1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2020 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18 #include <linux/module.h>
19
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
26 #include <linux/genhd.h>
27 #include <linux/fs.h>
28 #include <linux/init.h>
29 #include <linux/proc_fs.h>
30 #include <linux/vmalloc.h>
31 #include <linux/moduleparam.h>
32 #include <linux/scatterlist.h>
33 #include <linux/blkdev.h>
34 #include <linux/crc-t10dif.h>
35 #include <linux/spinlock.h>
36 #include <linux/interrupt.h>
37 #include <linux/atomic.h>
38 #include <linux/hrtimer.h>
39 #include <linux/uuid.h>
40 #include <linux/t10-pi.h>
41 #include <linux/msdos_partition.h>
42 #include <linux/random.h>
43 #include <linux/xarray.h>
44 #include <linux/prefetch.h>
45
46 #include <net/checksum.h>
47
48 #include <asm/unaligned.h>
49
50 #include <scsi/scsi.h>
51 #include <scsi/scsi_cmnd.h>
52 #include <scsi/scsi_device.h>
53 #include <scsi/scsi_host.h>
54 #include <scsi/scsicam.h>
55 #include <scsi/scsi_eh.h>
56 #include <scsi/scsi_tcq.h>
57 #include <scsi/scsi_dbg.h>
58
59 #include "sd.h"
60 #include "scsi_logging.h"
61
62 /* make sure inq_product_rev string corresponds to this version */
63 #define SDEBUG_VERSION "0190" /* format to fit INQUIRY revision field */
64 static const char *sdebug_version_date = "20200710";
65
66 #define MY_NAME "scsi_debug"
67
68 /* Additional Sense Code (ASC) */
69 #define NO_ADDITIONAL_SENSE 0x0
70 #define LOGICAL_UNIT_NOT_READY 0x4
71 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
72 #define UNRECOVERED_READ_ERR 0x11
73 #define PARAMETER_LIST_LENGTH_ERR 0x1a
74 #define INVALID_OPCODE 0x20
75 #define LBA_OUT_OF_RANGE 0x21
76 #define INVALID_FIELD_IN_CDB 0x24
77 #define INVALID_FIELD_IN_PARAM_LIST 0x26
78 #define WRITE_PROTECTED 0x27
79 #define UA_RESET_ASC 0x29
80 #define UA_CHANGED_ASC 0x2a
81 #define TARGET_CHANGED_ASC 0x3f
82 #define LUNS_CHANGED_ASCQ 0x0e
83 #define INSUFF_RES_ASC 0x55
84 #define INSUFF_RES_ASCQ 0x3
85 #define POWER_ON_RESET_ASCQ 0x0
86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88 #define CAPACITY_CHANGED_ASCQ 0x9
89 #define SAVING_PARAMS_UNSUP 0x39
90 #define TRANSPORT_PROBLEM 0x4b
91 #define THRESHOLD_EXCEEDED 0x5d
92 #define LOW_POWER_COND_ON 0x5e
93 #define MISCOMPARE_VERIFY_ASC 0x1d
94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96 #define WRITE_ERROR_ASC 0xc
97 #define UNALIGNED_WRITE_ASCQ 0x4
98 #define WRITE_BOUNDARY_ASCQ 0x5
99 #define READ_INVDATA_ASCQ 0x6
100 #define READ_BOUNDARY_ASCQ 0x7
101 #define INSUFF_ZONE_ASCQ 0xe
102
103 /* Additional Sense Code Qualifier (ASCQ) */
104 #define ACK_NAK_TO 0x3
105
106 /* Default values for driver parameters */
107 #define DEF_NUM_HOST 1
108 #define DEF_NUM_TGTS 1
109 #define DEF_MAX_LUNS 1
110 /* With these defaults, this driver will make 1 host with 1 target
111 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
112 */
113 #define DEF_ATO 1
114 #define DEF_CDB_LEN 10
115 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
116 #define DEF_DEV_SIZE_PRE_INIT 0
117 #define DEF_DEV_SIZE_MB 8
118 #define DEF_ZBC_DEV_SIZE_MB 128
119 #define DEF_DIF 0
120 #define DEF_DIX 0
121 #define DEF_PER_HOST_STORE false
122 #define DEF_D_SENSE 0
123 #define DEF_EVERY_NTH 0
124 #define DEF_FAKE_RW 0
125 #define DEF_GUARD 0
126 #define DEF_HOST_LOCK 0
127 #define DEF_LBPU 0
128 #define DEF_LBPWS 0
129 #define DEF_LBPWS10 0
130 #define DEF_LBPRZ 1
131 #define DEF_LOWEST_ALIGNED 0
132 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
133 #define DEF_NO_LUN_0 0
134 #define DEF_NUM_PARTS 0
135 #define DEF_OPTS 0
136 #define DEF_OPT_BLKS 1024
137 #define DEF_PHYSBLK_EXP 0
138 #define DEF_OPT_XFERLEN_EXP 0
139 #define DEF_PTYPE TYPE_DISK
140 #define DEF_RANDOM false
141 #define DEF_REMOVABLE false
142 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
143 #define DEF_SECTOR_SIZE 512
144 #define DEF_UNMAP_ALIGNMENT 0
145 #define DEF_UNMAP_GRANULARITY 1
146 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
147 #define DEF_UNMAP_MAX_DESC 256
148 #define DEF_VIRTUAL_GB 0
149 #define DEF_VPD_USE_HOSTNO 1
150 #define DEF_WRITESAME_LENGTH 0xFFFF
151 #define DEF_STRICT 0
152 #define DEF_STATISTICS false
153 #define DEF_SUBMIT_QUEUES 1
154 #define DEF_TUR_MS_TO_READY 0
155 #define DEF_UUID_CTL 0
156 #define JDELAY_OVERRIDDEN -9999
157
158 /* Default parameters for ZBC drives */
159 #define DEF_ZBC_ZONE_SIZE_MB 128
160 #define DEF_ZBC_MAX_OPEN_ZONES 8
161 #define DEF_ZBC_NR_CONV_ZONES 1
162
163 #define SDEBUG_LUN_0_VAL 0
164
165 /* bit mask values for sdebug_opts */
166 #define SDEBUG_OPT_NOISE 1
167 #define SDEBUG_OPT_MEDIUM_ERR 2
168 #define SDEBUG_OPT_TIMEOUT 4
169 #define SDEBUG_OPT_RECOVERED_ERR 8
170 #define SDEBUG_OPT_TRANSPORT_ERR 16
171 #define SDEBUG_OPT_DIF_ERR 32
172 #define SDEBUG_OPT_DIX_ERR 64
173 #define SDEBUG_OPT_MAC_TIMEOUT 128
174 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
175 #define SDEBUG_OPT_Q_NOISE 0x200
176 #define SDEBUG_OPT_ALL_TSF 0x400
177 #define SDEBUG_OPT_RARE_TSF 0x800
178 #define SDEBUG_OPT_N_WCE 0x1000
179 #define SDEBUG_OPT_RESET_NOISE 0x2000
180 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
181 #define SDEBUG_OPT_HOST_BUSY 0x8000
182 #define SDEBUG_OPT_CMD_ABORT 0x10000
183 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
184 SDEBUG_OPT_RESET_NOISE)
185 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
186 SDEBUG_OPT_TRANSPORT_ERR | \
187 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
188 SDEBUG_OPT_SHORT_TRANSFER | \
189 SDEBUG_OPT_HOST_BUSY | \
190 SDEBUG_OPT_CMD_ABORT)
191 #define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
192 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
193
194 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
195 * priority order. In the subset implemented here lower numbers have higher
196 * priority. The UA numbers should be a sequence starting from 0 with
197 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
198 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
199 #define SDEBUG_UA_BUS_RESET 1
200 #define SDEBUG_UA_MODE_CHANGED 2
201 #define SDEBUG_UA_CAPACITY_CHANGED 3
202 #define SDEBUG_UA_LUNS_CHANGED 4
203 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
204 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
205 #define SDEBUG_NUM_UAS 7
206
207 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
208 * sector on read commands: */
209 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
210 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
211
212 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
213 * (for response) per submit queue at one time. Can be reduced by max_queue
214 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
215 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
216 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
217 * but cannot exceed SDEBUG_CANQUEUE .
218 */
219 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
220 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
221 #define DEF_CMD_PER_LUN 255
222
223 /* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
224 #define F_D_IN 1 /* Data-in command (e.g. READ) */
225 #define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
226 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
227 #define F_D_UNKN 8
228 #define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
229 #define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
230 #define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
231 #define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
232 #define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
233 #define F_INV_OP 0x200 /* invalid opcode (not supported) */
234 #define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
235 #define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
236 #define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
237 #define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
238
239 /* Useful combinations of the above flags */
240 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
241 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
242 #define FF_SA (F_SA_HIGH | F_SA_LOW)
243 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
244
245 #define SDEBUG_MAX_PARTS 4
246
247 #define SDEBUG_MAX_CMD_LEN 32
248
249 #define SDEB_XA_NOT_IN_USE XA_MARK_1
250
251 /* Zone types (zbcr05 table 25) */
252 enum sdebug_z_type {
253 ZBC_ZONE_TYPE_CNV = 0x1,
254 ZBC_ZONE_TYPE_SWR = 0x2,
255 ZBC_ZONE_TYPE_SWP = 0x3,
256 };
257
258 /* enumeration names taken from table 26, zbcr05 */
259 enum sdebug_z_cond {
260 ZBC_NOT_WRITE_POINTER = 0x0,
261 ZC1_EMPTY = 0x1,
262 ZC2_IMPLICIT_OPEN = 0x2,
263 ZC3_EXPLICIT_OPEN = 0x3,
264 ZC4_CLOSED = 0x4,
265 ZC6_READ_ONLY = 0xd,
266 ZC5_FULL = 0xe,
267 ZC7_OFFLINE = 0xf,
268 };
269
270 struct sdeb_zone_state { /* ZBC: per zone state */
271 enum sdebug_z_type z_type;
272 enum sdebug_z_cond z_cond;
273 bool z_non_seq_resource;
274 unsigned int z_size;
275 sector_t z_start;
276 sector_t z_wp;
277 };
278
279 struct sdebug_dev_info {
280 struct list_head dev_list;
281 unsigned int channel;
282 unsigned int target;
283 u64 lun;
284 uuid_t lu_name;
285 struct sdebug_host_info *sdbg_host;
286 unsigned long uas_bm[1];
287 atomic_t num_in_q;
288 atomic_t stopped; /* 1: by SSU, 2: device start */
289 bool used;
290
291 /* For ZBC devices */
292 enum blk_zoned_model zmodel;
293 unsigned int zsize;
294 unsigned int zsize_shift;
295 unsigned int nr_zones;
296 unsigned int nr_conv_zones;
297 unsigned int nr_imp_open;
298 unsigned int nr_exp_open;
299 unsigned int nr_closed;
300 unsigned int max_open;
301 ktime_t create_ts; /* time since bootup that this device was created */
302 struct sdeb_zone_state *zstate;
303 };
304
305 struct sdebug_host_info {
306 struct list_head host_list;
307 int si_idx; /* sdeb_store_info (per host) xarray index */
308 struct Scsi_Host *shost;
309 struct device dev;
310 struct list_head dev_info_list;
311 };
312
313 /* There is an xarray of pointers to this struct's objects, one per host */
314 struct sdeb_store_info {
315 rwlock_t macc_lck; /* for atomic media access on this store */
316 u8 *storep; /* user data storage (ram) */
317 struct t10_pi_tuple *dif_storep; /* protection info */
318 void *map_storep; /* provisioning map */
319 };
320
321 #define to_sdebug_host(d) \
322 container_of(d, struct sdebug_host_info, dev)
323
324 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
325 SDEB_DEFER_WQ = 2};
326
327 struct sdebug_defer {
328 struct hrtimer hrt;
329 struct execute_work ew;
330 int sqa_idx; /* index of sdebug_queue array */
331 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
332 int hc_idx; /* hostwide tag index */
333 int issuing_cpu;
334 bool init_hrt;
335 bool init_wq;
336 bool aborted; /* true when blk_abort_request() already called */
337 enum sdeb_defer_type defer_t;
338 };
339
340 struct sdebug_queued_cmd {
341 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
342 * instance indicates this slot is in use.
343 */
344 struct sdebug_defer *sd_dp;
345 struct scsi_cmnd *a_cmnd;
346 };
347
348 struct sdebug_queue {
349 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
350 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
351 spinlock_t qc_lock;
352 atomic_t blocked; /* to temporarily stop more being queued */
353 };
354
355 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
356 static atomic_t sdebug_completions; /* count of deferred completions */
357 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
358 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
359 static atomic_t sdeb_inject_pending;
360
361 struct opcode_info_t {
362 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
363 /* for terminating element */
364 u8 opcode; /* if num_attached > 0, preferred */
365 u16 sa; /* service action */
366 u32 flags; /* OR-ed set of SDEB_F_* */
367 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
368 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
369 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
370 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
371 };
372
373 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
374 enum sdeb_opcode_index {
375 SDEB_I_INVALID_OPCODE = 0,
376 SDEB_I_INQUIRY = 1,
377 SDEB_I_REPORT_LUNS = 2,
378 SDEB_I_REQUEST_SENSE = 3,
379 SDEB_I_TEST_UNIT_READY = 4,
380 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
381 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
382 SDEB_I_LOG_SENSE = 7,
383 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
384 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
385 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
386 SDEB_I_START_STOP = 11,
387 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
388 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
389 SDEB_I_MAINT_IN = 14,
390 SDEB_I_MAINT_OUT = 15,
391 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
392 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
393 SDEB_I_RESERVE = 18, /* 6, 10 */
394 SDEB_I_RELEASE = 19, /* 6, 10 */
395 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
396 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
397 SDEB_I_ATA_PT = 22, /* 12, 16 */
398 SDEB_I_SEND_DIAG = 23,
399 SDEB_I_UNMAP = 24,
400 SDEB_I_WRITE_BUFFER = 25,
401 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
402 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
403 SDEB_I_COMP_WRITE = 28,
404 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
405 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
406 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
407 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
408 };
409
410
411 static const unsigned char opcode_ind_arr[256] = {
412 /* 0x0; 0x0->0x1f: 6 byte cdbs */
413 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
414 0, 0, 0, 0,
415 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
416 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
417 SDEB_I_RELEASE,
418 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
419 SDEB_I_ALLOW_REMOVAL, 0,
420 /* 0x20; 0x20->0x3f: 10 byte cdbs */
421 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
422 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
423 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
424 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
425 /* 0x40; 0x40->0x5f: 10 byte cdbs */
426 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
427 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
428 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
429 SDEB_I_RELEASE,
430 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
431 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
432 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
433 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
434 0, SDEB_I_VARIABLE_LEN,
435 /* 0x80; 0x80->0x9f: 16 byte cdbs */
436 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
437 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
438 0, 0, 0, SDEB_I_VERIFY,
439 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
440 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
441 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
442 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
443 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
444 SDEB_I_MAINT_OUT, 0, 0, 0,
445 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
446 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
447 0, 0, 0, 0, 0, 0, 0, 0,
448 0, 0, 0, 0, 0, 0, 0, 0,
449 /* 0xc0; 0xc0->0xff: vendor specific */
450 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
451 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
452 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
453 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
454 };
455
456 /*
457 * The following "response" functions return the SCSI mid-level's 4 byte
458 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
459 * command completion, they can mask their return value with
460 * SDEG_RES_IMMED_MASK .
461 */
462 #define SDEG_RES_IMMED_MASK 0x40000000
463
464 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
465 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
466 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
467 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
468 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
469 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
470 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
471 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
472 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
473 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
474 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
475 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
476 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
477 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
478 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
479 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
480 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
481 static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
482 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
483 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
484 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
485 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
486 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
487 static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
488 static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
489 static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
490 static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
491 static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
492 static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
493
494 static int sdebug_do_add_host(bool mk_new_store);
495 static int sdebug_add_host_helper(int per_host_idx);
496 static void sdebug_do_remove_host(bool the_end);
497 static int sdebug_add_store(void);
498 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
499 static void sdebug_erase_all_stores(bool apart_from_first);
500
501 /*
502 * The following are overflow arrays for cdbs that "hit" the same index in
503 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
504 * should be placed in opcode_info_arr[], the others should be placed here.
505 */
506 static const struct opcode_info_t msense_iarr[] = {
507 {0, 0x1a, 0, F_D_IN, NULL, NULL,
508 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
509 };
510
511 static const struct opcode_info_t mselect_iarr[] = {
512 {0, 0x15, 0, F_D_OUT, NULL, NULL,
513 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
514 };
515
516 static const struct opcode_info_t read_iarr[] = {
517 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
518 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
519 0, 0, 0, 0} },
520 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
521 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
522 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
523 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
524 0xc7, 0, 0, 0, 0} },
525 };
526
527 static const struct opcode_info_t write_iarr[] = {
528 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
529 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
530 0, 0, 0, 0, 0, 0} },
531 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
532 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
533 0, 0, 0} },
534 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
535 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
536 0xbf, 0xc7, 0, 0, 0, 0} },
537 };
538
539 static const struct opcode_info_t verify_iarr[] = {
540 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
541 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
542 0, 0, 0, 0, 0, 0} },
543 };
544
545 static const struct opcode_info_t sa_in_16_iarr[] = {
546 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
547 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
548 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
549 };
550
551 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
552 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
553 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
554 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
555 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
556 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
557 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
558 };
559
560 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
561 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
562 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
563 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
564 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
565 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
566 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
567 };
568
569 static const struct opcode_info_t write_same_iarr[] = {
570 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
571 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
572 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
573 };
574
575 static const struct opcode_info_t reserve_iarr[] = {
576 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
577 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
578 };
579
580 static const struct opcode_info_t release_iarr[] = {
581 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
582 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
583 };
584
585 static const struct opcode_info_t sync_cache_iarr[] = {
586 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
587 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
588 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
589 };
590
591 static const struct opcode_info_t pre_fetch_iarr[] = {
592 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
593 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
594 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
595 };
596
597 static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
598 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
599 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
600 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
601 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
602 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
603 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
604 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
605 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
606 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
607 };
608
609 static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
610 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
611 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
612 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
613 };
614
615
616 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
617 * plus the terminating elements for logic that scans this table such as
618 * REPORT SUPPORTED OPERATION CODES. */
619 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
620 /* 0 */
621 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
622 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
623 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
624 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
625 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
626 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
627 0, 0} }, /* REPORT LUNS */
628 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
629 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
630 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
631 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
632 /* 5 */
633 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
634 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
635 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
636 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
637 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
638 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
639 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
640 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
641 0, 0, 0} },
642 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
643 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
644 0, 0} },
645 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
646 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
647 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
648 /* 10 */
649 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
650 resp_write_dt0, write_iarr, /* WRITE(16) */
651 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
652 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
653 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
654 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
655 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
656 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
657 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
658 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
659 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
660 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
661 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
662 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
663 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
664 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
665 0xff, 0, 0xc7, 0, 0, 0, 0} },
666 /* 15 */
667 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
668 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
669 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
670 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
671 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
672 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
673 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
674 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
675 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
676 0xff, 0xff} },
677 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
678 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
679 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
680 0} },
681 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
682 NULL, release_iarr, /* RELEASE(10) <no response function> */
683 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
684 0} },
685 /* 20 */
686 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
687 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
688 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
689 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
690 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
691 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
692 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
693 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
694 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
695 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
696 /* 25 */
697 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
698 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
699 0, 0, 0, 0} }, /* WRITE_BUFFER */
700 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
701 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
702 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
703 0, 0, 0, 0, 0} },
704 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
705 resp_sync_cache, sync_cache_iarr,
706 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
707 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
708 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
709 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
710 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
711 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
712 resp_pre_fetch, pre_fetch_iarr,
713 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
714 0, 0, 0, 0} }, /* PRE-FETCH (10) */
715
716 /* 30 */
717 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
718 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
719 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
720 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
721 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
722 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
723 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
724 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
725 /* sentinel */
726 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
727 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
728 };
729
730 static int sdebug_num_hosts;
731 static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
732 static int sdebug_ato = DEF_ATO;
733 static int sdebug_cdb_len = DEF_CDB_LEN;
734 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
735 static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
736 static int sdebug_dif = DEF_DIF;
737 static int sdebug_dix = DEF_DIX;
738 static int sdebug_dsense = DEF_D_SENSE;
739 static int sdebug_every_nth = DEF_EVERY_NTH;
740 static int sdebug_fake_rw = DEF_FAKE_RW;
741 static unsigned int sdebug_guard = DEF_GUARD;
742 static int sdebug_host_max_queue; /* per host */
743 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
744 static int sdebug_max_luns = DEF_MAX_LUNS;
745 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
746 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
747 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
748 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
749 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
750 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
751 static int sdebug_no_uld;
752 static int sdebug_num_parts = DEF_NUM_PARTS;
753 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
754 static int sdebug_opt_blks = DEF_OPT_BLKS;
755 static int sdebug_opts = DEF_OPTS;
756 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
757 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
758 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
759 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
760 static int sdebug_sector_size = DEF_SECTOR_SIZE;
761 static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
762 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
763 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
764 static unsigned int sdebug_lbpu = DEF_LBPU;
765 static unsigned int sdebug_lbpws = DEF_LBPWS;
766 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
767 static unsigned int sdebug_lbprz = DEF_LBPRZ;
768 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
769 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
770 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
771 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
772 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
773 static int sdebug_uuid_ctl = DEF_UUID_CTL;
774 static bool sdebug_random = DEF_RANDOM;
775 static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
776 static bool sdebug_removable = DEF_REMOVABLE;
777 static bool sdebug_clustering;
778 static bool sdebug_host_lock = DEF_HOST_LOCK;
779 static bool sdebug_strict = DEF_STRICT;
780 static bool sdebug_any_injecting_opt;
781 static bool sdebug_verbose;
782 static bool have_dif_prot;
783 static bool write_since_sync;
784 static bool sdebug_statistics = DEF_STATISTICS;
785 static bool sdebug_wp;
786 /* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */
787 static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE;
788 static char *sdeb_zbc_model_s;
789
790 enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
791 SAM_LUN_AM_FLAT = 0x1,
792 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
793 SAM_LUN_AM_EXTENDED = 0x3};
794 static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
795 static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
796
797 static unsigned int sdebug_store_sectors;
798 static sector_t sdebug_capacity; /* in sectors */
799
800 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
801 may still need them */
802 static int sdebug_heads; /* heads per disk */
803 static int sdebug_cylinders_per; /* cylinders per surface */
804 static int sdebug_sectors_per; /* sectors per cylinder */
805
806 static LIST_HEAD(sdebug_host_list);
807 static DEFINE_SPINLOCK(sdebug_host_list_lock);
808
809 static struct xarray per_store_arr;
810 static struct xarray *per_store_ap = &per_store_arr;
811 static int sdeb_first_idx = -1; /* invalid index ==> none created */
812 static int sdeb_most_recent_idx = -1;
813 static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
814
815 static unsigned long map_size;
816 static int num_aborts;
817 static int num_dev_resets;
818 static int num_target_resets;
819 static int num_bus_resets;
820 static int num_host_resets;
821 static int dix_writes;
822 static int dix_reads;
823 static int dif_errors;
824
825 /* ZBC global data */
826 static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
827 static int sdeb_zbc_zone_size_mb;
828 static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
829 static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
830
831 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
832 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
833
834 static DEFINE_RWLOCK(atomic_rw);
835 static DEFINE_RWLOCK(atomic_rw2);
836
837 static rwlock_t *ramdisk_lck_a[2];
838
839 static char sdebug_proc_name[] = MY_NAME;
840 static const char *my_name = MY_NAME;
841
842 static struct bus_type pseudo_lld_bus;
843
844 static struct device_driver sdebug_driverfs_driver = {
845 .name = sdebug_proc_name,
846 .bus = &pseudo_lld_bus,
847 };
848
849 static const int check_condition_result =
850 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
851
852 static const int illegal_condition_result =
853 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
854
855 static const int device_qfull_result =
856 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
857
858 static const int condition_met_result = SAM_STAT_CONDITION_MET;
859
860
861 /* Only do the extra work involved in logical block provisioning if one or
862 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
863 * real reads and writes (i.e. not skipping them for speed).
864 */
scsi_debug_lbp(void)865 static inline bool scsi_debug_lbp(void)
866 {
867 return 0 == sdebug_fake_rw &&
868 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
869 }
870
lba2fake_store(struct sdeb_store_info * sip,unsigned long long lba)871 static void *lba2fake_store(struct sdeb_store_info *sip,
872 unsigned long long lba)
873 {
874 struct sdeb_store_info *lsip = sip;
875
876 lba = do_div(lba, sdebug_store_sectors);
877 if (!sip || !sip->storep) {
878 WARN_ON_ONCE(true);
879 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
880 }
881 return lsip->storep + lba * sdebug_sector_size;
882 }
883
dif_store(struct sdeb_store_info * sip,sector_t sector)884 static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
885 sector_t sector)
886 {
887 sector = sector_div(sector, sdebug_store_sectors);
888
889 return sip->dif_storep + sector;
890 }
891
sdebug_max_tgts_luns(void)892 static void sdebug_max_tgts_luns(void)
893 {
894 struct sdebug_host_info *sdbg_host;
895 struct Scsi_Host *hpnt;
896
897 spin_lock(&sdebug_host_list_lock);
898 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
899 hpnt = sdbg_host->shost;
900 if ((hpnt->this_id >= 0) &&
901 (sdebug_num_tgts > hpnt->this_id))
902 hpnt->max_id = sdebug_num_tgts + 1;
903 else
904 hpnt->max_id = sdebug_num_tgts;
905 /* sdebug_max_luns; */
906 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
907 }
908 spin_unlock(&sdebug_host_list_lock);
909 }
910
911 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
912
913 /* Set in_bit to -1 to indicate no bit position of invalid field */
mk_sense_invalid_fld(struct scsi_cmnd * scp,enum sdeb_cmd_data c_d,int in_byte,int in_bit)914 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
915 enum sdeb_cmd_data c_d,
916 int in_byte, int in_bit)
917 {
918 unsigned char *sbuff;
919 u8 sks[4];
920 int sl, asc;
921
922 sbuff = scp->sense_buffer;
923 if (!sbuff) {
924 sdev_printk(KERN_ERR, scp->device,
925 "%s: sense_buffer is NULL\n", __func__);
926 return;
927 }
928 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
929 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
930 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
931 memset(sks, 0, sizeof(sks));
932 sks[0] = 0x80;
933 if (c_d)
934 sks[0] |= 0x40;
935 if (in_bit >= 0) {
936 sks[0] |= 0x8;
937 sks[0] |= 0x7 & in_bit;
938 }
939 put_unaligned_be16(in_byte, sks + 1);
940 if (sdebug_dsense) {
941 sl = sbuff[7] + 8;
942 sbuff[7] = sl;
943 sbuff[sl] = 0x2;
944 sbuff[sl + 1] = 0x6;
945 memcpy(sbuff + sl + 4, sks, 3);
946 } else
947 memcpy(sbuff + 15, sks, 3);
948 if (sdebug_verbose)
949 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
950 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
951 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
952 }
953
mk_sense_buffer(struct scsi_cmnd * scp,int key,int asc,int asq)954 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
955 {
956 unsigned char *sbuff;
957
958 sbuff = scp->sense_buffer;
959 if (!sbuff) {
960 sdev_printk(KERN_ERR, scp->device,
961 "%s: sense_buffer is NULL\n", __func__);
962 return;
963 }
964 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
965
966 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
967
968 if (sdebug_verbose)
969 sdev_printk(KERN_INFO, scp->device,
970 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
971 my_name, key, asc, asq);
972 }
973
mk_sense_invalid_opcode(struct scsi_cmnd * scp)974 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
975 {
976 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
977 }
978
scsi_debug_ioctl(struct scsi_device * dev,unsigned int cmd,void __user * arg)979 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
980 void __user *arg)
981 {
982 if (sdebug_verbose) {
983 if (0x1261 == cmd)
984 sdev_printk(KERN_INFO, dev,
985 "%s: BLKFLSBUF [0x1261]\n", __func__);
986 else if (0x5331 == cmd)
987 sdev_printk(KERN_INFO, dev,
988 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
989 __func__);
990 else
991 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
992 __func__, cmd);
993 }
994 return -EINVAL;
995 /* return -ENOTTY; // correct return but upsets fdisk */
996 }
997
config_cdb_len(struct scsi_device * sdev)998 static void config_cdb_len(struct scsi_device *sdev)
999 {
1000 switch (sdebug_cdb_len) {
1001 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1002 sdev->use_10_for_rw = false;
1003 sdev->use_16_for_rw = false;
1004 sdev->use_10_for_ms = false;
1005 break;
1006 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1007 sdev->use_10_for_rw = true;
1008 sdev->use_16_for_rw = false;
1009 sdev->use_10_for_ms = false;
1010 break;
1011 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1012 sdev->use_10_for_rw = true;
1013 sdev->use_16_for_rw = false;
1014 sdev->use_10_for_ms = true;
1015 break;
1016 case 16:
1017 sdev->use_10_for_rw = false;
1018 sdev->use_16_for_rw = true;
1019 sdev->use_10_for_ms = true;
1020 break;
1021 case 32: /* No knobs to suggest this so same as 16 for now */
1022 sdev->use_10_for_rw = false;
1023 sdev->use_16_for_rw = true;
1024 sdev->use_10_for_ms = true;
1025 break;
1026 default:
1027 pr_warn("unexpected cdb_len=%d, force to 10\n",
1028 sdebug_cdb_len);
1029 sdev->use_10_for_rw = true;
1030 sdev->use_16_for_rw = false;
1031 sdev->use_10_for_ms = false;
1032 sdebug_cdb_len = 10;
1033 break;
1034 }
1035 }
1036
all_config_cdb_len(void)1037 static void all_config_cdb_len(void)
1038 {
1039 struct sdebug_host_info *sdbg_host;
1040 struct Scsi_Host *shost;
1041 struct scsi_device *sdev;
1042
1043 spin_lock(&sdebug_host_list_lock);
1044 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1045 shost = sdbg_host->shost;
1046 shost_for_each_device(sdev, shost) {
1047 config_cdb_len(sdev);
1048 }
1049 }
1050 spin_unlock(&sdebug_host_list_lock);
1051 }
1052
clear_luns_changed_on_target(struct sdebug_dev_info * devip)1053 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1054 {
1055 struct sdebug_host_info *sdhp;
1056 struct sdebug_dev_info *dp;
1057
1058 spin_lock(&sdebug_host_list_lock);
1059 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
1060 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1061 if ((devip->sdbg_host == dp->sdbg_host) &&
1062 (devip->target == dp->target))
1063 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1064 }
1065 }
1066 spin_unlock(&sdebug_host_list_lock);
1067 }
1068
make_ua(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1069 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1070 {
1071 int k;
1072
1073 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1074 if (k != SDEBUG_NUM_UAS) {
1075 const char *cp = NULL;
1076
1077 switch (k) {
1078 case SDEBUG_UA_POR:
1079 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1080 POWER_ON_RESET_ASCQ);
1081 if (sdebug_verbose)
1082 cp = "power on reset";
1083 break;
1084 case SDEBUG_UA_BUS_RESET:
1085 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1086 BUS_RESET_ASCQ);
1087 if (sdebug_verbose)
1088 cp = "bus reset";
1089 break;
1090 case SDEBUG_UA_MODE_CHANGED:
1091 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1092 MODE_CHANGED_ASCQ);
1093 if (sdebug_verbose)
1094 cp = "mode parameters changed";
1095 break;
1096 case SDEBUG_UA_CAPACITY_CHANGED:
1097 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1098 CAPACITY_CHANGED_ASCQ);
1099 if (sdebug_verbose)
1100 cp = "capacity data changed";
1101 break;
1102 case SDEBUG_UA_MICROCODE_CHANGED:
1103 mk_sense_buffer(scp, UNIT_ATTENTION,
1104 TARGET_CHANGED_ASC,
1105 MICROCODE_CHANGED_ASCQ);
1106 if (sdebug_verbose)
1107 cp = "microcode has been changed";
1108 break;
1109 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1110 mk_sense_buffer(scp, UNIT_ATTENTION,
1111 TARGET_CHANGED_ASC,
1112 MICROCODE_CHANGED_WO_RESET_ASCQ);
1113 if (sdebug_verbose)
1114 cp = "microcode has been changed without reset";
1115 break;
1116 case SDEBUG_UA_LUNS_CHANGED:
1117 /*
1118 * SPC-3 behavior is to report a UNIT ATTENTION with
1119 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1120 * on the target, until a REPORT LUNS command is
1121 * received. SPC-4 behavior is to report it only once.
1122 * NOTE: sdebug_scsi_level does not use the same
1123 * values as struct scsi_device->scsi_level.
1124 */
1125 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1126 clear_luns_changed_on_target(devip);
1127 mk_sense_buffer(scp, UNIT_ATTENTION,
1128 TARGET_CHANGED_ASC,
1129 LUNS_CHANGED_ASCQ);
1130 if (sdebug_verbose)
1131 cp = "reported luns data has changed";
1132 break;
1133 default:
1134 pr_warn("unexpected unit attention code=%d\n", k);
1135 if (sdebug_verbose)
1136 cp = "unknown";
1137 break;
1138 }
1139 clear_bit(k, devip->uas_bm);
1140 if (sdebug_verbose)
1141 sdev_printk(KERN_INFO, scp->device,
1142 "%s reports: Unit attention: %s\n",
1143 my_name, cp);
1144 return check_condition_result;
1145 }
1146 return 0;
1147 }
1148
1149 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
fill_from_dev_buffer(struct scsi_cmnd * scp,unsigned char * arr,int arr_len)1150 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1151 int arr_len)
1152 {
1153 int act_len;
1154 struct scsi_data_buffer *sdb = &scp->sdb;
1155
1156 if (!sdb->length)
1157 return 0;
1158 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1159 return DID_ERROR << 16;
1160
1161 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1162 arr, arr_len);
1163 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1164
1165 return 0;
1166 }
1167
1168 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1169 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1170 * calls, not required to write in ascending offset order. Assumes resid
1171 * set to scsi_bufflen() prior to any calls.
1172 */
p_fill_from_dev_buffer(struct scsi_cmnd * scp,const void * arr,int arr_len,unsigned int off_dst)1173 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1174 int arr_len, unsigned int off_dst)
1175 {
1176 unsigned int act_len, n;
1177 struct scsi_data_buffer *sdb = &scp->sdb;
1178 off_t skip = off_dst;
1179
1180 if (sdb->length <= off_dst)
1181 return 0;
1182 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1183 return DID_ERROR << 16;
1184
1185 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1186 arr, arr_len, skip);
1187 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1188 __func__, off_dst, scsi_bufflen(scp), act_len,
1189 scsi_get_resid(scp));
1190 n = scsi_bufflen(scp) - (off_dst + act_len);
1191 scsi_set_resid(scp, min_t(int, scsi_get_resid(scp), n));
1192 return 0;
1193 }
1194
1195 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1196 * 'arr' or -1 if error.
1197 */
fetch_to_dev_buffer(struct scsi_cmnd * scp,unsigned char * arr,int arr_len)1198 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1199 int arr_len)
1200 {
1201 if (!scsi_bufflen(scp))
1202 return 0;
1203 if (scp->sc_data_direction != DMA_TO_DEVICE)
1204 return -1;
1205
1206 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1207 }
1208
1209
1210 static char sdebug_inq_vendor_id[9] = "Linux ";
1211 static char sdebug_inq_product_id[17] = "scsi_debug ";
1212 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1213 /* Use some locally assigned NAAs for SAS addresses. */
1214 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1215 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1216 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1217
1218 /* Device identification VPD page. Returns number of bytes placed in arr */
inquiry_vpd_83(unsigned char * arr,int port_group_id,int target_dev_id,int dev_id_num,const char * dev_id_str,int dev_id_str_len,const uuid_t * lu_name)1219 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1220 int target_dev_id, int dev_id_num,
1221 const char *dev_id_str, int dev_id_str_len,
1222 const uuid_t *lu_name)
1223 {
1224 int num, port_a;
1225 char b[32];
1226
1227 port_a = target_dev_id + 1;
1228 /* T10 vendor identifier field format (faked) */
1229 arr[0] = 0x2; /* ASCII */
1230 arr[1] = 0x1;
1231 arr[2] = 0x0;
1232 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1233 memcpy(&arr[12], sdebug_inq_product_id, 16);
1234 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1235 num = 8 + 16 + dev_id_str_len;
1236 arr[3] = num;
1237 num += 4;
1238 if (dev_id_num >= 0) {
1239 if (sdebug_uuid_ctl) {
1240 /* Locally assigned UUID */
1241 arr[num++] = 0x1; /* binary (not necessarily sas) */
1242 arr[num++] = 0xa; /* PIV=0, lu, naa */
1243 arr[num++] = 0x0;
1244 arr[num++] = 0x12;
1245 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1246 arr[num++] = 0x0;
1247 memcpy(arr + num, lu_name, 16);
1248 num += 16;
1249 } else {
1250 /* NAA-3, Logical unit identifier (binary) */
1251 arr[num++] = 0x1; /* binary (not necessarily sas) */
1252 arr[num++] = 0x3; /* PIV=0, lu, naa */
1253 arr[num++] = 0x0;
1254 arr[num++] = 0x8;
1255 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1256 num += 8;
1257 }
1258 /* Target relative port number */
1259 arr[num++] = 0x61; /* proto=sas, binary */
1260 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1261 arr[num++] = 0x0; /* reserved */
1262 arr[num++] = 0x4; /* length */
1263 arr[num++] = 0x0; /* reserved */
1264 arr[num++] = 0x0; /* reserved */
1265 arr[num++] = 0x0;
1266 arr[num++] = 0x1; /* relative port A */
1267 }
1268 /* NAA-3, Target port identifier */
1269 arr[num++] = 0x61; /* proto=sas, binary */
1270 arr[num++] = 0x93; /* piv=1, target port, naa */
1271 arr[num++] = 0x0;
1272 arr[num++] = 0x8;
1273 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1274 num += 8;
1275 /* NAA-3, Target port group identifier */
1276 arr[num++] = 0x61; /* proto=sas, binary */
1277 arr[num++] = 0x95; /* piv=1, target port group id */
1278 arr[num++] = 0x0;
1279 arr[num++] = 0x4;
1280 arr[num++] = 0;
1281 arr[num++] = 0;
1282 put_unaligned_be16(port_group_id, arr + num);
1283 num += 2;
1284 /* NAA-3, Target device identifier */
1285 arr[num++] = 0x61; /* proto=sas, binary */
1286 arr[num++] = 0xa3; /* piv=1, target device, naa */
1287 arr[num++] = 0x0;
1288 arr[num++] = 0x8;
1289 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1290 num += 8;
1291 /* SCSI name string: Target device identifier */
1292 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1293 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1294 arr[num++] = 0x0;
1295 arr[num++] = 24;
1296 memcpy(arr + num, "naa.32222220", 12);
1297 num += 12;
1298 snprintf(b, sizeof(b), "%08X", target_dev_id);
1299 memcpy(arr + num, b, 8);
1300 num += 8;
1301 memset(arr + num, 0, 4);
1302 num += 4;
1303 return num;
1304 }
1305
1306 static unsigned char vpd84_data[] = {
1307 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1308 0x22,0x22,0x22,0x0,0xbb,0x1,
1309 0x22,0x22,0x22,0x0,0xbb,0x2,
1310 };
1311
1312 /* Software interface identification VPD page */
inquiry_vpd_84(unsigned char * arr)1313 static int inquiry_vpd_84(unsigned char *arr)
1314 {
1315 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1316 return sizeof(vpd84_data);
1317 }
1318
1319 /* Management network addresses VPD page */
inquiry_vpd_85(unsigned char * arr)1320 static int inquiry_vpd_85(unsigned char *arr)
1321 {
1322 int num = 0;
1323 const char *na1 = "https://www.kernel.org/config";
1324 const char *na2 = "http://www.kernel.org/log";
1325 int plen, olen;
1326
1327 arr[num++] = 0x1; /* lu, storage config */
1328 arr[num++] = 0x0; /* reserved */
1329 arr[num++] = 0x0;
1330 olen = strlen(na1);
1331 plen = olen + 1;
1332 if (plen % 4)
1333 plen = ((plen / 4) + 1) * 4;
1334 arr[num++] = plen; /* length, null termianted, padded */
1335 memcpy(arr + num, na1, olen);
1336 memset(arr + num + olen, 0, plen - olen);
1337 num += plen;
1338
1339 arr[num++] = 0x4; /* lu, logging */
1340 arr[num++] = 0x0; /* reserved */
1341 arr[num++] = 0x0;
1342 olen = strlen(na2);
1343 plen = olen + 1;
1344 if (plen % 4)
1345 plen = ((plen / 4) + 1) * 4;
1346 arr[num++] = plen; /* length, null terminated, padded */
1347 memcpy(arr + num, na2, olen);
1348 memset(arr + num + olen, 0, plen - olen);
1349 num += plen;
1350
1351 return num;
1352 }
1353
1354 /* SCSI ports VPD page */
inquiry_vpd_88(unsigned char * arr,int target_dev_id)1355 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1356 {
1357 int num = 0;
1358 int port_a, port_b;
1359
1360 port_a = target_dev_id + 1;
1361 port_b = port_a + 1;
1362 arr[num++] = 0x0; /* reserved */
1363 arr[num++] = 0x0; /* reserved */
1364 arr[num++] = 0x0;
1365 arr[num++] = 0x1; /* relative port 1 (primary) */
1366 memset(arr + num, 0, 6);
1367 num += 6;
1368 arr[num++] = 0x0;
1369 arr[num++] = 12; /* length tp descriptor */
1370 /* naa-5 target port identifier (A) */
1371 arr[num++] = 0x61; /* proto=sas, binary */
1372 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1373 arr[num++] = 0x0; /* reserved */
1374 arr[num++] = 0x8; /* length */
1375 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1376 num += 8;
1377 arr[num++] = 0x0; /* reserved */
1378 arr[num++] = 0x0; /* reserved */
1379 arr[num++] = 0x0;
1380 arr[num++] = 0x2; /* relative port 2 (secondary) */
1381 memset(arr + num, 0, 6);
1382 num += 6;
1383 arr[num++] = 0x0;
1384 arr[num++] = 12; /* length tp descriptor */
1385 /* naa-5 target port identifier (B) */
1386 arr[num++] = 0x61; /* proto=sas, binary */
1387 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1388 arr[num++] = 0x0; /* reserved */
1389 arr[num++] = 0x8; /* length */
1390 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1391 num += 8;
1392
1393 return num;
1394 }
1395
1396
1397 static unsigned char vpd89_data[] = {
1398 /* from 4th byte */ 0,0,0,0,
1399 'l','i','n','u','x',' ',' ',' ',
1400 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1401 '1','2','3','4',
1402 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1403 0xec,0,0,0,
1404 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1405 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1406 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1407 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1408 0x53,0x41,
1409 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1410 0x20,0x20,
1411 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1412 0x10,0x80,
1413 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1414 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1415 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1416 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1417 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1418 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1419 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1420 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1421 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1422 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1423 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1424 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1425 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1426 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1427 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1428 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1429 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1430 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1431 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1432 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1433 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1434 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1435 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1436 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1437 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1438 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1439 };
1440
1441 /* ATA Information VPD page */
inquiry_vpd_89(unsigned char * arr)1442 static int inquiry_vpd_89(unsigned char *arr)
1443 {
1444 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1445 return sizeof(vpd89_data);
1446 }
1447
1448
1449 static unsigned char vpdb0_data[] = {
1450 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1451 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1452 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1453 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1454 };
1455
1456 /* Block limits VPD page (SBC-3) */
inquiry_vpd_b0(unsigned char * arr)1457 static int inquiry_vpd_b0(unsigned char *arr)
1458 {
1459 unsigned int gran;
1460
1461 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1462
1463 /* Optimal transfer length granularity */
1464 if (sdebug_opt_xferlen_exp != 0 &&
1465 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1466 gran = 1 << sdebug_opt_xferlen_exp;
1467 else
1468 gran = 1 << sdebug_physblk_exp;
1469 put_unaligned_be16(gran, arr + 2);
1470
1471 /* Maximum Transfer Length */
1472 if (sdebug_store_sectors > 0x400)
1473 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1474
1475 /* Optimal Transfer Length */
1476 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1477
1478 if (sdebug_lbpu) {
1479 /* Maximum Unmap LBA Count */
1480 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1481
1482 /* Maximum Unmap Block Descriptor Count */
1483 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1484 }
1485
1486 /* Unmap Granularity Alignment */
1487 if (sdebug_unmap_alignment) {
1488 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1489 arr[28] |= 0x80; /* UGAVALID */
1490 }
1491
1492 /* Optimal Unmap Granularity */
1493 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1494
1495 /* Maximum WRITE SAME Length */
1496 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1497
1498 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1499
1500 return sizeof(vpdb0_data);
1501 }
1502
1503 /* Block device characteristics VPD page (SBC-3) */
inquiry_vpd_b1(struct sdebug_dev_info * devip,unsigned char * arr)1504 static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1505 {
1506 memset(arr, 0, 0x3c);
1507 arr[0] = 0;
1508 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1509 arr[2] = 0;
1510 arr[3] = 5; /* less than 1.8" */
1511 if (devip->zmodel == BLK_ZONED_HA)
1512 arr[4] = 1 << 4; /* zoned field = 01b */
1513
1514 return 0x3c;
1515 }
1516
1517 /* Logical block provisioning VPD page (SBC-4) */
inquiry_vpd_b2(unsigned char * arr)1518 static int inquiry_vpd_b2(unsigned char *arr)
1519 {
1520 memset(arr, 0, 0x4);
1521 arr[0] = 0; /* threshold exponent */
1522 if (sdebug_lbpu)
1523 arr[1] = 1 << 7;
1524 if (sdebug_lbpws)
1525 arr[1] |= 1 << 6;
1526 if (sdebug_lbpws10)
1527 arr[1] |= 1 << 5;
1528 if (sdebug_lbprz && scsi_debug_lbp())
1529 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1530 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1531 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1532 /* threshold_percentage=0 */
1533 return 0x4;
1534 }
1535
1536 /* Zoned block device characteristics VPD page (ZBC mandatory) */
inquiry_vpd_b6(struct sdebug_dev_info * devip,unsigned char * arr)1537 static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1538 {
1539 memset(arr, 0, 0x3c);
1540 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1541 /*
1542 * Set Optimal number of open sequential write preferred zones and
1543 * Optimal number of non-sequentially written sequential write
1544 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1545 * fields set to zero, apart from Max. number of open swrz_s field.
1546 */
1547 put_unaligned_be32(0xffffffff, &arr[4]);
1548 put_unaligned_be32(0xffffffff, &arr[8]);
1549 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1550 put_unaligned_be32(devip->max_open, &arr[12]);
1551 else
1552 put_unaligned_be32(0xffffffff, &arr[12]);
1553 return 0x3c;
1554 }
1555
1556 #define SDEBUG_LONG_INQ_SZ 96
1557 #define SDEBUG_MAX_INQ_ARR_SZ 584
1558
resp_inquiry(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1559 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1560 {
1561 unsigned char pq_pdt;
1562 unsigned char *arr;
1563 unsigned char *cmd = scp->cmnd;
1564 int alloc_len, n, ret;
1565 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1566
1567 alloc_len = get_unaligned_be16(cmd + 3);
1568 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1569 if (! arr)
1570 return DID_REQUEUE << 16;
1571 is_disk = (sdebug_ptype == TYPE_DISK);
1572 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
1573 is_disk_zbc = (is_disk || is_zbc);
1574 have_wlun = scsi_is_wlun(scp->device->lun);
1575 if (have_wlun)
1576 pq_pdt = TYPE_WLUN; /* present, wlun */
1577 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1578 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1579 else
1580 pq_pdt = (sdebug_ptype & 0x1f);
1581 arr[0] = pq_pdt;
1582 if (0x2 & cmd[1]) { /* CMDDT bit set */
1583 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1584 kfree(arr);
1585 return check_condition_result;
1586 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1587 int lu_id_num, port_group_id, target_dev_id, len;
1588 char lu_id_str[6];
1589 int host_no = devip->sdbg_host->shost->host_no;
1590
1591 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1592 (devip->channel & 0x7f);
1593 if (sdebug_vpd_use_hostno == 0)
1594 host_no = 0;
1595 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1596 (devip->target * 1000) + devip->lun);
1597 target_dev_id = ((host_no + 1) * 2000) +
1598 (devip->target * 1000) - 3;
1599 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1600 if (0 == cmd[2]) { /* supported vital product data pages */
1601 arr[1] = cmd[2]; /*sanity */
1602 n = 4;
1603 arr[n++] = 0x0; /* this page */
1604 arr[n++] = 0x80; /* unit serial number */
1605 arr[n++] = 0x83; /* device identification */
1606 arr[n++] = 0x84; /* software interface ident. */
1607 arr[n++] = 0x85; /* management network addresses */
1608 arr[n++] = 0x86; /* extended inquiry */
1609 arr[n++] = 0x87; /* mode page policy */
1610 arr[n++] = 0x88; /* SCSI ports */
1611 if (is_disk_zbc) { /* SBC or ZBC */
1612 arr[n++] = 0x89; /* ATA information */
1613 arr[n++] = 0xb0; /* Block limits */
1614 arr[n++] = 0xb1; /* Block characteristics */
1615 if (is_disk)
1616 arr[n++] = 0xb2; /* LB Provisioning */
1617 if (is_zbc)
1618 arr[n++] = 0xb6; /* ZB dev. char. */
1619 }
1620 arr[3] = n - 4; /* number of supported VPD pages */
1621 } else if (0x80 == cmd[2]) { /* unit serial number */
1622 arr[1] = cmd[2]; /*sanity */
1623 arr[3] = len;
1624 memcpy(&arr[4], lu_id_str, len);
1625 } else if (0x83 == cmd[2]) { /* device identification */
1626 arr[1] = cmd[2]; /*sanity */
1627 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1628 target_dev_id, lu_id_num,
1629 lu_id_str, len,
1630 &devip->lu_name);
1631 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1632 arr[1] = cmd[2]; /*sanity */
1633 arr[3] = inquiry_vpd_84(&arr[4]);
1634 } else if (0x85 == cmd[2]) { /* Management network addresses */
1635 arr[1] = cmd[2]; /*sanity */
1636 arr[3] = inquiry_vpd_85(&arr[4]);
1637 } else if (0x86 == cmd[2]) { /* extended inquiry */
1638 arr[1] = cmd[2]; /*sanity */
1639 arr[3] = 0x3c; /* number of following entries */
1640 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1641 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1642 else if (have_dif_prot)
1643 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1644 else
1645 arr[4] = 0x0; /* no protection stuff */
1646 arr[5] = 0x7; /* head of q, ordered + simple q's */
1647 } else if (0x87 == cmd[2]) { /* mode page policy */
1648 arr[1] = cmd[2]; /*sanity */
1649 arr[3] = 0x8; /* number of following entries */
1650 arr[4] = 0x2; /* disconnect-reconnect mp */
1651 arr[6] = 0x80; /* mlus, shared */
1652 arr[8] = 0x18; /* protocol specific lu */
1653 arr[10] = 0x82; /* mlus, per initiator port */
1654 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1655 arr[1] = cmd[2]; /*sanity */
1656 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1657 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1658 arr[1] = cmd[2]; /*sanity */
1659 n = inquiry_vpd_89(&arr[4]);
1660 put_unaligned_be16(n, arr + 2);
1661 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1662 arr[1] = cmd[2]; /*sanity */
1663 arr[3] = inquiry_vpd_b0(&arr[4]);
1664 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1665 arr[1] = cmd[2]; /*sanity */
1666 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1667 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1668 arr[1] = cmd[2]; /*sanity */
1669 arr[3] = inquiry_vpd_b2(&arr[4]);
1670 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1671 arr[1] = cmd[2]; /*sanity */
1672 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1673 } else {
1674 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1675 kfree(arr);
1676 return check_condition_result;
1677 }
1678 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1679 ret = fill_from_dev_buffer(scp, arr,
1680 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1681 kfree(arr);
1682 return ret;
1683 }
1684 /* drops through here for a standard inquiry */
1685 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1686 arr[2] = sdebug_scsi_level;
1687 arr[3] = 2; /* response_data_format==2 */
1688 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1689 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1690 if (sdebug_vpd_use_hostno == 0)
1691 arr[5] |= 0x10; /* claim: implicit TPGS */
1692 arr[6] = 0x10; /* claim: MultiP */
1693 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1694 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1695 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1696 memcpy(&arr[16], sdebug_inq_product_id, 16);
1697 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1698 /* Use Vendor Specific area to place driver date in ASCII hex */
1699 memcpy(&arr[36], sdebug_version_date, 8);
1700 /* version descriptors (2 bytes each) follow */
1701 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1702 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1703 n = 62;
1704 if (is_disk) { /* SBC-4 no version claimed */
1705 put_unaligned_be16(0x600, arr + n);
1706 n += 2;
1707 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1708 put_unaligned_be16(0x525, arr + n);
1709 n += 2;
1710 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
1711 put_unaligned_be16(0x624, arr + n);
1712 n += 2;
1713 }
1714 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1715 ret = fill_from_dev_buffer(scp, arr,
1716 min_t(int, alloc_len, SDEBUG_LONG_INQ_SZ));
1717 kfree(arr);
1718 return ret;
1719 }
1720
1721 /* See resp_iec_m_pg() for how this data is manipulated */
1722 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1723 0, 0, 0x0, 0x0};
1724
resp_requests(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1725 static int resp_requests(struct scsi_cmnd *scp,
1726 struct sdebug_dev_info *devip)
1727 {
1728 unsigned char *cmd = scp->cmnd;
1729 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
1730 bool dsense = !!(cmd[1] & 1);
1731 int alloc_len = cmd[4];
1732 int len = 18;
1733 int stopped_state = atomic_read(&devip->stopped);
1734
1735 memset(arr, 0, sizeof(arr));
1736 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
1737 if (dsense) {
1738 arr[0] = 0x72;
1739 arr[1] = NOT_READY;
1740 arr[2] = LOGICAL_UNIT_NOT_READY;
1741 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
1742 len = 8;
1743 } else {
1744 arr[0] = 0x70;
1745 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
1746 arr[7] = 0xa; /* 18 byte sense buffer */
1747 arr[12] = LOGICAL_UNIT_NOT_READY;
1748 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
1749 }
1750 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1751 /* Information exceptions control mode page: TEST=1, MRIE=6 */
1752 if (dsense) {
1753 arr[0] = 0x72;
1754 arr[1] = 0x0; /* NO_SENSE in sense_key */
1755 arr[2] = THRESHOLD_EXCEEDED;
1756 arr[3] = 0xff; /* Failure prediction(false) */
1757 len = 8;
1758 } else {
1759 arr[0] = 0x70;
1760 arr[2] = 0x0; /* NO_SENSE in sense_key */
1761 arr[7] = 0xa; /* 18 byte sense buffer */
1762 arr[12] = THRESHOLD_EXCEEDED;
1763 arr[13] = 0xff; /* Failure prediction(false) */
1764 }
1765 } else { /* nothing to report */
1766 if (dsense) {
1767 len = 8;
1768 memset(arr, 0, len);
1769 arr[0] = 0x72;
1770 } else {
1771 memset(arr, 0, len);
1772 arr[0] = 0x70;
1773 arr[7] = 0xa;
1774 }
1775 }
1776 return fill_from_dev_buffer(scp, arr, min_t(int, len, alloc_len));
1777 }
1778
resp_start_stop(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1779 static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1780 {
1781 unsigned char *cmd = scp->cmnd;
1782 int power_cond, want_stop, stopped_state;
1783 bool changing;
1784
1785 power_cond = (cmd[4] & 0xf0) >> 4;
1786 if (power_cond) {
1787 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1788 return check_condition_result;
1789 }
1790 want_stop = !(cmd[4] & 1);
1791 stopped_state = atomic_read(&devip->stopped);
1792 if (stopped_state == 2) {
1793 ktime_t now_ts = ktime_get_boottime();
1794
1795 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
1796 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
1797
1798 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
1799 /* tur_ms_to_ready timer extinguished */
1800 atomic_set(&devip->stopped, 0);
1801 stopped_state = 0;
1802 }
1803 }
1804 if (stopped_state == 2) {
1805 if (want_stop) {
1806 stopped_state = 1; /* dummy up success */
1807 } else { /* Disallow tur_ms_to_ready delay to be overridden */
1808 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
1809 return check_condition_result;
1810 }
1811 }
1812 }
1813 changing = (stopped_state != want_stop);
1814 if (changing)
1815 atomic_xchg(&devip->stopped, want_stop);
1816 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
1817 return SDEG_RES_IMMED_MASK;
1818 else
1819 return 0;
1820 }
1821
get_sdebug_capacity(void)1822 static sector_t get_sdebug_capacity(void)
1823 {
1824 static const unsigned int gibibyte = 1073741824;
1825
1826 if (sdebug_virtual_gb > 0)
1827 return (sector_t)sdebug_virtual_gb *
1828 (gibibyte / sdebug_sector_size);
1829 else
1830 return sdebug_store_sectors;
1831 }
1832
1833 #define SDEBUG_READCAP_ARR_SZ 8
resp_readcap(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1834 static int resp_readcap(struct scsi_cmnd *scp,
1835 struct sdebug_dev_info *devip)
1836 {
1837 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1838 unsigned int capac;
1839
1840 /* following just in case virtual_gb changed */
1841 sdebug_capacity = get_sdebug_capacity();
1842 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1843 if (sdebug_capacity < 0xffffffff) {
1844 capac = (unsigned int)sdebug_capacity - 1;
1845 put_unaligned_be32(capac, arr + 0);
1846 } else
1847 put_unaligned_be32(0xffffffff, arr + 0);
1848 put_unaligned_be16(sdebug_sector_size, arr + 6);
1849 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1850 }
1851
1852 #define SDEBUG_READCAP16_ARR_SZ 32
resp_readcap16(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1853 static int resp_readcap16(struct scsi_cmnd *scp,
1854 struct sdebug_dev_info *devip)
1855 {
1856 unsigned char *cmd = scp->cmnd;
1857 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1858 int alloc_len;
1859
1860 alloc_len = get_unaligned_be32(cmd + 10);
1861 /* following just in case virtual_gb changed */
1862 sdebug_capacity = get_sdebug_capacity();
1863 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1864 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1865 put_unaligned_be32(sdebug_sector_size, arr + 8);
1866 arr[13] = sdebug_physblk_exp & 0xf;
1867 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1868
1869 if (scsi_debug_lbp()) {
1870 arr[14] |= 0x80; /* LBPME */
1871 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1872 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1873 * in the wider field maps to 0 in this field.
1874 */
1875 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1876 arr[14] |= 0x40;
1877 }
1878
1879 arr[15] = sdebug_lowest_aligned & 0xff;
1880
1881 if (have_dif_prot) {
1882 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1883 arr[12] |= 1; /* PROT_EN */
1884 }
1885
1886 return fill_from_dev_buffer(scp, arr,
1887 min_t(int, alloc_len, SDEBUG_READCAP16_ARR_SZ));
1888 }
1889
1890 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1891
resp_report_tgtpgs(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1892 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1893 struct sdebug_dev_info *devip)
1894 {
1895 unsigned char *cmd = scp->cmnd;
1896 unsigned char *arr;
1897 int host_no = devip->sdbg_host->shost->host_no;
1898 int n, ret, alen, rlen;
1899 int port_group_a, port_group_b, port_a, port_b;
1900
1901 alen = get_unaligned_be32(cmd + 6);
1902 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1903 if (! arr)
1904 return DID_REQUEUE << 16;
1905 /*
1906 * EVPD page 0x88 states we have two ports, one
1907 * real and a fake port with no device connected.
1908 * So we create two port groups with one port each
1909 * and set the group with port B to unavailable.
1910 */
1911 port_a = 0x1; /* relative port A */
1912 port_b = 0x2; /* relative port B */
1913 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1914 (devip->channel & 0x7f);
1915 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1916 (devip->channel & 0x7f) + 0x80;
1917
1918 /*
1919 * The asymmetric access state is cycled according to the host_id.
1920 */
1921 n = 4;
1922 if (sdebug_vpd_use_hostno == 0) {
1923 arr[n++] = host_no % 3; /* Asymm access state */
1924 arr[n++] = 0x0F; /* claim: all states are supported */
1925 } else {
1926 arr[n++] = 0x0; /* Active/Optimized path */
1927 arr[n++] = 0x01; /* only support active/optimized paths */
1928 }
1929 put_unaligned_be16(port_group_a, arr + n);
1930 n += 2;
1931 arr[n++] = 0; /* Reserved */
1932 arr[n++] = 0; /* Status code */
1933 arr[n++] = 0; /* Vendor unique */
1934 arr[n++] = 0x1; /* One port per group */
1935 arr[n++] = 0; /* Reserved */
1936 arr[n++] = 0; /* Reserved */
1937 put_unaligned_be16(port_a, arr + n);
1938 n += 2;
1939 arr[n++] = 3; /* Port unavailable */
1940 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1941 put_unaligned_be16(port_group_b, arr + n);
1942 n += 2;
1943 arr[n++] = 0; /* Reserved */
1944 arr[n++] = 0; /* Status code */
1945 arr[n++] = 0; /* Vendor unique */
1946 arr[n++] = 0x1; /* One port per group */
1947 arr[n++] = 0; /* Reserved */
1948 arr[n++] = 0; /* Reserved */
1949 put_unaligned_be16(port_b, arr + n);
1950 n += 2;
1951
1952 rlen = n - 4;
1953 put_unaligned_be32(rlen, arr + 0);
1954
1955 /*
1956 * Return the smallest value of either
1957 * - The allocated length
1958 * - The constructed command length
1959 * - The maximum array size
1960 */
1961 rlen = min_t(int, alen, n);
1962 ret = fill_from_dev_buffer(scp, arr,
1963 min_t(int, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1964 kfree(arr);
1965 return ret;
1966 }
1967
resp_rsup_opcodes(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1968 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1969 struct sdebug_dev_info *devip)
1970 {
1971 bool rctd;
1972 u8 reporting_opts, req_opcode, sdeb_i, supp;
1973 u16 req_sa, u;
1974 u32 alloc_len, a_len;
1975 int k, offset, len, errsts, count, bump, na;
1976 const struct opcode_info_t *oip;
1977 const struct opcode_info_t *r_oip;
1978 u8 *arr;
1979 u8 *cmd = scp->cmnd;
1980
1981 rctd = !!(cmd[2] & 0x80);
1982 reporting_opts = cmd[2] & 0x7;
1983 req_opcode = cmd[3];
1984 req_sa = get_unaligned_be16(cmd + 4);
1985 alloc_len = get_unaligned_be32(cmd + 6);
1986 if (alloc_len < 4 || alloc_len > 0xffff) {
1987 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1988 return check_condition_result;
1989 }
1990 if (alloc_len > 8192)
1991 a_len = 8192;
1992 else
1993 a_len = alloc_len;
1994 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1995 if (NULL == arr) {
1996 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1997 INSUFF_RES_ASCQ);
1998 return check_condition_result;
1999 }
2000 switch (reporting_opts) {
2001 case 0: /* all commands */
2002 /* count number of commands */
2003 for (count = 0, oip = opcode_info_arr;
2004 oip->num_attached != 0xff; ++oip) {
2005 if (F_INV_OP & oip->flags)
2006 continue;
2007 count += (oip->num_attached + 1);
2008 }
2009 bump = rctd ? 20 : 8;
2010 put_unaligned_be32(count * bump, arr);
2011 for (offset = 4, oip = opcode_info_arr;
2012 oip->num_attached != 0xff && offset < a_len; ++oip) {
2013 if (F_INV_OP & oip->flags)
2014 continue;
2015 na = oip->num_attached;
2016 arr[offset] = oip->opcode;
2017 put_unaligned_be16(oip->sa, arr + offset + 2);
2018 if (rctd)
2019 arr[offset + 5] |= 0x2;
2020 if (FF_SA & oip->flags)
2021 arr[offset + 5] |= 0x1;
2022 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2023 if (rctd)
2024 put_unaligned_be16(0xa, arr + offset + 8);
2025 r_oip = oip;
2026 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2027 if (F_INV_OP & oip->flags)
2028 continue;
2029 offset += bump;
2030 arr[offset] = oip->opcode;
2031 put_unaligned_be16(oip->sa, arr + offset + 2);
2032 if (rctd)
2033 arr[offset + 5] |= 0x2;
2034 if (FF_SA & oip->flags)
2035 arr[offset + 5] |= 0x1;
2036 put_unaligned_be16(oip->len_mask[0],
2037 arr + offset + 6);
2038 if (rctd)
2039 put_unaligned_be16(0xa,
2040 arr + offset + 8);
2041 }
2042 oip = r_oip;
2043 offset += bump;
2044 }
2045 break;
2046 case 1: /* one command: opcode only */
2047 case 2: /* one command: opcode plus service action */
2048 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2049 sdeb_i = opcode_ind_arr[req_opcode];
2050 oip = &opcode_info_arr[sdeb_i];
2051 if (F_INV_OP & oip->flags) {
2052 supp = 1;
2053 offset = 4;
2054 } else {
2055 if (1 == reporting_opts) {
2056 if (FF_SA & oip->flags) {
2057 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2058 2, 2);
2059 kfree(arr);
2060 return check_condition_result;
2061 }
2062 req_sa = 0;
2063 } else if (2 == reporting_opts &&
2064 0 == (FF_SA & oip->flags)) {
2065 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2066 kfree(arr); /* point at requested sa */
2067 return check_condition_result;
2068 }
2069 if (0 == (FF_SA & oip->flags) &&
2070 req_opcode == oip->opcode)
2071 supp = 3;
2072 else if (0 == (FF_SA & oip->flags)) {
2073 na = oip->num_attached;
2074 for (k = 0, oip = oip->arrp; k < na;
2075 ++k, ++oip) {
2076 if (req_opcode == oip->opcode)
2077 break;
2078 }
2079 supp = (k >= na) ? 1 : 3;
2080 } else if (req_sa != oip->sa) {
2081 na = oip->num_attached;
2082 for (k = 0, oip = oip->arrp; k < na;
2083 ++k, ++oip) {
2084 if (req_sa == oip->sa)
2085 break;
2086 }
2087 supp = (k >= na) ? 1 : 3;
2088 } else
2089 supp = 3;
2090 if (3 == supp) {
2091 u = oip->len_mask[0];
2092 put_unaligned_be16(u, arr + 2);
2093 arr[4] = oip->opcode;
2094 for (k = 1; k < u; ++k)
2095 arr[4 + k] = (k < 16) ?
2096 oip->len_mask[k] : 0xff;
2097 offset = 4 + u;
2098 } else
2099 offset = 4;
2100 }
2101 arr[1] = (rctd ? 0x80 : 0) | supp;
2102 if (rctd) {
2103 put_unaligned_be16(0xa, arr + offset);
2104 offset += 12;
2105 }
2106 break;
2107 default:
2108 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2109 kfree(arr);
2110 return check_condition_result;
2111 }
2112 offset = (offset < a_len) ? offset : a_len;
2113 len = (offset < alloc_len) ? offset : alloc_len;
2114 errsts = fill_from_dev_buffer(scp, arr, len);
2115 kfree(arr);
2116 return errsts;
2117 }
2118
resp_rsup_tmfs(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2119 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2120 struct sdebug_dev_info *devip)
2121 {
2122 bool repd;
2123 u32 alloc_len, len;
2124 u8 arr[16];
2125 u8 *cmd = scp->cmnd;
2126
2127 memset(arr, 0, sizeof(arr));
2128 repd = !!(cmd[2] & 0x80);
2129 alloc_len = get_unaligned_be32(cmd + 6);
2130 if (alloc_len < 4) {
2131 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2132 return check_condition_result;
2133 }
2134 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2135 arr[1] = 0x1; /* ITNRS */
2136 if (repd) {
2137 arr[3] = 0xc;
2138 len = 16;
2139 } else
2140 len = 4;
2141
2142 len = (len < alloc_len) ? len : alloc_len;
2143 return fill_from_dev_buffer(scp, arr, len);
2144 }
2145
2146 /* <<Following mode page info copied from ST318451LW>> */
2147
resp_err_recov_pg(unsigned char * p,int pcontrol,int target)2148 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2149 { /* Read-Write Error Recovery page for mode_sense */
2150 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2151 5, 0, 0xff, 0xff};
2152
2153 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2154 if (1 == pcontrol)
2155 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2156 return sizeof(err_recov_pg);
2157 }
2158
resp_disconnect_pg(unsigned char * p,int pcontrol,int target)2159 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2160 { /* Disconnect-Reconnect page for mode_sense */
2161 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2162 0, 0, 0, 0, 0, 0, 0, 0};
2163
2164 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2165 if (1 == pcontrol)
2166 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2167 return sizeof(disconnect_pg);
2168 }
2169
resp_format_pg(unsigned char * p,int pcontrol,int target)2170 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2171 { /* Format device page for mode_sense */
2172 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2173 0, 0, 0, 0, 0, 0, 0, 0,
2174 0, 0, 0, 0, 0x40, 0, 0, 0};
2175
2176 memcpy(p, format_pg, sizeof(format_pg));
2177 put_unaligned_be16(sdebug_sectors_per, p + 10);
2178 put_unaligned_be16(sdebug_sector_size, p + 12);
2179 if (sdebug_removable)
2180 p[20] |= 0x20; /* should agree with INQUIRY */
2181 if (1 == pcontrol)
2182 memset(p + 2, 0, sizeof(format_pg) - 2);
2183 return sizeof(format_pg);
2184 }
2185
2186 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2187 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2188 0, 0, 0, 0};
2189
resp_caching_pg(unsigned char * p,int pcontrol,int target)2190 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2191 { /* Caching page for mode_sense */
2192 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2193 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2194 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2195 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2196
2197 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2198 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2199 memcpy(p, caching_pg, sizeof(caching_pg));
2200 if (1 == pcontrol)
2201 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2202 else if (2 == pcontrol)
2203 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2204 return sizeof(caching_pg);
2205 }
2206
2207 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2208 0, 0, 0x2, 0x4b};
2209
resp_ctrl_m_pg(unsigned char * p,int pcontrol,int target)2210 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2211 { /* Control mode page for mode_sense */
2212 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2213 0, 0, 0, 0};
2214 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2215 0, 0, 0x2, 0x4b};
2216
2217 if (sdebug_dsense)
2218 ctrl_m_pg[2] |= 0x4;
2219 else
2220 ctrl_m_pg[2] &= ~0x4;
2221
2222 if (sdebug_ato)
2223 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2224
2225 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2226 if (1 == pcontrol)
2227 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2228 else if (2 == pcontrol)
2229 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2230 return sizeof(ctrl_m_pg);
2231 }
2232
2233
resp_iec_m_pg(unsigned char * p,int pcontrol,int target)2234 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2235 { /* Informational Exceptions control mode page for mode_sense */
2236 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2237 0, 0, 0x0, 0x0};
2238 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2239 0, 0, 0x0, 0x0};
2240
2241 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2242 if (1 == pcontrol)
2243 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2244 else if (2 == pcontrol)
2245 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2246 return sizeof(iec_m_pg);
2247 }
2248
resp_sas_sf_m_pg(unsigned char * p,int pcontrol,int target)2249 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2250 { /* SAS SSP mode page - short format for mode_sense */
2251 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2252 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2253
2254 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2255 if (1 == pcontrol)
2256 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2257 return sizeof(sas_sf_m_pg);
2258 }
2259
2260
resp_sas_pcd_m_spg(unsigned char * p,int pcontrol,int target,int target_dev_id)2261 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2262 int target_dev_id)
2263 { /* SAS phy control and discover mode page for mode_sense */
2264 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2265 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2266 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2267 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2268 0x2, 0, 0, 0, 0, 0, 0, 0,
2269 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2270 0, 0, 0, 0, 0, 0, 0, 0,
2271 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2272 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2273 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2274 0x3, 0, 0, 0, 0, 0, 0, 0,
2275 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2276 0, 0, 0, 0, 0, 0, 0, 0,
2277 };
2278 int port_a, port_b;
2279
2280 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2281 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2282 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2283 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2284 port_a = target_dev_id + 1;
2285 port_b = port_a + 1;
2286 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2287 put_unaligned_be32(port_a, p + 20);
2288 put_unaligned_be32(port_b, p + 48 + 20);
2289 if (1 == pcontrol)
2290 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2291 return sizeof(sas_pcd_m_pg);
2292 }
2293
resp_sas_sha_m_spg(unsigned char * p,int pcontrol)2294 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2295 { /* SAS SSP shared protocol specific port mode subpage */
2296 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2297 0, 0, 0, 0, 0, 0, 0, 0,
2298 };
2299
2300 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2301 if (1 == pcontrol)
2302 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2303 return sizeof(sas_sha_m_pg);
2304 }
2305
2306 #define SDEBUG_MAX_MSENSE_SZ 256
2307
resp_mode_sense(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2308 static int resp_mode_sense(struct scsi_cmnd *scp,
2309 struct sdebug_dev_info *devip)
2310 {
2311 int pcontrol, pcode, subpcode, bd_len;
2312 unsigned char dev_spec;
2313 int alloc_len, offset, len, target_dev_id;
2314 int target = scp->device->id;
2315 unsigned char *ap;
2316 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2317 unsigned char *cmd = scp->cmnd;
2318 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2319
2320 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2321 pcontrol = (cmd[2] & 0xc0) >> 6;
2322 pcode = cmd[2] & 0x3f;
2323 subpcode = cmd[3];
2324 msense_6 = (MODE_SENSE == cmd[0]);
2325 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2326 is_disk = (sdebug_ptype == TYPE_DISK);
2327 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
2328 if ((is_disk || is_zbc) && !dbd)
2329 bd_len = llbaa ? 16 : 8;
2330 else
2331 bd_len = 0;
2332 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2333 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2334 if (0x3 == pcontrol) { /* Saving values not supported */
2335 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2336 return check_condition_result;
2337 }
2338 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2339 (devip->target * 1000) - 3;
2340 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2341 if (is_disk || is_zbc) {
2342 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2343 if (sdebug_wp)
2344 dev_spec |= 0x80;
2345 } else
2346 dev_spec = 0x0;
2347 if (msense_6) {
2348 arr[2] = dev_spec;
2349 arr[3] = bd_len;
2350 offset = 4;
2351 } else {
2352 arr[3] = dev_spec;
2353 if (16 == bd_len)
2354 arr[4] = 0x1; /* set LONGLBA bit */
2355 arr[7] = bd_len; /* assume 255 or less */
2356 offset = 8;
2357 }
2358 ap = arr + offset;
2359 if ((bd_len > 0) && (!sdebug_capacity))
2360 sdebug_capacity = get_sdebug_capacity();
2361
2362 if (8 == bd_len) {
2363 if (sdebug_capacity > 0xfffffffe)
2364 put_unaligned_be32(0xffffffff, ap + 0);
2365 else
2366 put_unaligned_be32(sdebug_capacity, ap + 0);
2367 put_unaligned_be16(sdebug_sector_size, ap + 6);
2368 offset += bd_len;
2369 ap = arr + offset;
2370 } else if (16 == bd_len) {
2371 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2372 put_unaligned_be32(sdebug_sector_size, ap + 12);
2373 offset += bd_len;
2374 ap = arr + offset;
2375 }
2376
2377 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2378 /* TODO: Control Extension page */
2379 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2380 return check_condition_result;
2381 }
2382 bad_pcode = false;
2383
2384 switch (pcode) {
2385 case 0x1: /* Read-Write error recovery page, direct access */
2386 len = resp_err_recov_pg(ap, pcontrol, target);
2387 offset += len;
2388 break;
2389 case 0x2: /* Disconnect-Reconnect page, all devices */
2390 len = resp_disconnect_pg(ap, pcontrol, target);
2391 offset += len;
2392 break;
2393 case 0x3: /* Format device page, direct access */
2394 if (is_disk) {
2395 len = resp_format_pg(ap, pcontrol, target);
2396 offset += len;
2397 } else
2398 bad_pcode = true;
2399 break;
2400 case 0x8: /* Caching page, direct access */
2401 if (is_disk || is_zbc) {
2402 len = resp_caching_pg(ap, pcontrol, target);
2403 offset += len;
2404 } else
2405 bad_pcode = true;
2406 break;
2407 case 0xa: /* Control Mode page, all devices */
2408 len = resp_ctrl_m_pg(ap, pcontrol, target);
2409 offset += len;
2410 break;
2411 case 0x19: /* if spc==1 then sas phy, control+discover */
2412 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2413 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2414 return check_condition_result;
2415 }
2416 len = 0;
2417 if ((0x0 == subpcode) || (0xff == subpcode))
2418 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2419 if ((0x1 == subpcode) || (0xff == subpcode))
2420 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2421 target_dev_id);
2422 if ((0x2 == subpcode) || (0xff == subpcode))
2423 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2424 offset += len;
2425 break;
2426 case 0x1c: /* Informational Exceptions Mode page, all devices */
2427 len = resp_iec_m_pg(ap, pcontrol, target);
2428 offset += len;
2429 break;
2430 case 0x3f: /* Read all Mode pages */
2431 if ((0 == subpcode) || (0xff == subpcode)) {
2432 len = resp_err_recov_pg(ap, pcontrol, target);
2433 len += resp_disconnect_pg(ap + len, pcontrol, target);
2434 if (is_disk) {
2435 len += resp_format_pg(ap + len, pcontrol,
2436 target);
2437 len += resp_caching_pg(ap + len, pcontrol,
2438 target);
2439 } else if (is_zbc) {
2440 len += resp_caching_pg(ap + len, pcontrol,
2441 target);
2442 }
2443 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2444 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2445 if (0xff == subpcode) {
2446 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2447 target, target_dev_id);
2448 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2449 }
2450 len += resp_iec_m_pg(ap + len, pcontrol, target);
2451 offset += len;
2452 } else {
2453 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2454 return check_condition_result;
2455 }
2456 break;
2457 default:
2458 bad_pcode = true;
2459 break;
2460 }
2461 if (bad_pcode) {
2462 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2463 return check_condition_result;
2464 }
2465 if (msense_6)
2466 arr[0] = offset - 1;
2467 else
2468 put_unaligned_be16((offset - 2), arr + 0);
2469 return fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, offset));
2470 }
2471
2472 #define SDEBUG_MAX_MSELECT_SZ 512
2473
resp_mode_select(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2474 static int resp_mode_select(struct scsi_cmnd *scp,
2475 struct sdebug_dev_info *devip)
2476 {
2477 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2478 int param_len, res, mpage;
2479 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2480 unsigned char *cmd = scp->cmnd;
2481 int mselect6 = (MODE_SELECT == cmd[0]);
2482
2483 memset(arr, 0, sizeof(arr));
2484 pf = cmd[1] & 0x10;
2485 sp = cmd[1] & 0x1;
2486 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2487 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2488 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2489 return check_condition_result;
2490 }
2491 res = fetch_to_dev_buffer(scp, arr, param_len);
2492 if (-1 == res)
2493 return DID_ERROR << 16;
2494 else if (sdebug_verbose && (res < param_len))
2495 sdev_printk(KERN_INFO, scp->device,
2496 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2497 __func__, param_len, res);
2498 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2499 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2500 if (md_len > 2) {
2501 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2502 return check_condition_result;
2503 }
2504 off = bd_len + (mselect6 ? 4 : 8);
2505 mpage = arr[off] & 0x3f;
2506 ps = !!(arr[off] & 0x80);
2507 if (ps) {
2508 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2509 return check_condition_result;
2510 }
2511 spf = !!(arr[off] & 0x40);
2512 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2513 (arr[off + 1] + 2);
2514 if ((pg_len + off) > param_len) {
2515 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2516 PARAMETER_LIST_LENGTH_ERR, 0);
2517 return check_condition_result;
2518 }
2519 switch (mpage) {
2520 case 0x8: /* Caching Mode page */
2521 if (caching_pg[1] == arr[off + 1]) {
2522 memcpy(caching_pg + 2, arr + off + 2,
2523 sizeof(caching_pg) - 2);
2524 goto set_mode_changed_ua;
2525 }
2526 break;
2527 case 0xa: /* Control Mode page */
2528 if (ctrl_m_pg[1] == arr[off + 1]) {
2529 memcpy(ctrl_m_pg + 2, arr + off + 2,
2530 sizeof(ctrl_m_pg) - 2);
2531 if (ctrl_m_pg[4] & 0x8)
2532 sdebug_wp = true;
2533 else
2534 sdebug_wp = false;
2535 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2536 goto set_mode_changed_ua;
2537 }
2538 break;
2539 case 0x1c: /* Informational Exceptions Mode page */
2540 if (iec_m_pg[1] == arr[off + 1]) {
2541 memcpy(iec_m_pg + 2, arr + off + 2,
2542 sizeof(iec_m_pg) - 2);
2543 goto set_mode_changed_ua;
2544 }
2545 break;
2546 default:
2547 break;
2548 }
2549 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2550 return check_condition_result;
2551 set_mode_changed_ua:
2552 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2553 return 0;
2554 }
2555
resp_temp_l_pg(unsigned char * arr)2556 static int resp_temp_l_pg(unsigned char *arr)
2557 {
2558 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2559 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2560 };
2561
2562 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2563 return sizeof(temp_l_pg);
2564 }
2565
resp_ie_l_pg(unsigned char * arr)2566 static int resp_ie_l_pg(unsigned char *arr)
2567 {
2568 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2569 };
2570
2571 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2572 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2573 arr[4] = THRESHOLD_EXCEEDED;
2574 arr[5] = 0xff;
2575 }
2576 return sizeof(ie_l_pg);
2577 }
2578
2579 #define SDEBUG_MAX_LSENSE_SZ 512
2580
resp_log_sense(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2581 static int resp_log_sense(struct scsi_cmnd *scp,
2582 struct sdebug_dev_info *devip)
2583 {
2584 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2585 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2586 unsigned char *cmd = scp->cmnd;
2587
2588 memset(arr, 0, sizeof(arr));
2589 ppc = cmd[1] & 0x2;
2590 sp = cmd[1] & 0x1;
2591 if (ppc || sp) {
2592 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2593 return check_condition_result;
2594 }
2595 pcode = cmd[2] & 0x3f;
2596 subpcode = cmd[3] & 0xff;
2597 alloc_len = get_unaligned_be16(cmd + 7);
2598 arr[0] = pcode;
2599 if (0 == subpcode) {
2600 switch (pcode) {
2601 case 0x0: /* Supported log pages log page */
2602 n = 4;
2603 arr[n++] = 0x0; /* this page */
2604 arr[n++] = 0xd; /* Temperature */
2605 arr[n++] = 0x2f; /* Informational exceptions */
2606 arr[3] = n - 4;
2607 break;
2608 case 0xd: /* Temperature log page */
2609 arr[3] = resp_temp_l_pg(arr + 4);
2610 break;
2611 case 0x2f: /* Informational exceptions log page */
2612 arr[3] = resp_ie_l_pg(arr + 4);
2613 break;
2614 default:
2615 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2616 return check_condition_result;
2617 }
2618 } else if (0xff == subpcode) {
2619 arr[0] |= 0x40;
2620 arr[1] = subpcode;
2621 switch (pcode) {
2622 case 0x0: /* Supported log pages and subpages log page */
2623 n = 4;
2624 arr[n++] = 0x0;
2625 arr[n++] = 0x0; /* 0,0 page */
2626 arr[n++] = 0x0;
2627 arr[n++] = 0xff; /* this page */
2628 arr[n++] = 0xd;
2629 arr[n++] = 0x0; /* Temperature */
2630 arr[n++] = 0x2f;
2631 arr[n++] = 0x0; /* Informational exceptions */
2632 arr[3] = n - 4;
2633 break;
2634 case 0xd: /* Temperature subpages */
2635 n = 4;
2636 arr[n++] = 0xd;
2637 arr[n++] = 0x0; /* Temperature */
2638 arr[3] = n - 4;
2639 break;
2640 case 0x2f: /* Informational exceptions subpages */
2641 n = 4;
2642 arr[n++] = 0x2f;
2643 arr[n++] = 0x0; /* Informational exceptions */
2644 arr[3] = n - 4;
2645 break;
2646 default:
2647 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2648 return check_condition_result;
2649 }
2650 } else {
2651 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2652 return check_condition_result;
2653 }
2654 len = min_t(int, get_unaligned_be16(arr + 2) + 4, alloc_len);
2655 return fill_from_dev_buffer(scp, arr,
2656 min_t(int, len, SDEBUG_MAX_INQ_ARR_SZ));
2657 }
2658
sdebug_dev_is_zoned(struct sdebug_dev_info * devip)2659 static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
2660 {
2661 return devip->nr_zones != 0;
2662 }
2663
zbc_zone(struct sdebug_dev_info * devip,unsigned long long lba)2664 static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
2665 unsigned long long lba)
2666 {
2667 return &devip->zstate[lba >> devip->zsize_shift];
2668 }
2669
zbc_zone_is_conv(struct sdeb_zone_state * zsp)2670 static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
2671 {
2672 return zsp->z_type == ZBC_ZONE_TYPE_CNV;
2673 }
2674
zbc_close_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp)2675 static void zbc_close_zone(struct sdebug_dev_info *devip,
2676 struct sdeb_zone_state *zsp)
2677 {
2678 enum sdebug_z_cond zc;
2679
2680 if (zbc_zone_is_conv(zsp))
2681 return;
2682
2683 zc = zsp->z_cond;
2684 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
2685 return;
2686
2687 if (zc == ZC2_IMPLICIT_OPEN)
2688 devip->nr_imp_open--;
2689 else
2690 devip->nr_exp_open--;
2691
2692 if (zsp->z_wp == zsp->z_start) {
2693 zsp->z_cond = ZC1_EMPTY;
2694 } else {
2695 zsp->z_cond = ZC4_CLOSED;
2696 devip->nr_closed++;
2697 }
2698 }
2699
zbc_close_imp_open_zone(struct sdebug_dev_info * devip)2700 static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
2701 {
2702 struct sdeb_zone_state *zsp = &devip->zstate[0];
2703 unsigned int i;
2704
2705 for (i = 0; i < devip->nr_zones; i++, zsp++) {
2706 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
2707 zbc_close_zone(devip, zsp);
2708 return;
2709 }
2710 }
2711 }
2712
zbc_open_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp,bool explicit)2713 static void zbc_open_zone(struct sdebug_dev_info *devip,
2714 struct sdeb_zone_state *zsp, bool explicit)
2715 {
2716 enum sdebug_z_cond zc;
2717
2718 if (zbc_zone_is_conv(zsp))
2719 return;
2720
2721 zc = zsp->z_cond;
2722 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
2723 (!explicit && zc == ZC2_IMPLICIT_OPEN))
2724 return;
2725
2726 /* Close an implicit open zone if necessary */
2727 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
2728 zbc_close_zone(devip, zsp);
2729 else if (devip->max_open &&
2730 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
2731 zbc_close_imp_open_zone(devip);
2732
2733 if (zsp->z_cond == ZC4_CLOSED)
2734 devip->nr_closed--;
2735 if (explicit) {
2736 zsp->z_cond = ZC3_EXPLICIT_OPEN;
2737 devip->nr_exp_open++;
2738 } else {
2739 zsp->z_cond = ZC2_IMPLICIT_OPEN;
2740 devip->nr_imp_open++;
2741 }
2742 }
2743
zbc_inc_wp(struct sdebug_dev_info * devip,unsigned long long lba,unsigned int num)2744 static void zbc_inc_wp(struct sdebug_dev_info *devip,
2745 unsigned long long lba, unsigned int num)
2746 {
2747 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2748 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
2749
2750 if (zbc_zone_is_conv(zsp))
2751 return;
2752
2753 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2754 zsp->z_wp += num;
2755 if (zsp->z_wp >= zend)
2756 zsp->z_cond = ZC5_FULL;
2757 return;
2758 }
2759
2760 while (num) {
2761 if (lba != zsp->z_wp)
2762 zsp->z_non_seq_resource = true;
2763
2764 end = lba + num;
2765 if (end >= zend) {
2766 n = zend - lba;
2767 zsp->z_wp = zend;
2768 } else if (end > zsp->z_wp) {
2769 n = num;
2770 zsp->z_wp = end;
2771 } else {
2772 n = num;
2773 }
2774 if (zsp->z_wp >= zend)
2775 zsp->z_cond = ZC5_FULL;
2776
2777 num -= n;
2778 lba += n;
2779 if (num) {
2780 zsp++;
2781 zend = zsp->z_start + zsp->z_size;
2782 }
2783 }
2784 }
2785
check_zbc_access_params(struct scsi_cmnd * scp,unsigned long long lba,unsigned int num,bool write)2786 static int check_zbc_access_params(struct scsi_cmnd *scp,
2787 unsigned long long lba, unsigned int num, bool write)
2788 {
2789 struct scsi_device *sdp = scp->device;
2790 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2791 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2792 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
2793
2794 if (!write) {
2795 if (devip->zmodel == BLK_ZONED_HA)
2796 return 0;
2797 /* For host-managed, reads cannot cross zone types boundaries */
2798 if (zsp_end != zsp &&
2799 zbc_zone_is_conv(zsp) &&
2800 !zbc_zone_is_conv(zsp_end)) {
2801 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2802 LBA_OUT_OF_RANGE,
2803 READ_INVDATA_ASCQ);
2804 return check_condition_result;
2805 }
2806 return 0;
2807 }
2808
2809 /* No restrictions for writes within conventional zones */
2810 if (zbc_zone_is_conv(zsp)) {
2811 if (!zbc_zone_is_conv(zsp_end)) {
2812 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2813 LBA_OUT_OF_RANGE,
2814 WRITE_BOUNDARY_ASCQ);
2815 return check_condition_result;
2816 }
2817 return 0;
2818 }
2819
2820 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2821 /* Writes cannot cross sequential zone boundaries */
2822 if (zsp_end != zsp) {
2823 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2824 LBA_OUT_OF_RANGE,
2825 WRITE_BOUNDARY_ASCQ);
2826 return check_condition_result;
2827 }
2828 /* Cannot write full zones */
2829 if (zsp->z_cond == ZC5_FULL) {
2830 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2831 INVALID_FIELD_IN_CDB, 0);
2832 return check_condition_result;
2833 }
2834 /* Writes must be aligned to the zone WP */
2835 if (lba != zsp->z_wp) {
2836 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2837 LBA_OUT_OF_RANGE,
2838 UNALIGNED_WRITE_ASCQ);
2839 return check_condition_result;
2840 }
2841 }
2842
2843 /* Handle implicit open of closed and empty zones */
2844 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
2845 if (devip->max_open &&
2846 devip->nr_exp_open >= devip->max_open) {
2847 mk_sense_buffer(scp, DATA_PROTECT,
2848 INSUFF_RES_ASC,
2849 INSUFF_ZONE_ASCQ);
2850 return check_condition_result;
2851 }
2852 zbc_open_zone(devip, zsp, false);
2853 }
2854
2855 return 0;
2856 }
2857
check_device_access_params(struct scsi_cmnd * scp,unsigned long long lba,unsigned int num,bool write)2858 static inline int check_device_access_params
2859 (struct scsi_cmnd *scp, unsigned long long lba,
2860 unsigned int num, bool write)
2861 {
2862 struct scsi_device *sdp = scp->device;
2863 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2864
2865 if (lba + num > sdebug_capacity) {
2866 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2867 return check_condition_result;
2868 }
2869 /* transfer length excessive (tie in to block limits VPD page) */
2870 if (num > sdebug_store_sectors) {
2871 /* needs work to find which cdb byte 'num' comes from */
2872 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2873 return check_condition_result;
2874 }
2875 if (write && unlikely(sdebug_wp)) {
2876 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2877 return check_condition_result;
2878 }
2879 if (sdebug_dev_is_zoned(devip))
2880 return check_zbc_access_params(scp, lba, num, write);
2881
2882 return 0;
2883 }
2884
2885 /*
2886 * Note: if BUG_ON() fires it usually indicates a problem with the parser
2887 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
2888 * that access any of the "stores" in struct sdeb_store_info should call this
2889 * function with bug_if_fake_rw set to true.
2890 */
devip2sip(struct sdebug_dev_info * devip,bool bug_if_fake_rw)2891 static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
2892 bool bug_if_fake_rw)
2893 {
2894 if (sdebug_fake_rw) {
2895 BUG_ON(bug_if_fake_rw); /* See note above */
2896 return NULL;
2897 }
2898 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
2899 }
2900
2901 /* Returns number of bytes copied or -1 if error. */
do_device_access(struct sdeb_store_info * sip,struct scsi_cmnd * scp,u32 sg_skip,u64 lba,u32 num,bool do_write)2902 static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
2903 u32 sg_skip, u64 lba, u32 num, bool do_write)
2904 {
2905 int ret;
2906 u64 block, rest = 0;
2907 enum dma_data_direction dir;
2908 struct scsi_data_buffer *sdb = &scp->sdb;
2909 u8 *fsp;
2910
2911 if (do_write) {
2912 dir = DMA_TO_DEVICE;
2913 write_since_sync = true;
2914 } else {
2915 dir = DMA_FROM_DEVICE;
2916 }
2917
2918 if (!sdb->length || !sip)
2919 return 0;
2920 if (scp->sc_data_direction != dir)
2921 return -1;
2922 fsp = sip->storep;
2923
2924 block = do_div(lba, sdebug_store_sectors);
2925 if (block + num > sdebug_store_sectors)
2926 rest = block + num - sdebug_store_sectors;
2927
2928 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2929 fsp + (block * sdebug_sector_size),
2930 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2931 if (ret != (num - rest) * sdebug_sector_size)
2932 return ret;
2933
2934 if (rest) {
2935 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2936 fsp, rest * sdebug_sector_size,
2937 sg_skip + ((num - rest) * sdebug_sector_size),
2938 do_write);
2939 }
2940
2941 return ret;
2942 }
2943
2944 /* Returns number of bytes copied or -1 if error. */
do_dout_fetch(struct scsi_cmnd * scp,u32 num,u8 * doutp)2945 static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
2946 {
2947 struct scsi_data_buffer *sdb = &scp->sdb;
2948
2949 if (!sdb->length)
2950 return 0;
2951 if (scp->sc_data_direction != DMA_TO_DEVICE)
2952 return -1;
2953 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
2954 num * sdebug_sector_size, 0, true);
2955 }
2956
2957 /* If sip->storep+lba compares equal to arr(num), then copy top half of
2958 * arr into sip->storep+lba and return true. If comparison fails then
2959 * return false. */
comp_write_worker(struct sdeb_store_info * sip,u64 lba,u32 num,const u8 * arr,bool compare_only)2960 static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
2961 const u8 *arr, bool compare_only)
2962 {
2963 bool res;
2964 u64 block, rest = 0;
2965 u32 store_blks = sdebug_store_sectors;
2966 u32 lb_size = sdebug_sector_size;
2967 u8 *fsp = sip->storep;
2968
2969 block = do_div(lba, store_blks);
2970 if (block + num > store_blks)
2971 rest = block + num - store_blks;
2972
2973 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2974 if (!res)
2975 return res;
2976 if (rest)
2977 res = memcmp(fsp, arr + ((num - rest) * lb_size),
2978 rest * lb_size);
2979 if (!res)
2980 return res;
2981 if (compare_only)
2982 return true;
2983 arr += num * lb_size;
2984 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2985 if (rest)
2986 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
2987 return res;
2988 }
2989
dif_compute_csum(const void * buf,int len)2990 static __be16 dif_compute_csum(const void *buf, int len)
2991 {
2992 __be16 csum;
2993
2994 if (sdebug_guard)
2995 csum = (__force __be16)ip_compute_csum(buf, len);
2996 else
2997 csum = cpu_to_be16(crc_t10dif(buf, len));
2998
2999 return csum;
3000 }
3001
dif_verify(struct t10_pi_tuple * sdt,const void * data,sector_t sector,u32 ei_lba)3002 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3003 sector_t sector, u32 ei_lba)
3004 {
3005 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3006
3007 if (sdt->guard_tag != csum) {
3008 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3009 (unsigned long)sector,
3010 be16_to_cpu(sdt->guard_tag),
3011 be16_to_cpu(csum));
3012 return 0x01;
3013 }
3014 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3015 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3016 pr_err("REF check failed on sector %lu\n",
3017 (unsigned long)sector);
3018 return 0x03;
3019 }
3020 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3021 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3022 pr_err("REF check failed on sector %lu\n",
3023 (unsigned long)sector);
3024 return 0x03;
3025 }
3026 return 0;
3027 }
3028
dif_copy_prot(struct scsi_cmnd * scp,sector_t sector,unsigned int sectors,bool read)3029 static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3030 unsigned int sectors, bool read)
3031 {
3032 size_t resid;
3033 void *paddr;
3034 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3035 scp->device->hostdata, true);
3036 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3037 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3038 struct sg_mapping_iter miter;
3039
3040 /* Bytes of protection data to copy into sgl */
3041 resid = sectors * sizeof(*dif_storep);
3042
3043 sg_miter_start(&miter, scsi_prot_sglist(scp),
3044 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3045 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3046
3047 while (sg_miter_next(&miter) && resid > 0) {
3048 size_t len = min_t(size_t, miter.length, resid);
3049 void *start = dif_store(sip, sector);
3050 size_t rest = 0;
3051
3052 if (dif_store_end < start + len)
3053 rest = start + len - dif_store_end;
3054
3055 paddr = miter.addr;
3056
3057 if (read)
3058 memcpy(paddr, start, len - rest);
3059 else
3060 memcpy(start, paddr, len - rest);
3061
3062 if (rest) {
3063 if (read)
3064 memcpy(paddr + len - rest, dif_storep, rest);
3065 else
3066 memcpy(dif_storep, paddr + len - rest, rest);
3067 }
3068
3069 sector += len / sizeof(*dif_storep);
3070 resid -= len;
3071 }
3072 sg_miter_stop(&miter);
3073 }
3074
prot_verify_read(struct scsi_cmnd * scp,sector_t start_sec,unsigned int sectors,u32 ei_lba)3075 static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3076 unsigned int sectors, u32 ei_lba)
3077 {
3078 unsigned int i;
3079 sector_t sector;
3080 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3081 scp->device->hostdata, true);
3082 struct t10_pi_tuple *sdt;
3083
3084 for (i = 0; i < sectors; i++, ei_lba++) {
3085 int ret;
3086
3087 sector = start_sec + i;
3088 sdt = dif_store(sip, sector);
3089
3090 if (sdt->app_tag == cpu_to_be16(0xffff))
3091 continue;
3092
3093 ret = dif_verify(sdt, lba2fake_store(sip, sector), sector,
3094 ei_lba);
3095 if (ret) {
3096 dif_errors++;
3097 return ret;
3098 }
3099 }
3100
3101 dif_copy_prot(scp, start_sec, sectors, true);
3102 dix_reads++;
3103
3104 return 0;
3105 }
3106
resp_read_dt0(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3107 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3108 {
3109 bool check_prot;
3110 u32 num;
3111 u32 ei_lba;
3112 int ret;
3113 u64 lba;
3114 struct sdeb_store_info *sip = devip2sip(devip, true);
3115 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
3116 u8 *cmd = scp->cmnd;
3117
3118 switch (cmd[0]) {
3119 case READ_16:
3120 ei_lba = 0;
3121 lba = get_unaligned_be64(cmd + 2);
3122 num = get_unaligned_be32(cmd + 10);
3123 check_prot = true;
3124 break;
3125 case READ_10:
3126 ei_lba = 0;
3127 lba = get_unaligned_be32(cmd + 2);
3128 num = get_unaligned_be16(cmd + 7);
3129 check_prot = true;
3130 break;
3131 case READ_6:
3132 ei_lba = 0;
3133 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3134 (u32)(cmd[1] & 0x1f) << 16;
3135 num = (0 == cmd[4]) ? 256 : cmd[4];
3136 check_prot = true;
3137 break;
3138 case READ_12:
3139 ei_lba = 0;
3140 lba = get_unaligned_be32(cmd + 2);
3141 num = get_unaligned_be32(cmd + 6);
3142 check_prot = true;
3143 break;
3144 case XDWRITEREAD_10:
3145 ei_lba = 0;
3146 lba = get_unaligned_be32(cmd + 2);
3147 num = get_unaligned_be16(cmd + 7);
3148 check_prot = false;
3149 break;
3150 default: /* assume READ(32) */
3151 lba = get_unaligned_be64(cmd + 12);
3152 ei_lba = get_unaligned_be32(cmd + 20);
3153 num = get_unaligned_be32(cmd + 28);
3154 check_prot = false;
3155 break;
3156 }
3157 if (unlikely(have_dif_prot && check_prot)) {
3158 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3159 (cmd[1] & 0xe0)) {
3160 mk_sense_invalid_opcode(scp);
3161 return check_condition_result;
3162 }
3163 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3164 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3165 (cmd[1] & 0xe0) == 0)
3166 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3167 "to DIF device\n");
3168 }
3169 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3170 atomic_read(&sdeb_inject_pending))) {
3171 num /= 2;
3172 atomic_set(&sdeb_inject_pending, 0);
3173 }
3174
3175 ret = check_device_access_params(scp, lba, num, false);
3176 if (ret)
3177 return ret;
3178 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3179 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3180 ((lba + num) > sdebug_medium_error_start))) {
3181 /* claim unrecoverable read error */
3182 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3183 /* set info field and valid bit for fixed descriptor */
3184 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3185 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3186 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3187 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3188 put_unaligned_be32(ret, scp->sense_buffer + 3);
3189 }
3190 scsi_set_resid(scp, scsi_bufflen(scp));
3191 return check_condition_result;
3192 }
3193
3194 read_lock(macc_lckp);
3195
3196 /* DIX + T10 DIF */
3197 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3198 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
3199
3200 if (prot_ret) {
3201 read_unlock(macc_lckp);
3202 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
3203 return illegal_condition_result;
3204 }
3205 }
3206
3207 ret = do_device_access(sip, scp, 0, lba, num, false);
3208 read_unlock(macc_lckp);
3209 if (unlikely(ret == -1))
3210 return DID_ERROR << 16;
3211
3212 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3213
3214 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3215 atomic_read(&sdeb_inject_pending))) {
3216 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3217 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3218 atomic_set(&sdeb_inject_pending, 0);
3219 return check_condition_result;
3220 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3221 /* Logical block guard check failed */
3222 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3223 atomic_set(&sdeb_inject_pending, 0);
3224 return illegal_condition_result;
3225 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3226 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3227 atomic_set(&sdeb_inject_pending, 0);
3228 return illegal_condition_result;
3229 }
3230 }
3231 return 0;
3232 }
3233
dump_sector(unsigned char * buf,int len)3234 static void dump_sector(unsigned char *buf, int len)
3235 {
3236 int i, j, n;
3237
3238 pr_err(">>> Sector Dump <<<\n");
3239 for (i = 0 ; i < len ; i += 16) {
3240 char b[128];
3241
3242 for (j = 0, n = 0; j < 16; j++) {
3243 unsigned char c = buf[i+j];
3244
3245 if (c >= 0x20 && c < 0x7e)
3246 n += scnprintf(b + n, sizeof(b) - n,
3247 " %c ", buf[i+j]);
3248 else
3249 n += scnprintf(b + n, sizeof(b) - n,
3250 "%02x ", buf[i+j]);
3251 }
3252 pr_err("%04d: %s\n", i, b);
3253 }
3254 }
3255
prot_verify_write(struct scsi_cmnd * SCpnt,sector_t start_sec,unsigned int sectors,u32 ei_lba)3256 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3257 unsigned int sectors, u32 ei_lba)
3258 {
3259 int ret;
3260 struct t10_pi_tuple *sdt;
3261 void *daddr;
3262 sector_t sector = start_sec;
3263 int ppage_offset;
3264 int dpage_offset;
3265 struct sg_mapping_iter diter;
3266 struct sg_mapping_iter piter;
3267
3268 BUG_ON(scsi_sg_count(SCpnt) == 0);
3269 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3270
3271 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3272 scsi_prot_sg_count(SCpnt),
3273 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3274 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3275 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3276
3277 /* For each protection page */
3278 while (sg_miter_next(&piter)) {
3279 dpage_offset = 0;
3280 if (WARN_ON(!sg_miter_next(&diter))) {
3281 ret = 0x01;
3282 goto out;
3283 }
3284
3285 for (ppage_offset = 0; ppage_offset < piter.length;
3286 ppage_offset += sizeof(struct t10_pi_tuple)) {
3287 /* If we're at the end of the current
3288 * data page advance to the next one
3289 */
3290 if (dpage_offset >= diter.length) {
3291 if (WARN_ON(!sg_miter_next(&diter))) {
3292 ret = 0x01;
3293 goto out;
3294 }
3295 dpage_offset = 0;
3296 }
3297
3298 sdt = piter.addr + ppage_offset;
3299 daddr = diter.addr + dpage_offset;
3300
3301 ret = dif_verify(sdt, daddr, sector, ei_lba);
3302 if (ret) {
3303 dump_sector(daddr, sdebug_sector_size);
3304 goto out;
3305 }
3306
3307 sector++;
3308 ei_lba++;
3309 dpage_offset += sdebug_sector_size;
3310 }
3311 diter.consumed = dpage_offset;
3312 sg_miter_stop(&diter);
3313 }
3314 sg_miter_stop(&piter);
3315
3316 dif_copy_prot(SCpnt, start_sec, sectors, false);
3317 dix_writes++;
3318
3319 return 0;
3320
3321 out:
3322 dif_errors++;
3323 sg_miter_stop(&diter);
3324 sg_miter_stop(&piter);
3325 return ret;
3326 }
3327
lba_to_map_index(sector_t lba)3328 static unsigned long lba_to_map_index(sector_t lba)
3329 {
3330 if (sdebug_unmap_alignment)
3331 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3332 sector_div(lba, sdebug_unmap_granularity);
3333 return lba;
3334 }
3335
map_index_to_lba(unsigned long index)3336 static sector_t map_index_to_lba(unsigned long index)
3337 {
3338 sector_t lba = index * sdebug_unmap_granularity;
3339
3340 if (sdebug_unmap_alignment)
3341 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3342 return lba;
3343 }
3344
map_state(struct sdeb_store_info * sip,sector_t lba,unsigned int * num)3345 static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3346 unsigned int *num)
3347 {
3348 sector_t end;
3349 unsigned int mapped;
3350 unsigned long index;
3351 unsigned long next;
3352
3353 index = lba_to_map_index(lba);
3354 mapped = test_bit(index, sip->map_storep);
3355
3356 if (mapped)
3357 next = find_next_zero_bit(sip->map_storep, map_size, index);
3358 else
3359 next = find_next_bit(sip->map_storep, map_size, index);
3360
3361 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3362 *num = end - lba;
3363 return mapped;
3364 }
3365
map_region(struct sdeb_store_info * sip,sector_t lba,unsigned int len)3366 static void map_region(struct sdeb_store_info *sip, sector_t lba,
3367 unsigned int len)
3368 {
3369 sector_t end = lba + len;
3370
3371 while (lba < end) {
3372 unsigned long index = lba_to_map_index(lba);
3373
3374 if (index < map_size)
3375 set_bit(index, sip->map_storep);
3376
3377 lba = map_index_to_lba(index + 1);
3378 }
3379 }
3380
unmap_region(struct sdeb_store_info * sip,sector_t lba,unsigned int len)3381 static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3382 unsigned int len)
3383 {
3384 sector_t end = lba + len;
3385 u8 *fsp = sip->storep;
3386
3387 while (lba < end) {
3388 unsigned long index = lba_to_map_index(lba);
3389
3390 if (lba == map_index_to_lba(index) &&
3391 lba + sdebug_unmap_granularity <= end &&
3392 index < map_size) {
3393 clear_bit(index, sip->map_storep);
3394 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3395 memset(fsp + lba * sdebug_sector_size,
3396 (sdebug_lbprz & 1) ? 0 : 0xff,
3397 sdebug_sector_size *
3398 sdebug_unmap_granularity);
3399 }
3400 if (sip->dif_storep) {
3401 memset(sip->dif_storep + lba, 0xff,
3402 sizeof(*sip->dif_storep) *
3403 sdebug_unmap_granularity);
3404 }
3405 }
3406 lba = map_index_to_lba(index + 1);
3407 }
3408 }
3409
resp_write_dt0(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3410 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3411 {
3412 bool check_prot;
3413 u32 num;
3414 u32 ei_lba;
3415 int ret;
3416 u64 lba;
3417 struct sdeb_store_info *sip = devip2sip(devip, true);
3418 rwlock_t *macc_lckp = &sip->macc_lck;
3419 u8 *cmd = scp->cmnd;
3420
3421 switch (cmd[0]) {
3422 case WRITE_16:
3423 ei_lba = 0;
3424 lba = get_unaligned_be64(cmd + 2);
3425 num = get_unaligned_be32(cmd + 10);
3426 check_prot = true;
3427 break;
3428 case WRITE_10:
3429 ei_lba = 0;
3430 lba = get_unaligned_be32(cmd + 2);
3431 num = get_unaligned_be16(cmd + 7);
3432 check_prot = true;
3433 break;
3434 case WRITE_6:
3435 ei_lba = 0;
3436 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3437 (u32)(cmd[1] & 0x1f) << 16;
3438 num = (0 == cmd[4]) ? 256 : cmd[4];
3439 check_prot = true;
3440 break;
3441 case WRITE_12:
3442 ei_lba = 0;
3443 lba = get_unaligned_be32(cmd + 2);
3444 num = get_unaligned_be32(cmd + 6);
3445 check_prot = true;
3446 break;
3447 case 0x53: /* XDWRITEREAD(10) */
3448 ei_lba = 0;
3449 lba = get_unaligned_be32(cmd + 2);
3450 num = get_unaligned_be16(cmd + 7);
3451 check_prot = false;
3452 break;
3453 default: /* assume WRITE(32) */
3454 lba = get_unaligned_be64(cmd + 12);
3455 ei_lba = get_unaligned_be32(cmd + 20);
3456 num = get_unaligned_be32(cmd + 28);
3457 check_prot = false;
3458 break;
3459 }
3460 if (unlikely(have_dif_prot && check_prot)) {
3461 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3462 (cmd[1] & 0xe0)) {
3463 mk_sense_invalid_opcode(scp);
3464 return check_condition_result;
3465 }
3466 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3467 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3468 (cmd[1] & 0xe0) == 0)
3469 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3470 "to DIF device\n");
3471 }
3472
3473 write_lock(macc_lckp);
3474 ret = check_device_access_params(scp, lba, num, true);
3475 if (ret) {
3476 write_unlock(macc_lckp);
3477 return ret;
3478 }
3479
3480 /* DIX + T10 DIF */
3481 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3482 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3483
3484 if (prot_ret) {
3485 write_unlock(macc_lckp);
3486 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3487 return illegal_condition_result;
3488 }
3489 }
3490
3491 ret = do_device_access(sip, scp, 0, lba, num, true);
3492 if (unlikely(scsi_debug_lbp()))
3493 map_region(sip, lba, num);
3494 /* If ZBC zone then bump its write pointer */
3495 if (sdebug_dev_is_zoned(devip))
3496 zbc_inc_wp(devip, lba, num);
3497 write_unlock(macc_lckp);
3498 if (unlikely(-1 == ret))
3499 return DID_ERROR << 16;
3500 else if (unlikely(sdebug_verbose &&
3501 (ret < (num * sdebug_sector_size))))
3502 sdev_printk(KERN_INFO, scp->device,
3503 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3504 my_name, num * sdebug_sector_size, ret);
3505
3506 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3507 atomic_read(&sdeb_inject_pending))) {
3508 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3509 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3510 atomic_set(&sdeb_inject_pending, 0);
3511 return check_condition_result;
3512 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3513 /* Logical block guard check failed */
3514 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3515 atomic_set(&sdeb_inject_pending, 0);
3516 return illegal_condition_result;
3517 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3518 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3519 atomic_set(&sdeb_inject_pending, 0);
3520 return illegal_condition_result;
3521 }
3522 }
3523 return 0;
3524 }
3525
3526 /*
3527 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3528 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3529 */
resp_write_scat(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3530 static int resp_write_scat(struct scsi_cmnd *scp,
3531 struct sdebug_dev_info *devip)
3532 {
3533 u8 *cmd = scp->cmnd;
3534 u8 *lrdp = NULL;
3535 u8 *up;
3536 struct sdeb_store_info *sip = devip2sip(devip, true);
3537 rwlock_t *macc_lckp = &sip->macc_lck;
3538 u8 wrprotect;
3539 u16 lbdof, num_lrd, k;
3540 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3541 u32 lb_size = sdebug_sector_size;
3542 u32 ei_lba;
3543 u64 lba;
3544 int ret, res;
3545 bool is_16;
3546 static const u32 lrd_size = 32; /* + parameter list header size */
3547
3548 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3549 is_16 = false;
3550 wrprotect = (cmd[10] >> 5) & 0x7;
3551 lbdof = get_unaligned_be16(cmd + 12);
3552 num_lrd = get_unaligned_be16(cmd + 16);
3553 bt_len = get_unaligned_be32(cmd + 28);
3554 } else { /* that leaves WRITE SCATTERED(16) */
3555 is_16 = true;
3556 wrprotect = (cmd[2] >> 5) & 0x7;
3557 lbdof = get_unaligned_be16(cmd + 4);
3558 num_lrd = get_unaligned_be16(cmd + 8);
3559 bt_len = get_unaligned_be32(cmd + 10);
3560 if (unlikely(have_dif_prot)) {
3561 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3562 wrprotect) {
3563 mk_sense_invalid_opcode(scp);
3564 return illegal_condition_result;
3565 }
3566 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3567 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3568 wrprotect == 0)
3569 sdev_printk(KERN_ERR, scp->device,
3570 "Unprotected WR to DIF device\n");
3571 }
3572 }
3573 if ((num_lrd == 0) || (bt_len == 0))
3574 return 0; /* T10 says these do-nothings are not errors */
3575 if (lbdof == 0) {
3576 if (sdebug_verbose)
3577 sdev_printk(KERN_INFO, scp->device,
3578 "%s: %s: LB Data Offset field bad\n",
3579 my_name, __func__);
3580 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3581 return illegal_condition_result;
3582 }
3583 lbdof_blen = lbdof * lb_size;
3584 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3585 if (sdebug_verbose)
3586 sdev_printk(KERN_INFO, scp->device,
3587 "%s: %s: LBA range descriptors don't fit\n",
3588 my_name, __func__);
3589 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3590 return illegal_condition_result;
3591 }
3592 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3593 if (lrdp == NULL)
3594 return SCSI_MLQUEUE_HOST_BUSY;
3595 if (sdebug_verbose)
3596 sdev_printk(KERN_INFO, scp->device,
3597 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3598 my_name, __func__, lbdof_blen);
3599 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3600 if (res == -1) {
3601 ret = DID_ERROR << 16;
3602 goto err_out;
3603 }
3604
3605 write_lock(macc_lckp);
3606 sg_off = lbdof_blen;
3607 /* Spec says Buffer xfer Length field in number of LBs in dout */
3608 cum_lb = 0;
3609 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3610 lba = get_unaligned_be64(up + 0);
3611 num = get_unaligned_be32(up + 8);
3612 if (sdebug_verbose)
3613 sdev_printk(KERN_INFO, scp->device,
3614 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3615 my_name, __func__, k, lba, num, sg_off);
3616 if (num == 0)
3617 continue;
3618 ret = check_device_access_params(scp, lba, num, true);
3619 if (ret)
3620 goto err_out_unlock;
3621 num_by = num * lb_size;
3622 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3623
3624 if ((cum_lb + num) > bt_len) {
3625 if (sdebug_verbose)
3626 sdev_printk(KERN_INFO, scp->device,
3627 "%s: %s: sum of blocks > data provided\n",
3628 my_name, __func__);
3629 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3630 0);
3631 ret = illegal_condition_result;
3632 goto err_out_unlock;
3633 }
3634
3635 /* DIX + T10 DIF */
3636 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3637 int prot_ret = prot_verify_write(scp, lba, num,
3638 ei_lba);
3639
3640 if (prot_ret) {
3641 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3642 prot_ret);
3643 ret = illegal_condition_result;
3644 goto err_out_unlock;
3645 }
3646 }
3647
3648 ret = do_device_access(sip, scp, sg_off, lba, num, true);
3649 /* If ZBC zone then bump its write pointer */
3650 if (sdebug_dev_is_zoned(devip))
3651 zbc_inc_wp(devip, lba, num);
3652 if (unlikely(scsi_debug_lbp()))
3653 map_region(sip, lba, num);
3654 if (unlikely(-1 == ret)) {
3655 ret = DID_ERROR << 16;
3656 goto err_out_unlock;
3657 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3658 sdev_printk(KERN_INFO, scp->device,
3659 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3660 my_name, num_by, ret);
3661
3662 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3663 atomic_read(&sdeb_inject_pending))) {
3664 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3665 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3666 atomic_set(&sdeb_inject_pending, 0);
3667 ret = check_condition_result;
3668 goto err_out_unlock;
3669 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3670 /* Logical block guard check failed */
3671 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3672 atomic_set(&sdeb_inject_pending, 0);
3673 ret = illegal_condition_result;
3674 goto err_out_unlock;
3675 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3676 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3677 atomic_set(&sdeb_inject_pending, 0);
3678 ret = illegal_condition_result;
3679 goto err_out_unlock;
3680 }
3681 }
3682 sg_off += num_by;
3683 cum_lb += num;
3684 }
3685 ret = 0;
3686 err_out_unlock:
3687 write_unlock(macc_lckp);
3688 err_out:
3689 kfree(lrdp);
3690 return ret;
3691 }
3692
resp_write_same(struct scsi_cmnd * scp,u64 lba,u32 num,u32 ei_lba,bool unmap,bool ndob)3693 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3694 u32 ei_lba, bool unmap, bool ndob)
3695 {
3696 struct scsi_device *sdp = scp->device;
3697 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3698 unsigned long long i;
3699 u64 block, lbaa;
3700 u32 lb_size = sdebug_sector_size;
3701 int ret;
3702 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3703 scp->device->hostdata, true);
3704 rwlock_t *macc_lckp = &sip->macc_lck;
3705 u8 *fs1p;
3706 u8 *fsp;
3707
3708 write_lock(macc_lckp);
3709
3710 ret = check_device_access_params(scp, lba, num, true);
3711 if (ret) {
3712 write_unlock(macc_lckp);
3713 return ret;
3714 }
3715
3716 if (unmap && scsi_debug_lbp()) {
3717 unmap_region(sip, lba, num);
3718 goto out;
3719 }
3720 lbaa = lba;
3721 block = do_div(lbaa, sdebug_store_sectors);
3722 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3723 fsp = sip->storep;
3724 fs1p = fsp + (block * lb_size);
3725 if (ndob) {
3726 memset(fs1p, 0, lb_size);
3727 ret = 0;
3728 } else
3729 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3730
3731 if (-1 == ret) {
3732 write_unlock(&sip->macc_lck);
3733 return DID_ERROR << 16;
3734 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3735 sdev_printk(KERN_INFO, scp->device,
3736 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3737 my_name, "write same", lb_size, ret);
3738
3739 /* Copy first sector to remaining blocks */
3740 for (i = 1 ; i < num ; i++) {
3741 lbaa = lba + i;
3742 block = do_div(lbaa, sdebug_store_sectors);
3743 memmove(fsp + (block * lb_size), fs1p, lb_size);
3744 }
3745 if (scsi_debug_lbp())
3746 map_region(sip, lba, num);
3747 /* If ZBC zone then bump its write pointer */
3748 if (sdebug_dev_is_zoned(devip))
3749 zbc_inc_wp(devip, lba, num);
3750 out:
3751 write_unlock(macc_lckp);
3752
3753 return 0;
3754 }
3755
resp_write_same_10(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3756 static int resp_write_same_10(struct scsi_cmnd *scp,
3757 struct sdebug_dev_info *devip)
3758 {
3759 u8 *cmd = scp->cmnd;
3760 u32 lba;
3761 u16 num;
3762 u32 ei_lba = 0;
3763 bool unmap = false;
3764
3765 if (cmd[1] & 0x8) {
3766 if (sdebug_lbpws10 == 0) {
3767 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3768 return check_condition_result;
3769 } else
3770 unmap = true;
3771 }
3772 lba = get_unaligned_be32(cmd + 2);
3773 num = get_unaligned_be16(cmd + 7);
3774 if (num > sdebug_write_same_length) {
3775 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3776 return check_condition_result;
3777 }
3778 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3779 }
3780
resp_write_same_16(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3781 static int resp_write_same_16(struct scsi_cmnd *scp,
3782 struct sdebug_dev_info *devip)
3783 {
3784 u8 *cmd = scp->cmnd;
3785 u64 lba;
3786 u32 num;
3787 u32 ei_lba = 0;
3788 bool unmap = false;
3789 bool ndob = false;
3790
3791 if (cmd[1] & 0x8) { /* UNMAP */
3792 if (sdebug_lbpws == 0) {
3793 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3794 return check_condition_result;
3795 } else
3796 unmap = true;
3797 }
3798 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3799 ndob = true;
3800 lba = get_unaligned_be64(cmd + 2);
3801 num = get_unaligned_be32(cmd + 10);
3802 if (num > sdebug_write_same_length) {
3803 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3804 return check_condition_result;
3805 }
3806 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3807 }
3808
3809 /* Note the mode field is in the same position as the (lower) service action
3810 * field. For the Report supported operation codes command, SPC-4 suggests
3811 * each mode of this command should be reported separately; for future. */
resp_write_buffer(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3812 static int resp_write_buffer(struct scsi_cmnd *scp,
3813 struct sdebug_dev_info *devip)
3814 {
3815 u8 *cmd = scp->cmnd;
3816 struct scsi_device *sdp = scp->device;
3817 struct sdebug_dev_info *dp;
3818 u8 mode;
3819
3820 mode = cmd[1] & 0x1f;
3821 switch (mode) {
3822 case 0x4: /* download microcode (MC) and activate (ACT) */
3823 /* set UAs on this device only */
3824 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3825 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3826 break;
3827 case 0x5: /* download MC, save and ACT */
3828 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3829 break;
3830 case 0x6: /* download MC with offsets and ACT */
3831 /* set UAs on most devices (LUs) in this target */
3832 list_for_each_entry(dp,
3833 &devip->sdbg_host->dev_info_list,
3834 dev_list)
3835 if (dp->target == sdp->id) {
3836 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3837 if (devip != dp)
3838 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3839 dp->uas_bm);
3840 }
3841 break;
3842 case 0x7: /* download MC with offsets, save, and ACT */
3843 /* set UA on all devices (LUs) in this target */
3844 list_for_each_entry(dp,
3845 &devip->sdbg_host->dev_info_list,
3846 dev_list)
3847 if (dp->target == sdp->id)
3848 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3849 dp->uas_bm);
3850 break;
3851 default:
3852 /* do nothing for this command for other mode values */
3853 break;
3854 }
3855 return 0;
3856 }
3857
resp_comp_write(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3858 static int resp_comp_write(struct scsi_cmnd *scp,
3859 struct sdebug_dev_info *devip)
3860 {
3861 u8 *cmd = scp->cmnd;
3862 u8 *arr;
3863 struct sdeb_store_info *sip = devip2sip(devip, true);
3864 rwlock_t *macc_lckp = &sip->macc_lck;
3865 u64 lba;
3866 u32 dnum;
3867 u32 lb_size = sdebug_sector_size;
3868 u8 num;
3869 int ret;
3870 int retval = 0;
3871
3872 lba = get_unaligned_be64(cmd + 2);
3873 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3874 if (0 == num)
3875 return 0; /* degenerate case, not an error */
3876 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3877 (cmd[1] & 0xe0)) {
3878 mk_sense_invalid_opcode(scp);
3879 return check_condition_result;
3880 }
3881 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3882 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3883 (cmd[1] & 0xe0) == 0)
3884 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3885 "to DIF device\n");
3886 ret = check_device_access_params(scp, lba, num, false);
3887 if (ret)
3888 return ret;
3889 dnum = 2 * num;
3890 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3891 if (NULL == arr) {
3892 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3893 INSUFF_RES_ASCQ);
3894 return check_condition_result;
3895 }
3896
3897 write_lock(macc_lckp);
3898
3899 ret = do_dout_fetch(scp, dnum, arr);
3900 if (ret == -1) {
3901 retval = DID_ERROR << 16;
3902 goto cleanup;
3903 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3904 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3905 "indicated=%u, IO sent=%d bytes\n", my_name,
3906 dnum * lb_size, ret);
3907 if (!comp_write_worker(sip, lba, num, arr, false)) {
3908 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3909 retval = check_condition_result;
3910 goto cleanup;
3911 }
3912 if (scsi_debug_lbp())
3913 map_region(sip, lba, num);
3914 cleanup:
3915 write_unlock(macc_lckp);
3916 kfree(arr);
3917 return retval;
3918 }
3919
3920 struct unmap_block_desc {
3921 __be64 lba;
3922 __be32 blocks;
3923 __be32 __reserved;
3924 };
3925
resp_unmap(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3926 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3927 {
3928 unsigned char *buf;
3929 struct unmap_block_desc *desc;
3930 struct sdeb_store_info *sip = devip2sip(devip, true);
3931 rwlock_t *macc_lckp = &sip->macc_lck;
3932 unsigned int i, payload_len, descriptors;
3933 int ret;
3934
3935 if (!scsi_debug_lbp())
3936 return 0; /* fib and say its done */
3937 payload_len = get_unaligned_be16(scp->cmnd + 7);
3938 BUG_ON(scsi_bufflen(scp) != payload_len);
3939
3940 descriptors = (payload_len - 8) / 16;
3941 if (descriptors > sdebug_unmap_max_desc) {
3942 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3943 return check_condition_result;
3944 }
3945
3946 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3947 if (!buf) {
3948 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3949 INSUFF_RES_ASCQ);
3950 return check_condition_result;
3951 }
3952
3953 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3954
3955 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3956 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3957
3958 desc = (void *)&buf[8];
3959
3960 write_lock(macc_lckp);
3961
3962 for (i = 0 ; i < descriptors ; i++) {
3963 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3964 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3965
3966 ret = check_device_access_params(scp, lba, num, true);
3967 if (ret)
3968 goto out;
3969
3970 unmap_region(sip, lba, num);
3971 }
3972
3973 ret = 0;
3974
3975 out:
3976 write_unlock(macc_lckp);
3977 kfree(buf);
3978
3979 return ret;
3980 }
3981
3982 #define SDEBUG_GET_LBA_STATUS_LEN 32
3983
resp_get_lba_status(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3984 static int resp_get_lba_status(struct scsi_cmnd *scp,
3985 struct sdebug_dev_info *devip)
3986 {
3987 u8 *cmd = scp->cmnd;
3988 u64 lba;
3989 u32 alloc_len, mapped, num;
3990 int ret;
3991 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3992
3993 lba = get_unaligned_be64(cmd + 2);
3994 alloc_len = get_unaligned_be32(cmd + 10);
3995
3996 if (alloc_len < 24)
3997 return 0;
3998
3999 ret = check_device_access_params(scp, lba, 1, false);
4000 if (ret)
4001 return ret;
4002
4003 if (scsi_debug_lbp()) {
4004 struct sdeb_store_info *sip = devip2sip(devip, true);
4005
4006 mapped = map_state(sip, lba, &num);
4007 } else {
4008 mapped = 1;
4009 /* following just in case virtual_gb changed */
4010 sdebug_capacity = get_sdebug_capacity();
4011 if (sdebug_capacity - lba <= 0xffffffff)
4012 num = sdebug_capacity - lba;
4013 else
4014 num = 0xffffffff;
4015 }
4016
4017 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4018 put_unaligned_be32(20, arr); /* Parameter Data Length */
4019 put_unaligned_be64(lba, arr + 8); /* LBA */
4020 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4021 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4022
4023 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4024 }
4025
resp_sync_cache(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4026 static int resp_sync_cache(struct scsi_cmnd *scp,
4027 struct sdebug_dev_info *devip)
4028 {
4029 int res = 0;
4030 u64 lba;
4031 u32 num_blocks;
4032 u8 *cmd = scp->cmnd;
4033
4034 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4035 lba = get_unaligned_be32(cmd + 2);
4036 num_blocks = get_unaligned_be16(cmd + 7);
4037 } else { /* SYNCHRONIZE_CACHE(16) */
4038 lba = get_unaligned_be64(cmd + 2);
4039 num_blocks = get_unaligned_be32(cmd + 10);
4040 }
4041 if (lba + num_blocks > sdebug_capacity) {
4042 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4043 return check_condition_result;
4044 }
4045 if (!write_since_sync || (cmd[1] & 0x2))
4046 res = SDEG_RES_IMMED_MASK;
4047 else /* delay if write_since_sync and IMMED clear */
4048 write_since_sync = false;
4049 return res;
4050 }
4051
4052 /*
4053 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4054 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4055 * a GOOD status otherwise. Model a disk with a big cache and yield
4056 * CONDITION MET. Actually tries to bring range in main memory into the
4057 * cache associated with the CPU(s).
4058 */
resp_pre_fetch(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4059 static int resp_pre_fetch(struct scsi_cmnd *scp,
4060 struct sdebug_dev_info *devip)
4061 {
4062 int res = 0;
4063 u64 lba;
4064 u64 block, rest = 0;
4065 u32 nblks;
4066 u8 *cmd = scp->cmnd;
4067 struct sdeb_store_info *sip = devip2sip(devip, true);
4068 rwlock_t *macc_lckp = &sip->macc_lck;
4069 u8 *fsp = sip->storep;
4070
4071 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4072 lba = get_unaligned_be32(cmd + 2);
4073 nblks = get_unaligned_be16(cmd + 7);
4074 } else { /* PRE-FETCH(16) */
4075 lba = get_unaligned_be64(cmd + 2);
4076 nblks = get_unaligned_be32(cmd + 10);
4077 }
4078 if (lba + nblks > sdebug_capacity) {
4079 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4080 return check_condition_result;
4081 }
4082 if (!fsp)
4083 goto fini;
4084 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4085 block = do_div(lba, sdebug_store_sectors);
4086 if (block + nblks > sdebug_store_sectors)
4087 rest = block + nblks - sdebug_store_sectors;
4088
4089 /* Try to bring the PRE-FETCH range into CPU's cache */
4090 read_lock(macc_lckp);
4091 prefetch_range(fsp + (sdebug_sector_size * block),
4092 (nblks - rest) * sdebug_sector_size);
4093 if (rest)
4094 prefetch_range(fsp, rest * sdebug_sector_size);
4095 read_unlock(macc_lckp);
4096 fini:
4097 if (cmd[1] & 0x2)
4098 res = SDEG_RES_IMMED_MASK;
4099 return res | condition_met_result;
4100 }
4101
4102 #define RL_BUCKET_ELEMS 8
4103
4104 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4105 * (W-LUN), the normal Linux scanning logic does not associate it with a
4106 * device (e.g. /dev/sg7). The following magic will make that association:
4107 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4108 * where <n> is a host number. If there are multiple targets in a host then
4109 * the above will associate a W-LUN to each target. To only get a W-LUN
4110 * for target 2, then use "echo '- 2 49409' > scan" .
4111 */
resp_report_luns(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4112 static int resp_report_luns(struct scsi_cmnd *scp,
4113 struct sdebug_dev_info *devip)
4114 {
4115 unsigned char *cmd = scp->cmnd;
4116 unsigned int alloc_len;
4117 unsigned char select_report;
4118 u64 lun;
4119 struct scsi_lun *lun_p;
4120 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4121 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4122 unsigned int wlun_cnt; /* report luns W-LUN count */
4123 unsigned int tlun_cnt; /* total LUN count */
4124 unsigned int rlen; /* response length (in bytes) */
4125 int k, j, n, res;
4126 unsigned int off_rsp = 0;
4127 const int sz_lun = sizeof(struct scsi_lun);
4128
4129 clear_luns_changed_on_target(devip);
4130
4131 select_report = cmd[2];
4132 alloc_len = get_unaligned_be32(cmd + 6);
4133
4134 if (alloc_len < 4) {
4135 pr_err("alloc len too small %d\n", alloc_len);
4136 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4137 return check_condition_result;
4138 }
4139
4140 switch (select_report) {
4141 case 0: /* all LUNs apart from W-LUNs */
4142 lun_cnt = sdebug_max_luns;
4143 wlun_cnt = 0;
4144 break;
4145 case 1: /* only W-LUNs */
4146 lun_cnt = 0;
4147 wlun_cnt = 1;
4148 break;
4149 case 2: /* all LUNs */
4150 lun_cnt = sdebug_max_luns;
4151 wlun_cnt = 1;
4152 break;
4153 case 0x10: /* only administrative LUs */
4154 case 0x11: /* see SPC-5 */
4155 case 0x12: /* only subsiduary LUs owned by referenced LU */
4156 default:
4157 pr_debug("select report invalid %d\n", select_report);
4158 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4159 return check_condition_result;
4160 }
4161
4162 if (sdebug_no_lun_0 && (lun_cnt > 0))
4163 --lun_cnt;
4164
4165 tlun_cnt = lun_cnt + wlun_cnt;
4166 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4167 scsi_set_resid(scp, scsi_bufflen(scp));
4168 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4169 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4170
4171 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4172 lun = sdebug_no_lun_0 ? 1 : 0;
4173 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4174 memset(arr, 0, sizeof(arr));
4175 lun_p = (struct scsi_lun *)&arr[0];
4176 if (k == 0) {
4177 put_unaligned_be32(rlen, &arr[0]);
4178 ++lun_p;
4179 j = 1;
4180 }
4181 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4182 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4183 break;
4184 int_to_scsilun(lun++, lun_p);
4185 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4186 lun_p->scsi_lun[0] |= 0x40;
4187 }
4188 if (j < RL_BUCKET_ELEMS)
4189 break;
4190 n = j * sz_lun;
4191 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4192 if (res)
4193 return res;
4194 off_rsp += n;
4195 }
4196 if (wlun_cnt) {
4197 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4198 ++j;
4199 }
4200 if (j > 0)
4201 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4202 return res;
4203 }
4204
resp_verify(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4205 static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4206 {
4207 bool is_bytchk3 = false;
4208 u8 bytchk;
4209 int ret, j;
4210 u32 vnum, a_num, off;
4211 const u32 lb_size = sdebug_sector_size;
4212 u64 lba;
4213 u8 *arr;
4214 u8 *cmd = scp->cmnd;
4215 struct sdeb_store_info *sip = devip2sip(devip, true);
4216 rwlock_t *macc_lckp = &sip->macc_lck;
4217
4218 bytchk = (cmd[1] >> 1) & 0x3;
4219 if (bytchk == 0) {
4220 return 0; /* always claim internal verify okay */
4221 } else if (bytchk == 2) {
4222 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4223 return check_condition_result;
4224 } else if (bytchk == 3) {
4225 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4226 }
4227 switch (cmd[0]) {
4228 case VERIFY_16:
4229 lba = get_unaligned_be64(cmd + 2);
4230 vnum = get_unaligned_be32(cmd + 10);
4231 break;
4232 case VERIFY: /* is VERIFY(10) */
4233 lba = get_unaligned_be32(cmd + 2);
4234 vnum = get_unaligned_be16(cmd + 7);
4235 break;
4236 default:
4237 mk_sense_invalid_opcode(scp);
4238 return check_condition_result;
4239 }
4240 a_num = is_bytchk3 ? 1 : vnum;
4241 /* Treat following check like one for read (i.e. no write) access */
4242 ret = check_device_access_params(scp, lba, a_num, false);
4243 if (ret)
4244 return ret;
4245
4246 arr = kcalloc(lb_size, vnum, GFP_ATOMIC);
4247 if (!arr) {
4248 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4249 INSUFF_RES_ASCQ);
4250 return check_condition_result;
4251 }
4252 /* Not changing store, so only need read access */
4253 read_lock(macc_lckp);
4254
4255 ret = do_dout_fetch(scp, a_num, arr);
4256 if (ret == -1) {
4257 ret = DID_ERROR << 16;
4258 goto cleanup;
4259 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4260 sdev_printk(KERN_INFO, scp->device,
4261 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4262 my_name, __func__, a_num * lb_size, ret);
4263 }
4264 if (is_bytchk3) {
4265 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4266 memcpy(arr + off, arr, lb_size);
4267 }
4268 ret = 0;
4269 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4270 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4271 ret = check_condition_result;
4272 goto cleanup;
4273 }
4274 cleanup:
4275 read_unlock(macc_lckp);
4276 kfree(arr);
4277 return ret;
4278 }
4279
4280 #define RZONES_DESC_HD 64
4281
4282 /* Report zones depending on start LBA nad reporting options */
resp_report_zones(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4283 static int resp_report_zones(struct scsi_cmnd *scp,
4284 struct sdebug_dev_info *devip)
4285 {
4286 unsigned int i, max_zones, rep_max_zones, nrz = 0;
4287 int ret = 0;
4288 u32 alloc_len, rep_opts, rep_len;
4289 bool partial;
4290 u64 lba, zs_lba;
4291 u8 *arr = NULL, *desc;
4292 u8 *cmd = scp->cmnd;
4293 struct sdeb_zone_state *zsp;
4294 struct sdeb_store_info *sip = devip2sip(devip, false);
4295 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4296
4297 if (!sdebug_dev_is_zoned(devip)) {
4298 mk_sense_invalid_opcode(scp);
4299 return check_condition_result;
4300 }
4301 zs_lba = get_unaligned_be64(cmd + 2);
4302 alloc_len = get_unaligned_be32(cmd + 10);
4303 rep_opts = cmd[14] & 0x3f;
4304 partial = cmd[14] & 0x80;
4305
4306 if (zs_lba >= sdebug_capacity) {
4307 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4308 return check_condition_result;
4309 }
4310
4311 max_zones = devip->nr_zones - (zs_lba >> devip->zsize_shift);
4312 rep_max_zones = min((alloc_len - 64) >> ilog2(RZONES_DESC_HD),
4313 max_zones);
4314
4315 arr = kcalloc(RZONES_DESC_HD, alloc_len, GFP_ATOMIC);
4316 if (!arr) {
4317 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4318 INSUFF_RES_ASCQ);
4319 return check_condition_result;
4320 }
4321
4322 read_lock(macc_lckp);
4323
4324 desc = arr + 64;
4325 for (i = 0; i < max_zones; i++) {
4326 lba = zs_lba + devip->zsize * i;
4327 if (lba > sdebug_capacity)
4328 break;
4329 zsp = zbc_zone(devip, lba);
4330 switch (rep_opts) {
4331 case 0x00:
4332 /* All zones */
4333 break;
4334 case 0x01:
4335 /* Empty zones */
4336 if (zsp->z_cond != ZC1_EMPTY)
4337 continue;
4338 break;
4339 case 0x02:
4340 /* Implicit open zones */
4341 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4342 continue;
4343 break;
4344 case 0x03:
4345 /* Explicit open zones */
4346 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4347 continue;
4348 break;
4349 case 0x04:
4350 /* Closed zones */
4351 if (zsp->z_cond != ZC4_CLOSED)
4352 continue;
4353 break;
4354 case 0x05:
4355 /* Full zones */
4356 if (zsp->z_cond != ZC5_FULL)
4357 continue;
4358 break;
4359 case 0x06:
4360 case 0x07:
4361 case 0x10:
4362 /*
4363 * Read-only, offline, reset WP recommended are
4364 * not emulated: no zones to report;
4365 */
4366 continue;
4367 case 0x11:
4368 /* non-seq-resource set */
4369 if (!zsp->z_non_seq_resource)
4370 continue;
4371 break;
4372 case 0x3f:
4373 /* Not write pointer (conventional) zones */
4374 if (!zbc_zone_is_conv(zsp))
4375 continue;
4376 break;
4377 default:
4378 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4379 INVALID_FIELD_IN_CDB, 0);
4380 ret = check_condition_result;
4381 goto fini;
4382 }
4383
4384 if (nrz < rep_max_zones) {
4385 /* Fill zone descriptor */
4386 desc[0] = zsp->z_type;
4387 desc[1] = zsp->z_cond << 4;
4388 if (zsp->z_non_seq_resource)
4389 desc[1] |= 1 << 1;
4390 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4391 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4392 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4393 desc += 64;
4394 }
4395
4396 if (partial && nrz >= rep_max_zones)
4397 break;
4398
4399 nrz++;
4400 }
4401
4402 /* Report header */
4403 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4404 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4405
4406 rep_len = (unsigned long)desc - (unsigned long)arr;
4407 ret = fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, rep_len));
4408
4409 fini:
4410 read_unlock(macc_lckp);
4411 kfree(arr);
4412 return ret;
4413 }
4414
4415 /* Logic transplanted from tcmu-runner, file_zbc.c */
zbc_open_all(struct sdebug_dev_info * devip)4416 static void zbc_open_all(struct sdebug_dev_info *devip)
4417 {
4418 struct sdeb_zone_state *zsp = &devip->zstate[0];
4419 unsigned int i;
4420
4421 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4422 if (zsp->z_cond == ZC4_CLOSED)
4423 zbc_open_zone(devip, &devip->zstate[i], true);
4424 }
4425 }
4426
resp_open_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4427 static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4428 {
4429 int res = 0;
4430 u64 z_id;
4431 enum sdebug_z_cond zc;
4432 u8 *cmd = scp->cmnd;
4433 struct sdeb_zone_state *zsp;
4434 bool all = cmd[14] & 0x01;
4435 struct sdeb_store_info *sip = devip2sip(devip, false);
4436 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4437
4438 if (!sdebug_dev_is_zoned(devip)) {
4439 mk_sense_invalid_opcode(scp);
4440 return check_condition_result;
4441 }
4442
4443 write_lock(macc_lckp);
4444
4445 if (all) {
4446 /* Check if all closed zones can be open */
4447 if (devip->max_open &&
4448 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4449 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4450 INSUFF_ZONE_ASCQ);
4451 res = check_condition_result;
4452 goto fini;
4453 }
4454 /* Open all closed zones */
4455 zbc_open_all(devip);
4456 goto fini;
4457 }
4458
4459 /* Open the specified zone */
4460 z_id = get_unaligned_be64(cmd + 2);
4461 if (z_id >= sdebug_capacity) {
4462 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4463 res = check_condition_result;
4464 goto fini;
4465 }
4466
4467 zsp = zbc_zone(devip, z_id);
4468 if (z_id != zsp->z_start) {
4469 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4470 res = check_condition_result;
4471 goto fini;
4472 }
4473 if (zbc_zone_is_conv(zsp)) {
4474 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4475 res = check_condition_result;
4476 goto fini;
4477 }
4478
4479 zc = zsp->z_cond;
4480 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4481 goto fini;
4482
4483 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4484 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4485 INSUFF_ZONE_ASCQ);
4486 res = check_condition_result;
4487 goto fini;
4488 }
4489
4490 zbc_open_zone(devip, zsp, true);
4491 fini:
4492 write_unlock(macc_lckp);
4493 return res;
4494 }
4495
zbc_close_all(struct sdebug_dev_info * devip)4496 static void zbc_close_all(struct sdebug_dev_info *devip)
4497 {
4498 unsigned int i;
4499
4500 for (i = 0; i < devip->nr_zones; i++)
4501 zbc_close_zone(devip, &devip->zstate[i]);
4502 }
4503
resp_close_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4504 static int resp_close_zone(struct scsi_cmnd *scp,
4505 struct sdebug_dev_info *devip)
4506 {
4507 int res = 0;
4508 u64 z_id;
4509 u8 *cmd = scp->cmnd;
4510 struct sdeb_zone_state *zsp;
4511 bool all = cmd[14] & 0x01;
4512 struct sdeb_store_info *sip = devip2sip(devip, false);
4513 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4514
4515 if (!sdebug_dev_is_zoned(devip)) {
4516 mk_sense_invalid_opcode(scp);
4517 return check_condition_result;
4518 }
4519
4520 write_lock(macc_lckp);
4521
4522 if (all) {
4523 zbc_close_all(devip);
4524 goto fini;
4525 }
4526
4527 /* Close specified zone */
4528 z_id = get_unaligned_be64(cmd + 2);
4529 if (z_id >= sdebug_capacity) {
4530 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4531 res = check_condition_result;
4532 goto fini;
4533 }
4534
4535 zsp = zbc_zone(devip, z_id);
4536 if (z_id != zsp->z_start) {
4537 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4538 res = check_condition_result;
4539 goto fini;
4540 }
4541 if (zbc_zone_is_conv(zsp)) {
4542 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4543 res = check_condition_result;
4544 goto fini;
4545 }
4546
4547 zbc_close_zone(devip, zsp);
4548 fini:
4549 write_unlock(macc_lckp);
4550 return res;
4551 }
4552
zbc_finish_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp,bool empty)4553 static void zbc_finish_zone(struct sdebug_dev_info *devip,
4554 struct sdeb_zone_state *zsp, bool empty)
4555 {
4556 enum sdebug_z_cond zc = zsp->z_cond;
4557
4558 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
4559 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
4560 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4561 zbc_close_zone(devip, zsp);
4562 if (zsp->z_cond == ZC4_CLOSED)
4563 devip->nr_closed--;
4564 zsp->z_wp = zsp->z_start + zsp->z_size;
4565 zsp->z_cond = ZC5_FULL;
4566 }
4567 }
4568
zbc_finish_all(struct sdebug_dev_info * devip)4569 static void zbc_finish_all(struct sdebug_dev_info *devip)
4570 {
4571 unsigned int i;
4572
4573 for (i = 0; i < devip->nr_zones; i++)
4574 zbc_finish_zone(devip, &devip->zstate[i], false);
4575 }
4576
resp_finish_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4577 static int resp_finish_zone(struct scsi_cmnd *scp,
4578 struct sdebug_dev_info *devip)
4579 {
4580 struct sdeb_zone_state *zsp;
4581 int res = 0;
4582 u64 z_id;
4583 u8 *cmd = scp->cmnd;
4584 bool all = cmd[14] & 0x01;
4585 struct sdeb_store_info *sip = devip2sip(devip, false);
4586 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4587
4588 if (!sdebug_dev_is_zoned(devip)) {
4589 mk_sense_invalid_opcode(scp);
4590 return check_condition_result;
4591 }
4592
4593 write_lock(macc_lckp);
4594
4595 if (all) {
4596 zbc_finish_all(devip);
4597 goto fini;
4598 }
4599
4600 /* Finish the specified zone */
4601 z_id = get_unaligned_be64(cmd + 2);
4602 if (z_id >= sdebug_capacity) {
4603 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4604 res = check_condition_result;
4605 goto fini;
4606 }
4607
4608 zsp = zbc_zone(devip, z_id);
4609 if (z_id != zsp->z_start) {
4610 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4611 res = check_condition_result;
4612 goto fini;
4613 }
4614 if (zbc_zone_is_conv(zsp)) {
4615 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4616 res = check_condition_result;
4617 goto fini;
4618 }
4619
4620 zbc_finish_zone(devip, zsp, true);
4621 fini:
4622 write_unlock(macc_lckp);
4623 return res;
4624 }
4625
zbc_rwp_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp)4626 static void zbc_rwp_zone(struct sdebug_dev_info *devip,
4627 struct sdeb_zone_state *zsp)
4628 {
4629 enum sdebug_z_cond zc;
4630
4631 if (zbc_zone_is_conv(zsp))
4632 return;
4633
4634 zc = zsp->z_cond;
4635 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4636 zbc_close_zone(devip, zsp);
4637
4638 if (zsp->z_cond == ZC4_CLOSED)
4639 devip->nr_closed--;
4640
4641 zsp->z_non_seq_resource = false;
4642 zsp->z_wp = zsp->z_start;
4643 zsp->z_cond = ZC1_EMPTY;
4644 }
4645
zbc_rwp_all(struct sdebug_dev_info * devip)4646 static void zbc_rwp_all(struct sdebug_dev_info *devip)
4647 {
4648 unsigned int i;
4649
4650 for (i = 0; i < devip->nr_zones; i++)
4651 zbc_rwp_zone(devip, &devip->zstate[i]);
4652 }
4653
resp_rwp_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4654 static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4655 {
4656 struct sdeb_zone_state *zsp;
4657 int res = 0;
4658 u64 z_id;
4659 u8 *cmd = scp->cmnd;
4660 bool all = cmd[14] & 0x01;
4661 struct sdeb_store_info *sip = devip2sip(devip, false);
4662 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4663
4664 if (!sdebug_dev_is_zoned(devip)) {
4665 mk_sense_invalid_opcode(scp);
4666 return check_condition_result;
4667 }
4668
4669 write_lock(macc_lckp);
4670
4671 if (all) {
4672 zbc_rwp_all(devip);
4673 goto fini;
4674 }
4675
4676 z_id = get_unaligned_be64(cmd + 2);
4677 if (z_id >= sdebug_capacity) {
4678 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4679 res = check_condition_result;
4680 goto fini;
4681 }
4682
4683 zsp = zbc_zone(devip, z_id);
4684 if (z_id != zsp->z_start) {
4685 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4686 res = check_condition_result;
4687 goto fini;
4688 }
4689 if (zbc_zone_is_conv(zsp)) {
4690 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4691 res = check_condition_result;
4692 goto fini;
4693 }
4694
4695 zbc_rwp_zone(devip, zsp);
4696 fini:
4697 write_unlock(macc_lckp);
4698 return res;
4699 }
4700
get_queue(struct scsi_cmnd * cmnd)4701 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
4702 {
4703 u16 hwq;
4704 u32 tag = blk_mq_unique_tag(cmnd->request);
4705
4706 hwq = blk_mq_unique_tag_to_hwq(tag);
4707
4708 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
4709 if (WARN_ON_ONCE(hwq >= submit_queues))
4710 hwq = 0;
4711
4712 return sdebug_q_arr + hwq;
4713 }
4714
get_tag(struct scsi_cmnd * cmnd)4715 static u32 get_tag(struct scsi_cmnd *cmnd)
4716 {
4717 return blk_mq_unique_tag(cmnd->request);
4718 }
4719
4720 /* Queued (deferred) command completions converge here. */
sdebug_q_cmd_complete(struct sdebug_defer * sd_dp)4721 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
4722 {
4723 bool aborted = sd_dp->aborted;
4724 int qc_idx;
4725 int retiring = 0;
4726 unsigned long iflags;
4727 struct sdebug_queue *sqp;
4728 struct sdebug_queued_cmd *sqcp;
4729 struct scsi_cmnd *scp;
4730 struct sdebug_dev_info *devip;
4731
4732 sd_dp->defer_t = SDEB_DEFER_NONE;
4733 if (unlikely(aborted))
4734 sd_dp->aborted = false;
4735 qc_idx = sd_dp->qc_idx;
4736 sqp = sdebug_q_arr + sd_dp->sqa_idx;
4737 if (sdebug_statistics) {
4738 atomic_inc(&sdebug_completions);
4739 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
4740 atomic_inc(&sdebug_miss_cpus);
4741 }
4742 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
4743 pr_err("wild qc_idx=%d\n", qc_idx);
4744 return;
4745 }
4746 spin_lock_irqsave(&sqp->qc_lock, iflags);
4747 sqcp = &sqp->qc_arr[qc_idx];
4748 scp = sqcp->a_cmnd;
4749 if (unlikely(scp == NULL)) {
4750 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4751 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d, hc_idx=%d\n",
4752 sd_dp->sqa_idx, qc_idx, sd_dp->hc_idx);
4753 return;
4754 }
4755 devip = (struct sdebug_dev_info *)scp->device->hostdata;
4756 if (likely(devip))
4757 atomic_dec(&devip->num_in_q);
4758 else
4759 pr_err("devip=NULL\n");
4760 if (unlikely(atomic_read(&retired_max_queue) > 0))
4761 retiring = 1;
4762
4763 sqcp->a_cmnd = NULL;
4764 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
4765 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4766 pr_err("Unexpected completion\n");
4767 return;
4768 }
4769
4770 if (unlikely(retiring)) { /* user has reduced max_queue */
4771 int k, retval;
4772
4773 retval = atomic_read(&retired_max_queue);
4774 if (qc_idx >= retval) {
4775 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4776 pr_err("index %d too large\n", retval);
4777 return;
4778 }
4779 k = find_last_bit(sqp->in_use_bm, retval);
4780 if ((k < sdebug_max_queue) || (k == retval))
4781 atomic_set(&retired_max_queue, 0);
4782 else
4783 atomic_set(&retired_max_queue, k + 1);
4784 }
4785 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4786 if (unlikely(aborted)) {
4787 if (sdebug_verbose)
4788 pr_info("bypassing scsi_done() due to aborted cmd\n");
4789 return;
4790 }
4791 scp->scsi_done(scp); /* callback to mid level */
4792 }
4793
4794 /* When high resolution timer goes off this function is called. */
sdebug_q_cmd_hrt_complete(struct hrtimer * timer)4795 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
4796 {
4797 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
4798 hrt);
4799 sdebug_q_cmd_complete(sd_dp);
4800 return HRTIMER_NORESTART;
4801 }
4802
4803 /* When work queue schedules work, it calls this function. */
sdebug_q_cmd_wq_complete(struct work_struct * work)4804 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
4805 {
4806 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
4807 ew.work);
4808 sdebug_q_cmd_complete(sd_dp);
4809 }
4810
4811 static bool got_shared_uuid;
4812 static uuid_t shared_uuid;
4813
sdebug_device_create_zones(struct sdebug_dev_info * devip)4814 static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
4815 {
4816 struct sdeb_zone_state *zsp;
4817 sector_t capacity = get_sdebug_capacity();
4818 sector_t zstart = 0;
4819 unsigned int i;
4820
4821 /*
4822 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
4823 * a zone size allowing for at least 4 zones on the device. Otherwise,
4824 * use the specified zone size checking that at least 2 zones can be
4825 * created for the device.
4826 */
4827 if (!sdeb_zbc_zone_size_mb) {
4828 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
4829 >> ilog2(sdebug_sector_size);
4830 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
4831 devip->zsize >>= 1;
4832 if (devip->zsize < 2) {
4833 pr_err("Device capacity too small\n");
4834 return -EINVAL;
4835 }
4836 } else {
4837 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
4838 pr_err("Zone size is not a power of 2\n");
4839 return -EINVAL;
4840 }
4841 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
4842 >> ilog2(sdebug_sector_size);
4843 if (devip->zsize >= capacity) {
4844 pr_err("Zone size too large for device capacity\n");
4845 return -EINVAL;
4846 }
4847 }
4848
4849 devip->zsize_shift = ilog2(devip->zsize);
4850 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
4851
4852 if (sdeb_zbc_nr_conv >= devip->nr_zones) {
4853 pr_err("Number of conventional zones too large\n");
4854 return -EINVAL;
4855 }
4856 devip->nr_conv_zones = sdeb_zbc_nr_conv;
4857
4858 if (devip->zmodel == BLK_ZONED_HM) {
4859 /* zbc_max_open_zones can be 0, meaning "not reported" */
4860 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
4861 devip->max_open = (devip->nr_zones - 1) / 2;
4862 else
4863 devip->max_open = sdeb_zbc_max_open;
4864 }
4865
4866 devip->zstate = kcalloc(devip->nr_zones,
4867 sizeof(struct sdeb_zone_state), GFP_KERNEL);
4868 if (!devip->zstate)
4869 return -ENOMEM;
4870
4871 for (i = 0; i < devip->nr_zones; i++) {
4872 zsp = &devip->zstate[i];
4873
4874 zsp->z_start = zstart;
4875
4876 if (i < devip->nr_conv_zones) {
4877 zsp->z_type = ZBC_ZONE_TYPE_CNV;
4878 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
4879 zsp->z_wp = (sector_t)-1;
4880 } else {
4881 if (devip->zmodel == BLK_ZONED_HM)
4882 zsp->z_type = ZBC_ZONE_TYPE_SWR;
4883 else
4884 zsp->z_type = ZBC_ZONE_TYPE_SWP;
4885 zsp->z_cond = ZC1_EMPTY;
4886 zsp->z_wp = zsp->z_start;
4887 }
4888
4889 if (zsp->z_start + devip->zsize < capacity)
4890 zsp->z_size = devip->zsize;
4891 else
4892 zsp->z_size = capacity - zsp->z_start;
4893
4894 zstart += zsp->z_size;
4895 }
4896
4897 return 0;
4898 }
4899
sdebug_device_create(struct sdebug_host_info * sdbg_host,gfp_t flags)4900 static struct sdebug_dev_info *sdebug_device_create(
4901 struct sdebug_host_info *sdbg_host, gfp_t flags)
4902 {
4903 struct sdebug_dev_info *devip;
4904
4905 devip = kzalloc(sizeof(*devip), flags);
4906 if (devip) {
4907 if (sdebug_uuid_ctl == 1)
4908 uuid_gen(&devip->lu_name);
4909 else if (sdebug_uuid_ctl == 2) {
4910 if (got_shared_uuid)
4911 devip->lu_name = shared_uuid;
4912 else {
4913 uuid_gen(&shared_uuid);
4914 got_shared_uuid = true;
4915 devip->lu_name = shared_uuid;
4916 }
4917 }
4918 devip->sdbg_host = sdbg_host;
4919 if (sdeb_zbc_in_use) {
4920 devip->zmodel = sdeb_zbc_model;
4921 if (sdebug_device_create_zones(devip)) {
4922 kfree(devip);
4923 return NULL;
4924 }
4925 } else {
4926 devip->zmodel = BLK_ZONED_NONE;
4927 }
4928 devip->sdbg_host = sdbg_host;
4929 devip->create_ts = ktime_get_boottime();
4930 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
4931 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
4932 }
4933 return devip;
4934 }
4935
find_build_dev_info(struct scsi_device * sdev)4936 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
4937 {
4938 struct sdebug_host_info *sdbg_host;
4939 struct sdebug_dev_info *open_devip = NULL;
4940 struct sdebug_dev_info *devip;
4941
4942 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
4943 if (!sdbg_host) {
4944 pr_err("Host info NULL\n");
4945 return NULL;
4946 }
4947
4948 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
4949 if ((devip->used) && (devip->channel == sdev->channel) &&
4950 (devip->target == sdev->id) &&
4951 (devip->lun == sdev->lun))
4952 return devip;
4953 else {
4954 if ((!devip->used) && (!open_devip))
4955 open_devip = devip;
4956 }
4957 }
4958 if (!open_devip) { /* try and make a new one */
4959 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
4960 if (!open_devip) {
4961 pr_err("out of memory at line %d\n", __LINE__);
4962 return NULL;
4963 }
4964 }
4965
4966 open_devip->channel = sdev->channel;
4967 open_devip->target = sdev->id;
4968 open_devip->lun = sdev->lun;
4969 open_devip->sdbg_host = sdbg_host;
4970 atomic_set(&open_devip->num_in_q, 0);
4971 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
4972 open_devip->used = true;
4973 return open_devip;
4974 }
4975
scsi_debug_slave_alloc(struct scsi_device * sdp)4976 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
4977 {
4978 if (sdebug_verbose)
4979 pr_info("slave_alloc <%u %u %u %llu>\n",
4980 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4981 return 0;
4982 }
4983
scsi_debug_slave_configure(struct scsi_device * sdp)4984 static int scsi_debug_slave_configure(struct scsi_device *sdp)
4985 {
4986 struct sdebug_dev_info *devip =
4987 (struct sdebug_dev_info *)sdp->hostdata;
4988
4989 if (sdebug_verbose)
4990 pr_info("slave_configure <%u %u %u %llu>\n",
4991 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4992 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
4993 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
4994 if (devip == NULL) {
4995 devip = find_build_dev_info(sdp);
4996 if (devip == NULL)
4997 return 1; /* no resources, will be marked offline */
4998 }
4999 sdp->hostdata = devip;
5000 if (sdebug_no_uld)
5001 sdp->no_uld_attach = 1;
5002 config_cdb_len(sdp);
5003 return 0;
5004 }
5005
scsi_debug_slave_destroy(struct scsi_device * sdp)5006 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5007 {
5008 struct sdebug_dev_info *devip =
5009 (struct sdebug_dev_info *)sdp->hostdata;
5010
5011 if (sdebug_verbose)
5012 pr_info("slave_destroy <%u %u %u %llu>\n",
5013 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5014 if (devip) {
5015 /* make this slot available for re-use */
5016 devip->used = false;
5017 sdp->hostdata = NULL;
5018 }
5019 }
5020
stop_qc_helper(struct sdebug_defer * sd_dp,enum sdeb_defer_type defer_t)5021 static void stop_qc_helper(struct sdebug_defer *sd_dp,
5022 enum sdeb_defer_type defer_t)
5023 {
5024 if (!sd_dp)
5025 return;
5026 if (defer_t == SDEB_DEFER_HRT)
5027 hrtimer_cancel(&sd_dp->hrt);
5028 else if (defer_t == SDEB_DEFER_WQ)
5029 cancel_work_sync(&sd_dp->ew.work);
5030 }
5031
5032 /* If @cmnd found deletes its timer or work queue and returns true; else
5033 returns false */
stop_queued_cmnd(struct scsi_cmnd * cmnd)5034 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
5035 {
5036 unsigned long iflags;
5037 int j, k, qmax, r_qmax;
5038 enum sdeb_defer_type l_defer_t;
5039 struct sdebug_queue *sqp;
5040 struct sdebug_queued_cmd *sqcp;
5041 struct sdebug_dev_info *devip;
5042 struct sdebug_defer *sd_dp;
5043
5044 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5045 spin_lock_irqsave(&sqp->qc_lock, iflags);
5046 qmax = sdebug_max_queue;
5047 r_qmax = atomic_read(&retired_max_queue);
5048 if (r_qmax > qmax)
5049 qmax = r_qmax;
5050 for (k = 0; k < qmax; ++k) {
5051 if (test_bit(k, sqp->in_use_bm)) {
5052 sqcp = &sqp->qc_arr[k];
5053 if (cmnd != sqcp->a_cmnd)
5054 continue;
5055 /* found */
5056 devip = (struct sdebug_dev_info *)
5057 cmnd->device->hostdata;
5058 if (devip)
5059 atomic_dec(&devip->num_in_q);
5060 sqcp->a_cmnd = NULL;
5061 sd_dp = sqcp->sd_dp;
5062 if (sd_dp) {
5063 l_defer_t = sd_dp->defer_t;
5064 sd_dp->defer_t = SDEB_DEFER_NONE;
5065 } else
5066 l_defer_t = SDEB_DEFER_NONE;
5067 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5068 stop_qc_helper(sd_dp, l_defer_t);
5069 clear_bit(k, sqp->in_use_bm);
5070 return true;
5071 }
5072 }
5073 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5074 }
5075 return false;
5076 }
5077
5078 /* Deletes (stops) timers or work queues of all queued commands */
stop_all_queued(void)5079 static void stop_all_queued(void)
5080 {
5081 unsigned long iflags;
5082 int j, k;
5083 enum sdeb_defer_type l_defer_t;
5084 struct sdebug_queue *sqp;
5085 struct sdebug_queued_cmd *sqcp;
5086 struct sdebug_dev_info *devip;
5087 struct sdebug_defer *sd_dp;
5088
5089 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5090 spin_lock_irqsave(&sqp->qc_lock, iflags);
5091 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5092 if (test_bit(k, sqp->in_use_bm)) {
5093 sqcp = &sqp->qc_arr[k];
5094 if (sqcp->a_cmnd == NULL)
5095 continue;
5096 devip = (struct sdebug_dev_info *)
5097 sqcp->a_cmnd->device->hostdata;
5098 if (devip)
5099 atomic_dec(&devip->num_in_q);
5100 sqcp->a_cmnd = NULL;
5101 sd_dp = sqcp->sd_dp;
5102 if (sd_dp) {
5103 l_defer_t = sd_dp->defer_t;
5104 sd_dp->defer_t = SDEB_DEFER_NONE;
5105 } else
5106 l_defer_t = SDEB_DEFER_NONE;
5107 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5108 stop_qc_helper(sd_dp, l_defer_t);
5109 clear_bit(k, sqp->in_use_bm);
5110 spin_lock_irqsave(&sqp->qc_lock, iflags);
5111 }
5112 }
5113 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5114 }
5115 }
5116
5117 /* Free queued command memory on heap */
free_all_queued(void)5118 static void free_all_queued(void)
5119 {
5120 int j, k;
5121 struct sdebug_queue *sqp;
5122 struct sdebug_queued_cmd *sqcp;
5123
5124 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5125 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5126 sqcp = &sqp->qc_arr[k];
5127 kfree(sqcp->sd_dp);
5128 sqcp->sd_dp = NULL;
5129 }
5130 }
5131 }
5132
scsi_debug_abort(struct scsi_cmnd * SCpnt)5133 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5134 {
5135 bool ok;
5136
5137 ++num_aborts;
5138 if (SCpnt) {
5139 ok = stop_queued_cmnd(SCpnt);
5140 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5141 sdev_printk(KERN_INFO, SCpnt->device,
5142 "%s: command%s found\n", __func__,
5143 ok ? "" : " not");
5144 }
5145 return SUCCESS;
5146 }
5147
scsi_debug_device_reset(struct scsi_cmnd * SCpnt)5148 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5149 {
5150 ++num_dev_resets;
5151 if (SCpnt && SCpnt->device) {
5152 struct scsi_device *sdp = SCpnt->device;
5153 struct sdebug_dev_info *devip =
5154 (struct sdebug_dev_info *)sdp->hostdata;
5155
5156 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5157 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5158 if (devip)
5159 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5160 }
5161 return SUCCESS;
5162 }
5163
scsi_debug_target_reset(struct scsi_cmnd * SCpnt)5164 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5165 {
5166 struct sdebug_host_info *sdbg_host;
5167 struct sdebug_dev_info *devip;
5168 struct scsi_device *sdp;
5169 struct Scsi_Host *hp;
5170 int k = 0;
5171
5172 ++num_target_resets;
5173 if (!SCpnt)
5174 goto lie;
5175 sdp = SCpnt->device;
5176 if (!sdp)
5177 goto lie;
5178 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5179 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5180 hp = sdp->host;
5181 if (!hp)
5182 goto lie;
5183 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5184 if (sdbg_host) {
5185 list_for_each_entry(devip,
5186 &sdbg_host->dev_info_list,
5187 dev_list)
5188 if (devip->target == sdp->id) {
5189 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5190 ++k;
5191 }
5192 }
5193 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5194 sdev_printk(KERN_INFO, sdp,
5195 "%s: %d device(s) found in target\n", __func__, k);
5196 lie:
5197 return SUCCESS;
5198 }
5199
scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)5200 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5201 {
5202 struct sdebug_host_info *sdbg_host;
5203 struct sdebug_dev_info *devip;
5204 struct scsi_device *sdp;
5205 struct Scsi_Host *hp;
5206 int k = 0;
5207
5208 ++num_bus_resets;
5209 if (!(SCpnt && SCpnt->device))
5210 goto lie;
5211 sdp = SCpnt->device;
5212 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5213 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5214 hp = sdp->host;
5215 if (hp) {
5216 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5217 if (sdbg_host) {
5218 list_for_each_entry(devip,
5219 &sdbg_host->dev_info_list,
5220 dev_list) {
5221 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5222 ++k;
5223 }
5224 }
5225 }
5226 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5227 sdev_printk(KERN_INFO, sdp,
5228 "%s: %d device(s) found in host\n", __func__, k);
5229 lie:
5230 return SUCCESS;
5231 }
5232
scsi_debug_host_reset(struct scsi_cmnd * SCpnt)5233 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5234 {
5235 struct sdebug_host_info *sdbg_host;
5236 struct sdebug_dev_info *devip;
5237 int k = 0;
5238
5239 ++num_host_resets;
5240 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5241 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5242 spin_lock(&sdebug_host_list_lock);
5243 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5244 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5245 dev_list) {
5246 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5247 ++k;
5248 }
5249 }
5250 spin_unlock(&sdebug_host_list_lock);
5251 stop_all_queued();
5252 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5253 sdev_printk(KERN_INFO, SCpnt->device,
5254 "%s: %d device(s) found\n", __func__, k);
5255 return SUCCESS;
5256 }
5257
sdebug_build_parts(unsigned char * ramp,unsigned long store_size)5258 static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5259 {
5260 struct msdos_partition *pp;
5261 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5262 int sectors_per_part, num_sectors, k;
5263 int heads_by_sects, start_sec, end_sec;
5264
5265 /* assume partition table already zeroed */
5266 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5267 return;
5268 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5269 sdebug_num_parts = SDEBUG_MAX_PARTS;
5270 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5271 }
5272 num_sectors = (int)get_sdebug_capacity();
5273 sectors_per_part = (num_sectors - sdebug_sectors_per)
5274 / sdebug_num_parts;
5275 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5276 starts[0] = sdebug_sectors_per;
5277 max_part_secs = sectors_per_part;
5278 for (k = 1; k < sdebug_num_parts; ++k) {
5279 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5280 * heads_by_sects;
5281 if (starts[k] - starts[k - 1] < max_part_secs)
5282 max_part_secs = starts[k] - starts[k - 1];
5283 }
5284 starts[sdebug_num_parts] = num_sectors;
5285 starts[sdebug_num_parts + 1] = 0;
5286
5287 ramp[510] = 0x55; /* magic partition markings */
5288 ramp[511] = 0xAA;
5289 pp = (struct msdos_partition *)(ramp + 0x1be);
5290 for (k = 0; starts[k + 1]; ++k, ++pp) {
5291 start_sec = starts[k];
5292 end_sec = starts[k] + max_part_secs - 1;
5293 pp->boot_ind = 0;
5294
5295 pp->cyl = start_sec / heads_by_sects;
5296 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5297 / sdebug_sectors_per;
5298 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5299
5300 pp->end_cyl = end_sec / heads_by_sects;
5301 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5302 / sdebug_sectors_per;
5303 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5304
5305 pp->start_sect = cpu_to_le32(start_sec);
5306 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5307 pp->sys_ind = 0x83; /* plain Linux partition */
5308 }
5309 }
5310
block_unblock_all_queues(bool block)5311 static void block_unblock_all_queues(bool block)
5312 {
5313 int j;
5314 struct sdebug_queue *sqp;
5315
5316 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
5317 atomic_set(&sqp->blocked, (int)block);
5318 }
5319
5320 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5321 * commands will be processed normally before triggers occur.
5322 */
tweak_cmnd_count(void)5323 static void tweak_cmnd_count(void)
5324 {
5325 int count, modulo;
5326
5327 modulo = abs(sdebug_every_nth);
5328 if (modulo < 2)
5329 return;
5330 block_unblock_all_queues(true);
5331 count = atomic_read(&sdebug_cmnd_count);
5332 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5333 block_unblock_all_queues(false);
5334 }
5335
clear_queue_stats(void)5336 static void clear_queue_stats(void)
5337 {
5338 atomic_set(&sdebug_cmnd_count, 0);
5339 atomic_set(&sdebug_completions, 0);
5340 atomic_set(&sdebug_miss_cpus, 0);
5341 atomic_set(&sdebug_a_tsf, 0);
5342 }
5343
inject_on_this_cmd(void)5344 static bool inject_on_this_cmd(void)
5345 {
5346 if (sdebug_every_nth == 0)
5347 return false;
5348 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5349 }
5350
5351 #define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5352
5353 /* Complete the processing of the thread that queued a SCSI command to this
5354 * driver. It either completes the command by calling cmnd_done() or
5355 * schedules a hr timer or work queue then returns 0. Returns
5356 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5357 */
schedule_resp(struct scsi_cmnd * cmnd,struct sdebug_dev_info * devip,int scsi_result,int (* pfp)(struct scsi_cmnd *,struct sdebug_dev_info *),int delta_jiff,int ndelay)5358 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5359 int scsi_result,
5360 int (*pfp)(struct scsi_cmnd *,
5361 struct sdebug_dev_info *),
5362 int delta_jiff, int ndelay)
5363 {
5364 bool new_sd_dp;
5365 bool inject = false;
5366 int k, num_in_q, qdepth;
5367 unsigned long iflags;
5368 u64 ns_from_boot = 0;
5369 struct sdebug_queue *sqp;
5370 struct sdebug_queued_cmd *sqcp;
5371 struct scsi_device *sdp;
5372 struct sdebug_defer *sd_dp;
5373
5374 if (unlikely(devip == NULL)) {
5375 if (scsi_result == 0)
5376 scsi_result = DID_NO_CONNECT << 16;
5377 goto respond_in_thread;
5378 }
5379 sdp = cmnd->device;
5380
5381 if (delta_jiff == 0)
5382 goto respond_in_thread;
5383
5384 sqp = get_queue(cmnd);
5385 spin_lock_irqsave(&sqp->qc_lock, iflags);
5386 if (unlikely(atomic_read(&sqp->blocked))) {
5387 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5388 return SCSI_MLQUEUE_HOST_BUSY;
5389 }
5390 num_in_q = atomic_read(&devip->num_in_q);
5391 qdepth = cmnd->device->queue_depth;
5392 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
5393 if (scsi_result) {
5394 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5395 goto respond_in_thread;
5396 } else
5397 scsi_result = device_qfull_result;
5398 } else if (unlikely(sdebug_every_nth &&
5399 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5400 (scsi_result == 0))) {
5401 if ((num_in_q == (qdepth - 1)) &&
5402 (atomic_inc_return(&sdebug_a_tsf) >=
5403 abs(sdebug_every_nth))) {
5404 atomic_set(&sdebug_a_tsf, 0);
5405 inject = true;
5406 scsi_result = device_qfull_result;
5407 }
5408 }
5409
5410 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
5411 if (unlikely(k >= sdebug_max_queue)) {
5412 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5413 if (scsi_result)
5414 goto respond_in_thread;
5415 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
5416 scsi_result = device_qfull_result;
5417 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
5418 sdev_printk(KERN_INFO, sdp,
5419 "%s: max_queue=%d exceeded, %s\n",
5420 __func__, sdebug_max_queue,
5421 (scsi_result ? "status: TASK SET FULL" :
5422 "report: host busy"));
5423 if (scsi_result)
5424 goto respond_in_thread;
5425 else
5426 return SCSI_MLQUEUE_HOST_BUSY;
5427 }
5428 set_bit(k, sqp->in_use_bm);
5429 atomic_inc(&devip->num_in_q);
5430 sqcp = &sqp->qc_arr[k];
5431 sqcp->a_cmnd = cmnd;
5432 cmnd->host_scribble = (unsigned char *)sqcp;
5433 sd_dp = sqcp->sd_dp;
5434 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5435 if (!sd_dp) {
5436 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
5437 if (!sd_dp) {
5438 atomic_dec(&devip->num_in_q);
5439 clear_bit(k, sqp->in_use_bm);
5440 return SCSI_MLQUEUE_HOST_BUSY;
5441 }
5442 new_sd_dp = true;
5443 } else {
5444 new_sd_dp = false;
5445 }
5446
5447 /* Set the hostwide tag */
5448 if (sdebug_host_max_queue)
5449 sd_dp->hc_idx = get_tag(cmnd);
5450
5451 if (ndelay > 0 && ndelay < INCLUSIVE_TIMING_MAX_NS)
5452 ns_from_boot = ktime_get_boottime_ns();
5453
5454 /* one of the resp_*() response functions is called here */
5455 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
5456 if (cmnd->result & SDEG_RES_IMMED_MASK) {
5457 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5458 delta_jiff = ndelay = 0;
5459 }
5460 if (cmnd->result == 0 && scsi_result != 0)
5461 cmnd->result = scsi_result;
5462 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
5463 if (atomic_read(&sdeb_inject_pending)) {
5464 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
5465 atomic_set(&sdeb_inject_pending, 0);
5466 cmnd->result = check_condition_result;
5467 }
5468 }
5469
5470 if (unlikely(sdebug_verbose && cmnd->result))
5471 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
5472 __func__, cmnd->result);
5473
5474 if (delta_jiff > 0 || ndelay > 0) {
5475 ktime_t kt;
5476
5477 if (delta_jiff > 0) {
5478 u64 ns = jiffies_to_nsecs(delta_jiff);
5479
5480 if (sdebug_random && ns < U32_MAX) {
5481 ns = prandom_u32_max((u32)ns);
5482 } else if (sdebug_random) {
5483 ns >>= 12; /* scale to 4 usec precision */
5484 if (ns < U32_MAX) /* over 4 hours max */
5485 ns = prandom_u32_max((u32)ns);
5486 ns <<= 12;
5487 }
5488 kt = ns_to_ktime(ns);
5489 } else { /* ndelay has a 4.2 second max */
5490 kt = sdebug_random ? prandom_u32_max((u32)ndelay) :
5491 (u32)ndelay;
5492 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
5493 u64 d = ktime_get_boottime_ns() - ns_from_boot;
5494
5495 if (kt <= d) { /* elapsed duration >= kt */
5496 spin_lock_irqsave(&sqp->qc_lock, iflags);
5497 sqcp->a_cmnd = NULL;
5498 atomic_dec(&devip->num_in_q);
5499 clear_bit(k, sqp->in_use_bm);
5500 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5501 if (new_sd_dp)
5502 kfree(sd_dp);
5503 /* call scsi_done() from this thread */
5504 cmnd->scsi_done(cmnd);
5505 return 0;
5506 }
5507 /* otherwise reduce kt by elapsed time */
5508 kt -= d;
5509 }
5510 }
5511 if (!sd_dp->init_hrt) {
5512 sd_dp->init_hrt = true;
5513 sqcp->sd_dp = sd_dp;
5514 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
5515 HRTIMER_MODE_REL_PINNED);
5516 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5517 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5518 sd_dp->qc_idx = k;
5519 }
5520 if (sdebug_statistics)
5521 sd_dp->issuing_cpu = raw_smp_processor_id();
5522 sd_dp->defer_t = SDEB_DEFER_HRT;
5523 /* schedule the invocation of scsi_done() for a later time */
5524 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
5525 } else { /* jdelay < 0, use work queue */
5526 if (!sd_dp->init_wq) {
5527 sd_dp->init_wq = true;
5528 sqcp->sd_dp = sd_dp;
5529 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5530 sd_dp->qc_idx = k;
5531 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5532 }
5533 if (sdebug_statistics)
5534 sd_dp->issuing_cpu = raw_smp_processor_id();
5535 sd_dp->defer_t = SDEB_DEFER_WQ;
5536 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5537 atomic_read(&sdeb_inject_pending)))
5538 sd_dp->aborted = true;
5539 schedule_work(&sd_dp->ew.work);
5540 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5541 atomic_read(&sdeb_inject_pending))) {
5542 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n", cmnd->request->tag);
5543 blk_abort_request(cmnd->request);
5544 atomic_set(&sdeb_inject_pending, 0);
5545 }
5546 }
5547 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && scsi_result == device_qfull_result))
5548 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, %s%s\n", __func__,
5549 num_in_q, (inject ? "<inject> " : ""), "status: TASK SET FULL");
5550 return 0;
5551
5552 respond_in_thread: /* call back to mid-layer using invocation thread */
5553 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
5554 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5555 if (cmnd->result == 0 && scsi_result != 0)
5556 cmnd->result = scsi_result;
5557 cmnd->scsi_done(cmnd);
5558 return 0;
5559 }
5560
5561 /* Note: The following macros create attribute files in the
5562 /sys/module/scsi_debug/parameters directory. Unfortunately this
5563 driver is unaware of a change and cannot trigger auxiliary actions
5564 as it can when the corresponding attribute in the
5565 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
5566 */
5567 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
5568 module_param_named(ato, sdebug_ato, int, S_IRUGO);
5569 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
5570 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
5571 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
5572 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
5573 module_param_named(dif, sdebug_dif, int, S_IRUGO);
5574 module_param_named(dix, sdebug_dix, int, S_IRUGO);
5575 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
5576 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
5577 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
5578 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
5579 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
5580 module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
5581 module_param_string(inq_product, sdebug_inq_product_id,
5582 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
5583 module_param_string(inq_rev, sdebug_inq_product_rev,
5584 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
5585 module_param_string(inq_vendor, sdebug_inq_vendor_id,
5586 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
5587 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
5588 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
5589 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
5590 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
5591 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
5592 module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
5593 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
5594 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
5595 module_param_named(medium_error_count, sdebug_medium_error_count, int,
5596 S_IRUGO | S_IWUSR);
5597 module_param_named(medium_error_start, sdebug_medium_error_start, int,
5598 S_IRUGO | S_IWUSR);
5599 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
5600 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
5601 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
5602 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
5603 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
5604 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
5605 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
5606 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
5607 module_param_named(per_host_store, sdebug_per_host_store, bool,
5608 S_IRUGO | S_IWUSR);
5609 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
5610 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
5611 module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
5612 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
5613 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
5614 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
5615 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
5616 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
5617 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
5618 module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
5619 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
5620 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
5621 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
5622 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
5623 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
5624 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
5625 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
5626 S_IRUGO | S_IWUSR);
5627 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
5628 module_param_named(write_same_length, sdebug_write_same_length, int,
5629 S_IRUGO | S_IWUSR);
5630 module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
5631 module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
5632 module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
5633 module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
5634
5635 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
5636 MODULE_DESCRIPTION("SCSI debug adapter driver");
5637 MODULE_LICENSE("GPL");
5638 MODULE_VERSION(SDEBUG_VERSION);
5639
5640 MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
5641 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
5642 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
5643 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
5644 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
5645 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
5646 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
5647 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
5648 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
5649 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
5650 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
5651 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
5652 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
5653 MODULE_PARM_DESC(host_max_queue,
5654 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
5655 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
5656 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
5657 SDEBUG_VERSION "\")");
5658 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
5659 MODULE_PARM_DESC(lbprz,
5660 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
5661 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
5662 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
5663 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
5664 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
5665 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
5666 MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
5667 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
5668 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
5669 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
5670 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
5671 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
5672 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
5673 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
5674 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
5675 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
5676 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
5677 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
5678 MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
5679 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
5680 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
5681 MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
5682 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
5683 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
5684 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
5685 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
5686 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
5687 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
5688 MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
5689 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
5690 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
5691 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
5692 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
5693 MODULE_PARM_DESC(uuid_ctl,
5694 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
5695 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
5696 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
5697 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
5698 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
5699 MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
5700 MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
5701 MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
5702 MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
5703
5704 #define SDEBUG_INFO_LEN 256
5705 static char sdebug_info[SDEBUG_INFO_LEN];
5706
scsi_debug_info(struct Scsi_Host * shp)5707 static const char *scsi_debug_info(struct Scsi_Host *shp)
5708 {
5709 int k;
5710
5711 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
5712 my_name, SDEBUG_VERSION, sdebug_version_date);
5713 if (k >= (SDEBUG_INFO_LEN - 1))
5714 return sdebug_info;
5715 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
5716 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
5717 sdebug_dev_size_mb, sdebug_opts, submit_queues,
5718 "statistics", (int)sdebug_statistics);
5719 return sdebug_info;
5720 }
5721
5722 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
scsi_debug_write_info(struct Scsi_Host * host,char * buffer,int length)5723 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
5724 int length)
5725 {
5726 char arr[16];
5727 int opts;
5728 int minLen = length > 15 ? 15 : length;
5729
5730 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
5731 return -EACCES;
5732 memcpy(arr, buffer, minLen);
5733 arr[minLen] = '\0';
5734 if (1 != sscanf(arr, "%d", &opts))
5735 return -EINVAL;
5736 sdebug_opts = opts;
5737 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5738 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5739 if (sdebug_every_nth != 0)
5740 tweak_cmnd_count();
5741 return length;
5742 }
5743
5744 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
5745 * same for each scsi_debug host (if more than one). Some of the counters
5746 * output are not atomics so might be inaccurate in a busy system. */
scsi_debug_show_info(struct seq_file * m,struct Scsi_Host * host)5747 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
5748 {
5749 int f, j, l;
5750 struct sdebug_queue *sqp;
5751 struct sdebug_host_info *sdhp;
5752
5753 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
5754 SDEBUG_VERSION, sdebug_version_date);
5755 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
5756 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
5757 sdebug_opts, sdebug_every_nth);
5758 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
5759 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
5760 sdebug_sector_size, "bytes");
5761 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
5762 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
5763 num_aborts);
5764 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
5765 num_dev_resets, num_target_resets, num_bus_resets,
5766 num_host_resets);
5767 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
5768 dix_reads, dix_writes, dif_errors);
5769 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
5770 sdebug_statistics);
5771 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
5772 atomic_read(&sdebug_cmnd_count),
5773 atomic_read(&sdebug_completions),
5774 "miss_cpus", atomic_read(&sdebug_miss_cpus),
5775 atomic_read(&sdebug_a_tsf));
5776
5777 seq_printf(m, "submit_queues=%d\n", submit_queues);
5778 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5779 seq_printf(m, " queue %d:\n", j);
5780 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
5781 if (f != sdebug_max_queue) {
5782 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
5783 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
5784 "first,last bits", f, l);
5785 }
5786 }
5787
5788 seq_printf(m, "this host_no=%d\n", host->host_no);
5789 if (!xa_empty(per_store_ap)) {
5790 bool niu;
5791 int idx;
5792 unsigned long l_idx;
5793 struct sdeb_store_info *sip;
5794
5795 seq_puts(m, "\nhost list:\n");
5796 j = 0;
5797 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
5798 idx = sdhp->si_idx;
5799 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
5800 sdhp->shost->host_no, idx);
5801 ++j;
5802 }
5803 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
5804 sdeb_most_recent_idx);
5805 j = 0;
5806 xa_for_each(per_store_ap, l_idx, sip) {
5807 niu = xa_get_mark(per_store_ap, l_idx,
5808 SDEB_XA_NOT_IN_USE);
5809 idx = (int)l_idx;
5810 seq_printf(m, " %d: idx=%d%s\n", j, idx,
5811 (niu ? " not_in_use" : ""));
5812 ++j;
5813 }
5814 }
5815 return 0;
5816 }
5817
delay_show(struct device_driver * ddp,char * buf)5818 static ssize_t delay_show(struct device_driver *ddp, char *buf)
5819 {
5820 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
5821 }
5822 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
5823 * of delay is jiffies.
5824 */
delay_store(struct device_driver * ddp,const char * buf,size_t count)5825 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
5826 size_t count)
5827 {
5828 int jdelay, res;
5829
5830 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
5831 res = count;
5832 if (sdebug_jdelay != jdelay) {
5833 int j, k;
5834 struct sdebug_queue *sqp;
5835
5836 block_unblock_all_queues(true);
5837 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5838 ++j, ++sqp) {
5839 k = find_first_bit(sqp->in_use_bm,
5840 sdebug_max_queue);
5841 if (k != sdebug_max_queue) {
5842 res = -EBUSY; /* queued commands */
5843 break;
5844 }
5845 }
5846 if (res > 0) {
5847 sdebug_jdelay = jdelay;
5848 sdebug_ndelay = 0;
5849 }
5850 block_unblock_all_queues(false);
5851 }
5852 return res;
5853 }
5854 return -EINVAL;
5855 }
5856 static DRIVER_ATTR_RW(delay);
5857
ndelay_show(struct device_driver * ddp,char * buf)5858 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
5859 {
5860 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
5861 }
5862 /* Returns -EBUSY if ndelay is being changed and commands are queued */
5863 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
ndelay_store(struct device_driver * ddp,const char * buf,size_t count)5864 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
5865 size_t count)
5866 {
5867 int ndelay, res;
5868
5869 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
5870 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
5871 res = count;
5872 if (sdebug_ndelay != ndelay) {
5873 int j, k;
5874 struct sdebug_queue *sqp;
5875
5876 block_unblock_all_queues(true);
5877 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5878 ++j, ++sqp) {
5879 k = find_first_bit(sqp->in_use_bm,
5880 sdebug_max_queue);
5881 if (k != sdebug_max_queue) {
5882 res = -EBUSY; /* queued commands */
5883 break;
5884 }
5885 }
5886 if (res > 0) {
5887 sdebug_ndelay = ndelay;
5888 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
5889 : DEF_JDELAY;
5890 }
5891 block_unblock_all_queues(false);
5892 }
5893 return res;
5894 }
5895 return -EINVAL;
5896 }
5897 static DRIVER_ATTR_RW(ndelay);
5898
opts_show(struct device_driver * ddp,char * buf)5899 static ssize_t opts_show(struct device_driver *ddp, char *buf)
5900 {
5901 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
5902 }
5903
opts_store(struct device_driver * ddp,const char * buf,size_t count)5904 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
5905 size_t count)
5906 {
5907 int opts;
5908 char work[20];
5909
5910 if (sscanf(buf, "%10s", work) == 1) {
5911 if (strncasecmp(work, "0x", 2) == 0) {
5912 if (kstrtoint(work + 2, 16, &opts) == 0)
5913 goto opts_done;
5914 } else {
5915 if (kstrtoint(work, 10, &opts) == 0)
5916 goto opts_done;
5917 }
5918 }
5919 return -EINVAL;
5920 opts_done:
5921 sdebug_opts = opts;
5922 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5923 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5924 tweak_cmnd_count();
5925 return count;
5926 }
5927 static DRIVER_ATTR_RW(opts);
5928
ptype_show(struct device_driver * ddp,char * buf)5929 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
5930 {
5931 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
5932 }
ptype_store(struct device_driver * ddp,const char * buf,size_t count)5933 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
5934 size_t count)
5935 {
5936 int n;
5937
5938 /* Cannot change from or to TYPE_ZBC with sysfs */
5939 if (sdebug_ptype == TYPE_ZBC)
5940 return -EINVAL;
5941
5942 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5943 if (n == TYPE_ZBC)
5944 return -EINVAL;
5945 sdebug_ptype = n;
5946 return count;
5947 }
5948 return -EINVAL;
5949 }
5950 static DRIVER_ATTR_RW(ptype);
5951
dsense_show(struct device_driver * ddp,char * buf)5952 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
5953 {
5954 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
5955 }
dsense_store(struct device_driver * ddp,const char * buf,size_t count)5956 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
5957 size_t count)
5958 {
5959 int n;
5960
5961 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5962 sdebug_dsense = n;
5963 return count;
5964 }
5965 return -EINVAL;
5966 }
5967 static DRIVER_ATTR_RW(dsense);
5968
fake_rw_show(struct device_driver * ddp,char * buf)5969 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
5970 {
5971 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
5972 }
fake_rw_store(struct device_driver * ddp,const char * buf,size_t count)5973 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
5974 size_t count)
5975 {
5976 int n, idx;
5977
5978 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5979 bool want_store = (n == 0);
5980 struct sdebug_host_info *sdhp;
5981
5982 n = (n > 0);
5983 sdebug_fake_rw = (sdebug_fake_rw > 0);
5984 if (sdebug_fake_rw == n)
5985 return count; /* not transitioning so do nothing */
5986
5987 if (want_store) { /* 1 --> 0 transition, set up store */
5988 if (sdeb_first_idx < 0) {
5989 idx = sdebug_add_store();
5990 if (idx < 0)
5991 return idx;
5992 } else {
5993 idx = sdeb_first_idx;
5994 xa_clear_mark(per_store_ap, idx,
5995 SDEB_XA_NOT_IN_USE);
5996 }
5997 /* make all hosts use same store */
5998 list_for_each_entry(sdhp, &sdebug_host_list,
5999 host_list) {
6000 if (sdhp->si_idx != idx) {
6001 xa_set_mark(per_store_ap, sdhp->si_idx,
6002 SDEB_XA_NOT_IN_USE);
6003 sdhp->si_idx = idx;
6004 }
6005 }
6006 sdeb_most_recent_idx = idx;
6007 } else { /* 0 --> 1 transition is trigger for shrink */
6008 sdebug_erase_all_stores(true /* apart from first */);
6009 }
6010 sdebug_fake_rw = n;
6011 return count;
6012 }
6013 return -EINVAL;
6014 }
6015 static DRIVER_ATTR_RW(fake_rw);
6016
no_lun_0_show(struct device_driver * ddp,char * buf)6017 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6018 {
6019 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6020 }
no_lun_0_store(struct device_driver * ddp,const char * buf,size_t count)6021 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6022 size_t count)
6023 {
6024 int n;
6025
6026 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6027 sdebug_no_lun_0 = n;
6028 return count;
6029 }
6030 return -EINVAL;
6031 }
6032 static DRIVER_ATTR_RW(no_lun_0);
6033
num_tgts_show(struct device_driver * ddp,char * buf)6034 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6035 {
6036 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6037 }
num_tgts_store(struct device_driver * ddp,const char * buf,size_t count)6038 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6039 size_t count)
6040 {
6041 int n;
6042
6043 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6044 sdebug_num_tgts = n;
6045 sdebug_max_tgts_luns();
6046 return count;
6047 }
6048 return -EINVAL;
6049 }
6050 static DRIVER_ATTR_RW(num_tgts);
6051
dev_size_mb_show(struct device_driver * ddp,char * buf)6052 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6053 {
6054 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6055 }
6056 static DRIVER_ATTR_RO(dev_size_mb);
6057
per_host_store_show(struct device_driver * ddp,char * buf)6058 static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6059 {
6060 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6061 }
6062
per_host_store_store(struct device_driver * ddp,const char * buf,size_t count)6063 static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6064 size_t count)
6065 {
6066 bool v;
6067
6068 if (kstrtobool(buf, &v))
6069 return -EINVAL;
6070
6071 sdebug_per_host_store = v;
6072 return count;
6073 }
6074 static DRIVER_ATTR_RW(per_host_store);
6075
num_parts_show(struct device_driver * ddp,char * buf)6076 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6077 {
6078 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6079 }
6080 static DRIVER_ATTR_RO(num_parts);
6081
every_nth_show(struct device_driver * ddp,char * buf)6082 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6083 {
6084 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6085 }
every_nth_store(struct device_driver * ddp,const char * buf,size_t count)6086 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6087 size_t count)
6088 {
6089 int nth;
6090 char work[20];
6091
6092 if (sscanf(buf, "%10s", work) == 1) {
6093 if (strncasecmp(work, "0x", 2) == 0) {
6094 if (kstrtoint(work + 2, 16, &nth) == 0)
6095 goto every_nth_done;
6096 } else {
6097 if (kstrtoint(work, 10, &nth) == 0)
6098 goto every_nth_done;
6099 }
6100 }
6101 return -EINVAL;
6102
6103 every_nth_done:
6104 sdebug_every_nth = nth;
6105 if (nth && !sdebug_statistics) {
6106 pr_info("every_nth needs statistics=1, set it\n");
6107 sdebug_statistics = true;
6108 }
6109 tweak_cmnd_count();
6110 return count;
6111 }
6112 static DRIVER_ATTR_RW(every_nth);
6113
lun_format_show(struct device_driver * ddp,char * buf)6114 static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6115 {
6116 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6117 }
lun_format_store(struct device_driver * ddp,const char * buf,size_t count)6118 static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6119 size_t count)
6120 {
6121 int n;
6122 bool changed;
6123
6124 if (kstrtoint(buf, 0, &n))
6125 return -EINVAL;
6126 if (n >= 0) {
6127 if (n > (int)SAM_LUN_AM_FLAT) {
6128 pr_warn("only LUN address methods 0 and 1 are supported\n");
6129 return -EINVAL;
6130 }
6131 changed = ((int)sdebug_lun_am != n);
6132 sdebug_lun_am = n;
6133 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6134 struct sdebug_host_info *sdhp;
6135 struct sdebug_dev_info *dp;
6136
6137 spin_lock(&sdebug_host_list_lock);
6138 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6139 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6140 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6141 }
6142 }
6143 spin_unlock(&sdebug_host_list_lock);
6144 }
6145 return count;
6146 }
6147 return -EINVAL;
6148 }
6149 static DRIVER_ATTR_RW(lun_format);
6150
max_luns_show(struct device_driver * ddp,char * buf)6151 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6152 {
6153 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6154 }
max_luns_store(struct device_driver * ddp,const char * buf,size_t count)6155 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6156 size_t count)
6157 {
6158 int n;
6159 bool changed;
6160
6161 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6162 if (n > 256) {
6163 pr_warn("max_luns can be no more than 256\n");
6164 return -EINVAL;
6165 }
6166 changed = (sdebug_max_luns != n);
6167 sdebug_max_luns = n;
6168 sdebug_max_tgts_luns();
6169 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6170 struct sdebug_host_info *sdhp;
6171 struct sdebug_dev_info *dp;
6172
6173 spin_lock(&sdebug_host_list_lock);
6174 list_for_each_entry(sdhp, &sdebug_host_list,
6175 host_list) {
6176 list_for_each_entry(dp, &sdhp->dev_info_list,
6177 dev_list) {
6178 set_bit(SDEBUG_UA_LUNS_CHANGED,
6179 dp->uas_bm);
6180 }
6181 }
6182 spin_unlock(&sdebug_host_list_lock);
6183 }
6184 return count;
6185 }
6186 return -EINVAL;
6187 }
6188 static DRIVER_ATTR_RW(max_luns);
6189
max_queue_show(struct device_driver * ddp,char * buf)6190 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6191 {
6192 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6193 }
6194 /* N.B. max_queue can be changed while there are queued commands. In flight
6195 * commands beyond the new max_queue will be completed. */
max_queue_store(struct device_driver * ddp,const char * buf,size_t count)6196 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6197 size_t count)
6198 {
6199 int j, n, k, a;
6200 struct sdebug_queue *sqp;
6201
6202 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6203 (n <= SDEBUG_CANQUEUE) &&
6204 (sdebug_host_max_queue == 0)) {
6205 block_unblock_all_queues(true);
6206 k = 0;
6207 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6208 ++j, ++sqp) {
6209 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
6210 if (a > k)
6211 k = a;
6212 }
6213 sdebug_max_queue = n;
6214 if (k == SDEBUG_CANQUEUE)
6215 atomic_set(&retired_max_queue, 0);
6216 else if (k >= n)
6217 atomic_set(&retired_max_queue, k + 1);
6218 else
6219 atomic_set(&retired_max_queue, 0);
6220 block_unblock_all_queues(false);
6221 return count;
6222 }
6223 return -EINVAL;
6224 }
6225 static DRIVER_ATTR_RW(max_queue);
6226
host_max_queue_show(struct device_driver * ddp,char * buf)6227 static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6228 {
6229 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6230 }
6231
6232 /*
6233 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6234 * in range [0, sdebug_host_max_queue), we can't change it.
6235 */
6236 static DRIVER_ATTR_RO(host_max_queue);
6237
no_uld_show(struct device_driver * ddp,char * buf)6238 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6239 {
6240 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6241 }
6242 static DRIVER_ATTR_RO(no_uld);
6243
scsi_level_show(struct device_driver * ddp,char * buf)6244 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6245 {
6246 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6247 }
6248 static DRIVER_ATTR_RO(scsi_level);
6249
virtual_gb_show(struct device_driver * ddp,char * buf)6250 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6251 {
6252 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6253 }
virtual_gb_store(struct device_driver * ddp,const char * buf,size_t count)6254 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6255 size_t count)
6256 {
6257 int n;
6258 bool changed;
6259
6260 /* Ignore capacity change for ZBC drives for now */
6261 if (sdeb_zbc_in_use)
6262 return -ENOTSUPP;
6263
6264 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6265 changed = (sdebug_virtual_gb != n);
6266 sdebug_virtual_gb = n;
6267 sdebug_capacity = get_sdebug_capacity();
6268 if (changed) {
6269 struct sdebug_host_info *sdhp;
6270 struct sdebug_dev_info *dp;
6271
6272 spin_lock(&sdebug_host_list_lock);
6273 list_for_each_entry(sdhp, &sdebug_host_list,
6274 host_list) {
6275 list_for_each_entry(dp, &sdhp->dev_info_list,
6276 dev_list) {
6277 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6278 dp->uas_bm);
6279 }
6280 }
6281 spin_unlock(&sdebug_host_list_lock);
6282 }
6283 return count;
6284 }
6285 return -EINVAL;
6286 }
6287 static DRIVER_ATTR_RW(virtual_gb);
6288
add_host_show(struct device_driver * ddp,char * buf)6289 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6290 {
6291 /* absolute number of hosts currently active is what is shown */
6292 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6293 }
6294
add_host_store(struct device_driver * ddp,const char * buf,size_t count)6295 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6296 size_t count)
6297 {
6298 bool found;
6299 unsigned long idx;
6300 struct sdeb_store_info *sip;
6301 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6302 int delta_hosts;
6303
6304 if (sscanf(buf, "%d", &delta_hosts) != 1)
6305 return -EINVAL;
6306 if (delta_hosts > 0) {
6307 do {
6308 found = false;
6309 if (want_phs) {
6310 xa_for_each_marked(per_store_ap, idx, sip,
6311 SDEB_XA_NOT_IN_USE) {
6312 sdeb_most_recent_idx = (int)idx;
6313 found = true;
6314 break;
6315 }
6316 if (found) /* re-use case */
6317 sdebug_add_host_helper((int)idx);
6318 else
6319 sdebug_do_add_host(true);
6320 } else {
6321 sdebug_do_add_host(false);
6322 }
6323 } while (--delta_hosts);
6324 } else if (delta_hosts < 0) {
6325 do {
6326 sdebug_do_remove_host(false);
6327 } while (++delta_hosts);
6328 }
6329 return count;
6330 }
6331 static DRIVER_ATTR_RW(add_host);
6332
vpd_use_hostno_show(struct device_driver * ddp,char * buf)6333 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6334 {
6335 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6336 }
vpd_use_hostno_store(struct device_driver * ddp,const char * buf,size_t count)6337 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6338 size_t count)
6339 {
6340 int n;
6341
6342 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6343 sdebug_vpd_use_hostno = n;
6344 return count;
6345 }
6346 return -EINVAL;
6347 }
6348 static DRIVER_ATTR_RW(vpd_use_hostno);
6349
statistics_show(struct device_driver * ddp,char * buf)6350 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6351 {
6352 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6353 }
statistics_store(struct device_driver * ddp,const char * buf,size_t count)6354 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6355 size_t count)
6356 {
6357 int n;
6358
6359 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6360 if (n > 0)
6361 sdebug_statistics = true;
6362 else {
6363 clear_queue_stats();
6364 sdebug_statistics = false;
6365 }
6366 return count;
6367 }
6368 return -EINVAL;
6369 }
6370 static DRIVER_ATTR_RW(statistics);
6371
sector_size_show(struct device_driver * ddp,char * buf)6372 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6373 {
6374 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6375 }
6376 static DRIVER_ATTR_RO(sector_size);
6377
submit_queues_show(struct device_driver * ddp,char * buf)6378 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6379 {
6380 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6381 }
6382 static DRIVER_ATTR_RO(submit_queues);
6383
dix_show(struct device_driver * ddp,char * buf)6384 static ssize_t dix_show(struct device_driver *ddp, char *buf)
6385 {
6386 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
6387 }
6388 static DRIVER_ATTR_RO(dix);
6389
dif_show(struct device_driver * ddp,char * buf)6390 static ssize_t dif_show(struct device_driver *ddp, char *buf)
6391 {
6392 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
6393 }
6394 static DRIVER_ATTR_RO(dif);
6395
guard_show(struct device_driver * ddp,char * buf)6396 static ssize_t guard_show(struct device_driver *ddp, char *buf)
6397 {
6398 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
6399 }
6400 static DRIVER_ATTR_RO(guard);
6401
ato_show(struct device_driver * ddp,char * buf)6402 static ssize_t ato_show(struct device_driver *ddp, char *buf)
6403 {
6404 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
6405 }
6406 static DRIVER_ATTR_RO(ato);
6407
map_show(struct device_driver * ddp,char * buf)6408 static ssize_t map_show(struct device_driver *ddp, char *buf)
6409 {
6410 ssize_t count = 0;
6411
6412 if (!scsi_debug_lbp())
6413 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
6414 sdebug_store_sectors);
6415
6416 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
6417 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
6418
6419 if (sip)
6420 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
6421 (int)map_size, sip->map_storep);
6422 }
6423 buf[count++] = '\n';
6424 buf[count] = '\0';
6425
6426 return count;
6427 }
6428 static DRIVER_ATTR_RO(map);
6429
random_show(struct device_driver * ddp,char * buf)6430 static ssize_t random_show(struct device_driver *ddp, char *buf)
6431 {
6432 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
6433 }
6434
random_store(struct device_driver * ddp,const char * buf,size_t count)6435 static ssize_t random_store(struct device_driver *ddp, const char *buf,
6436 size_t count)
6437 {
6438 bool v;
6439
6440 if (kstrtobool(buf, &v))
6441 return -EINVAL;
6442
6443 sdebug_random = v;
6444 return count;
6445 }
6446 static DRIVER_ATTR_RW(random);
6447
removable_show(struct device_driver * ddp,char * buf)6448 static ssize_t removable_show(struct device_driver *ddp, char *buf)
6449 {
6450 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
6451 }
removable_store(struct device_driver * ddp,const char * buf,size_t count)6452 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
6453 size_t count)
6454 {
6455 int n;
6456
6457 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6458 sdebug_removable = (n > 0);
6459 return count;
6460 }
6461 return -EINVAL;
6462 }
6463 static DRIVER_ATTR_RW(removable);
6464
host_lock_show(struct device_driver * ddp,char * buf)6465 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
6466 {
6467 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
6468 }
6469 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
host_lock_store(struct device_driver * ddp,const char * buf,size_t count)6470 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
6471 size_t count)
6472 {
6473 int n;
6474
6475 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6476 sdebug_host_lock = (n > 0);
6477 return count;
6478 }
6479 return -EINVAL;
6480 }
6481 static DRIVER_ATTR_RW(host_lock);
6482
strict_show(struct device_driver * ddp,char * buf)6483 static ssize_t strict_show(struct device_driver *ddp, char *buf)
6484 {
6485 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
6486 }
strict_store(struct device_driver * ddp,const char * buf,size_t count)6487 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
6488 size_t count)
6489 {
6490 int n;
6491
6492 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6493 sdebug_strict = (n > 0);
6494 return count;
6495 }
6496 return -EINVAL;
6497 }
6498 static DRIVER_ATTR_RW(strict);
6499
uuid_ctl_show(struct device_driver * ddp,char * buf)6500 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
6501 {
6502 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
6503 }
6504 static DRIVER_ATTR_RO(uuid_ctl);
6505
cdb_len_show(struct device_driver * ddp,char * buf)6506 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
6507 {
6508 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
6509 }
cdb_len_store(struct device_driver * ddp,const char * buf,size_t count)6510 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
6511 size_t count)
6512 {
6513 int ret, n;
6514
6515 ret = kstrtoint(buf, 0, &n);
6516 if (ret)
6517 return ret;
6518 sdebug_cdb_len = n;
6519 all_config_cdb_len();
6520 return count;
6521 }
6522 static DRIVER_ATTR_RW(cdb_len);
6523
6524 static const char * const zbc_model_strs_a[] = {
6525 [BLK_ZONED_NONE] = "none",
6526 [BLK_ZONED_HA] = "host-aware",
6527 [BLK_ZONED_HM] = "host-managed",
6528 };
6529
6530 static const char * const zbc_model_strs_b[] = {
6531 [BLK_ZONED_NONE] = "no",
6532 [BLK_ZONED_HA] = "aware",
6533 [BLK_ZONED_HM] = "managed",
6534 };
6535
6536 static const char * const zbc_model_strs_c[] = {
6537 [BLK_ZONED_NONE] = "0",
6538 [BLK_ZONED_HA] = "1",
6539 [BLK_ZONED_HM] = "2",
6540 };
6541
sdeb_zbc_model_str(const char * cp)6542 static int sdeb_zbc_model_str(const char *cp)
6543 {
6544 int res = sysfs_match_string(zbc_model_strs_a, cp);
6545
6546 if (res < 0) {
6547 res = sysfs_match_string(zbc_model_strs_b, cp);
6548 if (res < 0) {
6549 res = sysfs_match_string(zbc_model_strs_c, cp);
6550 if (res < 0)
6551 return -EINVAL;
6552 }
6553 }
6554 return res;
6555 }
6556
zbc_show(struct device_driver * ddp,char * buf)6557 static ssize_t zbc_show(struct device_driver *ddp, char *buf)
6558 {
6559 return scnprintf(buf, PAGE_SIZE, "%s\n",
6560 zbc_model_strs_a[sdeb_zbc_model]);
6561 }
6562 static DRIVER_ATTR_RO(zbc);
6563
tur_ms_to_ready_show(struct device_driver * ddp,char * buf)6564 static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
6565 {
6566 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
6567 }
6568 static DRIVER_ATTR_RO(tur_ms_to_ready);
6569
6570 /* Note: The following array creates attribute files in the
6571 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
6572 files (over those found in the /sys/module/scsi_debug/parameters
6573 directory) is that auxiliary actions can be triggered when an attribute
6574 is changed. For example see: add_host_store() above.
6575 */
6576
6577 static struct attribute *sdebug_drv_attrs[] = {
6578 &driver_attr_delay.attr,
6579 &driver_attr_opts.attr,
6580 &driver_attr_ptype.attr,
6581 &driver_attr_dsense.attr,
6582 &driver_attr_fake_rw.attr,
6583 &driver_attr_host_max_queue.attr,
6584 &driver_attr_no_lun_0.attr,
6585 &driver_attr_num_tgts.attr,
6586 &driver_attr_dev_size_mb.attr,
6587 &driver_attr_num_parts.attr,
6588 &driver_attr_every_nth.attr,
6589 &driver_attr_lun_format.attr,
6590 &driver_attr_max_luns.attr,
6591 &driver_attr_max_queue.attr,
6592 &driver_attr_no_uld.attr,
6593 &driver_attr_scsi_level.attr,
6594 &driver_attr_virtual_gb.attr,
6595 &driver_attr_add_host.attr,
6596 &driver_attr_per_host_store.attr,
6597 &driver_attr_vpd_use_hostno.attr,
6598 &driver_attr_sector_size.attr,
6599 &driver_attr_statistics.attr,
6600 &driver_attr_submit_queues.attr,
6601 &driver_attr_dix.attr,
6602 &driver_attr_dif.attr,
6603 &driver_attr_guard.attr,
6604 &driver_attr_ato.attr,
6605 &driver_attr_map.attr,
6606 &driver_attr_random.attr,
6607 &driver_attr_removable.attr,
6608 &driver_attr_host_lock.attr,
6609 &driver_attr_ndelay.attr,
6610 &driver_attr_strict.attr,
6611 &driver_attr_uuid_ctl.attr,
6612 &driver_attr_cdb_len.attr,
6613 &driver_attr_tur_ms_to_ready.attr,
6614 &driver_attr_zbc.attr,
6615 NULL,
6616 };
6617 ATTRIBUTE_GROUPS(sdebug_drv);
6618
6619 static struct device *pseudo_primary;
6620
scsi_debug_init(void)6621 static int __init scsi_debug_init(void)
6622 {
6623 bool want_store = (sdebug_fake_rw == 0);
6624 unsigned long sz;
6625 int k, ret, hosts_to_add;
6626 int idx = -1;
6627
6628 ramdisk_lck_a[0] = &atomic_rw;
6629 ramdisk_lck_a[1] = &atomic_rw2;
6630 atomic_set(&retired_max_queue, 0);
6631
6632 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
6633 pr_warn("ndelay must be less than 1 second, ignored\n");
6634 sdebug_ndelay = 0;
6635 } else if (sdebug_ndelay > 0)
6636 sdebug_jdelay = JDELAY_OVERRIDDEN;
6637
6638 switch (sdebug_sector_size) {
6639 case 512:
6640 case 1024:
6641 case 2048:
6642 case 4096:
6643 break;
6644 default:
6645 pr_err("invalid sector_size %d\n", sdebug_sector_size);
6646 return -EINVAL;
6647 }
6648
6649 switch (sdebug_dif) {
6650 case T10_PI_TYPE0_PROTECTION:
6651 break;
6652 case T10_PI_TYPE1_PROTECTION:
6653 case T10_PI_TYPE2_PROTECTION:
6654 case T10_PI_TYPE3_PROTECTION:
6655 have_dif_prot = true;
6656 break;
6657
6658 default:
6659 pr_err("dif must be 0, 1, 2 or 3\n");
6660 return -EINVAL;
6661 }
6662
6663 if (sdebug_num_tgts < 0) {
6664 pr_err("num_tgts must be >= 0\n");
6665 return -EINVAL;
6666 }
6667
6668 if (sdebug_guard > 1) {
6669 pr_err("guard must be 0 or 1\n");
6670 return -EINVAL;
6671 }
6672
6673 if (sdebug_ato > 1) {
6674 pr_err("ato must be 0 or 1\n");
6675 return -EINVAL;
6676 }
6677
6678 if (sdebug_physblk_exp > 15) {
6679 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
6680 return -EINVAL;
6681 }
6682
6683 sdebug_lun_am = sdebug_lun_am_i;
6684 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
6685 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
6686 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
6687 }
6688
6689 if (sdebug_max_luns > 256) {
6690 if (sdebug_max_luns > 16384) {
6691 pr_warn("max_luns can be no more than 16384, use default\n");
6692 sdebug_max_luns = DEF_MAX_LUNS;
6693 }
6694 sdebug_lun_am = SAM_LUN_AM_FLAT;
6695 }
6696
6697 if (sdebug_lowest_aligned > 0x3fff) {
6698 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
6699 return -EINVAL;
6700 }
6701
6702 if (submit_queues < 1) {
6703 pr_err("submit_queues must be 1 or more\n");
6704 return -EINVAL;
6705 }
6706
6707 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
6708 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
6709 return -EINVAL;
6710 }
6711
6712 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
6713 (sdebug_host_max_queue < 0)) {
6714 pr_err("host_max_queue must be in range [0 %d]\n",
6715 SDEBUG_CANQUEUE);
6716 return -EINVAL;
6717 }
6718
6719 if (sdebug_host_max_queue &&
6720 (sdebug_max_queue != sdebug_host_max_queue)) {
6721 sdebug_max_queue = sdebug_host_max_queue;
6722 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
6723 sdebug_max_queue);
6724 }
6725
6726 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
6727 GFP_KERNEL);
6728 if (sdebug_q_arr == NULL)
6729 return -ENOMEM;
6730 for (k = 0; k < submit_queues; ++k)
6731 spin_lock_init(&sdebug_q_arr[k].qc_lock);
6732
6733 /*
6734 * check for host managed zoned block device specified with
6735 * ptype=0x14 or zbc=XXX.
6736 */
6737 if (sdebug_ptype == TYPE_ZBC) {
6738 sdeb_zbc_model = BLK_ZONED_HM;
6739 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
6740 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
6741 if (k < 0) {
6742 ret = k;
6743 goto free_vm;
6744 }
6745 sdeb_zbc_model = k;
6746 switch (sdeb_zbc_model) {
6747 case BLK_ZONED_NONE:
6748 case BLK_ZONED_HA:
6749 sdebug_ptype = TYPE_DISK;
6750 break;
6751 case BLK_ZONED_HM:
6752 sdebug_ptype = TYPE_ZBC;
6753 break;
6754 default:
6755 pr_err("Invalid ZBC model\n");
6756 return -EINVAL;
6757 }
6758 }
6759 if (sdeb_zbc_model != BLK_ZONED_NONE) {
6760 sdeb_zbc_in_use = true;
6761 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6762 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
6763 }
6764
6765 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6766 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
6767 if (sdebug_dev_size_mb < 1)
6768 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
6769 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6770 sdebug_store_sectors = sz / sdebug_sector_size;
6771 sdebug_capacity = get_sdebug_capacity();
6772
6773 /* play around with geometry, don't waste too much on track 0 */
6774 sdebug_heads = 8;
6775 sdebug_sectors_per = 32;
6776 if (sdebug_dev_size_mb >= 256)
6777 sdebug_heads = 64;
6778 else if (sdebug_dev_size_mb >= 16)
6779 sdebug_heads = 32;
6780 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6781 (sdebug_sectors_per * sdebug_heads);
6782 if (sdebug_cylinders_per >= 1024) {
6783 /* other LLDs do this; implies >= 1GB ram disk ... */
6784 sdebug_heads = 255;
6785 sdebug_sectors_per = 63;
6786 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6787 (sdebug_sectors_per * sdebug_heads);
6788 }
6789 if (scsi_debug_lbp()) {
6790 sdebug_unmap_max_blocks =
6791 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
6792
6793 sdebug_unmap_max_desc =
6794 clamp(sdebug_unmap_max_desc, 0U, 256U);
6795
6796 sdebug_unmap_granularity =
6797 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
6798
6799 if (sdebug_unmap_alignment &&
6800 sdebug_unmap_granularity <=
6801 sdebug_unmap_alignment) {
6802 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
6803 ret = -EINVAL;
6804 goto free_q_arr;
6805 }
6806 }
6807 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
6808 if (want_store) {
6809 idx = sdebug_add_store();
6810 if (idx < 0) {
6811 ret = idx;
6812 goto free_q_arr;
6813 }
6814 }
6815
6816 pseudo_primary = root_device_register("pseudo_0");
6817 if (IS_ERR(pseudo_primary)) {
6818 pr_warn("root_device_register() error\n");
6819 ret = PTR_ERR(pseudo_primary);
6820 goto free_vm;
6821 }
6822 ret = bus_register(&pseudo_lld_bus);
6823 if (ret < 0) {
6824 pr_warn("bus_register error: %d\n", ret);
6825 goto dev_unreg;
6826 }
6827 ret = driver_register(&sdebug_driverfs_driver);
6828 if (ret < 0) {
6829 pr_warn("driver_register error: %d\n", ret);
6830 goto bus_unreg;
6831 }
6832
6833 hosts_to_add = sdebug_add_host;
6834 sdebug_add_host = 0;
6835
6836 for (k = 0; k < hosts_to_add; k++) {
6837 if (want_store && k == 0) {
6838 ret = sdebug_add_host_helper(idx);
6839 if (ret < 0) {
6840 pr_err("add_host_helper k=%d, error=%d\n",
6841 k, -ret);
6842 break;
6843 }
6844 } else {
6845 ret = sdebug_do_add_host(want_store &&
6846 sdebug_per_host_store);
6847 if (ret < 0) {
6848 pr_err("add_host k=%d error=%d\n", k, -ret);
6849 break;
6850 }
6851 }
6852 }
6853 if (sdebug_verbose)
6854 pr_info("built %d host(s)\n", sdebug_num_hosts);
6855
6856 return 0;
6857
6858 bus_unreg:
6859 bus_unregister(&pseudo_lld_bus);
6860 dev_unreg:
6861 root_device_unregister(pseudo_primary);
6862 free_vm:
6863 sdebug_erase_store(idx, NULL);
6864 free_q_arr:
6865 kfree(sdebug_q_arr);
6866 return ret;
6867 }
6868
scsi_debug_exit(void)6869 static void __exit scsi_debug_exit(void)
6870 {
6871 int k = sdebug_num_hosts;
6872
6873 stop_all_queued();
6874 for (; k; k--)
6875 sdebug_do_remove_host(true);
6876 free_all_queued();
6877 driver_unregister(&sdebug_driverfs_driver);
6878 bus_unregister(&pseudo_lld_bus);
6879 root_device_unregister(pseudo_primary);
6880
6881 sdebug_erase_all_stores(false);
6882 xa_destroy(per_store_ap);
6883 }
6884
6885 device_initcall(scsi_debug_init);
6886 module_exit(scsi_debug_exit);
6887
sdebug_release_adapter(struct device * dev)6888 static void sdebug_release_adapter(struct device *dev)
6889 {
6890 struct sdebug_host_info *sdbg_host;
6891
6892 sdbg_host = to_sdebug_host(dev);
6893 kfree(sdbg_host);
6894 }
6895
6896 /* idx must be valid, if sip is NULL then it will be obtained using idx */
sdebug_erase_store(int idx,struct sdeb_store_info * sip)6897 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
6898 {
6899 if (idx < 0)
6900 return;
6901 if (!sip) {
6902 if (xa_empty(per_store_ap))
6903 return;
6904 sip = xa_load(per_store_ap, idx);
6905 if (!sip)
6906 return;
6907 }
6908 vfree(sip->map_storep);
6909 vfree(sip->dif_storep);
6910 vfree(sip->storep);
6911 xa_erase(per_store_ap, idx);
6912 kfree(sip);
6913 }
6914
6915 /* Assume apart_from_first==false only in shutdown case. */
sdebug_erase_all_stores(bool apart_from_first)6916 static void sdebug_erase_all_stores(bool apart_from_first)
6917 {
6918 unsigned long idx;
6919 struct sdeb_store_info *sip = NULL;
6920
6921 xa_for_each(per_store_ap, idx, sip) {
6922 if (apart_from_first)
6923 apart_from_first = false;
6924 else
6925 sdebug_erase_store(idx, sip);
6926 }
6927 if (apart_from_first)
6928 sdeb_most_recent_idx = sdeb_first_idx;
6929 }
6930
6931 /*
6932 * Returns store xarray new element index (idx) if >=0 else negated errno.
6933 * Limit the number of stores to 65536.
6934 */
sdebug_add_store(void)6935 static int sdebug_add_store(void)
6936 {
6937 int res;
6938 u32 n_idx;
6939 unsigned long iflags;
6940 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6941 struct sdeb_store_info *sip = NULL;
6942 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
6943
6944 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
6945 if (!sip)
6946 return -ENOMEM;
6947
6948 xa_lock_irqsave(per_store_ap, iflags);
6949 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
6950 if (unlikely(res < 0)) {
6951 xa_unlock_irqrestore(per_store_ap, iflags);
6952 kfree(sip);
6953 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
6954 return res;
6955 }
6956 sdeb_most_recent_idx = n_idx;
6957 if (sdeb_first_idx < 0)
6958 sdeb_first_idx = n_idx;
6959 xa_unlock_irqrestore(per_store_ap, iflags);
6960
6961 res = -ENOMEM;
6962 sip->storep = vzalloc(sz);
6963 if (!sip->storep) {
6964 pr_err("user data oom\n");
6965 goto err;
6966 }
6967 if (sdebug_num_parts > 0)
6968 sdebug_build_parts(sip->storep, sz);
6969
6970 /* DIF/DIX: what T10 calls Protection Information (PI) */
6971 if (sdebug_dix) {
6972 int dif_size;
6973
6974 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
6975 sip->dif_storep = vmalloc(dif_size);
6976
6977 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
6978 sip->dif_storep);
6979
6980 if (!sip->dif_storep) {
6981 pr_err("DIX oom\n");
6982 goto err;
6983 }
6984 memset(sip->dif_storep, 0xff, dif_size);
6985 }
6986 /* Logical Block Provisioning */
6987 if (scsi_debug_lbp()) {
6988 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
6989 sip->map_storep = vmalloc(array_size(sizeof(long),
6990 BITS_TO_LONGS(map_size)));
6991
6992 pr_info("%lu provisioning blocks\n", map_size);
6993
6994 if (!sip->map_storep) {
6995 pr_err("LBP map oom\n");
6996 goto err;
6997 }
6998
6999 bitmap_zero(sip->map_storep, map_size);
7000
7001 /* Map first 1KB for partition table */
7002 if (sdebug_num_parts)
7003 map_region(sip, 0, 2);
7004 }
7005
7006 rwlock_init(&sip->macc_lck);
7007 return (int)n_idx;
7008 err:
7009 sdebug_erase_store((int)n_idx, sip);
7010 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7011 return res;
7012 }
7013
sdebug_add_host_helper(int per_host_idx)7014 static int sdebug_add_host_helper(int per_host_idx)
7015 {
7016 int k, devs_per_host, idx;
7017 int error = -ENOMEM;
7018 struct sdebug_host_info *sdbg_host;
7019 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7020
7021 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7022 if (!sdbg_host)
7023 return -ENOMEM;
7024 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7025 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7026 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7027 sdbg_host->si_idx = idx;
7028
7029 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7030
7031 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7032 for (k = 0; k < devs_per_host; k++) {
7033 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7034 if (!sdbg_devinfo)
7035 goto clean;
7036 }
7037
7038 spin_lock(&sdebug_host_list_lock);
7039 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7040 spin_unlock(&sdebug_host_list_lock);
7041
7042 sdbg_host->dev.bus = &pseudo_lld_bus;
7043 sdbg_host->dev.parent = pseudo_primary;
7044 sdbg_host->dev.release = &sdebug_release_adapter;
7045 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7046
7047 error = device_register(&sdbg_host->dev);
7048 if (error)
7049 goto clean;
7050
7051 ++sdebug_num_hosts;
7052 return 0;
7053
7054 clean:
7055 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7056 dev_list) {
7057 list_del(&sdbg_devinfo->dev_list);
7058 kfree(sdbg_devinfo->zstate);
7059 kfree(sdbg_devinfo);
7060 }
7061 kfree(sdbg_host);
7062 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7063 return error;
7064 }
7065
sdebug_do_add_host(bool mk_new_store)7066 static int sdebug_do_add_host(bool mk_new_store)
7067 {
7068 int ph_idx = sdeb_most_recent_idx;
7069
7070 if (mk_new_store) {
7071 ph_idx = sdebug_add_store();
7072 if (ph_idx < 0)
7073 return ph_idx;
7074 }
7075 return sdebug_add_host_helper(ph_idx);
7076 }
7077
sdebug_do_remove_host(bool the_end)7078 static void sdebug_do_remove_host(bool the_end)
7079 {
7080 int idx = -1;
7081 struct sdebug_host_info *sdbg_host = NULL;
7082 struct sdebug_host_info *sdbg_host2;
7083
7084 spin_lock(&sdebug_host_list_lock);
7085 if (!list_empty(&sdebug_host_list)) {
7086 sdbg_host = list_entry(sdebug_host_list.prev,
7087 struct sdebug_host_info, host_list);
7088 idx = sdbg_host->si_idx;
7089 }
7090 if (!the_end && idx >= 0) {
7091 bool unique = true;
7092
7093 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7094 if (sdbg_host2 == sdbg_host)
7095 continue;
7096 if (idx == sdbg_host2->si_idx) {
7097 unique = false;
7098 break;
7099 }
7100 }
7101 if (unique) {
7102 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7103 if (idx == sdeb_most_recent_idx)
7104 --sdeb_most_recent_idx;
7105 }
7106 }
7107 if (sdbg_host)
7108 list_del(&sdbg_host->host_list);
7109 spin_unlock(&sdebug_host_list_lock);
7110
7111 if (!sdbg_host)
7112 return;
7113
7114 device_unregister(&sdbg_host->dev);
7115 --sdebug_num_hosts;
7116 }
7117
sdebug_change_qdepth(struct scsi_device * sdev,int qdepth)7118 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7119 {
7120 int num_in_q = 0;
7121 struct sdebug_dev_info *devip;
7122
7123 block_unblock_all_queues(true);
7124 devip = (struct sdebug_dev_info *)sdev->hostdata;
7125 if (NULL == devip) {
7126 block_unblock_all_queues(false);
7127 return -ENODEV;
7128 }
7129 num_in_q = atomic_read(&devip->num_in_q);
7130
7131 if (qdepth < 1)
7132 qdepth = 1;
7133 /* allow to exceed max host qc_arr elements for testing */
7134 if (qdepth > SDEBUG_CANQUEUE + 10)
7135 qdepth = SDEBUG_CANQUEUE + 10;
7136 scsi_change_queue_depth(sdev, qdepth);
7137
7138 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
7139 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
7140 __func__, qdepth, num_in_q);
7141 }
7142 block_unblock_all_queues(false);
7143 return sdev->queue_depth;
7144 }
7145
fake_timeout(struct scsi_cmnd * scp)7146 static bool fake_timeout(struct scsi_cmnd *scp)
7147 {
7148 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7149 if (sdebug_every_nth < -1)
7150 sdebug_every_nth = -1;
7151 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7152 return true; /* ignore command causing timeout */
7153 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7154 scsi_medium_access_command(scp))
7155 return true; /* time out reads and writes */
7156 }
7157 return false;
7158 }
7159
7160 /* Response to TUR or media access command when device stopped */
resp_not_ready(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)7161 static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7162 {
7163 int stopped_state;
7164 u64 diff_ns = 0;
7165 ktime_t now_ts = ktime_get_boottime();
7166 struct scsi_device *sdp = scp->device;
7167
7168 stopped_state = atomic_read(&devip->stopped);
7169 if (stopped_state == 2) {
7170 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7171 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7172 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7173 /* tur_ms_to_ready timer extinguished */
7174 atomic_set(&devip->stopped, 0);
7175 return 0;
7176 }
7177 }
7178 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7179 if (sdebug_verbose)
7180 sdev_printk(KERN_INFO, sdp,
7181 "%s: Not ready: in process of becoming ready\n", my_name);
7182 if (scp->cmnd[0] == TEST_UNIT_READY) {
7183 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7184
7185 if (diff_ns <= tur_nanosecs_to_ready)
7186 diff_ns = tur_nanosecs_to_ready - diff_ns;
7187 else
7188 diff_ns = tur_nanosecs_to_ready;
7189 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7190 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7191 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7192 diff_ns);
7193 return check_condition_result;
7194 }
7195 }
7196 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7197 if (sdebug_verbose)
7198 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7199 my_name);
7200 return check_condition_result;
7201 }
7202
scsi_debug_queuecommand(struct Scsi_Host * shost,struct scsi_cmnd * scp)7203 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
7204 struct scsi_cmnd *scp)
7205 {
7206 u8 sdeb_i;
7207 struct scsi_device *sdp = scp->device;
7208 const struct opcode_info_t *oip;
7209 const struct opcode_info_t *r_oip;
7210 struct sdebug_dev_info *devip;
7211 u8 *cmd = scp->cmnd;
7212 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
7213 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
7214 int k, na;
7215 int errsts = 0;
7216 u64 lun_index = sdp->lun & 0x3FFF;
7217 u32 flags;
7218 u16 sa;
7219 u8 opcode = cmd[0];
7220 bool has_wlun_rl;
7221 bool inject_now;
7222
7223 scsi_set_resid(scp, 0);
7224 if (sdebug_statistics) {
7225 atomic_inc(&sdebug_cmnd_count);
7226 inject_now = inject_on_this_cmd();
7227 } else {
7228 inject_now = false;
7229 }
7230 if (unlikely(sdebug_verbose &&
7231 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
7232 char b[120];
7233 int n, len, sb;
7234
7235 len = scp->cmd_len;
7236 sb = (int)sizeof(b);
7237 if (len > 32)
7238 strcpy(b, "too long, over 32 bytes");
7239 else {
7240 for (k = 0, n = 0; k < len && n < sb; ++k)
7241 n += scnprintf(b + n, sb - n, "%02x ",
7242 (u32)cmd[k]);
7243 }
7244 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
7245 blk_mq_unique_tag(scp->request), b);
7246 }
7247 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
7248 return SCSI_MLQUEUE_HOST_BUSY;
7249 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
7250 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
7251 goto err_out;
7252
7253 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
7254 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
7255 devip = (struct sdebug_dev_info *)sdp->hostdata;
7256 if (unlikely(!devip)) {
7257 devip = find_build_dev_info(sdp);
7258 if (NULL == devip)
7259 goto err_out;
7260 }
7261 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
7262 atomic_set(&sdeb_inject_pending, 1);
7263
7264 na = oip->num_attached;
7265 r_pfp = oip->pfp;
7266 if (na) { /* multiple commands with this opcode */
7267 r_oip = oip;
7268 if (FF_SA & r_oip->flags) {
7269 if (F_SA_LOW & oip->flags)
7270 sa = 0x1f & cmd[1];
7271 else
7272 sa = get_unaligned_be16(cmd + 8);
7273 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7274 if (opcode == oip->opcode && sa == oip->sa)
7275 break;
7276 }
7277 } else { /* since no service action only check opcode */
7278 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7279 if (opcode == oip->opcode)
7280 break;
7281 }
7282 }
7283 if (k > na) {
7284 if (F_SA_LOW & r_oip->flags)
7285 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
7286 else if (F_SA_HIGH & r_oip->flags)
7287 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
7288 else
7289 mk_sense_invalid_opcode(scp);
7290 goto check_cond;
7291 }
7292 } /* else (when na==0) we assume the oip is a match */
7293 flags = oip->flags;
7294 if (unlikely(F_INV_OP & flags)) {
7295 mk_sense_invalid_opcode(scp);
7296 goto check_cond;
7297 }
7298 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
7299 if (sdebug_verbose)
7300 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
7301 my_name, opcode, " supported for wlun");
7302 mk_sense_invalid_opcode(scp);
7303 goto check_cond;
7304 }
7305 if (unlikely(sdebug_strict)) { /* check cdb against mask */
7306 u8 rem;
7307 int j;
7308
7309 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
7310 rem = ~oip->len_mask[k] & cmd[k];
7311 if (rem) {
7312 for (j = 7; j >= 0; --j, rem <<= 1) {
7313 if (0x80 & rem)
7314 break;
7315 }
7316 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
7317 goto check_cond;
7318 }
7319 }
7320 }
7321 if (unlikely(!(F_SKIP_UA & flags) &&
7322 find_first_bit(devip->uas_bm,
7323 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
7324 errsts = make_ua(scp, devip);
7325 if (errsts)
7326 goto check_cond;
7327 }
7328 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
7329 atomic_read(&devip->stopped))) {
7330 errsts = resp_not_ready(scp, devip);
7331 if (errsts)
7332 goto fini;
7333 }
7334 if (sdebug_fake_rw && (F_FAKE_RW & flags))
7335 goto fini;
7336 if (unlikely(sdebug_every_nth)) {
7337 if (fake_timeout(scp))
7338 return 0; /* ignore command: make trouble */
7339 }
7340 if (likely(oip->pfp))
7341 pfp = oip->pfp; /* calls a resp_* function */
7342 else
7343 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
7344
7345 fini:
7346 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
7347 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
7348 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
7349 sdebug_ndelay > 10000)) {
7350 /*
7351 * Skip long delays if ndelay <= 10 microseconds. Otherwise
7352 * for Start Stop Unit (SSU) want at least 1 second delay and
7353 * if sdebug_jdelay>1 want a long delay of that many seconds.
7354 * For Synchronize Cache want 1/20 of SSU's delay.
7355 */
7356 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
7357 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
7358
7359 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
7360 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
7361 } else
7362 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
7363 sdebug_ndelay);
7364 check_cond:
7365 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
7366 err_out:
7367 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
7368 }
7369
7370 static struct scsi_host_template sdebug_driver_template = {
7371 .show_info = scsi_debug_show_info,
7372 .write_info = scsi_debug_write_info,
7373 .proc_name = sdebug_proc_name,
7374 .name = "SCSI DEBUG",
7375 .info = scsi_debug_info,
7376 .slave_alloc = scsi_debug_slave_alloc,
7377 .slave_configure = scsi_debug_slave_configure,
7378 .slave_destroy = scsi_debug_slave_destroy,
7379 .ioctl = scsi_debug_ioctl,
7380 .queuecommand = scsi_debug_queuecommand,
7381 .change_queue_depth = sdebug_change_qdepth,
7382 .eh_abort_handler = scsi_debug_abort,
7383 .eh_device_reset_handler = scsi_debug_device_reset,
7384 .eh_target_reset_handler = scsi_debug_target_reset,
7385 .eh_bus_reset_handler = scsi_debug_bus_reset,
7386 .eh_host_reset_handler = scsi_debug_host_reset,
7387 .can_queue = SDEBUG_CANQUEUE,
7388 .this_id = 7,
7389 .sg_tablesize = SG_MAX_SEGMENTS,
7390 .cmd_per_lun = DEF_CMD_PER_LUN,
7391 .max_sectors = -1U,
7392 .max_segment_size = -1U,
7393 .module = THIS_MODULE,
7394 .track_queue_depth = 1,
7395 };
7396
sdebug_driver_probe(struct device * dev)7397 static int sdebug_driver_probe(struct device *dev)
7398 {
7399 int error = 0;
7400 struct sdebug_host_info *sdbg_host;
7401 struct Scsi_Host *hpnt;
7402 int hprot;
7403
7404 sdbg_host = to_sdebug_host(dev);
7405
7406 sdebug_driver_template.can_queue = sdebug_max_queue;
7407 if (!sdebug_clustering)
7408 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
7409
7410 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
7411 if (NULL == hpnt) {
7412 pr_err("scsi_host_alloc failed\n");
7413 error = -ENODEV;
7414 return error;
7415 }
7416 if (submit_queues > nr_cpu_ids) {
7417 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
7418 my_name, submit_queues, nr_cpu_ids);
7419 submit_queues = nr_cpu_ids;
7420 }
7421 /*
7422 * Decide whether to tell scsi subsystem that we want mq. The
7423 * following should give the same answer for each host.
7424 */
7425 hpnt->nr_hw_queues = submit_queues;
7426 if (sdebug_host_max_queue)
7427 hpnt->host_tagset = 1;
7428
7429 sdbg_host->shost = hpnt;
7430 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
7431 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
7432 hpnt->max_id = sdebug_num_tgts + 1;
7433 else
7434 hpnt->max_id = sdebug_num_tgts;
7435 /* = sdebug_max_luns; */
7436 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
7437
7438 hprot = 0;
7439
7440 switch (sdebug_dif) {
7441
7442 case T10_PI_TYPE1_PROTECTION:
7443 hprot = SHOST_DIF_TYPE1_PROTECTION;
7444 if (sdebug_dix)
7445 hprot |= SHOST_DIX_TYPE1_PROTECTION;
7446 break;
7447
7448 case T10_PI_TYPE2_PROTECTION:
7449 hprot = SHOST_DIF_TYPE2_PROTECTION;
7450 if (sdebug_dix)
7451 hprot |= SHOST_DIX_TYPE2_PROTECTION;
7452 break;
7453
7454 case T10_PI_TYPE3_PROTECTION:
7455 hprot = SHOST_DIF_TYPE3_PROTECTION;
7456 if (sdebug_dix)
7457 hprot |= SHOST_DIX_TYPE3_PROTECTION;
7458 break;
7459
7460 default:
7461 if (sdebug_dix)
7462 hprot |= SHOST_DIX_TYPE0_PROTECTION;
7463 break;
7464 }
7465
7466 scsi_host_set_prot(hpnt, hprot);
7467
7468 if (have_dif_prot || sdebug_dix)
7469 pr_info("host protection%s%s%s%s%s%s%s\n",
7470 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
7471 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
7472 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
7473 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
7474 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
7475 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
7476 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
7477
7478 if (sdebug_guard == 1)
7479 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
7480 else
7481 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
7482
7483 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
7484 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
7485 if (sdebug_every_nth) /* need stats counters for every_nth */
7486 sdebug_statistics = true;
7487 error = scsi_add_host(hpnt, &sdbg_host->dev);
7488 if (error) {
7489 pr_err("scsi_add_host failed\n");
7490 error = -ENODEV;
7491 scsi_host_put(hpnt);
7492 } else {
7493 scsi_scan_host(hpnt);
7494 }
7495
7496 return error;
7497 }
7498
sdebug_driver_remove(struct device * dev)7499 static int sdebug_driver_remove(struct device *dev)
7500 {
7501 struct sdebug_host_info *sdbg_host;
7502 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7503
7504 sdbg_host = to_sdebug_host(dev);
7505
7506 if (!sdbg_host) {
7507 pr_err("Unable to locate host info\n");
7508 return -ENODEV;
7509 }
7510
7511 scsi_remove_host(sdbg_host->shost);
7512
7513 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7514 dev_list) {
7515 list_del(&sdbg_devinfo->dev_list);
7516 kfree(sdbg_devinfo->zstate);
7517 kfree(sdbg_devinfo);
7518 }
7519
7520 scsi_host_put(sdbg_host->shost);
7521 return 0;
7522 }
7523
pseudo_lld_bus_match(struct device * dev,struct device_driver * dev_driver)7524 static int pseudo_lld_bus_match(struct device *dev,
7525 struct device_driver *dev_driver)
7526 {
7527 return 1;
7528 }
7529
7530 static struct bus_type pseudo_lld_bus = {
7531 .name = "pseudo",
7532 .match = pseudo_lld_bus_match,
7533 .probe = sdebug_driver_probe,
7534 .remove = sdebug_driver_remove,
7535 .drv_groups = sdebug_drv_groups,
7536 };
7537