1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * NVMe admin command implementation.
4  * Copyright (c) 2015-2016 HGST, a Western Digital Company.
5  */
6 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
7 #include <linux/module.h>
8 #include <linux/rculist.h>
9 #include <linux/part_stat.h>
10 
11 #include <generated/utsrelease.h>
12 #include <asm/unaligned.h>
13 #include "nvmet.h"
14 
nvmet_get_log_page_len(struct nvme_command * cmd)15 u32 nvmet_get_log_page_len(struct nvme_command *cmd)
16 {
17 	u32 len = le16_to_cpu(cmd->get_log_page.numdu);
18 
19 	len <<= 16;
20 	len += le16_to_cpu(cmd->get_log_page.numdl);
21 	/* NUMD is a 0's based value */
22 	len += 1;
23 	len *= sizeof(u32);
24 
25 	return len;
26 }
27 
nvmet_feat_data_len(struct nvmet_req * req,u32 cdw10)28 static u32 nvmet_feat_data_len(struct nvmet_req *req, u32 cdw10)
29 {
30 	switch (cdw10 & 0xff) {
31 	case NVME_FEAT_HOST_ID:
32 		return sizeof(req->sq->ctrl->hostid);
33 	default:
34 		return 0;
35 	}
36 }
37 
nvmet_get_log_page_offset(struct nvme_command * cmd)38 u64 nvmet_get_log_page_offset(struct nvme_command *cmd)
39 {
40 	return le64_to_cpu(cmd->get_log_page.lpo);
41 }
42 
nvmet_execute_get_log_page_noop(struct nvmet_req * req)43 static void nvmet_execute_get_log_page_noop(struct nvmet_req *req)
44 {
45 	nvmet_req_complete(req, nvmet_zero_sgl(req, 0, req->transfer_len));
46 }
47 
nvmet_execute_get_log_page_error(struct nvmet_req * req)48 static void nvmet_execute_get_log_page_error(struct nvmet_req *req)
49 {
50 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
51 	unsigned long flags;
52 	off_t offset = 0;
53 	u64 slot;
54 	u64 i;
55 
56 	spin_lock_irqsave(&ctrl->error_lock, flags);
57 	slot = ctrl->err_counter % NVMET_ERROR_LOG_SLOTS;
58 
59 	for (i = 0; i < NVMET_ERROR_LOG_SLOTS; i++) {
60 		if (nvmet_copy_to_sgl(req, offset, &ctrl->slots[slot],
61 				sizeof(struct nvme_error_slot)))
62 			break;
63 
64 		if (slot == 0)
65 			slot = NVMET_ERROR_LOG_SLOTS - 1;
66 		else
67 			slot--;
68 		offset += sizeof(struct nvme_error_slot);
69 	}
70 	spin_unlock_irqrestore(&ctrl->error_lock, flags);
71 	nvmet_req_complete(req, 0);
72 }
73 
nvmet_get_smart_log_nsid(struct nvmet_req * req,struct nvme_smart_log * slog)74 static u16 nvmet_get_smart_log_nsid(struct nvmet_req *req,
75 		struct nvme_smart_log *slog)
76 {
77 	struct nvmet_ns *ns;
78 	u64 host_reads, host_writes, data_units_read, data_units_written;
79 
80 	ns = nvmet_find_namespace(req->sq->ctrl, req->cmd->get_log_page.nsid);
81 	if (!ns) {
82 		pr_err("Could not find namespace id : %d\n",
83 				le32_to_cpu(req->cmd->get_log_page.nsid));
84 		req->error_loc = offsetof(struct nvme_rw_command, nsid);
85 		return NVME_SC_INVALID_NS;
86 	}
87 
88 	/* we don't have the right data for file backed ns */
89 	if (!ns->bdev)
90 		goto out;
91 
92 	host_reads = part_stat_read(ns->bdev->bd_part, ios[READ]);
93 	data_units_read = DIV_ROUND_UP(part_stat_read(ns->bdev->bd_part,
94 		sectors[READ]), 1000);
95 	host_writes = part_stat_read(ns->bdev->bd_part, ios[WRITE]);
96 	data_units_written = DIV_ROUND_UP(part_stat_read(ns->bdev->bd_part,
97 		sectors[WRITE]), 1000);
98 
99 	put_unaligned_le64(host_reads, &slog->host_reads[0]);
100 	put_unaligned_le64(data_units_read, &slog->data_units_read[0]);
101 	put_unaligned_le64(host_writes, &slog->host_writes[0]);
102 	put_unaligned_le64(data_units_written, &slog->data_units_written[0]);
103 out:
104 	nvmet_put_namespace(ns);
105 
106 	return NVME_SC_SUCCESS;
107 }
108 
nvmet_get_smart_log_all(struct nvmet_req * req,struct nvme_smart_log * slog)109 static u16 nvmet_get_smart_log_all(struct nvmet_req *req,
110 		struct nvme_smart_log *slog)
111 {
112 	u64 host_reads = 0, host_writes = 0;
113 	u64 data_units_read = 0, data_units_written = 0;
114 	struct nvmet_ns *ns;
115 	struct nvmet_ctrl *ctrl;
116 	unsigned long idx;
117 
118 	ctrl = req->sq->ctrl;
119 	xa_for_each(&ctrl->subsys->namespaces, idx, ns) {
120 		/* we don't have the right data for file backed ns */
121 		if (!ns->bdev)
122 			continue;
123 		host_reads += part_stat_read(ns->bdev->bd_part, ios[READ]);
124 		data_units_read += DIV_ROUND_UP(
125 			part_stat_read(ns->bdev->bd_part, sectors[READ]), 1000);
126 		host_writes += part_stat_read(ns->bdev->bd_part, ios[WRITE]);
127 		data_units_written += DIV_ROUND_UP(
128 			part_stat_read(ns->bdev->bd_part, sectors[WRITE]), 1000);
129 	}
130 
131 	put_unaligned_le64(host_reads, &slog->host_reads[0]);
132 	put_unaligned_le64(data_units_read, &slog->data_units_read[0]);
133 	put_unaligned_le64(host_writes, &slog->host_writes[0]);
134 	put_unaligned_le64(data_units_written, &slog->data_units_written[0]);
135 
136 	return NVME_SC_SUCCESS;
137 }
138 
nvmet_execute_get_log_page_smart(struct nvmet_req * req)139 static void nvmet_execute_get_log_page_smart(struct nvmet_req *req)
140 {
141 	struct nvme_smart_log *log;
142 	u16 status = NVME_SC_INTERNAL;
143 	unsigned long flags;
144 
145 	if (req->transfer_len != sizeof(*log))
146 		goto out;
147 
148 	log = kzalloc(sizeof(*log), GFP_KERNEL);
149 	if (!log)
150 		goto out;
151 
152 	if (req->cmd->get_log_page.nsid == cpu_to_le32(NVME_NSID_ALL))
153 		status = nvmet_get_smart_log_all(req, log);
154 	else
155 		status = nvmet_get_smart_log_nsid(req, log);
156 	if (status)
157 		goto out_free_log;
158 
159 	spin_lock_irqsave(&req->sq->ctrl->error_lock, flags);
160 	put_unaligned_le64(req->sq->ctrl->err_counter,
161 			&log->num_err_log_entries);
162 	spin_unlock_irqrestore(&req->sq->ctrl->error_lock, flags);
163 
164 	status = nvmet_copy_to_sgl(req, 0, log, sizeof(*log));
165 out_free_log:
166 	kfree(log);
167 out:
168 	nvmet_req_complete(req, status);
169 }
170 
nvmet_execute_get_log_cmd_effects_ns(struct nvmet_req * req)171 static void nvmet_execute_get_log_cmd_effects_ns(struct nvmet_req *req)
172 {
173 	u16 status = NVME_SC_INTERNAL;
174 	struct nvme_effects_log *log;
175 
176 	log = kzalloc(sizeof(*log), GFP_KERNEL);
177 	if (!log)
178 		goto out;
179 
180 	log->acs[nvme_admin_get_log_page]	= cpu_to_le32(1 << 0);
181 	log->acs[nvme_admin_identify]		= cpu_to_le32(1 << 0);
182 	log->acs[nvme_admin_abort_cmd]		= cpu_to_le32(1 << 0);
183 	log->acs[nvme_admin_set_features]	= cpu_to_le32(1 << 0);
184 	log->acs[nvme_admin_get_features]	= cpu_to_le32(1 << 0);
185 	log->acs[nvme_admin_async_event]	= cpu_to_le32(1 << 0);
186 	log->acs[nvme_admin_keep_alive]		= cpu_to_le32(1 << 0);
187 
188 	log->iocs[nvme_cmd_read]		= cpu_to_le32(1 << 0);
189 	log->iocs[nvme_cmd_write]		= cpu_to_le32(1 << 0);
190 	log->iocs[nvme_cmd_flush]		= cpu_to_le32(1 << 0);
191 	log->iocs[nvme_cmd_dsm]			= cpu_to_le32(1 << 0);
192 	log->iocs[nvme_cmd_write_zeroes]	= cpu_to_le32(1 << 0);
193 
194 	status = nvmet_copy_to_sgl(req, 0, log, sizeof(*log));
195 
196 	kfree(log);
197 out:
198 	nvmet_req_complete(req, status);
199 }
200 
nvmet_execute_get_log_changed_ns(struct nvmet_req * req)201 static void nvmet_execute_get_log_changed_ns(struct nvmet_req *req)
202 {
203 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
204 	u16 status = NVME_SC_INTERNAL;
205 	size_t len;
206 
207 	if (req->transfer_len != NVME_MAX_CHANGED_NAMESPACES * sizeof(__le32))
208 		goto out;
209 
210 	mutex_lock(&ctrl->lock);
211 	if (ctrl->nr_changed_ns == U32_MAX)
212 		len = sizeof(__le32);
213 	else
214 		len = ctrl->nr_changed_ns * sizeof(__le32);
215 	status = nvmet_copy_to_sgl(req, 0, ctrl->changed_ns_list, len);
216 	if (!status)
217 		status = nvmet_zero_sgl(req, len, req->transfer_len - len);
218 	ctrl->nr_changed_ns = 0;
219 	nvmet_clear_aen_bit(req, NVME_AEN_BIT_NS_ATTR);
220 	mutex_unlock(&ctrl->lock);
221 out:
222 	nvmet_req_complete(req, status);
223 }
224 
nvmet_format_ana_group(struct nvmet_req * req,u32 grpid,struct nvme_ana_group_desc * desc)225 static u32 nvmet_format_ana_group(struct nvmet_req *req, u32 grpid,
226 		struct nvme_ana_group_desc *desc)
227 {
228 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
229 	struct nvmet_ns *ns;
230 	unsigned long idx;
231 	u32 count = 0;
232 
233 	if (!(req->cmd->get_log_page.lsp & NVME_ANA_LOG_RGO)) {
234 		xa_for_each(&ctrl->subsys->namespaces, idx, ns)
235 			if (ns->anagrpid == grpid)
236 				desc->nsids[count++] = cpu_to_le32(ns->nsid);
237 	}
238 
239 	desc->grpid = cpu_to_le32(grpid);
240 	desc->nnsids = cpu_to_le32(count);
241 	desc->chgcnt = cpu_to_le64(nvmet_ana_chgcnt);
242 	desc->state = req->port->ana_state[grpid];
243 	memset(desc->rsvd17, 0, sizeof(desc->rsvd17));
244 	return sizeof(struct nvme_ana_group_desc) + count * sizeof(__le32);
245 }
246 
nvmet_execute_get_log_page_ana(struct nvmet_req * req)247 static void nvmet_execute_get_log_page_ana(struct nvmet_req *req)
248 {
249 	struct nvme_ana_rsp_hdr hdr = { 0, };
250 	struct nvme_ana_group_desc *desc;
251 	size_t offset = sizeof(struct nvme_ana_rsp_hdr); /* start beyond hdr */
252 	size_t len;
253 	u32 grpid;
254 	u16 ngrps = 0;
255 	u16 status;
256 
257 	status = NVME_SC_INTERNAL;
258 	desc = kmalloc(sizeof(struct nvme_ana_group_desc) +
259 			NVMET_MAX_NAMESPACES * sizeof(__le32), GFP_KERNEL);
260 	if (!desc)
261 		goto out;
262 
263 	down_read(&nvmet_ana_sem);
264 	for (grpid = 1; grpid <= NVMET_MAX_ANAGRPS; grpid++) {
265 		if (!nvmet_ana_group_enabled[grpid])
266 			continue;
267 		len = nvmet_format_ana_group(req, grpid, desc);
268 		status = nvmet_copy_to_sgl(req, offset, desc, len);
269 		if (status)
270 			break;
271 		offset += len;
272 		ngrps++;
273 	}
274 	for ( ; grpid <= NVMET_MAX_ANAGRPS; grpid++) {
275 		if (nvmet_ana_group_enabled[grpid])
276 			ngrps++;
277 	}
278 
279 	hdr.chgcnt = cpu_to_le64(nvmet_ana_chgcnt);
280 	hdr.ngrps = cpu_to_le16(ngrps);
281 	nvmet_clear_aen_bit(req, NVME_AEN_BIT_ANA_CHANGE);
282 	up_read(&nvmet_ana_sem);
283 
284 	kfree(desc);
285 
286 	/* copy the header last once we know the number of groups */
287 	status = nvmet_copy_to_sgl(req, 0, &hdr, sizeof(hdr));
288 out:
289 	nvmet_req_complete(req, status);
290 }
291 
nvmet_execute_get_log_page(struct nvmet_req * req)292 static void nvmet_execute_get_log_page(struct nvmet_req *req)
293 {
294 	if (!nvmet_check_transfer_len(req, nvmet_get_log_page_len(req->cmd)))
295 		return;
296 
297 	switch (req->cmd->get_log_page.lid) {
298 	case NVME_LOG_ERROR:
299 		return nvmet_execute_get_log_page_error(req);
300 	case NVME_LOG_SMART:
301 		return nvmet_execute_get_log_page_smart(req);
302 	case NVME_LOG_FW_SLOT:
303 		/*
304 		 * We only support a single firmware slot which always is
305 		 * active, so we can zero out the whole firmware slot log and
306 		 * still claim to fully implement this mandatory log page.
307 		 */
308 		return nvmet_execute_get_log_page_noop(req);
309 	case NVME_LOG_CHANGED_NS:
310 		return nvmet_execute_get_log_changed_ns(req);
311 	case NVME_LOG_CMD_EFFECTS:
312 		return nvmet_execute_get_log_cmd_effects_ns(req);
313 	case NVME_LOG_ANA:
314 		return nvmet_execute_get_log_page_ana(req);
315 	}
316 	pr_err("unhandled lid %d on qid %d\n",
317 	       req->cmd->get_log_page.lid, req->sq->qid);
318 	req->error_loc = offsetof(struct nvme_get_log_page_command, lid);
319 	nvmet_req_complete(req, NVME_SC_INVALID_FIELD | NVME_SC_DNR);
320 }
321 
nvmet_id_set_model_number(struct nvme_id_ctrl * id,struct nvmet_subsys * subsys)322 static void nvmet_id_set_model_number(struct nvme_id_ctrl *id,
323 				      struct nvmet_subsys *subsys)
324 {
325 	const char *model = NVMET_DEFAULT_CTRL_MODEL;
326 	struct nvmet_subsys_model *subsys_model;
327 
328 	rcu_read_lock();
329 	subsys_model = rcu_dereference(subsys->model);
330 	if (subsys_model)
331 		model = subsys_model->number;
332 	memcpy_and_pad(id->mn, sizeof(id->mn), model, strlen(model), ' ');
333 	rcu_read_unlock();
334 }
335 
nvmet_execute_identify_ctrl(struct nvmet_req * req)336 static void nvmet_execute_identify_ctrl(struct nvmet_req *req)
337 {
338 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
339 	struct nvme_id_ctrl *id;
340 	u32 cmd_capsule_size;
341 	u16 status = 0;
342 
343 	id = kzalloc(sizeof(*id), GFP_KERNEL);
344 	if (!id) {
345 		status = NVME_SC_INTERNAL;
346 		goto out;
347 	}
348 
349 	/* XXX: figure out how to assign real vendors IDs. */
350 	id->vid = 0;
351 	id->ssvid = 0;
352 
353 	memset(id->sn, ' ', sizeof(id->sn));
354 	bin2hex(id->sn, &ctrl->subsys->serial,
355 		min(sizeof(ctrl->subsys->serial), sizeof(id->sn) / 2));
356 	nvmet_id_set_model_number(id, ctrl->subsys);
357 	memcpy_and_pad(id->fr, sizeof(id->fr),
358 		       UTS_RELEASE, strlen(UTS_RELEASE), ' ');
359 
360 	id->rab = 6;
361 
362 	/*
363 	 * XXX: figure out how we can assign a IEEE OUI, but until then
364 	 * the safest is to leave it as zeroes.
365 	 */
366 
367 	/* we support multiple ports, multiples hosts and ANA: */
368 	id->cmic = (1 << 0) | (1 << 1) | (1 << 3);
369 
370 	/* Limit MDTS according to transport capability */
371 	if (ctrl->ops->get_mdts)
372 		id->mdts = ctrl->ops->get_mdts(ctrl);
373 	else
374 		id->mdts = 0;
375 
376 	id->cntlid = cpu_to_le16(ctrl->cntlid);
377 	id->ver = cpu_to_le32(ctrl->subsys->ver);
378 
379 	/* XXX: figure out what to do about RTD3R/RTD3 */
380 	id->oaes = cpu_to_le32(NVMET_AEN_CFG_OPTIONAL);
381 	id->ctratt = cpu_to_le32(NVME_CTRL_ATTR_HID_128_BIT |
382 		NVME_CTRL_ATTR_TBKAS);
383 
384 	id->oacs = 0;
385 
386 	/*
387 	 * We don't really have a practical limit on the number of abort
388 	 * comands.  But we don't do anything useful for abort either, so
389 	 * no point in allowing more abort commands than the spec requires.
390 	 */
391 	id->acl = 3;
392 
393 	id->aerl = NVMET_ASYNC_EVENTS - 1;
394 
395 	/* first slot is read-only, only one slot supported */
396 	id->frmw = (1 << 0) | (1 << 1);
397 	id->lpa = (1 << 0) | (1 << 1) | (1 << 2);
398 	id->elpe = NVMET_ERROR_LOG_SLOTS - 1;
399 	id->npss = 0;
400 
401 	/* We support keep-alive timeout in granularity of seconds */
402 	id->kas = cpu_to_le16(NVMET_KAS);
403 
404 	id->sqes = (0x6 << 4) | 0x6;
405 	id->cqes = (0x4 << 4) | 0x4;
406 
407 	/* no enforcement soft-limit for maxcmd - pick arbitrary high value */
408 	id->maxcmd = cpu_to_le16(NVMET_MAX_CMD);
409 
410 	id->nn = cpu_to_le32(ctrl->subsys->max_nsid);
411 	id->mnan = cpu_to_le32(NVMET_MAX_NAMESPACES);
412 	id->oncs = cpu_to_le16(NVME_CTRL_ONCS_DSM |
413 			NVME_CTRL_ONCS_WRITE_ZEROES);
414 
415 	/* XXX: don't report vwc if the underlying device is write through */
416 	id->vwc = NVME_CTRL_VWC_PRESENT;
417 
418 	/*
419 	 * We can't support atomic writes bigger than a LBA without support
420 	 * from the backend device.
421 	 */
422 	id->awun = 0;
423 	id->awupf = 0;
424 
425 	id->sgls = cpu_to_le32(1 << 0);	/* we always support SGLs */
426 	if (ctrl->ops->flags & NVMF_KEYED_SGLS)
427 		id->sgls |= cpu_to_le32(1 << 2);
428 	if (req->port->inline_data_size)
429 		id->sgls |= cpu_to_le32(1 << 20);
430 
431 	strlcpy(id->subnqn, ctrl->subsys->subsysnqn, sizeof(id->subnqn));
432 
433 	/*
434 	 * Max command capsule size is sqe + in-capsule data size.
435 	 * Disable in-capsule data for Metadata capable controllers.
436 	 */
437 	cmd_capsule_size = sizeof(struct nvme_command);
438 	if (!ctrl->pi_support)
439 		cmd_capsule_size += req->port->inline_data_size;
440 	id->ioccsz = cpu_to_le32(cmd_capsule_size / 16);
441 
442 	/* Max response capsule size is cqe */
443 	id->iorcsz = cpu_to_le32(sizeof(struct nvme_completion) / 16);
444 
445 	id->msdbd = ctrl->ops->msdbd;
446 
447 	id->anacap = (1 << 0) | (1 << 1) | (1 << 2) | (1 << 3) | (1 << 4);
448 	id->anatt = 10; /* random value */
449 	id->anagrpmax = cpu_to_le32(NVMET_MAX_ANAGRPS);
450 	id->nanagrpid = cpu_to_le32(NVMET_MAX_ANAGRPS);
451 
452 	/*
453 	 * Meh, we don't really support any power state.  Fake up the same
454 	 * values that qemu does.
455 	 */
456 	id->psd[0].max_power = cpu_to_le16(0x9c4);
457 	id->psd[0].entry_lat = cpu_to_le32(0x10);
458 	id->psd[0].exit_lat = cpu_to_le32(0x4);
459 
460 	id->nwpc = 1 << 0; /* write protect and no write protect */
461 
462 	status = nvmet_copy_to_sgl(req, 0, id, sizeof(*id));
463 
464 	kfree(id);
465 out:
466 	nvmet_req_complete(req, status);
467 }
468 
nvmet_execute_identify_ns(struct nvmet_req * req)469 static void nvmet_execute_identify_ns(struct nvmet_req *req)
470 {
471 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
472 	struct nvmet_ns *ns;
473 	struct nvme_id_ns *id;
474 	u16 status = 0;
475 
476 	if (le32_to_cpu(req->cmd->identify.nsid) == NVME_NSID_ALL) {
477 		req->error_loc = offsetof(struct nvme_identify, nsid);
478 		status = NVME_SC_INVALID_NS | NVME_SC_DNR;
479 		goto out;
480 	}
481 
482 	id = kzalloc(sizeof(*id), GFP_KERNEL);
483 	if (!id) {
484 		status = NVME_SC_INTERNAL;
485 		goto out;
486 	}
487 
488 	/* return an all zeroed buffer if we can't find an active namespace */
489 	ns = nvmet_find_namespace(ctrl, req->cmd->identify.nsid);
490 	if (!ns)
491 		goto done;
492 
493 	nvmet_ns_revalidate(ns);
494 
495 	/*
496 	 * nuse = ncap = nsze isn't always true, but we have no way to find
497 	 * that out from the underlying device.
498 	 */
499 	id->ncap = id->nsze = cpu_to_le64(ns->size >> ns->blksize_shift);
500 	switch (req->port->ana_state[ns->anagrpid]) {
501 	case NVME_ANA_INACCESSIBLE:
502 	case NVME_ANA_PERSISTENT_LOSS:
503 		break;
504 	default:
505 		id->nuse = id->nsze;
506 		break;
507         }
508 
509 	if (ns->bdev)
510 		nvmet_bdev_set_limits(ns->bdev, id);
511 
512 	/*
513 	 * We just provide a single LBA format that matches what the
514 	 * underlying device reports.
515 	 */
516 	id->nlbaf = 0;
517 	id->flbas = 0;
518 
519 	/*
520 	 * Our namespace might always be shared.  Not just with other
521 	 * controllers, but also with any other user of the block device.
522 	 */
523 	id->nmic = (1 << 0);
524 	id->anagrpid = cpu_to_le32(ns->anagrpid);
525 
526 	memcpy(&id->nguid, &ns->nguid, sizeof(id->nguid));
527 
528 	id->lbaf[0].ds = ns->blksize_shift;
529 
530 	if (ctrl->pi_support && nvmet_ns_has_pi(ns)) {
531 		id->dpc = NVME_NS_DPC_PI_FIRST | NVME_NS_DPC_PI_LAST |
532 			  NVME_NS_DPC_PI_TYPE1 | NVME_NS_DPC_PI_TYPE2 |
533 			  NVME_NS_DPC_PI_TYPE3;
534 		id->mc = NVME_MC_EXTENDED_LBA;
535 		id->dps = ns->pi_type;
536 		id->flbas = NVME_NS_FLBAS_META_EXT;
537 		id->lbaf[0].ms = cpu_to_le16(ns->metadata_size);
538 	}
539 
540 	if (ns->readonly)
541 		id->nsattr |= (1 << 0);
542 	nvmet_put_namespace(ns);
543 done:
544 	status = nvmet_copy_to_sgl(req, 0, id, sizeof(*id));
545 	kfree(id);
546 out:
547 	nvmet_req_complete(req, status);
548 }
549 
nvmet_execute_identify_nslist(struct nvmet_req * req)550 static void nvmet_execute_identify_nslist(struct nvmet_req *req)
551 {
552 	static const int buf_size = NVME_IDENTIFY_DATA_SIZE;
553 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
554 	struct nvmet_ns *ns;
555 	unsigned long idx;
556 	u32 min_nsid = le32_to_cpu(req->cmd->identify.nsid);
557 	__le32 *list;
558 	u16 status = 0;
559 	int i = 0;
560 
561 	list = kzalloc(buf_size, GFP_KERNEL);
562 	if (!list) {
563 		status = NVME_SC_INTERNAL;
564 		goto out;
565 	}
566 
567 	xa_for_each(&ctrl->subsys->namespaces, idx, ns) {
568 		if (ns->nsid <= min_nsid)
569 			continue;
570 		list[i++] = cpu_to_le32(ns->nsid);
571 		if (i == buf_size / sizeof(__le32))
572 			break;
573 	}
574 
575 	status = nvmet_copy_to_sgl(req, 0, list, buf_size);
576 
577 	kfree(list);
578 out:
579 	nvmet_req_complete(req, status);
580 }
581 
nvmet_copy_ns_identifier(struct nvmet_req * req,u8 type,u8 len,void * id,off_t * off)582 static u16 nvmet_copy_ns_identifier(struct nvmet_req *req, u8 type, u8 len,
583 				    void *id, off_t *off)
584 {
585 	struct nvme_ns_id_desc desc = {
586 		.nidt = type,
587 		.nidl = len,
588 	};
589 	u16 status;
590 
591 	status = nvmet_copy_to_sgl(req, *off, &desc, sizeof(desc));
592 	if (status)
593 		return status;
594 	*off += sizeof(desc);
595 
596 	status = nvmet_copy_to_sgl(req, *off, id, len);
597 	if (status)
598 		return status;
599 	*off += len;
600 
601 	return 0;
602 }
603 
nvmet_execute_identify_desclist(struct nvmet_req * req)604 static void nvmet_execute_identify_desclist(struct nvmet_req *req)
605 {
606 	struct nvmet_ns *ns;
607 	u16 status = 0;
608 	off_t off = 0;
609 
610 	ns = nvmet_find_namespace(req->sq->ctrl, req->cmd->identify.nsid);
611 	if (!ns) {
612 		req->error_loc = offsetof(struct nvme_identify, nsid);
613 		status = NVME_SC_INVALID_NS | NVME_SC_DNR;
614 		goto out;
615 	}
616 
617 	if (memchr_inv(&ns->uuid, 0, sizeof(ns->uuid))) {
618 		status = nvmet_copy_ns_identifier(req, NVME_NIDT_UUID,
619 						  NVME_NIDT_UUID_LEN,
620 						  &ns->uuid, &off);
621 		if (status)
622 			goto out_put_ns;
623 	}
624 	if (memchr_inv(ns->nguid, 0, sizeof(ns->nguid))) {
625 		status = nvmet_copy_ns_identifier(req, NVME_NIDT_NGUID,
626 						  NVME_NIDT_NGUID_LEN,
627 						  &ns->nguid, &off);
628 		if (status)
629 			goto out_put_ns;
630 	}
631 
632 	if (sg_zero_buffer(req->sg, req->sg_cnt, NVME_IDENTIFY_DATA_SIZE - off,
633 			off) != NVME_IDENTIFY_DATA_SIZE - off)
634 		status = NVME_SC_INTERNAL | NVME_SC_DNR;
635 out_put_ns:
636 	nvmet_put_namespace(ns);
637 out:
638 	nvmet_req_complete(req, status);
639 }
640 
nvmet_execute_identify(struct nvmet_req * req)641 static void nvmet_execute_identify(struct nvmet_req *req)
642 {
643 	if (!nvmet_check_transfer_len(req, NVME_IDENTIFY_DATA_SIZE))
644 		return;
645 
646 	switch (req->cmd->identify.cns) {
647 	case NVME_ID_CNS_NS:
648 		return nvmet_execute_identify_ns(req);
649 	case NVME_ID_CNS_CTRL:
650 		return nvmet_execute_identify_ctrl(req);
651 	case NVME_ID_CNS_NS_ACTIVE_LIST:
652 		return nvmet_execute_identify_nslist(req);
653 	case NVME_ID_CNS_NS_DESC_LIST:
654 		return nvmet_execute_identify_desclist(req);
655 	}
656 
657 	pr_err("unhandled identify cns %d on qid %d\n",
658 	       req->cmd->identify.cns, req->sq->qid);
659 	req->error_loc = offsetof(struct nvme_identify, cns);
660 	nvmet_req_complete(req, NVME_SC_INVALID_FIELD | NVME_SC_DNR);
661 }
662 
663 /*
664  * A "minimum viable" abort implementation: the command is mandatory in the
665  * spec, but we are not required to do any useful work.  We couldn't really
666  * do a useful abort, so don't bother even with waiting for the command
667  * to be exectuted and return immediately telling the command to abort
668  * wasn't found.
669  */
nvmet_execute_abort(struct nvmet_req * req)670 static void nvmet_execute_abort(struct nvmet_req *req)
671 {
672 	if (!nvmet_check_transfer_len(req, 0))
673 		return;
674 	nvmet_set_result(req, 1);
675 	nvmet_req_complete(req, 0);
676 }
677 
nvmet_write_protect_flush_sync(struct nvmet_req * req)678 static u16 nvmet_write_protect_flush_sync(struct nvmet_req *req)
679 {
680 	u16 status;
681 
682 	if (req->ns->file)
683 		status = nvmet_file_flush(req);
684 	else
685 		status = nvmet_bdev_flush(req);
686 
687 	if (status)
688 		pr_err("write protect flush failed nsid: %u\n", req->ns->nsid);
689 	return status;
690 }
691 
nvmet_set_feat_write_protect(struct nvmet_req * req)692 static u16 nvmet_set_feat_write_protect(struct nvmet_req *req)
693 {
694 	u32 write_protect = le32_to_cpu(req->cmd->common.cdw11);
695 	struct nvmet_subsys *subsys = req->sq->ctrl->subsys;
696 	u16 status = NVME_SC_FEATURE_NOT_CHANGEABLE;
697 
698 	req->ns = nvmet_find_namespace(req->sq->ctrl, req->cmd->rw.nsid);
699 	if (unlikely(!req->ns)) {
700 		req->error_loc = offsetof(struct nvme_common_command, nsid);
701 		return status;
702 	}
703 
704 	mutex_lock(&subsys->lock);
705 	switch (write_protect) {
706 	case NVME_NS_WRITE_PROTECT:
707 		req->ns->readonly = true;
708 		status = nvmet_write_protect_flush_sync(req);
709 		if (status)
710 			req->ns->readonly = false;
711 		break;
712 	case NVME_NS_NO_WRITE_PROTECT:
713 		req->ns->readonly = false;
714 		status = 0;
715 		break;
716 	default:
717 		break;
718 	}
719 
720 	if (!status)
721 		nvmet_ns_changed(subsys, req->ns->nsid);
722 	mutex_unlock(&subsys->lock);
723 	return status;
724 }
725 
nvmet_set_feat_kato(struct nvmet_req * req)726 u16 nvmet_set_feat_kato(struct nvmet_req *req)
727 {
728 	u32 val32 = le32_to_cpu(req->cmd->common.cdw11);
729 
730 	nvmet_stop_keep_alive_timer(req->sq->ctrl);
731 	req->sq->ctrl->kato = DIV_ROUND_UP(val32, 1000);
732 	nvmet_start_keep_alive_timer(req->sq->ctrl);
733 
734 	nvmet_set_result(req, req->sq->ctrl->kato);
735 
736 	return 0;
737 }
738 
nvmet_set_feat_async_event(struct nvmet_req * req,u32 mask)739 u16 nvmet_set_feat_async_event(struct nvmet_req *req, u32 mask)
740 {
741 	u32 val32 = le32_to_cpu(req->cmd->common.cdw11);
742 
743 	if (val32 & ~mask) {
744 		req->error_loc = offsetof(struct nvme_common_command, cdw11);
745 		return NVME_SC_INVALID_FIELD | NVME_SC_DNR;
746 	}
747 
748 	WRITE_ONCE(req->sq->ctrl->aen_enabled, val32);
749 	nvmet_set_result(req, val32);
750 
751 	return 0;
752 }
753 
nvmet_execute_set_features(struct nvmet_req * req)754 void nvmet_execute_set_features(struct nvmet_req *req)
755 {
756 	struct nvmet_subsys *subsys = req->sq->ctrl->subsys;
757 	u32 cdw10 = le32_to_cpu(req->cmd->common.cdw10);
758 	u32 cdw11 = le32_to_cpu(req->cmd->common.cdw11);
759 	u16 status = 0;
760 	u16 nsqr;
761 	u16 ncqr;
762 
763 	if (!nvmet_check_transfer_len(req, 0))
764 		return;
765 
766 	switch (cdw10 & 0xff) {
767 	case NVME_FEAT_NUM_QUEUES:
768 		ncqr = (cdw11 >> 16) & 0xffff;
769 		nsqr = cdw11 & 0xffff;
770 		if (ncqr == 0xffff || nsqr == 0xffff) {
771 			status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
772 			break;
773 		}
774 		nvmet_set_result(req,
775 			(subsys->max_qid - 1) | ((subsys->max_qid - 1) << 16));
776 		break;
777 	case NVME_FEAT_KATO:
778 		status = nvmet_set_feat_kato(req);
779 		break;
780 	case NVME_FEAT_ASYNC_EVENT:
781 		status = nvmet_set_feat_async_event(req, NVMET_AEN_CFG_ALL);
782 		break;
783 	case NVME_FEAT_HOST_ID:
784 		status = NVME_SC_CMD_SEQ_ERROR | NVME_SC_DNR;
785 		break;
786 	case NVME_FEAT_WRITE_PROTECT:
787 		status = nvmet_set_feat_write_protect(req);
788 		break;
789 	default:
790 		req->error_loc = offsetof(struct nvme_common_command, cdw10);
791 		status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
792 		break;
793 	}
794 
795 	nvmet_req_complete(req, status);
796 }
797 
nvmet_get_feat_write_protect(struct nvmet_req * req)798 static u16 nvmet_get_feat_write_protect(struct nvmet_req *req)
799 {
800 	struct nvmet_subsys *subsys = req->sq->ctrl->subsys;
801 	u32 result;
802 
803 	req->ns = nvmet_find_namespace(req->sq->ctrl, req->cmd->common.nsid);
804 	if (!req->ns)  {
805 		req->error_loc = offsetof(struct nvme_common_command, nsid);
806 		return NVME_SC_INVALID_NS | NVME_SC_DNR;
807 	}
808 	mutex_lock(&subsys->lock);
809 	if (req->ns->readonly == true)
810 		result = NVME_NS_WRITE_PROTECT;
811 	else
812 		result = NVME_NS_NO_WRITE_PROTECT;
813 	nvmet_set_result(req, result);
814 	mutex_unlock(&subsys->lock);
815 
816 	return 0;
817 }
818 
nvmet_get_feat_kato(struct nvmet_req * req)819 void nvmet_get_feat_kato(struct nvmet_req *req)
820 {
821 	nvmet_set_result(req, req->sq->ctrl->kato * 1000);
822 }
823 
nvmet_get_feat_async_event(struct nvmet_req * req)824 void nvmet_get_feat_async_event(struct nvmet_req *req)
825 {
826 	nvmet_set_result(req, READ_ONCE(req->sq->ctrl->aen_enabled));
827 }
828 
nvmet_execute_get_features(struct nvmet_req * req)829 void nvmet_execute_get_features(struct nvmet_req *req)
830 {
831 	struct nvmet_subsys *subsys = req->sq->ctrl->subsys;
832 	u32 cdw10 = le32_to_cpu(req->cmd->common.cdw10);
833 	u16 status = 0;
834 
835 	if (!nvmet_check_transfer_len(req, nvmet_feat_data_len(req, cdw10)))
836 		return;
837 
838 	switch (cdw10 & 0xff) {
839 	/*
840 	 * These features are mandatory in the spec, but we don't
841 	 * have a useful way to implement them.  We'll eventually
842 	 * need to come up with some fake values for these.
843 	 */
844 #if 0
845 	case NVME_FEAT_ARBITRATION:
846 		break;
847 	case NVME_FEAT_POWER_MGMT:
848 		break;
849 	case NVME_FEAT_TEMP_THRESH:
850 		break;
851 	case NVME_FEAT_ERR_RECOVERY:
852 		break;
853 	case NVME_FEAT_IRQ_COALESCE:
854 		break;
855 	case NVME_FEAT_IRQ_CONFIG:
856 		break;
857 	case NVME_FEAT_WRITE_ATOMIC:
858 		break;
859 #endif
860 	case NVME_FEAT_ASYNC_EVENT:
861 		nvmet_get_feat_async_event(req);
862 		break;
863 	case NVME_FEAT_VOLATILE_WC:
864 		nvmet_set_result(req, 1);
865 		break;
866 	case NVME_FEAT_NUM_QUEUES:
867 		nvmet_set_result(req,
868 			(subsys->max_qid-1) | ((subsys->max_qid-1) << 16));
869 		break;
870 	case NVME_FEAT_KATO:
871 		nvmet_get_feat_kato(req);
872 		break;
873 	case NVME_FEAT_HOST_ID:
874 		/* need 128-bit host identifier flag */
875 		if (!(req->cmd->common.cdw11 & cpu_to_le32(1 << 0))) {
876 			req->error_loc =
877 				offsetof(struct nvme_common_command, cdw11);
878 			status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
879 			break;
880 		}
881 
882 		status = nvmet_copy_to_sgl(req, 0, &req->sq->ctrl->hostid,
883 				sizeof(req->sq->ctrl->hostid));
884 		break;
885 	case NVME_FEAT_WRITE_PROTECT:
886 		status = nvmet_get_feat_write_protect(req);
887 		break;
888 	default:
889 		req->error_loc =
890 			offsetof(struct nvme_common_command, cdw10);
891 		status = NVME_SC_INVALID_FIELD | NVME_SC_DNR;
892 		break;
893 	}
894 
895 	nvmet_req_complete(req, status);
896 }
897 
nvmet_execute_async_event(struct nvmet_req * req)898 void nvmet_execute_async_event(struct nvmet_req *req)
899 {
900 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
901 
902 	if (!nvmet_check_transfer_len(req, 0))
903 		return;
904 
905 	mutex_lock(&ctrl->lock);
906 	if (ctrl->nr_async_event_cmds >= NVMET_ASYNC_EVENTS) {
907 		mutex_unlock(&ctrl->lock);
908 		nvmet_req_complete(req, NVME_SC_ASYNC_LIMIT | NVME_SC_DNR);
909 		return;
910 	}
911 	ctrl->async_event_cmds[ctrl->nr_async_event_cmds++] = req;
912 	mutex_unlock(&ctrl->lock);
913 
914 	schedule_work(&ctrl->async_event_work);
915 }
916 
nvmet_execute_keep_alive(struct nvmet_req * req)917 void nvmet_execute_keep_alive(struct nvmet_req *req)
918 {
919 	struct nvmet_ctrl *ctrl = req->sq->ctrl;
920 
921 	if (!nvmet_check_transfer_len(req, 0))
922 		return;
923 
924 	pr_debug("ctrl %d update keep-alive timer for %d secs\n",
925 		ctrl->cntlid, ctrl->kato);
926 
927 	mod_delayed_work(system_wq, &ctrl->ka_work, ctrl->kato * HZ);
928 	nvmet_req_complete(req, 0);
929 }
930 
nvmet_parse_admin_cmd(struct nvmet_req * req)931 u16 nvmet_parse_admin_cmd(struct nvmet_req *req)
932 {
933 	struct nvme_command *cmd = req->cmd;
934 	u16 ret;
935 
936 	if (nvme_is_fabrics(cmd))
937 		return nvmet_parse_fabrics_cmd(req);
938 	if (req->sq->ctrl->subsys->type == NVME_NQN_DISC)
939 		return nvmet_parse_discovery_cmd(req);
940 
941 	ret = nvmet_check_ctrl_status(req, cmd);
942 	if (unlikely(ret))
943 		return ret;
944 
945 	if (nvmet_req_passthru_ctrl(req))
946 		return nvmet_parse_passthru_admin_cmd(req);
947 
948 	switch (cmd->common.opcode) {
949 	case nvme_admin_get_log_page:
950 		req->execute = nvmet_execute_get_log_page;
951 		return 0;
952 	case nvme_admin_identify:
953 		req->execute = nvmet_execute_identify;
954 		return 0;
955 	case nvme_admin_abort_cmd:
956 		req->execute = nvmet_execute_abort;
957 		return 0;
958 	case nvme_admin_set_features:
959 		req->execute = nvmet_execute_set_features;
960 		return 0;
961 	case nvme_admin_get_features:
962 		req->execute = nvmet_execute_get_features;
963 		return 0;
964 	case nvme_admin_async_event:
965 		req->execute = nvmet_execute_async_event;
966 		return 0;
967 	case nvme_admin_keep_alive:
968 		req->execute = nvmet_execute_keep_alive;
969 		return 0;
970 	}
971 
972 	pr_err("unhandled cmd %d on qid %d\n", cmd->common.opcode,
973 	       req->sq->qid);
974 	req->error_loc = offsetof(struct nvme_common_command, opcode);
975 	return NVME_SC_INVALID_OPCODE | NVME_SC_DNR;
976 }
977