->scinfo.fc.wwnn, 0,
493 "World Wide Node Name");
495 SYSCTL_ADD_STRING(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
496 "wwpn", CTLFLAG_RD, mpt->scinfo.fc.wwpn, 0,
497 "World Wide Port Name");
506 * Set FC configuration information.
509 mpt_set_initial_config_fc(struct mpt_softc *mpt)
512 CONFIG_PAGE_FC_PORT_1 fc;
517 r = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 1, 0,
518 &fc.Header, FALSE, 5000);
520 mpt_prt(mpt, "failed to read FC page 1 header\n");
521 return (mpt_fc_reset_link(mpt, 1));
524 r = mpt_read_cfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_NVRAM, 0,
525 &fc.Header, sizeof (fc), FALSE, 5000);
527 mpt_prt(mpt, "failed to read FC page 1\n");
528 return (mpt_fc_reset_link(mpt, 1));
532 * Check our flags to make sure we support the role we want.
536 fl = le32toh(fc.Flags);;
538 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT) {
539 role |= MPT_ROLE_INITIATOR;
541 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) {
542 role |= MPT_ROLE_TARGET;
545 fl &= ~MPI_FCPORTPAGE1_FLAGS_PROT_MASK;
547 if (mpt->do_cfg_role == 0) {
548 role = mpt->cfg_role;
550 mpt->do_cfg_role = 0;
553 if (role != mpt->cfg_role) {
554 if (mpt->cfg_role & MPT_ROLE_INITIATOR) {
555 if ((role & MPT_ROLE_INITIATOR) == 0) {
556 mpt_prt(mpt, "adding initiator role\n");
557 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT;
560 mpt_prt(mpt, "keeping initiator role\n");
562 } else if (role & MPT_ROLE_INITIATOR) {
563 mpt_prt(mpt, "removing initiator role\n");
566 if (mpt->cfg_role & MPT_ROLE_TARGET) {
567 if ((role & MPT_ROLE_TARGET) == 0) {
568 mpt_prt(mpt, "adding target role\n");
569 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG;
572 mpt_prt(mpt, "keeping target role\n");
574 } else if (role & MPT_ROLE_TARGET) {
575 mpt_prt(mpt, "removing target role\n");
578 mpt->role = mpt->cfg_role;
581 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) {
582 if ((fl & MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID) == 0) {
583 mpt_prt(mpt, "adding OXID option\n");
584 fl |= MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID;
590 fc.Flags = htole32(fl);
591 r = mpt_write_cfg_page(mpt,
592 MPI_CONFIG_ACTION_PAGE_WRITE_NVRAM, 0, &fc.Header,
593 sizeof(fc), FALSE, 5000);
595 mpt_prt(mpt, "failed to update NVRAM with changes\n");
598 mpt_prt(mpt, "NOTE: NVRAM changes will not take "
599 "effect until next reboot or IOC reset\n");
605 mptsas_sas_io_unit_pg0(struct mpt_softc *mpt, struct mptsas_portinfo *portinfo)
607 ConfigExtendedPageHeader_t hdr;
608 struct mptsas_phyinfo *phyinfo;
609 SasIOUnitPage0_t *buffer;
612 error = mpt_read_extcfg_header(mpt, MPI_SASIOUNITPAGE0_PAGEVERSION,
613 0, 0, MPI_CONFIG_EXTPAGETYPE_SAS_IO_UNIT,
617 if (hdr.ExtPageLength == 0) {
622 len = hdr.ExtPageLength * 4;
623 buffer = malloc(len, M_DEVBUF, M_NOWAIT|M_ZERO);
624 if (buffer == NULL) {
629 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
630 0, &hdr, buffer, len, 0, 10000);
632 free(buffer, M_DEVBUF);
636 portinfo->num_phys = buffer->NumPhys;
637 portinfo->phy_info = malloc(sizeof(*portinfo->phy_info) *
638 portinfo->num_phys, M_DEVBUF, M_NOWAIT|M_ZERO);
639 if (portinfo->phy_info == NULL) {
640 free(buffer, M_DEVBUF);
645 for (i = 0; i < portinfo->num_phys; i++) {
646 phyinfo = &portinfo->phy_info[i];
647 phyinfo->phy_num = i;
648 phyinfo->port_id = buffer->PhyData[i].Port;
649 phyinfo->negotiated_link_rate =
650 buffer->PhyData[i].NegotiatedLinkRate;
652 le16toh(buffer->PhyData[i].ControllerDevHandle);
655 free(buffer, M_DEVBUF);
661 mptsas_sas_phy_pg0(struct mpt_softc *mpt, struct mptsas_phyinfo *phy_info,
662 uint32_t form, uint32_t form_specific)
664 ConfigExtendedPageHeader_t hdr;
665 SasPhyPage0_t *buffer;
668 error = mpt_read_extcfg_header(mpt, MPI_SASPHY0_PAGEVERSION, 0, 0,
669 MPI_CONFIG_EXTPAGETYPE_SAS_PHY, &hdr,
673 if (hdr.ExtPageLength == 0) {
678 buffer = malloc(sizeof(SasPhyPage0_t), M_DEVBUF, M_NOWAIT|M_ZERO);
679 if (buffer == NULL) {
684 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
685 form + form_specific, &hdr, buffer,
686 sizeof(SasPhyPage0_t), 0, 10000);
688 free(buffer, M_DEVBUF);
692 phy_info->hw_link_rate = buffer->HwLinkRate;
693 phy_info->programmed_link_rate = buffer->ProgrammedLinkRate;
694 phy_info->identify.dev_handle = le16toh(buffer->OwnerDevHandle);
695 phy_info->attached.dev_handle = le16toh(buffer->AttachedDevHandle);
697 free(buffer, M_DEVBUF);
703 mptsas_sas_device_pg0(struct mpt_softc *mpt, struct mptsas_devinfo *device_info,
704 uint32_t form, uint32_t form_specific)
706 ConfigExtendedPageHeader_t hdr;
707 SasDevicePage0_t *buffer;
708 uint64_t sas_address;
711 bzero(device_info, sizeof(*device_info));
712 error = mpt_read_extcfg_header(mpt, MPI_SASDEVICE0_PAGEVERSION, 0, 0,
713 MPI_CONFIG_EXTPAGETYPE_SAS_DEVICE,
717 if (hdr.ExtPageLength == 0) {
722 buffer = malloc(sizeof(SasDevicePage0_t), M_DEVBUF, M_NOWAIT|M_ZERO);
723 if (buffer == NULL) {
728 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT,
729 form + form_specific, &hdr, buffer,
730 sizeof(SasDevicePage0_t), 0, 10000);
732 free(buffer, M_DEVBUF);
736 device_info->dev_handle = le16toh(buffer->DevHandle);
737 device_info->parent_dev_handle = le16toh(buffer->ParentDevHandle);
738 device_info->enclosure_handle = le16toh(buffer->EnclosureHandle);
739 device_info->slot = le16toh(buffer->Slot);
740 device_info->phy_num = buffer->PhyNum;
741 device_info->physical_port = buffer->PhysicalPort;
742 device_info->target_id = buffer->TargetID;
743 device_info->bus = buffer->Bus;
744 bcopy(&buffer->SASAddress, &sas_address, sizeof(uint64_t));
745 device_info->sas_address = le64toh(sas_address);
746 device_info->device_info = le32toh(buffer->DeviceInfo);
748 free(buffer, M_DEVBUF);
754 * Read SAS configuration information. Nothing to do yet.
757 mpt_read_config_info_sas(struct mpt_softc *mpt)
759 struct mptsas_portinfo *portinfo;
760 struct mptsas_phyinfo *phyinfo;
763 portinfo = malloc(sizeof(*portinfo), M_DEVBUF, M_NOWAIT|M_ZERO);
764 if (portinfo == NULL)
767 error = mptsas_sas_io_unit_pg0(mpt, portinfo);
769 free(portinfo, M_DEVBUF);
773 for (i = 0; i < portinfo->num_phys; i++) {
774 phyinfo = &portinfo->phy_info[i];
775 error = mptsas_sas_phy_pg0(mpt, phyinfo,
776 (MPI_SAS_PHY_PGAD_FORM_PHY_NUMBER <<
777 MPI_SAS_PHY_PGAD_FORM_SHIFT), i);
780 error = mptsas_sas_device_pg0(mpt, &phyinfo->identify,
781 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE <<
782 MPI_SAS_DEVICE_PGAD_FORM_SHIFT),
786 phyinfo->identify.phy_num = phyinfo->phy_num = i;
787 if (phyinfo->attached.dev_handle)
788 error = mptsas_sas_device_pg0(mpt,
790 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE <<
791 MPI_SAS_DEVICE_PGAD_FORM_SHIFT),
792 phyinfo->attached.dev_handle);
796 mpt->sas_portinfo = portinfo;
801 mptsas_set_sata_wc(struct mpt_softc *mpt, struct mptsas_devinfo *devinfo,
804 SataPassthroughRequest_t *pass;
808 req = mpt_get_request(mpt, 0);
812 pass = req->req_vbuf;
813 bzero(pass, sizeof(SataPassthroughRequest_t));
814 pass->Function = MPI_FUNCTION_SATA_PASSTHROUGH;
815 pass->TargetID = devinfo->target_id;
816 pass->Bus = devinfo->bus;
817 pass->PassthroughFlags = 0;
818 pass->ConnectionRate = MPI_SATA_PT_REQ_CONNECT_RATE_NEGOTIATED;
819 pass->DataLength = 0;
820 pass->MsgContext = htole32(req->index | sata_pass_handler_id);
821 pass->CommandFIS[0] = 0x27;
822 pass->CommandFIS[1] = 0x80;
823 pass->CommandFIS[2] = 0xef;
824 pass->CommandFIS[3] = (enabled) ? 0x02 : 0x82;
825 pass->CommandFIS[7] = 0x40;
826 pass->CommandFIS[15] = 0x08;
828 mpt_check_doorbell(mpt);
829 mpt_send_cmd(mpt, req);
830 error = mpt_wait_req(mpt, req, REQ_STATE_DONE, REQ_STATE_DONE, 0,
833 mpt_free_request(mpt, req);
834 printf("error %d sending passthrough\n", error);
838 status = le16toh(req->IOCStatus);
839 if (status != MPI_IOCSTATUS_SUCCESS) {
840 mpt_free_request(mpt, req);
841 printf("IOCSTATUS %d\n", status);
845 mpt_free_request(mpt, req);
849 * Set SAS configuration information. Nothing to do yet.
852 mpt_set_initial_config_sas(struct mpt_softc *mpt)
854 struct mptsas_phyinfo *phyinfo;
857 if ((mpt_enable_sata_wc != -1) && (mpt->sas_portinfo != NULL)) {
858 for (i = 0; i < mpt->sas_portinfo->num_phys; i++) {
859 phyinfo = &mpt->sas_portinfo->phy_info[i];
860 if (phyinfo->attached.dev_handle == 0)
862 if ((phyinfo->attached.device_info &
863 MPI_SAS_DEVICE_INFO_SATA_DEVICE) == 0)
866 device_printf(mpt->dev,
867 "%sabling SATA WC on phy %d\n",
868 (mpt_enable_sata_wc) ? "En" : "Dis", i);
869 mptsas_set_sata_wc(mpt, &phyinfo->attached,
878 mpt_sata_pass_reply_handler(struct mpt_softc *mpt, request_t *req,
879 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
883 if (reply_frame != NULL) {
884 MSG_SATA_PASSTHROUGH_REQUEST *pass;
885 MSG_SATA_PASSTHROUGH_REPLY *reply;
887 pass = (MSG_SATA_PASSTHROUGH_REQUEST *)req->req_vbuf;
888 reply = (MSG_SATA_PASSTHROUGH_REPLY *)reply_frame;
889 req->IOCStatus = le16toh(reply_frame->IOCStatus);
891 req->state &= ~REQ_STATE_QUEUED;
892 req->state |= REQ_STATE_DONE;
893 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
894 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) {
896 } else if ((req->state & REQ_STATE_TIMEDOUT) != 0) {
898 * Whew- we can free this request (late completion)
900 mpt_free_request(mpt, req);
908 * Read SCSI configuration information
911 mpt_read_config_info_spi(struct mpt_softc *mpt)
915 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 0, 0,
916 &mpt->mpt_port_page0.Header, FALSE, 5000);
920 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 0 Header: %x %x %x %x\n",
921 mpt->mpt_port_page0.Header.PageVersion,
922 mpt->mpt_port_page0.Header.PageLength,
923 mpt->mpt_port_page0.Header.PageNumber,
924 mpt->mpt_port_page0.Header.PageType);
926 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 1, 0,
927 &mpt->mpt_port_page1.Header, FALSE, 5000);
931 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 1 Header: %x %x %x %x\n",
932 mpt->mpt_port_page1.Header.PageVersion,
933 mpt->mpt_port_page1.Header.PageLength,
934 mpt->mpt_port_page1.Header.PageNumber,
935 mpt->mpt_port_page1.Header.PageType);
937 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 2, 0,
938 &mpt->mpt_port_page2.Header, FALSE, 5000);
942 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 2 Header: %x %x %x %x\n",
943 mpt->mpt_port_page2.Header.PageVersion,
944 mpt->mpt_port_page2.Header.PageLength,
945 mpt->mpt_port_page2.Header.PageNumber,
946 mpt->mpt_port_page2.Header.PageType);
948 for (i = 0; i < 16; i++) {
949 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE,
950 0, i, &mpt->mpt_dev_page0[i].Header, FALSE, 5000);
954 mpt_lprt(mpt, MPT_PRT_DEBUG,
955 "SPI Target %d Device Page 0 Header: %x %x %x %x\n", i,
956 mpt->mpt_dev_page0[i].Header.PageVersion,
957 mpt->mpt_dev_page0[i].Header.PageLength,
958 mpt->mpt_dev_page0[i].Header.PageNumber,
959 mpt->mpt_dev_page0[i].Header.PageType);
961 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE,
962 1, i, &mpt->mpt_dev_page1[i].Header, FALSE, 5000);
966 mpt_lprt(mpt, MPT_PRT_DEBUG,
967 "SPI Target %d Device Page 1 Header: %x %x %x %x\n", i,
968 mpt->mpt_dev_page1[i].Header.PageVersion,
969 mpt->mpt_dev_page1[i].Header.PageLength,
970 mpt->mpt_dev_page1[i].Header.PageNumber,
971 mpt->mpt_dev_page1[i].Header.PageType);
975 * At this point, we don't *have* to fail. As long as we have
976 * valid config header information, we can (barely) lurch
980 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page0.Header,
981 sizeof(mpt->mpt_port_page0), FALSE, 5000);
983 mpt_prt(mpt, "failed to read SPI Port Page 0\n");
985 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
986 "SPI Port Page 0: Capabilities %x PhysicalInterface %x\n",
987 mpt->mpt_port_page0.Capabilities,
988 mpt->mpt_port_page0.PhysicalInterface);
991 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page1.Header,
992 sizeof(mpt->mpt_port_page1), FALSE, 5000);
994 mpt_prt(mpt, "failed to read SPI Port Page 1\n");
996 mpt_lprt(mpt, MPT_PRT_DEBUG,
997 "SPI Port Page 1: Configuration %x OnBusTimerValue %x\n",
998 mpt->mpt_port_page1.Configuration,
999 mpt->mpt_port_page1.OnBusTimerValue);
1002 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page2.Header,
1003 sizeof(mpt->mpt_port_page2), FALSE, 5000);
1005 mpt_prt(mpt, "failed to read SPI Port Page 2\n");
1007 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1008 "Port Page 2: Flags %x Settings %x\n",
1009 mpt->mpt_port_page2.PortFlags,
1010 mpt->mpt_port_page2.PortSettings);
1011 for (i = 0; i < 16; i++) {
1012 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1013 " Port Page 2 Tgt %d: timo %x SF %x Flags %x\n",
1014 i, mpt->mpt_port_page2.DeviceSettings[i].Timeout,
1015 mpt->mpt_port_page2.DeviceSettings[i].SyncFactor,
1016 mpt->mpt_port_page2.DeviceSettings[i].DeviceFlags);
1020 for (i = 0; i < 16; i++) {
1021 rv = mpt_read_cur_cfg_page(mpt, i,
1022 &mpt->mpt_dev_page0[i].Header, sizeof(*mpt->mpt_dev_page0),
1026 "cannot read SPI Target %d Device Page 0\n", i);
1029 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1030 "target %d page 0: Negotiated Params %x Information %x\n",
1031 i, mpt->mpt_dev_page0[i].NegotiatedParameters,
1032 mpt->mpt_dev_page0[i].Information);
1034 rv = mpt_read_cur_cfg_page(mpt, i,
1035 &mpt->mpt_dev_page1[i].Header, sizeof(*mpt->mpt_dev_page1),
1039 "cannot read SPI Target %d Device Page 1\n", i);
1042 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1043 "target %d page 1: Requested Params %x Configuration %x\n",
1044 i, mpt->mpt_dev_page1[i].RequestedParameters,
1045 mpt->mpt_dev_page1[i].Configuration);
1051 * Validate SPI configuration information.
1053 * In particular, validate SPI Port Page 1.
1056 mpt_set_initial_config_spi(struct mpt_softc *mpt)
1058 int i, j, pp1val = ((1 << mpt->mpt_ini_id) << 16) | mpt->mpt_ini_id;
1061 mpt->mpt_disc_enable = 0xff;
1062 mpt->mpt_tag_enable = 0;
1064 if (mpt->mpt_port_page1.Configuration != pp1val) {
1065 CONFIG_PAGE_SCSI_PORT_1 tmp;
1067 mpt_prt(mpt, "SPI Port Page 1 Config value bad (%x)- should "
1068 "be %x\n", mpt->mpt_port_page1.Configuration, pp1val);
1069 tmp = mpt->mpt_port_page1;
1070 tmp.Configuration = pp1val;
1071 error = mpt_write_cur_cfg_page(mpt, 0,
1072 &tmp.Header, sizeof(tmp), FALSE, 5000);
1076 error = mpt_read_cur_cfg_page(mpt, 0,
1077 &tmp.Header, sizeof(tmp), FALSE, 5000);
1081 if (tmp.Configuration != pp1val) {
1083 "failed to reset SPI Port Page 1 Config value\n");
1086 mpt->mpt_port_page1 = tmp;
1090 * The purpose of this exercise is to get
1091 * all targets back to async/narrow.
1093 * We skip this step if the BIOS has already negotiated
1094 * speeds with the targets and does not require us to
1095 * do Domain Validation.
1097 i = mpt->mpt_port_page2.PortSettings &
1098 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS;
1099 j = mpt->mpt_port_page2.PortFlags &
1100 MPI_SCSIPORTPAGE2_PORT_FLAGS_DV_MASK;
1101 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS /* &&
1102 j == MPI_SCSIPORTPAGE2_PORT_FLAGS_OFF_DV */) {
1103 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
1104 "honoring BIOS transfer negotiations\n");
1106 for (i = 0; i < 16; i++) {
1107 mpt->mpt_dev_page1[i].RequestedParameters = 0;
1108 mpt->mpt_dev_page1[i].Configuration = 0;
1109 (void) mpt_update_spi_config(mpt, i);
1116 mpt_cam_enable(struct mpt_softc *mpt)
1124 if (mpt_read_config_info_fc(mpt)) {
1127 if (mpt_set_initial_config_fc(mpt)) {
1130 } else if (mpt->is_sas) {
1131 if (mpt_read_config_info_sas(mpt)) {
1134 if (mpt_set_initial_config_sas(mpt)) {
1137 } else if (mpt->is_spi) {
1138 if (mpt_read_config_info_spi(mpt)) {
1141 if (mpt_set_initial_config_spi(mpt)) {
1153 mpt_cam_ready(struct mpt_softc *mpt)
1156 * If we're in target mode, hang out resources now
1157 * so we don't cause the world to hang talking to us.
1159 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) {
1161 * Try to add some target command resources
1164 if (mpt_add_target_commands(mpt) == FALSE) {
1165 mpt_prt(mpt, "failed to add target commands\n");
1173 mpt_cam_detach(struct mpt_softc *mpt)
1175 mpt_handler_t handler;
1179 mpt_terminate_recovery_thread(mpt);
1181 handler.reply_handler = mpt_scsi_reply_handler;
1182 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1183 scsi_io_handler_id);
1184 handler.reply_handler = mpt_scsi_tmf_reply_handler;
1185 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1186 scsi_tmf_handler_id);
1187 handler.reply_handler = mpt_fc_els_reply_handler;
1188 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1190 handler.reply_handler = mpt_scsi_tgt_reply_handler;
1191 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1192 mpt->scsi_tgt_handler_id);
1193 handler.reply_handler = mpt_sata_pass_reply_handler;
1194 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler,
1195 sata_pass_handler_id);
1197 if (mpt->tmf_req != NULL) {
1198 mpt->tmf_req->state = REQ_STATE_ALLOCATED;
1199 mpt_free_request(mpt, mpt->tmf_req);
1200 mpt->tmf_req = NULL;
1202 if (mpt->sas_portinfo != NULL) {
1203 free(mpt->sas_portinfo, M_DEVBUF);
1204 mpt->sas_portinfo = NULL;
1208 if (mpt->sim != NULL) {
1209 xpt_free_path(mpt->path);
1210 xpt_bus_deregister(cam_sim_path(mpt->sim));
1211 cam_sim_free(mpt->sim, TRUE);
1215 if (mpt->phydisk_sim != NULL) {
1216 xpt_free_path(mpt->phydisk_path);
1217 xpt_bus_deregister(cam_sim_path(mpt->phydisk_sim));
1218 cam_sim_free(mpt->phydisk_sim, TRUE);
1219 mpt->phydisk_sim = NULL;
1223 /* This routine is used after a system crash to dump core onto the swap device.
1226 mpt_poll(struct cam_sim *sim)
1228 struct mpt_softc *mpt;
1230 mpt = (struct mpt_softc *)cam_sim_softc(sim);
1235 * Watchdog timeout routine for SCSI requests.
1238 mpt_timeout(void *arg)
1241 struct mpt_softc *mpt;
1244 ccb = (union ccb *)arg;
1245 mpt = ccb->ccb_h.ccb_mpt_ptr;
1248 req = ccb->ccb_h.ccb_req_ptr;
1249 mpt_prt(mpt, "request %p:%u timed out for ccb %p (req->ccb %p)\n", req,
1250 req->serno, ccb, req->ccb);
1251 /* XXX: WHAT ARE WE TRYING TO DO HERE? */
1252 if ((req->state & REQ_STATE_QUEUED) == REQ_STATE_QUEUED) {
1253 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
1254 TAILQ_INSERT_TAIL(&mpt->request_timeout_list, req, links);
1255 req->state |= REQ_STATE_TIMEDOUT;
1256 mpt_wakeup_recovery_thread(mpt);
1262 * Callback routine from "bus_dmamap_load" or, in simple cases, called directly.
1264 * Takes a list of physical segments and builds the SGL for SCSI IO command
1265 * and forwards the commard to the IOC after one last check that CAM has not
1266 * aborted the transaction.
1269 mpt_execute_req_a64(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error)
1271 request_t *req, *trq;
1274 struct mpt_softc *mpt;
1276 uint32_t flags, nxt_off;
1278 MSG_REQUEST_HEADER *hdrp;
1283 req = (request_t *)arg;
1286 mpt = ccb->ccb_h.ccb_mpt_ptr;
1287 req = ccb->ccb_h.ccb_req_ptr;
1289 hdrp = req->req_vbuf;
1290 mpt_off = req->req_vbuf;
1292 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1297 switch (hdrp->Function) {
1298 case MPI_FUNCTION_SCSI_IO_REQUEST:
1299 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
1301 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL;
1303 case MPI_FUNCTION_TARGET_ASSIST:
1305 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL;
1308 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req_a64\n",
1315 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1317 mpt_prt(mpt, "segment count %d too large (max %u)\n",
1318 nseg, mpt->max_seg_cnt);
1323 if (error != EFBIG && error != ENOMEM) {
1324 mpt_prt(mpt, "mpt_execute_req_a64: err %d\n", error);
1326 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) {
1328 mpt_freeze_ccb(ccb);
1329 if (error == EFBIG) {
1330 status = CAM_REQ_TOO_BIG;
1331 } else if (error == ENOMEM) {
1332 if (mpt->outofbeer == 0) {
1334 xpt_freeze_simq(mpt->sim, 1);
1335 mpt_lprt(mpt, MPT_PRT_DEBUG,
1338 status = CAM_REQUEUE_REQ;
1340 status = CAM_REQ_CMP_ERR;
1342 mpt_set_ccb_status(ccb, status);
1344 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1345 request_t *cmd_req =
1346 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1347 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1348 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1349 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1351 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1352 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
1354 CAMLOCK_2_MPTLOCK(mpt);
1355 mpt_free_request(mpt, req);
1356 MPTLOCK_2_CAMLOCK(mpt);
1361 * No data to transfer?
1362 * Just make a single simple SGL with zero length.
1365 if (mpt->verbose >= MPT_PRT_DEBUG) {
1366 int tidx = ((char *)sglp) - mpt_off;
1367 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx);
1371 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp;
1372 MPI_pSGE_SET_FLAGS(se1,
1373 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER |
1374 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST));
1375 se1->FlagsLength = htole32(se1->FlagsLength);
1380 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_64_BIT_ADDRESSING;
1382 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
1383 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1386 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1387 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1391 if (!(ccb->ccb_h.flags & (CAM_SG_LIST_PHYS|CAM_DATA_PHYS))) {
1392 bus_dmasync_op_t op;
1394 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1395 op = BUS_DMASYNC_PREREAD;
1397 op = BUS_DMASYNC_PREWRITE;
1400 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1401 op = BUS_DMASYNC_PREWRITE;
1403 op = BUS_DMASYNC_PREREAD;
1406 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
1410 * Okay, fill in what we can at the end of the command frame.
1411 * If we have up to MPT_NSGL_FIRST, we can fit them all into
1412 * the command frame.
1414 * Otherwise, we fill up through MPT_NSGL_FIRST less one
1415 * SIMPLE64 pointers and start doing CHAIN64 entries after
1419 if (nseg < MPT_NSGL_FIRST(mpt)) {
1423 * Leave room for CHAIN element
1425 first_lim = MPT_NSGL_FIRST(mpt) - 1;
1428 se = (SGE_SIMPLE64 *) sglp;
1429 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) {
1432 memset(se, 0, sizeof (*se));
1433 se->Address.Low = htole32(dm_segs->ds_addr & 0xffffffff);
1434 if (sizeof(bus_addr_t) > 4) {
1435 se->Address.High = ((uint64_t) dm_segs->ds_addr) >> 32;
1437 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1439 if (seg == first_lim - 1) {
1440 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1442 if (seg == nseg - 1) {
1443 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1444 MPI_SGE_FLAGS_END_OF_BUFFER;
1446 MPI_pSGE_SET_FLAGS(se, tf);
1447 se->FlagsLength = htole32(se->FlagsLength);
1455 * Tell the IOC where to find the first chain element.
1457 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2;
1458 nxt_off = MPT_RQSL(mpt);
1462 * Make up the rest of the data segments out of a chain element
1463 * (contiained in the current request frame) which points to
1464 * SIMPLE64 elements in the next request frame, possibly ending
1465 * with *another* chain element (if there's more).
1467 while (seg < nseg) {
1469 uint32_t tf, cur_off;
1470 bus_addr_t chain_list_addr;
1473 * Point to the chain descriptor. Note that the chain
1474 * descriptor is at the end of the *previous* list (whether
1477 ce = (SGE_CHAIN64 *) se;
1480 * Before we change our current pointer, make sure we won't
1481 * overflow the request area with this frame. Note that we
1482 * test against 'greater than' here as it's okay in this case
1483 * to have next offset be just outside the request area.
1485 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) {
1486 nxt_off = MPT_REQUEST_AREA;
1491 * Set our SGE element pointer to the beginning of the chain
1492 * list and update our next chain list offset.
1494 se = (SGE_SIMPLE64 *) &mpt_off[nxt_off];
1496 nxt_off += MPT_RQSL(mpt);
1499 * Now initialized the chain descriptor.
1501 memset(ce, 0, sizeof (*ce));
1504 * Get the physical address of the chain list.
1506 chain_list_addr = trq->req_pbuf;
1507 chain_list_addr += cur_off;
1508 if (sizeof (bus_addr_t) > 4) {
1510 htole32((uint32_t) ((uint64_t)chain_list_addr >> 32));
1512 ce->Address.Low = htole32((uint32_t) chain_list_addr);
1513 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT |
1514 MPI_SGE_FLAGS_64_BIT_ADDRESSING;
1517 * If we have more than a frame's worth of segments left,
1518 * set up the chain list to have the last element be another
1521 if ((nseg - seg) > MPT_NSGL(mpt)) {
1522 this_seg_lim = seg + MPT_NSGL(mpt) - 1;
1524 * The length of the chain is the length in bytes of the
1525 * number of segments plus the next chain element.
1527 * The next chain descriptor offset is the length,
1528 * in words, of the number of segments.
1530 ce->Length = (this_seg_lim - seg) *
1531 sizeof (SGE_SIMPLE64);
1532 ce->NextChainOffset = ce->Length >> 2;
1533 ce->Length += sizeof (SGE_CHAIN64);
1535 this_seg_lim = nseg;
1536 ce->Length = (this_seg_lim - seg) *
1537 sizeof (SGE_SIMPLE64);
1541 * Fill in the chain list SGE elements with our segment data.
1543 * If we're the last element in this chain list, set the last
1544 * element flag. If we're the completely last element period,
1545 * set the end of list and end of buffer flags.
1547 while (seg < this_seg_lim) {
1548 memset(se, 0, sizeof (*se));
1549 se->Address.Low = htole32(dm_segs->ds_addr);
1550 if (sizeof (bus_addr_t) > 4) {
1552 htole32(((uint64_t)dm_segs->ds_addr) >> 32);
1554 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1556 if (seg == this_seg_lim - 1) {
1557 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1559 if (seg == nseg - 1) {
1560 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1561 MPI_SGE_FLAGS_END_OF_BUFFER;
1563 MPI_pSGE_SET_FLAGS(se, tf);
1564 se->FlagsLength = htole32(se->FlagsLength);
1572 * If we have more segments to do and we've used up all of
1573 * the space in a request area, go allocate another one
1574 * and chain to that.
1576 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) {
1579 CAMLOCK_2_MPTLOCK(mpt);
1580 nrq = mpt_get_request(mpt, FALSE);
1581 MPTLOCK_2_CAMLOCK(mpt);
1589 * Append the new request area on the tail of our list.
1591 if ((trq = req->chain) == NULL) {
1594 while (trq->chain != NULL) {
1600 mpt_off = trq->req_vbuf;
1601 if (mpt->verbose >= MPT_PRT_DEBUG) {
1602 memset(mpt_off, 0xff, MPT_REQUEST_AREA);
1610 * Last time we need to check if this CCB needs to be aborted.
1612 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) {
1613 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1614 request_t *cmd_req =
1615 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1616 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1617 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1618 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1621 "mpt_execute_req_a64: I/O cancelled (status 0x%x)\n",
1622 ccb->ccb_h.status & CAM_STATUS_MASK);
1623 if (nseg && (ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
1624 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
1626 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1627 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
1629 CAMLOCK_2_MPTLOCK(mpt);
1630 mpt_free_request(mpt, req);
1631 MPTLOCK_2_CAMLOCK(mpt);
1635 ccb->ccb_h.status |= CAM_SIM_QUEUED;
1636 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) {
1637 mpt_req_timeout(req, (ccb->ccb_h.timeout * hz) / 1000,
1640 if (mpt->verbose > MPT_PRT_DEBUG) {
1642 mpt_print_request(req->req_vbuf);
1643 for (trq = req->chain; trq; trq = trq->chain) {
1644 printf(" Additional Chain Area %d\n", nc++);
1645 mpt_dump_sgl(trq->req_vbuf, 0);
1649 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1650 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1651 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
1652 #ifdef WE_TRUST_AUTO_GOOD_STATUS
1653 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
1654 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
1655 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
1657 tgt->state = TGT_STATE_MOVING_DATA;
1660 tgt->state = TGT_STATE_MOVING_DATA;
1663 CAMLOCK_2_MPTLOCK(mpt);
1664 mpt_send_cmd(mpt, req);
1665 MPTLOCK_2_CAMLOCK(mpt);
1669 mpt_execute_req(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error)
1671 request_t *req, *trq;
1674 struct mpt_softc *mpt;
1676 uint32_t flags, nxt_off;
1678 MSG_REQUEST_HEADER *hdrp;
1683 req = (request_t *)arg;
1686 mpt = ccb->ccb_h.ccb_mpt_ptr;
1687 req = ccb->ccb_h.ccb_req_ptr;
1689 hdrp = req->req_vbuf;
1690 mpt_off = req->req_vbuf;
1693 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1698 switch (hdrp->Function) {
1699 case MPI_FUNCTION_SCSI_IO_REQUEST:
1700 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
1701 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL;
1703 case MPI_FUNCTION_TARGET_ASSIST:
1705 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL;
1708 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req\n",
1715 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) {
1717 mpt_prt(mpt, "segment count %d too large (max %u)\n",
1718 nseg, mpt->max_seg_cnt);
1723 if (error != EFBIG && error != ENOMEM) {
1724 mpt_prt(mpt, "mpt_execute_req: err %d\n", error);
1726 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) {
1728 mpt_freeze_ccb(ccb);
1729 if (error == EFBIG) {
1730 status = CAM_REQ_TOO_BIG;
1731 } else if (error == ENOMEM) {
1732 if (mpt->outofbeer == 0) {
1734 xpt_freeze_simq(mpt->sim, 1);
1735 mpt_lprt(mpt, MPT_PRT_DEBUG,
1738 status = CAM_REQUEUE_REQ;
1740 status = CAM_REQ_CMP_ERR;
1742 mpt_set_ccb_status(ccb, status);
1744 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
1745 request_t *cmd_req =
1746 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
1747 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
1748 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
1749 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
1751 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
1752 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
1754 CAMLOCK_2_MPTLOCK(mpt);
1755 mpt_free_request(mpt, req);
1756 MPTLOCK_2_CAMLOCK(mpt);
1761 * No data to transfer?
1762 * Just make a single simple SGL with zero length.
1765 if (mpt->verbose >= MPT_PRT_DEBUG) {
1766 int tidx = ((char *)sglp) - mpt_off;
1767 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx);
1771 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp;
1772 MPI_pSGE_SET_FLAGS(se1,
1773 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER |
1774 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST));
1775 se1->FlagsLength = htole32(se1->FlagsLength);
1780 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT;
1782 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
1783 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1786 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1787 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
1791 if (!(ccb->ccb_h.flags & (CAM_SG_LIST_PHYS|CAM_DATA_PHYS))) {
1792 bus_dmasync_op_t op;
1794 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1795 op = BUS_DMASYNC_PREREAD;
1797 op = BUS_DMASYNC_PREWRITE;
1800 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
1801 op = BUS_DMASYNC_PREWRITE;
1803 op = BUS_DMASYNC_PREREAD;
1806 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
1810 * Okay, fill in what we can at the end of the command frame.
1811 * If we have up to MPT_NSGL_FIRST, we can fit them all into
1812 * the command frame.
1814 * Otherwise, we fill up through MPT_NSGL_FIRST less one
1815 * SIMPLE32 pointers and start doing CHAIN32 entries after
1819 if (nseg < MPT_NSGL_FIRST(mpt)) {
1823 * Leave room for CHAIN element
1825 first_lim = MPT_NSGL_FIRST(mpt) - 1;
1828 se = (SGE_SIMPLE32 *) sglp;
1829 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) {
1832 memset(se, 0,sizeof (*se));
1833 se->Address = dm_segs->ds_addr;
1837 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1839 if (seg == first_lim - 1) {
1840 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1842 if (seg == nseg - 1) {
1843 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1844 MPI_SGE_FLAGS_END_OF_BUFFER;
1846 MPI_pSGE_SET_FLAGS(se, tf);
1847 se->FlagsLength = htole32(se->FlagsLength);
1855 * Tell the IOC where to find the first chain element.
1857 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2;
1858 nxt_off = MPT_RQSL(mpt);
1862 * Make up the rest of the data segments out of a chain element
1863 * (contiained in the current request frame) which points to
1864 * SIMPLE32 elements in the next request frame, possibly ending
1865 * with *another* chain element (if there's more).
1867 while (seg < nseg) {
1869 uint32_t tf, cur_off;
1870 bus_addr_t chain_list_addr;
1873 * Point to the chain descriptor. Note that the chain
1874 * descriptor is at the end of the *previous* list (whether
1877 ce = (SGE_CHAIN32 *) se;
1880 * Before we change our current pointer, make sure we won't
1881 * overflow the request area with this frame. Note that we
1882 * test against 'greater than' here as it's okay in this case
1883 * to have next offset be just outside the request area.
1885 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) {
1886 nxt_off = MPT_REQUEST_AREA;
1891 * Set our SGE element pointer to the beginning of the chain
1892 * list and update our next chain list offset.
1894 se = (SGE_SIMPLE32 *) &mpt_off[nxt_off];
1896 nxt_off += MPT_RQSL(mpt);
1899 * Now initialized the chain descriptor.
1901 memset(ce, 0, sizeof (*ce));
1904 * Get the physical address of the chain list.
1906 chain_list_addr = trq->req_pbuf;
1907 chain_list_addr += cur_off;
1911 ce->Address = chain_list_addr;
1912 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT;
1916 * If we have more than a frame's worth of segments left,
1917 * set up the chain list to have the last element be another
1920 if ((nseg - seg) > MPT_NSGL(mpt)) {
1921 this_seg_lim = seg + MPT_NSGL(mpt) - 1;
1923 * The length of the chain is the length in bytes of the
1924 * number of segments plus the next chain element.
1926 * The next chain descriptor offset is the length,
1927 * in words, of the number of segments.
1929 ce->Length = (this_seg_lim - seg) *
1930 sizeof (SGE_SIMPLE32);
1931 ce->NextChainOffset = ce->Length >> 2;
1932 ce->Length += sizeof (SGE_CHAIN32);
1934 this_seg_lim = nseg;
1935 ce->Length = (this_seg_lim - seg) *
1936 sizeof (SGE_SIMPLE32);
1940 * Fill in the chain list SGE elements with our segment data.
1942 * If we're the last element in this chain list, set the last
1943 * element flag. If we're the completely last element period,
1944 * set the end of list and end of buffer flags.
1946 while (seg < this_seg_lim) {
1947 memset(se, 0, sizeof (*se));
1948 se->Address = dm_segs->ds_addr;
1953 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len);
1955 if (seg == this_seg_lim - 1) {
1956 tf |= MPI_SGE_FLAGS_LAST_ELEMENT;
1958 if (seg == nseg - 1) {
1959 tf |= MPI_SGE_FLAGS_END_OF_LIST |
1960 MPI_SGE_FLAGS_END_OF_BUFFER;
1962 MPI_pSGE_SET_FLAGS(se, tf);
1963 se->FlagsLength = htole32(se->FlagsLength);
1971 * If we have more segments to do and we've used up all of
1972 * the space in a request area, go allocate another one
1973 * and chain to that.
1975 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) {
1978 CAMLOCK_2_MPTLOCK(mpt);
1979 nrq = mpt_get_request(mpt, FALSE);
1980 MPTLOCK_2_CAMLOCK(mpt);
1988 * Append the new request area on the tail of our list.
1990 if ((trq = req->chain) == NULL) {
1993 while (trq->chain != NULL) {
1999 mpt_off = trq->req_vbuf;
2000 if (mpt->verbose >= MPT_PRT_DEBUG) {
2001 memset(mpt_off, 0xff, MPT_REQUEST_AREA);
2009 * Last time we need to check if this CCB needs to be aborted.
2011 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) {
2012 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
2013 request_t *cmd_req =
2014 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
2015 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM;
2016 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL;
2017 MPT_TGT_STATE(mpt, cmd_req)->req = NULL;
2020 "mpt_execute_req: I/O cancelled (status 0x%x)\n",
2021 ccb->ccb_h.status & CAM_STATUS_MASK);
2022 if (nseg && (ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
2023 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
2025 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2026 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
2028 CAMLOCK_2_MPTLOCK(mpt);
2029 mpt_free_request(mpt, req);
2030 MPTLOCK_2_CAMLOCK(mpt);
2034 ccb->ccb_h.status |= CAM_SIM_QUEUED;
2035 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) {
2036 mpt_req_timeout(req, (ccb->ccb_h.timeout * hz) / 1000,
2039 if (mpt->verbose > MPT_PRT_DEBUG) {
2041 mpt_print_request(req->req_vbuf);
2042 for (trq = req->chain; trq; trq = trq->chain) {
2043 printf(" Additional Chain Area %d\n", nc++);
2044 mpt_dump_sgl(trq->req_vbuf, 0);
2048 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) {
2049 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id);
2050 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
2051 #ifdef WE_TRUST_AUTO_GOOD_STATUS
2052 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
2053 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
2054 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
2056 tgt->state = TGT_STATE_MOVING_DATA;
2059 tgt->state = TGT_STATE_MOVING_DATA;
2062 CAMLOCK_2_MPTLOCK(mpt);
2063 mpt_send_cmd(mpt, req);
2064 MPTLOCK_2_CAMLOCK(mpt);
2068 mpt_start(struct cam_sim *sim, union ccb *ccb)
2071 struct mpt_softc *mpt;
2072 MSG_SCSI_IO_REQUEST *mpt_req;
2073 struct ccb_scsiio *csio = &ccb->csio;
2074 struct ccb_hdr *ccbh = &ccb->ccb_h;
2075 bus_dmamap_callback_t *cb;
2079 /* Get the pointer for the physical addapter */
2080 mpt = ccb->ccb_h.ccb_mpt_ptr;
2081 raid_passthru = (sim == mpt->phydisk_sim);
2083 CAMLOCK_2_MPTLOCK(mpt);
2084 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
2085 if (mpt->outofbeer == 0) {
2087 xpt_freeze_simq(mpt->sim, 1);
2088 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
2090 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2091 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
2092 MPTLOCK_2_CAMLOCK(mpt);
2097 mpt_req_not_spcl(mpt, req, "mpt_start", __LINE__);
2099 MPTLOCK_2_CAMLOCK(mpt);
2101 if (sizeof (bus_addr_t) > 4) {
2102 cb = mpt_execute_req_a64;
2104 cb = mpt_execute_req;
2108 * Link the ccb and the request structure so we can find
2109 * the other knowing either the request or the ccb
2112 ccb->ccb_h.ccb_req_ptr = req;
2114 /* Now we build the command for the IOC */
2115 mpt_req = req->req_vbuf;
2116 memset(mpt_req, 0, sizeof (MSG_SCSI_IO_REQUEST));
2118 mpt_req->Function = MPI_FUNCTION_SCSI_IO_REQUEST;
2119 if (raid_passthru) {
2120 mpt_req->Function = MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH;
2121 CAMLOCK_2_MPTLOCK(mpt);
2122 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) {
2123 MPTLOCK_2_CAMLOCK(mpt);
2124 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2125 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE);
2129 MPTLOCK_2_CAMLOCK(mpt);
2130 mpt_req->Bus = 0; /* we never set bus here */
2132 tgt = ccb->ccb_h.target_id;
2133 mpt_req->Bus = 0; /* XXX */
2136 mpt_req->SenseBufferLength =
2137 (csio->sense_len < MPT_SENSE_SIZE) ?
2138 csio->sense_len : MPT_SENSE_SIZE;
2141 * We use the message context to find the request structure when we
2142 * Get the command completion interrupt from the IOC.
2144 mpt_req->MsgContext = htole32(req->index | scsi_io_handler_id);
2146 /* Which physical device to do the I/O on */
2147 mpt_req->TargetID = tgt;
2149 /* We assume a single level LUN type */
2150 if (ccb->ccb_h.target_lun >= 256) {
2151 mpt_req->LUN[0] = 0x40 | ((ccb->ccb_h.target_lun >> 8) & 0x3f);
2152 mpt_req->LUN[1] = ccb->ccb_h.target_lun & 0xff;
2154 mpt_req->LUN[1] = ccb->ccb_h.target_lun;
2157 /* Set the direction of the transfer */
2158 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
2159 mpt_req->Control = MPI_SCSIIO_CONTROL_READ;
2160 } else if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) {
2161 mpt_req->Control = MPI_SCSIIO_CONTROL_WRITE;
2163 mpt_req->Control = MPI_SCSIIO_CONTROL_NODATATRANSFER;
2166 if ((ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) != 0) {
2167 switch(ccb->csio.tag_action) {
2168 case MSG_HEAD_OF_Q_TAG:
2169 mpt_req->Control |= MPI_SCSIIO_CONTROL_HEADOFQ;
2172 mpt_req->Control |= MPI_SCSIIO_CONTROL_ACAQ;
2174 case MSG_ORDERED_Q_TAG:
2175 mpt_req->Control |= MPI_SCSIIO_CONTROL_ORDEREDQ;
2177 case MSG_SIMPLE_Q_TAG:
2179 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ;
2183 if (mpt->is_fc || mpt->is_sas) {
2184 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ;
2186 /* XXX No such thing for a target doing packetized. */
2187 mpt_req->Control |= MPI_SCSIIO_CONTROL_UNTAGGED;
2192 if (ccb->ccb_h.flags & CAM_DIS_DISCONNECT) {
2193 mpt_req->Control |= MPI_SCSIIO_CONTROL_NO_DISCONNECT;
2197 /* Copy the scsi command block into place */
2198 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) {
2199 bcopy(csio->cdb_io.cdb_ptr, mpt_req->CDB, csio->cdb_len);
2201 bcopy(csio->cdb_io.cdb_bytes, mpt_req->CDB, csio->cdb_len);
2204 mpt_req->CDBLength = csio->cdb_len;
2205 mpt_req->DataLength = htole32(csio->dxfer_len);
2206 mpt_req->SenseBufferLowAddr = htole32(req->sense_pbuf);
2209 * Do a *short* print here if we're set to MPT_PRT_DEBUG
2211 if (mpt->verbose == MPT_PRT_DEBUG) {
2213 mpt_prt(mpt, "mpt_start: %s op 0x%x ",
2214 (mpt_req->Function == MPI_FUNCTION_SCSI_IO_REQUEST)?
2215 "SCSI_IO_REQUEST" : "SCSI_IO_PASSTHRU", mpt_req->CDB[0]);
2216 df = mpt_req->Control & MPI_SCSIIO_CONTROL_DATADIRECTION_MASK;
2217 if (df != MPI_SCSIIO_CONTROL_NODATATRANSFER) {
2218 mpt_prtc(mpt, "(%s %u byte%s ",
2219 (df == MPI_SCSIIO_CONTROL_READ)?
2220 "read" : "write", csio->dxfer_len,
2221 (csio->dxfer_len == 1)? ")" : "s)");
2223 mpt_prtc(mpt, "tgt %u lun %u req %p:%u\n", tgt,
2224 ccb->ccb_h.target_lun, req, req->serno);
2228 * If we have any data to send with this command map it into bus space.
2230 if ((ccbh->flags & CAM_DIR_MASK) != CAM_DIR_NONE) {
2231 if ((ccbh->flags & CAM_SCATTER_VALID) == 0) {
2233 * We've been given a pointer to a single buffer.
2235 if ((ccbh->flags & CAM_DATA_PHYS) == 0) {
2237 * Virtual address that needs to translated into
2238 * one or more physical address ranges.
2241 int s = splsoftvm();
2242 error = bus_dmamap_load(mpt->buffer_dmat,
2243 req->dmap, csio->data_ptr, csio->dxfer_len,
2246 if (error == EINPROGRESS) {
2248 * So as to maintain ordering,
2249 * freeze the controller queue
2250 * until our mapping is
2253 xpt_freeze_simq(mpt->sim, 1);
2254 ccbh->status |= CAM_RELEASE_SIMQ;
2258 * We have been given a pointer to single
2261 struct bus_dma_segment seg;
2263 (bus_addr_t)(vm_offset_t)csio->data_ptr;
2264 seg.ds_len = csio->dxfer_len;
2265 (*cb)(req, &seg, 1, 0);
2269 * We have been given a list of addresses.
2270 * This case could be easily supported but they are not
2271 * currently generated by the CAM subsystem so there
2272 * is no point in wasting the time right now.
2274 struct bus_dma_segment *segs;
2275 if ((ccbh->flags & CAM_SG_LIST_PHYS) == 0) {
2276 (*cb)(req, NULL, 0, EFAULT);
2278 /* Just use the segments provided */
2279 segs = (struct bus_dma_segment *)csio->data_ptr;
2280 (*cb)(req, segs, csio->sglist_cnt, 0);
2284 (*cb)(req, NULL, 0, 0);
2289 mpt_bus_reset(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun,
2296 error = mpt_scsi_send_tmf(mpt,
2297 (tgt != CAM_TARGET_WILDCARD || lun != CAM_LUN_WILDCARD) ?
2298 MPI_SCSITASKMGMT_TASKTYPE_TARGET_RESET :
2299 MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS,
2300 mpt->is_fc ? MPI_SCSITASKMGMT_MSGFLAGS_LIP_RESET_OPTION : 0,
2301 0, /* XXX How do I get the channel ID? */
2302 tgt != CAM_TARGET_WILDCARD ? tgt : 0,
2303 lun != CAM_LUN_WILDCARD ? lun : 0,
2308 * mpt_scsi_send_tmf hard resets on failure, so no
2309 * need to do so here.
2312 "mpt_bus_reset: mpt_scsi_send_tmf returned %d\n", error);
2316 /* Wait for bus reset to be processed by the IOC. */
2317 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE,
2318 REQ_STATE_DONE, sleep_ok, 5000);
2320 status = mpt->tmf_req->IOCStatus;
2321 response = mpt->tmf_req->ResponseCode;
2322 mpt->tmf_req->state = REQ_STATE_FREE;
2325 mpt_prt(mpt, "mpt_bus_reset: Reset timed-out. "
2326 "Resetting controller.\n");
2327 mpt_reset(mpt, TRUE);
2331 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) {
2332 mpt_prt(mpt, "mpt_bus_reset: TMF IOC Status 0x%x. "
2333 "Resetting controller.\n", status);
2334 mpt_reset(mpt, TRUE);
2338 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED &&
2339 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) {
2340 mpt_prt(mpt, "mpt_bus_reset: TMF Response 0x%x. "
2341 "Resetting controller.\n", response);
2342 mpt_reset(mpt, TRUE);
2349 mpt_fc_reset_link(struct mpt_softc *mpt, int dowait)
2353 PTR_MSG_FC_PRIMITIVE_SEND_REQUEST fc;
2355 req = mpt_get_request(mpt, FALSE);
2360 memset(fc, 0, sizeof(*fc));
2361 fc->SendFlags = MPI_FC_PRIM_SEND_FLAGS_RESET_LINK;
2362 fc->Function = MPI_FUNCTION_FC_PRIMITIVE_SEND;
2363 fc->MsgContext = htole32(req->index | fc_els_handler_id);
2364 mpt_send_cmd(mpt, req);
2366 r = mpt_wait_req(mpt, req, REQ_STATE_DONE,
2367 REQ_STATE_DONE, FALSE, 60 * 1000);
2369 mpt_free_request(mpt, req);
2376 mpt_cam_event(struct mpt_softc *mpt, request_t *req,
2377 MSG_EVENT_NOTIFY_REPLY *msg)
2379 uint32_t data0, data1;
2381 data0 = le32toh(msg->Data[0]);
2382 data1 = le32toh(msg->Data[1]);
2383 switch(msg->Event & 0xFF) {
2384 case MPI_EVENT_UNIT_ATTENTION:
2385 mpt_prt(mpt, "UNIT ATTENTION: Bus: 0x%02x TargetID: 0x%02x\n",
2386 (data0 >> 8) & 0xff, data0 & 0xff);
2389 case MPI_EVENT_IOC_BUS_RESET:
2390 /* We generated a bus reset */
2391 mpt_prt(mpt, "IOC Generated Bus Reset Port: %d\n",
2392 (data0 >> 8) & 0xff);
2393 xpt_async(AC_BUS_RESET, mpt->path, NULL);
2396 case MPI_EVENT_EXT_BUS_RESET:
2397 /* Someone else generated a bus reset */
2398 mpt_prt(mpt, "External Bus Reset Detected\n");
2400 * These replies don't return EventData like the MPI
2403 xpt_async(AC_BUS_RESET, mpt->path, NULL);
2406 case MPI_EVENT_RESCAN:
2407 #if __FreeBSD_version >= 600000
2412 * In general this means a device has been added to the loop.
2414 mpt_prt(mpt, "Rescan Port: %d\n", (data0 >> 8) & 0xff);
2415 if (mpt->ready == 0) {
2418 if (mpt->phydisk_sim) {
2419 pathid = cam_sim_path(mpt->phydisk_sim);
2421 pathid = cam_sim_path(mpt->sim);
2423 MPTLOCK_2_CAMLOCK(mpt);
2425 * Allocate a CCB, create a wildcard path for this bus,
2426 * and schedule a rescan.
2428 ccb = xpt_alloc_ccb_nowait();
2430 mpt_prt(mpt, "unable to alloc CCB for rescan\n");
2431 CAMLOCK_2_MPTLOCK(mpt);
2435 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, pathid,
2436 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
2437 CAMLOCK_2_MPTLOCK(mpt);
2438 mpt_prt(mpt, "unable to create path for rescan\n");
2443 CAMLOCK_2_MPTLOCK(mpt);
2447 mpt_prt(mpt, "Rescan Port: %d\n", (data0 >> 8) & 0xff);
2450 case MPI_EVENT_LINK_STATUS_CHANGE:
2451 mpt_prt(mpt, "Port %d: LinkState: %s\n",
2452 (data1 >> 8) & 0xff,
2453 ((data0 & 0xff) == 0)? "Failed" : "Active");
2456 case MPI_EVENT_LOOP_STATE_CHANGE:
2457 switch ((data0 >> 16) & 0xff) {
2460 "Port 0x%x: FC LinkEvent: LIP(%02x,%02x) "
2461 "(Loop Initialization)\n",
2462 (data1 >> 8) & 0xff,
2463 (data0 >> 8) & 0xff,
2465 switch ((data0 >> 8) & 0xff) {
2467 if ((data0 & 0xff) == 0xF7) {
2468 mpt_prt(mpt, "Device needs AL_PA\n");
2470 mpt_prt(mpt, "Device %02x doesn't like "
2476 if ((data0 & 0xff) == 0xF7) {
2477 mpt_prt(mpt, "Device had loop failure "
2478 "at its receiver prior to acquiring"
2481 mpt_prt(mpt, "Device %02x detected loop"
2482 " failure at its receiver\n",
2487 mpt_prt(mpt, "Device %02x requests that device "
2488 "%02x reset itself\n",
2490 (data0 >> 8) & 0xFF);
2495 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: "
2496 "LPE(%02x,%02x) (Loop Port Enable)\n",
2497 (data1 >> 8) & 0xff, /* Port */
2498 (data0 >> 8) & 0xff, /* Character 3 */
2499 (data0 ) & 0xff /* Character 4 */);
2502 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: "
2503 "LPB(%02x,%02x) (Loop Port Bypass)\n",
2504 (data1 >> 8) & 0xff, /* Port */
2505 (data0 >> 8) & 0xff, /* Character 3 */
2506 (data0 ) & 0xff /* Character 4 */);
2509 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: Unknown "
2510 "FC event (%02x %02x %02x)\n",
2511 (data1 >> 8) & 0xff, /* Port */
2512 (data0 >> 16) & 0xff, /* Event */
2513 (data0 >> 8) & 0xff, /* Character 3 */
2514 (data0 ) & 0xff /* Character 4 */);
2518 case MPI_EVENT_LOGOUT:
2519 mpt_prt(mpt, "FC Logout Port: %d N_PortID: %02x\n",
2520 (data1 >> 8) & 0xff, data0);
2522 case MPI_EVENT_QUEUE_FULL:
2524 struct cam_sim *sim;
2525 struct cam_path *tmppath;
2526 struct ccb_relsim crs;
2527 PTR_EVENT_DATA_QUEUE_FULL pqf =
2528 (PTR_EVENT_DATA_QUEUE_FULL) msg->Data;
2531 mpt_prt(mpt, "QUEUE FULL EVENT: Bus 0x%02x Target 0x%02x Depth "
2532 "%d\n", pqf->Bus, pqf->TargetID, pqf->CurrentDepth);
2533 if (mpt->phydisk_sim) {
2534 sim = mpt->phydisk_sim;
2538 MPTLOCK_2_CAMLOCK(mpt);
2539 for (lun_id = 0; lun_id < MPT_MAX_LUNS; lun_id++) {
2540 if (xpt_create_path(&tmppath, NULL, cam_sim_path(sim),
2541 pqf->TargetID, lun_id) != CAM_REQ_CMP) {
2542 mpt_prt(mpt, "unable to create a path to send "
2544 CAMLOCK_2_MPTLOCK(mpt);
2547 xpt_setup_ccb(&crs.ccb_h, tmppath, 5);
2548 crs.ccb_h.func_code = XPT_REL_SIMQ;
2549 crs.release_flags = RELSIM_ADJUST_OPENINGS;
2550 crs.openings = pqf->CurrentDepth - 1;
2551 xpt_action((union ccb *)&crs);
2552 if (crs.ccb_h.status != CAM_REQ_CMP) {
2553 mpt_prt(mpt, "XPT_REL_SIMQ failed\n");
2555 xpt_free_path(tmppath);
2557 CAMLOCK_2_MPTLOCK(mpt);
2560 case MPI_EVENT_EVENT_CHANGE:
2561 case MPI_EVENT_INTEGRATED_RAID:
2562 case MPI_EVENT_SAS_DEVICE_STATUS_CHANGE:
2563 case MPI_EVENT_SAS_SES:
2566 mpt_lprt(mpt, MPT_PRT_WARN, "mpt_cam_event: 0x%x\n",
2574 * Reply path for all SCSI I/O requests, called from our
2575 * interrupt handler by extracting our handler index from
2576 * the MsgContext field of the reply from the IOC.
2578 * This routine is optimized for the common case of a
2579 * completion without error. All exception handling is
2580 * offloaded to non-inlined helper routines to minimize
2584 mpt_scsi_reply_handler(struct mpt_softc *mpt, request_t *req,
2585 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2587 MSG_SCSI_IO_REQUEST *scsi_req;
2591 if (req->state == REQ_STATE_FREE) {
2592 mpt_prt(mpt, "mpt_scsi_reply_handler: req already free\n");
2596 scsi_req = (MSG_SCSI_IO_REQUEST *)req->req_vbuf;
2599 mpt_prt(mpt, "mpt_scsi_reply_handler: req %p:%u with no ccb\n",
2604 tgt = scsi_req->TargetID;
2605 mpt_req_untimeout(req, mpt_timeout, ccb);
2606 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
2608 if ((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) {
2609 bus_dmasync_op_t op;
2611 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN)
2612 op = BUS_DMASYNC_POSTREAD;
2614 op = BUS_DMASYNC_POSTWRITE;
2615 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op);
2616 bus_dmamap_unload(mpt->buffer_dmat, req->dmap);
2619 if (reply_frame == NULL) {
2621 * Context only reply, completion without error status.
2623 ccb->csio.resid = 0;
2624 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
2625 ccb->csio.scsi_status = SCSI_STATUS_OK;
2627 mpt_scsi_reply_frame_handler(mpt, req, reply_frame);
2630 if (mpt->outofbeer) {
2631 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
2633 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
2635 if (scsi_req->CDB[0] == INQUIRY && (scsi_req->CDB[1] & SI_EVPD) == 0) {
2636 struct scsi_inquiry_data *iq =
2637 (struct scsi_inquiry_data *)ccb->csio.data_ptr;
2638 if (scsi_req->Function ==
2639 MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
2641 * Fake out the device type so that only the
2642 * pass-thru device will attach.
2644 iq->device &= ~0x1F;
2645 iq->device |= T_NODEVICE;
2648 if (mpt->verbose == MPT_PRT_DEBUG) {
2649 mpt_prt(mpt, "mpt_scsi_reply_handler: %p:%u complete\n",
2652 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
2653 MPTLOCK_2_CAMLOCK(mpt);
2655 CAMLOCK_2_MPTLOCK(mpt);
2656 if ((req->state & REQ_STATE_TIMEDOUT) == 0) {
2657 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2659 mpt_prt(mpt, "completing timedout/aborted req %p:%u\n",
2661 TAILQ_REMOVE(&mpt->request_timeout_list, req, links);
2663 KASSERT((req->state & REQ_STATE_NEED_WAKEUP) == 0,
2664 ("CCB req needed wakeup"));
2666 mpt_req_not_spcl(mpt, req, "mpt_scsi_reply_handler", __LINE__);
2668 mpt_free_request(mpt, req);
2673 mpt_scsi_tmf_reply_handler(struct mpt_softc *mpt, request_t *req,
2674 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2676 MSG_SCSI_TASK_MGMT_REPLY *tmf_reply;
2678 KASSERT(req == mpt->tmf_req, ("TMF Reply not using mpt->tmf_req"));
2680 mpt_req_not_spcl(mpt, req, "mpt_scsi_tmf_reply_handler", __LINE__);
2682 tmf_reply = (MSG_SCSI_TASK_MGMT_REPLY *)reply_frame;
2683 /* Record IOC Status and Response Code of TMF for any waiters. */
2684 req->IOCStatus = le16toh(tmf_reply->IOCStatus);
2685 req->ResponseCode = tmf_reply->ResponseCode;
2687 mpt_lprt(mpt, MPT_PRT_DEBUG, "TMF complete: req %p:%u status 0x%x\n",
2688 req, req->serno, le16toh(tmf_reply->IOCStatus));
2689 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2690 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) {
2691 req->state |= REQ_STATE_DONE;
2694 mpt->tmf_req->state = REQ_STATE_FREE;
2700 * XXX: Move to definitions file
2718 mpt_fc_els_send_response(struct mpt_softc *mpt, request_t *req,
2719 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp, U8 length)
2722 MSG_LINK_SERVICE_RSP_REQUEST tmp;
2723 PTR_MSG_LINK_SERVICE_RSP_REQUEST rsp;
2726 * We are going to reuse the ELS request to send this response back.
2729 memset(rsp, 0, sizeof(*rsp));
2731 #ifdef USE_IMMEDIATE_LINK_DATA
2733 * Apparently the IMMEDIATE stuff doesn't seem to work.
2735 rsp->RspFlags = LINK_SERVICE_RSP_FLAGS_IMMEDIATE;
2737 rsp->RspLength = length;
2738 rsp->Function = MPI_FUNCTION_FC_LINK_SRVC_RSP;
2739 rsp->MsgContext = htole32(req->index | fc_els_handler_id);
2742 * Copy over information from the original reply frame to
2743 * it's correct place in the response.
2745 memcpy((U8 *)rsp + 0x0c, (U8 *)rp + 0x1c, 24);
2748 * And now copy back the temporary area to the original frame.
2750 memcpy(req->req_vbuf, rsp, sizeof (MSG_LINK_SERVICE_RSP_REQUEST));
2751 rsp = req->req_vbuf;
2753 #ifdef USE_IMMEDIATE_LINK_DATA
2754 memcpy((U8 *)&rsp->SGL, &((U8 *)req->req_vbuf)[MPT_RQSL(mpt)], length);
2757 PTR_SGE_SIMPLE32 se = (PTR_SGE_SIMPLE32) &rsp->SGL;
2758 bus_addr_t paddr = req->req_pbuf;
2759 paddr += MPT_RQSL(mpt);
2762 MPI_SGE_FLAGS_HOST_TO_IOC |
2763 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
2764 MPI_SGE_FLAGS_LAST_ELEMENT |
2765 MPI_SGE_FLAGS_END_OF_LIST |
2766 MPI_SGE_FLAGS_END_OF_BUFFER;
2767 fl <<= MPI_SGE_FLAGS_SHIFT;
2769 se->FlagsLength = htole32(fl);
2770 se->Address = htole32((uint32_t) paddr);
2777 mpt_send_cmd(mpt, req);
2781 mpt_fc_els_reply_handler(struct mpt_softc *mpt, request_t *req,
2782 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
2784 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp =
2785 (PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY) reply_frame;
2789 U16 status = le16toh(reply_frame->IOCStatus);
2792 int do_refresh = TRUE;
2795 KASSERT(mpt_req_on_free_list(mpt, req) == 0,
2796 ("fc_els_reply_handler: req %p:%u for function %x on freelist!",
2797 req, req->serno, rp->Function));
2798 if (rp->Function != MPI_FUNCTION_FC_PRIMITIVE_SEND) {
2799 mpt_req_spcl(mpt, req, "fc_els_reply_handler", __LINE__);
2801 mpt_req_not_spcl(mpt, req, "fc_els_reply_handler", __LINE__);
2804 mpt_lprt(mpt, MPT_PRT_DEBUG,
2805 "FC_ELS Complete: req %p:%u, reply %p function %x\n",
2806 req, req->serno, reply_frame, reply_frame->Function);
2808 if (status != MPI_IOCSTATUS_SUCCESS) {
2809 mpt_prt(mpt, "ELS REPLY STATUS 0x%x for Function %x\n",
2810 status, reply_frame->Function);
2811 if (status == MPI_IOCSTATUS_INVALID_STATE) {
2813 * XXX: to get around shutdown issue
2822 * If the function of a link service response, we recycle the
2823 * response to be a refresh for a new link service request.
2825 * The request pointer is bogus in this case and we have to fetch
2826 * it based upon the TransactionContext.
2828 if (rp->Function == MPI_FUNCTION_FC_LINK_SRVC_RSP) {
2829 /* Freddie Uncle Charlie Katie */
2830 /* We don't get the IOINDEX as part of the Link Svc Rsp */
2831 for (ioindex = 0; ioindex < mpt->els_cmds_allocated; ioindex++)
2832 if (mpt->els_cmd_ptrs[ioindex] == req) {
2836 KASSERT(ioindex < mpt->els_cmds_allocated,
2837 ("can't find my mommie!"));
2839 /* remove from active list as we're going to re-post it */
2840 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2841 req->state &= ~REQ_STATE_QUEUED;
2842 req->state |= REQ_STATE_DONE;
2843 mpt_fc_post_els(mpt, req, ioindex);
2847 if (rp->Function == MPI_FUNCTION_FC_PRIMITIVE_SEND) {
2848 /* remove from active list as we're done */
2849 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2850 req->state &= ~REQ_STATE_QUEUED;
2851 req->state |= REQ_STATE_DONE;
2852 if (req->state & REQ_STATE_TIMEDOUT) {
2853 mpt_lprt(mpt, MPT_PRT_DEBUG,
2854 "Sync Primitive Send Completed After Timeout\n");
2855 mpt_free_request(mpt, req);
2856 } else if ((req->state & REQ_STATE_NEED_WAKEUP) == 0) {
2857 mpt_lprt(mpt, MPT_PRT_DEBUG,
2858 "Async Primitive Send Complete\n");
2859 mpt_free_request(mpt, req);
2861 mpt_lprt(mpt, MPT_PRT_DEBUG,
2862 "Sync Primitive Send Complete- Waking Waiter\n");
2868 if (rp->Function != MPI_FUNCTION_FC_LINK_SRVC_BUF_POST) {
2869 mpt_prt(mpt, "unexpected ELS_REPLY: Function 0x%x Flags %x "
2870 "Length %d Message Flags %x\n", rp->Function, rp->Flags,
2871 rp->MsgLength, rp->MsgFlags);
2875 if (rp->MsgLength <= 5) {
2877 * This is just a ack of an original ELS buffer post
2879 mpt_lprt(mpt, MPT_PRT_DEBUG,
2880 "RECV'd ACK of FC_ELS buf post %p:%u\n", req, req->serno);
2885 rctl = (le32toh(rp->Rctl_Did) & MPI_FC_RCTL_MASK) >> MPI_FC_RCTL_SHIFT;
2886 type = (le32toh(rp->Type_Fctl) & MPI_FC_TYPE_MASK) >> MPI_FC_TYPE_SHIFT;
2888 elsbuf = &((U32 *)req->req_vbuf)[MPT_RQSL(mpt)/sizeof (U32)];
2889 cmd = be32toh(elsbuf[0]) >> 24;
2891 if (rp->Flags & MPI_LS_BUF_POST_REPLY_FLAG_NO_RSP_NEEDED) {
2892 mpt_lprt(mpt, MPT_PRT_ALWAYS, "ELS_REPLY: response unneeded\n");
2896 ioindex = le32toh(rp->TransactionContext);
2897 req = mpt->els_cmd_ptrs[ioindex];
2899 if (rctl == ELS && type == 1) {
2903 * Send back a PRLI ACC
2905 mpt_prt(mpt, "PRLI from 0x%08x%08x\n",
2906 le32toh(rp->Wwn.PortNameHigh),
2907 le32toh(rp->Wwn.PortNameLow));
2908 elsbuf[0] = htobe32(0x02100014);
2909 elsbuf[1] |= htobe32(0x00000100);
2910 elsbuf[4] = htobe32(0x00000002);
2911 if (mpt->role & MPT_ROLE_TARGET)
2912 elsbuf[4] |= htobe32(0x00000010);
2913 if (mpt->role & MPT_ROLE_INITIATOR)
2914 elsbuf[4] |= htobe32(0x00000020);
2915 /* remove from active list as we're done */
2916 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2917 req->state &= ~REQ_STATE_QUEUED;
2918 req->state |= REQ_STATE_DONE;
2919 mpt_fc_els_send_response(mpt, req, rp, 20);
2923 memset(elsbuf, 0, 5 * (sizeof (U32)));
2924 elsbuf[0] = htobe32(0x02100014);
2925 elsbuf[1] = htobe32(0x08000100);
2926 mpt_prt(mpt, "PRLO from 0x%08x%08x\n",
2927 le32toh(rp->Wwn.PortNameHigh),
2928 le32toh(rp->Wwn.PortNameLow));
2929 /* remove from active list as we're done */
2930 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
2931 req->state &= ~REQ_STATE_QUEUED;
2932 req->state |= REQ_STATE_DONE;
2933 mpt_fc_els_send_response(mpt, req, rp, 20);
2937 mpt_prt(mpt, "ELS TYPE 1 COMMAND: %x\n", cmd);
2940 } else if (rctl == ABTS && type == 0) {
2941 uint16_t rx_id = le16toh(rp->Rxid);
2942 uint16_t ox_id = le16toh(rp->Oxid);
2943 request_t *tgt_req = NULL;
2946 "ELS: ABTS OX_ID 0x%x RX_ID 0x%x from 0x%08x%08x\n",
2947 ox_id, rx_id, le32toh(rp->Wwn.PortNameHigh),
2948 le32toh(rp->Wwn.PortNameLow));
2949 if (rx_id >= mpt->mpt_max_tgtcmds) {
2950 mpt_prt(mpt, "Bad RX_ID 0x%x\n", rx_id);
2951 } else if (mpt->tgt_cmd_ptrs == NULL) {
2952 mpt_prt(mpt, "No TGT CMD PTRS\n");
2954 tgt_req = mpt->tgt_cmd_ptrs[rx_id];
2957 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, tgt_req);
2959 union ccb *ccb = tgt->ccb;
2962 vbuf = tgt_req->req_vbuf;
2963 vbuf += MPT_RQSL(mpt);
2966 * Check to make sure we have the correct command
2967 * The reply descriptor in the target state should
2968 * should contain an IoIndex that should match the
2971 * It'd be nice to have OX_ID to crosscheck with
2974 ct_id = GET_IO_INDEX(tgt->reply_desc);
2976 if (ct_id != rx_id) {
2977 mpt_lprt(mpt, MPT_PRT_ERROR, "ABORT Mismatch: "
2978 "RX_ID received=0x%x; RX_ID in cmd=0x%x\n",
2986 "CCB (%p): lun %u flags %x status %x\n",
2987 ccb, ccb->ccb_h.target_lun,
2988 ccb->ccb_h.flags, ccb->ccb_h.status);
2990 mpt_prt(mpt, "target state 0x%x resid %u xfrd %u rpwrd "
2991 "%x nxfers %x\n", tgt->state,
2992 tgt->resid, tgt->bytes_xfered, tgt->reply_desc,
2995 if (mpt_abort_target_cmd(mpt, tgt_req)) {
2996 mpt_prt(mpt, "unable to start TargetAbort\n");
2999 mpt_prt(mpt, "no back pointer for RX_ID 0x%x\n", rx_id);
3001 memset(elsbuf, 0, 5 * (sizeof (U32)));
3002 elsbuf[0] = htobe32(0);
3003 elsbuf[1] = htobe32((ox_id << 16) | rx_id);
3004 elsbuf[2] = htobe32(0x000ffff);
3006 * Dork with the reply frame so that the reponse to it
3009 rp->Rctl_Did += ((BA_ACC - ABTS) << MPI_FC_RCTL_SHIFT);
3010 /* remove from active list as we're done */
3011 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
3012 req->state &= ~REQ_STATE_QUEUED;
3013 req->state |= REQ_STATE_DONE;
3014 mpt_fc_els_send_response(mpt, req, rp, 12);
3017 mpt_prt(mpt, "ELS: RCTL %x TYPE %x CMD %x\n", rctl, type, cmd);
3019 if (do_refresh == TRUE) {
3020 /* remove from active list as we're done */
3021 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
3022 req->state &= ~REQ_STATE_QUEUED;
3023 req->state |= REQ_STATE_DONE;
3024 mpt_fc_post_els(mpt, req, ioindex);
3030 * Clean up all SCSI Initiator personality state in response
3031 * to a controller reset.
3034 mpt_cam_ioc_reset(struct mpt_softc *mpt, int type)
3037 * The pending list is already run down by
3038 * the generic handler. Perform the same
3039 * operation on the timed out request list.
3041 mpt_complete_request_chain(mpt, &mpt->request_timeout_list,
3042 MPI_IOCSTATUS_INVALID_STATE);
3045 * XXX: We need to repost ELS and Target Command Buffers?
3049 * Inform the XPT that a bus reset has occurred.
3051 xpt_async(AC_BUS_RESET, mpt->path, NULL);
3055 * Parse additional completion information in the reply
3056 * frame for SCSI I/O requests.
3059 mpt_scsi_reply_frame_handler(struct mpt_softc *mpt, request_t *req,
3060 MSG_DEFAULT_REPLY *reply_frame)
3063 MSG_SCSI_IO_REPLY *scsi_io_reply;
3068 MPT_DUMP_REPLY_FRAME(mpt, reply_frame);
3069 KASSERT(reply_frame->Function == MPI_FUNCTION_SCSI_IO_REQUEST
3070 || reply_frame->Function == MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH,
3071 ("MPT SCSI I/O Handler called with incorrect reply type"));
3072 KASSERT((reply_frame->MsgFlags & MPI_MSGFLAGS_CONTINUATION_REPLY) == 0,
3073 ("MPT SCSI I/O Handler called with continuation reply"));
3075 scsi_io_reply = (MSG_SCSI_IO_REPLY *)reply_frame;
3076 ioc_status = le16toh(scsi_io_reply->IOCStatus);
3077 loginfo = ioc_status & MPI_IOCSTATUS_FLAG_LOG_INFO_AVAILABLE;
3078 ioc_status &= MPI_IOCSTATUS_MASK;
3079 sstate = scsi_io_reply->SCSIState;
3083 ccb->csio.dxfer_len - le32toh(scsi_io_reply->TransferCount);
3085 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_VALID) != 0
3086 && (ccb->ccb_h.flags & (CAM_SENSE_PHYS | CAM_SENSE_PTR)) == 0) {
3087 ccb->ccb_h.status |= CAM_AUTOSNS_VALID;
3088 ccb->csio.sense_resid =
3089 ccb->csio.sense_len - scsi_io_reply->SenseCount;
3090 bcopy(req->sense_vbuf, &ccb->csio.sense_data,
3091 min(ccb->csio.sense_len, scsi_io_reply->SenseCount));
3094 if ((sstate & MPI_SCSI_STATE_QUEUE_TAG_REJECTED) != 0) {
3096 * Tag messages rejected, but non-tagged retry
3099 mpt_set_tags(mpt, devinfo, MPT_QUEUE_NONE);
3103 switch(ioc_status) {
3104 case MPI_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
3107 * Linux driver indicates that a zero
3108 * transfer length with this error code
3109 * indicates a CRC error.
3111 * No need to swap the bytes for checking
3114 if (scsi_io_reply->TransferCount == 0) {
3115 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY);
3119 case MPI_IOCSTATUS_SCSI_DATA_UNDERRUN:
3120 case MPI_IOCSTATUS_SUCCESS:
3121 case MPI_IOCSTATUS_SCSI_RECOVERED_ERROR:
3122 if ((sstate & MPI_SCSI_STATE_NO_SCSI_STATUS) != 0) {
3124 * Status was never returned for this transaction.
3126 mpt_set_ccb_status(ccb, CAM_UNEXP_BUSFREE);
3127 } else if (scsi_io_reply->SCSIStatus != SCSI_STATUS_OK) {
3128 ccb->csio.scsi_status = scsi_io_reply->SCSIStatus;
3129 mpt_set_ccb_status(ccb, CAM_SCSI_STATUS_ERROR);
3130 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_FAILED) != 0)
3131 mpt_set_ccb_status(ccb, CAM_AUTOSENSE_FAIL);
3132 } else if ((sstate & MPI_SCSI_STATE_RESPONSE_INFO_VALID) != 0) {
3134 /* XXX Handle SPI-Packet and FCP-2 reponse info. */
3135 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3137 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3139 case MPI_IOCSTATUS_SCSI_DATA_OVERRUN:
3140 mpt_set_ccb_status(ccb, CAM_DATA_RUN_ERR);
3142 case MPI_IOCSTATUS_SCSI_IO_DATA_ERROR:
3143 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY);
3145 case MPI_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
3147 * Since selection timeouts and "device really not
3148 * there" are grouped into this error code, report
3149 * selection timeout. Selection timeouts are
3150 * typically retried before giving up on the device
3151 * whereas "device not there" errors are considered
3154 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT);
3156 case MPI_IOCSTATUS_SCSI_PROTOCOL_ERROR:
3157 mpt_set_ccb_status(ccb, CAM_SEQUENCE_FAIL);
3159 case MPI_IOCSTATUS_SCSI_INVALID_BUS:
3160 mpt_set_ccb_status(ccb, CAM_PATH_INVALID);
3162 case MPI_IOCSTATUS_SCSI_INVALID_TARGETID:
3163 mpt_set_ccb_status(ccb, CAM_TID_INVALID);
3165 case MPI_IOCSTATUS_SCSI_TASK_MGMT_FAILED:
3166 ccb->ccb_h.status = CAM_UA_TERMIO;
3168 case MPI_IOCSTATUS_INVALID_STATE:
3170 * The IOC has been reset. Emulate a bus reset.
3173 case MPI_IOCSTATUS_SCSI_EXT_TERMINATED:
3174 ccb->ccb_h.status = CAM_SCSI_BUS_RESET;
3176 case MPI_IOCSTATUS_SCSI_TASK_TERMINATED:
3177 case MPI_IOCSTATUS_SCSI_IOC_TERMINATED:
3179 * Don't clobber any timeout status that has
3180 * already been set for this transaction. We
3181 * want the SCSI layer to be able to differentiate
3182 * between the command we aborted due to timeout
3183 * and any innocent bystanders.
3185 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG)
3187 mpt_set_ccb_status(ccb, CAM_REQ_TERMIO);
3190 case MPI_IOCSTATUS_INSUFFICIENT_RESOURCES:
3191 mpt_set_ccb_status(ccb, CAM_RESRC_UNAVAIL);
3193 case MPI_IOCSTATUS_BUSY:
3194 mpt_set_ccb_status(ccb, CAM_BUSY);
3196 case MPI_IOCSTATUS_INVALID_FUNCTION:
3197 case MPI_IOCSTATUS_INVALID_SGL:
3198 case MPI_IOCSTATUS_INTERNAL_ERROR:
3199 case MPI_IOCSTATUS_INVALID_FIELD:
3202 * Some of the above may need to kick
3203 * of a recovery action!!!!
3205 ccb->ccb_h.status = CAM_UNREC_HBA_ERROR;
3209 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) {
3210 mpt_freeze_ccb(ccb);
3217 mpt_action(struct cam_sim *sim, union ccb *ccb)
3219 struct mpt_softc *mpt;
3220 struct ccb_trans_settings *cts;
3225 CAM_DEBUG(ccb->ccb_h.path, CAM_DEBUG_TRACE, ("mpt_action\n"));
3227 mpt = (struct mpt_softc *)cam_sim_softc(sim);
3228 raid_passthru = (sim == mpt->phydisk_sim);
3229 MPT_LOCK_ASSERT(mpt);
3231 tgt = ccb->ccb_h.target_id;
3232 lun = ccb->ccb_h.target_lun;
3233 if (raid_passthru &&
3234 ccb->ccb_h.func_code != XPT_PATH_INQ &&
3235 ccb->ccb_h.func_code != XPT_RESET_BUS &&
3236 ccb->ccb_h.func_code != XPT_RESET_DEV) {
3237 CAMLOCK_2_MPTLOCK(mpt);
3238 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) {
3239 MPTLOCK_2_CAMLOCK(mpt);
3240 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3241 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE);
3245 MPTLOCK_2_CAMLOCK(mpt);
3247 ccb->ccb_h.ccb_mpt_ptr = mpt;
3249 switch (ccb->ccb_h.func_code) {
3250 case XPT_SCSI_IO: /* Execute the requested I/O operation */
3252 * Do a couple of preliminary checks...
3254 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) {
3255 if ((ccb->ccb_h.flags & CAM_CDB_PHYS) != 0) {
3256 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3257 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3261 /* Max supported CDB length is 16 bytes */
3262 /* XXX Unless we implement the new 32byte message type */
3263 if (ccb->csio.cdb_len >
3264 sizeof (((PTR_MSG_SCSI_IO_REQUEST)0)->CDB)) {
3265 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3266 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3269 #ifdef MPT_TEST_MULTIPATH
3270 if (mpt->failure_id == ccb->ccb_h.target_id) {
3271 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3272 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT);
3276 ccb->csio.scsi_status = SCSI_STATUS_OK;
3277 mpt_start(sim, ccb);
3281 if (raid_passthru) {
3282 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3283 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3287 if (ccb->ccb_h.func_code == XPT_RESET_BUS) {
3289 xpt_print(ccb->ccb_h.path, "reset bus\n");
3292 xpt_print(ccb->ccb_h.path, "reset device\n");
3294 CAMLOCK_2_MPTLOCK(mpt);
3295 (void) mpt_bus_reset(mpt, tgt, lun, FALSE);
3296 MPTLOCK_2_CAMLOCK(mpt);
3299 * mpt_bus_reset is always successful in that it
3300 * will fall back to a hard reset should a bus
3301 * reset attempt fail.
3303 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3304 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3309 union ccb *accb = ccb->cab.abort_ccb;
3310 CAMLOCK_2_MPTLOCK(mpt);
3311 switch (accb->ccb_h.func_code) {
3312 case XPT_ACCEPT_TARGET_IO:
3313 case XPT_IMMED_NOTIFY:
3314 ccb->ccb_h.status = mpt_abort_target_ccb(mpt, ccb);
3316 case XPT_CONT_TARGET_IO:
3317 mpt_prt(mpt, "cannot abort active CTIOs yet\n");
3318 ccb->ccb_h.status = CAM_UA_ABORT;
3321 ccb->ccb_h.status = CAM_UA_ABORT;
3324 ccb->ccb_h.status = CAM_REQ_INVALID;
3327 MPTLOCK_2_CAMLOCK(mpt);
3331 #ifdef CAM_NEW_TRAN_CODE
3332 #define IS_CURRENT_SETTINGS(c) ((c)->type == CTS_TYPE_CURRENT_SETTINGS)
3334 #define IS_CURRENT_SETTINGS(c) ((c)->flags & CCB_TRANS_CURRENT_SETTINGS)
3336 #define DP_DISC_ENABLE 0x1
3337 #define DP_DISC_DISABL 0x2
3338 #define DP_DISC (DP_DISC_ENABLE|DP_DISC_DISABL)
3340 #define DP_TQING_ENABLE 0x4
3341 #define DP_TQING_DISABL 0x8
3342 #define DP_TQING (DP_TQING_ENABLE|DP_TQING_DISABL)
3344 #define DP_WIDE 0x10
3345 #define DP_NARROW 0x20
3346 #define DP_WIDTH (DP_WIDE|DP_NARROW)
3348 #define DP_SYNC 0x40
3350 case XPT_SET_TRAN_SETTINGS: /* Nexus Settings */
3352 #ifdef CAM_NEW_TRAN_CODE
3353 struct ccb_trans_settings_scsi *scsi;
3354 struct ccb_trans_settings_spi *spi;
3363 if (mpt->is_fc || mpt->is_sas) {
3364 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3368 #ifdef CAM_NEW_TRAN_CODE
3369 scsi = &cts->proto_specific.scsi;
3370 spi = &cts->xport_specific.spi;
3373 * We can be called just to valid transport and proto versions
3375 if (scsi->valid == 0 && spi->valid == 0) {
3376 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3382 * Skip attempting settings on RAID volume disks.
3383 * Other devices on the bus get the normal treatment.
3385 if (mpt->phydisk_sim && raid_passthru == 0 &&
3386 mpt_is_raid_volume(mpt, tgt) != 0) {
3387 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3388 "no transfer settings for RAID vols\n");
3389 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3393 i = mpt->mpt_port_page2.PortSettings &
3394 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS;
3395 j = mpt->mpt_port_page2.PortFlags &
3396 MPI_SCSIPORTPAGE2_PORT_FLAGS_DV_MASK;
3397 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS &&
3398 j == MPI_SCSIPORTPAGE2_PORT_FLAGS_OFF_DV) {
3399 mpt_lprt(mpt, MPT_PRT_ALWAYS,
3400 "honoring BIOS transfer negotiations\n");
3401 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3409 #ifndef CAM_NEW_TRAN_CODE
3410 if ((cts->valid & CCB_TRANS_DISC_VALID) != 0) {
3411 dval |= (cts->flags & CCB_TRANS_DISC_ENB) ?
3412 DP_DISC_ENABLE : DP_DISC_DISABL;
3415 if ((cts->valid & CCB_TRANS_TQ_VALID) != 0) {
3416 dval |= (cts->flags & CCB_TRANS_TAG_ENB) ?
3417 DP_TQING_ENABLE : DP_TQING_DISABL;
3420 if ((cts->valid & CCB_TRANS_BUS_WIDTH_VALID) != 0) {
3421 dval |= cts->bus_width ? DP_WIDE : DP_NARROW;
3424 if ((cts->valid & CCB_TRANS_SYNC_RATE_VALID) &&
3425 (cts->valid & CCB_TRANS_SYNC_OFFSET_VALID)) {
3427 period = cts->sync_period;
3428 offset = cts->sync_offset;
3431 if ((spi->valid & CTS_SPI_VALID_DISC) != 0) {
3432 dval |= ((spi->flags & CTS_SPI_FLAGS_DISC_ENB) != 0) ?
3433 DP_DISC_ENABLE : DP_DISC_DISABL;
3436 if ((scsi->valid & CTS_SCSI_VALID_TQ) != 0) {
3437 dval |= ((scsi->flags & CTS_SCSI_FLAGS_TAG_ENB) != 0) ?
3438 DP_TQING_ENABLE : DP_TQING_DISABL;
3441 if ((spi->valid & CTS_SPI_VALID_BUS_WIDTH) != 0) {
3442 dval |= (spi->bus_width == MSG_EXT_WDTR_BUS_16_BIT) ?
3443 DP_WIDE : DP_NARROW;
3446 if (spi->valid & CTS_SPI_VALID_SYNC_OFFSET) {
3448 offset = spi->sync_offset;
3450 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr =
3451 &mpt->mpt_dev_page1[tgt];
3452 offset = ptr->RequestedParameters;
3453 offset &= MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK;
3454 offset >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET;
3456 if (spi->valid & CTS_SPI_VALID_SYNC_RATE) {
3458 period = spi->sync_period;
3460 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr =
3461 &mpt->mpt_dev_page1[tgt];
3462 period = ptr->RequestedParameters;
3463 period &= MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK;
3464 period >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD;
3467 CAMLOCK_2_MPTLOCK(mpt);
3468 if (dval & DP_DISC_ENABLE) {
3469 mpt->mpt_disc_enable |= (1 << tgt);
3470 } else if (dval & DP_DISC_DISABL) {
3471 mpt->mpt_disc_enable &= ~(1 << tgt);
3473 if (dval & DP_TQING_ENABLE) {
3474 mpt->mpt_tag_enable |= (1 << tgt);
3475 } else if (dval & DP_TQING_DISABL) {
3476 mpt->mpt_tag_enable &= ~(1 << tgt);
3478 if (dval & DP_WIDTH) {
3479 mpt_setwidth(mpt, tgt, 1);
3481 if (dval & DP_SYNC) {
3482 mpt_setsync(mpt, tgt, period, offset);
3485 MPTLOCK_2_CAMLOCK(mpt);
3486 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3489 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3490 "set [%d]: 0x%x period 0x%x offset %d\n",
3491 tgt, dval, period, offset);
3492 if (mpt_update_spi_config(mpt, tgt)) {
3493 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3495 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3497 MPTLOCK_2_CAMLOCK(mpt);
3500 case XPT_GET_TRAN_SETTINGS:
3502 #ifdef CAM_NEW_TRAN_CODE
3503 struct ccb_trans_settings_scsi *scsi;
3505 cts->protocol = PROTO_SCSI;
3507 struct ccb_trans_settings_fc *fc =
3508 &cts->xport_specific.fc;
3509 cts->protocol_version = SCSI_REV_SPC;
3510 cts->transport = XPORT_FC;
3511 cts->transport_version = 0;
3512 fc->valid = CTS_FC_VALID_SPEED;
3513 fc->bitrate = 100000;
3514 } else if (mpt->is_sas) {
3515 struct ccb_trans_settings_sas *sas =
3516 &cts->xport_specific.sas;
3517 cts->protocol_version = SCSI_REV_SPC2;
3518 cts->transport = XPORT_SAS;
3519 cts->transport_version = 0;
3520 sas->valid = CTS_SAS_VALID_SPEED;
3521 sas->bitrate = 300000;
3523 cts->protocol_version = SCSI_REV_2;
3524 cts->transport = XPORT_SPI;
3525 cts->transport_version = 2;
3526 if (mpt_get_spi_settings(mpt, cts) != 0) {
3527 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3531 scsi = &cts->proto_specific.scsi;
3532 scsi->valid = CTS_SCSI_VALID_TQ;
3533 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB;
3537 cts->flags = CCB_TRANS_TAG_ENB | CCB_TRANS_DISC_ENB;
3538 cts->valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3539 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3540 } else if (mpt->is_sas) {
3541 cts->flags = CCB_TRANS_TAG_ENB | CCB_TRANS_DISC_ENB;
3542 cts->valid = CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3543 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3544 } else if (mpt_get_spi_settings(mpt, cts) != 0) {
3545 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3549 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3552 case XPT_CALC_GEOMETRY:
3554 struct ccb_calc_geometry *ccg;
3557 if (ccg->block_size == 0) {
3558 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
3559 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3562 mpt_calc_geometry(ccg, /*extended*/1);
3563 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d\n", __LINE__));
3566 case XPT_PATH_INQ: /* Path routing inquiry */
3568 struct ccb_pathinq *cpi = &ccb->cpi;
3570 cpi->version_num = 1;
3571 cpi->target_sprt = 0;
3572 cpi->hba_eng_cnt = 0;
3573 cpi->max_target = mpt->port_facts[0].MaxDevices - 1;
3575 * FC cards report MAX_DEVICES of 512, but
3576 * the MSG_SCSI_IO_REQUEST target id field
3577 * is only 8 bits. Until we fix the driver
3578 * to support 'channels' for bus overflow,
3581 if (cpi->max_target > 255) {
3582 cpi->max_target = 255;
3586 * VMware ESX reports > 16 devices and then dies when we probe.
3588 if (mpt->is_spi && cpi->max_target > 15) {
3589 cpi->max_target = 15;
3592 cpi->initiator_id = mpt->mpt_ini_id;
3593 cpi->bus_id = cam_sim_bus(sim);
3596 * The base speed is the speed of the underlying connection.
3598 #ifdef CAM_NEW_TRAN_CODE
3599 cpi->protocol = PROTO_SCSI;
3601 cpi->hba_misc = PIM_NOBUSRESET;
3602 cpi->base_transfer_speed = 100000;
3603 cpi->hba_inquiry = PI_TAG_ABLE;
3604 cpi->transport = XPORT_FC;
3605 cpi->transport_version = 0;
3606 cpi->protocol_version = SCSI_REV_SPC;
3607 } else if (mpt->is_sas) {
3608 cpi->hba_misc = PIM_NOBUSRESET;
3609 cpi->base_transfer_speed = 300000;
3610 cpi->hba_inquiry = PI_TAG_ABLE;
3611 cpi->transport = XPORT_SAS;
3612 cpi->transport_version = 0;
3613 cpi->protocol_version = SCSI_REV_SPC2;
3615 cpi->hba_misc = PIM_SEQSCAN;
3616 cpi->base_transfer_speed = 3300;
3617 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
3618 cpi->transport = XPORT_SPI;
3619 cpi->transport_version = 2;
3620 cpi->protocol_version = SCSI_REV_2;
3624 cpi->hba_misc = PIM_NOBUSRESET;
3625 cpi->base_transfer_speed = 100000;
3626 cpi->hba_inquiry = PI_TAG_ABLE;
3627 } else if (mpt->is_sas) {
3628 cpi->hba_misc = PIM_NOBUSRESET;
3629 cpi->base_transfer_speed = 300000;
3630 cpi->hba_inquiry = PI_TAG_ABLE;
3632 cpi->hba_misc = PIM_SEQSCAN;
3633 cpi->base_transfer_speed = 3300;
3634 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16;
3639 * We give our fake RAID passhtru bus a width that is MaxVolumes
3640 * wide and restrict it to one lun.
3642 if (raid_passthru) {
3643 cpi->max_target = mpt->ioc_page2->MaxPhysDisks - 1;
3644 cpi->initiator_id = cpi->max_target + 1;
3648 if ((mpt->role & MPT_ROLE_INITIATOR) == 0) {
3649 cpi->hba_misc |= PIM_NOINITIATOR;
3651 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) {
3653 PIT_PROCESSOR | PIT_DISCONNECT | PIT_TERM_IO;
3655 cpi->target_sprt = 0;
3657 strncpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
3658 strncpy(cpi->hba_vid, "LSI", HBA_IDLEN);
3659 strncpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
3660 cpi->unit_number = cam_sim_unit(sim);
3661 cpi->ccb_h.status = CAM_REQ_CMP;
3664 case XPT_EN_LUN: /* Enable LUN as a target */
3668 CAMLOCK_2_MPTLOCK(mpt);
3669 if (ccb->cel.enable)
3670 result = mpt_enable_lun(mpt,
3671 ccb->ccb_h.target_id, ccb->ccb_h.target_lun);
3673 result = mpt_disable_lun(mpt,
3674 ccb->ccb_h.target_id, ccb->ccb_h.target_lun);
3675 MPTLOCK_2_CAMLOCK(mpt);
3677 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
3679 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
3683 case XPT_NOTIFY_ACK: /* recycle notify ack */
3684 case XPT_IMMED_NOTIFY: /* Add Immediate Notify Resource */
3685 case XPT_ACCEPT_TARGET_IO: /* Add Accept Target IO Resource */
3687 tgt_resource_t *trtp;
3688 lun_id_t lun = ccb->ccb_h.target_lun;
3689 ccb->ccb_h.sim_priv.entries[0].field = 0;
3690 ccb->ccb_h.sim_priv.entries[1].ptr = mpt;
3691 ccb->ccb_h.flags = 0;
3693 if (lun == CAM_LUN_WILDCARD) {
3694 if (ccb->ccb_h.target_id != CAM_TARGET_WILDCARD) {
3695 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3698 trtp = &mpt->trt_wildcard;
3699 } else if (lun >= MPT_MAX_LUNS) {
3700 mpt_set_ccb_status(ccb, CAM_REQ_INVALID);
3703 trtp = &mpt->trt[lun];
3705 CAMLOCK_2_MPTLOCK(mpt);
3706 if (ccb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
3707 mpt_lprt(mpt, MPT_PRT_DEBUG1,
3708 "Put FREE ATIO %p lun %d\n", ccb, lun);
3709 STAILQ_INSERT_TAIL(&trtp->atios, &ccb->ccb_h,
3711 } else if (ccb->ccb_h.func_code == XPT_IMMED_NOTIFY) {
3712 mpt_lprt(mpt, MPT_PRT_DEBUG1,
3713 "Put FREE INOT lun %d\n", lun);
3714 STAILQ_INSERT_TAIL(&trtp->inots, &ccb->ccb_h,
3717 mpt_lprt(mpt, MPT_PRT_ALWAYS, "Got Notify ACK\n");
3719 mpt_set_ccb_status(ccb, CAM_REQ_INPROG);
3720 MPTLOCK_2_CAMLOCK(mpt);
3723 case XPT_CONT_TARGET_IO:
3724 CAMLOCK_2_MPTLOCK(mpt);
3725 mpt_target_start_io(mpt, ccb);
3726 MPTLOCK_2_CAMLOCK(mpt);
3730 ccb->ccb_h.status = CAM_REQ_INVALID;
3737 mpt_get_spi_settings(struct mpt_softc *mpt, struct ccb_trans_settings *cts)
3739 #ifdef CAM_NEW_TRAN_CODE
3740 struct ccb_trans_settings_scsi *scsi = &cts->proto_specific.scsi;
3741 struct ccb_trans_settings_spi *spi = &cts->xport_specific.spi;
3744 uint32_t dval, pval, oval;
3747 if (IS_CURRENT_SETTINGS(cts) == 0) {
3748 tgt = cts->ccb_h.target_id;
3749 } else if (xpt_path_sim(cts->ccb_h.path) == mpt->phydisk_sim) {
3750 if (mpt_map_physdisk(mpt, (union ccb *)cts, &tgt)) {
3754 tgt = cts->ccb_h.target_id;
3758 * We aren't looking at Port Page 2 BIOS settings here-
3759 * sometimes these have been known to be bogus XXX.
3761 * For user settings, we pick the max from port page 0
3763 * For current settings we read the current settings out from
3764 * device page 0 for that target.
3766 if (IS_CURRENT_SETTINGS(cts)) {
3767 CONFIG_PAGE_SCSI_DEVICE_0 tmp;
3770 CAMLOCK_2_MPTLOCK(mpt);
3771 tmp = mpt->mpt_dev_page0[tgt];
3772 rv = mpt_read_cur_cfg_page(mpt, tgt, &tmp.Header,
3773 sizeof(tmp), FALSE, 5000);
3775 MPTLOCK_2_CAMLOCK(mpt);
3776 mpt_prt(mpt, "can't get tgt %d config page 0\n", tgt);
3779 MPTLOCK_2_CAMLOCK(mpt);
3780 mpt_lprt(mpt, MPT_PRT_DEBUG,
3781 "mpt_get_spi_settings[%d]: current NP %x Info %x\n", tgt,
3782 tmp.NegotiatedParameters, tmp.Information);
3783 dval |= (tmp.NegotiatedParameters & MPI_SCSIDEVPAGE0_NP_WIDE) ?
3784 DP_WIDE : DP_NARROW;
3785 dval |= (mpt->mpt_disc_enable & (1 << tgt)) ?
3786 DP_DISC_ENABLE : DP_DISC_DISABL;
3787 dval |= (mpt->mpt_tag_enable & (1 << tgt)) ?
3788 DP_TQING_ENABLE : DP_TQING_DISABL;
3789 oval = tmp.NegotiatedParameters;
3790 oval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_OFFSET_MASK;
3791 oval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_OFFSET;
3792 pval = tmp.NegotiatedParameters;
3793 pval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_PERIOD_MASK;
3794 pval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_PERIOD;
3795 mpt->mpt_dev_page0[tgt] = tmp;
3797 dval = DP_WIDE|DP_DISC_ENABLE|DP_TQING_ENABLE|DP_SYNC;
3798 oval = mpt->mpt_port_page0.Capabilities;
3799 oval = MPI_SCSIPORTPAGE0_CAP_GET_MAX_SYNC_OFFSET(oval);
3800 pval = mpt->mpt_port_page0.Capabilities;
3801 pval = MPI_SCSIPORTPAGE0_CAP_GET_MIN_SYNC_PERIOD(pval);
3804 #ifndef CAM_NEW_TRAN_CODE
3805 cts->flags &= ~(CCB_TRANS_DISC_ENB|CCB_TRANS_TAG_ENB);
3807 cts->sync_period = pval;
3808 cts->sync_offset = oval;
3809 cts->valid |= CCB_TRANS_SYNC_RATE_VALID;
3810 cts->valid |= CCB_TRANS_SYNC_OFFSET_VALID;
3811 cts->valid |= CCB_TRANS_BUS_WIDTH_VALID;
3812 if (dval & DP_WIDE) {
3813 cts->bus_width = MSG_EXT_WDTR_BUS_16_BIT;
3815 cts->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3817 if (cts->ccb_h.target_lun != CAM_LUN_WILDCARD) {
3818 cts->valid |= CCB_TRANS_DISC_VALID | CCB_TRANS_TQ_VALID;
3819 if (dval & DP_DISC_ENABLE) {
3820 cts->flags |= CCB_TRANS_DISC_ENB;
3822 if (dval & DP_TQING_ENABLE) {
3823 cts->flags |= CCB_TRANS_TAG_ENB;
3831 spi->sync_offset = oval;
3832 spi->sync_period = pval;
3833 spi->valid |= CTS_SPI_VALID_SYNC_OFFSET;
3834 spi->valid |= CTS_SPI_VALID_SYNC_RATE;
3835 spi->valid |= CTS_SPI_VALID_BUS_WIDTH;
3836 if (dval & DP_WIDE) {
3837 spi->bus_width = MSG_EXT_WDTR_BUS_16_BIT;
3839 spi->bus_width = MSG_EXT_WDTR_BUS_8_BIT;
3841 if (cts->ccb_h.target_lun != CAM_LUN_WILDCARD) {
3842 scsi->valid = CTS_SCSI_VALID_TQ;
3843 if (dval & DP_TQING_ENABLE) {
3844 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB;
3846 spi->valid |= CTS_SPI_VALID_DISC;
3847 if (dval & DP_DISC_ENABLE) {
3848 spi->flags |= CTS_SPI_FLAGS_DISC_ENB;
3852 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3853 "mpt_get_spi_settings[%d]: %s flags 0x%x per 0x%x off=%d\n", tgt,
3854 IS_CURRENT_SETTINGS(cts)? "ACTIVE" : "NVRAM ", dval, pval, oval);
3859 mpt_setwidth(struct mpt_softc *mpt, int tgt, int onoff)
3861 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr;
3863 ptr = &mpt->mpt_dev_page1[tgt];
3865 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_WIDE;
3867 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_WIDE;
3872 mpt_setsync(struct mpt_softc *mpt, int tgt, int period, int offset)
3874 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr;
3876 ptr = &mpt->mpt_dev_page1[tgt];
3877 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK;
3878 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK;
3879 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_DT;
3880 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_QAS;
3881 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_IU;
3885 ptr->RequestedParameters |=
3886 period << MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD;
3887 ptr->RequestedParameters |=
3888 offset << MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET;
3890 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_DT;
3893 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_QAS;
3894 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_IU;
3899 mpt_update_spi_config(struct mpt_softc *mpt, int tgt)
3901 CONFIG_PAGE_SCSI_DEVICE_1 tmp;
3904 mpt_lprt(mpt, MPT_PRT_NEGOTIATION,
3905 "mpt_update_spi_config[%d].page1: Requested Params 0x%08x\n",
3906 tgt, mpt->mpt_dev_page1[tgt].RequestedParameters);
3907 tmp = mpt->mpt_dev_page1[tgt];
3908 rv = mpt_write_cur_cfg_page(mpt, tgt,
3909 &tmp.Header, sizeof(tmp), FALSE, 5000);
3911 mpt_prt(mpt, "mpt_update_spi_config: write cur page failed\n");
3918 mpt_calc_geometry(struct ccb_calc_geometry *ccg, int extended)
3920 #if __FreeBSD_version >= 500000
3921 cam_calc_geometry(ccg, extended);
3924 uint32_t secs_per_cylinder;
3926 if (ccg->block_size == 0) {
3927 ccg->ccb_h.status = CAM_REQ_INVALID;
3930 size_mb = ccg->volume_size / ((1024L * 1024L) / ccg->block_size);
3931 if (size_mb > 1024 && extended) {
3933 ccg->secs_per_track = 63;
3936 ccg->secs_per_track = 32;
3938 secs_per_cylinder = ccg->heads * ccg->secs_per_track;
3939 ccg->cylinders = ccg->volume_size / secs_per_cylinder;
3940 ccg->ccb_h.status = CAM_REQ_CMP;
3944 /****************************** Timeout Recovery ******************************/
3946 mpt_spawn_recovery_thread(struct mpt_softc *mpt)
3950 error = mpt_kthread_create(mpt_recovery_thread, mpt,
3951 &mpt->recovery_thread, /*flags*/0,
3952 /*altstack*/0, "mpt_recovery%d", mpt->unit);
3957 mpt_terminate_recovery_thread(struct mpt_softc *mpt)
3959 if (mpt->recovery_thread == NULL) {
3962 mpt->shutdwn_recovery = 1;
3965 * Sleep on a slightly different location
3966 * for this interlock just for added safety.
3968 mpt_sleep(mpt, &mpt->recovery_thread, PUSER, "thtrm", 0);
3972 mpt_recovery_thread(void *arg)
3974 struct mpt_softc *mpt;
3976 mpt = (struct mpt_softc *)arg;
3979 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
3980 if (mpt->shutdwn_recovery == 0) {
3981 mpt_sleep(mpt, mpt, PUSER, "idle", 0);
3984 if (mpt->shutdwn_recovery != 0) {
3987 mpt_recover_commands(mpt);
3989 mpt->recovery_thread = NULL;
3990 wakeup(&mpt->recovery_thread);
3992 mpt_kthread_exit(0);
3996 mpt_scsi_send_tmf(struct mpt_softc *mpt, u_int type, u_int flags,
3997 u_int channel, u_int target, u_int lun, u_int abort_ctx, int sleep_ok)
3999 MSG_SCSI_TASK_MGMT *tmf_req;
4003 * Wait for any current TMF request to complete.
4004 * We're only allowed to issue one TMF at a time.
4006 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_FREE, REQ_STATE_FREE,
4007 sleep_ok, MPT_TMF_MAX_TIMEOUT);
4009 mpt_reset(mpt, TRUE);
4013 mpt_assign_serno(mpt, mpt->tmf_req);
4014 mpt->tmf_req->state = REQ_STATE_ALLOCATED|REQ_STATE_QUEUED;
4016 tmf_req = (MSG_SCSI_TASK_MGMT *)mpt->tmf_req->req_vbuf;
4017 memset(tmf_req, 0, sizeof(*tmf_req));
4018 tmf_req->TargetID = target;
4019 tmf_req->Bus = channel;
4020 tmf_req->ChainOffset = 0;
4021 tmf_req->Function = MPI_FUNCTION_SCSI_TASK_MGMT;
4022 tmf_req->Reserved = 0;
4023 tmf_req->TaskType = type;
4024 tmf_req->Reserved1 = 0;
4025 tmf_req->MsgFlags = flags;
4026 tmf_req->MsgContext =
4027 htole32(mpt->tmf_req->index | scsi_tmf_handler_id);
4028 memset(&tmf_req->LUN, 0,
4029 sizeof(tmf_req->LUN) + sizeof(tmf_req->Reserved2));
4031 tmf_req->LUN[0] = 0x40 | ((lun >> 8) & 0x3f);
4032 tmf_req->LUN[1] = lun & 0xff;
4034 tmf_req->LUN[1] = lun;
4036 tmf_req->TaskMsgContext = abort_ctx;
4038 mpt_lprt(mpt, MPT_PRT_DEBUG,
4039 "Issuing TMF %p:%u with MsgContext of 0x%x\n", mpt->tmf_req,
4040 mpt->tmf_req->serno, tmf_req->MsgContext);
4041 if (mpt->verbose > MPT_PRT_DEBUG) {
4042 mpt_print_request(tmf_req);
4045 KASSERT(mpt_req_on_pending_list(mpt, mpt->tmf_req) == 0,
4046 ("mpt_scsi_send_tmf: tmf_req already on pending list"));
4047 TAILQ_INSERT_HEAD(&mpt->request_pending_list, mpt->tmf_req, links);
4048 error = mpt_send_handshake_cmd(mpt, sizeof(*tmf_req), tmf_req);
4049 if (error != MPT_OK) {
4050 TAILQ_REMOVE(&mpt->request_pending_list, mpt->tmf_req, links);
4051 mpt->tmf_req->state = REQ_STATE_FREE;
4052 mpt_reset(mpt, TRUE);
4058 * When a command times out, it is placed on the requeust_timeout_list
4059 * and we wake our recovery thread. The MPT-Fusion architecture supports
4060 * only a single TMF operation at a time, so we serially abort/bdr, etc,
4061 * the timedout transactions. The next TMF is issued either by the
4062 * completion handler of the current TMF waking our recovery thread,
4063 * or the TMF timeout handler causing a hard reset sequence.
4066 mpt_recover_commands(struct mpt_softc *mpt)
4072 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
4074 * No work to do- leave.
4076 mpt_prt(mpt, "mpt_recover_commands: no requests.\n");
4081 * Flush any commands whose completion coincides with their timeout.
4085 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) {
4087 * The timedout commands have already
4088 * completed. This typically means
4089 * that either the timeout value was on
4090 * the hairy edge of what the device
4091 * requires or - more likely - interrupts
4092 * are not happening.
4094 mpt_prt(mpt, "Timedout requests already complete. "
4095 "Interrupts may not be functioning.\n");
4096 mpt_enable_ints(mpt);
4101 * We have no visibility into the current state of the
4102 * controller, so attempt to abort the commands in the
4103 * order they timed-out. For initiator commands, we
4104 * depend on the reply handler pulling requests off
4107 while ((req = TAILQ_FIRST(&mpt->request_timeout_list)) != NULL) {
4110 MSG_REQUEST_HEADER *hdrp = req->req_vbuf;
4112 mpt_prt(mpt, "attempting to abort req %p:%u function %x\n",
4113 req, req->serno, hdrp->Function);
4116 mpt_prt(mpt, "null ccb in timed out request. "
4117 "Resetting Controller.\n");
4118 mpt_reset(mpt, TRUE);
4121 mpt_set_ccb_status(ccb, CAM_CMD_TIMEOUT);
4124 * Check to see if this is not an initiator command and
4125 * deal with it differently if it is.
4127 switch (hdrp->Function) {
4128 case MPI_FUNCTION_SCSI_IO_REQUEST:
4129 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
4133 * XXX: FIX ME: need to abort target assists...
4135 mpt_prt(mpt, "just putting it back on the pend q\n");
4136 TAILQ_REMOVE(&mpt->request_timeout_list, req, links);
4137 TAILQ_INSERT_HEAD(&mpt->request_pending_list, req,
4142 error = mpt_scsi_send_tmf(mpt,
4143 MPI_SCSITASKMGMT_TASKTYPE_ABORT_TASK,
4144 0, 0, ccb->ccb_h.target_id, ccb->ccb_h.target_lun,
4145 htole32(req->index | scsi_io_handler_id), TRUE);
4149 * mpt_scsi_send_tmf hard resets on failure, so no
4150 * need to do so here. Our queue should be emptied
4151 * by the hard reset.
4156 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE,
4157 REQ_STATE_DONE, TRUE, 500);
4159 status = mpt->tmf_req->IOCStatus;
4160 response = mpt->tmf_req->ResponseCode;
4161 mpt->tmf_req->state = REQ_STATE_FREE;
4165 * If we've errored out,, reset the controller.
4167 mpt_prt(mpt, "mpt_recover_commands: abort timed-out. "
4168 "Resetting controller\n");
4169 mpt_reset(mpt, TRUE);
4173 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) {
4174 mpt_prt(mpt, "mpt_recover_commands: IOC Status 0x%x. "
4175 "Resetting controller.\n", status);
4176 mpt_reset(mpt, TRUE);
4180 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED &&
4181 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) {
4182 mpt_prt(mpt, "mpt_recover_commands: TMF Response 0x%x. "
4183 "Resetting controller.\n", response);
4184 mpt_reset(mpt, TRUE);
4187 mpt_prt(mpt, "abort of req %p:%u completed\n", req, req->serno);
4191 /************************ Target Mode Support ****************************/
4193 mpt_fc_post_els(struct mpt_softc *mpt, request_t *req, int ioindex)
4195 MSG_LINK_SERVICE_BUFFER_POST_REQUEST *fc;
4196 PTR_SGE_TRANSACTION32 tep;
4197 PTR_SGE_SIMPLE32 se;
4201 paddr = req->req_pbuf;
4202 paddr += MPT_RQSL(mpt);
4205 memset(fc, 0, MPT_REQUEST_AREA);
4206 fc->BufferCount = 1;
4207 fc->Function = MPI_FUNCTION_FC_LINK_SRVC_BUF_POST;
4208 fc->MsgContext = htole32(req->index | fc_els_handler_id);
4211 * Okay, set up ELS buffer pointers. ELS buffer pointers
4212 * consist of a TE SGL element (with details length of zero)
4213 * followe by a SIMPLE SGL element which holds the address
4217 tep = (PTR_SGE_TRANSACTION32) &fc->SGL;
4219 tep->ContextSize = 4;
4221 tep->TransactionContext[0] = htole32(ioindex);
4223 se = (PTR_SGE_SIMPLE32) &tep->TransactionDetails[0];
4225 MPI_SGE_FLAGS_HOST_TO_IOC |
4226 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
4227 MPI_SGE_FLAGS_LAST_ELEMENT |
4228 MPI_SGE_FLAGS_END_OF_LIST |
4229 MPI_SGE_FLAGS_END_OF_BUFFER;
4230 fl <<= MPI_SGE_FLAGS_SHIFT;
4231 fl |= (MPT_NRFM(mpt) - MPT_RQSL(mpt));
4232 se->FlagsLength = htole32(fl);
4233 se->Address = htole32((uint32_t) paddr);
4234 mpt_lprt(mpt, MPT_PRT_DEBUG,
4235 "add ELS index %d ioindex %d for %p:%u\n",
4236 req->index, ioindex, req, req->serno);
4237 KASSERT(((req->state & REQ_STATE_LOCKED) != 0),
4238 ("mpt_fc_post_els: request not locked"));
4239 mpt_send_cmd(mpt, req);
4243 mpt_post_target_command(struct mpt_softc *mpt, request_t *req, int ioindex)
4245 PTR_MSG_TARGET_CMD_BUFFER_POST_REQUEST fc;
4246 PTR_CMD_BUFFER_DESCRIPTOR cb;
4249 paddr = req->req_pbuf;
4250 paddr += MPT_RQSL(mpt);
4251 memset(req->req_vbuf, 0, MPT_REQUEST_AREA);
4252 MPT_TGT_STATE(mpt, req)->state = TGT_STATE_LOADING;
4255 fc->BufferCount = 1;
4256 fc->Function = MPI_FUNCTION_TARGET_CMD_BUFFER_POST;
4257 fc->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4259 cb = &fc->Buffer[0];
4260 cb->IoIndex = htole16(ioindex);
4261 cb->u.PhysicalAddress32 = htole32((U32) paddr);
4263 mpt_check_doorbell(mpt);
4264 mpt_send_cmd(mpt, req);
4268 mpt_add_els_buffers(struct mpt_softc *mpt)
4272 if (mpt->is_fc == 0) {
4276 if (mpt->els_cmds_allocated) {
4280 mpt->els_cmd_ptrs = malloc(MPT_MAX_ELS * sizeof (request_t *),
4281 M_DEVBUF, M_NOWAIT | M_ZERO);
4283 if (mpt->els_cmd_ptrs == NULL) {
4288 * Feed the chip some ELS buffer resources
4290 for (i = 0; i < MPT_MAX_ELS; i++) {
4291 request_t *req = mpt_get_request(mpt, FALSE);
4295 req->state |= REQ_STATE_LOCKED;
4296 mpt->els_cmd_ptrs[i] = req;
4297 mpt_fc_post_els(mpt, req, i);
4301 mpt_prt(mpt, "unable to add ELS buffer resources\n");
4302 free(mpt->els_cmd_ptrs, M_DEVBUF);
4303 mpt->els_cmd_ptrs = NULL;
4306 if (i != MPT_MAX_ELS) {
4307 mpt_lprt(mpt, MPT_PRT_INFO,
4308 "only added %d of %d ELS buffers\n", i, MPT_MAX_ELS);
4310 mpt->els_cmds_allocated = i;
4315 mpt_add_target_commands(struct mpt_softc *mpt)
4319 if (mpt->tgt_cmd_ptrs) {
4323 max = MPT_MAX_REQUESTS(mpt) >> 1;
4324 if (max > mpt->mpt_max_tgtcmds) {
4325 max = mpt->mpt_max_tgtcmds;
4328 malloc(max * sizeof (request_t *), M_DEVBUF, M_NOWAIT | M_ZERO);
4329 if (mpt->tgt_cmd_ptrs == NULL) {
4331 "mpt_add_target_commands: could not allocate cmd ptrs\n");
4335 for (i = 0; i < max; i++) {
4338 req = mpt_get_request(mpt, FALSE);
4342 req->state |= REQ_STATE_LOCKED;
4343 mpt->tgt_cmd_ptrs[i] = req;
4344 mpt_post_target_command(mpt, req, i);
4349 mpt_lprt(mpt, MPT_PRT_ERROR, "could not add any target bufs\n");
4350 free(mpt->tgt_cmd_ptrs, M_DEVBUF);
4351 mpt->tgt_cmd_ptrs = NULL;
4355 mpt->tgt_cmds_allocated = i;
4358 mpt_lprt(mpt, MPT_PRT_INFO,
4359 "added %d of %d target bufs\n", i, max);
4365 mpt_enable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun)
4367 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) {
4369 } else if (lun >= MPT_MAX_LUNS) {
4371 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) {
4374 if (mpt->tenabled == 0) {
4376 (void) mpt_fc_reset_link(mpt, 0);
4380 if (lun == CAM_LUN_WILDCARD) {
4381 mpt->trt_wildcard.enabled = 1;
4383 mpt->trt[lun].enabled = 1;
4389 mpt_disable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun)
4392 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) {
4394 } else if (lun >= MPT_MAX_LUNS) {
4396 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) {
4399 if (lun == CAM_LUN_WILDCARD) {
4400 mpt->trt_wildcard.enabled = 0;
4402 mpt->trt[lun].enabled = 0;
4404 for (i = 0; i < MPT_MAX_LUNS; i++) {
4405 if (mpt->trt[lun].enabled) {
4409 if (i == MPT_MAX_LUNS && mpt->twildcard == 0) {
4411 (void) mpt_fc_reset_link(mpt, 0);
4419 * Called with MPT lock held
4422 mpt_target_start_io(struct mpt_softc *mpt, union ccb *ccb)
4424 struct ccb_scsiio *csio = &ccb->csio;
4425 request_t *cmd_req = MPT_TAG_2_REQ(mpt, csio->tag_id);
4426 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req);
4428 switch (tgt->state) {
4429 case TGT_STATE_IN_CAM:
4431 case TGT_STATE_MOVING_DATA:
4432 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4433 xpt_freeze_simq(mpt->sim, 1);
4434 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4435 tgt->ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
4436 MPTLOCK_2_CAMLOCK(mpt);
4438 CAMLOCK_2_MPTLOCK(mpt);
4441 mpt_prt(mpt, "ccb %p flags 0x%x tag 0x%08x had bad request "
4442 "starting I/O\n", ccb, csio->ccb_h.flags, csio->tag_id);
4443 mpt_tgt_dump_req_state(mpt, cmd_req);
4444 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR);
4445 MPTLOCK_2_CAMLOCK(mpt);
4447 CAMLOCK_2_MPTLOCK(mpt);
4451 if (csio->dxfer_len) {
4452 bus_dmamap_callback_t *cb;
4453 PTR_MSG_TARGET_ASSIST_REQUEST ta;
4456 KASSERT((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE,
4457 ("dxfer_len %u but direction is NONE\n", csio->dxfer_len));
4459 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4460 if (mpt->outofbeer == 0) {
4462 xpt_freeze_simq(mpt->sim, 1);
4463 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
4465 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4466 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4467 MPTLOCK_2_CAMLOCK(mpt);
4469 CAMLOCK_2_MPTLOCK(mpt);
4472 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG;
4473 if (sizeof (bus_addr_t) > 4) {
4474 cb = mpt_execute_req_a64;
4476 cb = mpt_execute_req;
4480 ccb->ccb_h.ccb_req_ptr = req;
4483 * Record the currently active ccb and the
4484 * request for it in our target state area.
4489 memset(req->req_vbuf, 0, MPT_RQSL(mpt));
4493 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp =
4495 ta->QueueTag = ssp->InitiatorTag;
4496 } else if (mpt->is_spi) {
4497 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp =
4499 ta->QueueTag = sp->Tag;
4501 ta->Function = MPI_FUNCTION_TARGET_ASSIST;
4502 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4503 ta->ReplyWord = htole32(tgt->reply_desc);
4504 if (csio->ccb_h.target_lun > 256) {
4506 0x40 | ((csio->ccb_h.target_lun >> 8) & 0x3f);
4507 ta->LUN[1] = csio->ccb_h.target_lun & 0xff;
4509 ta->LUN[1] = csio->ccb_h.target_lun;
4512 ta->RelativeOffset = tgt->bytes_xfered;
4513 ta->DataLength = ccb->csio.dxfer_len;
4514 if (ta->DataLength > tgt->resid) {
4515 ta->DataLength = tgt->resid;
4519 * XXX Should be done after data transfer completes?
4521 tgt->resid -= csio->dxfer_len;
4522 tgt->bytes_xfered += csio->dxfer_len;
4524 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) {
4525 ta->TargetAssistFlags |=
4526 TARGET_ASSIST_FLAGS_DATA_DIRECTION;
4529 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4530 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) &&
4531 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) {
4532 ta->TargetAssistFlags |=
4533 TARGET_ASSIST_FLAGS_AUTO_STATUS;
4536 tgt->state = TGT_STATE_SETTING_UP_FOR_DATA;
4538 mpt_lprt(mpt, MPT_PRT_DEBUG,
4539 "DATA_CCB %p tag %x %u bytes %u resid flg %x req %p:%u "
4540 "nxtstate=%d\n", csio, csio->tag_id, csio->dxfer_len,
4541 tgt->resid, ccb->ccb_h.flags, req, req->serno, tgt->state);
4543 MPTLOCK_2_CAMLOCK(mpt);
4544 if ((ccb->ccb_h.flags & CAM_SCATTER_VALID) == 0) {
4545 if ((ccb->ccb_h.flags & CAM_DATA_PHYS) == 0) {
4547 int s = splsoftvm();
4548 error = bus_dmamap_load(mpt->buffer_dmat,
4549 req->dmap, csio->data_ptr, csio->dxfer_len,
4552 if (error == EINPROGRESS) {
4553 xpt_freeze_simq(mpt->sim, 1);
4554 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
4558 * We have been given a pointer to single
4561 struct bus_dma_segment seg;
4562 seg.ds_addr = (bus_addr_t)
4563 (vm_offset_t)csio->data_ptr;
4564 seg.ds_len = csio->dxfer_len;
4565 (*cb)(req, &seg, 1, 0);
4569 * We have been given a list of addresses.
4570 * This case could be easily supported but they are not
4571 * currently generated by the CAM subsystem so there
4572 * is no point in wasting the time right now.
4574 struct bus_dma_segment *sgs;
4575 if ((ccb->ccb_h.flags & CAM_SG_LIST_PHYS) == 0) {
4576 (*cb)(req, NULL, 0, EFAULT);
4578 /* Just use the segments provided */
4579 sgs = (struct bus_dma_segment *)csio->data_ptr;
4580 (*cb)(req, sgs, csio->sglist_cnt, 0);
4583 CAMLOCK_2_MPTLOCK(mpt);
4585 uint8_t *sp = NULL, sense[MPT_SENSE_SIZE];
4588 * XXX: I don't know why this seems to happen, but
4589 * XXX: completing the CCB seems to make things happy.
4590 * XXX: This seems to happen if the initiator requests
4591 * XXX: enough data that we have to do multiple CTIOs.
4593 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) {
4594 mpt_lprt(mpt, MPT_PRT_DEBUG,
4595 "Meaningless STATUS CCB (%p): flags %x status %x "
4596 "resid %d bytes_xfered %u\n", ccb, ccb->ccb_h.flags,
4597 ccb->ccb_h.status, tgt->resid, tgt->bytes_xfered);
4598 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
4599 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4600 MPTLOCK_2_CAMLOCK(mpt);
4602 CAMLOCK_2_MPTLOCK(mpt);
4605 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
4607 memcpy(sp, &csio->sense_data,
4608 min(csio->sense_len, MPT_SENSE_SIZE));
4610 mpt_scsi_tgt_status(mpt, ccb, cmd_req, csio->scsi_status, sp);
4615 mpt_scsi_tgt_local(struct mpt_softc *mpt, request_t *cmd_req,
4616 uint32_t lun, int send, uint8_t *data, size_t length)
4618 mpt_tgt_state_t *tgt;
4619 PTR_MSG_TARGET_ASSIST_REQUEST ta;
4627 * We enter with resid set to the data load for the command.
4629 tgt = MPT_TGT_STATE(mpt, cmd_req);
4630 if (length == 0 || tgt->resid == 0) {
4632 mpt_scsi_tgt_status(mpt, NULL, cmd_req, 0, NULL);
4636 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4637 mpt_prt(mpt, "out of resources- dropping local response\n");
4643 memset(req->req_vbuf, 0, MPT_RQSL(mpt));
4647 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp = cmd_req->req_vbuf;
4648 ta->QueueTag = ssp->InitiatorTag;
4649 } else if (mpt->is_spi) {
4650 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp = cmd_req->req_vbuf;
4651 ta->QueueTag = sp->Tag;
4653 ta->Function = MPI_FUNCTION_TARGET_ASSIST;
4654 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4655 ta->ReplyWord = htole32(tgt->reply_desc);
4657 ta->LUN[0] = 0x40 | ((lun >> 8) & 0x3f);
4658 ta->LUN[1] = lun & 0xff;
4662 ta->RelativeOffset = 0;
4663 ta->DataLength = length;
4665 dptr = req->req_vbuf;
4666 dptr += MPT_RQSL(mpt);
4667 pptr = req->req_pbuf;
4668 pptr += MPT_RQSL(mpt);
4669 memcpy(dptr, data, min(length, MPT_RQSL(mpt)));
4671 se = (SGE_SIMPLE32 *) &ta->SGL[0];
4672 memset(se, 0,sizeof (*se));
4674 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT;
4676 ta->TargetAssistFlags |= TARGET_ASSIST_FLAGS_DATA_DIRECTION;
4677 flags |= MPI_SGE_FLAGS_HOST_TO_IOC;
4680 MPI_pSGE_SET_LENGTH(se, length);
4681 flags |= MPI_SGE_FLAGS_LAST_ELEMENT;
4682 flags |= MPI_SGE_FLAGS_END_OF_LIST | MPI_SGE_FLAGS_END_OF_BUFFER;
4683 MPI_pSGE_SET_FLAGS(se, flags);
4687 tgt->resid -= length;
4688 tgt->bytes_xfered = length;
4689 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4690 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS;
4692 tgt->state = TGT_STATE_MOVING_DATA;
4694 mpt_send_cmd(mpt, req);
4698 * Abort queued up CCBs
4701 mpt_abort_target_ccb(struct mpt_softc *mpt, union ccb *ccb)
4703 struct mpt_hdr_stailq *lp;
4704 struct ccb_hdr *srch;
4706 union ccb *accb = ccb->cab.abort_ccb;
4707 tgt_resource_t *trtp;
4709 mpt_lprt(mpt, MPT_PRT_DEBUG, "aborting ccb %p\n", accb);
4711 if (ccb->ccb_h.target_lun == CAM_LUN_WILDCARD) {
4712 trtp = &mpt->trt_wildcard;
4714 trtp = &mpt->trt[ccb->ccb_h.target_lun];
4717 if (accb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) {
4719 } else if (accb->ccb_h.func_code == XPT_IMMED_NOTIFY) {
4722 return (CAM_REQ_INVALID);
4725 STAILQ_FOREACH(srch, lp, sim_links.stqe) {
4726 if (srch == &accb->ccb_h) {
4728 STAILQ_REMOVE(lp, srch, ccb_hdr, sim_links.stqe);
4733 accb->ccb_h.status = CAM_REQ_ABORTED;
4735 return (CAM_REQ_CMP);
4737 mpt_prt(mpt, "mpt_abort_tgt_ccb: CCB %p not found\n", ccb);
4738 return (CAM_PATH_INVALID);
4742 * Ask the MPT to abort the current target command
4745 mpt_abort_target_cmd(struct mpt_softc *mpt, request_t *cmd_req)
4749 PTR_MSG_TARGET_MODE_ABORT abtp;
4751 req = mpt_get_request(mpt, FALSE);
4755 abtp = req->req_vbuf;
4756 memset(abtp, 0, sizeof (*abtp));
4758 abtp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4759 abtp->AbortType = TARGET_MODE_ABORT_TYPE_EXACT_IO;
4760 abtp->Function = MPI_FUNCTION_TARGET_MODE_ABORT;
4761 abtp->ReplyWord = htole32(MPT_TGT_STATE(mpt, cmd_req)->reply_desc);
4763 if (mpt->is_fc || mpt->is_sas) {
4764 mpt_send_cmd(mpt, req);
4766 error = mpt_send_handshake_cmd(mpt, sizeof(*req), req);
4772 * WE_TRUST_AUTO_GOOD_STATUS- I've found that setting
4773 * TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS leads the
4774 * FC929 to set bogus FC_RSP fields (nonzero residuals
4775 * but w/o RESID fields set). This causes QLogic initiators
4776 * to think maybe that a frame was lost.
4778 * WE_CAN_USE_AUTO_REPOST- we can't use AUTO_REPOST because
4779 * we use allocated requests to do TARGET_ASSIST and we
4780 * need to know when to release them.
4784 mpt_scsi_tgt_status(struct mpt_softc *mpt, union ccb *ccb, request_t *cmd_req,
4785 uint8_t status, uint8_t const *sense_data)
4788 mpt_tgt_state_t *tgt;
4789 PTR_MSG_TARGET_STATUS_SEND_REQUEST tp;
4795 cmd_vbuf = cmd_req->req_vbuf;
4796 cmd_vbuf += MPT_RQSL(mpt);
4797 tgt = MPT_TGT_STATE(mpt, cmd_req);
4799 if ((req = mpt_get_request(mpt, FALSE)) == NULL) {
4800 if (mpt->outofbeer == 0) {
4802 xpt_freeze_simq(mpt->sim, 1);
4803 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n");
4806 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
4807 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ);
4808 MPTLOCK_2_CAMLOCK(mpt);
4810 CAMLOCK_2_MPTLOCK(mpt);
4813 "could not allocate status request- dropping\n");
4819 ccb->ccb_h.ccb_mpt_ptr = mpt;
4820 ccb->ccb_h.ccb_req_ptr = req;
4824 * Record the currently active ccb, if any, and the
4825 * request for it in our target state area.
4829 tgt->state = TGT_STATE_SENDING_STATUS;
4832 paddr = req->req_pbuf;
4833 paddr += MPT_RQSL(mpt);
4835 memset(tp, 0, sizeof (*tp));
4836 tp->Function = MPI_FUNCTION_TARGET_STATUS_SEND;
4838 PTR_MPI_TARGET_FCP_CMD_BUFFER fc =
4839 (PTR_MPI_TARGET_FCP_CMD_BUFFER) cmd_vbuf;
4843 sts_vbuf = req->req_vbuf;
4844 sts_vbuf += MPT_RQSL(mpt);
4845 rsp = (uint32_t *) sts_vbuf;
4846 memcpy(tp->LUN, fc->FcpLun, sizeof (tp->LUN));
4849 * The MPI_TARGET_FCP_RSP_BUFFER define is unfortunate.
4850 * It has to be big-endian in memory and is organized
4851 * in 32 bit words, which are much easier to deal with
4852 * as words which are swizzled as needed.
4854 * All we're filling here is the FC_RSP payload.
4855 * We may just have the chip synthesize it if
4856 * we have no residual and an OK status.
4859 memset(rsp, 0, sizeof (MPI_TARGET_FCP_RSP_BUFFER));
4863 rsp[2] |= 0x800; /* XXXX NEED MNEMONIC!!!! */
4864 rsp[3] = htobe32(tgt->resid);
4865 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4866 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4869 if (status == SCSI_STATUS_CHECK_COND) {
4872 rsp[2] |= 0x200; /* XXXX NEED MNEMONIC!!!! */
4873 rsp[4] = htobe32(MPT_SENSE_SIZE);
4875 memcpy(&rsp[8], sense_data, MPT_SENSE_SIZE);
4877 mpt_prt(mpt, "mpt_scsi_tgt_status: CHECK CONDI"
4878 "TION but no sense data?\n");
4879 memset(&rsp, 0, MPT_SENSE_SIZE);
4881 for (i = 8; i < (8 + (MPT_SENSE_SIZE >> 2)); i++) {
4882 rsp[i] = htobe32(rsp[i]);
4884 #ifdef WE_TRUST_AUTO_GOOD_STATUS
4885 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4888 #ifndef WE_TRUST_AUTO_GOOD_STATUS
4889 resplen = sizeof (MPI_TARGET_FCP_RSP_BUFFER);
4891 rsp[2] = htobe32(rsp[2]);
4892 } else if (mpt->is_sas) {
4893 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp =
4894 (PTR_MPI_TARGET_SSP_CMD_BUFFER) cmd_vbuf;
4895 memcpy(tp->LUN, ssp->LogicalUnitNumber, sizeof (tp->LUN));
4897 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp =
4898 (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) cmd_vbuf;
4899 tp->StatusCode = status;
4900 tp->QueueTag = htole16(sp->Tag);
4901 memcpy(tp->LUN, sp->LogicalUnitNumber, sizeof (tp->LUN));
4904 tp->ReplyWord = htole32(tgt->reply_desc);
4905 tp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id);
4907 #ifdef WE_CAN_USE_AUTO_REPOST
4908 tp->MsgFlags = TARGET_STATUS_SEND_FLAGS_REPOST_CMD_BUFFER;
4910 if (status == SCSI_STATUS_OK && resplen == 0) {
4911 tp->MsgFlags |= TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS;
4913 tp->StatusDataSGE.u.Address32 = htole32((uint32_t) paddr);
4915 MPI_SGE_FLAGS_HOST_TO_IOC |
4916 MPI_SGE_FLAGS_SIMPLE_ELEMENT |
4917 MPI_SGE_FLAGS_LAST_ELEMENT |
4918 MPI_SGE_FLAGS_END_OF_LIST |
4919 MPI_SGE_FLAGS_END_OF_BUFFER;
4920 fl <<= MPI_SGE_FLAGS_SHIFT;
4922 tp->StatusDataSGE.FlagsLength = htole32(fl);
4925 mpt_lprt(mpt, MPT_PRT_DEBUG,
4926 "STATUS_CCB %p (wit%s sense) tag %x req %p:%u resid %u\n",
4927 ccb, sense_data?"h" : "hout", ccb? ccb->csio.tag_id : -1, req,
4928 req->serno, tgt->resid);
4930 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG;
4931 mpt_req_timeout(req, 60 * hz, mpt_timeout, ccb);
4933 mpt_send_cmd(mpt, req);
4937 mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *mpt, request_t *req, mpt_task_mgmt_t fc,
4938 tgt_resource_t *trtp, int init_id)
4940 struct ccb_immed_notify *inot;
4941 mpt_tgt_state_t *tgt;
4943 tgt = MPT_TGT_STATE(mpt, req);
4944 inot = (struct ccb_immed_notify *) STAILQ_FIRST(&trtp->inots);
4946 mpt_lprt(mpt, MPT_PRT_WARN, "no INOTSs- sending back BSY\n");
4947 mpt_scsi_tgt_status(mpt, NULL, req, SCSI_STATUS_BUSY, NULL);
4950 STAILQ_REMOVE_HEAD(&trtp->inots, sim_links.stqe);
4951 mpt_lprt(mpt, MPT_PRT_DEBUG1,
4952 "Get FREE INOT %p lun %d\n", inot, inot->ccb_h.target_lun);
4954 memset(&inot->sense_data, 0, sizeof (inot->sense_data));
4955 inot->sense_len = 0;
4956 memset(inot->message_args, 0, sizeof (inot->message_args));
4957 inot->initiator_id = init_id; /* XXX */
4960 * This is a somewhat grotesque attempt to map from task management
4961 * to old style SCSI messages. God help us all.
4964 case MPT_ABORT_TASK_SET:
4965 inot->message_args[0] = MSG_ABORT_TAG;
4967 case MPT_CLEAR_TASK_SET:
4968 inot->message_args[0] = MSG_CLEAR_TASK_SET;
4970 case MPT_TARGET_RESET:
4971 inot->message_args[0] = MSG_TARGET_RESET;
4974 inot->message_args[0] = MSG_CLEAR_ACA;
4976 case MPT_TERMINATE_TASK:
4977 inot->message_args[0] = MSG_ABORT_TAG;
4980 inot->message_args[0] = MSG_NOOP;
4983 tgt->ccb = (union ccb *) inot;
4984 inot->ccb_h.status = CAM_MESSAGE_RECV|CAM_DEV_QFRZN;
4985 MPTLOCK_2_CAMLOCK(mpt);
4986 xpt_done((union ccb *)inot);
4987 CAMLOCK_2_MPTLOCK(mpt);
4991 mpt_scsi_tgt_atio(struct mpt_softc *mpt, request_t *req, uint32_t reply_desc)
4993 static uint8_t null_iqd[SHORT_INQUIRY_LENGTH] = {
4994 0x7f, 0x00, 0x02, 0x02, 0x20, 0x00, 0x00, 0x32,
4995 'F', 'R', 'E', 'E', 'B', 'S', 'D', ' ',
4996 'L', 'S', 'I', '-', 'L', 'O', 'G', 'I',
4997 'C', ' ', 'N', 'U', 'L', 'D', 'E', 'V',
5000 struct ccb_accept_tio *atiop;
5003 mpt_tgt_state_t *tgt;
5004 tgt_resource_t *trtp = NULL;
5009 mpt_task_mgmt_t fct = MPT_NIL_TMT_VALUE;
5013 * First, DMA sync the received command-
5014 * which is in the *request* * phys area.
5016 * XXX: We could optimize this for a range
5018 bus_dmamap_sync(mpt->request_dmat, mpt->request_dmap,
5019 BUS_DMASYNC_POSTREAD);
5022 * Stash info for the current command where we can get at it later.
5024 vbuf = req->req_vbuf;
5025 vbuf += MPT_RQSL(mpt);
5028 * Get our state pointer set up.
5030 tgt = MPT_TGT_STATE(mpt, req);
5031 if (tgt->state != TGT_STATE_LOADED) {
5032 mpt_tgt_dump_req_state(mpt, req);
5033 panic("bad target state in mpt_scsi_tgt_atio");
5035 memset(tgt, 0, sizeof (mpt_tgt_state_t));
5036 tgt->state = TGT_STATE_IN_CAM;
5037 tgt->reply_desc = reply_desc;
5038 ioindex = GET_IO_INDEX(reply_desc);
5039 if (mpt->verbose >= MPT_PRT_DEBUG) {
5040 mpt_dump_data(mpt, "mpt_scsi_tgt_atio response", vbuf,
5041 max(sizeof (MPI_TARGET_FCP_CMD_BUFFER),
5042 max(sizeof (MPI_TARGET_SSP_CMD_BUFFER),
5043 sizeof (MPI_TARGET_SCSI_SPI_CMD_BUFFER))));
5046 PTR_MPI_TARGET_FCP_CMD_BUFFER fc;
5047 fc = (PTR_MPI_TARGET_FCP_CMD_BUFFER) vbuf;
5048 if (fc->FcpCntl[2]) {
5050 * Task Management Request
5052 switch (fc->FcpCntl[2]) {
5054 fct = MPT_ABORT_TASK_SET;
5057 fct = MPT_CLEAR_TASK_SET;
5060 fct = MPT_TARGET_RESET;
5063 fct = MPT_CLEAR_ACA;
5066 fct = MPT_TERMINATE_TASK;
5069 mpt_prt(mpt, "CORRUPTED TASK MGMT BITS: 0x%x\n",
5071 mpt_scsi_tgt_status(mpt, 0, req,
5076 switch (fc->FcpCntl[1]) {
5078 tag_action = MSG_SIMPLE_Q_TAG;
5081 tag_action = MSG_HEAD_OF_Q_TAG;
5084 tag_action = MSG_ORDERED_Q_TAG;
5088 * Bah. Ignore Untagged Queing and ACA
5090 tag_action = MSG_SIMPLE_Q_TAG;
5094 tgt->resid = be32toh(fc->FcpDl);
5096 lunptr = fc->FcpLun;
5097 itag = be16toh(fc->OptionalOxid);
5098 } else if (mpt->is_sas) {
5099 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp;
5100 ssp = (PTR_MPI_TARGET_SSP_CMD_BUFFER) vbuf;
5102 lunptr = ssp->LogicalUnitNumber;
5103 itag = ssp->InitiatorTag;
5105 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp;
5106 sp = (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) vbuf;
5108 lunptr = sp->LogicalUnitNumber;
5113 * Generate a simple lun
5115 switch (lunptr[0] & 0xc0) {
5117 lun = ((lunptr[0] & 0x3f) << 8) | lunptr[1];
5123 mpt_lprt(mpt, MPT_PRT_ERROR, "cannot handle this type lun\n");
5129 * Deal with non-enabled or bad luns here.
5131 if (lun >= MPT_MAX_LUNS || mpt->tenabled == 0 ||
5132 mpt->trt[lun].enabled == 0) {
5133 if (mpt->twildcard) {
5134 trtp = &mpt->trt_wildcard;
5135 } else if (fct == MPT_NIL_TMT_VALUE) {
5137 * In this case, we haven't got an upstream listener
5138 * for either a specific lun or wildcard luns. We
5139 * have to make some sensible response. For regular
5140 * inquiry, just return some NOT HERE inquiry data.
5141 * For VPD inquiry, report illegal field in cdb.
5142 * For REQUEST SENSE, just return NO SENSE data.
5143 * REPORT LUNS gets illegal command.
5144 * All other commands get 'no such device'.
5146 uint8_t *sp, cond, buf[MPT_SENSE_SIZE];
5149 memset(buf, 0, MPT_SENSE_SIZE);
5150 cond = SCSI_STATUS_CHECK_COND;
5155 tgt->tag_id = MPT_MAKE_TAGID(mpt, req, ioindex);
5165 len = min(tgt->resid, cdbp[4]);
5166 len = min(len, sizeof (null_iqd));
5167 mpt_lprt(mpt, MPT_PRT_DEBUG,
5168 "local inquiry %ld bytes\n", (long) len);
5169 mpt_scsi_tgt_local(mpt, req, lun, 1,
5176 len = min(tgt->resid, cdbp[4]);
5177 len = min(len, sizeof (buf));
5178 mpt_lprt(mpt, MPT_PRT_DEBUG,
5179 "local reqsense %ld bytes\n", (long) len);
5180 mpt_scsi_tgt_local(mpt, req, lun, 1,
5185 mpt_lprt(mpt, MPT_PRT_DEBUG, "REPORT LUNS\n");
5189 mpt_lprt(mpt, MPT_PRT_DEBUG,
5190 "CMD 0x%x to unmanaged lun %u\n",
5195 mpt_scsi_tgt_status(mpt, NULL, req, cond, sp);
5198 /* otherwise, leave trtp NULL */
5200 trtp = &mpt->trt[lun];
5204 * Deal with any task management
5206 if (fct != MPT_NIL_TMT_VALUE) {
5208 mpt_prt(mpt, "task mgmt function %x but no listener\n",
5210 mpt_scsi_tgt_status(mpt, 0, req,
5213 mpt_scsi_tgt_tsk_mgmt(mpt, req, fct, trtp,
5214 GET_INITIATOR_INDEX(reply_desc));
5220 atiop = (struct ccb_accept_tio *) STAILQ_FIRST(&trtp->atios);
5221 if (atiop == NULL) {
5222 mpt_lprt(mpt, MPT_PRT_WARN,
5223 "no ATIOs for lun %u- sending back %s\n", lun,
5224 mpt->tenabled? "QUEUE FULL" : "BUSY");
5225 mpt_scsi_tgt_status(mpt, NULL, req,
5226 mpt->tenabled? SCSI_STATUS_QUEUE_FULL : SCSI_STATUS_BUSY,
5230 STAILQ_REMOVE_HEAD(&trtp->atios, sim_links.stqe);
5231 mpt_lprt(mpt, MPT_PRT_DEBUG1,
5232 "Get FREE ATIO %p lun %d\n", atiop, atiop->ccb_h.target_lun);
5233 atiop->ccb_h.ccb_mpt_ptr = mpt;
5234 atiop->ccb_h.status = CAM_CDB_RECVD;
5235 atiop->ccb_h.target_lun = lun;
5236 atiop->sense_len = 0;
5237 atiop->init_id = GET_INITIATOR_INDEX(reply_desc);
5238 atiop->cdb_len = mpt_cdblen(cdbp[0], 16);
5239 memcpy(atiop->cdb_io.cdb_bytes, cdbp, atiop->cdb_len);
5242 * The tag we construct here allows us to find the
5243 * original request that the command came in with.
5245 * This way we don't have to depend on anything but the
5246 * tag to find things when CCBs show back up from CAM.
5248 atiop->tag_id = MPT_MAKE_TAGID(mpt, req, ioindex);
5249 tgt->tag_id = atiop->tag_id;
5251 atiop->tag_action = tag_action;
5252 atiop->ccb_h.flags = CAM_TAG_ACTION_VALID;
5254 if (mpt->verbose >= MPT_PRT_DEBUG) {
5256 mpt_prt(mpt, "START_CCB %p for lun %u CDB=<", atiop,
5257 atiop->ccb_h.target_lun);
5258 for (i = 0; i < atiop->cdb_len; i++) {
5259 mpt_prtc(mpt, "%02x%c", cdbp[i] & 0xff,
5260 (i == (atiop->cdb_len - 1))? '>' : ' ');
5262 mpt_prtc(mpt, " itag %x tag %x rdesc %x dl=%u\n",
5263 itag, atiop->tag_id, tgt->reply_desc, tgt->resid);
5266 MPTLOCK_2_CAMLOCK(mpt);
5267 xpt_done((union ccb *)atiop);
5268 CAMLOCK_2_MPTLOCK(mpt);
5272 mpt_tgt_dump_tgt_state(struct mpt_softc *mpt, request_t *req)
5274 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req);
5276 mpt_prt(mpt, "req %p:%u tgt:rdesc 0x%x resid %u xfrd %u ccb %p treq %p "
5277 "nx %d tag 0x%08x state=%d\n", req, req->serno, tgt->reply_desc,
5278 tgt->resid, tgt->bytes_xfered, tgt->ccb, tgt->req, tgt->nxfers,
5279 tgt->tag_id, tgt->state);
5283 mpt_tgt_dump_req_state(struct mpt_softc *mpt, request_t *req)
5285 mpt_prt(mpt, "req %p:%u index %u (%x) state %x\n", req, req->serno,
5286 req->index, req->index, req->state);
5287 mpt_tgt_dump_tgt_state(mpt, req);
5291 mpt_scsi_tgt_reply_handler(struct mpt_softc *mpt, request_t *req,
5292 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame)
5298 if (reply_frame == NULL) {
5300 * Figure out what the state of the command is.
5302 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req);
5305 mpt_req_spcl(mpt, req, "turbo scsi_tgt_reply", __LINE__);
5307 mpt_req_not_spcl(mpt, tgt->req,
5308 "turbo scsi_tgt_reply associated req", __LINE__);
5311 switch(tgt->state) {
5312 case TGT_STATE_LOADED:
5314 * This is a new command starting.
5316 mpt_scsi_tgt_atio(mpt, req, reply_desc);
5318 case TGT_STATE_MOVING_DATA:
5320 uint8_t *sp = NULL, sense[MPT_SENSE_SIZE];
5323 if (tgt->req == NULL) {
5324 panic("mpt: turbo target reply with null "
5325 "associated request moving data");
5329 if (tgt->is_local == 0) {
5330 panic("mpt: turbo target reply with "
5331 "null associated ccb moving data");
5334 mpt_lprt(mpt, MPT_PRT_DEBUG,
5335 "TARGET_ASSIST local done\n");
5336 TAILQ_REMOVE(&mpt->request_pending_list,
5338 mpt_free_request(mpt, tgt->req);
5340 mpt_scsi_tgt_status(mpt, NULL, req,
5346 mpt_req_untimeout(req, mpt_timeout, ccb);
5347 mpt_lprt(mpt, MPT_PRT_DEBUG,
5348 "TARGET_ASSIST %p (req %p:%u) done tag 0x%x\n",
5349 ccb, tgt->req, tgt->req->serno, ccb->csio.tag_id);
5351 * Free the Target Assist Request
5353 KASSERT(tgt->req->ccb == ccb,
5354 ("tgt->req %p:%u tgt->req->ccb %p", tgt->req,
5355 tgt->req->serno, tgt->req->ccb));
5356 TAILQ_REMOVE(&mpt->request_pending_list,
5358 mpt_free_request(mpt, tgt->req);
5362 * Do we need to send status now? That is, are
5363 * we done with all our data transfers?
5365 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) {
5366 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
5367 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
5368 KASSERT(ccb->ccb_h.status,
5369 ("zero ccb sts at %d\n", __LINE__));
5370 tgt->state = TGT_STATE_IN_CAM;
5371 if (mpt->outofbeer) {
5372 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
5374 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
5376 MPTLOCK_2_CAMLOCK(mpt);
5378 CAMLOCK_2_MPTLOCK(mpt);
5382 * Otherwise, send status (and sense)
5384 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
5386 memcpy(sp, &ccb->csio.sense_data,
5387 min(ccb->csio.sense_len, MPT_SENSE_SIZE));
5389 mpt_scsi_tgt_status(mpt, ccb, req,
5390 ccb->csio.scsi_status, sp);
5393 case TGT_STATE_SENDING_STATUS:
5394 case TGT_STATE_MOVING_DATA_AND_STATUS:
5399 if (tgt->req == NULL) {
5400 panic("mpt: turbo target reply with null "
5401 "associated request sending status");
5408 TGT_STATE_MOVING_DATA_AND_STATUS) {
5411 mpt_req_untimeout(req, mpt_timeout, ccb);
5412 if (ccb->ccb_h.flags & CAM_SEND_SENSE) {
5413 ccb->ccb_h.status |= CAM_SENT_SENSE;
5415 mpt_lprt(mpt, MPT_PRT_DEBUG,
5416 "TARGET_STATUS tag %x sts %x flgs %x req "
5417 "%p\n", ccb->csio.tag_id, ccb->ccb_h.status,
5418 ccb->ccb_h.flags, tgt->req);
5420 * Free the Target Send Status Request
5422 KASSERT(tgt->req->ccb == ccb,
5423 ("tgt->req %p:%u tgt->req->ccb %p",
5424 tgt->req, tgt->req->serno, tgt->req->ccb));
5426 * Notify CAM that we're done
5428 mpt_set_ccb_status(ccb, CAM_REQ_CMP);
5429 ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
5430 KASSERT(ccb->ccb_h.status,
5431 ("ZERO ccb sts at %d\n", __LINE__));
5434 mpt_lprt(mpt, MPT_PRT_DEBUG,
5435 "TARGET_STATUS non-CAM for req %p:%u\n",
5436 tgt->req, tgt->req->serno);
5438 TAILQ_REMOVE(&mpt->request_pending_list,
5440 mpt_free_request(mpt, tgt->req);
5444 * And re-post the Command Buffer.
5445 * This will reset the state.
5447 ioindex = GET_IO_INDEX(reply_desc);
5448 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5450 mpt_post_target_command(mpt, req, ioindex);
5453 * And post a done for anyone who cares
5456 if (mpt->outofbeer) {
5457 ccb->ccb_h.status |= CAM_RELEASE_SIMQ;
5459 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n");
5461 MPTLOCK_2_CAMLOCK(mpt);
5463 CAMLOCK_2_MPTLOCK(mpt);
5467 case TGT_STATE_NIL: /* XXX This Never Happens XXX */
5468 tgt->state = TGT_STATE_LOADED;
5471 mpt_prt(mpt, "Unknown Target State 0x%x in Context "
5472 "Reply Function\n", tgt->state);
5477 status = le16toh(reply_frame->IOCStatus);
5478 if (status != MPI_IOCSTATUS_SUCCESS) {
5479 dbg = MPT_PRT_ERROR;
5481 dbg = MPT_PRT_DEBUG1;
5485 "SCSI_TGT REPLY: req=%p:%u reply=%p func=%x IOCstatus 0x%x\n",
5486 req, req->serno, reply_frame, reply_frame->Function, status);
5488 switch (reply_frame->Function) {
5489 case MPI_FUNCTION_TARGET_CMD_BUFFER_POST:
5491 mpt_tgt_state_t *tgt;
5493 mpt_req_spcl(mpt, req, "tgt reply BUFFER POST", __LINE__);
5495 if (status != MPI_IOCSTATUS_SUCCESS) {
5501 tgt = MPT_TGT_STATE(mpt, req);
5502 KASSERT(tgt->state == TGT_STATE_LOADING,
5503 ("bad state 0x%x on reply to buffer post\n", tgt->state));
5504 mpt_assign_serno(mpt, req);
5505 tgt->state = TGT_STATE_LOADED;
5508 case MPI_FUNCTION_TARGET_ASSIST:
5510 mpt_req_not_spcl(mpt, req, "tgt reply TARGET ASSIST", __LINE__);
5512 mpt_prt(mpt, "target assist completion\n");
5513 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5514 mpt_free_request(mpt, req);
5516 case MPI_FUNCTION_TARGET_STATUS_SEND:
5518 mpt_req_not_spcl(mpt, req, "tgt reply STATUS SEND", __LINE__);
5520 mpt_prt(mpt, "status send completion\n");
5521 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5522 mpt_free_request(mpt, req);
5524 case MPI_FUNCTION_TARGET_MODE_ABORT:
5526 PTR_MSG_TARGET_MODE_ABORT_REPLY abtrp =
5527 (PTR_MSG_TARGET_MODE_ABORT_REPLY) reply_frame;
5528 PTR_MSG_TARGET_MODE_ABORT abtp =
5529 (PTR_MSG_TARGET_MODE_ABORT) req->req_vbuf;
5530 uint32_t cc = GET_IO_INDEX(le32toh(abtp->ReplyWord));
5532 mpt_req_not_spcl(mpt, req, "tgt reply TMODE ABORT", __LINE__);
5534 mpt_prt(mpt, "ABORT RX_ID 0x%x Complete; status 0x%x cnt %u\n",
5535 cc, le16toh(abtrp->IOCStatus), le32toh(abtrp->AbortCount));
5536 TAILQ_REMOVE(&mpt->request_pending_list, req, links);
5537 mpt_free_request(mpt, req);
5541 mpt_prt(mpt, "Unknown Target Address Reply Function code: "
5542 "0x%x\n", reply_frame->Function);
projects / FreeBSD / FreeBSD.git / blob