Loading...
1/*
2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
8 *
9 * Copyright (C) 2001 - 2016 Douglas Gilbert
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2, or (at your option)
14 * any later version.
15 *
16 * For documentation see http://sg.danny.cz/sg/sdebug26.html
17 *
18 */
19
20
21#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
22
23#include <linux/module.h>
24
25#include <linux/kernel.h>
26#include <linux/errno.h>
27#include <linux/jiffies.h>
28#include <linux/slab.h>
29#include <linux/types.h>
30#include <linux/string.h>
31#include <linux/genhd.h>
32#include <linux/fs.h>
33#include <linux/init.h>
34#include <linux/proc_fs.h>
35#include <linux/vmalloc.h>
36#include <linux/moduleparam.h>
37#include <linux/scatterlist.h>
38#include <linux/blkdev.h>
39#include <linux/crc-t10dif.h>
40#include <linux/spinlock.h>
41#include <linux/interrupt.h>
42#include <linux/atomic.h>
43#include <linux/hrtimer.h>
44#include <linux/uuid.h>
45#include <linux/t10-pi.h>
46
47#include <net/checksum.h>
48
49#include <asm/unaligned.h>
50
51#include <scsi/scsi.h>
52#include <scsi/scsi_cmnd.h>
53#include <scsi/scsi_device.h>
54#include <scsi/scsi_host.h>
55#include <scsi/scsicam.h>
56#include <scsi/scsi_eh.h>
57#include <scsi/scsi_tcq.h>
58#include <scsi/scsi_dbg.h>
59
60#include "sd.h"
61#include "scsi_logging.h"
62
63/* make sure inq_product_rev string corresponds to this version */
64#define SDEBUG_VERSION "1.86"
65static const char *sdebug_version_date = "20160430";
66
67#define MY_NAME "scsi_debug"
68
69/* Additional Sense Code (ASC) */
70#define NO_ADDITIONAL_SENSE 0x0
71#define LOGICAL_UNIT_NOT_READY 0x4
72#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73#define UNRECOVERED_READ_ERR 0x11
74#define PARAMETER_LIST_LENGTH_ERR 0x1a
75#define INVALID_OPCODE 0x20
76#define LBA_OUT_OF_RANGE 0x21
77#define INVALID_FIELD_IN_CDB 0x24
78#define INVALID_FIELD_IN_PARAM_LIST 0x26
79#define UA_RESET_ASC 0x29
80#define UA_CHANGED_ASC 0x2a
81#define TARGET_CHANGED_ASC 0x3f
82#define LUNS_CHANGED_ASCQ 0x0e
83#define INSUFF_RES_ASC 0x55
84#define INSUFF_RES_ASCQ 0x3
85#define POWER_ON_RESET_ASCQ 0x0
86#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88#define CAPACITY_CHANGED_ASCQ 0x9
89#define SAVING_PARAMS_UNSUP 0x39
90#define TRANSPORT_PROBLEM 0x4b
91#define THRESHOLD_EXCEEDED 0x5d
92#define LOW_POWER_COND_ON 0x5e
93#define MISCOMPARE_VERIFY_ASC 0x1d
94#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96
97/* Additional Sense Code Qualifier (ASCQ) */
98#define ACK_NAK_TO 0x3
99
100/* Default values for driver parameters */
101#define DEF_NUM_HOST 1
102#define DEF_NUM_TGTS 1
103#define DEF_MAX_LUNS 1
104/* With these defaults, this driver will make 1 host with 1 target
105 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
106 */
107#define DEF_ATO 1
108#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
109#define DEF_DEV_SIZE_MB 8
110#define DEF_DIF 0
111#define DEF_DIX 0
112#define DEF_D_SENSE 0
113#define DEF_EVERY_NTH 0
114#define DEF_FAKE_RW 0
115#define DEF_GUARD 0
116#define DEF_HOST_LOCK 0
117#define DEF_LBPU 0
118#define DEF_LBPWS 0
119#define DEF_LBPWS10 0
120#define DEF_LBPRZ 1
121#define DEF_LOWEST_ALIGNED 0
122#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
123#define DEF_NO_LUN_0 0
124#define DEF_NUM_PARTS 0
125#define DEF_OPTS 0
126#define DEF_OPT_BLKS 1024
127#define DEF_PHYSBLK_EXP 0
128#define DEF_PTYPE TYPE_DISK
129#define DEF_REMOVABLE false
130#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
131#define DEF_SECTOR_SIZE 512
132#define DEF_UNMAP_ALIGNMENT 0
133#define DEF_UNMAP_GRANULARITY 1
134#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
135#define DEF_UNMAP_MAX_DESC 256
136#define DEF_VIRTUAL_GB 0
137#define DEF_VPD_USE_HOSTNO 1
138#define DEF_WRITESAME_LENGTH 0xFFFF
139#define DEF_STRICT 0
140#define DEF_STATISTICS false
141#define DEF_SUBMIT_QUEUES 1
142#define DEF_UUID_CTL 0
143#define JDELAY_OVERRIDDEN -9999
144
145#define SDEBUG_LUN_0_VAL 0
146
147/* bit mask values for sdebug_opts */
148#define SDEBUG_OPT_NOISE 1
149#define SDEBUG_OPT_MEDIUM_ERR 2
150#define SDEBUG_OPT_TIMEOUT 4
151#define SDEBUG_OPT_RECOVERED_ERR 8
152#define SDEBUG_OPT_TRANSPORT_ERR 16
153#define SDEBUG_OPT_DIF_ERR 32
154#define SDEBUG_OPT_DIX_ERR 64
155#define SDEBUG_OPT_MAC_TIMEOUT 128
156#define SDEBUG_OPT_SHORT_TRANSFER 0x100
157#define SDEBUG_OPT_Q_NOISE 0x200
158#define SDEBUG_OPT_ALL_TSF 0x400
159#define SDEBUG_OPT_RARE_TSF 0x800
160#define SDEBUG_OPT_N_WCE 0x1000
161#define SDEBUG_OPT_RESET_NOISE 0x2000
162#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
163#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
164 SDEBUG_OPT_RESET_NOISE)
165#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
166 SDEBUG_OPT_TRANSPORT_ERR | \
167 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
168 SDEBUG_OPT_SHORT_TRANSFER)
169/* When "every_nth" > 0 then modulo "every_nth" commands:
170 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
171 * - a RECOVERED_ERROR is simulated on successful read and write
172 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
173 * - a TRANSPORT_ERROR is simulated on successful read and write
174 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
175 *
176 * When "every_nth" < 0 then after "- every_nth" commands:
177 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
178 * - a RECOVERED_ERROR is simulated on successful read and write
179 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
180 * - a TRANSPORT_ERROR is simulated on successful read and write
181 * commands if _DEBUG_OPT_TRANSPORT_ERR is set.
182 * This will continue on every subsequent command until some other action
183 * occurs (e.g. the user * writing a new value (other than -1 or 1) to
184 * every_nth via sysfs).
185 */
186
187/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
188 * priority order. In the subset implemented here lower numbers have higher
189 * priority. The UA numbers should be a sequence starting from 0 with
190 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
191#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
192#define SDEBUG_UA_BUS_RESET 1
193#define SDEBUG_UA_MODE_CHANGED 2
194#define SDEBUG_UA_CAPACITY_CHANGED 3
195#define SDEBUG_UA_LUNS_CHANGED 4
196#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
197#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
198#define SDEBUG_NUM_UAS 7
199
200/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
201 * sector on read commands: */
202#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
203#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
204
205/* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
206 * or "peripheral device" addressing (value 0) */
207#define SAM2_LUN_ADDRESS_METHOD 0
208
209/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
210 * (for response) per submit queue at one time. Can be reduced by max_queue
211 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
212 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
213 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
214 * but cannot exceed SDEBUG_CANQUEUE .
215 */
216#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
217#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
218#define DEF_CMD_PER_LUN 255
219
220#define F_D_IN 1
221#define F_D_OUT 2
222#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
223#define F_D_UNKN 8
224#define F_RL_WLUN_OK 0x10
225#define F_SKIP_UA 0x20
226#define F_DELAY_OVERR 0x40
227#define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
228#define F_SA_HIGH 0x100 /* as used by variable length cdbs */
229#define F_INV_OP 0x200
230#define F_FAKE_RW 0x400
231#define F_M_ACCESS 0x800 /* media access */
232
233#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
234#define FF_DIRECT_IO (F_M_ACCESS | F_FAKE_RW)
235#define FF_SA (F_SA_HIGH | F_SA_LOW)
236
237#define SDEBUG_MAX_PARTS 4
238
239#define SDEBUG_MAX_CMD_LEN 32
240
241
242struct sdebug_dev_info {
243 struct list_head dev_list;
244 unsigned int channel;
245 unsigned int target;
246 u64 lun;
247 uuid_be lu_name;
248 struct sdebug_host_info *sdbg_host;
249 unsigned long uas_bm[1];
250 atomic_t num_in_q;
251 atomic_t stopped;
252 bool used;
253};
254
255struct sdebug_host_info {
256 struct list_head host_list;
257 struct Scsi_Host *shost;
258 struct device dev;
259 struct list_head dev_info_list;
260};
261
262#define to_sdebug_host(d) \
263 container_of(d, struct sdebug_host_info, dev)
264
265struct sdebug_defer {
266 struct hrtimer hrt;
267 struct execute_work ew;
268 int sqa_idx; /* index of sdebug_queue array */
269 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
270 int issuing_cpu;
271};
272
273struct sdebug_queued_cmd {
274 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
275 * instance indicates this slot is in use.
276 */
277 struct sdebug_defer *sd_dp;
278 struct scsi_cmnd *a_cmnd;
279 unsigned int inj_recovered:1;
280 unsigned int inj_transport:1;
281 unsigned int inj_dif:1;
282 unsigned int inj_dix:1;
283 unsigned int inj_short:1;
284};
285
286struct sdebug_queue {
287 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
288 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
289 spinlock_t qc_lock;
290 atomic_t blocked; /* to temporarily stop more being queued */
291};
292
293static atomic_t sdebug_cmnd_count; /* number of incoming commands */
294static atomic_t sdebug_completions; /* count of deferred completions */
295static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
296static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
297
298struct opcode_info_t {
299 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
300 /* for terminating element */
301 u8 opcode; /* if num_attached > 0, preferred */
302 u16 sa; /* service action */
303 u32 flags; /* OR-ed set of SDEB_F_* */
304 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
305 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
306 u8 len_mask[16]; /* len=len_mask[0], then mask for cdb[1]... */
307 /* ignore cdb bytes after position 15 */
308};
309
310/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
311enum sdeb_opcode_index {
312 SDEB_I_INVALID_OPCODE = 0,
313 SDEB_I_INQUIRY = 1,
314 SDEB_I_REPORT_LUNS = 2,
315 SDEB_I_REQUEST_SENSE = 3,
316 SDEB_I_TEST_UNIT_READY = 4,
317 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
318 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
319 SDEB_I_LOG_SENSE = 7,
320 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
321 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
322 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
323 SDEB_I_START_STOP = 11,
324 SDEB_I_SERV_ACT_IN = 12, /* 12, 16 */
325 SDEB_I_SERV_ACT_OUT = 13, /* 12, 16 */
326 SDEB_I_MAINT_IN = 14,
327 SDEB_I_MAINT_OUT = 15,
328 SDEB_I_VERIFY = 16, /* 10 only */
329 SDEB_I_VARIABLE_LEN = 17,
330 SDEB_I_RESERVE = 18, /* 6, 10 */
331 SDEB_I_RELEASE = 19, /* 6, 10 */
332 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
333 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
334 SDEB_I_ATA_PT = 22, /* 12, 16 */
335 SDEB_I_SEND_DIAG = 23,
336 SDEB_I_UNMAP = 24,
337 SDEB_I_XDWRITEREAD = 25, /* 10 only */
338 SDEB_I_WRITE_BUFFER = 26,
339 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
340 SDEB_I_SYNC_CACHE = 28, /* 10 only */
341 SDEB_I_COMP_WRITE = 29,
342 SDEB_I_LAST_ELEMENT = 30, /* keep this last */
343};
344
345
346static const unsigned char opcode_ind_arr[256] = {
347/* 0x0; 0x0->0x1f: 6 byte cdbs */
348 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
349 0, 0, 0, 0,
350 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
351 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
352 SDEB_I_RELEASE,
353 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
354 SDEB_I_ALLOW_REMOVAL, 0,
355/* 0x20; 0x20->0x3f: 10 byte cdbs */
356 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
357 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
358 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
359 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
360/* 0x40; 0x40->0x5f: 10 byte cdbs */
361 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
362 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
363 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
364 SDEB_I_RELEASE,
365 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
366/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
367 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
368 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
369 0, SDEB_I_VARIABLE_LEN,
370/* 0x80; 0x80->0x9f: 16 byte cdbs */
371 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
372 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
373 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
374 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN, SDEB_I_SERV_ACT_OUT,
375/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
376 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
377 SDEB_I_MAINT_OUT, 0, 0, 0,
378 SDEB_I_READ, SDEB_I_SERV_ACT_OUT, SDEB_I_WRITE, SDEB_I_SERV_ACT_IN,
379 0, 0, 0, 0,
380 0, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 0, 0, 0, 0, 0,
382/* 0xc0; 0xc0->0xff: vendor specific */
383 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
384 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
385 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
386 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
387};
388
389static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
390static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
391static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
392static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
393static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
394static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
395static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
396static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
397static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
398static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
399static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
400static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
401static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
402static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
403static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
404static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
405static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
406static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
407static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
408static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
409static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
410
411static const struct opcode_info_t msense_iarr[1] = {
412 {0, 0x1a, 0, F_D_IN, NULL, NULL,
413 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
414};
415
416static const struct opcode_info_t mselect_iarr[1] = {
417 {0, 0x15, 0, F_D_OUT, NULL, NULL,
418 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
419};
420
421static const struct opcode_info_t read_iarr[3] = {
422 {0, 0x28, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(10) */
423 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
424 0, 0, 0, 0} },
425 {0, 0x8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL, /* READ(6) */
426 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
427 {0, 0xa8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(12) */
428 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
429 0xc7, 0, 0, 0, 0} },
430};
431
432static const struct opcode_info_t write_iarr[3] = {
433 {0, 0x2a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 10 */
434 {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
435 0, 0, 0, 0} },
436 {0, 0xa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 6 */
437 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
438 {0, 0xaa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 12 */
439 {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
440 0xc7, 0, 0, 0, 0} },
441};
442
443static const struct opcode_info_t sa_in_iarr[1] = {
444 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
445 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
446 0xff, 0xff, 0xff, 0, 0xc7} },
447};
448
449static const struct opcode_info_t vl_iarr[1] = { /* VARIABLE LENGTH */
450 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_DIRECT_IO, resp_write_dt0,
451 NULL, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0xb, 0xfa,
452 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
453};
454
455static const struct opcode_info_t maint_in_iarr[2] = {
456 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
457 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
458 0xc7, 0, 0, 0, 0} },
459 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
460 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
461 0, 0} },
462};
463
464static const struct opcode_info_t write_same_iarr[1] = {
465 {0, 0x93, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_16, NULL,
466 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
467 0xff, 0xff, 0xff, 0x1f, 0xc7} },
468};
469
470static const struct opcode_info_t reserve_iarr[1] = {
471 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
472 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
473};
474
475static const struct opcode_info_t release_iarr[1] = {
476 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
477 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
478};
479
480
481/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
482 * plus the terminating elements for logic that scans this table such as
483 * REPORT SUPPORTED OPERATION CODES. */
484static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
485/* 0 */
486 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL,
487 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
488 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL,
489 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
490 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
491 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
492 0, 0} },
493 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
494 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
495 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
496 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
497 {1, 0x5a, 0, F_D_IN, resp_mode_sense, msense_iarr,
498 {10, 0xf8, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
499 0} },
500 {1, 0x55, 0, F_D_OUT, resp_mode_select, mselect_iarr,
501 {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
502 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL,
503 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
504 0, 0, 0} },
505 {0, 0x25, 0, F_D_IN, resp_readcap, NULL,
506 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
507 0, 0} },
508 {3, 0x88, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, read_iarr,
509 {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
510 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* READ(16) */
511/* 10 */
512 {3, 0x8a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, write_iarr,
513 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
514 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* WRITE(16) */
515 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */
516 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
517 {1, 0x9e, 0x10, F_SA_LOW | F_D_IN, resp_readcap16, sa_in_iarr,
518 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
519 0xff, 0xff, 0xff, 0x1, 0xc7} }, /* READ CAPACITY(16) */
520 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* SA OUT */
521 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
522 {2, 0xa3, 0xa, F_SA_LOW | F_D_IN, resp_report_tgtpgs, maint_in_iarr,
523 {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 0,
524 0} },
525 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
526 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
527 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, NULL, NULL, /* VERIFY(10) */
528 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
529 0, 0, 0, 0, 0, 0} },
530 {1, 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_DIRECT_IO, resp_read_dt0,
531 vl_iarr, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0x9, 0xfe, 0,
532 0xff, 0xff, 0xff, 0xff} },/* VARIABLE LENGTH, READ(32) */
533 {1, 0x56, 0, F_D_OUT, NULL, reserve_iarr, /* RESERVE(10) */
534 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
535 0} },
536 {1, 0x57, 0, F_D_OUT, NULL, release_iarr, /* RELEASE(10) */
537 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
538 0} },
539/* 20 */
540 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
541 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
542 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
543 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
544 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
545 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
546 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
547 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
548 {0, 0x42, 0, F_D_OUT | FF_DIRECT_IO, resp_unmap, NULL, /* UNMAP */
549 {10, 0x1, 0, 0, 0, 0, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
550 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_DIRECT_IO, resp_xdwriteread_10,
551 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7,
552 0, 0, 0, 0, 0, 0} },
553 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
554 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
555 0, 0, 0, 0} }, /* WRITE_BUFFER */
556 {1, 0x41, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_10,
557 write_same_iarr, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff,
558 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
559 {0, 0x35, 0, F_DELAY_OVERR | FF_DIRECT_IO, NULL, NULL, /* SYNC_CACHE */
560 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
561 0, 0, 0, 0} },
562 {0, 0x89, 0, F_D_OUT | FF_DIRECT_IO, resp_comp_write, NULL,
563 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
564 0, 0xff, 0x1f, 0xc7} }, /* COMPARE AND WRITE */
565
566/* 30 */
567 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
568 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
569};
570
571static int sdebug_add_host = DEF_NUM_HOST;
572static int sdebug_ato = DEF_ATO;
573static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
574static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
575static int sdebug_dif = DEF_DIF;
576static int sdebug_dix = DEF_DIX;
577static int sdebug_dsense = DEF_D_SENSE;
578static int sdebug_every_nth = DEF_EVERY_NTH;
579static int sdebug_fake_rw = DEF_FAKE_RW;
580static unsigned int sdebug_guard = DEF_GUARD;
581static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
582static int sdebug_max_luns = DEF_MAX_LUNS;
583static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
584static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
585static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
586static int sdebug_no_lun_0 = DEF_NO_LUN_0;
587static int sdebug_no_uld;
588static int sdebug_num_parts = DEF_NUM_PARTS;
589static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
590static int sdebug_opt_blks = DEF_OPT_BLKS;
591static int sdebug_opts = DEF_OPTS;
592static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
593static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
594static int sdebug_scsi_level = DEF_SCSI_LEVEL;
595static int sdebug_sector_size = DEF_SECTOR_SIZE;
596static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
597static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
598static unsigned int sdebug_lbpu = DEF_LBPU;
599static unsigned int sdebug_lbpws = DEF_LBPWS;
600static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
601static unsigned int sdebug_lbprz = DEF_LBPRZ;
602static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
603static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
604static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
605static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
606static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
607static int sdebug_uuid_ctl = DEF_UUID_CTL;
608static bool sdebug_removable = DEF_REMOVABLE;
609static bool sdebug_clustering;
610static bool sdebug_host_lock = DEF_HOST_LOCK;
611static bool sdebug_strict = DEF_STRICT;
612static bool sdebug_any_injecting_opt;
613static bool sdebug_verbose;
614static bool have_dif_prot;
615static bool sdebug_statistics = DEF_STATISTICS;
616static bool sdebug_mq_active;
617
618static unsigned int sdebug_store_sectors;
619static sector_t sdebug_capacity; /* in sectors */
620
621/* old BIOS stuff, kernel may get rid of them but some mode sense pages
622 may still need them */
623static int sdebug_heads; /* heads per disk */
624static int sdebug_cylinders_per; /* cylinders per surface */
625static int sdebug_sectors_per; /* sectors per cylinder */
626
627static LIST_HEAD(sdebug_host_list);
628static DEFINE_SPINLOCK(sdebug_host_list_lock);
629
630static unsigned char *fake_storep; /* ramdisk storage */
631static struct t10_pi_tuple *dif_storep; /* protection info */
632static void *map_storep; /* provisioning map */
633
634static unsigned long map_size;
635static int num_aborts;
636static int num_dev_resets;
637static int num_target_resets;
638static int num_bus_resets;
639static int num_host_resets;
640static int dix_writes;
641static int dix_reads;
642static int dif_errors;
643
644static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
645static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
646
647static DEFINE_RWLOCK(atomic_rw);
648
649static char sdebug_proc_name[] = MY_NAME;
650static const char *my_name = MY_NAME;
651
652static struct bus_type pseudo_lld_bus;
653
654static struct device_driver sdebug_driverfs_driver = {
655 .name = sdebug_proc_name,
656 .bus = &pseudo_lld_bus,
657};
658
659static const int check_condition_result =
660 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
661
662static const int illegal_condition_result =
663 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
664
665static const int device_qfull_result =
666 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
667
668
669/* Only do the extra work involved in logical block provisioning if one or
670 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
671 * real reads and writes (i.e. not skipping them for speed).
672 */
673static inline bool scsi_debug_lbp(void)
674{
675 return 0 == sdebug_fake_rw &&
676 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
677}
678
679static void *fake_store(unsigned long long lba)
680{
681 lba = do_div(lba, sdebug_store_sectors);
682
683 return fake_storep + lba * sdebug_sector_size;
684}
685
686static struct t10_pi_tuple *dif_store(sector_t sector)
687{
688 sector = sector_div(sector, sdebug_store_sectors);
689
690 return dif_storep + sector;
691}
692
693static void sdebug_max_tgts_luns(void)
694{
695 struct sdebug_host_info *sdbg_host;
696 struct Scsi_Host *hpnt;
697
698 spin_lock(&sdebug_host_list_lock);
699 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
700 hpnt = sdbg_host->shost;
701 if ((hpnt->this_id >= 0) &&
702 (sdebug_num_tgts > hpnt->this_id))
703 hpnt->max_id = sdebug_num_tgts + 1;
704 else
705 hpnt->max_id = sdebug_num_tgts;
706 /* sdebug_max_luns; */
707 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
708 }
709 spin_unlock(&sdebug_host_list_lock);
710}
711
712enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
713
714/* Set in_bit to -1 to indicate no bit position of invalid field */
715static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
716 enum sdeb_cmd_data c_d,
717 int in_byte, int in_bit)
718{
719 unsigned char *sbuff;
720 u8 sks[4];
721 int sl, asc;
722
723 sbuff = scp->sense_buffer;
724 if (!sbuff) {
725 sdev_printk(KERN_ERR, scp->device,
726 "%s: sense_buffer is NULL\n", __func__);
727 return;
728 }
729 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
730 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
731 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
732 memset(sks, 0, sizeof(sks));
733 sks[0] = 0x80;
734 if (c_d)
735 sks[0] |= 0x40;
736 if (in_bit >= 0) {
737 sks[0] |= 0x8;
738 sks[0] |= 0x7 & in_bit;
739 }
740 put_unaligned_be16(in_byte, sks + 1);
741 if (sdebug_dsense) {
742 sl = sbuff[7] + 8;
743 sbuff[7] = sl;
744 sbuff[sl] = 0x2;
745 sbuff[sl + 1] = 0x6;
746 memcpy(sbuff + sl + 4, sks, 3);
747 } else
748 memcpy(sbuff + 15, sks, 3);
749 if (sdebug_verbose)
750 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
751 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
752 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
753}
754
755static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
756{
757 unsigned char *sbuff;
758
759 sbuff = scp->sense_buffer;
760 if (!sbuff) {
761 sdev_printk(KERN_ERR, scp->device,
762 "%s: sense_buffer is NULL\n", __func__);
763 return;
764 }
765 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
766
767 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
768
769 if (sdebug_verbose)
770 sdev_printk(KERN_INFO, scp->device,
771 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
772 my_name, key, asc, asq);
773}
774
775static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
776{
777 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
778}
779
780static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
781{
782 if (sdebug_verbose) {
783 if (0x1261 == cmd)
784 sdev_printk(KERN_INFO, dev,
785 "%s: BLKFLSBUF [0x1261]\n", __func__);
786 else if (0x5331 == cmd)
787 sdev_printk(KERN_INFO, dev,
788 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
789 __func__);
790 else
791 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
792 __func__, cmd);
793 }
794 return -EINVAL;
795 /* return -ENOTTY; // correct return but upsets fdisk */
796}
797
798static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
799{
800 struct sdebug_host_info *sdhp;
801 struct sdebug_dev_info *dp;
802
803 spin_lock(&sdebug_host_list_lock);
804 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
805 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
806 if ((devip->sdbg_host == dp->sdbg_host) &&
807 (devip->target == dp->target))
808 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
809 }
810 }
811 spin_unlock(&sdebug_host_list_lock);
812}
813
814static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
815{
816 int k;
817
818 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
819 if (k != SDEBUG_NUM_UAS) {
820 const char *cp = NULL;
821
822 switch (k) {
823 case SDEBUG_UA_POR:
824 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
825 POWER_ON_RESET_ASCQ);
826 if (sdebug_verbose)
827 cp = "power on reset";
828 break;
829 case SDEBUG_UA_BUS_RESET:
830 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
831 BUS_RESET_ASCQ);
832 if (sdebug_verbose)
833 cp = "bus reset";
834 break;
835 case SDEBUG_UA_MODE_CHANGED:
836 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
837 MODE_CHANGED_ASCQ);
838 if (sdebug_verbose)
839 cp = "mode parameters changed";
840 break;
841 case SDEBUG_UA_CAPACITY_CHANGED:
842 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
843 CAPACITY_CHANGED_ASCQ);
844 if (sdebug_verbose)
845 cp = "capacity data changed";
846 break;
847 case SDEBUG_UA_MICROCODE_CHANGED:
848 mk_sense_buffer(scp, UNIT_ATTENTION,
849 TARGET_CHANGED_ASC,
850 MICROCODE_CHANGED_ASCQ);
851 if (sdebug_verbose)
852 cp = "microcode has been changed";
853 break;
854 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
855 mk_sense_buffer(scp, UNIT_ATTENTION,
856 TARGET_CHANGED_ASC,
857 MICROCODE_CHANGED_WO_RESET_ASCQ);
858 if (sdebug_verbose)
859 cp = "microcode has been changed without reset";
860 break;
861 case SDEBUG_UA_LUNS_CHANGED:
862 /*
863 * SPC-3 behavior is to report a UNIT ATTENTION with
864 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
865 * on the target, until a REPORT LUNS command is
866 * received. SPC-4 behavior is to report it only once.
867 * NOTE: sdebug_scsi_level does not use the same
868 * values as struct scsi_device->scsi_level.
869 */
870 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
871 clear_luns_changed_on_target(devip);
872 mk_sense_buffer(scp, UNIT_ATTENTION,
873 TARGET_CHANGED_ASC,
874 LUNS_CHANGED_ASCQ);
875 if (sdebug_verbose)
876 cp = "reported luns data has changed";
877 break;
878 default:
879 pr_warn("unexpected unit attention code=%d\n", k);
880 if (sdebug_verbose)
881 cp = "unknown";
882 break;
883 }
884 clear_bit(k, devip->uas_bm);
885 if (sdebug_verbose)
886 sdev_printk(KERN_INFO, scp->device,
887 "%s reports: Unit attention: %s\n",
888 my_name, cp);
889 return check_condition_result;
890 }
891 return 0;
892}
893
894/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
895static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
896 int arr_len)
897{
898 int act_len;
899 struct scsi_data_buffer *sdb = scsi_in(scp);
900
901 if (!sdb->length)
902 return 0;
903 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
904 return DID_ERROR << 16;
905
906 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
907 arr, arr_len);
908 sdb->resid = scsi_bufflen(scp) - act_len;
909
910 return 0;
911}
912
913/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
914 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
915 * calls, not required to write in ascending offset order. Assumes resid
916 * set to scsi_bufflen() prior to any calls.
917 */
918static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
919 int arr_len, unsigned int off_dst)
920{
921 int act_len, n;
922 struct scsi_data_buffer *sdb = scsi_in(scp);
923 off_t skip = off_dst;
924
925 if (sdb->length <= off_dst)
926 return 0;
927 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
928 return DID_ERROR << 16;
929
930 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
931 arr, arr_len, skip);
932 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
933 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid);
934 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
935 sdb->resid = min(sdb->resid, n);
936 return 0;
937}
938
939/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
940 * 'arr' or -1 if error.
941 */
942static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
943 int arr_len)
944{
945 if (!scsi_bufflen(scp))
946 return 0;
947 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
948 return -1;
949
950 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
951}
952
953
954static const char * inq_vendor_id = "Linux ";
955static const char * inq_product_id = "scsi_debug ";
956static const char *inq_product_rev = "0186"; /* version less '.' */
957/* Use some locally assigned NAAs for SAS addresses. */
958static const u64 naa3_comp_a = 0x3222222000000000ULL;
959static const u64 naa3_comp_b = 0x3333333000000000ULL;
960static const u64 naa3_comp_c = 0x3111111000000000ULL;
961
962/* Device identification VPD page. Returns number of bytes placed in arr */
963static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
964 int target_dev_id, int dev_id_num,
965 const char *dev_id_str, int dev_id_str_len,
966 const uuid_be *lu_name)
967{
968 int num, port_a;
969 char b[32];
970
971 port_a = target_dev_id + 1;
972 /* T10 vendor identifier field format (faked) */
973 arr[0] = 0x2; /* ASCII */
974 arr[1] = 0x1;
975 arr[2] = 0x0;
976 memcpy(&arr[4], inq_vendor_id, 8);
977 memcpy(&arr[12], inq_product_id, 16);
978 memcpy(&arr[28], dev_id_str, dev_id_str_len);
979 num = 8 + 16 + dev_id_str_len;
980 arr[3] = num;
981 num += 4;
982 if (dev_id_num >= 0) {
983 if (sdebug_uuid_ctl) {
984 /* Locally assigned UUID */
985 arr[num++] = 0x1; /* binary (not necessarily sas) */
986 arr[num++] = 0xa; /* PIV=0, lu, naa */
987 arr[num++] = 0x0;
988 arr[num++] = 0x12;
989 arr[num++] = 0x10; /* uuid type=1, locally assigned */
990 arr[num++] = 0x0;
991 memcpy(arr + num, lu_name, 16);
992 num += 16;
993 } else {
994 /* NAA-3, Logical unit identifier (binary) */
995 arr[num++] = 0x1; /* binary (not necessarily sas) */
996 arr[num++] = 0x3; /* PIV=0, lu, naa */
997 arr[num++] = 0x0;
998 arr[num++] = 0x8;
999 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1000 num += 8;
1001 }
1002 /* Target relative port number */
1003 arr[num++] = 0x61; /* proto=sas, binary */
1004 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1005 arr[num++] = 0x0; /* reserved */
1006 arr[num++] = 0x4; /* length */
1007 arr[num++] = 0x0; /* reserved */
1008 arr[num++] = 0x0; /* reserved */
1009 arr[num++] = 0x0;
1010 arr[num++] = 0x1; /* relative port A */
1011 }
1012 /* NAA-3, Target port identifier */
1013 arr[num++] = 0x61; /* proto=sas, binary */
1014 arr[num++] = 0x93; /* piv=1, target port, naa */
1015 arr[num++] = 0x0;
1016 arr[num++] = 0x8;
1017 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1018 num += 8;
1019 /* NAA-3, Target port group identifier */
1020 arr[num++] = 0x61; /* proto=sas, binary */
1021 arr[num++] = 0x95; /* piv=1, target port group id */
1022 arr[num++] = 0x0;
1023 arr[num++] = 0x4;
1024 arr[num++] = 0;
1025 arr[num++] = 0;
1026 put_unaligned_be16(port_group_id, arr + num);
1027 num += 2;
1028 /* NAA-3, Target device identifier */
1029 arr[num++] = 0x61; /* proto=sas, binary */
1030 arr[num++] = 0xa3; /* piv=1, target device, naa */
1031 arr[num++] = 0x0;
1032 arr[num++] = 0x8;
1033 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1034 num += 8;
1035 /* SCSI name string: Target device identifier */
1036 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1037 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1038 arr[num++] = 0x0;
1039 arr[num++] = 24;
1040 memcpy(arr + num, "naa.32222220", 12);
1041 num += 12;
1042 snprintf(b, sizeof(b), "%08X", target_dev_id);
1043 memcpy(arr + num, b, 8);
1044 num += 8;
1045 memset(arr + num, 0, 4);
1046 num += 4;
1047 return num;
1048}
1049
1050static unsigned char vpd84_data[] = {
1051/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1052 0x22,0x22,0x22,0x0,0xbb,0x1,
1053 0x22,0x22,0x22,0x0,0xbb,0x2,
1054};
1055
1056/* Software interface identification VPD page */
1057static int inquiry_vpd_84(unsigned char *arr)
1058{
1059 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1060 return sizeof(vpd84_data);
1061}
1062
1063/* Management network addresses VPD page */
1064static int inquiry_vpd_85(unsigned char *arr)
1065{
1066 int num = 0;
1067 const char * na1 = "https://www.kernel.org/config";
1068 const char * na2 = "http://www.kernel.org/log";
1069 int plen, olen;
1070
1071 arr[num++] = 0x1; /* lu, storage config */
1072 arr[num++] = 0x0; /* reserved */
1073 arr[num++] = 0x0;
1074 olen = strlen(na1);
1075 plen = olen + 1;
1076 if (plen % 4)
1077 plen = ((plen / 4) + 1) * 4;
1078 arr[num++] = plen; /* length, null termianted, padded */
1079 memcpy(arr + num, na1, olen);
1080 memset(arr + num + olen, 0, plen - olen);
1081 num += plen;
1082
1083 arr[num++] = 0x4; /* lu, logging */
1084 arr[num++] = 0x0; /* reserved */
1085 arr[num++] = 0x0;
1086 olen = strlen(na2);
1087 plen = olen + 1;
1088 if (plen % 4)
1089 plen = ((plen / 4) + 1) * 4;
1090 arr[num++] = plen; /* length, null terminated, padded */
1091 memcpy(arr + num, na2, olen);
1092 memset(arr + num + olen, 0, plen - olen);
1093 num += plen;
1094
1095 return num;
1096}
1097
1098/* SCSI ports VPD page */
1099static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1100{
1101 int num = 0;
1102 int port_a, port_b;
1103
1104 port_a = target_dev_id + 1;
1105 port_b = port_a + 1;
1106 arr[num++] = 0x0; /* reserved */
1107 arr[num++] = 0x0; /* reserved */
1108 arr[num++] = 0x0;
1109 arr[num++] = 0x1; /* relative port 1 (primary) */
1110 memset(arr + num, 0, 6);
1111 num += 6;
1112 arr[num++] = 0x0;
1113 arr[num++] = 12; /* length tp descriptor */
1114 /* naa-5 target port identifier (A) */
1115 arr[num++] = 0x61; /* proto=sas, binary */
1116 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1117 arr[num++] = 0x0; /* reserved */
1118 arr[num++] = 0x8; /* length */
1119 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1120 num += 8;
1121 arr[num++] = 0x0; /* reserved */
1122 arr[num++] = 0x0; /* reserved */
1123 arr[num++] = 0x0;
1124 arr[num++] = 0x2; /* relative port 2 (secondary) */
1125 memset(arr + num, 0, 6);
1126 num += 6;
1127 arr[num++] = 0x0;
1128 arr[num++] = 12; /* length tp descriptor */
1129 /* naa-5 target port identifier (B) */
1130 arr[num++] = 0x61; /* proto=sas, binary */
1131 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1132 arr[num++] = 0x0; /* reserved */
1133 arr[num++] = 0x8; /* length */
1134 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1135 num += 8;
1136
1137 return num;
1138}
1139
1140
1141static unsigned char vpd89_data[] = {
1142/* from 4th byte */ 0,0,0,0,
1143'l','i','n','u','x',' ',' ',' ',
1144'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1145'1','2','3','4',
11460x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
11470xec,0,0,0,
11480x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
11490,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
11500x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
11510x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
11520x53,0x41,
11530x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
11540x20,0x20,
11550x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
11560x10,0x80,
11570,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
11580x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
11590x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
11600,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
11610x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
11620x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
11630,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
11640,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11650,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11660,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11670x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
11680,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
11690xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
11700,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
11710,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11720,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11730,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11740,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11750,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11760,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11770,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11780,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11790,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11800,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11810,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11820,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1183};
1184
1185/* ATA Information VPD page */
1186static int inquiry_vpd_89(unsigned char *arr)
1187{
1188 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1189 return sizeof(vpd89_data);
1190}
1191
1192
1193static unsigned char vpdb0_data[] = {
1194 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1195 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1196 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1197 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1198};
1199
1200/* Block limits VPD page (SBC-3) */
1201static int inquiry_vpd_b0(unsigned char *arr)
1202{
1203 unsigned int gran;
1204
1205 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1206
1207 /* Optimal transfer length granularity */
1208 gran = 1 << sdebug_physblk_exp;
1209 put_unaligned_be16(gran, arr + 2);
1210
1211 /* Maximum Transfer Length */
1212 if (sdebug_store_sectors > 0x400)
1213 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1214
1215 /* Optimal Transfer Length */
1216 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1217
1218 if (sdebug_lbpu) {
1219 /* Maximum Unmap LBA Count */
1220 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1221
1222 /* Maximum Unmap Block Descriptor Count */
1223 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1224 }
1225
1226 /* Unmap Granularity Alignment */
1227 if (sdebug_unmap_alignment) {
1228 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1229 arr[28] |= 0x80; /* UGAVALID */
1230 }
1231
1232 /* Optimal Unmap Granularity */
1233 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1234
1235 /* Maximum WRITE SAME Length */
1236 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1237
1238 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1239
1240 return sizeof(vpdb0_data);
1241}
1242
1243/* Block device characteristics VPD page (SBC-3) */
1244static int inquiry_vpd_b1(unsigned char *arr)
1245{
1246 memset(arr, 0, 0x3c);
1247 arr[0] = 0;
1248 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1249 arr[2] = 0;
1250 arr[3] = 5; /* less than 1.8" */
1251
1252 return 0x3c;
1253}
1254
1255/* Logical block provisioning VPD page (SBC-4) */
1256static int inquiry_vpd_b2(unsigned char *arr)
1257{
1258 memset(arr, 0, 0x4);
1259 arr[0] = 0; /* threshold exponent */
1260 if (sdebug_lbpu)
1261 arr[1] = 1 << 7;
1262 if (sdebug_lbpws)
1263 arr[1] |= 1 << 6;
1264 if (sdebug_lbpws10)
1265 arr[1] |= 1 << 5;
1266 if (sdebug_lbprz && scsi_debug_lbp())
1267 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1268 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1269 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1270 /* threshold_percentage=0 */
1271 return 0x4;
1272}
1273
1274#define SDEBUG_LONG_INQ_SZ 96
1275#define SDEBUG_MAX_INQ_ARR_SZ 584
1276
1277static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1278{
1279 unsigned char pq_pdt;
1280 unsigned char * arr;
1281 unsigned char *cmd = scp->cmnd;
1282 int alloc_len, n, ret;
1283 bool have_wlun, is_disk;
1284
1285 alloc_len = get_unaligned_be16(cmd + 3);
1286 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1287 if (! arr)
1288 return DID_REQUEUE << 16;
1289 is_disk = (sdebug_ptype == TYPE_DISK);
1290 have_wlun = scsi_is_wlun(scp->device->lun);
1291 if (have_wlun)
1292 pq_pdt = TYPE_WLUN; /* present, wlun */
1293 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1294 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1295 else
1296 pq_pdt = (sdebug_ptype & 0x1f);
1297 arr[0] = pq_pdt;
1298 if (0x2 & cmd[1]) { /* CMDDT bit set */
1299 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1300 kfree(arr);
1301 return check_condition_result;
1302 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1303 int lu_id_num, port_group_id, target_dev_id, len;
1304 char lu_id_str[6];
1305 int host_no = devip->sdbg_host->shost->host_no;
1306
1307 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1308 (devip->channel & 0x7f);
1309 if (sdebug_vpd_use_hostno == 0)
1310 host_no = 0;
1311 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1312 (devip->target * 1000) + devip->lun);
1313 target_dev_id = ((host_no + 1) * 2000) +
1314 (devip->target * 1000) - 3;
1315 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1316 if (0 == cmd[2]) { /* supported vital product data pages */
1317 arr[1] = cmd[2]; /*sanity */
1318 n = 4;
1319 arr[n++] = 0x0; /* this page */
1320 arr[n++] = 0x80; /* unit serial number */
1321 arr[n++] = 0x83; /* device identification */
1322 arr[n++] = 0x84; /* software interface ident. */
1323 arr[n++] = 0x85; /* management network addresses */
1324 arr[n++] = 0x86; /* extended inquiry */
1325 arr[n++] = 0x87; /* mode page policy */
1326 arr[n++] = 0x88; /* SCSI ports */
1327 if (is_disk) { /* SBC only */
1328 arr[n++] = 0x89; /* ATA information */
1329 arr[n++] = 0xb0; /* Block limits */
1330 arr[n++] = 0xb1; /* Block characteristics */
1331 arr[n++] = 0xb2; /* Logical Block Prov */
1332 }
1333 arr[3] = n - 4; /* number of supported VPD pages */
1334 } else if (0x80 == cmd[2]) { /* unit serial number */
1335 arr[1] = cmd[2]; /*sanity */
1336 arr[3] = len;
1337 memcpy(&arr[4], lu_id_str, len);
1338 } else if (0x83 == cmd[2]) { /* device identification */
1339 arr[1] = cmd[2]; /*sanity */
1340 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1341 target_dev_id, lu_id_num,
1342 lu_id_str, len,
1343 &devip->lu_name);
1344 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1345 arr[1] = cmd[2]; /*sanity */
1346 arr[3] = inquiry_vpd_84(&arr[4]);
1347 } else if (0x85 == cmd[2]) { /* Management network addresses */
1348 arr[1] = cmd[2]; /*sanity */
1349 arr[3] = inquiry_vpd_85(&arr[4]);
1350 } else if (0x86 == cmd[2]) { /* extended inquiry */
1351 arr[1] = cmd[2]; /*sanity */
1352 arr[3] = 0x3c; /* number of following entries */
1353 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1354 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1355 else if (have_dif_prot)
1356 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1357 else
1358 arr[4] = 0x0; /* no protection stuff */
1359 arr[5] = 0x7; /* head of q, ordered + simple q's */
1360 } else if (0x87 == cmd[2]) { /* mode page policy */
1361 arr[1] = cmd[2]; /*sanity */
1362 arr[3] = 0x8; /* number of following entries */
1363 arr[4] = 0x2; /* disconnect-reconnect mp */
1364 arr[6] = 0x80; /* mlus, shared */
1365 arr[8] = 0x18; /* protocol specific lu */
1366 arr[10] = 0x82; /* mlus, per initiator port */
1367 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1368 arr[1] = cmd[2]; /*sanity */
1369 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1370 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1371 arr[1] = cmd[2]; /*sanity */
1372 n = inquiry_vpd_89(&arr[4]);
1373 put_unaligned_be16(n, arr + 2);
1374 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1375 arr[1] = cmd[2]; /*sanity */
1376 arr[3] = inquiry_vpd_b0(&arr[4]);
1377 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1378 arr[1] = cmd[2]; /*sanity */
1379 arr[3] = inquiry_vpd_b1(&arr[4]);
1380 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1381 arr[1] = cmd[2]; /*sanity */
1382 arr[3] = inquiry_vpd_b2(&arr[4]);
1383 } else {
1384 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1385 kfree(arr);
1386 return check_condition_result;
1387 }
1388 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1389 ret = fill_from_dev_buffer(scp, arr,
1390 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1391 kfree(arr);
1392 return ret;
1393 }
1394 /* drops through here for a standard inquiry */
1395 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1396 arr[2] = sdebug_scsi_level;
1397 arr[3] = 2; /* response_data_format==2 */
1398 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1399 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1400 if (sdebug_vpd_use_hostno == 0)
1401 arr[5] = 0x10; /* claim: implicit TGPS */
1402 arr[6] = 0x10; /* claim: MultiP */
1403 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1404 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1405 memcpy(&arr[8], inq_vendor_id, 8);
1406 memcpy(&arr[16], inq_product_id, 16);
1407 memcpy(&arr[32], inq_product_rev, 4);
1408 /* version descriptors (2 bytes each) follow */
1409 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1410 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1411 n = 62;
1412 if (is_disk) { /* SBC-4 no version claimed */
1413 put_unaligned_be16(0x600, arr + n);
1414 n += 2;
1415 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1416 put_unaligned_be16(0x525, arr + n);
1417 n += 2;
1418 }
1419 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1420 ret = fill_from_dev_buffer(scp, arr,
1421 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1422 kfree(arr);
1423 return ret;
1424}
1425
1426static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1427 0, 0, 0x0, 0x0};
1428
1429static int resp_requests(struct scsi_cmnd * scp,
1430 struct sdebug_dev_info * devip)
1431{
1432 unsigned char * sbuff;
1433 unsigned char *cmd = scp->cmnd;
1434 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1435 bool dsense;
1436 int len = 18;
1437
1438 memset(arr, 0, sizeof(arr));
1439 dsense = !!(cmd[1] & 1);
1440 sbuff = scp->sense_buffer;
1441 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1442 if (dsense) {
1443 arr[0] = 0x72;
1444 arr[1] = 0x0; /* NO_SENSE in sense_key */
1445 arr[2] = THRESHOLD_EXCEEDED;
1446 arr[3] = 0xff; /* TEST set and MRIE==6 */
1447 len = 8;
1448 } else {
1449 arr[0] = 0x70;
1450 arr[2] = 0x0; /* NO_SENSE in sense_key */
1451 arr[7] = 0xa; /* 18 byte sense buffer */
1452 arr[12] = THRESHOLD_EXCEEDED;
1453 arr[13] = 0xff; /* TEST set and MRIE==6 */
1454 }
1455 } else {
1456 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1457 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1458 ; /* have sense and formats match */
1459 else if (arr[0] <= 0x70) {
1460 if (dsense) {
1461 memset(arr, 0, 8);
1462 arr[0] = 0x72;
1463 len = 8;
1464 } else {
1465 memset(arr, 0, 18);
1466 arr[0] = 0x70;
1467 arr[7] = 0xa;
1468 }
1469 } else if (dsense) {
1470 memset(arr, 0, 8);
1471 arr[0] = 0x72;
1472 arr[1] = sbuff[2]; /* sense key */
1473 arr[2] = sbuff[12]; /* asc */
1474 arr[3] = sbuff[13]; /* ascq */
1475 len = 8;
1476 } else {
1477 memset(arr, 0, 18);
1478 arr[0] = 0x70;
1479 arr[2] = sbuff[1];
1480 arr[7] = 0xa;
1481 arr[12] = sbuff[1];
1482 arr[13] = sbuff[3];
1483 }
1484
1485 }
1486 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1487 return fill_from_dev_buffer(scp, arr, len);
1488}
1489
1490static int resp_start_stop(struct scsi_cmnd * scp,
1491 struct sdebug_dev_info * devip)
1492{
1493 unsigned char *cmd = scp->cmnd;
1494 int power_cond, stop;
1495
1496 power_cond = (cmd[4] & 0xf0) >> 4;
1497 if (power_cond) {
1498 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1499 return check_condition_result;
1500 }
1501 stop = !(cmd[4] & 1);
1502 atomic_xchg(&devip->stopped, stop);
1503 return 0;
1504}
1505
1506static sector_t get_sdebug_capacity(void)
1507{
1508 static const unsigned int gibibyte = 1073741824;
1509
1510 if (sdebug_virtual_gb > 0)
1511 return (sector_t)sdebug_virtual_gb *
1512 (gibibyte / sdebug_sector_size);
1513 else
1514 return sdebug_store_sectors;
1515}
1516
1517#define SDEBUG_READCAP_ARR_SZ 8
1518static int resp_readcap(struct scsi_cmnd * scp,
1519 struct sdebug_dev_info * devip)
1520{
1521 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1522 unsigned int capac;
1523
1524 /* following just in case virtual_gb changed */
1525 sdebug_capacity = get_sdebug_capacity();
1526 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1527 if (sdebug_capacity < 0xffffffff) {
1528 capac = (unsigned int)sdebug_capacity - 1;
1529 put_unaligned_be32(capac, arr + 0);
1530 } else
1531 put_unaligned_be32(0xffffffff, arr + 0);
1532 put_unaligned_be16(sdebug_sector_size, arr + 6);
1533 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1534}
1535
1536#define SDEBUG_READCAP16_ARR_SZ 32
1537static int resp_readcap16(struct scsi_cmnd * scp,
1538 struct sdebug_dev_info * devip)
1539{
1540 unsigned char *cmd = scp->cmnd;
1541 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1542 int alloc_len;
1543
1544 alloc_len = get_unaligned_be32(cmd + 10);
1545 /* following just in case virtual_gb changed */
1546 sdebug_capacity = get_sdebug_capacity();
1547 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1548 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1549 put_unaligned_be32(sdebug_sector_size, arr + 8);
1550 arr[13] = sdebug_physblk_exp & 0xf;
1551 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1552
1553 if (scsi_debug_lbp()) {
1554 arr[14] |= 0x80; /* LBPME */
1555 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1556 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1557 * in the wider field maps to 0 in this field.
1558 */
1559 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1560 arr[14] |= 0x40;
1561 }
1562
1563 arr[15] = sdebug_lowest_aligned & 0xff;
1564
1565 if (have_dif_prot) {
1566 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1567 arr[12] |= 1; /* PROT_EN */
1568 }
1569
1570 return fill_from_dev_buffer(scp, arr,
1571 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1572}
1573
1574#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1575
1576static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1577 struct sdebug_dev_info * devip)
1578{
1579 unsigned char *cmd = scp->cmnd;
1580 unsigned char * arr;
1581 int host_no = devip->sdbg_host->shost->host_no;
1582 int n, ret, alen, rlen;
1583 int port_group_a, port_group_b, port_a, port_b;
1584
1585 alen = get_unaligned_be32(cmd + 6);
1586 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1587 if (! arr)
1588 return DID_REQUEUE << 16;
1589 /*
1590 * EVPD page 0x88 states we have two ports, one
1591 * real and a fake port with no device connected.
1592 * So we create two port groups with one port each
1593 * and set the group with port B to unavailable.
1594 */
1595 port_a = 0x1; /* relative port A */
1596 port_b = 0x2; /* relative port B */
1597 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1598 (devip->channel & 0x7f);
1599 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1600 (devip->channel & 0x7f) + 0x80;
1601
1602 /*
1603 * The asymmetric access state is cycled according to the host_id.
1604 */
1605 n = 4;
1606 if (sdebug_vpd_use_hostno == 0) {
1607 arr[n++] = host_no % 3; /* Asymm access state */
1608 arr[n++] = 0x0F; /* claim: all states are supported */
1609 } else {
1610 arr[n++] = 0x0; /* Active/Optimized path */
1611 arr[n++] = 0x01; /* only support active/optimized paths */
1612 }
1613 put_unaligned_be16(port_group_a, arr + n);
1614 n += 2;
1615 arr[n++] = 0; /* Reserved */
1616 arr[n++] = 0; /* Status code */
1617 arr[n++] = 0; /* Vendor unique */
1618 arr[n++] = 0x1; /* One port per group */
1619 arr[n++] = 0; /* Reserved */
1620 arr[n++] = 0; /* Reserved */
1621 put_unaligned_be16(port_a, arr + n);
1622 n += 2;
1623 arr[n++] = 3; /* Port unavailable */
1624 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1625 put_unaligned_be16(port_group_b, arr + n);
1626 n += 2;
1627 arr[n++] = 0; /* Reserved */
1628 arr[n++] = 0; /* Status code */
1629 arr[n++] = 0; /* Vendor unique */
1630 arr[n++] = 0x1; /* One port per group */
1631 arr[n++] = 0; /* Reserved */
1632 arr[n++] = 0; /* Reserved */
1633 put_unaligned_be16(port_b, arr + n);
1634 n += 2;
1635
1636 rlen = n - 4;
1637 put_unaligned_be32(rlen, arr + 0);
1638
1639 /*
1640 * Return the smallest value of either
1641 * - The allocated length
1642 * - The constructed command length
1643 * - The maximum array size
1644 */
1645 rlen = min(alen,n);
1646 ret = fill_from_dev_buffer(scp, arr,
1647 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1648 kfree(arr);
1649 return ret;
1650}
1651
1652static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1653 struct sdebug_dev_info *devip)
1654{
1655 bool rctd;
1656 u8 reporting_opts, req_opcode, sdeb_i, supp;
1657 u16 req_sa, u;
1658 u32 alloc_len, a_len;
1659 int k, offset, len, errsts, count, bump, na;
1660 const struct opcode_info_t *oip;
1661 const struct opcode_info_t *r_oip;
1662 u8 *arr;
1663 u8 *cmd = scp->cmnd;
1664
1665 rctd = !!(cmd[2] & 0x80);
1666 reporting_opts = cmd[2] & 0x7;
1667 req_opcode = cmd[3];
1668 req_sa = get_unaligned_be16(cmd + 4);
1669 alloc_len = get_unaligned_be32(cmd + 6);
1670 if (alloc_len < 4 || alloc_len > 0xffff) {
1671 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1672 return check_condition_result;
1673 }
1674 if (alloc_len > 8192)
1675 a_len = 8192;
1676 else
1677 a_len = alloc_len;
1678 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1679 if (NULL == arr) {
1680 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1681 INSUFF_RES_ASCQ);
1682 return check_condition_result;
1683 }
1684 switch (reporting_opts) {
1685 case 0: /* all commands */
1686 /* count number of commands */
1687 for (count = 0, oip = opcode_info_arr;
1688 oip->num_attached != 0xff; ++oip) {
1689 if (F_INV_OP & oip->flags)
1690 continue;
1691 count += (oip->num_attached + 1);
1692 }
1693 bump = rctd ? 20 : 8;
1694 put_unaligned_be32(count * bump, arr);
1695 for (offset = 4, oip = opcode_info_arr;
1696 oip->num_attached != 0xff && offset < a_len; ++oip) {
1697 if (F_INV_OP & oip->flags)
1698 continue;
1699 na = oip->num_attached;
1700 arr[offset] = oip->opcode;
1701 put_unaligned_be16(oip->sa, arr + offset + 2);
1702 if (rctd)
1703 arr[offset + 5] |= 0x2;
1704 if (FF_SA & oip->flags)
1705 arr[offset + 5] |= 0x1;
1706 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1707 if (rctd)
1708 put_unaligned_be16(0xa, arr + offset + 8);
1709 r_oip = oip;
1710 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1711 if (F_INV_OP & oip->flags)
1712 continue;
1713 offset += bump;
1714 arr[offset] = oip->opcode;
1715 put_unaligned_be16(oip->sa, arr + offset + 2);
1716 if (rctd)
1717 arr[offset + 5] |= 0x2;
1718 if (FF_SA & oip->flags)
1719 arr[offset + 5] |= 0x1;
1720 put_unaligned_be16(oip->len_mask[0],
1721 arr + offset + 6);
1722 if (rctd)
1723 put_unaligned_be16(0xa,
1724 arr + offset + 8);
1725 }
1726 oip = r_oip;
1727 offset += bump;
1728 }
1729 break;
1730 case 1: /* one command: opcode only */
1731 case 2: /* one command: opcode plus service action */
1732 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1733 sdeb_i = opcode_ind_arr[req_opcode];
1734 oip = &opcode_info_arr[sdeb_i];
1735 if (F_INV_OP & oip->flags) {
1736 supp = 1;
1737 offset = 4;
1738 } else {
1739 if (1 == reporting_opts) {
1740 if (FF_SA & oip->flags) {
1741 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1742 2, 2);
1743 kfree(arr);
1744 return check_condition_result;
1745 }
1746 req_sa = 0;
1747 } else if (2 == reporting_opts &&
1748 0 == (FF_SA & oip->flags)) {
1749 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1750 kfree(arr); /* point at requested sa */
1751 return check_condition_result;
1752 }
1753 if (0 == (FF_SA & oip->flags) &&
1754 req_opcode == oip->opcode)
1755 supp = 3;
1756 else if (0 == (FF_SA & oip->flags)) {
1757 na = oip->num_attached;
1758 for (k = 0, oip = oip->arrp; k < na;
1759 ++k, ++oip) {
1760 if (req_opcode == oip->opcode)
1761 break;
1762 }
1763 supp = (k >= na) ? 1 : 3;
1764 } else if (req_sa != oip->sa) {
1765 na = oip->num_attached;
1766 for (k = 0, oip = oip->arrp; k < na;
1767 ++k, ++oip) {
1768 if (req_sa == oip->sa)
1769 break;
1770 }
1771 supp = (k >= na) ? 1 : 3;
1772 } else
1773 supp = 3;
1774 if (3 == supp) {
1775 u = oip->len_mask[0];
1776 put_unaligned_be16(u, arr + 2);
1777 arr[4] = oip->opcode;
1778 for (k = 1; k < u; ++k)
1779 arr[4 + k] = (k < 16) ?
1780 oip->len_mask[k] : 0xff;
1781 offset = 4 + u;
1782 } else
1783 offset = 4;
1784 }
1785 arr[1] = (rctd ? 0x80 : 0) | supp;
1786 if (rctd) {
1787 put_unaligned_be16(0xa, arr + offset);
1788 offset += 12;
1789 }
1790 break;
1791 default:
1792 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1793 kfree(arr);
1794 return check_condition_result;
1795 }
1796 offset = (offset < a_len) ? offset : a_len;
1797 len = (offset < alloc_len) ? offset : alloc_len;
1798 errsts = fill_from_dev_buffer(scp, arr, len);
1799 kfree(arr);
1800 return errsts;
1801}
1802
1803static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1804 struct sdebug_dev_info *devip)
1805{
1806 bool repd;
1807 u32 alloc_len, len;
1808 u8 arr[16];
1809 u8 *cmd = scp->cmnd;
1810
1811 memset(arr, 0, sizeof(arr));
1812 repd = !!(cmd[2] & 0x80);
1813 alloc_len = get_unaligned_be32(cmd + 6);
1814 if (alloc_len < 4) {
1815 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1816 return check_condition_result;
1817 }
1818 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1819 arr[1] = 0x1; /* ITNRS */
1820 if (repd) {
1821 arr[3] = 0xc;
1822 len = 16;
1823 } else
1824 len = 4;
1825
1826 len = (len < alloc_len) ? len : alloc_len;
1827 return fill_from_dev_buffer(scp, arr, len);
1828}
1829
1830/* <<Following mode page info copied from ST318451LW>> */
1831
1832static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1833{ /* Read-Write Error Recovery page for mode_sense */
1834 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1835 5, 0, 0xff, 0xff};
1836
1837 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1838 if (1 == pcontrol)
1839 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1840 return sizeof(err_recov_pg);
1841}
1842
1843static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1844{ /* Disconnect-Reconnect page for mode_sense */
1845 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1846 0, 0, 0, 0, 0, 0, 0, 0};
1847
1848 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1849 if (1 == pcontrol)
1850 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1851 return sizeof(disconnect_pg);
1852}
1853
1854static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1855{ /* Format device page for mode_sense */
1856 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1857 0, 0, 0, 0, 0, 0, 0, 0,
1858 0, 0, 0, 0, 0x40, 0, 0, 0};
1859
1860 memcpy(p, format_pg, sizeof(format_pg));
1861 put_unaligned_be16(sdebug_sectors_per, p + 10);
1862 put_unaligned_be16(sdebug_sector_size, p + 12);
1863 if (sdebug_removable)
1864 p[20] |= 0x20; /* should agree with INQUIRY */
1865 if (1 == pcontrol)
1866 memset(p + 2, 0, sizeof(format_pg) - 2);
1867 return sizeof(format_pg);
1868}
1869
1870static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1871 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1872 0, 0, 0, 0};
1873
1874static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1875{ /* Caching page for mode_sense */
1876 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1877 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1878 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1879 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1880
1881 if (SDEBUG_OPT_N_WCE & sdebug_opts)
1882 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
1883 memcpy(p, caching_pg, sizeof(caching_pg));
1884 if (1 == pcontrol)
1885 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
1886 else if (2 == pcontrol)
1887 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
1888 return sizeof(caching_pg);
1889}
1890
1891static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1892 0, 0, 0x2, 0x4b};
1893
1894static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1895{ /* Control mode page for mode_sense */
1896 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1897 0, 0, 0, 0};
1898 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1899 0, 0, 0x2, 0x4b};
1900
1901 if (sdebug_dsense)
1902 ctrl_m_pg[2] |= 0x4;
1903 else
1904 ctrl_m_pg[2] &= ~0x4;
1905
1906 if (sdebug_ato)
1907 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
1908
1909 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
1910 if (1 == pcontrol)
1911 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
1912 else if (2 == pcontrol)
1913 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
1914 return sizeof(ctrl_m_pg);
1915}
1916
1917
1918static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
1919{ /* Informational Exceptions control mode page for mode_sense */
1920 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
1921 0, 0, 0x0, 0x0};
1922 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1923 0, 0, 0x0, 0x0};
1924
1925 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
1926 if (1 == pcontrol)
1927 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
1928 else if (2 == pcontrol)
1929 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
1930 return sizeof(iec_m_pg);
1931}
1932
1933static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
1934{ /* SAS SSP mode page - short format for mode_sense */
1935 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
1936 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
1937
1938 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
1939 if (1 == pcontrol)
1940 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
1941 return sizeof(sas_sf_m_pg);
1942}
1943
1944
1945static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
1946 int target_dev_id)
1947{ /* SAS phy control and discover mode page for mode_sense */
1948 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
1949 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
1950 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1951 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1952 0x2, 0, 0, 0, 0, 0, 0, 0,
1953 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1954 0, 0, 0, 0, 0, 0, 0, 0,
1955 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
1956 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1957 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1958 0x3, 0, 0, 0, 0, 0, 0, 0,
1959 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1960 0, 0, 0, 0, 0, 0, 0, 0,
1961 };
1962 int port_a, port_b;
1963
1964 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
1965 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
1966 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
1967 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
1968 port_a = target_dev_id + 1;
1969 port_b = port_a + 1;
1970 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
1971 put_unaligned_be32(port_a, p + 20);
1972 put_unaligned_be32(port_b, p + 48 + 20);
1973 if (1 == pcontrol)
1974 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
1975 return sizeof(sas_pcd_m_pg);
1976}
1977
1978static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
1979{ /* SAS SSP shared protocol specific port mode subpage */
1980 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
1981 0, 0, 0, 0, 0, 0, 0, 0,
1982 };
1983
1984 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
1985 if (1 == pcontrol)
1986 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
1987 return sizeof(sas_sha_m_pg);
1988}
1989
1990#define SDEBUG_MAX_MSENSE_SZ 256
1991
1992static int resp_mode_sense(struct scsi_cmnd *scp,
1993 struct sdebug_dev_info *devip)
1994{
1995 int pcontrol, pcode, subpcode, bd_len;
1996 unsigned char dev_spec;
1997 int alloc_len, offset, len, target_dev_id;
1998 int target = scp->device->id;
1999 unsigned char * ap;
2000 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2001 unsigned char *cmd = scp->cmnd;
2002 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2003
2004 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2005 pcontrol = (cmd[2] & 0xc0) >> 6;
2006 pcode = cmd[2] & 0x3f;
2007 subpcode = cmd[3];
2008 msense_6 = (MODE_SENSE == cmd[0]);
2009 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2010 is_disk = (sdebug_ptype == TYPE_DISK);
2011 if (is_disk && !dbd)
2012 bd_len = llbaa ? 16 : 8;
2013 else
2014 bd_len = 0;
2015 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2016 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2017 if (0x3 == pcontrol) { /* Saving values not supported */
2018 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2019 return check_condition_result;
2020 }
2021 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2022 (devip->target * 1000) - 3;
2023 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2024 if (is_disk)
2025 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2026 else
2027 dev_spec = 0x0;
2028 if (msense_6) {
2029 arr[2] = dev_spec;
2030 arr[3] = bd_len;
2031 offset = 4;
2032 } else {
2033 arr[3] = dev_spec;
2034 if (16 == bd_len)
2035 arr[4] = 0x1; /* set LONGLBA bit */
2036 arr[7] = bd_len; /* assume 255 or less */
2037 offset = 8;
2038 }
2039 ap = arr + offset;
2040 if ((bd_len > 0) && (!sdebug_capacity))
2041 sdebug_capacity = get_sdebug_capacity();
2042
2043 if (8 == bd_len) {
2044 if (sdebug_capacity > 0xfffffffe)
2045 put_unaligned_be32(0xffffffff, ap + 0);
2046 else
2047 put_unaligned_be32(sdebug_capacity, ap + 0);
2048 put_unaligned_be16(sdebug_sector_size, ap + 6);
2049 offset += bd_len;
2050 ap = arr + offset;
2051 } else if (16 == bd_len) {
2052 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2053 put_unaligned_be32(sdebug_sector_size, ap + 12);
2054 offset += bd_len;
2055 ap = arr + offset;
2056 }
2057
2058 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2059 /* TODO: Control Extension page */
2060 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2061 return check_condition_result;
2062 }
2063 bad_pcode = false;
2064
2065 switch (pcode) {
2066 case 0x1: /* Read-Write error recovery page, direct access */
2067 len = resp_err_recov_pg(ap, pcontrol, target);
2068 offset += len;
2069 break;
2070 case 0x2: /* Disconnect-Reconnect page, all devices */
2071 len = resp_disconnect_pg(ap, pcontrol, target);
2072 offset += len;
2073 break;
2074 case 0x3: /* Format device page, direct access */
2075 if (is_disk) {
2076 len = resp_format_pg(ap, pcontrol, target);
2077 offset += len;
2078 } else
2079 bad_pcode = true;
2080 break;
2081 case 0x8: /* Caching page, direct access */
2082 if (is_disk) {
2083 len = resp_caching_pg(ap, pcontrol, target);
2084 offset += len;
2085 } else
2086 bad_pcode = true;
2087 break;
2088 case 0xa: /* Control Mode page, all devices */
2089 len = resp_ctrl_m_pg(ap, pcontrol, target);
2090 offset += len;
2091 break;
2092 case 0x19: /* if spc==1 then sas phy, control+discover */
2093 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2094 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2095 return check_condition_result;
2096 }
2097 len = 0;
2098 if ((0x0 == subpcode) || (0xff == subpcode))
2099 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2100 if ((0x1 == subpcode) || (0xff == subpcode))
2101 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2102 target_dev_id);
2103 if ((0x2 == subpcode) || (0xff == subpcode))
2104 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2105 offset += len;
2106 break;
2107 case 0x1c: /* Informational Exceptions Mode page, all devices */
2108 len = resp_iec_m_pg(ap, pcontrol, target);
2109 offset += len;
2110 break;
2111 case 0x3f: /* Read all Mode pages */
2112 if ((0 == subpcode) || (0xff == subpcode)) {
2113 len = resp_err_recov_pg(ap, pcontrol, target);
2114 len += resp_disconnect_pg(ap + len, pcontrol, target);
2115 if (is_disk) {
2116 len += resp_format_pg(ap + len, pcontrol,
2117 target);
2118 len += resp_caching_pg(ap + len, pcontrol,
2119 target);
2120 }
2121 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2122 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2123 if (0xff == subpcode) {
2124 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2125 target, target_dev_id);
2126 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2127 }
2128 len += resp_iec_m_pg(ap + len, pcontrol, target);
2129 offset += len;
2130 } else {
2131 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2132 return check_condition_result;
2133 }
2134 break;
2135 default:
2136 bad_pcode = true;
2137 break;
2138 }
2139 if (bad_pcode) {
2140 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2141 return check_condition_result;
2142 }
2143 if (msense_6)
2144 arr[0] = offset - 1;
2145 else
2146 put_unaligned_be16((offset - 2), arr + 0);
2147 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2148}
2149
2150#define SDEBUG_MAX_MSELECT_SZ 512
2151
2152static int resp_mode_select(struct scsi_cmnd *scp,
2153 struct sdebug_dev_info *devip)
2154{
2155 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2156 int param_len, res, mpage;
2157 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2158 unsigned char *cmd = scp->cmnd;
2159 int mselect6 = (MODE_SELECT == cmd[0]);
2160
2161 memset(arr, 0, sizeof(arr));
2162 pf = cmd[1] & 0x10;
2163 sp = cmd[1] & 0x1;
2164 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2165 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2166 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2167 return check_condition_result;
2168 }
2169 res = fetch_to_dev_buffer(scp, arr, param_len);
2170 if (-1 == res)
2171 return DID_ERROR << 16;
2172 else if (sdebug_verbose && (res < param_len))
2173 sdev_printk(KERN_INFO, scp->device,
2174 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2175 __func__, param_len, res);
2176 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2177 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2178 if (md_len > 2) {
2179 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2180 return check_condition_result;
2181 }
2182 off = bd_len + (mselect6 ? 4 : 8);
2183 mpage = arr[off] & 0x3f;
2184 ps = !!(arr[off] & 0x80);
2185 if (ps) {
2186 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2187 return check_condition_result;
2188 }
2189 spf = !!(arr[off] & 0x40);
2190 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2191 (arr[off + 1] + 2);
2192 if ((pg_len + off) > param_len) {
2193 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2194 PARAMETER_LIST_LENGTH_ERR, 0);
2195 return check_condition_result;
2196 }
2197 switch (mpage) {
2198 case 0x8: /* Caching Mode page */
2199 if (caching_pg[1] == arr[off + 1]) {
2200 memcpy(caching_pg + 2, arr + off + 2,
2201 sizeof(caching_pg) - 2);
2202 goto set_mode_changed_ua;
2203 }
2204 break;
2205 case 0xa: /* Control Mode page */
2206 if (ctrl_m_pg[1] == arr[off + 1]) {
2207 memcpy(ctrl_m_pg + 2, arr + off + 2,
2208 sizeof(ctrl_m_pg) - 2);
2209 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2210 goto set_mode_changed_ua;
2211 }
2212 break;
2213 case 0x1c: /* Informational Exceptions Mode page */
2214 if (iec_m_pg[1] == arr[off + 1]) {
2215 memcpy(iec_m_pg + 2, arr + off + 2,
2216 sizeof(iec_m_pg) - 2);
2217 goto set_mode_changed_ua;
2218 }
2219 break;
2220 default:
2221 break;
2222 }
2223 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2224 return check_condition_result;
2225set_mode_changed_ua:
2226 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2227 return 0;
2228}
2229
2230static int resp_temp_l_pg(unsigned char * arr)
2231{
2232 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2233 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2234 };
2235
2236 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2237 return sizeof(temp_l_pg);
2238}
2239
2240static int resp_ie_l_pg(unsigned char * arr)
2241{
2242 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2243 };
2244
2245 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2246 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2247 arr[4] = THRESHOLD_EXCEEDED;
2248 arr[5] = 0xff;
2249 }
2250 return sizeof(ie_l_pg);
2251}
2252
2253#define SDEBUG_MAX_LSENSE_SZ 512
2254
2255static int resp_log_sense(struct scsi_cmnd * scp,
2256 struct sdebug_dev_info * devip)
2257{
2258 int ppc, sp, pcontrol, pcode, subpcode, alloc_len, len, n;
2259 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2260 unsigned char *cmd = scp->cmnd;
2261
2262 memset(arr, 0, sizeof(arr));
2263 ppc = cmd[1] & 0x2;
2264 sp = cmd[1] & 0x1;
2265 if (ppc || sp) {
2266 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2267 return check_condition_result;
2268 }
2269 pcontrol = (cmd[2] & 0xc0) >> 6;
2270 pcode = cmd[2] & 0x3f;
2271 subpcode = cmd[3] & 0xff;
2272 alloc_len = get_unaligned_be16(cmd + 7);
2273 arr[0] = pcode;
2274 if (0 == subpcode) {
2275 switch (pcode) {
2276 case 0x0: /* Supported log pages log page */
2277 n = 4;
2278 arr[n++] = 0x0; /* this page */
2279 arr[n++] = 0xd; /* Temperature */
2280 arr[n++] = 0x2f; /* Informational exceptions */
2281 arr[3] = n - 4;
2282 break;
2283 case 0xd: /* Temperature log page */
2284 arr[3] = resp_temp_l_pg(arr + 4);
2285 break;
2286 case 0x2f: /* Informational exceptions log page */
2287 arr[3] = resp_ie_l_pg(arr + 4);
2288 break;
2289 default:
2290 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2291 return check_condition_result;
2292 }
2293 } else if (0xff == subpcode) {
2294 arr[0] |= 0x40;
2295 arr[1] = subpcode;
2296 switch (pcode) {
2297 case 0x0: /* Supported log pages and subpages log page */
2298 n = 4;
2299 arr[n++] = 0x0;
2300 arr[n++] = 0x0; /* 0,0 page */
2301 arr[n++] = 0x0;
2302 arr[n++] = 0xff; /* this page */
2303 arr[n++] = 0xd;
2304 arr[n++] = 0x0; /* Temperature */
2305 arr[n++] = 0x2f;
2306 arr[n++] = 0x0; /* Informational exceptions */
2307 arr[3] = n - 4;
2308 break;
2309 case 0xd: /* Temperature subpages */
2310 n = 4;
2311 arr[n++] = 0xd;
2312 arr[n++] = 0x0; /* Temperature */
2313 arr[3] = n - 4;
2314 break;
2315 case 0x2f: /* Informational exceptions subpages */
2316 n = 4;
2317 arr[n++] = 0x2f;
2318 arr[n++] = 0x0; /* Informational exceptions */
2319 arr[3] = n - 4;
2320 break;
2321 default:
2322 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2323 return check_condition_result;
2324 }
2325 } else {
2326 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2327 return check_condition_result;
2328 }
2329 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2330 return fill_from_dev_buffer(scp, arr,
2331 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2332}
2333
2334static int check_device_access_params(struct scsi_cmnd *scp,
2335 unsigned long long lba, unsigned int num)
2336{
2337 if (lba + num > sdebug_capacity) {
2338 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2339 return check_condition_result;
2340 }
2341 /* transfer length excessive (tie in to block limits VPD page) */
2342 if (num > sdebug_store_sectors) {
2343 /* needs work to find which cdb byte 'num' comes from */
2344 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2345 return check_condition_result;
2346 }
2347 return 0;
2348}
2349
2350/* Returns number of bytes copied or -1 if error. */
2351static int do_device_access(struct scsi_cmnd *scmd, u64 lba, u32 num,
2352 bool do_write)
2353{
2354 int ret;
2355 u64 block, rest = 0;
2356 struct scsi_data_buffer *sdb;
2357 enum dma_data_direction dir;
2358
2359 if (do_write) {
2360 sdb = scsi_out(scmd);
2361 dir = DMA_TO_DEVICE;
2362 } else {
2363 sdb = scsi_in(scmd);
2364 dir = DMA_FROM_DEVICE;
2365 }
2366
2367 if (!sdb->length)
2368 return 0;
2369 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2370 return -1;
2371
2372 block = do_div(lba, sdebug_store_sectors);
2373 if (block + num > sdebug_store_sectors)
2374 rest = block + num - sdebug_store_sectors;
2375
2376 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2377 fake_storep + (block * sdebug_sector_size),
2378 (num - rest) * sdebug_sector_size, 0, do_write);
2379 if (ret != (num - rest) * sdebug_sector_size)
2380 return ret;
2381
2382 if (rest) {
2383 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2384 fake_storep, rest * sdebug_sector_size,
2385 (num - rest) * sdebug_sector_size, do_write);
2386 }
2387
2388 return ret;
2389}
2390
2391/* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2392 * arr into fake_store(lba,num) and return true. If comparison fails then
2393 * return false. */
2394static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2395{
2396 bool res;
2397 u64 block, rest = 0;
2398 u32 store_blks = sdebug_store_sectors;
2399 u32 lb_size = sdebug_sector_size;
2400
2401 block = do_div(lba, store_blks);
2402 if (block + num > store_blks)
2403 rest = block + num - store_blks;
2404
2405 res = !memcmp(fake_storep + (block * lb_size), arr,
2406 (num - rest) * lb_size);
2407 if (!res)
2408 return res;
2409 if (rest)
2410 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2411 rest * lb_size);
2412 if (!res)
2413 return res;
2414 arr += num * lb_size;
2415 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2416 if (rest)
2417 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2418 rest * lb_size);
2419 return res;
2420}
2421
2422static __be16 dif_compute_csum(const void *buf, int len)
2423{
2424 __be16 csum;
2425
2426 if (sdebug_guard)
2427 csum = (__force __be16)ip_compute_csum(buf, len);
2428 else
2429 csum = cpu_to_be16(crc_t10dif(buf, len));
2430
2431 return csum;
2432}
2433
2434static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2435 sector_t sector, u32 ei_lba)
2436{
2437 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2438
2439 if (sdt->guard_tag != csum) {
2440 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2441 (unsigned long)sector,
2442 be16_to_cpu(sdt->guard_tag),
2443 be16_to_cpu(csum));
2444 return 0x01;
2445 }
2446 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2447 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2448 pr_err("REF check failed on sector %lu\n",
2449 (unsigned long)sector);
2450 return 0x03;
2451 }
2452 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2453 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2454 pr_err("REF check failed on sector %lu\n",
2455 (unsigned long)sector);
2456 return 0x03;
2457 }
2458 return 0;
2459}
2460
2461static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2462 unsigned int sectors, bool read)
2463{
2464 size_t resid;
2465 void *paddr;
2466 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2467 struct sg_mapping_iter miter;
2468
2469 /* Bytes of protection data to copy into sgl */
2470 resid = sectors * sizeof(*dif_storep);
2471
2472 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2473 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2474 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2475
2476 while (sg_miter_next(&miter) && resid > 0) {
2477 size_t len = min(miter.length, resid);
2478 void *start = dif_store(sector);
2479 size_t rest = 0;
2480
2481 if (dif_store_end < start + len)
2482 rest = start + len - dif_store_end;
2483
2484 paddr = miter.addr;
2485
2486 if (read)
2487 memcpy(paddr, start, len - rest);
2488 else
2489 memcpy(start, paddr, len - rest);
2490
2491 if (rest) {
2492 if (read)
2493 memcpy(paddr + len - rest, dif_storep, rest);
2494 else
2495 memcpy(dif_storep, paddr + len - rest, rest);
2496 }
2497
2498 sector += len / sizeof(*dif_storep);
2499 resid -= len;
2500 }
2501 sg_miter_stop(&miter);
2502}
2503
2504static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2505 unsigned int sectors, u32 ei_lba)
2506{
2507 unsigned int i;
2508 struct t10_pi_tuple *sdt;
2509 sector_t sector;
2510
2511 for (i = 0; i < sectors; i++, ei_lba++) {
2512 int ret;
2513
2514 sector = start_sec + i;
2515 sdt = dif_store(sector);
2516
2517 if (sdt->app_tag == cpu_to_be16(0xffff))
2518 continue;
2519
2520 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2521 if (ret) {
2522 dif_errors++;
2523 return ret;
2524 }
2525 }
2526
2527 dif_copy_prot(SCpnt, start_sec, sectors, true);
2528 dix_reads++;
2529
2530 return 0;
2531}
2532
2533static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2534{
2535 u8 *cmd = scp->cmnd;
2536 struct sdebug_queued_cmd *sqcp;
2537 u64 lba;
2538 u32 num;
2539 u32 ei_lba;
2540 unsigned long iflags;
2541 int ret;
2542 bool check_prot;
2543
2544 switch (cmd[0]) {
2545 case READ_16:
2546 ei_lba = 0;
2547 lba = get_unaligned_be64(cmd + 2);
2548 num = get_unaligned_be32(cmd + 10);
2549 check_prot = true;
2550 break;
2551 case READ_10:
2552 ei_lba = 0;
2553 lba = get_unaligned_be32(cmd + 2);
2554 num = get_unaligned_be16(cmd + 7);
2555 check_prot = true;
2556 break;
2557 case READ_6:
2558 ei_lba = 0;
2559 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2560 (u32)(cmd[1] & 0x1f) << 16;
2561 num = (0 == cmd[4]) ? 256 : cmd[4];
2562 check_prot = true;
2563 break;
2564 case READ_12:
2565 ei_lba = 0;
2566 lba = get_unaligned_be32(cmd + 2);
2567 num = get_unaligned_be32(cmd + 6);
2568 check_prot = true;
2569 break;
2570 case XDWRITEREAD_10:
2571 ei_lba = 0;
2572 lba = get_unaligned_be32(cmd + 2);
2573 num = get_unaligned_be16(cmd + 7);
2574 check_prot = false;
2575 break;
2576 default: /* assume READ(32) */
2577 lba = get_unaligned_be64(cmd + 12);
2578 ei_lba = get_unaligned_be32(cmd + 20);
2579 num = get_unaligned_be32(cmd + 28);
2580 check_prot = false;
2581 break;
2582 }
2583 if (unlikely(have_dif_prot && check_prot)) {
2584 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2585 (cmd[1] & 0xe0)) {
2586 mk_sense_invalid_opcode(scp);
2587 return check_condition_result;
2588 }
2589 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2590 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2591 (cmd[1] & 0xe0) == 0)
2592 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2593 "to DIF device\n");
2594 }
2595 if (unlikely(sdebug_any_injecting_opt)) {
2596 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2597
2598 if (sqcp) {
2599 if (sqcp->inj_short)
2600 num /= 2;
2601 }
2602 } else
2603 sqcp = NULL;
2604
2605 /* inline check_device_access_params() */
2606 if (unlikely(lba + num > sdebug_capacity)) {
2607 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2608 return check_condition_result;
2609 }
2610 /* transfer length excessive (tie in to block limits VPD page) */
2611 if (unlikely(num > sdebug_store_sectors)) {
2612 /* needs work to find which cdb byte 'num' comes from */
2613 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2614 return check_condition_result;
2615 }
2616
2617 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2618 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) &&
2619 ((lba + num) > OPT_MEDIUM_ERR_ADDR))) {
2620 /* claim unrecoverable read error */
2621 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2622 /* set info field and valid bit for fixed descriptor */
2623 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2624 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2625 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2626 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2627 put_unaligned_be32(ret, scp->sense_buffer + 3);
2628 }
2629 scsi_set_resid(scp, scsi_bufflen(scp));
2630 return check_condition_result;
2631 }
2632
2633 read_lock_irqsave(&atomic_rw, iflags);
2634
2635 /* DIX + T10 DIF */
2636 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2637 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2638
2639 if (prot_ret) {
2640 read_unlock_irqrestore(&atomic_rw, iflags);
2641 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2642 return illegal_condition_result;
2643 }
2644 }
2645
2646 ret = do_device_access(scp, lba, num, false);
2647 read_unlock_irqrestore(&atomic_rw, iflags);
2648 if (unlikely(ret == -1))
2649 return DID_ERROR << 16;
2650
2651 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2652
2653 if (unlikely(sqcp)) {
2654 if (sqcp->inj_recovered) {
2655 mk_sense_buffer(scp, RECOVERED_ERROR,
2656 THRESHOLD_EXCEEDED, 0);
2657 return check_condition_result;
2658 } else if (sqcp->inj_transport) {
2659 mk_sense_buffer(scp, ABORTED_COMMAND,
2660 TRANSPORT_PROBLEM, ACK_NAK_TO);
2661 return check_condition_result;
2662 } else if (sqcp->inj_dif) {
2663 /* Logical block guard check failed */
2664 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2665 return illegal_condition_result;
2666 } else if (sqcp->inj_dix) {
2667 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2668 return illegal_condition_result;
2669 }
2670 }
2671 return 0;
2672}
2673
2674static void dump_sector(unsigned char *buf, int len)
2675{
2676 int i, j, n;
2677
2678 pr_err(">>> Sector Dump <<<\n");
2679 for (i = 0 ; i < len ; i += 16) {
2680 char b[128];
2681
2682 for (j = 0, n = 0; j < 16; j++) {
2683 unsigned char c = buf[i+j];
2684
2685 if (c >= 0x20 && c < 0x7e)
2686 n += scnprintf(b + n, sizeof(b) - n,
2687 " %c ", buf[i+j]);
2688 else
2689 n += scnprintf(b + n, sizeof(b) - n,
2690 "%02x ", buf[i+j]);
2691 }
2692 pr_err("%04d: %s\n", i, b);
2693 }
2694}
2695
2696static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2697 unsigned int sectors, u32 ei_lba)
2698{
2699 int ret;
2700 struct t10_pi_tuple *sdt;
2701 void *daddr;
2702 sector_t sector = start_sec;
2703 int ppage_offset;
2704 int dpage_offset;
2705 struct sg_mapping_iter diter;
2706 struct sg_mapping_iter piter;
2707
2708 BUG_ON(scsi_sg_count(SCpnt) == 0);
2709 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2710
2711 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2712 scsi_prot_sg_count(SCpnt),
2713 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2714 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2715 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2716
2717 /* For each protection page */
2718 while (sg_miter_next(&piter)) {
2719 dpage_offset = 0;
2720 if (WARN_ON(!sg_miter_next(&diter))) {
2721 ret = 0x01;
2722 goto out;
2723 }
2724
2725 for (ppage_offset = 0; ppage_offset < piter.length;
2726 ppage_offset += sizeof(struct t10_pi_tuple)) {
2727 /* If we're at the end of the current
2728 * data page advance to the next one
2729 */
2730 if (dpage_offset >= diter.length) {
2731 if (WARN_ON(!sg_miter_next(&diter))) {
2732 ret = 0x01;
2733 goto out;
2734 }
2735 dpage_offset = 0;
2736 }
2737
2738 sdt = piter.addr + ppage_offset;
2739 daddr = diter.addr + dpage_offset;
2740
2741 ret = dif_verify(sdt, daddr, sector, ei_lba);
2742 if (ret) {
2743 dump_sector(daddr, sdebug_sector_size);
2744 goto out;
2745 }
2746
2747 sector++;
2748 ei_lba++;
2749 dpage_offset += sdebug_sector_size;
2750 }
2751 diter.consumed = dpage_offset;
2752 sg_miter_stop(&diter);
2753 }
2754 sg_miter_stop(&piter);
2755
2756 dif_copy_prot(SCpnt, start_sec, sectors, false);
2757 dix_writes++;
2758
2759 return 0;
2760
2761out:
2762 dif_errors++;
2763 sg_miter_stop(&diter);
2764 sg_miter_stop(&piter);
2765 return ret;
2766}
2767
2768static unsigned long lba_to_map_index(sector_t lba)
2769{
2770 if (sdebug_unmap_alignment)
2771 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2772 sector_div(lba, sdebug_unmap_granularity);
2773 return lba;
2774}
2775
2776static sector_t map_index_to_lba(unsigned long index)
2777{
2778 sector_t lba = index * sdebug_unmap_granularity;
2779
2780 if (sdebug_unmap_alignment)
2781 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2782 return lba;
2783}
2784
2785static unsigned int map_state(sector_t lba, unsigned int *num)
2786{
2787 sector_t end;
2788 unsigned int mapped;
2789 unsigned long index;
2790 unsigned long next;
2791
2792 index = lba_to_map_index(lba);
2793 mapped = test_bit(index, map_storep);
2794
2795 if (mapped)
2796 next = find_next_zero_bit(map_storep, map_size, index);
2797 else
2798 next = find_next_bit(map_storep, map_size, index);
2799
2800 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2801 *num = end - lba;
2802 return mapped;
2803}
2804
2805static void map_region(sector_t lba, unsigned int len)
2806{
2807 sector_t end = lba + len;
2808
2809 while (lba < end) {
2810 unsigned long index = lba_to_map_index(lba);
2811
2812 if (index < map_size)
2813 set_bit(index, map_storep);
2814
2815 lba = map_index_to_lba(index + 1);
2816 }
2817}
2818
2819static void unmap_region(sector_t lba, unsigned int len)
2820{
2821 sector_t end = lba + len;
2822
2823 while (lba < end) {
2824 unsigned long index = lba_to_map_index(lba);
2825
2826 if (lba == map_index_to_lba(index) &&
2827 lba + sdebug_unmap_granularity <= end &&
2828 index < map_size) {
2829 clear_bit(index, map_storep);
2830 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2831 memset(fake_storep +
2832 lba * sdebug_sector_size,
2833 (sdebug_lbprz & 1) ? 0 : 0xff,
2834 sdebug_sector_size *
2835 sdebug_unmap_granularity);
2836 }
2837 if (dif_storep) {
2838 memset(dif_storep + lba, 0xff,
2839 sizeof(*dif_storep) *
2840 sdebug_unmap_granularity);
2841 }
2842 }
2843 lba = map_index_to_lba(index + 1);
2844 }
2845}
2846
2847static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2848{
2849 u8 *cmd = scp->cmnd;
2850 u64 lba;
2851 u32 num;
2852 u32 ei_lba;
2853 unsigned long iflags;
2854 int ret;
2855 bool check_prot;
2856
2857 switch (cmd[0]) {
2858 case WRITE_16:
2859 ei_lba = 0;
2860 lba = get_unaligned_be64(cmd + 2);
2861 num = get_unaligned_be32(cmd + 10);
2862 check_prot = true;
2863 break;
2864 case WRITE_10:
2865 ei_lba = 0;
2866 lba = get_unaligned_be32(cmd + 2);
2867 num = get_unaligned_be16(cmd + 7);
2868 check_prot = true;
2869 break;
2870 case WRITE_6:
2871 ei_lba = 0;
2872 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2873 (u32)(cmd[1] & 0x1f) << 16;
2874 num = (0 == cmd[4]) ? 256 : cmd[4];
2875 check_prot = true;
2876 break;
2877 case WRITE_12:
2878 ei_lba = 0;
2879 lba = get_unaligned_be32(cmd + 2);
2880 num = get_unaligned_be32(cmd + 6);
2881 check_prot = true;
2882 break;
2883 case 0x53: /* XDWRITEREAD(10) */
2884 ei_lba = 0;
2885 lba = get_unaligned_be32(cmd + 2);
2886 num = get_unaligned_be16(cmd + 7);
2887 check_prot = false;
2888 break;
2889 default: /* assume WRITE(32) */
2890 lba = get_unaligned_be64(cmd + 12);
2891 ei_lba = get_unaligned_be32(cmd + 20);
2892 num = get_unaligned_be32(cmd + 28);
2893 check_prot = false;
2894 break;
2895 }
2896 if (unlikely(have_dif_prot && check_prot)) {
2897 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2898 (cmd[1] & 0xe0)) {
2899 mk_sense_invalid_opcode(scp);
2900 return check_condition_result;
2901 }
2902 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2903 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2904 (cmd[1] & 0xe0) == 0)
2905 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
2906 "to DIF device\n");
2907 }
2908
2909 /* inline check_device_access_params() */
2910 if (unlikely(lba + num > sdebug_capacity)) {
2911 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2912 return check_condition_result;
2913 }
2914 /* transfer length excessive (tie in to block limits VPD page) */
2915 if (unlikely(num > sdebug_store_sectors)) {
2916 /* needs work to find which cdb byte 'num' comes from */
2917 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2918 return check_condition_result;
2919 }
2920
2921 write_lock_irqsave(&atomic_rw, iflags);
2922
2923 /* DIX + T10 DIF */
2924 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2925 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
2926
2927 if (prot_ret) {
2928 write_unlock_irqrestore(&atomic_rw, iflags);
2929 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
2930 return illegal_condition_result;
2931 }
2932 }
2933
2934 ret = do_device_access(scp, lba, num, true);
2935 if (unlikely(scsi_debug_lbp()))
2936 map_region(lba, num);
2937 write_unlock_irqrestore(&atomic_rw, iflags);
2938 if (unlikely(-1 == ret))
2939 return DID_ERROR << 16;
2940 else if (unlikely(sdebug_verbose &&
2941 (ret < (num * sdebug_sector_size))))
2942 sdev_printk(KERN_INFO, scp->device,
2943 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
2944 my_name, num * sdebug_sector_size, ret);
2945
2946 if (unlikely(sdebug_any_injecting_opt)) {
2947 struct sdebug_queued_cmd *sqcp =
2948 (struct sdebug_queued_cmd *)scp->host_scribble;
2949
2950 if (sqcp) {
2951 if (sqcp->inj_recovered) {
2952 mk_sense_buffer(scp, RECOVERED_ERROR,
2953 THRESHOLD_EXCEEDED, 0);
2954 return check_condition_result;
2955 } else if (sqcp->inj_dif) {
2956 /* Logical block guard check failed */
2957 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2958 return illegal_condition_result;
2959 } else if (sqcp->inj_dix) {
2960 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2961 return illegal_condition_result;
2962 }
2963 }
2964 }
2965 return 0;
2966}
2967
2968static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
2969 u32 ei_lba, bool unmap, bool ndob)
2970{
2971 unsigned long iflags;
2972 unsigned long long i;
2973 int ret;
2974 u64 lba_off;
2975
2976 ret = check_device_access_params(scp, lba, num);
2977 if (ret)
2978 return ret;
2979
2980 write_lock_irqsave(&atomic_rw, iflags);
2981
2982 if (unmap && scsi_debug_lbp()) {
2983 unmap_region(lba, num);
2984 goto out;
2985 }
2986
2987 lba_off = lba * sdebug_sector_size;
2988 /* if ndob then zero 1 logical block, else fetch 1 logical block */
2989 if (ndob) {
2990 memset(fake_storep + lba_off, 0, sdebug_sector_size);
2991 ret = 0;
2992 } else
2993 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off,
2994 sdebug_sector_size);
2995
2996 if (-1 == ret) {
2997 write_unlock_irqrestore(&atomic_rw, iflags);
2998 return DID_ERROR << 16;
2999 } else if (sdebug_verbose && (ret < (num * sdebug_sector_size)))
3000 sdev_printk(KERN_INFO, scp->device,
3001 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
3002 my_name, "write same",
3003 num * sdebug_sector_size, ret);
3004
3005 /* Copy first sector to remaining blocks */
3006 for (i = 1 ; i < num ; i++)
3007 memcpy(fake_storep + ((lba + i) * sdebug_sector_size),
3008 fake_storep + lba_off,
3009 sdebug_sector_size);
3010
3011 if (scsi_debug_lbp())
3012 map_region(lba, num);
3013out:
3014 write_unlock_irqrestore(&atomic_rw, iflags);
3015
3016 return 0;
3017}
3018
3019static int resp_write_same_10(struct scsi_cmnd *scp,
3020 struct sdebug_dev_info *devip)
3021{
3022 u8 *cmd = scp->cmnd;
3023 u32 lba;
3024 u16 num;
3025 u32 ei_lba = 0;
3026 bool unmap = false;
3027
3028 if (cmd[1] & 0x8) {
3029 if (sdebug_lbpws10 == 0) {
3030 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3031 return check_condition_result;
3032 } else
3033 unmap = true;
3034 }
3035 lba = get_unaligned_be32(cmd + 2);
3036 num = get_unaligned_be16(cmd + 7);
3037 if (num > sdebug_write_same_length) {
3038 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3039 return check_condition_result;
3040 }
3041 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3042}
3043
3044static int resp_write_same_16(struct scsi_cmnd *scp,
3045 struct sdebug_dev_info *devip)
3046{
3047 u8 *cmd = scp->cmnd;
3048 u64 lba;
3049 u32 num;
3050 u32 ei_lba = 0;
3051 bool unmap = false;
3052 bool ndob = false;
3053
3054 if (cmd[1] & 0x8) { /* UNMAP */
3055 if (sdebug_lbpws == 0) {
3056 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3057 return check_condition_result;
3058 } else
3059 unmap = true;
3060 }
3061 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3062 ndob = true;
3063 lba = get_unaligned_be64(cmd + 2);
3064 num = get_unaligned_be32(cmd + 10);
3065 if (num > sdebug_write_same_length) {
3066 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3067 return check_condition_result;
3068 }
3069 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3070}
3071
3072/* Note the mode field is in the same position as the (lower) service action
3073 * field. For the Report supported operation codes command, SPC-4 suggests
3074 * each mode of this command should be reported separately; for future. */
3075static int resp_write_buffer(struct scsi_cmnd *scp,
3076 struct sdebug_dev_info *devip)
3077{
3078 u8 *cmd = scp->cmnd;
3079 struct scsi_device *sdp = scp->device;
3080 struct sdebug_dev_info *dp;
3081 u8 mode;
3082
3083 mode = cmd[1] & 0x1f;
3084 switch (mode) {
3085 case 0x4: /* download microcode (MC) and activate (ACT) */
3086 /* set UAs on this device only */
3087 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3088 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3089 break;
3090 case 0x5: /* download MC, save and ACT */
3091 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3092 break;
3093 case 0x6: /* download MC with offsets and ACT */
3094 /* set UAs on most devices (LUs) in this target */
3095 list_for_each_entry(dp,
3096 &devip->sdbg_host->dev_info_list,
3097 dev_list)
3098 if (dp->target == sdp->id) {
3099 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3100 if (devip != dp)
3101 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3102 dp->uas_bm);
3103 }
3104 break;
3105 case 0x7: /* download MC with offsets, save, and ACT */
3106 /* set UA on all devices (LUs) in this target */
3107 list_for_each_entry(dp,
3108 &devip->sdbg_host->dev_info_list,
3109 dev_list)
3110 if (dp->target == sdp->id)
3111 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3112 dp->uas_bm);
3113 break;
3114 default:
3115 /* do nothing for this command for other mode values */
3116 break;
3117 }
3118 return 0;
3119}
3120
3121static int resp_comp_write(struct scsi_cmnd *scp,
3122 struct sdebug_dev_info *devip)
3123{
3124 u8 *cmd = scp->cmnd;
3125 u8 *arr;
3126 u8 *fake_storep_hold;
3127 u64 lba;
3128 u32 dnum;
3129 u32 lb_size = sdebug_sector_size;
3130 u8 num;
3131 unsigned long iflags;
3132 int ret;
3133 int retval = 0;
3134
3135 lba = get_unaligned_be64(cmd + 2);
3136 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3137 if (0 == num)
3138 return 0; /* degenerate case, not an error */
3139 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3140 (cmd[1] & 0xe0)) {
3141 mk_sense_invalid_opcode(scp);
3142 return check_condition_result;
3143 }
3144 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3145 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3146 (cmd[1] & 0xe0) == 0)
3147 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3148 "to DIF device\n");
3149
3150 /* inline check_device_access_params() */
3151 if (lba + num > sdebug_capacity) {
3152 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3153 return check_condition_result;
3154 }
3155 /* transfer length excessive (tie in to block limits VPD page) */
3156 if (num > sdebug_store_sectors) {
3157 /* needs work to find which cdb byte 'num' comes from */
3158 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3159 return check_condition_result;
3160 }
3161 dnum = 2 * num;
3162 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3163 if (NULL == arr) {
3164 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3165 INSUFF_RES_ASCQ);
3166 return check_condition_result;
3167 }
3168
3169 write_lock_irqsave(&atomic_rw, iflags);
3170
3171 /* trick do_device_access() to fetch both compare and write buffers
3172 * from data-in into arr. Safe (atomic) since write_lock held. */
3173 fake_storep_hold = fake_storep;
3174 fake_storep = arr;
3175 ret = do_device_access(scp, 0, dnum, true);
3176 fake_storep = fake_storep_hold;
3177 if (ret == -1) {
3178 retval = DID_ERROR << 16;
3179 goto cleanup;
3180 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3181 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3182 "indicated=%u, IO sent=%d bytes\n", my_name,
3183 dnum * lb_size, ret);
3184 if (!comp_write_worker(lba, num, arr)) {
3185 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3186 retval = check_condition_result;
3187 goto cleanup;
3188 }
3189 if (scsi_debug_lbp())
3190 map_region(lba, num);
3191cleanup:
3192 write_unlock_irqrestore(&atomic_rw, iflags);
3193 kfree(arr);
3194 return retval;
3195}
3196
3197struct unmap_block_desc {
3198 __be64 lba;
3199 __be32 blocks;
3200 __be32 __reserved;
3201};
3202
3203static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3204{
3205 unsigned char *buf;
3206 struct unmap_block_desc *desc;
3207 unsigned int i, payload_len, descriptors;
3208 int ret;
3209 unsigned long iflags;
3210
3211
3212 if (!scsi_debug_lbp())
3213 return 0; /* fib and say its done */
3214 payload_len = get_unaligned_be16(scp->cmnd + 7);
3215 BUG_ON(scsi_bufflen(scp) != payload_len);
3216
3217 descriptors = (payload_len - 8) / 16;
3218 if (descriptors > sdebug_unmap_max_desc) {
3219 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3220 return check_condition_result;
3221 }
3222
3223 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3224 if (!buf) {
3225 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3226 INSUFF_RES_ASCQ);
3227 return check_condition_result;
3228 }
3229
3230 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3231
3232 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3233 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3234
3235 desc = (void *)&buf[8];
3236
3237 write_lock_irqsave(&atomic_rw, iflags);
3238
3239 for (i = 0 ; i < descriptors ; i++) {
3240 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3241 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3242
3243 ret = check_device_access_params(scp, lba, num);
3244 if (ret)
3245 goto out;
3246
3247 unmap_region(lba, num);
3248 }
3249
3250 ret = 0;
3251
3252out:
3253 write_unlock_irqrestore(&atomic_rw, iflags);
3254 kfree(buf);
3255
3256 return ret;
3257}
3258
3259#define SDEBUG_GET_LBA_STATUS_LEN 32
3260
3261static int resp_get_lba_status(struct scsi_cmnd *scp,
3262 struct sdebug_dev_info *devip)
3263{
3264 u8 *cmd = scp->cmnd;
3265 u64 lba;
3266 u32 alloc_len, mapped, num;
3267 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3268 int ret;
3269
3270 lba = get_unaligned_be64(cmd + 2);
3271 alloc_len = get_unaligned_be32(cmd + 10);
3272
3273 if (alloc_len < 24)
3274 return 0;
3275
3276 ret = check_device_access_params(scp, lba, 1);
3277 if (ret)
3278 return ret;
3279
3280 if (scsi_debug_lbp())
3281 mapped = map_state(lba, &num);
3282 else {
3283 mapped = 1;
3284 /* following just in case virtual_gb changed */
3285 sdebug_capacity = get_sdebug_capacity();
3286 if (sdebug_capacity - lba <= 0xffffffff)
3287 num = sdebug_capacity - lba;
3288 else
3289 num = 0xffffffff;
3290 }
3291
3292 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3293 put_unaligned_be32(20, arr); /* Parameter Data Length */
3294 put_unaligned_be64(lba, arr + 8); /* LBA */
3295 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3296 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3297
3298 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3299}
3300
3301#define RL_BUCKET_ELEMS 8
3302
3303/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3304 * (W-LUN), the normal Linux scanning logic does not associate it with a
3305 * device (e.g. /dev/sg7). The following magic will make that association:
3306 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3307 * where <n> is a host number. If there are multiple targets in a host then
3308 * the above will associate a W-LUN to each target. To only get a W-LUN
3309 * for target 2, then use "echo '- 2 49409' > scan" .
3310 */
3311static int resp_report_luns(struct scsi_cmnd *scp,
3312 struct sdebug_dev_info *devip)
3313{
3314 unsigned char *cmd = scp->cmnd;
3315 unsigned int alloc_len;
3316 unsigned char select_report;
3317 u64 lun;
3318 struct scsi_lun *lun_p;
3319 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3320 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3321 unsigned int wlun_cnt; /* report luns W-LUN count */
3322 unsigned int tlun_cnt; /* total LUN count */
3323 unsigned int rlen; /* response length (in bytes) */
3324 int k, j, n, res;
3325 unsigned int off_rsp = 0;
3326 const int sz_lun = sizeof(struct scsi_lun);
3327
3328 clear_luns_changed_on_target(devip);
3329
3330 select_report = cmd[2];
3331 alloc_len = get_unaligned_be32(cmd + 6);
3332
3333 if (alloc_len < 4) {
3334 pr_err("alloc len too small %d\n", alloc_len);
3335 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3336 return check_condition_result;
3337 }
3338
3339 switch (select_report) {
3340 case 0: /* all LUNs apart from W-LUNs */
3341 lun_cnt = sdebug_max_luns;
3342 wlun_cnt = 0;
3343 break;
3344 case 1: /* only W-LUNs */
3345 lun_cnt = 0;
3346 wlun_cnt = 1;
3347 break;
3348 case 2: /* all LUNs */
3349 lun_cnt = sdebug_max_luns;
3350 wlun_cnt = 1;
3351 break;
3352 case 0x10: /* only administrative LUs */
3353 case 0x11: /* see SPC-5 */
3354 case 0x12: /* only subsiduary LUs owned by referenced LU */
3355 default:
3356 pr_debug("select report invalid %d\n", select_report);
3357 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3358 return check_condition_result;
3359 }
3360
3361 if (sdebug_no_lun_0 && (lun_cnt > 0))
3362 --lun_cnt;
3363
3364 tlun_cnt = lun_cnt + wlun_cnt;
3365 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3366 scsi_set_resid(scp, scsi_bufflen(scp));
3367 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3368 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3369
3370 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3371 lun = sdebug_no_lun_0 ? 1 : 0;
3372 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3373 memset(arr, 0, sizeof(arr));
3374 lun_p = (struct scsi_lun *)&arr[0];
3375 if (k == 0) {
3376 put_unaligned_be32(rlen, &arr[0]);
3377 ++lun_p;
3378 j = 1;
3379 }
3380 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3381 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3382 break;
3383 int_to_scsilun(lun++, lun_p);
3384 }
3385 if (j < RL_BUCKET_ELEMS)
3386 break;
3387 n = j * sz_lun;
3388 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3389 if (res)
3390 return res;
3391 off_rsp += n;
3392 }
3393 if (wlun_cnt) {
3394 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3395 ++j;
3396 }
3397 if (j > 0)
3398 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3399 return res;
3400}
3401
3402static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3403 unsigned int num, struct sdebug_dev_info *devip)
3404{
3405 int j;
3406 unsigned char *kaddr, *buf;
3407 unsigned int offset;
3408 struct scsi_data_buffer *sdb = scsi_in(scp);
3409 struct sg_mapping_iter miter;
3410
3411 /* better not to use temporary buffer. */
3412 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3413 if (!buf) {
3414 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3415 INSUFF_RES_ASCQ);
3416 return check_condition_result;
3417 }
3418
3419 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3420
3421 offset = 0;
3422 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3423 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3424
3425 while (sg_miter_next(&miter)) {
3426 kaddr = miter.addr;
3427 for (j = 0; j < miter.length; j++)
3428 *(kaddr + j) ^= *(buf + offset + j);
3429
3430 offset += miter.length;
3431 }
3432 sg_miter_stop(&miter);
3433 kfree(buf);
3434
3435 return 0;
3436}
3437
3438static int resp_xdwriteread_10(struct scsi_cmnd *scp,
3439 struct sdebug_dev_info *devip)
3440{
3441 u8 *cmd = scp->cmnd;
3442 u64 lba;
3443 u32 num;
3444 int errsts;
3445
3446 if (!scsi_bidi_cmnd(scp)) {
3447 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3448 INSUFF_RES_ASCQ);
3449 return check_condition_result;
3450 }
3451 errsts = resp_read_dt0(scp, devip);
3452 if (errsts)
3453 return errsts;
3454 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3455 errsts = resp_write_dt0(scp, devip);
3456 if (errsts)
3457 return errsts;
3458 }
3459 lba = get_unaligned_be32(cmd + 2);
3460 num = get_unaligned_be16(cmd + 7);
3461 return resp_xdwriteread(scp, lba, num, devip);
3462}
3463
3464static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3465{
3466 struct sdebug_queue *sqp = sdebug_q_arr;
3467
3468 if (sdebug_mq_active) {
3469 u32 tag = blk_mq_unique_tag(cmnd->request);
3470 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3471
3472 if (unlikely(hwq >= submit_queues)) {
3473 pr_warn("Unexpected hwq=%d, apply modulo\n", hwq);
3474 hwq %= submit_queues;
3475 }
3476 pr_debug("tag=%u, hwq=%d\n", tag, hwq);
3477 return sqp + hwq;
3478 } else
3479 return sqp;
3480}
3481
3482/* Queued (deferred) command completions converge here. */
3483static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3484{
3485 int qc_idx;
3486 int retiring = 0;
3487 unsigned long iflags;
3488 struct sdebug_queue *sqp;
3489 struct sdebug_queued_cmd *sqcp;
3490 struct scsi_cmnd *scp;
3491 struct sdebug_dev_info *devip;
3492
3493 qc_idx = sd_dp->qc_idx;
3494 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3495 if (sdebug_statistics) {
3496 atomic_inc(&sdebug_completions);
3497 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3498 atomic_inc(&sdebug_miss_cpus);
3499 }
3500 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3501 pr_err("wild qc_idx=%d\n", qc_idx);
3502 return;
3503 }
3504 spin_lock_irqsave(&sqp->qc_lock, iflags);
3505 sqcp = &sqp->qc_arr[qc_idx];
3506 scp = sqcp->a_cmnd;
3507 if (unlikely(scp == NULL)) {
3508 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3509 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3510 sd_dp->sqa_idx, qc_idx);
3511 return;
3512 }
3513 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3514 if (likely(devip))
3515 atomic_dec(&devip->num_in_q);
3516 else
3517 pr_err("devip=NULL\n");
3518 if (unlikely(atomic_read(&retired_max_queue) > 0))
3519 retiring = 1;
3520
3521 sqcp->a_cmnd = NULL;
3522 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3523 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3524 pr_err("Unexpected completion\n");
3525 return;
3526 }
3527
3528 if (unlikely(retiring)) { /* user has reduced max_queue */
3529 int k, retval;
3530
3531 retval = atomic_read(&retired_max_queue);
3532 if (qc_idx >= retval) {
3533 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3534 pr_err("index %d too large\n", retval);
3535 return;
3536 }
3537 k = find_last_bit(sqp->in_use_bm, retval);
3538 if ((k < sdebug_max_queue) || (k == retval))
3539 atomic_set(&retired_max_queue, 0);
3540 else
3541 atomic_set(&retired_max_queue, k + 1);
3542 }
3543 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3544 scp->scsi_done(scp); /* callback to mid level */
3545}
3546
3547/* When high resolution timer goes off this function is called. */
3548static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3549{
3550 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3551 hrt);
3552 sdebug_q_cmd_complete(sd_dp);
3553 return HRTIMER_NORESTART;
3554}
3555
3556/* When work queue schedules work, it calls this function. */
3557static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3558{
3559 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3560 ew.work);
3561 sdebug_q_cmd_complete(sd_dp);
3562}
3563
3564static bool got_shared_uuid;
3565static uuid_be shared_uuid;
3566
3567static struct sdebug_dev_info *sdebug_device_create(
3568 struct sdebug_host_info *sdbg_host, gfp_t flags)
3569{
3570 struct sdebug_dev_info *devip;
3571
3572 devip = kzalloc(sizeof(*devip), flags);
3573 if (devip) {
3574 if (sdebug_uuid_ctl == 1)
3575 uuid_be_gen(&devip->lu_name);
3576 else if (sdebug_uuid_ctl == 2) {
3577 if (got_shared_uuid)
3578 devip->lu_name = shared_uuid;
3579 else {
3580 uuid_be_gen(&shared_uuid);
3581 got_shared_uuid = true;
3582 devip->lu_name = shared_uuid;
3583 }
3584 }
3585 devip->sdbg_host = sdbg_host;
3586 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3587 }
3588 return devip;
3589}
3590
3591static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3592{
3593 struct sdebug_host_info *sdbg_host;
3594 struct sdebug_dev_info *open_devip = NULL;
3595 struct sdebug_dev_info *devip;
3596
3597 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3598 if (!sdbg_host) {
3599 pr_err("Host info NULL\n");
3600 return NULL;
3601 }
3602 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3603 if ((devip->used) && (devip->channel == sdev->channel) &&
3604 (devip->target == sdev->id) &&
3605 (devip->lun == sdev->lun))
3606 return devip;
3607 else {
3608 if ((!devip->used) && (!open_devip))
3609 open_devip = devip;
3610 }
3611 }
3612 if (!open_devip) { /* try and make a new one */
3613 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3614 if (!open_devip) {
3615 pr_err("out of memory at line %d\n", __LINE__);
3616 return NULL;
3617 }
3618 }
3619
3620 open_devip->channel = sdev->channel;
3621 open_devip->target = sdev->id;
3622 open_devip->lun = sdev->lun;
3623 open_devip->sdbg_host = sdbg_host;
3624 atomic_set(&open_devip->num_in_q, 0);
3625 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3626 open_devip->used = true;
3627 return open_devip;
3628}
3629
3630static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3631{
3632 if (sdebug_verbose)
3633 pr_info("slave_alloc <%u %u %u %llu>\n",
3634 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3635 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue);
3636 return 0;
3637}
3638
3639static int scsi_debug_slave_configure(struct scsi_device *sdp)
3640{
3641 struct sdebug_dev_info *devip =
3642 (struct sdebug_dev_info *)sdp->hostdata;
3643
3644 if (sdebug_verbose)
3645 pr_info("slave_configure <%u %u %u %llu>\n",
3646 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3647 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3648 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3649 if (devip == NULL) {
3650 devip = find_build_dev_info(sdp);
3651 if (devip == NULL)
3652 return 1; /* no resources, will be marked offline */
3653 }
3654 sdp->hostdata = devip;
3655 blk_queue_max_segment_size(sdp->request_queue, -1U);
3656 if (sdebug_no_uld)
3657 sdp->no_uld_attach = 1;
3658 return 0;
3659}
3660
3661static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3662{
3663 struct sdebug_dev_info *devip =
3664 (struct sdebug_dev_info *)sdp->hostdata;
3665
3666 if (sdebug_verbose)
3667 pr_info("slave_destroy <%u %u %u %llu>\n",
3668 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3669 if (devip) {
3670 /* make this slot available for re-use */
3671 devip->used = false;
3672 sdp->hostdata = NULL;
3673 }
3674}
3675
3676static void stop_qc_helper(struct sdebug_defer *sd_dp)
3677{
3678 if (!sd_dp)
3679 return;
3680 if ((sdebug_jdelay > 0) || (sdebug_ndelay > 0))
3681 hrtimer_cancel(&sd_dp->hrt);
3682 else if (sdebug_jdelay < 0)
3683 cancel_work_sync(&sd_dp->ew.work);
3684}
3685
3686/* If @cmnd found deletes its timer or work queue and returns true; else
3687 returns false */
3688static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3689{
3690 unsigned long iflags;
3691 int j, k, qmax, r_qmax;
3692 struct sdebug_queue *sqp;
3693 struct sdebug_queued_cmd *sqcp;
3694 struct sdebug_dev_info *devip;
3695 struct sdebug_defer *sd_dp;
3696
3697 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3698 spin_lock_irqsave(&sqp->qc_lock, iflags);
3699 qmax = sdebug_max_queue;
3700 r_qmax = atomic_read(&retired_max_queue);
3701 if (r_qmax > qmax)
3702 qmax = r_qmax;
3703 for (k = 0; k < qmax; ++k) {
3704 if (test_bit(k, sqp->in_use_bm)) {
3705 sqcp = &sqp->qc_arr[k];
3706 if (cmnd != sqcp->a_cmnd)
3707 continue;
3708 /* found */
3709 devip = (struct sdebug_dev_info *)
3710 cmnd->device->hostdata;
3711 if (devip)
3712 atomic_dec(&devip->num_in_q);
3713 sqcp->a_cmnd = NULL;
3714 sd_dp = sqcp->sd_dp;
3715 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3716 stop_qc_helper(sd_dp);
3717 clear_bit(k, sqp->in_use_bm);
3718 return true;
3719 }
3720 }
3721 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3722 }
3723 return false;
3724}
3725
3726/* Deletes (stops) timers or work queues of all queued commands */
3727static void stop_all_queued(void)
3728{
3729 unsigned long iflags;
3730 int j, k;
3731 struct sdebug_queue *sqp;
3732 struct sdebug_queued_cmd *sqcp;
3733 struct sdebug_dev_info *devip;
3734 struct sdebug_defer *sd_dp;
3735
3736 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3737 spin_lock_irqsave(&sqp->qc_lock, iflags);
3738 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3739 if (test_bit(k, sqp->in_use_bm)) {
3740 sqcp = &sqp->qc_arr[k];
3741 if (sqcp->a_cmnd == NULL)
3742 continue;
3743 devip = (struct sdebug_dev_info *)
3744 sqcp->a_cmnd->device->hostdata;
3745 if (devip)
3746 atomic_dec(&devip->num_in_q);
3747 sqcp->a_cmnd = NULL;
3748 sd_dp = sqcp->sd_dp;
3749 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3750 stop_qc_helper(sd_dp);
3751 clear_bit(k, sqp->in_use_bm);
3752 spin_lock_irqsave(&sqp->qc_lock, iflags);
3753 }
3754 }
3755 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3756 }
3757}
3758
3759/* Free queued command memory on heap */
3760static void free_all_queued(void)
3761{
3762 int j, k;
3763 struct sdebug_queue *sqp;
3764 struct sdebug_queued_cmd *sqcp;
3765
3766 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3767 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3768 sqcp = &sqp->qc_arr[k];
3769 kfree(sqcp->sd_dp);
3770 sqcp->sd_dp = NULL;
3771 }
3772 }
3773}
3774
3775static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
3776{
3777 bool ok;
3778
3779 ++num_aborts;
3780 if (SCpnt) {
3781 ok = stop_queued_cmnd(SCpnt);
3782 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
3783 sdev_printk(KERN_INFO, SCpnt->device,
3784 "%s: command%s found\n", __func__,
3785 ok ? "" : " not");
3786 }
3787 return SUCCESS;
3788}
3789
3790static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
3791{
3792 ++num_dev_resets;
3793 if (SCpnt && SCpnt->device) {
3794 struct scsi_device *sdp = SCpnt->device;
3795 struct sdebug_dev_info *devip =
3796 (struct sdebug_dev_info *)sdp->hostdata;
3797
3798 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3799 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3800 if (devip)
3801 set_bit(SDEBUG_UA_POR, devip->uas_bm);
3802 }
3803 return SUCCESS;
3804}
3805
3806static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
3807{
3808 struct sdebug_host_info *sdbg_host;
3809 struct sdebug_dev_info *devip;
3810 struct scsi_device *sdp;
3811 struct Scsi_Host *hp;
3812 int k = 0;
3813
3814 ++num_target_resets;
3815 if (!SCpnt)
3816 goto lie;
3817 sdp = SCpnt->device;
3818 if (!sdp)
3819 goto lie;
3820 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3821 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3822 hp = sdp->host;
3823 if (!hp)
3824 goto lie;
3825 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3826 if (sdbg_host) {
3827 list_for_each_entry(devip,
3828 &sdbg_host->dev_info_list,
3829 dev_list)
3830 if (devip->target == sdp->id) {
3831 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3832 ++k;
3833 }
3834 }
3835 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3836 sdev_printk(KERN_INFO, sdp,
3837 "%s: %d device(s) found in target\n", __func__, k);
3838lie:
3839 return SUCCESS;
3840}
3841
3842static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
3843{
3844 struct sdebug_host_info *sdbg_host;
3845 struct sdebug_dev_info *devip;
3846 struct scsi_device * sdp;
3847 struct Scsi_Host * hp;
3848 int k = 0;
3849
3850 ++num_bus_resets;
3851 if (!(SCpnt && SCpnt->device))
3852 goto lie;
3853 sdp = SCpnt->device;
3854 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3855 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3856 hp = sdp->host;
3857 if (hp) {
3858 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3859 if (sdbg_host) {
3860 list_for_each_entry(devip,
3861 &sdbg_host->dev_info_list,
3862 dev_list) {
3863 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3864 ++k;
3865 }
3866 }
3867 }
3868 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3869 sdev_printk(KERN_INFO, sdp,
3870 "%s: %d device(s) found in host\n", __func__, k);
3871lie:
3872 return SUCCESS;
3873}
3874
3875static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
3876{
3877 struct sdebug_host_info * sdbg_host;
3878 struct sdebug_dev_info *devip;
3879 int k = 0;
3880
3881 ++num_host_resets;
3882 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
3883 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
3884 spin_lock(&sdebug_host_list_lock);
3885 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
3886 list_for_each_entry(devip, &sdbg_host->dev_info_list,
3887 dev_list) {
3888 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3889 ++k;
3890 }
3891 }
3892 spin_unlock(&sdebug_host_list_lock);
3893 stop_all_queued();
3894 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3895 sdev_printk(KERN_INFO, SCpnt->device,
3896 "%s: %d device(s) found\n", __func__, k);
3897 return SUCCESS;
3898}
3899
3900static void __init sdebug_build_parts(unsigned char *ramp,
3901 unsigned long store_size)
3902{
3903 struct partition * pp;
3904 int starts[SDEBUG_MAX_PARTS + 2];
3905 int sectors_per_part, num_sectors, k;
3906 int heads_by_sects, start_sec, end_sec;
3907
3908 /* assume partition table already zeroed */
3909 if ((sdebug_num_parts < 1) || (store_size < 1048576))
3910 return;
3911 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
3912 sdebug_num_parts = SDEBUG_MAX_PARTS;
3913 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
3914 }
3915 num_sectors = (int)sdebug_store_sectors;
3916 sectors_per_part = (num_sectors - sdebug_sectors_per)
3917 / sdebug_num_parts;
3918 heads_by_sects = sdebug_heads * sdebug_sectors_per;
3919 starts[0] = sdebug_sectors_per;
3920 for (k = 1; k < sdebug_num_parts; ++k)
3921 starts[k] = ((k * sectors_per_part) / heads_by_sects)
3922 * heads_by_sects;
3923 starts[sdebug_num_parts] = num_sectors;
3924 starts[sdebug_num_parts + 1] = 0;
3925
3926 ramp[510] = 0x55; /* magic partition markings */
3927 ramp[511] = 0xAA;
3928 pp = (struct partition *)(ramp + 0x1be);
3929 for (k = 0; starts[k + 1]; ++k, ++pp) {
3930 start_sec = starts[k];
3931 end_sec = starts[k + 1] - 1;
3932 pp->boot_ind = 0;
3933
3934 pp->cyl = start_sec / heads_by_sects;
3935 pp->head = (start_sec - (pp->cyl * heads_by_sects))
3936 / sdebug_sectors_per;
3937 pp->sector = (start_sec % sdebug_sectors_per) + 1;
3938
3939 pp->end_cyl = end_sec / heads_by_sects;
3940 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
3941 / sdebug_sectors_per;
3942 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
3943
3944 pp->start_sect = cpu_to_le32(start_sec);
3945 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
3946 pp->sys_ind = 0x83; /* plain Linux partition */
3947 }
3948}
3949
3950static void block_unblock_all_queues(bool block)
3951{
3952 int j;
3953 struct sdebug_queue *sqp;
3954
3955 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
3956 atomic_set(&sqp->blocked, (int)block);
3957}
3958
3959/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
3960 * commands will be processed normally before triggers occur.
3961 */
3962static void tweak_cmnd_count(void)
3963{
3964 int count, modulo;
3965
3966 modulo = abs(sdebug_every_nth);
3967 if (modulo < 2)
3968 return;
3969 block_unblock_all_queues(true);
3970 count = atomic_read(&sdebug_cmnd_count);
3971 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
3972 block_unblock_all_queues(false);
3973}
3974
3975static void clear_queue_stats(void)
3976{
3977 atomic_set(&sdebug_cmnd_count, 0);
3978 atomic_set(&sdebug_completions, 0);
3979 atomic_set(&sdebug_miss_cpus, 0);
3980 atomic_set(&sdebug_a_tsf, 0);
3981}
3982
3983static void setup_inject(struct sdebug_queue *sqp,
3984 struct sdebug_queued_cmd *sqcp)
3985{
3986 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0)
3987 return;
3988 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
3989 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
3990 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
3991 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
3992 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
3993}
3994
3995/* Complete the processing of the thread that queued a SCSI command to this
3996 * driver. It either completes the command by calling cmnd_done() or
3997 * schedules a hr timer or work queue then returns 0. Returns
3998 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
3999 */
4000static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4001 int scsi_result, int delta_jiff)
4002{
4003 unsigned long iflags;
4004 int k, num_in_q, qdepth, inject;
4005 struct sdebug_queue *sqp;
4006 struct sdebug_queued_cmd *sqcp;
4007 struct scsi_device *sdp;
4008 struct sdebug_defer *sd_dp;
4009
4010 if (unlikely(devip == NULL)) {
4011 if (scsi_result == 0)
4012 scsi_result = DID_NO_CONNECT << 16;
4013 goto respond_in_thread;
4014 }
4015 sdp = cmnd->device;
4016
4017 if (unlikely(sdebug_verbose && scsi_result))
4018 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4019 __func__, scsi_result);
4020 if (delta_jiff == 0)
4021 goto respond_in_thread;
4022
4023 /* schedule the response at a later time if resources permit */
4024 sqp = get_queue(cmnd);
4025 spin_lock_irqsave(&sqp->qc_lock, iflags);
4026 if (unlikely(atomic_read(&sqp->blocked))) {
4027 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4028 return SCSI_MLQUEUE_HOST_BUSY;
4029 }
4030 num_in_q = atomic_read(&devip->num_in_q);
4031 qdepth = cmnd->device->queue_depth;
4032 inject = 0;
4033 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4034 if (scsi_result) {
4035 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4036 goto respond_in_thread;
4037 } else
4038 scsi_result = device_qfull_result;
4039 } else if (unlikely(sdebug_every_nth &&
4040 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4041 (scsi_result == 0))) {
4042 if ((num_in_q == (qdepth - 1)) &&
4043 (atomic_inc_return(&sdebug_a_tsf) >=
4044 abs(sdebug_every_nth))) {
4045 atomic_set(&sdebug_a_tsf, 0);
4046 inject = 1;
4047 scsi_result = device_qfull_result;
4048 }
4049 }
4050
4051 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4052 if (unlikely(k >= sdebug_max_queue)) {
4053 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4054 if (scsi_result)
4055 goto respond_in_thread;
4056 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4057 scsi_result = device_qfull_result;
4058 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4059 sdev_printk(KERN_INFO, sdp,
4060 "%s: max_queue=%d exceeded, %s\n",
4061 __func__, sdebug_max_queue,
4062 (scsi_result ? "status: TASK SET FULL" :
4063 "report: host busy"));
4064 if (scsi_result)
4065 goto respond_in_thread;
4066 else
4067 return SCSI_MLQUEUE_HOST_BUSY;
4068 }
4069 __set_bit(k, sqp->in_use_bm);
4070 atomic_inc(&devip->num_in_q);
4071 sqcp = &sqp->qc_arr[k];
4072 sqcp->a_cmnd = cmnd;
4073 cmnd->host_scribble = (unsigned char *)sqcp;
4074 cmnd->result = scsi_result;
4075 sd_dp = sqcp->sd_dp;
4076 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4077 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4078 setup_inject(sqp, sqcp);
4079 if (delta_jiff > 0 || sdebug_ndelay > 0) {
4080 ktime_t kt;
4081
4082 if (delta_jiff > 0) {
4083 struct timespec ts;
4084
4085 jiffies_to_timespec(delta_jiff, &ts);
4086 kt = ktime_set(ts.tv_sec, ts.tv_nsec);
4087 } else
4088 kt = sdebug_ndelay;
4089 if (NULL == sd_dp) {
4090 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4091 if (NULL == sd_dp)
4092 return SCSI_MLQUEUE_HOST_BUSY;
4093 sqcp->sd_dp = sd_dp;
4094 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4095 HRTIMER_MODE_REL_PINNED);
4096 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4097 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4098 sd_dp->qc_idx = k;
4099 }
4100 if (sdebug_statistics)
4101 sd_dp->issuing_cpu = raw_smp_processor_id();
4102 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4103 } else { /* jdelay < 0, use work queue */
4104 if (NULL == sd_dp) {
4105 sd_dp = kzalloc(sizeof(*sqcp->sd_dp), GFP_ATOMIC);
4106 if (NULL == sd_dp)
4107 return SCSI_MLQUEUE_HOST_BUSY;
4108 sqcp->sd_dp = sd_dp;
4109 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4110 sd_dp->qc_idx = k;
4111 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4112 }
4113 if (sdebug_statistics)
4114 sd_dp->issuing_cpu = raw_smp_processor_id();
4115 schedule_work(&sd_dp->ew.work);
4116 }
4117 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4118 (scsi_result == device_qfull_result)))
4119 sdev_printk(KERN_INFO, sdp,
4120 "%s: num_in_q=%d +1, %s%s\n", __func__,
4121 num_in_q, (inject ? "<inject> " : ""),
4122 "status: TASK SET FULL");
4123 return 0;
4124
4125respond_in_thread: /* call back to mid-layer using invocation thread */
4126 cmnd->result = scsi_result;
4127 cmnd->scsi_done(cmnd);
4128 return 0;
4129}
4130
4131/* Note: The following macros create attribute files in the
4132 /sys/module/scsi_debug/parameters directory. Unfortunately this
4133 driver is unaware of a change and cannot trigger auxiliary actions
4134 as it can when the corresponding attribute in the
4135 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4136 */
4137module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4138module_param_named(ato, sdebug_ato, int, S_IRUGO);
4139module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4140module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4141module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4142module_param_named(dif, sdebug_dif, int, S_IRUGO);
4143module_param_named(dix, sdebug_dix, int, S_IRUGO);
4144module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4145module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4146module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4147module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4148module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4149module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4150module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4151module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4152module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4153module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4154module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4155module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4156module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4157module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4158module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4159module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4160module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4161module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4162module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4163module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4164module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4165module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4166module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4167module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4168module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4169module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4170module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4171module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4172module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4173module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4174module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4175module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4176module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4177module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4178 S_IRUGO | S_IWUSR);
4179module_param_named(write_same_length, sdebug_write_same_length, int,
4180 S_IRUGO | S_IWUSR);
4181
4182MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4183MODULE_DESCRIPTION("SCSI debug adapter driver");
4184MODULE_LICENSE("GPL");
4185MODULE_VERSION(SDEBUG_VERSION);
4186
4187MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4188MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4189MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4190MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4191MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4192MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4193MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4194MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4195MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4196MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4197MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4198MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4199MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4200MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4201MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4202MODULE_PARM_DESC(lbprz,
4203 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4204MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4205MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4206MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4207MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4208MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4209MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4210MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4211MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4212MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4213MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4214MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4215MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4216MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4217MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4218MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4219MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4220MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4221MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4222MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4223MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4224MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4225MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4226MODULE_PARM_DESC(uuid_ctl,
4227 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4228MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4229MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4230MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4231
4232#define SDEBUG_INFO_LEN 256
4233static char sdebug_info[SDEBUG_INFO_LEN];
4234
4235static const char * scsi_debug_info(struct Scsi_Host * shp)
4236{
4237 int k;
4238
4239 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4240 my_name, SDEBUG_VERSION, sdebug_version_date);
4241 if (k >= (SDEBUG_INFO_LEN - 1))
4242 return sdebug_info;
4243 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4244 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4245 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4246 "statistics", (int)sdebug_statistics);
4247 return sdebug_info;
4248}
4249
4250/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4251static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4252 int length)
4253{
4254 char arr[16];
4255 int opts;
4256 int minLen = length > 15 ? 15 : length;
4257
4258 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4259 return -EACCES;
4260 memcpy(arr, buffer, minLen);
4261 arr[minLen] = '\0';
4262 if (1 != sscanf(arr, "%d", &opts))
4263 return -EINVAL;
4264 sdebug_opts = opts;
4265 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4266 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4267 if (sdebug_every_nth != 0)
4268 tweak_cmnd_count();
4269 return length;
4270}
4271
4272/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4273 * same for each scsi_debug host (if more than one). Some of the counters
4274 * output are not atomics so might be inaccurate in a busy system. */
4275static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4276{
4277 int f, j, l;
4278 struct sdebug_queue *sqp;
4279
4280 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4281 SDEBUG_VERSION, sdebug_version_date);
4282 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4283 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4284 sdebug_opts, sdebug_every_nth);
4285 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4286 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4287 sdebug_sector_size, "bytes");
4288 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4289 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4290 num_aborts);
4291 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4292 num_dev_resets, num_target_resets, num_bus_resets,
4293 num_host_resets);
4294 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4295 dix_reads, dix_writes, dif_errors);
4296 seq_printf(m, "usec_in_jiffy=%lu, %s=%d, mq_active=%d\n",
4297 TICK_NSEC / 1000, "statistics", sdebug_statistics,
4298 sdebug_mq_active);
4299 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4300 atomic_read(&sdebug_cmnd_count),
4301 atomic_read(&sdebug_completions),
4302 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4303 atomic_read(&sdebug_a_tsf));
4304
4305 seq_printf(m, "submit_queues=%d\n", submit_queues);
4306 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4307 seq_printf(m, " queue %d:\n", j);
4308 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4309 if (f != sdebug_max_queue) {
4310 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4311 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4312 "first,last bits", f, l);
4313 }
4314 }
4315 return 0;
4316}
4317
4318static ssize_t delay_show(struct device_driver *ddp, char *buf)
4319{
4320 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4321}
4322/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4323 * of delay is jiffies.
4324 */
4325static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4326 size_t count)
4327{
4328 int jdelay, res;
4329
4330 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4331 res = count;
4332 if (sdebug_jdelay != jdelay) {
4333 int j, k;
4334 struct sdebug_queue *sqp;
4335
4336 block_unblock_all_queues(true);
4337 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4338 ++j, ++sqp) {
4339 k = find_first_bit(sqp->in_use_bm,
4340 sdebug_max_queue);
4341 if (k != sdebug_max_queue) {
4342 res = -EBUSY; /* queued commands */
4343 break;
4344 }
4345 }
4346 if (res > 0) {
4347 /* make sure sdebug_defer instances get
4348 * re-allocated for new delay variant */
4349 free_all_queued();
4350 sdebug_jdelay = jdelay;
4351 sdebug_ndelay = 0;
4352 }
4353 block_unblock_all_queues(false);
4354 }
4355 return res;
4356 }
4357 return -EINVAL;
4358}
4359static DRIVER_ATTR_RW(delay);
4360
4361static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4362{
4363 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4364}
4365/* Returns -EBUSY if ndelay is being changed and commands are queued */
4366/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4367static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4368 size_t count)
4369{
4370 int ndelay, res;
4371
4372 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4373 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4374 res = count;
4375 if (sdebug_ndelay != ndelay) {
4376 int j, k;
4377 struct sdebug_queue *sqp;
4378
4379 block_unblock_all_queues(true);
4380 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4381 ++j, ++sqp) {
4382 k = find_first_bit(sqp->in_use_bm,
4383 sdebug_max_queue);
4384 if (k != sdebug_max_queue) {
4385 res = -EBUSY; /* queued commands */
4386 break;
4387 }
4388 }
4389 if (res > 0) {
4390 /* make sure sdebug_defer instances get
4391 * re-allocated for new delay variant */
4392 free_all_queued();
4393 sdebug_ndelay = ndelay;
4394 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4395 : DEF_JDELAY;
4396 }
4397 block_unblock_all_queues(false);
4398 }
4399 return res;
4400 }
4401 return -EINVAL;
4402}
4403static DRIVER_ATTR_RW(ndelay);
4404
4405static ssize_t opts_show(struct device_driver *ddp, char *buf)
4406{
4407 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4408}
4409
4410static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4411 size_t count)
4412{
4413 int opts;
4414 char work[20];
4415
4416 if (1 == sscanf(buf, "%10s", work)) {
4417 if (0 == strncasecmp(work,"0x", 2)) {
4418 if (1 == sscanf(&work[2], "%x", &opts))
4419 goto opts_done;
4420 } else {
4421 if (1 == sscanf(work, "%d", &opts))
4422 goto opts_done;
4423 }
4424 }
4425 return -EINVAL;
4426opts_done:
4427 sdebug_opts = opts;
4428 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4429 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4430 tweak_cmnd_count();
4431 return count;
4432}
4433static DRIVER_ATTR_RW(opts);
4434
4435static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4436{
4437 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4438}
4439static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4440 size_t count)
4441{
4442 int n;
4443
4444 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4445 sdebug_ptype = n;
4446 return count;
4447 }
4448 return -EINVAL;
4449}
4450static DRIVER_ATTR_RW(ptype);
4451
4452static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4453{
4454 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4455}
4456static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4457 size_t count)
4458{
4459 int n;
4460
4461 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4462 sdebug_dsense = n;
4463 return count;
4464 }
4465 return -EINVAL;
4466}
4467static DRIVER_ATTR_RW(dsense);
4468
4469static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4470{
4471 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4472}
4473static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4474 size_t count)
4475{
4476 int n;
4477
4478 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4479 n = (n > 0);
4480 sdebug_fake_rw = (sdebug_fake_rw > 0);
4481 if (sdebug_fake_rw != n) {
4482 if ((0 == n) && (NULL == fake_storep)) {
4483 unsigned long sz =
4484 (unsigned long)sdebug_dev_size_mb *
4485 1048576;
4486
4487 fake_storep = vmalloc(sz);
4488 if (NULL == fake_storep) {
4489 pr_err("out of memory, 9\n");
4490 return -ENOMEM;
4491 }
4492 memset(fake_storep, 0, sz);
4493 }
4494 sdebug_fake_rw = n;
4495 }
4496 return count;
4497 }
4498 return -EINVAL;
4499}
4500static DRIVER_ATTR_RW(fake_rw);
4501
4502static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4503{
4504 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4505}
4506static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4507 size_t count)
4508{
4509 int n;
4510
4511 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4512 sdebug_no_lun_0 = n;
4513 return count;
4514 }
4515 return -EINVAL;
4516}
4517static DRIVER_ATTR_RW(no_lun_0);
4518
4519static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4520{
4521 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4522}
4523static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4524 size_t count)
4525{
4526 int n;
4527
4528 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4529 sdebug_num_tgts = n;
4530 sdebug_max_tgts_luns();
4531 return count;
4532 }
4533 return -EINVAL;
4534}
4535static DRIVER_ATTR_RW(num_tgts);
4536
4537static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4538{
4539 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4540}
4541static DRIVER_ATTR_RO(dev_size_mb);
4542
4543static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4544{
4545 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4546}
4547static DRIVER_ATTR_RO(num_parts);
4548
4549static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4550{
4551 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4552}
4553static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4554 size_t count)
4555{
4556 int nth;
4557
4558 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4559 sdebug_every_nth = nth;
4560 if (nth && !sdebug_statistics) {
4561 pr_info("every_nth needs statistics=1, set it\n");
4562 sdebug_statistics = true;
4563 }
4564 tweak_cmnd_count();
4565 return count;
4566 }
4567 return -EINVAL;
4568}
4569static DRIVER_ATTR_RW(every_nth);
4570
4571static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4572{
4573 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4574}
4575static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4576 size_t count)
4577{
4578 int n;
4579 bool changed;
4580
4581 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4582 if (n > 256) {
4583 pr_warn("max_luns can be no more than 256\n");
4584 return -EINVAL;
4585 }
4586 changed = (sdebug_max_luns != n);
4587 sdebug_max_luns = n;
4588 sdebug_max_tgts_luns();
4589 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4590 struct sdebug_host_info *sdhp;
4591 struct sdebug_dev_info *dp;
4592
4593 spin_lock(&sdebug_host_list_lock);
4594 list_for_each_entry(sdhp, &sdebug_host_list,
4595 host_list) {
4596 list_for_each_entry(dp, &sdhp->dev_info_list,
4597 dev_list) {
4598 set_bit(SDEBUG_UA_LUNS_CHANGED,
4599 dp->uas_bm);
4600 }
4601 }
4602 spin_unlock(&sdebug_host_list_lock);
4603 }
4604 return count;
4605 }
4606 return -EINVAL;
4607}
4608static DRIVER_ATTR_RW(max_luns);
4609
4610static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4611{
4612 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4613}
4614/* N.B. max_queue can be changed while there are queued commands. In flight
4615 * commands beyond the new max_queue will be completed. */
4616static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4617 size_t count)
4618{
4619 int j, n, k, a;
4620 struct sdebug_queue *sqp;
4621
4622 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4623 (n <= SDEBUG_CANQUEUE)) {
4624 block_unblock_all_queues(true);
4625 k = 0;
4626 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4627 ++j, ++sqp) {
4628 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4629 if (a > k)
4630 k = a;
4631 }
4632 sdebug_max_queue = n;
4633 if (k == SDEBUG_CANQUEUE)
4634 atomic_set(&retired_max_queue, 0);
4635 else if (k >= n)
4636 atomic_set(&retired_max_queue, k + 1);
4637 else
4638 atomic_set(&retired_max_queue, 0);
4639 block_unblock_all_queues(false);
4640 return count;
4641 }
4642 return -EINVAL;
4643}
4644static DRIVER_ATTR_RW(max_queue);
4645
4646static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4647{
4648 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4649}
4650static DRIVER_ATTR_RO(no_uld);
4651
4652static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4653{
4654 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4655}
4656static DRIVER_ATTR_RO(scsi_level);
4657
4658static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4659{
4660 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4661}
4662static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4663 size_t count)
4664{
4665 int n;
4666 bool changed;
4667
4668 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4669 changed = (sdebug_virtual_gb != n);
4670 sdebug_virtual_gb = n;
4671 sdebug_capacity = get_sdebug_capacity();
4672 if (changed) {
4673 struct sdebug_host_info *sdhp;
4674 struct sdebug_dev_info *dp;
4675
4676 spin_lock(&sdebug_host_list_lock);
4677 list_for_each_entry(sdhp, &sdebug_host_list,
4678 host_list) {
4679 list_for_each_entry(dp, &sdhp->dev_info_list,
4680 dev_list) {
4681 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4682 dp->uas_bm);
4683 }
4684 }
4685 spin_unlock(&sdebug_host_list_lock);
4686 }
4687 return count;
4688 }
4689 return -EINVAL;
4690}
4691static DRIVER_ATTR_RW(virtual_gb);
4692
4693static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4694{
4695 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4696}
4697
4698static int sdebug_add_adapter(void);
4699static void sdebug_remove_adapter(void);
4700
4701static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4702 size_t count)
4703{
4704 int delta_hosts;
4705
4706 if (sscanf(buf, "%d", &delta_hosts) != 1)
4707 return -EINVAL;
4708 if (delta_hosts > 0) {
4709 do {
4710 sdebug_add_adapter();
4711 } while (--delta_hosts);
4712 } else if (delta_hosts < 0) {
4713 do {
4714 sdebug_remove_adapter();
4715 } while (++delta_hosts);
4716 }
4717 return count;
4718}
4719static DRIVER_ATTR_RW(add_host);
4720
4721static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
4722{
4723 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
4724}
4725static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
4726 size_t count)
4727{
4728 int n;
4729
4730 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4731 sdebug_vpd_use_hostno = n;
4732 return count;
4733 }
4734 return -EINVAL;
4735}
4736static DRIVER_ATTR_RW(vpd_use_hostno);
4737
4738static ssize_t statistics_show(struct device_driver *ddp, char *buf)
4739{
4740 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
4741}
4742static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
4743 size_t count)
4744{
4745 int n;
4746
4747 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
4748 if (n > 0)
4749 sdebug_statistics = true;
4750 else {
4751 clear_queue_stats();
4752 sdebug_statistics = false;
4753 }
4754 return count;
4755 }
4756 return -EINVAL;
4757}
4758static DRIVER_ATTR_RW(statistics);
4759
4760static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
4761{
4762 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
4763}
4764static DRIVER_ATTR_RO(sector_size);
4765
4766static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
4767{
4768 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
4769}
4770static DRIVER_ATTR_RO(submit_queues);
4771
4772static ssize_t dix_show(struct device_driver *ddp, char *buf)
4773{
4774 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
4775}
4776static DRIVER_ATTR_RO(dix);
4777
4778static ssize_t dif_show(struct device_driver *ddp, char *buf)
4779{
4780 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
4781}
4782static DRIVER_ATTR_RO(dif);
4783
4784static ssize_t guard_show(struct device_driver *ddp, char *buf)
4785{
4786 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
4787}
4788static DRIVER_ATTR_RO(guard);
4789
4790static ssize_t ato_show(struct device_driver *ddp, char *buf)
4791{
4792 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
4793}
4794static DRIVER_ATTR_RO(ato);
4795
4796static ssize_t map_show(struct device_driver *ddp, char *buf)
4797{
4798 ssize_t count;
4799
4800 if (!scsi_debug_lbp())
4801 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
4802 sdebug_store_sectors);
4803
4804 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
4805 (int)map_size, map_storep);
4806 buf[count++] = '\n';
4807 buf[count] = '\0';
4808
4809 return count;
4810}
4811static DRIVER_ATTR_RO(map);
4812
4813static ssize_t removable_show(struct device_driver *ddp, char *buf)
4814{
4815 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
4816}
4817static ssize_t removable_store(struct device_driver *ddp, const char *buf,
4818 size_t count)
4819{
4820 int n;
4821
4822 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4823 sdebug_removable = (n > 0);
4824 return count;
4825 }
4826 return -EINVAL;
4827}
4828static DRIVER_ATTR_RW(removable);
4829
4830static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
4831{
4832 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
4833}
4834/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
4835static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
4836 size_t count)
4837{
4838 int n;
4839
4840 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4841 sdebug_host_lock = (n > 0);
4842 return count;
4843 }
4844 return -EINVAL;
4845}
4846static DRIVER_ATTR_RW(host_lock);
4847
4848static ssize_t strict_show(struct device_driver *ddp, char *buf)
4849{
4850 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
4851}
4852static ssize_t strict_store(struct device_driver *ddp, const char *buf,
4853 size_t count)
4854{
4855 int n;
4856
4857 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4858 sdebug_strict = (n > 0);
4859 return count;
4860 }
4861 return -EINVAL;
4862}
4863static DRIVER_ATTR_RW(strict);
4864
4865static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
4866{
4867 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
4868}
4869static DRIVER_ATTR_RO(uuid_ctl);
4870
4871
4872/* Note: The following array creates attribute files in the
4873 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
4874 files (over those found in the /sys/module/scsi_debug/parameters
4875 directory) is that auxiliary actions can be triggered when an attribute
4876 is changed. For example see: sdebug_add_host_store() above.
4877 */
4878
4879static struct attribute *sdebug_drv_attrs[] = {
4880 &driver_attr_delay.attr,
4881 &driver_attr_opts.attr,
4882 &driver_attr_ptype.attr,
4883 &driver_attr_dsense.attr,
4884 &driver_attr_fake_rw.attr,
4885 &driver_attr_no_lun_0.attr,
4886 &driver_attr_num_tgts.attr,
4887 &driver_attr_dev_size_mb.attr,
4888 &driver_attr_num_parts.attr,
4889 &driver_attr_every_nth.attr,
4890 &driver_attr_max_luns.attr,
4891 &driver_attr_max_queue.attr,
4892 &driver_attr_no_uld.attr,
4893 &driver_attr_scsi_level.attr,
4894 &driver_attr_virtual_gb.attr,
4895 &driver_attr_add_host.attr,
4896 &driver_attr_vpd_use_hostno.attr,
4897 &driver_attr_sector_size.attr,
4898 &driver_attr_statistics.attr,
4899 &driver_attr_submit_queues.attr,
4900 &driver_attr_dix.attr,
4901 &driver_attr_dif.attr,
4902 &driver_attr_guard.attr,
4903 &driver_attr_ato.attr,
4904 &driver_attr_map.attr,
4905 &driver_attr_removable.attr,
4906 &driver_attr_host_lock.attr,
4907 &driver_attr_ndelay.attr,
4908 &driver_attr_strict.attr,
4909 &driver_attr_uuid_ctl.attr,
4910 NULL,
4911};
4912ATTRIBUTE_GROUPS(sdebug_drv);
4913
4914static struct device *pseudo_primary;
4915
4916static int __init scsi_debug_init(void)
4917{
4918 unsigned long sz;
4919 int host_to_add;
4920 int k;
4921 int ret;
4922
4923 atomic_set(&retired_max_queue, 0);
4924
4925 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
4926 pr_warn("ndelay must be less than 1 second, ignored\n");
4927 sdebug_ndelay = 0;
4928 } else if (sdebug_ndelay > 0)
4929 sdebug_jdelay = JDELAY_OVERRIDDEN;
4930
4931 switch (sdebug_sector_size) {
4932 case 512:
4933 case 1024:
4934 case 2048:
4935 case 4096:
4936 break;
4937 default:
4938 pr_err("invalid sector_size %d\n", sdebug_sector_size);
4939 return -EINVAL;
4940 }
4941
4942 switch (sdebug_dif) {
4943 case T10_PI_TYPE0_PROTECTION:
4944 break;
4945 case T10_PI_TYPE1_PROTECTION:
4946 case T10_PI_TYPE2_PROTECTION:
4947 case T10_PI_TYPE3_PROTECTION:
4948 have_dif_prot = true;
4949 break;
4950
4951 default:
4952 pr_err("dif must be 0, 1, 2 or 3\n");
4953 return -EINVAL;
4954 }
4955
4956 if (sdebug_guard > 1) {
4957 pr_err("guard must be 0 or 1\n");
4958 return -EINVAL;
4959 }
4960
4961 if (sdebug_ato > 1) {
4962 pr_err("ato must be 0 or 1\n");
4963 return -EINVAL;
4964 }
4965
4966 if (sdebug_physblk_exp > 15) {
4967 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
4968 return -EINVAL;
4969 }
4970 if (sdebug_max_luns > 256) {
4971 pr_warn("max_luns can be no more than 256, use default\n");
4972 sdebug_max_luns = DEF_MAX_LUNS;
4973 }
4974
4975 if (sdebug_lowest_aligned > 0x3fff) {
4976 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
4977 return -EINVAL;
4978 }
4979
4980 if (submit_queues < 1) {
4981 pr_err("submit_queues must be 1 or more\n");
4982 return -EINVAL;
4983 }
4984 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
4985 GFP_KERNEL);
4986 if (sdebug_q_arr == NULL)
4987 return -ENOMEM;
4988 for (k = 0; k < submit_queues; ++k)
4989 spin_lock_init(&sdebug_q_arr[k].qc_lock);
4990
4991 if (sdebug_dev_size_mb < 1)
4992 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
4993 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
4994 sdebug_store_sectors = sz / sdebug_sector_size;
4995 sdebug_capacity = get_sdebug_capacity();
4996
4997 /* play around with geometry, don't waste too much on track 0 */
4998 sdebug_heads = 8;
4999 sdebug_sectors_per = 32;
5000 if (sdebug_dev_size_mb >= 256)
5001 sdebug_heads = 64;
5002 else if (sdebug_dev_size_mb >= 16)
5003 sdebug_heads = 32;
5004 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5005 (sdebug_sectors_per * sdebug_heads);
5006 if (sdebug_cylinders_per >= 1024) {
5007 /* other LLDs do this; implies >= 1GB ram disk ... */
5008 sdebug_heads = 255;
5009 sdebug_sectors_per = 63;
5010 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5011 (sdebug_sectors_per * sdebug_heads);
5012 }
5013
5014 if (sdebug_fake_rw == 0) {
5015 fake_storep = vmalloc(sz);
5016 if (NULL == fake_storep) {
5017 pr_err("out of memory, 1\n");
5018 ret = -ENOMEM;
5019 goto free_q_arr;
5020 }
5021 memset(fake_storep, 0, sz);
5022 if (sdebug_num_parts > 0)
5023 sdebug_build_parts(fake_storep, sz);
5024 }
5025
5026 if (sdebug_dix) {
5027 int dif_size;
5028
5029 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5030 dif_storep = vmalloc(dif_size);
5031
5032 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5033
5034 if (dif_storep == NULL) {
5035 pr_err("out of mem. (DIX)\n");
5036 ret = -ENOMEM;
5037 goto free_vm;
5038 }
5039
5040 memset(dif_storep, 0xff, dif_size);
5041 }
5042
5043 /* Logical Block Provisioning */
5044 if (scsi_debug_lbp()) {
5045 sdebug_unmap_max_blocks =
5046 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5047
5048 sdebug_unmap_max_desc =
5049 clamp(sdebug_unmap_max_desc, 0U, 256U);
5050
5051 sdebug_unmap_granularity =
5052 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5053
5054 if (sdebug_unmap_alignment &&
5055 sdebug_unmap_granularity <=
5056 sdebug_unmap_alignment) {
5057 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5058 ret = -EINVAL;
5059 goto free_vm;
5060 }
5061
5062 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5063 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
5064
5065 pr_info("%lu provisioning blocks\n", map_size);
5066
5067 if (map_storep == NULL) {
5068 pr_err("out of mem. (MAP)\n");
5069 ret = -ENOMEM;
5070 goto free_vm;
5071 }
5072
5073 bitmap_zero(map_storep, map_size);
5074
5075 /* Map first 1KB for partition table */
5076 if (sdebug_num_parts)
5077 map_region(0, 2);
5078 }
5079
5080 pseudo_primary = root_device_register("pseudo_0");
5081 if (IS_ERR(pseudo_primary)) {
5082 pr_warn("root_device_register() error\n");
5083 ret = PTR_ERR(pseudo_primary);
5084 goto free_vm;
5085 }
5086 ret = bus_register(&pseudo_lld_bus);
5087 if (ret < 0) {
5088 pr_warn("bus_register error: %d\n", ret);
5089 goto dev_unreg;
5090 }
5091 ret = driver_register(&sdebug_driverfs_driver);
5092 if (ret < 0) {
5093 pr_warn("driver_register error: %d\n", ret);
5094 goto bus_unreg;
5095 }
5096
5097 host_to_add = sdebug_add_host;
5098 sdebug_add_host = 0;
5099
5100 for (k = 0; k < host_to_add; k++) {
5101 if (sdebug_add_adapter()) {
5102 pr_err("sdebug_add_adapter failed k=%d\n", k);
5103 break;
5104 }
5105 }
5106
5107 if (sdebug_verbose)
5108 pr_info("built %d host(s)\n", sdebug_add_host);
5109
5110 return 0;
5111
5112bus_unreg:
5113 bus_unregister(&pseudo_lld_bus);
5114dev_unreg:
5115 root_device_unregister(pseudo_primary);
5116free_vm:
5117 vfree(map_storep);
5118 vfree(dif_storep);
5119 vfree(fake_storep);
5120free_q_arr:
5121 kfree(sdebug_q_arr);
5122 return ret;
5123}
5124
5125static void __exit scsi_debug_exit(void)
5126{
5127 int k = sdebug_add_host;
5128
5129 stop_all_queued();
5130 free_all_queued();
5131 for (; k; k--)
5132 sdebug_remove_adapter();
5133 driver_unregister(&sdebug_driverfs_driver);
5134 bus_unregister(&pseudo_lld_bus);
5135 root_device_unregister(pseudo_primary);
5136
5137 vfree(map_storep);
5138 vfree(dif_storep);
5139 vfree(fake_storep);
5140 kfree(sdebug_q_arr);
5141}
5142
5143device_initcall(scsi_debug_init);
5144module_exit(scsi_debug_exit);
5145
5146static void sdebug_release_adapter(struct device * dev)
5147{
5148 struct sdebug_host_info *sdbg_host;
5149
5150 sdbg_host = to_sdebug_host(dev);
5151 kfree(sdbg_host);
5152}
5153
5154static int sdebug_add_adapter(void)
5155{
5156 int k, devs_per_host;
5157 int error = 0;
5158 struct sdebug_host_info *sdbg_host;
5159 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5160
5161 sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL);
5162 if (NULL == sdbg_host) {
5163 pr_err("out of memory at line %d\n", __LINE__);
5164 return -ENOMEM;
5165 }
5166
5167 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5168
5169 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5170 for (k = 0; k < devs_per_host; k++) {
5171 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5172 if (!sdbg_devinfo) {
5173 pr_err("out of memory at line %d\n", __LINE__);
5174 error = -ENOMEM;
5175 goto clean;
5176 }
5177 }
5178
5179 spin_lock(&sdebug_host_list_lock);
5180 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5181 spin_unlock(&sdebug_host_list_lock);
5182
5183 sdbg_host->dev.bus = &pseudo_lld_bus;
5184 sdbg_host->dev.parent = pseudo_primary;
5185 sdbg_host->dev.release = &sdebug_release_adapter;
5186 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5187
5188 error = device_register(&sdbg_host->dev);
5189
5190 if (error)
5191 goto clean;
5192
5193 ++sdebug_add_host;
5194 return error;
5195
5196clean:
5197 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5198 dev_list) {
5199 list_del(&sdbg_devinfo->dev_list);
5200 kfree(sdbg_devinfo);
5201 }
5202
5203 kfree(sdbg_host);
5204 return error;
5205}
5206
5207static void sdebug_remove_adapter(void)
5208{
5209 struct sdebug_host_info * sdbg_host = NULL;
5210
5211 spin_lock(&sdebug_host_list_lock);
5212 if (!list_empty(&sdebug_host_list)) {
5213 sdbg_host = list_entry(sdebug_host_list.prev,
5214 struct sdebug_host_info, host_list);
5215 list_del(&sdbg_host->host_list);
5216 }
5217 spin_unlock(&sdebug_host_list_lock);
5218
5219 if (!sdbg_host)
5220 return;
5221
5222 device_unregister(&sdbg_host->dev);
5223 --sdebug_add_host;
5224}
5225
5226static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5227{
5228 int num_in_q = 0;
5229 struct sdebug_dev_info *devip;
5230
5231 block_unblock_all_queues(true);
5232 devip = (struct sdebug_dev_info *)sdev->hostdata;
5233 if (NULL == devip) {
5234 block_unblock_all_queues(false);
5235 return -ENODEV;
5236 }
5237 num_in_q = atomic_read(&devip->num_in_q);
5238
5239 if (qdepth < 1)
5240 qdepth = 1;
5241 /* allow to exceed max host qc_arr elements for testing */
5242 if (qdepth > SDEBUG_CANQUEUE + 10)
5243 qdepth = SDEBUG_CANQUEUE + 10;
5244 scsi_change_queue_depth(sdev, qdepth);
5245
5246 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5247 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5248 __func__, qdepth, num_in_q);
5249 }
5250 block_unblock_all_queues(false);
5251 return sdev->queue_depth;
5252}
5253
5254static bool fake_timeout(struct scsi_cmnd *scp)
5255{
5256 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5257 if (sdebug_every_nth < -1)
5258 sdebug_every_nth = -1;
5259 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5260 return true; /* ignore command causing timeout */
5261 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5262 scsi_medium_access_command(scp))
5263 return true; /* time out reads and writes */
5264 }
5265 return false;
5266}
5267
5268static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5269 struct scsi_cmnd *scp)
5270{
5271 u8 sdeb_i;
5272 struct scsi_device *sdp = scp->device;
5273 const struct opcode_info_t *oip;
5274 const struct opcode_info_t *r_oip;
5275 struct sdebug_dev_info *devip;
5276 u8 *cmd = scp->cmnd;
5277 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5278 int k, na;
5279 int errsts = 0;
5280 u32 flags;
5281 u16 sa;
5282 u8 opcode = cmd[0];
5283 bool has_wlun_rl;
5284
5285 scsi_set_resid(scp, 0);
5286 if (sdebug_statistics)
5287 atomic_inc(&sdebug_cmnd_count);
5288 if (unlikely(sdebug_verbose &&
5289 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5290 char b[120];
5291 int n, len, sb;
5292
5293 len = scp->cmd_len;
5294 sb = (int)sizeof(b);
5295 if (len > 32)
5296 strcpy(b, "too long, over 32 bytes");
5297 else {
5298 for (k = 0, n = 0; k < len && n < sb; ++k)
5299 n += scnprintf(b + n, sb - n, "%02x ",
5300 (u32)cmd[k]);
5301 }
5302 if (sdebug_mq_active)
5303 sdev_printk(KERN_INFO, sdp, "%s: tag=%u, cmd %s\n",
5304 my_name, blk_mq_unique_tag(scp->request),
5305 b);
5306 else
5307 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name,
5308 b);
5309 }
5310 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5311 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5312 goto err_out;
5313
5314 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5315 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5316 devip = (struct sdebug_dev_info *)sdp->hostdata;
5317 if (unlikely(!devip)) {
5318 devip = find_build_dev_info(sdp);
5319 if (NULL == devip)
5320 goto err_out;
5321 }
5322 na = oip->num_attached;
5323 r_pfp = oip->pfp;
5324 if (na) { /* multiple commands with this opcode */
5325 r_oip = oip;
5326 if (FF_SA & r_oip->flags) {
5327 if (F_SA_LOW & oip->flags)
5328 sa = 0x1f & cmd[1];
5329 else
5330 sa = get_unaligned_be16(cmd + 8);
5331 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5332 if (opcode == oip->opcode && sa == oip->sa)
5333 break;
5334 }
5335 } else { /* since no service action only check opcode */
5336 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5337 if (opcode == oip->opcode)
5338 break;
5339 }
5340 }
5341 if (k > na) {
5342 if (F_SA_LOW & r_oip->flags)
5343 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5344 else if (F_SA_HIGH & r_oip->flags)
5345 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5346 else
5347 mk_sense_invalid_opcode(scp);
5348 goto check_cond;
5349 }
5350 } /* else (when na==0) we assume the oip is a match */
5351 flags = oip->flags;
5352 if (unlikely(F_INV_OP & flags)) {
5353 mk_sense_invalid_opcode(scp);
5354 goto check_cond;
5355 }
5356 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5357 if (sdebug_verbose)
5358 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5359 my_name, opcode, " supported for wlun");
5360 mk_sense_invalid_opcode(scp);
5361 goto check_cond;
5362 }
5363 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5364 u8 rem;
5365 int j;
5366
5367 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5368 rem = ~oip->len_mask[k] & cmd[k];
5369 if (rem) {
5370 for (j = 7; j >= 0; --j, rem <<= 1) {
5371 if (0x80 & rem)
5372 break;
5373 }
5374 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5375 goto check_cond;
5376 }
5377 }
5378 }
5379 if (unlikely(!(F_SKIP_UA & flags) &&
5380 find_first_bit(devip->uas_bm,
5381 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5382 errsts = make_ua(scp, devip);
5383 if (errsts)
5384 goto check_cond;
5385 }
5386 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5387 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5388 if (sdebug_verbose)
5389 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5390 "%s\n", my_name, "initializing command "
5391 "required");
5392 errsts = check_condition_result;
5393 goto fini;
5394 }
5395 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5396 goto fini;
5397 if (unlikely(sdebug_every_nth)) {
5398 if (fake_timeout(scp))
5399 return 0; /* ignore command: make trouble */
5400 }
5401 if (likely(oip->pfp))
5402 errsts = oip->pfp(scp, devip); /* calls a resp_* function */
5403 else if (r_pfp) /* if leaf function ptr NULL, try the root's */
5404 errsts = r_pfp(scp, devip);
5405
5406fini:
5407 return schedule_resp(scp, devip, errsts,
5408 ((F_DELAY_OVERR & flags) ? 0 : sdebug_jdelay));
5409check_cond:
5410 return schedule_resp(scp, devip, check_condition_result, 0);
5411err_out:
5412 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, 0);
5413}
5414
5415static struct scsi_host_template sdebug_driver_template = {
5416 .show_info = scsi_debug_show_info,
5417 .write_info = scsi_debug_write_info,
5418 .proc_name = sdebug_proc_name,
5419 .name = "SCSI DEBUG",
5420 .info = scsi_debug_info,
5421 .slave_alloc = scsi_debug_slave_alloc,
5422 .slave_configure = scsi_debug_slave_configure,
5423 .slave_destroy = scsi_debug_slave_destroy,
5424 .ioctl = scsi_debug_ioctl,
5425 .queuecommand = scsi_debug_queuecommand,
5426 .change_queue_depth = sdebug_change_qdepth,
5427 .eh_abort_handler = scsi_debug_abort,
5428 .eh_device_reset_handler = scsi_debug_device_reset,
5429 .eh_target_reset_handler = scsi_debug_target_reset,
5430 .eh_bus_reset_handler = scsi_debug_bus_reset,
5431 .eh_host_reset_handler = scsi_debug_host_reset,
5432 .can_queue = SDEBUG_CANQUEUE,
5433 .this_id = 7,
5434 .sg_tablesize = SG_MAX_SEGMENTS,
5435 .cmd_per_lun = DEF_CMD_PER_LUN,
5436 .max_sectors = -1U,
5437 .use_clustering = DISABLE_CLUSTERING,
5438 .module = THIS_MODULE,
5439 .track_queue_depth = 1,
5440};
5441
5442static int sdebug_driver_probe(struct device * dev)
5443{
5444 int error = 0;
5445 struct sdebug_host_info *sdbg_host;
5446 struct Scsi_Host *hpnt;
5447 int hprot;
5448
5449 sdbg_host = to_sdebug_host(dev);
5450
5451 sdebug_driver_template.can_queue = sdebug_max_queue;
5452 if (sdebug_clustering)
5453 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5454 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5455 if (NULL == hpnt) {
5456 pr_err("scsi_host_alloc failed\n");
5457 error = -ENODEV;
5458 return error;
5459 }
5460 if (submit_queues > nr_cpu_ids) {
5461 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%d\n",
5462 my_name, submit_queues, nr_cpu_ids);
5463 submit_queues = nr_cpu_ids;
5464 }
5465 /* Decide whether to tell scsi subsystem that we want mq */
5466 /* Following should give the same answer for each host */
5467 sdebug_mq_active = shost_use_blk_mq(hpnt) && (submit_queues > 1);
5468 if (sdebug_mq_active)
5469 hpnt->nr_hw_queues = submit_queues;
5470
5471 sdbg_host->shost = hpnt;
5472 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5473 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5474 hpnt->max_id = sdebug_num_tgts + 1;
5475 else
5476 hpnt->max_id = sdebug_num_tgts;
5477 /* = sdebug_max_luns; */
5478 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5479
5480 hprot = 0;
5481
5482 switch (sdebug_dif) {
5483
5484 case T10_PI_TYPE1_PROTECTION:
5485 hprot = SHOST_DIF_TYPE1_PROTECTION;
5486 if (sdebug_dix)
5487 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5488 break;
5489
5490 case T10_PI_TYPE2_PROTECTION:
5491 hprot = SHOST_DIF_TYPE2_PROTECTION;
5492 if (sdebug_dix)
5493 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5494 break;
5495
5496 case T10_PI_TYPE3_PROTECTION:
5497 hprot = SHOST_DIF_TYPE3_PROTECTION;
5498 if (sdebug_dix)
5499 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5500 break;
5501
5502 default:
5503 if (sdebug_dix)
5504 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5505 break;
5506 }
5507
5508 scsi_host_set_prot(hpnt, hprot);
5509
5510 if (have_dif_prot || sdebug_dix)
5511 pr_info("host protection%s%s%s%s%s%s%s\n",
5512 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5513 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5514 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5515 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5516 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5517 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5518 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5519
5520 if (sdebug_guard == 1)
5521 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5522 else
5523 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5524
5525 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5526 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5527 if (sdebug_every_nth) /* need stats counters for every_nth */
5528 sdebug_statistics = true;
5529 error = scsi_add_host(hpnt, &sdbg_host->dev);
5530 if (error) {
5531 pr_err("scsi_add_host failed\n");
5532 error = -ENODEV;
5533 scsi_host_put(hpnt);
5534 } else
5535 scsi_scan_host(hpnt);
5536
5537 return error;
5538}
5539
5540static int sdebug_driver_remove(struct device * dev)
5541{
5542 struct sdebug_host_info *sdbg_host;
5543 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5544
5545 sdbg_host = to_sdebug_host(dev);
5546
5547 if (!sdbg_host) {
5548 pr_err("Unable to locate host info\n");
5549 return -ENODEV;
5550 }
5551
5552 scsi_remove_host(sdbg_host->shost);
5553
5554 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5555 dev_list) {
5556 list_del(&sdbg_devinfo->dev_list);
5557 kfree(sdbg_devinfo);
5558 }
5559
5560 scsi_host_put(sdbg_host->shost);
5561 return 0;
5562}
5563
5564static int pseudo_lld_bus_match(struct device *dev,
5565 struct device_driver *dev_driver)
5566{
5567 return 1;
5568}
5569
5570static struct bus_type pseudo_lld_bus = {
5571 .name = "pseudo",
5572 .match = pseudo_lld_bus_match,
5573 .probe = sdebug_driver_probe,
5574 .remove = sdebug_driver_remove,
5575 .drv_groups = sdebug_drv_groups,
5576};
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2021 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19#include <linux/align.h>
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/fs.h>
27#include <linux/init.h>
28#include <linux/proc_fs.h>
29#include <linux/vmalloc.h>
30#include <linux/moduleparam.h>
31#include <linux/scatterlist.h>
32#include <linux/blkdev.h>
33#include <linux/crc-t10dif.h>
34#include <linux/spinlock.h>
35#include <linux/interrupt.h>
36#include <linux/atomic.h>
37#include <linux/hrtimer.h>
38#include <linux/uuid.h>
39#include <linux/t10-pi.h>
40#include <linux/msdos_partition.h>
41#include <linux/random.h>
42#include <linux/xarray.h>
43#include <linux/prefetch.h>
44
45#include <net/checksum.h>
46
47#include <asm/unaligned.h>
48
49#include <scsi/scsi.h>
50#include <scsi/scsi_cmnd.h>
51#include <scsi/scsi_device.h>
52#include <scsi/scsi_host.h>
53#include <scsi/scsicam.h>
54#include <scsi/scsi_eh.h>
55#include <scsi/scsi_tcq.h>
56#include <scsi/scsi_dbg.h>
57
58#include "sd.h"
59#include "scsi_logging.h"
60
61/* make sure inq_product_rev string corresponds to this version */
62#define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */
63static const char *sdebug_version_date = "20210520";
64
65#define MY_NAME "scsi_debug"
66
67/* Additional Sense Code (ASC) */
68#define NO_ADDITIONAL_SENSE 0x0
69#define LOGICAL_UNIT_NOT_READY 0x4
70#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
71#define UNRECOVERED_READ_ERR 0x11
72#define PARAMETER_LIST_LENGTH_ERR 0x1a
73#define INVALID_OPCODE 0x20
74#define LBA_OUT_OF_RANGE 0x21
75#define INVALID_FIELD_IN_CDB 0x24
76#define INVALID_FIELD_IN_PARAM_LIST 0x26
77#define WRITE_PROTECTED 0x27
78#define UA_RESET_ASC 0x29
79#define UA_CHANGED_ASC 0x2a
80#define TARGET_CHANGED_ASC 0x3f
81#define LUNS_CHANGED_ASCQ 0x0e
82#define INSUFF_RES_ASC 0x55
83#define INSUFF_RES_ASCQ 0x3
84#define POWER_ON_RESET_ASCQ 0x0
85#define POWER_ON_OCCURRED_ASCQ 0x1
86#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88#define CAPACITY_CHANGED_ASCQ 0x9
89#define SAVING_PARAMS_UNSUP 0x39
90#define TRANSPORT_PROBLEM 0x4b
91#define THRESHOLD_EXCEEDED 0x5d
92#define LOW_POWER_COND_ON 0x5e
93#define MISCOMPARE_VERIFY_ASC 0x1d
94#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96#define WRITE_ERROR_ASC 0xc
97#define UNALIGNED_WRITE_ASCQ 0x4
98#define WRITE_BOUNDARY_ASCQ 0x5
99#define READ_INVDATA_ASCQ 0x6
100#define READ_BOUNDARY_ASCQ 0x7
101#define ATTEMPT_ACCESS_GAP 0x9
102#define INSUFF_ZONE_ASCQ 0xe
103
104/* Additional Sense Code Qualifier (ASCQ) */
105#define ACK_NAK_TO 0x3
106
107/* Default values for driver parameters */
108#define DEF_NUM_HOST 1
109#define DEF_NUM_TGTS 1
110#define DEF_MAX_LUNS 1
111/* With these defaults, this driver will make 1 host with 1 target
112 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
113 */
114#define DEF_ATO 1
115#define DEF_CDB_LEN 10
116#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
117#define DEF_DEV_SIZE_PRE_INIT 0
118#define DEF_DEV_SIZE_MB 8
119#define DEF_ZBC_DEV_SIZE_MB 128
120#define DEF_DIF 0
121#define DEF_DIX 0
122#define DEF_PER_HOST_STORE false
123#define DEF_D_SENSE 0
124#define DEF_EVERY_NTH 0
125#define DEF_FAKE_RW 0
126#define DEF_GUARD 0
127#define DEF_HOST_LOCK 0
128#define DEF_LBPU 0
129#define DEF_LBPWS 0
130#define DEF_LBPWS10 0
131#define DEF_LBPRZ 1
132#define DEF_LOWEST_ALIGNED 0
133#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
134#define DEF_NO_LUN_0 0
135#define DEF_NUM_PARTS 0
136#define DEF_OPTS 0
137#define DEF_OPT_BLKS 1024
138#define DEF_PHYSBLK_EXP 0
139#define DEF_OPT_XFERLEN_EXP 0
140#define DEF_PTYPE TYPE_DISK
141#define DEF_RANDOM false
142#define DEF_REMOVABLE false
143#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
144#define DEF_SECTOR_SIZE 512
145#define DEF_UNMAP_ALIGNMENT 0
146#define DEF_UNMAP_GRANULARITY 1
147#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
148#define DEF_UNMAP_MAX_DESC 256
149#define DEF_VIRTUAL_GB 0
150#define DEF_VPD_USE_HOSTNO 1
151#define DEF_WRITESAME_LENGTH 0xFFFF
152#define DEF_STRICT 0
153#define DEF_STATISTICS false
154#define DEF_SUBMIT_QUEUES 1
155#define DEF_TUR_MS_TO_READY 0
156#define DEF_UUID_CTL 0
157#define JDELAY_OVERRIDDEN -9999
158
159/* Default parameters for ZBC drives */
160#define DEF_ZBC_ZONE_SIZE_MB 128
161#define DEF_ZBC_MAX_OPEN_ZONES 8
162#define DEF_ZBC_NR_CONV_ZONES 1
163
164#define SDEBUG_LUN_0_VAL 0
165
166/* bit mask values for sdebug_opts */
167#define SDEBUG_OPT_NOISE 1
168#define SDEBUG_OPT_MEDIUM_ERR 2
169#define SDEBUG_OPT_TIMEOUT 4
170#define SDEBUG_OPT_RECOVERED_ERR 8
171#define SDEBUG_OPT_TRANSPORT_ERR 16
172#define SDEBUG_OPT_DIF_ERR 32
173#define SDEBUG_OPT_DIX_ERR 64
174#define SDEBUG_OPT_MAC_TIMEOUT 128
175#define SDEBUG_OPT_SHORT_TRANSFER 0x100
176#define SDEBUG_OPT_Q_NOISE 0x200
177#define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */
178#define SDEBUG_OPT_RARE_TSF 0x800
179#define SDEBUG_OPT_N_WCE 0x1000
180#define SDEBUG_OPT_RESET_NOISE 0x2000
181#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
182#define SDEBUG_OPT_HOST_BUSY 0x8000
183#define SDEBUG_OPT_CMD_ABORT 0x10000
184#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
185 SDEBUG_OPT_RESET_NOISE)
186#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
187 SDEBUG_OPT_TRANSPORT_ERR | \
188 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
189 SDEBUG_OPT_SHORT_TRANSFER | \
190 SDEBUG_OPT_HOST_BUSY | \
191 SDEBUG_OPT_CMD_ABORT)
192#define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
193 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
194
195/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
196 * priority order. In the subset implemented here lower numbers have higher
197 * priority. The UA numbers should be a sequence starting from 0 with
198 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
199#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
200#define SDEBUG_UA_POOCCUR 1 /* Power on occurred */
201#define SDEBUG_UA_BUS_RESET 2
202#define SDEBUG_UA_MODE_CHANGED 3
203#define SDEBUG_UA_CAPACITY_CHANGED 4
204#define SDEBUG_UA_LUNS_CHANGED 5
205#define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */
206#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7
207#define SDEBUG_NUM_UAS 8
208
209/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
210 * sector on read commands: */
211#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
212#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
213
214/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
215 * (for response) per submit queue at one time. Can be reduced by max_queue
216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
217 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
219 * but cannot exceed SDEBUG_CANQUEUE .
220 */
221#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
222#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
223#define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
224
225/* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
226#define F_D_IN 1 /* Data-in command (e.g. READ) */
227#define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
228#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
229#define F_D_UNKN 8
230#define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
231#define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
232#define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
233#define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
234#define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
235#define F_INV_OP 0x200 /* invalid opcode (not supported) */
236#define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
237#define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
238#define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
239#define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
240
241/* Useful combinations of the above flags */
242#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
243#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
244#define FF_SA (F_SA_HIGH | F_SA_LOW)
245#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
246
247#define SDEBUG_MAX_PARTS 4
248
249#define SDEBUG_MAX_CMD_LEN 32
250
251#define SDEB_XA_NOT_IN_USE XA_MARK_1
252
253/* Zone types (zbcr05 table 25) */
254enum sdebug_z_type {
255 ZBC_ZTYPE_CNV = 0x1,
256 ZBC_ZTYPE_SWR = 0x2,
257 ZBC_ZTYPE_SWP = 0x3,
258 /* ZBC_ZTYPE_SOBR = 0x4, */
259 ZBC_ZTYPE_GAP = 0x5,
260};
261
262/* enumeration names taken from table 26, zbcr05 */
263enum sdebug_z_cond {
264 ZBC_NOT_WRITE_POINTER = 0x0,
265 ZC1_EMPTY = 0x1,
266 ZC2_IMPLICIT_OPEN = 0x2,
267 ZC3_EXPLICIT_OPEN = 0x3,
268 ZC4_CLOSED = 0x4,
269 ZC6_READ_ONLY = 0xd,
270 ZC5_FULL = 0xe,
271 ZC7_OFFLINE = 0xf,
272};
273
274struct sdeb_zone_state { /* ZBC: per zone state */
275 enum sdebug_z_type z_type;
276 enum sdebug_z_cond z_cond;
277 bool z_non_seq_resource;
278 unsigned int z_size;
279 sector_t z_start;
280 sector_t z_wp;
281};
282
283struct sdebug_dev_info {
284 struct list_head dev_list;
285 unsigned int channel;
286 unsigned int target;
287 u64 lun;
288 uuid_t lu_name;
289 struct sdebug_host_info *sdbg_host;
290 unsigned long uas_bm[1];
291 atomic_t num_in_q;
292 atomic_t stopped; /* 1: by SSU, 2: device start */
293 bool used;
294
295 /* For ZBC devices */
296 enum blk_zoned_model zmodel;
297 unsigned int zcap;
298 unsigned int zsize;
299 unsigned int zsize_shift;
300 unsigned int nr_zones;
301 unsigned int nr_conv_zones;
302 unsigned int nr_seq_zones;
303 unsigned int nr_imp_open;
304 unsigned int nr_exp_open;
305 unsigned int nr_closed;
306 unsigned int max_open;
307 ktime_t create_ts; /* time since bootup that this device was created */
308 struct sdeb_zone_state *zstate;
309};
310
311struct sdebug_host_info {
312 struct list_head host_list;
313 int si_idx; /* sdeb_store_info (per host) xarray index */
314 struct Scsi_Host *shost;
315 struct device dev;
316 struct list_head dev_info_list;
317};
318
319/* There is an xarray of pointers to this struct's objects, one per host */
320struct sdeb_store_info {
321 rwlock_t macc_lck; /* for atomic media access on this store */
322 u8 *storep; /* user data storage (ram) */
323 struct t10_pi_tuple *dif_storep; /* protection info */
324 void *map_storep; /* provisioning map */
325};
326
327#define to_sdebug_host(d) \
328 container_of(d, struct sdebug_host_info, dev)
329
330enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
331 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
332
333struct sdebug_defer {
334 struct hrtimer hrt;
335 struct execute_work ew;
336 ktime_t cmpl_ts;/* time since boot to complete this cmd */
337 int sqa_idx; /* index of sdebug_queue array */
338 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
339 int hc_idx; /* hostwide tag index */
340 int issuing_cpu;
341 bool init_hrt;
342 bool init_wq;
343 bool init_poll;
344 bool aborted; /* true when blk_abort_request() already called */
345 enum sdeb_defer_type defer_t;
346};
347
348struct sdebug_queued_cmd {
349 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
350 * instance indicates this slot is in use.
351 */
352 struct sdebug_defer *sd_dp;
353 struct scsi_cmnd *a_cmnd;
354};
355
356struct sdebug_queue {
357 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
358 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
359 spinlock_t qc_lock;
360 atomic_t blocked; /* to temporarily stop more being queued */
361};
362
363static atomic_t sdebug_cmnd_count; /* number of incoming commands */
364static atomic_t sdebug_completions; /* count of deferred completions */
365static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
366static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
367static atomic_t sdeb_inject_pending;
368static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
369
370struct opcode_info_t {
371 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
372 /* for terminating element */
373 u8 opcode; /* if num_attached > 0, preferred */
374 u16 sa; /* service action */
375 u32 flags; /* OR-ed set of SDEB_F_* */
376 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
377 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
378 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
379 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
380};
381
382/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
383enum sdeb_opcode_index {
384 SDEB_I_INVALID_OPCODE = 0,
385 SDEB_I_INQUIRY = 1,
386 SDEB_I_REPORT_LUNS = 2,
387 SDEB_I_REQUEST_SENSE = 3,
388 SDEB_I_TEST_UNIT_READY = 4,
389 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
390 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
391 SDEB_I_LOG_SENSE = 7,
392 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
393 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
394 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
395 SDEB_I_START_STOP = 11,
396 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
397 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
398 SDEB_I_MAINT_IN = 14,
399 SDEB_I_MAINT_OUT = 15,
400 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
401 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
402 SDEB_I_RESERVE = 18, /* 6, 10 */
403 SDEB_I_RELEASE = 19, /* 6, 10 */
404 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
405 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
406 SDEB_I_ATA_PT = 22, /* 12, 16 */
407 SDEB_I_SEND_DIAG = 23,
408 SDEB_I_UNMAP = 24,
409 SDEB_I_WRITE_BUFFER = 25,
410 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
411 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
412 SDEB_I_COMP_WRITE = 28,
413 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
414 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
415 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
416 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
417};
418
419
420static const unsigned char opcode_ind_arr[256] = {
421/* 0x0; 0x0->0x1f: 6 byte cdbs */
422 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
423 0, 0, 0, 0,
424 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
425 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
426 SDEB_I_RELEASE,
427 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
428 SDEB_I_ALLOW_REMOVAL, 0,
429/* 0x20; 0x20->0x3f: 10 byte cdbs */
430 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
431 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
432 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
433 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
434/* 0x40; 0x40->0x5f: 10 byte cdbs */
435 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
436 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
437 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
438 SDEB_I_RELEASE,
439 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
440/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
441 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
442 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
443 0, SDEB_I_VARIABLE_LEN,
444/* 0x80; 0x80->0x9f: 16 byte cdbs */
445 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
446 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
447 0, 0, 0, SDEB_I_VERIFY,
448 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
449 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
450 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
451/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
452 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
453 SDEB_I_MAINT_OUT, 0, 0, 0,
454 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
455 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
456 0, 0, 0, 0, 0, 0, 0, 0,
457 0, 0, 0, 0, 0, 0, 0, 0,
458/* 0xc0; 0xc0->0xff: vendor specific */
459 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
460 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
461 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
462 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
463};
464
465/*
466 * The following "response" functions return the SCSI mid-level's 4 byte
467 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
468 * command completion, they can mask their return value with
469 * SDEG_RES_IMMED_MASK .
470 */
471#define SDEG_RES_IMMED_MASK 0x40000000
472
473static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
474static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
475static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
476static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
477static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
478static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
479static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
480static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
481static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
482static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
483static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
484static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
485static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
486static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
487static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
488static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
489static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
490static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
491static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
492static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
493static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
494static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
495static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
496static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
497static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
498static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
499static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
500static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
501static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
502
503static int sdebug_do_add_host(bool mk_new_store);
504static int sdebug_add_host_helper(int per_host_idx);
505static void sdebug_do_remove_host(bool the_end);
506static int sdebug_add_store(void);
507static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
508static void sdebug_erase_all_stores(bool apart_from_first);
509
510/*
511 * The following are overflow arrays for cdbs that "hit" the same index in
512 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
513 * should be placed in opcode_info_arr[], the others should be placed here.
514 */
515static const struct opcode_info_t msense_iarr[] = {
516 {0, 0x1a, 0, F_D_IN, NULL, NULL,
517 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
518};
519
520static const struct opcode_info_t mselect_iarr[] = {
521 {0, 0x15, 0, F_D_OUT, NULL, NULL,
522 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
523};
524
525static const struct opcode_info_t read_iarr[] = {
526 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
527 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
528 0, 0, 0, 0} },
529 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
530 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
531 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
532 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
533 0xc7, 0, 0, 0, 0} },
534};
535
536static const struct opcode_info_t write_iarr[] = {
537 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
538 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
539 0, 0, 0, 0, 0, 0} },
540 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
541 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
542 0, 0, 0} },
543 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
544 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
545 0xbf, 0xc7, 0, 0, 0, 0} },
546};
547
548static const struct opcode_info_t verify_iarr[] = {
549 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
550 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
551 0, 0, 0, 0, 0, 0} },
552};
553
554static const struct opcode_info_t sa_in_16_iarr[] = {
555 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
556 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
557 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
558};
559
560static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
561 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
562 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
563 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
564 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
565 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
566 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
567};
568
569static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
570 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
571 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
572 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
573 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
574 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
575 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
576};
577
578static const struct opcode_info_t write_same_iarr[] = {
579 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
580 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
581 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
582};
583
584static const struct opcode_info_t reserve_iarr[] = {
585 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
586 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
587};
588
589static const struct opcode_info_t release_iarr[] = {
590 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
591 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
592};
593
594static const struct opcode_info_t sync_cache_iarr[] = {
595 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
596 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
597 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
598};
599
600static const struct opcode_info_t pre_fetch_iarr[] = {
601 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
602 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
603 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
604};
605
606static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
607 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
608 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
609 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
610 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
611 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
612 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
613 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
614 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
615 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
616};
617
618static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
619 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
620 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
621 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
622};
623
624
625/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
626 * plus the terminating elements for logic that scans this table such as
627 * REPORT SUPPORTED OPERATION CODES. */
628static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
629/* 0 */
630 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
631 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
632 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
633 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
634 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
635 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
636 0, 0} }, /* REPORT LUNS */
637 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
638 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
639 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
640 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
641/* 5 */
642 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
643 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
644 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
645 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
646 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
647 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
648 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
649 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
650 0, 0, 0} },
651 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
652 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
653 0, 0} },
654 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
655 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
656 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
657/* 10 */
658 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
659 resp_write_dt0, write_iarr, /* WRITE(16) */
660 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
661 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
662 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
663 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
664 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
665 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
666 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
667 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
668 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
669 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
670 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
671 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
672 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
673 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
674 0xff, 0, 0xc7, 0, 0, 0, 0} },
675/* 15 */
676 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
677 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
678 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
679 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
680 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
681 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
682 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
683 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
684 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
685 0xff, 0xff} },
686 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
687 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
688 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
689 0} },
690 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
691 NULL, release_iarr, /* RELEASE(10) <no response function> */
692 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
693 0} },
694/* 20 */
695 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
696 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
697 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
698 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
699 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
700 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
701 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
702 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
703 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
704 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
705/* 25 */
706 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
707 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
708 0, 0, 0, 0} }, /* WRITE_BUFFER */
709 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
710 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
711 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
712 0, 0, 0, 0, 0} },
713 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
714 resp_sync_cache, sync_cache_iarr,
715 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
716 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
717 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
718 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
719 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
720 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
721 resp_pre_fetch, pre_fetch_iarr,
722 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
723 0, 0, 0, 0} }, /* PRE-FETCH (10) */
724
725/* 30 */
726 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
727 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
728 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
729 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
730 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
731 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
732 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
733 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
734/* sentinel */
735 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
736 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
737};
738
739static int sdebug_num_hosts;
740static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
741static int sdebug_ato = DEF_ATO;
742static int sdebug_cdb_len = DEF_CDB_LEN;
743static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
744static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
745static int sdebug_dif = DEF_DIF;
746static int sdebug_dix = DEF_DIX;
747static int sdebug_dsense = DEF_D_SENSE;
748static int sdebug_every_nth = DEF_EVERY_NTH;
749static int sdebug_fake_rw = DEF_FAKE_RW;
750static unsigned int sdebug_guard = DEF_GUARD;
751static int sdebug_host_max_queue; /* per host */
752static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
753static int sdebug_max_luns = DEF_MAX_LUNS;
754static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
755static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
756static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
757static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
758static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
759static int sdebug_no_lun_0 = DEF_NO_LUN_0;
760static int sdebug_no_uld;
761static int sdebug_num_parts = DEF_NUM_PARTS;
762static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
763static int sdebug_opt_blks = DEF_OPT_BLKS;
764static int sdebug_opts = DEF_OPTS;
765static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
766static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
767static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
768static int sdebug_scsi_level = DEF_SCSI_LEVEL;
769static int sdebug_sector_size = DEF_SECTOR_SIZE;
770static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
771static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
772static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
773static unsigned int sdebug_lbpu = DEF_LBPU;
774static unsigned int sdebug_lbpws = DEF_LBPWS;
775static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
776static unsigned int sdebug_lbprz = DEF_LBPRZ;
777static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
778static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
779static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
780static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
781static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
782static int sdebug_uuid_ctl = DEF_UUID_CTL;
783static bool sdebug_random = DEF_RANDOM;
784static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
785static bool sdebug_removable = DEF_REMOVABLE;
786static bool sdebug_clustering;
787static bool sdebug_host_lock = DEF_HOST_LOCK;
788static bool sdebug_strict = DEF_STRICT;
789static bool sdebug_any_injecting_opt;
790static bool sdebug_no_rwlock;
791static bool sdebug_verbose;
792static bool have_dif_prot;
793static bool write_since_sync;
794static bool sdebug_statistics = DEF_STATISTICS;
795static bool sdebug_wp;
796/* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */
797static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE;
798static char *sdeb_zbc_model_s;
799
800enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
801 SAM_LUN_AM_FLAT = 0x1,
802 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
803 SAM_LUN_AM_EXTENDED = 0x3};
804static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
805static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
806
807static unsigned int sdebug_store_sectors;
808static sector_t sdebug_capacity; /* in sectors */
809
810/* old BIOS stuff, kernel may get rid of them but some mode sense pages
811 may still need them */
812static int sdebug_heads; /* heads per disk */
813static int sdebug_cylinders_per; /* cylinders per surface */
814static int sdebug_sectors_per; /* sectors per cylinder */
815
816static LIST_HEAD(sdebug_host_list);
817static DEFINE_SPINLOCK(sdebug_host_list_lock);
818
819static struct xarray per_store_arr;
820static struct xarray *per_store_ap = &per_store_arr;
821static int sdeb_first_idx = -1; /* invalid index ==> none created */
822static int sdeb_most_recent_idx = -1;
823static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
824
825static unsigned long map_size;
826static int num_aborts;
827static int num_dev_resets;
828static int num_target_resets;
829static int num_bus_resets;
830static int num_host_resets;
831static int dix_writes;
832static int dix_reads;
833static int dif_errors;
834
835/* ZBC global data */
836static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
837static int sdeb_zbc_zone_cap_mb;
838static int sdeb_zbc_zone_size_mb;
839static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
840static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
841
842static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
843static int poll_queues; /* iouring iopoll interface.*/
844static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
845
846static DEFINE_RWLOCK(atomic_rw);
847static DEFINE_RWLOCK(atomic_rw2);
848
849static rwlock_t *ramdisk_lck_a[2];
850
851static char sdebug_proc_name[] = MY_NAME;
852static const char *my_name = MY_NAME;
853
854static struct bus_type pseudo_lld_bus;
855
856static struct device_driver sdebug_driverfs_driver = {
857 .name = sdebug_proc_name,
858 .bus = &pseudo_lld_bus,
859};
860
861static const int check_condition_result =
862 SAM_STAT_CHECK_CONDITION;
863
864static const int illegal_condition_result =
865 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
866
867static const int device_qfull_result =
868 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL;
869
870static const int condition_met_result = SAM_STAT_CONDITION_MET;
871
872
873/* Only do the extra work involved in logical block provisioning if one or
874 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
875 * real reads and writes (i.e. not skipping them for speed).
876 */
877static inline bool scsi_debug_lbp(void)
878{
879 return 0 == sdebug_fake_rw &&
880 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
881}
882
883static void *lba2fake_store(struct sdeb_store_info *sip,
884 unsigned long long lba)
885{
886 struct sdeb_store_info *lsip = sip;
887
888 lba = do_div(lba, sdebug_store_sectors);
889 if (!sip || !sip->storep) {
890 WARN_ON_ONCE(true);
891 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
892 }
893 return lsip->storep + lba * sdebug_sector_size;
894}
895
896static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
897 sector_t sector)
898{
899 sector = sector_div(sector, sdebug_store_sectors);
900
901 return sip->dif_storep + sector;
902}
903
904static void sdebug_max_tgts_luns(void)
905{
906 struct sdebug_host_info *sdbg_host;
907 struct Scsi_Host *hpnt;
908
909 spin_lock(&sdebug_host_list_lock);
910 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
911 hpnt = sdbg_host->shost;
912 if ((hpnt->this_id >= 0) &&
913 (sdebug_num_tgts > hpnt->this_id))
914 hpnt->max_id = sdebug_num_tgts + 1;
915 else
916 hpnt->max_id = sdebug_num_tgts;
917 /* sdebug_max_luns; */
918 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
919 }
920 spin_unlock(&sdebug_host_list_lock);
921}
922
923enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
924
925/* Set in_bit to -1 to indicate no bit position of invalid field */
926static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
927 enum sdeb_cmd_data c_d,
928 int in_byte, int in_bit)
929{
930 unsigned char *sbuff;
931 u8 sks[4];
932 int sl, asc;
933
934 sbuff = scp->sense_buffer;
935 if (!sbuff) {
936 sdev_printk(KERN_ERR, scp->device,
937 "%s: sense_buffer is NULL\n", __func__);
938 return;
939 }
940 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
941 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
942 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
943 memset(sks, 0, sizeof(sks));
944 sks[0] = 0x80;
945 if (c_d)
946 sks[0] |= 0x40;
947 if (in_bit >= 0) {
948 sks[0] |= 0x8;
949 sks[0] |= 0x7 & in_bit;
950 }
951 put_unaligned_be16(in_byte, sks + 1);
952 if (sdebug_dsense) {
953 sl = sbuff[7] + 8;
954 sbuff[7] = sl;
955 sbuff[sl] = 0x2;
956 sbuff[sl + 1] = 0x6;
957 memcpy(sbuff + sl + 4, sks, 3);
958 } else
959 memcpy(sbuff + 15, sks, 3);
960 if (sdebug_verbose)
961 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
962 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
963 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
964}
965
966static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
967{
968 if (!scp->sense_buffer) {
969 sdev_printk(KERN_ERR, scp->device,
970 "%s: sense_buffer is NULL\n", __func__);
971 return;
972 }
973 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
974
975 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
976
977 if (sdebug_verbose)
978 sdev_printk(KERN_INFO, scp->device,
979 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
980 my_name, key, asc, asq);
981}
982
983static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
984{
985 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
986}
987
988static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
989 void __user *arg)
990{
991 if (sdebug_verbose) {
992 if (0x1261 == cmd)
993 sdev_printk(KERN_INFO, dev,
994 "%s: BLKFLSBUF [0x1261]\n", __func__);
995 else if (0x5331 == cmd)
996 sdev_printk(KERN_INFO, dev,
997 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
998 __func__);
999 else
1000 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
1001 __func__, cmd);
1002 }
1003 return -EINVAL;
1004 /* return -ENOTTY; // correct return but upsets fdisk */
1005}
1006
1007static void config_cdb_len(struct scsi_device *sdev)
1008{
1009 switch (sdebug_cdb_len) {
1010 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1011 sdev->use_10_for_rw = false;
1012 sdev->use_16_for_rw = false;
1013 sdev->use_10_for_ms = false;
1014 break;
1015 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1016 sdev->use_10_for_rw = true;
1017 sdev->use_16_for_rw = false;
1018 sdev->use_10_for_ms = false;
1019 break;
1020 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1021 sdev->use_10_for_rw = true;
1022 sdev->use_16_for_rw = false;
1023 sdev->use_10_for_ms = true;
1024 break;
1025 case 16:
1026 sdev->use_10_for_rw = false;
1027 sdev->use_16_for_rw = true;
1028 sdev->use_10_for_ms = true;
1029 break;
1030 case 32: /* No knobs to suggest this so same as 16 for now */
1031 sdev->use_10_for_rw = false;
1032 sdev->use_16_for_rw = true;
1033 sdev->use_10_for_ms = true;
1034 break;
1035 default:
1036 pr_warn("unexpected cdb_len=%d, force to 10\n",
1037 sdebug_cdb_len);
1038 sdev->use_10_for_rw = true;
1039 sdev->use_16_for_rw = false;
1040 sdev->use_10_for_ms = false;
1041 sdebug_cdb_len = 10;
1042 break;
1043 }
1044}
1045
1046static void all_config_cdb_len(void)
1047{
1048 struct sdebug_host_info *sdbg_host;
1049 struct Scsi_Host *shost;
1050 struct scsi_device *sdev;
1051
1052 spin_lock(&sdebug_host_list_lock);
1053 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1054 shost = sdbg_host->shost;
1055 shost_for_each_device(sdev, shost) {
1056 config_cdb_len(sdev);
1057 }
1058 }
1059 spin_unlock(&sdebug_host_list_lock);
1060}
1061
1062static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1063{
1064 struct sdebug_host_info *sdhp;
1065 struct sdebug_dev_info *dp;
1066
1067 spin_lock(&sdebug_host_list_lock);
1068 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
1069 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1070 if ((devip->sdbg_host == dp->sdbg_host) &&
1071 (devip->target == dp->target))
1072 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1073 }
1074 }
1075 spin_unlock(&sdebug_host_list_lock);
1076}
1077
1078static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1079{
1080 int k;
1081
1082 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1083 if (k != SDEBUG_NUM_UAS) {
1084 const char *cp = NULL;
1085
1086 switch (k) {
1087 case SDEBUG_UA_POR:
1088 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1089 POWER_ON_RESET_ASCQ);
1090 if (sdebug_verbose)
1091 cp = "power on reset";
1092 break;
1093 case SDEBUG_UA_POOCCUR:
1094 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1095 POWER_ON_OCCURRED_ASCQ);
1096 if (sdebug_verbose)
1097 cp = "power on occurred";
1098 break;
1099 case SDEBUG_UA_BUS_RESET:
1100 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1101 BUS_RESET_ASCQ);
1102 if (sdebug_verbose)
1103 cp = "bus reset";
1104 break;
1105 case SDEBUG_UA_MODE_CHANGED:
1106 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1107 MODE_CHANGED_ASCQ);
1108 if (sdebug_verbose)
1109 cp = "mode parameters changed";
1110 break;
1111 case SDEBUG_UA_CAPACITY_CHANGED:
1112 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1113 CAPACITY_CHANGED_ASCQ);
1114 if (sdebug_verbose)
1115 cp = "capacity data changed";
1116 break;
1117 case SDEBUG_UA_MICROCODE_CHANGED:
1118 mk_sense_buffer(scp, UNIT_ATTENTION,
1119 TARGET_CHANGED_ASC,
1120 MICROCODE_CHANGED_ASCQ);
1121 if (sdebug_verbose)
1122 cp = "microcode has been changed";
1123 break;
1124 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1125 mk_sense_buffer(scp, UNIT_ATTENTION,
1126 TARGET_CHANGED_ASC,
1127 MICROCODE_CHANGED_WO_RESET_ASCQ);
1128 if (sdebug_verbose)
1129 cp = "microcode has been changed without reset";
1130 break;
1131 case SDEBUG_UA_LUNS_CHANGED:
1132 /*
1133 * SPC-3 behavior is to report a UNIT ATTENTION with
1134 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1135 * on the target, until a REPORT LUNS command is
1136 * received. SPC-4 behavior is to report it only once.
1137 * NOTE: sdebug_scsi_level does not use the same
1138 * values as struct scsi_device->scsi_level.
1139 */
1140 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1141 clear_luns_changed_on_target(devip);
1142 mk_sense_buffer(scp, UNIT_ATTENTION,
1143 TARGET_CHANGED_ASC,
1144 LUNS_CHANGED_ASCQ);
1145 if (sdebug_verbose)
1146 cp = "reported luns data has changed";
1147 break;
1148 default:
1149 pr_warn("unexpected unit attention code=%d\n", k);
1150 if (sdebug_verbose)
1151 cp = "unknown";
1152 break;
1153 }
1154 clear_bit(k, devip->uas_bm);
1155 if (sdebug_verbose)
1156 sdev_printk(KERN_INFO, scp->device,
1157 "%s reports: Unit attention: %s\n",
1158 my_name, cp);
1159 return check_condition_result;
1160 }
1161 return 0;
1162}
1163
1164/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1165static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1166 int arr_len)
1167{
1168 int act_len;
1169 struct scsi_data_buffer *sdb = &scp->sdb;
1170
1171 if (!sdb->length)
1172 return 0;
1173 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1174 return DID_ERROR << 16;
1175
1176 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1177 arr, arr_len);
1178 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1179
1180 return 0;
1181}
1182
1183/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1184 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1185 * calls, not required to write in ascending offset order. Assumes resid
1186 * set to scsi_bufflen() prior to any calls.
1187 */
1188static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1189 int arr_len, unsigned int off_dst)
1190{
1191 unsigned int act_len, n;
1192 struct scsi_data_buffer *sdb = &scp->sdb;
1193 off_t skip = off_dst;
1194
1195 if (sdb->length <= off_dst)
1196 return 0;
1197 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1198 return DID_ERROR << 16;
1199
1200 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1201 arr, arr_len, skip);
1202 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1203 __func__, off_dst, scsi_bufflen(scp), act_len,
1204 scsi_get_resid(scp));
1205 n = scsi_bufflen(scp) - (off_dst + act_len);
1206 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n));
1207 return 0;
1208}
1209
1210/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1211 * 'arr' or -1 if error.
1212 */
1213static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1214 int arr_len)
1215{
1216 if (!scsi_bufflen(scp))
1217 return 0;
1218 if (scp->sc_data_direction != DMA_TO_DEVICE)
1219 return -1;
1220
1221 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1222}
1223
1224
1225static char sdebug_inq_vendor_id[9] = "Linux ";
1226static char sdebug_inq_product_id[17] = "scsi_debug ";
1227static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1228/* Use some locally assigned NAAs for SAS addresses. */
1229static const u64 naa3_comp_a = 0x3222222000000000ULL;
1230static const u64 naa3_comp_b = 0x3333333000000000ULL;
1231static const u64 naa3_comp_c = 0x3111111000000000ULL;
1232
1233/* Device identification VPD page. Returns number of bytes placed in arr */
1234static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1235 int target_dev_id, int dev_id_num,
1236 const char *dev_id_str, int dev_id_str_len,
1237 const uuid_t *lu_name)
1238{
1239 int num, port_a;
1240 char b[32];
1241
1242 port_a = target_dev_id + 1;
1243 /* T10 vendor identifier field format (faked) */
1244 arr[0] = 0x2; /* ASCII */
1245 arr[1] = 0x1;
1246 arr[2] = 0x0;
1247 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1248 memcpy(&arr[12], sdebug_inq_product_id, 16);
1249 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1250 num = 8 + 16 + dev_id_str_len;
1251 arr[3] = num;
1252 num += 4;
1253 if (dev_id_num >= 0) {
1254 if (sdebug_uuid_ctl) {
1255 /* Locally assigned UUID */
1256 arr[num++] = 0x1; /* binary (not necessarily sas) */
1257 arr[num++] = 0xa; /* PIV=0, lu, naa */
1258 arr[num++] = 0x0;
1259 arr[num++] = 0x12;
1260 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1261 arr[num++] = 0x0;
1262 memcpy(arr + num, lu_name, 16);
1263 num += 16;
1264 } else {
1265 /* NAA-3, Logical unit identifier (binary) */
1266 arr[num++] = 0x1; /* binary (not necessarily sas) */
1267 arr[num++] = 0x3; /* PIV=0, lu, naa */
1268 arr[num++] = 0x0;
1269 arr[num++] = 0x8;
1270 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1271 num += 8;
1272 }
1273 /* Target relative port number */
1274 arr[num++] = 0x61; /* proto=sas, binary */
1275 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1276 arr[num++] = 0x0; /* reserved */
1277 arr[num++] = 0x4; /* length */
1278 arr[num++] = 0x0; /* reserved */
1279 arr[num++] = 0x0; /* reserved */
1280 arr[num++] = 0x0;
1281 arr[num++] = 0x1; /* relative port A */
1282 }
1283 /* NAA-3, Target port identifier */
1284 arr[num++] = 0x61; /* proto=sas, binary */
1285 arr[num++] = 0x93; /* piv=1, target port, naa */
1286 arr[num++] = 0x0;
1287 arr[num++] = 0x8;
1288 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1289 num += 8;
1290 /* NAA-3, Target port group identifier */
1291 arr[num++] = 0x61; /* proto=sas, binary */
1292 arr[num++] = 0x95; /* piv=1, target port group id */
1293 arr[num++] = 0x0;
1294 arr[num++] = 0x4;
1295 arr[num++] = 0;
1296 arr[num++] = 0;
1297 put_unaligned_be16(port_group_id, arr + num);
1298 num += 2;
1299 /* NAA-3, Target device identifier */
1300 arr[num++] = 0x61; /* proto=sas, binary */
1301 arr[num++] = 0xa3; /* piv=1, target device, naa */
1302 arr[num++] = 0x0;
1303 arr[num++] = 0x8;
1304 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1305 num += 8;
1306 /* SCSI name string: Target device identifier */
1307 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1308 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1309 arr[num++] = 0x0;
1310 arr[num++] = 24;
1311 memcpy(arr + num, "naa.32222220", 12);
1312 num += 12;
1313 snprintf(b, sizeof(b), "%08X", target_dev_id);
1314 memcpy(arr + num, b, 8);
1315 num += 8;
1316 memset(arr + num, 0, 4);
1317 num += 4;
1318 return num;
1319}
1320
1321static unsigned char vpd84_data[] = {
1322/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1323 0x22,0x22,0x22,0x0,0xbb,0x1,
1324 0x22,0x22,0x22,0x0,0xbb,0x2,
1325};
1326
1327/* Software interface identification VPD page */
1328static int inquiry_vpd_84(unsigned char *arr)
1329{
1330 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1331 return sizeof(vpd84_data);
1332}
1333
1334/* Management network addresses VPD page */
1335static int inquiry_vpd_85(unsigned char *arr)
1336{
1337 int num = 0;
1338 const char *na1 = "https://www.kernel.org/config";
1339 const char *na2 = "http://www.kernel.org/log";
1340 int plen, olen;
1341
1342 arr[num++] = 0x1; /* lu, storage config */
1343 arr[num++] = 0x0; /* reserved */
1344 arr[num++] = 0x0;
1345 olen = strlen(na1);
1346 plen = olen + 1;
1347 if (plen % 4)
1348 plen = ((plen / 4) + 1) * 4;
1349 arr[num++] = plen; /* length, null termianted, padded */
1350 memcpy(arr + num, na1, olen);
1351 memset(arr + num + olen, 0, plen - olen);
1352 num += plen;
1353
1354 arr[num++] = 0x4; /* lu, logging */
1355 arr[num++] = 0x0; /* reserved */
1356 arr[num++] = 0x0;
1357 olen = strlen(na2);
1358 plen = olen + 1;
1359 if (plen % 4)
1360 plen = ((plen / 4) + 1) * 4;
1361 arr[num++] = plen; /* length, null terminated, padded */
1362 memcpy(arr + num, na2, olen);
1363 memset(arr + num + olen, 0, plen - olen);
1364 num += plen;
1365
1366 return num;
1367}
1368
1369/* SCSI ports VPD page */
1370static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1371{
1372 int num = 0;
1373 int port_a, port_b;
1374
1375 port_a = target_dev_id + 1;
1376 port_b = port_a + 1;
1377 arr[num++] = 0x0; /* reserved */
1378 arr[num++] = 0x0; /* reserved */
1379 arr[num++] = 0x0;
1380 arr[num++] = 0x1; /* relative port 1 (primary) */
1381 memset(arr + num, 0, 6);
1382 num += 6;
1383 arr[num++] = 0x0;
1384 arr[num++] = 12; /* length tp descriptor */
1385 /* naa-5 target port identifier (A) */
1386 arr[num++] = 0x61; /* proto=sas, binary */
1387 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1388 arr[num++] = 0x0; /* reserved */
1389 arr[num++] = 0x8; /* length */
1390 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1391 num += 8;
1392 arr[num++] = 0x0; /* reserved */
1393 arr[num++] = 0x0; /* reserved */
1394 arr[num++] = 0x0;
1395 arr[num++] = 0x2; /* relative port 2 (secondary) */
1396 memset(arr + num, 0, 6);
1397 num += 6;
1398 arr[num++] = 0x0;
1399 arr[num++] = 12; /* length tp descriptor */
1400 /* naa-5 target port identifier (B) */
1401 arr[num++] = 0x61; /* proto=sas, binary */
1402 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1403 arr[num++] = 0x0; /* reserved */
1404 arr[num++] = 0x8; /* length */
1405 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1406 num += 8;
1407
1408 return num;
1409}
1410
1411
1412static unsigned char vpd89_data[] = {
1413/* from 4th byte */ 0,0,0,0,
1414'l','i','n','u','x',' ',' ',' ',
1415'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1416'1','2','3','4',
14170x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
14180xec,0,0,0,
14190x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
14200,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
14210x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
14220x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
14230x53,0x41,
14240x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14250x20,0x20,
14260x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14270x10,0x80,
14280,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
14290x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
14300x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
14310,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
14320x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
14330x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
14340,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
14350,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14360,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14370,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14380x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
14390,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
14400xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
14410,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
14420,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14430,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14440,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14450,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14460,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14470,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14480,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14490,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14500,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14510,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14520,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14530,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1454};
1455
1456/* ATA Information VPD page */
1457static int inquiry_vpd_89(unsigned char *arr)
1458{
1459 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1460 return sizeof(vpd89_data);
1461}
1462
1463
1464static unsigned char vpdb0_data[] = {
1465 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1466 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1467 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1468 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1469};
1470
1471/* Block limits VPD page (SBC-3) */
1472static int inquiry_vpd_b0(unsigned char *arr)
1473{
1474 unsigned int gran;
1475
1476 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1477
1478 /* Optimal transfer length granularity */
1479 if (sdebug_opt_xferlen_exp != 0 &&
1480 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1481 gran = 1 << sdebug_opt_xferlen_exp;
1482 else
1483 gran = 1 << sdebug_physblk_exp;
1484 put_unaligned_be16(gran, arr + 2);
1485
1486 /* Maximum Transfer Length */
1487 if (sdebug_store_sectors > 0x400)
1488 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1489
1490 /* Optimal Transfer Length */
1491 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1492
1493 if (sdebug_lbpu) {
1494 /* Maximum Unmap LBA Count */
1495 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1496
1497 /* Maximum Unmap Block Descriptor Count */
1498 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1499 }
1500
1501 /* Unmap Granularity Alignment */
1502 if (sdebug_unmap_alignment) {
1503 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1504 arr[28] |= 0x80; /* UGAVALID */
1505 }
1506
1507 /* Optimal Unmap Granularity */
1508 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1509
1510 /* Maximum WRITE SAME Length */
1511 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1512
1513 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1514}
1515
1516/* Block device characteristics VPD page (SBC-3) */
1517static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1518{
1519 memset(arr, 0, 0x3c);
1520 arr[0] = 0;
1521 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1522 arr[2] = 0;
1523 arr[3] = 5; /* less than 1.8" */
1524 if (devip->zmodel == BLK_ZONED_HA)
1525 arr[4] = 1 << 4; /* zoned field = 01b */
1526
1527 return 0x3c;
1528}
1529
1530/* Logical block provisioning VPD page (SBC-4) */
1531static int inquiry_vpd_b2(unsigned char *arr)
1532{
1533 memset(arr, 0, 0x4);
1534 arr[0] = 0; /* threshold exponent */
1535 if (sdebug_lbpu)
1536 arr[1] = 1 << 7;
1537 if (sdebug_lbpws)
1538 arr[1] |= 1 << 6;
1539 if (sdebug_lbpws10)
1540 arr[1] |= 1 << 5;
1541 if (sdebug_lbprz && scsi_debug_lbp())
1542 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1543 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1544 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1545 /* threshold_percentage=0 */
1546 return 0x4;
1547}
1548
1549/* Zoned block device characteristics VPD page (ZBC mandatory) */
1550static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1551{
1552 memset(arr, 0, 0x3c);
1553 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1554 /*
1555 * Set Optimal number of open sequential write preferred zones and
1556 * Optimal number of non-sequentially written sequential write
1557 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1558 * fields set to zero, apart from Max. number of open swrz_s field.
1559 */
1560 put_unaligned_be32(0xffffffff, &arr[4]);
1561 put_unaligned_be32(0xffffffff, &arr[8]);
1562 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1563 put_unaligned_be32(devip->max_open, &arr[12]);
1564 else
1565 put_unaligned_be32(0xffffffff, &arr[12]);
1566 if (devip->zcap < devip->zsize) {
1567 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET;
1568 put_unaligned_be64(devip->zsize, &arr[20]);
1569 } else {
1570 arr[19] = 0;
1571 }
1572 return 0x3c;
1573}
1574
1575#define SDEBUG_LONG_INQ_SZ 96
1576#define SDEBUG_MAX_INQ_ARR_SZ 584
1577
1578static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1579{
1580 unsigned char pq_pdt;
1581 unsigned char *arr;
1582 unsigned char *cmd = scp->cmnd;
1583 u32 alloc_len, n;
1584 int ret;
1585 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1586
1587 alloc_len = get_unaligned_be16(cmd + 3);
1588 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1589 if (! arr)
1590 return DID_REQUEUE << 16;
1591 is_disk = (sdebug_ptype == TYPE_DISK);
1592 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
1593 is_disk_zbc = (is_disk || is_zbc);
1594 have_wlun = scsi_is_wlun(scp->device->lun);
1595 if (have_wlun)
1596 pq_pdt = TYPE_WLUN; /* present, wlun */
1597 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1598 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1599 else
1600 pq_pdt = (sdebug_ptype & 0x1f);
1601 arr[0] = pq_pdt;
1602 if (0x2 & cmd[1]) { /* CMDDT bit set */
1603 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1604 kfree(arr);
1605 return check_condition_result;
1606 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1607 int lu_id_num, port_group_id, target_dev_id;
1608 u32 len;
1609 char lu_id_str[6];
1610 int host_no = devip->sdbg_host->shost->host_no;
1611
1612 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1613 (devip->channel & 0x7f);
1614 if (sdebug_vpd_use_hostno == 0)
1615 host_no = 0;
1616 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1617 (devip->target * 1000) + devip->lun);
1618 target_dev_id = ((host_no + 1) * 2000) +
1619 (devip->target * 1000) - 3;
1620 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1621 if (0 == cmd[2]) { /* supported vital product data pages */
1622 arr[1] = cmd[2]; /*sanity */
1623 n = 4;
1624 arr[n++] = 0x0; /* this page */
1625 arr[n++] = 0x80; /* unit serial number */
1626 arr[n++] = 0x83; /* device identification */
1627 arr[n++] = 0x84; /* software interface ident. */
1628 arr[n++] = 0x85; /* management network addresses */
1629 arr[n++] = 0x86; /* extended inquiry */
1630 arr[n++] = 0x87; /* mode page policy */
1631 arr[n++] = 0x88; /* SCSI ports */
1632 if (is_disk_zbc) { /* SBC or ZBC */
1633 arr[n++] = 0x89; /* ATA information */
1634 arr[n++] = 0xb0; /* Block limits */
1635 arr[n++] = 0xb1; /* Block characteristics */
1636 if (is_disk)
1637 arr[n++] = 0xb2; /* LB Provisioning */
1638 if (is_zbc)
1639 arr[n++] = 0xb6; /* ZB dev. char. */
1640 }
1641 arr[3] = n - 4; /* number of supported VPD pages */
1642 } else if (0x80 == cmd[2]) { /* unit serial number */
1643 arr[1] = cmd[2]; /*sanity */
1644 arr[3] = len;
1645 memcpy(&arr[4], lu_id_str, len);
1646 } else if (0x83 == cmd[2]) { /* device identification */
1647 arr[1] = cmd[2]; /*sanity */
1648 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1649 target_dev_id, lu_id_num,
1650 lu_id_str, len,
1651 &devip->lu_name);
1652 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1653 arr[1] = cmd[2]; /*sanity */
1654 arr[3] = inquiry_vpd_84(&arr[4]);
1655 } else if (0x85 == cmd[2]) { /* Management network addresses */
1656 arr[1] = cmd[2]; /*sanity */
1657 arr[3] = inquiry_vpd_85(&arr[4]);
1658 } else if (0x86 == cmd[2]) { /* extended inquiry */
1659 arr[1] = cmd[2]; /*sanity */
1660 arr[3] = 0x3c; /* number of following entries */
1661 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1662 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1663 else if (have_dif_prot)
1664 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1665 else
1666 arr[4] = 0x0; /* no protection stuff */
1667 arr[5] = 0x7; /* head of q, ordered + simple q's */
1668 } else if (0x87 == cmd[2]) { /* mode page policy */
1669 arr[1] = cmd[2]; /*sanity */
1670 arr[3] = 0x8; /* number of following entries */
1671 arr[4] = 0x2; /* disconnect-reconnect mp */
1672 arr[6] = 0x80; /* mlus, shared */
1673 arr[8] = 0x18; /* protocol specific lu */
1674 arr[10] = 0x82; /* mlus, per initiator port */
1675 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1676 arr[1] = cmd[2]; /*sanity */
1677 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1678 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1679 arr[1] = cmd[2]; /*sanity */
1680 n = inquiry_vpd_89(&arr[4]);
1681 put_unaligned_be16(n, arr + 2);
1682 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1683 arr[1] = cmd[2]; /*sanity */
1684 arr[3] = inquiry_vpd_b0(&arr[4]);
1685 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1686 arr[1] = cmd[2]; /*sanity */
1687 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1688 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1689 arr[1] = cmd[2]; /*sanity */
1690 arr[3] = inquiry_vpd_b2(&arr[4]);
1691 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1692 arr[1] = cmd[2]; /*sanity */
1693 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1694 } else {
1695 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1696 kfree(arr);
1697 return check_condition_result;
1698 }
1699 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
1700 ret = fill_from_dev_buffer(scp, arr,
1701 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
1702 kfree(arr);
1703 return ret;
1704 }
1705 /* drops through here for a standard inquiry */
1706 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1707 arr[2] = sdebug_scsi_level;
1708 arr[3] = 2; /* response_data_format==2 */
1709 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1710 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1711 if (sdebug_vpd_use_hostno == 0)
1712 arr[5] |= 0x10; /* claim: implicit TPGS */
1713 arr[6] = 0x10; /* claim: MultiP */
1714 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1715 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1716 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1717 memcpy(&arr[16], sdebug_inq_product_id, 16);
1718 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1719 /* Use Vendor Specific area to place driver date in ASCII hex */
1720 memcpy(&arr[36], sdebug_version_date, 8);
1721 /* version descriptors (2 bytes each) follow */
1722 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1723 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1724 n = 62;
1725 if (is_disk) { /* SBC-4 no version claimed */
1726 put_unaligned_be16(0x600, arr + n);
1727 n += 2;
1728 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1729 put_unaligned_be16(0x525, arr + n);
1730 n += 2;
1731 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
1732 put_unaligned_be16(0x624, arr + n);
1733 n += 2;
1734 }
1735 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1736 ret = fill_from_dev_buffer(scp, arr,
1737 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ));
1738 kfree(arr);
1739 return ret;
1740}
1741
1742/* See resp_iec_m_pg() for how this data is manipulated */
1743static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1744 0, 0, 0x0, 0x0};
1745
1746static int resp_requests(struct scsi_cmnd *scp,
1747 struct sdebug_dev_info *devip)
1748{
1749 unsigned char *cmd = scp->cmnd;
1750 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
1751 bool dsense = !!(cmd[1] & 1);
1752 u32 alloc_len = cmd[4];
1753 u32 len = 18;
1754 int stopped_state = atomic_read(&devip->stopped);
1755
1756 memset(arr, 0, sizeof(arr));
1757 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
1758 if (dsense) {
1759 arr[0] = 0x72;
1760 arr[1] = NOT_READY;
1761 arr[2] = LOGICAL_UNIT_NOT_READY;
1762 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
1763 len = 8;
1764 } else {
1765 arr[0] = 0x70;
1766 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
1767 arr[7] = 0xa; /* 18 byte sense buffer */
1768 arr[12] = LOGICAL_UNIT_NOT_READY;
1769 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
1770 }
1771 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1772 /* Information exceptions control mode page: TEST=1, MRIE=6 */
1773 if (dsense) {
1774 arr[0] = 0x72;
1775 arr[1] = 0x0; /* NO_SENSE in sense_key */
1776 arr[2] = THRESHOLD_EXCEEDED;
1777 arr[3] = 0xff; /* Failure prediction(false) */
1778 len = 8;
1779 } else {
1780 arr[0] = 0x70;
1781 arr[2] = 0x0; /* NO_SENSE in sense_key */
1782 arr[7] = 0xa; /* 18 byte sense buffer */
1783 arr[12] = THRESHOLD_EXCEEDED;
1784 arr[13] = 0xff; /* Failure prediction(false) */
1785 }
1786 } else { /* nothing to report */
1787 if (dsense) {
1788 len = 8;
1789 memset(arr, 0, len);
1790 arr[0] = 0x72;
1791 } else {
1792 memset(arr, 0, len);
1793 arr[0] = 0x70;
1794 arr[7] = 0xa;
1795 }
1796 }
1797 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len));
1798}
1799
1800static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1801{
1802 unsigned char *cmd = scp->cmnd;
1803 int power_cond, want_stop, stopped_state;
1804 bool changing;
1805
1806 power_cond = (cmd[4] & 0xf0) >> 4;
1807 if (power_cond) {
1808 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1809 return check_condition_result;
1810 }
1811 want_stop = !(cmd[4] & 1);
1812 stopped_state = atomic_read(&devip->stopped);
1813 if (stopped_state == 2) {
1814 ktime_t now_ts = ktime_get_boottime();
1815
1816 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
1817 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
1818
1819 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
1820 /* tur_ms_to_ready timer extinguished */
1821 atomic_set(&devip->stopped, 0);
1822 stopped_state = 0;
1823 }
1824 }
1825 if (stopped_state == 2) {
1826 if (want_stop) {
1827 stopped_state = 1; /* dummy up success */
1828 } else { /* Disallow tur_ms_to_ready delay to be overridden */
1829 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
1830 return check_condition_result;
1831 }
1832 }
1833 }
1834 changing = (stopped_state != want_stop);
1835 if (changing)
1836 atomic_xchg(&devip->stopped, want_stop);
1837 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
1838 return SDEG_RES_IMMED_MASK;
1839 else
1840 return 0;
1841}
1842
1843static sector_t get_sdebug_capacity(void)
1844{
1845 static const unsigned int gibibyte = 1073741824;
1846
1847 if (sdebug_virtual_gb > 0)
1848 return (sector_t)sdebug_virtual_gb *
1849 (gibibyte / sdebug_sector_size);
1850 else
1851 return sdebug_store_sectors;
1852}
1853
1854#define SDEBUG_READCAP_ARR_SZ 8
1855static int resp_readcap(struct scsi_cmnd *scp,
1856 struct sdebug_dev_info *devip)
1857{
1858 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1859 unsigned int capac;
1860
1861 /* following just in case virtual_gb changed */
1862 sdebug_capacity = get_sdebug_capacity();
1863 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1864 if (sdebug_capacity < 0xffffffff) {
1865 capac = (unsigned int)sdebug_capacity - 1;
1866 put_unaligned_be32(capac, arr + 0);
1867 } else
1868 put_unaligned_be32(0xffffffff, arr + 0);
1869 put_unaligned_be16(sdebug_sector_size, arr + 6);
1870 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1871}
1872
1873#define SDEBUG_READCAP16_ARR_SZ 32
1874static int resp_readcap16(struct scsi_cmnd *scp,
1875 struct sdebug_dev_info *devip)
1876{
1877 unsigned char *cmd = scp->cmnd;
1878 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1879 u32 alloc_len;
1880
1881 alloc_len = get_unaligned_be32(cmd + 10);
1882 /* following just in case virtual_gb changed */
1883 sdebug_capacity = get_sdebug_capacity();
1884 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1885 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1886 put_unaligned_be32(sdebug_sector_size, arr + 8);
1887 arr[13] = sdebug_physblk_exp & 0xf;
1888 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1889
1890 if (scsi_debug_lbp()) {
1891 arr[14] |= 0x80; /* LBPME */
1892 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1893 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1894 * in the wider field maps to 0 in this field.
1895 */
1896 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1897 arr[14] |= 0x40;
1898 }
1899
1900 /*
1901 * Since the scsi_debug READ CAPACITY implementation always reports the
1902 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices.
1903 */
1904 if (devip->zmodel == BLK_ZONED_HM)
1905 arr[12] |= 1 << 4;
1906
1907 arr[15] = sdebug_lowest_aligned & 0xff;
1908
1909 if (have_dif_prot) {
1910 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1911 arr[12] |= 1; /* PROT_EN */
1912 }
1913
1914 return fill_from_dev_buffer(scp, arr,
1915 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ));
1916}
1917
1918#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1919
1920static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1921 struct sdebug_dev_info *devip)
1922{
1923 unsigned char *cmd = scp->cmnd;
1924 unsigned char *arr;
1925 int host_no = devip->sdbg_host->shost->host_no;
1926 int port_group_a, port_group_b, port_a, port_b;
1927 u32 alen, n, rlen;
1928 int ret;
1929
1930 alen = get_unaligned_be32(cmd + 6);
1931 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1932 if (! arr)
1933 return DID_REQUEUE << 16;
1934 /*
1935 * EVPD page 0x88 states we have two ports, one
1936 * real and a fake port with no device connected.
1937 * So we create two port groups with one port each
1938 * and set the group with port B to unavailable.
1939 */
1940 port_a = 0x1; /* relative port A */
1941 port_b = 0x2; /* relative port B */
1942 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1943 (devip->channel & 0x7f);
1944 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1945 (devip->channel & 0x7f) + 0x80;
1946
1947 /*
1948 * The asymmetric access state is cycled according to the host_id.
1949 */
1950 n = 4;
1951 if (sdebug_vpd_use_hostno == 0) {
1952 arr[n++] = host_no % 3; /* Asymm access state */
1953 arr[n++] = 0x0F; /* claim: all states are supported */
1954 } else {
1955 arr[n++] = 0x0; /* Active/Optimized path */
1956 arr[n++] = 0x01; /* only support active/optimized paths */
1957 }
1958 put_unaligned_be16(port_group_a, arr + n);
1959 n += 2;
1960 arr[n++] = 0; /* Reserved */
1961 arr[n++] = 0; /* Status code */
1962 arr[n++] = 0; /* Vendor unique */
1963 arr[n++] = 0x1; /* One port per group */
1964 arr[n++] = 0; /* Reserved */
1965 arr[n++] = 0; /* Reserved */
1966 put_unaligned_be16(port_a, arr + n);
1967 n += 2;
1968 arr[n++] = 3; /* Port unavailable */
1969 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1970 put_unaligned_be16(port_group_b, arr + n);
1971 n += 2;
1972 arr[n++] = 0; /* Reserved */
1973 arr[n++] = 0; /* Status code */
1974 arr[n++] = 0; /* Vendor unique */
1975 arr[n++] = 0x1; /* One port per group */
1976 arr[n++] = 0; /* Reserved */
1977 arr[n++] = 0; /* Reserved */
1978 put_unaligned_be16(port_b, arr + n);
1979 n += 2;
1980
1981 rlen = n - 4;
1982 put_unaligned_be32(rlen, arr + 0);
1983
1984 /*
1985 * Return the smallest value of either
1986 * - The allocated length
1987 * - The constructed command length
1988 * - The maximum array size
1989 */
1990 rlen = min(alen, n);
1991 ret = fill_from_dev_buffer(scp, arr,
1992 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1993 kfree(arr);
1994 return ret;
1995}
1996
1997static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1998 struct sdebug_dev_info *devip)
1999{
2000 bool rctd;
2001 u8 reporting_opts, req_opcode, sdeb_i, supp;
2002 u16 req_sa, u;
2003 u32 alloc_len, a_len;
2004 int k, offset, len, errsts, count, bump, na;
2005 const struct opcode_info_t *oip;
2006 const struct opcode_info_t *r_oip;
2007 u8 *arr;
2008 u8 *cmd = scp->cmnd;
2009
2010 rctd = !!(cmd[2] & 0x80);
2011 reporting_opts = cmd[2] & 0x7;
2012 req_opcode = cmd[3];
2013 req_sa = get_unaligned_be16(cmd + 4);
2014 alloc_len = get_unaligned_be32(cmd + 6);
2015 if (alloc_len < 4 || alloc_len > 0xffff) {
2016 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2017 return check_condition_result;
2018 }
2019 if (alloc_len > 8192)
2020 a_len = 8192;
2021 else
2022 a_len = alloc_len;
2023 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
2024 if (NULL == arr) {
2025 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
2026 INSUFF_RES_ASCQ);
2027 return check_condition_result;
2028 }
2029 switch (reporting_opts) {
2030 case 0: /* all commands */
2031 /* count number of commands */
2032 for (count = 0, oip = opcode_info_arr;
2033 oip->num_attached != 0xff; ++oip) {
2034 if (F_INV_OP & oip->flags)
2035 continue;
2036 count += (oip->num_attached + 1);
2037 }
2038 bump = rctd ? 20 : 8;
2039 put_unaligned_be32(count * bump, arr);
2040 for (offset = 4, oip = opcode_info_arr;
2041 oip->num_attached != 0xff && offset < a_len; ++oip) {
2042 if (F_INV_OP & oip->flags)
2043 continue;
2044 na = oip->num_attached;
2045 arr[offset] = oip->opcode;
2046 put_unaligned_be16(oip->sa, arr + offset + 2);
2047 if (rctd)
2048 arr[offset + 5] |= 0x2;
2049 if (FF_SA & oip->flags)
2050 arr[offset + 5] |= 0x1;
2051 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2052 if (rctd)
2053 put_unaligned_be16(0xa, arr + offset + 8);
2054 r_oip = oip;
2055 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2056 if (F_INV_OP & oip->flags)
2057 continue;
2058 offset += bump;
2059 arr[offset] = oip->opcode;
2060 put_unaligned_be16(oip->sa, arr + offset + 2);
2061 if (rctd)
2062 arr[offset + 5] |= 0x2;
2063 if (FF_SA & oip->flags)
2064 arr[offset + 5] |= 0x1;
2065 put_unaligned_be16(oip->len_mask[0],
2066 arr + offset + 6);
2067 if (rctd)
2068 put_unaligned_be16(0xa,
2069 arr + offset + 8);
2070 }
2071 oip = r_oip;
2072 offset += bump;
2073 }
2074 break;
2075 case 1: /* one command: opcode only */
2076 case 2: /* one command: opcode plus service action */
2077 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2078 sdeb_i = opcode_ind_arr[req_opcode];
2079 oip = &opcode_info_arr[sdeb_i];
2080 if (F_INV_OP & oip->flags) {
2081 supp = 1;
2082 offset = 4;
2083 } else {
2084 if (1 == reporting_opts) {
2085 if (FF_SA & oip->flags) {
2086 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2087 2, 2);
2088 kfree(arr);
2089 return check_condition_result;
2090 }
2091 req_sa = 0;
2092 } else if (2 == reporting_opts &&
2093 0 == (FF_SA & oip->flags)) {
2094 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2095 kfree(arr); /* point at requested sa */
2096 return check_condition_result;
2097 }
2098 if (0 == (FF_SA & oip->flags) &&
2099 req_opcode == oip->opcode)
2100 supp = 3;
2101 else if (0 == (FF_SA & oip->flags)) {
2102 na = oip->num_attached;
2103 for (k = 0, oip = oip->arrp; k < na;
2104 ++k, ++oip) {
2105 if (req_opcode == oip->opcode)
2106 break;
2107 }
2108 supp = (k >= na) ? 1 : 3;
2109 } else if (req_sa != oip->sa) {
2110 na = oip->num_attached;
2111 for (k = 0, oip = oip->arrp; k < na;
2112 ++k, ++oip) {
2113 if (req_sa == oip->sa)
2114 break;
2115 }
2116 supp = (k >= na) ? 1 : 3;
2117 } else
2118 supp = 3;
2119 if (3 == supp) {
2120 u = oip->len_mask[0];
2121 put_unaligned_be16(u, arr + 2);
2122 arr[4] = oip->opcode;
2123 for (k = 1; k < u; ++k)
2124 arr[4 + k] = (k < 16) ?
2125 oip->len_mask[k] : 0xff;
2126 offset = 4 + u;
2127 } else
2128 offset = 4;
2129 }
2130 arr[1] = (rctd ? 0x80 : 0) | supp;
2131 if (rctd) {
2132 put_unaligned_be16(0xa, arr + offset);
2133 offset += 12;
2134 }
2135 break;
2136 default:
2137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2138 kfree(arr);
2139 return check_condition_result;
2140 }
2141 offset = (offset < a_len) ? offset : a_len;
2142 len = (offset < alloc_len) ? offset : alloc_len;
2143 errsts = fill_from_dev_buffer(scp, arr, len);
2144 kfree(arr);
2145 return errsts;
2146}
2147
2148static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2149 struct sdebug_dev_info *devip)
2150{
2151 bool repd;
2152 u32 alloc_len, len;
2153 u8 arr[16];
2154 u8 *cmd = scp->cmnd;
2155
2156 memset(arr, 0, sizeof(arr));
2157 repd = !!(cmd[2] & 0x80);
2158 alloc_len = get_unaligned_be32(cmd + 6);
2159 if (alloc_len < 4) {
2160 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2161 return check_condition_result;
2162 }
2163 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2164 arr[1] = 0x1; /* ITNRS */
2165 if (repd) {
2166 arr[3] = 0xc;
2167 len = 16;
2168 } else
2169 len = 4;
2170
2171 len = (len < alloc_len) ? len : alloc_len;
2172 return fill_from_dev_buffer(scp, arr, len);
2173}
2174
2175/* <<Following mode page info copied from ST318451LW>> */
2176
2177static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2178{ /* Read-Write Error Recovery page for mode_sense */
2179 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2180 5, 0, 0xff, 0xff};
2181
2182 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2183 if (1 == pcontrol)
2184 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2185 return sizeof(err_recov_pg);
2186}
2187
2188static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2189{ /* Disconnect-Reconnect page for mode_sense */
2190 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2191 0, 0, 0, 0, 0, 0, 0, 0};
2192
2193 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2194 if (1 == pcontrol)
2195 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2196 return sizeof(disconnect_pg);
2197}
2198
2199static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2200{ /* Format device page for mode_sense */
2201 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2202 0, 0, 0, 0, 0, 0, 0, 0,
2203 0, 0, 0, 0, 0x40, 0, 0, 0};
2204
2205 memcpy(p, format_pg, sizeof(format_pg));
2206 put_unaligned_be16(sdebug_sectors_per, p + 10);
2207 put_unaligned_be16(sdebug_sector_size, p + 12);
2208 if (sdebug_removable)
2209 p[20] |= 0x20; /* should agree with INQUIRY */
2210 if (1 == pcontrol)
2211 memset(p + 2, 0, sizeof(format_pg) - 2);
2212 return sizeof(format_pg);
2213}
2214
2215static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2216 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2217 0, 0, 0, 0};
2218
2219static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2220{ /* Caching page for mode_sense */
2221 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2222 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2223 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2224 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2225
2226 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2227 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2228 memcpy(p, caching_pg, sizeof(caching_pg));
2229 if (1 == pcontrol)
2230 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2231 else if (2 == pcontrol)
2232 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2233 return sizeof(caching_pg);
2234}
2235
2236static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2237 0, 0, 0x2, 0x4b};
2238
2239static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2240{ /* Control mode page for mode_sense */
2241 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2242 0, 0, 0, 0};
2243 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2244 0, 0, 0x2, 0x4b};
2245
2246 if (sdebug_dsense)
2247 ctrl_m_pg[2] |= 0x4;
2248 else
2249 ctrl_m_pg[2] &= ~0x4;
2250
2251 if (sdebug_ato)
2252 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2253
2254 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2255 if (1 == pcontrol)
2256 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2257 else if (2 == pcontrol)
2258 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2259 return sizeof(ctrl_m_pg);
2260}
2261
2262
2263static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2264{ /* Informational Exceptions control mode page for mode_sense */
2265 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2266 0, 0, 0x0, 0x0};
2267 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2268 0, 0, 0x0, 0x0};
2269
2270 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2271 if (1 == pcontrol)
2272 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2273 else if (2 == pcontrol)
2274 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2275 return sizeof(iec_m_pg);
2276}
2277
2278static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2279{ /* SAS SSP mode page - short format for mode_sense */
2280 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2281 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2282
2283 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2284 if (1 == pcontrol)
2285 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2286 return sizeof(sas_sf_m_pg);
2287}
2288
2289
2290static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2291 int target_dev_id)
2292{ /* SAS phy control and discover mode page for mode_sense */
2293 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2294 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2295 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2296 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2297 0x2, 0, 0, 0, 0, 0, 0, 0,
2298 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2299 0, 0, 0, 0, 0, 0, 0, 0,
2300 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2301 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2302 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2303 0x3, 0, 0, 0, 0, 0, 0, 0,
2304 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2305 0, 0, 0, 0, 0, 0, 0, 0,
2306 };
2307 int port_a, port_b;
2308
2309 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2310 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2311 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2312 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2313 port_a = target_dev_id + 1;
2314 port_b = port_a + 1;
2315 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2316 put_unaligned_be32(port_a, p + 20);
2317 put_unaligned_be32(port_b, p + 48 + 20);
2318 if (1 == pcontrol)
2319 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2320 return sizeof(sas_pcd_m_pg);
2321}
2322
2323static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2324{ /* SAS SSP shared protocol specific port mode subpage */
2325 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2326 0, 0, 0, 0, 0, 0, 0, 0,
2327 };
2328
2329 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2330 if (1 == pcontrol)
2331 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2332 return sizeof(sas_sha_m_pg);
2333}
2334
2335#define SDEBUG_MAX_MSENSE_SZ 256
2336
2337static int resp_mode_sense(struct scsi_cmnd *scp,
2338 struct sdebug_dev_info *devip)
2339{
2340 int pcontrol, pcode, subpcode, bd_len;
2341 unsigned char dev_spec;
2342 u32 alloc_len, offset, len;
2343 int target_dev_id;
2344 int target = scp->device->id;
2345 unsigned char *ap;
2346 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2347 unsigned char *cmd = scp->cmnd;
2348 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2349
2350 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2351 pcontrol = (cmd[2] & 0xc0) >> 6;
2352 pcode = cmd[2] & 0x3f;
2353 subpcode = cmd[3];
2354 msense_6 = (MODE_SENSE == cmd[0]);
2355 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2356 is_disk = (sdebug_ptype == TYPE_DISK);
2357 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
2358 if ((is_disk || is_zbc) && !dbd)
2359 bd_len = llbaa ? 16 : 8;
2360 else
2361 bd_len = 0;
2362 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2363 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2364 if (0x3 == pcontrol) { /* Saving values not supported */
2365 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2366 return check_condition_result;
2367 }
2368 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2369 (devip->target * 1000) - 3;
2370 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2371 if (is_disk || is_zbc) {
2372 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2373 if (sdebug_wp)
2374 dev_spec |= 0x80;
2375 } else
2376 dev_spec = 0x0;
2377 if (msense_6) {
2378 arr[2] = dev_spec;
2379 arr[3] = bd_len;
2380 offset = 4;
2381 } else {
2382 arr[3] = dev_spec;
2383 if (16 == bd_len)
2384 arr[4] = 0x1; /* set LONGLBA bit */
2385 arr[7] = bd_len; /* assume 255 or less */
2386 offset = 8;
2387 }
2388 ap = arr + offset;
2389 if ((bd_len > 0) && (!sdebug_capacity))
2390 sdebug_capacity = get_sdebug_capacity();
2391
2392 if (8 == bd_len) {
2393 if (sdebug_capacity > 0xfffffffe)
2394 put_unaligned_be32(0xffffffff, ap + 0);
2395 else
2396 put_unaligned_be32(sdebug_capacity, ap + 0);
2397 put_unaligned_be16(sdebug_sector_size, ap + 6);
2398 offset += bd_len;
2399 ap = arr + offset;
2400 } else if (16 == bd_len) {
2401 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2402 put_unaligned_be32(sdebug_sector_size, ap + 12);
2403 offset += bd_len;
2404 ap = arr + offset;
2405 }
2406
2407 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2408 /* TODO: Control Extension page */
2409 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2410 return check_condition_result;
2411 }
2412 bad_pcode = false;
2413
2414 switch (pcode) {
2415 case 0x1: /* Read-Write error recovery page, direct access */
2416 len = resp_err_recov_pg(ap, pcontrol, target);
2417 offset += len;
2418 break;
2419 case 0x2: /* Disconnect-Reconnect page, all devices */
2420 len = resp_disconnect_pg(ap, pcontrol, target);
2421 offset += len;
2422 break;
2423 case 0x3: /* Format device page, direct access */
2424 if (is_disk) {
2425 len = resp_format_pg(ap, pcontrol, target);
2426 offset += len;
2427 } else
2428 bad_pcode = true;
2429 break;
2430 case 0x8: /* Caching page, direct access */
2431 if (is_disk || is_zbc) {
2432 len = resp_caching_pg(ap, pcontrol, target);
2433 offset += len;
2434 } else
2435 bad_pcode = true;
2436 break;
2437 case 0xa: /* Control Mode page, all devices */
2438 len = resp_ctrl_m_pg(ap, pcontrol, target);
2439 offset += len;
2440 break;
2441 case 0x19: /* if spc==1 then sas phy, control+discover */
2442 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2443 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2444 return check_condition_result;
2445 }
2446 len = 0;
2447 if ((0x0 == subpcode) || (0xff == subpcode))
2448 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2449 if ((0x1 == subpcode) || (0xff == subpcode))
2450 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2451 target_dev_id);
2452 if ((0x2 == subpcode) || (0xff == subpcode))
2453 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2454 offset += len;
2455 break;
2456 case 0x1c: /* Informational Exceptions Mode page, all devices */
2457 len = resp_iec_m_pg(ap, pcontrol, target);
2458 offset += len;
2459 break;
2460 case 0x3f: /* Read all Mode pages */
2461 if ((0 == subpcode) || (0xff == subpcode)) {
2462 len = resp_err_recov_pg(ap, pcontrol, target);
2463 len += resp_disconnect_pg(ap + len, pcontrol, target);
2464 if (is_disk) {
2465 len += resp_format_pg(ap + len, pcontrol,
2466 target);
2467 len += resp_caching_pg(ap + len, pcontrol,
2468 target);
2469 } else if (is_zbc) {
2470 len += resp_caching_pg(ap + len, pcontrol,
2471 target);
2472 }
2473 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2474 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2475 if (0xff == subpcode) {
2476 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2477 target, target_dev_id);
2478 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2479 }
2480 len += resp_iec_m_pg(ap + len, pcontrol, target);
2481 offset += len;
2482 } else {
2483 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2484 return check_condition_result;
2485 }
2486 break;
2487 default:
2488 bad_pcode = true;
2489 break;
2490 }
2491 if (bad_pcode) {
2492 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2493 return check_condition_result;
2494 }
2495 if (msense_6)
2496 arr[0] = offset - 1;
2497 else
2498 put_unaligned_be16((offset - 2), arr + 0);
2499 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset));
2500}
2501
2502#define SDEBUG_MAX_MSELECT_SZ 512
2503
2504static int resp_mode_select(struct scsi_cmnd *scp,
2505 struct sdebug_dev_info *devip)
2506{
2507 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2508 int param_len, res, mpage;
2509 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2510 unsigned char *cmd = scp->cmnd;
2511 int mselect6 = (MODE_SELECT == cmd[0]);
2512
2513 memset(arr, 0, sizeof(arr));
2514 pf = cmd[1] & 0x10;
2515 sp = cmd[1] & 0x1;
2516 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2517 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2518 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2519 return check_condition_result;
2520 }
2521 res = fetch_to_dev_buffer(scp, arr, param_len);
2522 if (-1 == res)
2523 return DID_ERROR << 16;
2524 else if (sdebug_verbose && (res < param_len))
2525 sdev_printk(KERN_INFO, scp->device,
2526 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2527 __func__, param_len, res);
2528 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2529 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2530 off = bd_len + (mselect6 ? 4 : 8);
2531 if (md_len > 2 || off >= res) {
2532 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2533 return check_condition_result;
2534 }
2535 mpage = arr[off] & 0x3f;
2536 ps = !!(arr[off] & 0x80);
2537 if (ps) {
2538 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2539 return check_condition_result;
2540 }
2541 spf = !!(arr[off] & 0x40);
2542 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2543 (arr[off + 1] + 2);
2544 if ((pg_len + off) > param_len) {
2545 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2546 PARAMETER_LIST_LENGTH_ERR, 0);
2547 return check_condition_result;
2548 }
2549 switch (mpage) {
2550 case 0x8: /* Caching Mode page */
2551 if (caching_pg[1] == arr[off + 1]) {
2552 memcpy(caching_pg + 2, arr + off + 2,
2553 sizeof(caching_pg) - 2);
2554 goto set_mode_changed_ua;
2555 }
2556 break;
2557 case 0xa: /* Control Mode page */
2558 if (ctrl_m_pg[1] == arr[off + 1]) {
2559 memcpy(ctrl_m_pg + 2, arr + off + 2,
2560 sizeof(ctrl_m_pg) - 2);
2561 if (ctrl_m_pg[4] & 0x8)
2562 sdebug_wp = true;
2563 else
2564 sdebug_wp = false;
2565 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2566 goto set_mode_changed_ua;
2567 }
2568 break;
2569 case 0x1c: /* Informational Exceptions Mode page */
2570 if (iec_m_pg[1] == arr[off + 1]) {
2571 memcpy(iec_m_pg + 2, arr + off + 2,
2572 sizeof(iec_m_pg) - 2);
2573 goto set_mode_changed_ua;
2574 }
2575 break;
2576 default:
2577 break;
2578 }
2579 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2580 return check_condition_result;
2581set_mode_changed_ua:
2582 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2583 return 0;
2584}
2585
2586static int resp_temp_l_pg(unsigned char *arr)
2587{
2588 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2589 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2590 };
2591
2592 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2593 return sizeof(temp_l_pg);
2594}
2595
2596static int resp_ie_l_pg(unsigned char *arr)
2597{
2598 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2599 };
2600
2601 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2602 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2603 arr[4] = THRESHOLD_EXCEEDED;
2604 arr[5] = 0xff;
2605 }
2606 return sizeof(ie_l_pg);
2607}
2608
2609static int resp_env_rep_l_spg(unsigned char *arr)
2610{
2611 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8,
2612 0x0, 40, 72, 0xff, 45, 18, 0, 0,
2613 0x1, 0x0, 0x23, 0x8,
2614 0x0, 55, 72, 35, 55, 45, 0, 0,
2615 };
2616
2617 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg));
2618 return sizeof(env_rep_l_spg);
2619}
2620
2621#define SDEBUG_MAX_LSENSE_SZ 512
2622
2623static int resp_log_sense(struct scsi_cmnd *scp,
2624 struct sdebug_dev_info *devip)
2625{
2626 int ppc, sp, pcode, subpcode;
2627 u32 alloc_len, len, n;
2628 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2629 unsigned char *cmd = scp->cmnd;
2630
2631 memset(arr, 0, sizeof(arr));
2632 ppc = cmd[1] & 0x2;
2633 sp = cmd[1] & 0x1;
2634 if (ppc || sp) {
2635 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2636 return check_condition_result;
2637 }
2638 pcode = cmd[2] & 0x3f;
2639 subpcode = cmd[3] & 0xff;
2640 alloc_len = get_unaligned_be16(cmd + 7);
2641 arr[0] = pcode;
2642 if (0 == subpcode) {
2643 switch (pcode) {
2644 case 0x0: /* Supported log pages log page */
2645 n = 4;
2646 arr[n++] = 0x0; /* this page */
2647 arr[n++] = 0xd; /* Temperature */
2648 arr[n++] = 0x2f; /* Informational exceptions */
2649 arr[3] = n - 4;
2650 break;
2651 case 0xd: /* Temperature log page */
2652 arr[3] = resp_temp_l_pg(arr + 4);
2653 break;
2654 case 0x2f: /* Informational exceptions log page */
2655 arr[3] = resp_ie_l_pg(arr + 4);
2656 break;
2657 default:
2658 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2659 return check_condition_result;
2660 }
2661 } else if (0xff == subpcode) {
2662 arr[0] |= 0x40;
2663 arr[1] = subpcode;
2664 switch (pcode) {
2665 case 0x0: /* Supported log pages and subpages log page */
2666 n = 4;
2667 arr[n++] = 0x0;
2668 arr[n++] = 0x0; /* 0,0 page */
2669 arr[n++] = 0x0;
2670 arr[n++] = 0xff; /* this page */
2671 arr[n++] = 0xd;
2672 arr[n++] = 0x0; /* Temperature */
2673 arr[n++] = 0xd;
2674 arr[n++] = 0x1; /* Environment reporting */
2675 arr[n++] = 0xd;
2676 arr[n++] = 0xff; /* all 0xd subpages */
2677 arr[n++] = 0x2f;
2678 arr[n++] = 0x0; /* Informational exceptions */
2679 arr[n++] = 0x2f;
2680 arr[n++] = 0xff; /* all 0x2f subpages */
2681 arr[3] = n - 4;
2682 break;
2683 case 0xd: /* Temperature subpages */
2684 n = 4;
2685 arr[n++] = 0xd;
2686 arr[n++] = 0x0; /* Temperature */
2687 arr[n++] = 0xd;
2688 arr[n++] = 0x1; /* Environment reporting */
2689 arr[n++] = 0xd;
2690 arr[n++] = 0xff; /* these subpages */
2691 arr[3] = n - 4;
2692 break;
2693 case 0x2f: /* Informational exceptions subpages */
2694 n = 4;
2695 arr[n++] = 0x2f;
2696 arr[n++] = 0x0; /* Informational exceptions */
2697 arr[n++] = 0x2f;
2698 arr[n++] = 0xff; /* these subpages */
2699 arr[3] = n - 4;
2700 break;
2701 default:
2702 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2703 return check_condition_result;
2704 }
2705 } else if (subpcode > 0) {
2706 arr[0] |= 0x40;
2707 arr[1] = subpcode;
2708 if (pcode == 0xd && subpcode == 1)
2709 arr[3] = resp_env_rep_l_spg(arr + 4);
2710 else {
2711 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2712 return check_condition_result;
2713 }
2714 } else {
2715 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2716 return check_condition_result;
2717 }
2718 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
2719 return fill_from_dev_buffer(scp, arr,
2720 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
2721}
2722
2723static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
2724{
2725 return devip->nr_zones != 0;
2726}
2727
2728static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
2729 unsigned long long lba)
2730{
2731 u32 zno = lba >> devip->zsize_shift;
2732 struct sdeb_zone_state *zsp;
2733
2734 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones)
2735 return &devip->zstate[zno];
2736
2737 /*
2738 * If the zone capacity is less than the zone size, adjust for gap
2739 * zones.
2740 */
2741 zno = 2 * zno - devip->nr_conv_zones;
2742 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones);
2743 zsp = &devip->zstate[zno];
2744 if (lba >= zsp->z_start + zsp->z_size)
2745 zsp++;
2746 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size);
2747 return zsp;
2748}
2749
2750static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
2751{
2752 return zsp->z_type == ZBC_ZTYPE_CNV;
2753}
2754
2755static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp)
2756{
2757 return zsp->z_type == ZBC_ZTYPE_GAP;
2758}
2759
2760static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp)
2761{
2762 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp);
2763}
2764
2765static void zbc_close_zone(struct sdebug_dev_info *devip,
2766 struct sdeb_zone_state *zsp)
2767{
2768 enum sdebug_z_cond zc;
2769
2770 if (!zbc_zone_is_seq(zsp))
2771 return;
2772
2773 zc = zsp->z_cond;
2774 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
2775 return;
2776
2777 if (zc == ZC2_IMPLICIT_OPEN)
2778 devip->nr_imp_open--;
2779 else
2780 devip->nr_exp_open--;
2781
2782 if (zsp->z_wp == zsp->z_start) {
2783 zsp->z_cond = ZC1_EMPTY;
2784 } else {
2785 zsp->z_cond = ZC4_CLOSED;
2786 devip->nr_closed++;
2787 }
2788}
2789
2790static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
2791{
2792 struct sdeb_zone_state *zsp = &devip->zstate[0];
2793 unsigned int i;
2794
2795 for (i = 0; i < devip->nr_zones; i++, zsp++) {
2796 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
2797 zbc_close_zone(devip, zsp);
2798 return;
2799 }
2800 }
2801}
2802
2803static void zbc_open_zone(struct sdebug_dev_info *devip,
2804 struct sdeb_zone_state *zsp, bool explicit)
2805{
2806 enum sdebug_z_cond zc;
2807
2808 if (!zbc_zone_is_seq(zsp))
2809 return;
2810
2811 zc = zsp->z_cond;
2812 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
2813 (!explicit && zc == ZC2_IMPLICIT_OPEN))
2814 return;
2815
2816 /* Close an implicit open zone if necessary */
2817 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
2818 zbc_close_zone(devip, zsp);
2819 else if (devip->max_open &&
2820 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
2821 zbc_close_imp_open_zone(devip);
2822
2823 if (zsp->z_cond == ZC4_CLOSED)
2824 devip->nr_closed--;
2825 if (explicit) {
2826 zsp->z_cond = ZC3_EXPLICIT_OPEN;
2827 devip->nr_exp_open++;
2828 } else {
2829 zsp->z_cond = ZC2_IMPLICIT_OPEN;
2830 devip->nr_imp_open++;
2831 }
2832}
2833
2834static inline void zbc_set_zone_full(struct sdebug_dev_info *devip,
2835 struct sdeb_zone_state *zsp)
2836{
2837 switch (zsp->z_cond) {
2838 case ZC2_IMPLICIT_OPEN:
2839 devip->nr_imp_open--;
2840 break;
2841 case ZC3_EXPLICIT_OPEN:
2842 devip->nr_exp_open--;
2843 break;
2844 default:
2845 WARN_ONCE(true, "Invalid zone %llu condition %x\n",
2846 zsp->z_start, zsp->z_cond);
2847 break;
2848 }
2849 zsp->z_cond = ZC5_FULL;
2850}
2851
2852static void zbc_inc_wp(struct sdebug_dev_info *devip,
2853 unsigned long long lba, unsigned int num)
2854{
2855 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2856 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
2857
2858 if (!zbc_zone_is_seq(zsp))
2859 return;
2860
2861 if (zsp->z_type == ZBC_ZTYPE_SWR) {
2862 zsp->z_wp += num;
2863 if (zsp->z_wp >= zend)
2864 zbc_set_zone_full(devip, zsp);
2865 return;
2866 }
2867
2868 while (num) {
2869 if (lba != zsp->z_wp)
2870 zsp->z_non_seq_resource = true;
2871
2872 end = lba + num;
2873 if (end >= zend) {
2874 n = zend - lba;
2875 zsp->z_wp = zend;
2876 } else if (end > zsp->z_wp) {
2877 n = num;
2878 zsp->z_wp = end;
2879 } else {
2880 n = num;
2881 }
2882 if (zsp->z_wp >= zend)
2883 zbc_set_zone_full(devip, zsp);
2884
2885 num -= n;
2886 lba += n;
2887 if (num) {
2888 zsp++;
2889 zend = zsp->z_start + zsp->z_size;
2890 }
2891 }
2892}
2893
2894static int check_zbc_access_params(struct scsi_cmnd *scp,
2895 unsigned long long lba, unsigned int num, bool write)
2896{
2897 struct scsi_device *sdp = scp->device;
2898 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2899 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2900 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
2901
2902 if (!write) {
2903 if (devip->zmodel == BLK_ZONED_HA)
2904 return 0;
2905 /* For host-managed, reads cannot cross zone types boundaries */
2906 if (zsp->z_type != zsp_end->z_type) {
2907 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2908 LBA_OUT_OF_RANGE,
2909 READ_INVDATA_ASCQ);
2910 return check_condition_result;
2911 }
2912 return 0;
2913 }
2914
2915 /* Writing into a gap zone is not allowed */
2916 if (zbc_zone_is_gap(zsp)) {
2917 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE,
2918 ATTEMPT_ACCESS_GAP);
2919 return check_condition_result;
2920 }
2921
2922 /* No restrictions for writes within conventional zones */
2923 if (zbc_zone_is_conv(zsp)) {
2924 if (!zbc_zone_is_conv(zsp_end)) {
2925 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2926 LBA_OUT_OF_RANGE,
2927 WRITE_BOUNDARY_ASCQ);
2928 return check_condition_result;
2929 }
2930 return 0;
2931 }
2932
2933 if (zsp->z_type == ZBC_ZTYPE_SWR) {
2934 /* Writes cannot cross sequential zone boundaries */
2935 if (zsp_end != zsp) {
2936 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2937 LBA_OUT_OF_RANGE,
2938 WRITE_BOUNDARY_ASCQ);
2939 return check_condition_result;
2940 }
2941 /* Cannot write full zones */
2942 if (zsp->z_cond == ZC5_FULL) {
2943 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2944 INVALID_FIELD_IN_CDB, 0);
2945 return check_condition_result;
2946 }
2947 /* Writes must be aligned to the zone WP */
2948 if (lba != zsp->z_wp) {
2949 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2950 LBA_OUT_OF_RANGE,
2951 UNALIGNED_WRITE_ASCQ);
2952 return check_condition_result;
2953 }
2954 }
2955
2956 /* Handle implicit open of closed and empty zones */
2957 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
2958 if (devip->max_open &&
2959 devip->nr_exp_open >= devip->max_open) {
2960 mk_sense_buffer(scp, DATA_PROTECT,
2961 INSUFF_RES_ASC,
2962 INSUFF_ZONE_ASCQ);
2963 return check_condition_result;
2964 }
2965 zbc_open_zone(devip, zsp, false);
2966 }
2967
2968 return 0;
2969}
2970
2971static inline int check_device_access_params
2972 (struct scsi_cmnd *scp, unsigned long long lba,
2973 unsigned int num, bool write)
2974{
2975 struct scsi_device *sdp = scp->device;
2976 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2977
2978 if (lba + num > sdebug_capacity) {
2979 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2980 return check_condition_result;
2981 }
2982 /* transfer length excessive (tie in to block limits VPD page) */
2983 if (num > sdebug_store_sectors) {
2984 /* needs work to find which cdb byte 'num' comes from */
2985 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2986 return check_condition_result;
2987 }
2988 if (write && unlikely(sdebug_wp)) {
2989 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2990 return check_condition_result;
2991 }
2992 if (sdebug_dev_is_zoned(devip))
2993 return check_zbc_access_params(scp, lba, num, write);
2994
2995 return 0;
2996}
2997
2998/*
2999 * Note: if BUG_ON() fires it usually indicates a problem with the parser
3000 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
3001 * that access any of the "stores" in struct sdeb_store_info should call this
3002 * function with bug_if_fake_rw set to true.
3003 */
3004static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
3005 bool bug_if_fake_rw)
3006{
3007 if (sdebug_fake_rw) {
3008 BUG_ON(bug_if_fake_rw); /* See note above */
3009 return NULL;
3010 }
3011 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
3012}
3013
3014/* Returns number of bytes copied or -1 if error. */
3015static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
3016 u32 sg_skip, u64 lba, u32 num, bool do_write)
3017{
3018 int ret;
3019 u64 block, rest = 0;
3020 enum dma_data_direction dir;
3021 struct scsi_data_buffer *sdb = &scp->sdb;
3022 u8 *fsp;
3023
3024 if (do_write) {
3025 dir = DMA_TO_DEVICE;
3026 write_since_sync = true;
3027 } else {
3028 dir = DMA_FROM_DEVICE;
3029 }
3030
3031 if (!sdb->length || !sip)
3032 return 0;
3033 if (scp->sc_data_direction != dir)
3034 return -1;
3035 fsp = sip->storep;
3036
3037 block = do_div(lba, sdebug_store_sectors);
3038 if (block + num > sdebug_store_sectors)
3039 rest = block + num - sdebug_store_sectors;
3040
3041 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3042 fsp + (block * sdebug_sector_size),
3043 (num - rest) * sdebug_sector_size, sg_skip, do_write);
3044 if (ret != (num - rest) * sdebug_sector_size)
3045 return ret;
3046
3047 if (rest) {
3048 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3049 fsp, rest * sdebug_sector_size,
3050 sg_skip + ((num - rest) * sdebug_sector_size),
3051 do_write);
3052 }
3053
3054 return ret;
3055}
3056
3057/* Returns number of bytes copied or -1 if error. */
3058static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
3059{
3060 struct scsi_data_buffer *sdb = &scp->sdb;
3061
3062 if (!sdb->length)
3063 return 0;
3064 if (scp->sc_data_direction != DMA_TO_DEVICE)
3065 return -1;
3066 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
3067 num * sdebug_sector_size, 0, true);
3068}
3069
3070/* If sip->storep+lba compares equal to arr(num), then copy top half of
3071 * arr into sip->storep+lba and return true. If comparison fails then
3072 * return false. */
3073static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
3074 const u8 *arr, bool compare_only)
3075{
3076 bool res;
3077 u64 block, rest = 0;
3078 u32 store_blks = sdebug_store_sectors;
3079 u32 lb_size = sdebug_sector_size;
3080 u8 *fsp = sip->storep;
3081
3082 block = do_div(lba, store_blks);
3083 if (block + num > store_blks)
3084 rest = block + num - store_blks;
3085
3086 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3087 if (!res)
3088 return res;
3089 if (rest)
3090 res = memcmp(fsp, arr + ((num - rest) * lb_size),
3091 rest * lb_size);
3092 if (!res)
3093 return res;
3094 if (compare_only)
3095 return true;
3096 arr += num * lb_size;
3097 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3098 if (rest)
3099 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
3100 return res;
3101}
3102
3103static __be16 dif_compute_csum(const void *buf, int len)
3104{
3105 __be16 csum;
3106
3107 if (sdebug_guard)
3108 csum = (__force __be16)ip_compute_csum(buf, len);
3109 else
3110 csum = cpu_to_be16(crc_t10dif(buf, len));
3111
3112 return csum;
3113}
3114
3115static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3116 sector_t sector, u32 ei_lba)
3117{
3118 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3119
3120 if (sdt->guard_tag != csum) {
3121 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3122 (unsigned long)sector,
3123 be16_to_cpu(sdt->guard_tag),
3124 be16_to_cpu(csum));
3125 return 0x01;
3126 }
3127 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3128 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3129 pr_err("REF check failed on sector %lu\n",
3130 (unsigned long)sector);
3131 return 0x03;
3132 }
3133 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3134 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3135 pr_err("REF check failed on sector %lu\n",
3136 (unsigned long)sector);
3137 return 0x03;
3138 }
3139 return 0;
3140}
3141
3142static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3143 unsigned int sectors, bool read)
3144{
3145 size_t resid;
3146 void *paddr;
3147 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3148 scp->device->hostdata, true);
3149 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3150 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3151 struct sg_mapping_iter miter;
3152
3153 /* Bytes of protection data to copy into sgl */
3154 resid = sectors * sizeof(*dif_storep);
3155
3156 sg_miter_start(&miter, scsi_prot_sglist(scp),
3157 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3158 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3159
3160 while (sg_miter_next(&miter) && resid > 0) {
3161 size_t len = min_t(size_t, miter.length, resid);
3162 void *start = dif_store(sip, sector);
3163 size_t rest = 0;
3164
3165 if (dif_store_end < start + len)
3166 rest = start + len - dif_store_end;
3167
3168 paddr = miter.addr;
3169
3170 if (read)
3171 memcpy(paddr, start, len - rest);
3172 else
3173 memcpy(start, paddr, len - rest);
3174
3175 if (rest) {
3176 if (read)
3177 memcpy(paddr + len - rest, dif_storep, rest);
3178 else
3179 memcpy(dif_storep, paddr + len - rest, rest);
3180 }
3181
3182 sector += len / sizeof(*dif_storep);
3183 resid -= len;
3184 }
3185 sg_miter_stop(&miter);
3186}
3187
3188static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3189 unsigned int sectors, u32 ei_lba)
3190{
3191 int ret = 0;
3192 unsigned int i;
3193 sector_t sector;
3194 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3195 scp->device->hostdata, true);
3196 struct t10_pi_tuple *sdt;
3197
3198 for (i = 0; i < sectors; i++, ei_lba++) {
3199 sector = start_sec + i;
3200 sdt = dif_store(sip, sector);
3201
3202 if (sdt->app_tag == cpu_to_be16(0xffff))
3203 continue;
3204
3205 /*
3206 * Because scsi_debug acts as both initiator and
3207 * target we proceed to verify the PI even if
3208 * RDPROTECT=3. This is done so the "initiator" knows
3209 * which type of error to return. Otherwise we would
3210 * have to iterate over the PI twice.
3211 */
3212 if (scp->cmnd[1] >> 5) { /* RDPROTECT */
3213 ret = dif_verify(sdt, lba2fake_store(sip, sector),
3214 sector, ei_lba);
3215 if (ret) {
3216 dif_errors++;
3217 break;
3218 }
3219 }
3220 }
3221
3222 dif_copy_prot(scp, start_sec, sectors, true);
3223 dix_reads++;
3224
3225 return ret;
3226}
3227
3228static inline void
3229sdeb_read_lock(struct sdeb_store_info *sip)
3230{
3231 if (sdebug_no_rwlock) {
3232 if (sip)
3233 __acquire(&sip->macc_lck);
3234 else
3235 __acquire(&sdeb_fake_rw_lck);
3236 } else {
3237 if (sip)
3238 read_lock(&sip->macc_lck);
3239 else
3240 read_lock(&sdeb_fake_rw_lck);
3241 }
3242}
3243
3244static inline void
3245sdeb_read_unlock(struct sdeb_store_info *sip)
3246{
3247 if (sdebug_no_rwlock) {
3248 if (sip)
3249 __release(&sip->macc_lck);
3250 else
3251 __release(&sdeb_fake_rw_lck);
3252 } else {
3253 if (sip)
3254 read_unlock(&sip->macc_lck);
3255 else
3256 read_unlock(&sdeb_fake_rw_lck);
3257 }
3258}
3259
3260static inline void
3261sdeb_write_lock(struct sdeb_store_info *sip)
3262{
3263 if (sdebug_no_rwlock) {
3264 if (sip)
3265 __acquire(&sip->macc_lck);
3266 else
3267 __acquire(&sdeb_fake_rw_lck);
3268 } else {
3269 if (sip)
3270 write_lock(&sip->macc_lck);
3271 else
3272 write_lock(&sdeb_fake_rw_lck);
3273 }
3274}
3275
3276static inline void
3277sdeb_write_unlock(struct sdeb_store_info *sip)
3278{
3279 if (sdebug_no_rwlock) {
3280 if (sip)
3281 __release(&sip->macc_lck);
3282 else
3283 __release(&sdeb_fake_rw_lck);
3284 } else {
3285 if (sip)
3286 write_unlock(&sip->macc_lck);
3287 else
3288 write_unlock(&sdeb_fake_rw_lck);
3289 }
3290}
3291
3292static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3293{
3294 bool check_prot;
3295 u32 num;
3296 u32 ei_lba;
3297 int ret;
3298 u64 lba;
3299 struct sdeb_store_info *sip = devip2sip(devip, true);
3300 u8 *cmd = scp->cmnd;
3301
3302 switch (cmd[0]) {
3303 case READ_16:
3304 ei_lba = 0;
3305 lba = get_unaligned_be64(cmd + 2);
3306 num = get_unaligned_be32(cmd + 10);
3307 check_prot = true;
3308 break;
3309 case READ_10:
3310 ei_lba = 0;
3311 lba = get_unaligned_be32(cmd + 2);
3312 num = get_unaligned_be16(cmd + 7);
3313 check_prot = true;
3314 break;
3315 case READ_6:
3316 ei_lba = 0;
3317 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3318 (u32)(cmd[1] & 0x1f) << 16;
3319 num = (0 == cmd[4]) ? 256 : cmd[4];
3320 check_prot = true;
3321 break;
3322 case READ_12:
3323 ei_lba = 0;
3324 lba = get_unaligned_be32(cmd + 2);
3325 num = get_unaligned_be32(cmd + 6);
3326 check_prot = true;
3327 break;
3328 case XDWRITEREAD_10:
3329 ei_lba = 0;
3330 lba = get_unaligned_be32(cmd + 2);
3331 num = get_unaligned_be16(cmd + 7);
3332 check_prot = false;
3333 break;
3334 default: /* assume READ(32) */
3335 lba = get_unaligned_be64(cmd + 12);
3336 ei_lba = get_unaligned_be32(cmd + 20);
3337 num = get_unaligned_be32(cmd + 28);
3338 check_prot = false;
3339 break;
3340 }
3341 if (unlikely(have_dif_prot && check_prot)) {
3342 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3343 (cmd[1] & 0xe0)) {
3344 mk_sense_invalid_opcode(scp);
3345 return check_condition_result;
3346 }
3347 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3348 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3349 (cmd[1] & 0xe0) == 0)
3350 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3351 "to DIF device\n");
3352 }
3353 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3354 atomic_read(&sdeb_inject_pending))) {
3355 num /= 2;
3356 atomic_set(&sdeb_inject_pending, 0);
3357 }
3358
3359 ret = check_device_access_params(scp, lba, num, false);
3360 if (ret)
3361 return ret;
3362 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3363 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3364 ((lba + num) > sdebug_medium_error_start))) {
3365 /* claim unrecoverable read error */
3366 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3367 /* set info field and valid bit for fixed descriptor */
3368 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3369 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3370 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3371 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3372 put_unaligned_be32(ret, scp->sense_buffer + 3);
3373 }
3374 scsi_set_resid(scp, scsi_bufflen(scp));
3375 return check_condition_result;
3376 }
3377
3378 sdeb_read_lock(sip);
3379
3380 /* DIX + T10 DIF */
3381 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3382 switch (prot_verify_read(scp, lba, num, ei_lba)) {
3383 case 1: /* Guard tag error */
3384 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3385 sdeb_read_unlock(sip);
3386 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3387 return check_condition_result;
3388 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3389 sdeb_read_unlock(sip);
3390 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3391 return illegal_condition_result;
3392 }
3393 break;
3394 case 3: /* Reference tag error */
3395 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3396 sdeb_read_unlock(sip);
3397 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3398 return check_condition_result;
3399 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3400 sdeb_read_unlock(sip);
3401 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3402 return illegal_condition_result;
3403 }
3404 break;
3405 }
3406 }
3407
3408 ret = do_device_access(sip, scp, 0, lba, num, false);
3409 sdeb_read_unlock(sip);
3410 if (unlikely(ret == -1))
3411 return DID_ERROR << 16;
3412
3413 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3414
3415 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3416 atomic_read(&sdeb_inject_pending))) {
3417 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3418 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3419 atomic_set(&sdeb_inject_pending, 0);
3420 return check_condition_result;
3421 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3422 /* Logical block guard check failed */
3423 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3424 atomic_set(&sdeb_inject_pending, 0);
3425 return illegal_condition_result;
3426 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3427 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3428 atomic_set(&sdeb_inject_pending, 0);
3429 return illegal_condition_result;
3430 }
3431 }
3432 return 0;
3433}
3434
3435static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3436 unsigned int sectors, u32 ei_lba)
3437{
3438 int ret;
3439 struct t10_pi_tuple *sdt;
3440 void *daddr;
3441 sector_t sector = start_sec;
3442 int ppage_offset;
3443 int dpage_offset;
3444 struct sg_mapping_iter diter;
3445 struct sg_mapping_iter piter;
3446
3447 BUG_ON(scsi_sg_count(SCpnt) == 0);
3448 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3449
3450 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3451 scsi_prot_sg_count(SCpnt),
3452 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3453 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3454 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3455
3456 /* For each protection page */
3457 while (sg_miter_next(&piter)) {
3458 dpage_offset = 0;
3459 if (WARN_ON(!sg_miter_next(&diter))) {
3460 ret = 0x01;
3461 goto out;
3462 }
3463
3464 for (ppage_offset = 0; ppage_offset < piter.length;
3465 ppage_offset += sizeof(struct t10_pi_tuple)) {
3466 /* If we're at the end of the current
3467 * data page advance to the next one
3468 */
3469 if (dpage_offset >= diter.length) {
3470 if (WARN_ON(!sg_miter_next(&diter))) {
3471 ret = 0x01;
3472 goto out;
3473 }
3474 dpage_offset = 0;
3475 }
3476
3477 sdt = piter.addr + ppage_offset;
3478 daddr = diter.addr + dpage_offset;
3479
3480 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */
3481 ret = dif_verify(sdt, daddr, sector, ei_lba);
3482 if (ret)
3483 goto out;
3484 }
3485
3486 sector++;
3487 ei_lba++;
3488 dpage_offset += sdebug_sector_size;
3489 }
3490 diter.consumed = dpage_offset;
3491 sg_miter_stop(&diter);
3492 }
3493 sg_miter_stop(&piter);
3494
3495 dif_copy_prot(SCpnt, start_sec, sectors, false);
3496 dix_writes++;
3497
3498 return 0;
3499
3500out:
3501 dif_errors++;
3502 sg_miter_stop(&diter);
3503 sg_miter_stop(&piter);
3504 return ret;
3505}
3506
3507static unsigned long lba_to_map_index(sector_t lba)
3508{
3509 if (sdebug_unmap_alignment)
3510 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3511 sector_div(lba, sdebug_unmap_granularity);
3512 return lba;
3513}
3514
3515static sector_t map_index_to_lba(unsigned long index)
3516{
3517 sector_t lba = index * sdebug_unmap_granularity;
3518
3519 if (sdebug_unmap_alignment)
3520 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3521 return lba;
3522}
3523
3524static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3525 unsigned int *num)
3526{
3527 sector_t end;
3528 unsigned int mapped;
3529 unsigned long index;
3530 unsigned long next;
3531
3532 index = lba_to_map_index(lba);
3533 mapped = test_bit(index, sip->map_storep);
3534
3535 if (mapped)
3536 next = find_next_zero_bit(sip->map_storep, map_size, index);
3537 else
3538 next = find_next_bit(sip->map_storep, map_size, index);
3539
3540 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3541 *num = end - lba;
3542 return mapped;
3543}
3544
3545static void map_region(struct sdeb_store_info *sip, sector_t lba,
3546 unsigned int len)
3547{
3548 sector_t end = lba + len;
3549
3550 while (lba < end) {
3551 unsigned long index = lba_to_map_index(lba);
3552
3553 if (index < map_size)
3554 set_bit(index, sip->map_storep);
3555
3556 lba = map_index_to_lba(index + 1);
3557 }
3558}
3559
3560static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3561 unsigned int len)
3562{
3563 sector_t end = lba + len;
3564 u8 *fsp = sip->storep;
3565
3566 while (lba < end) {
3567 unsigned long index = lba_to_map_index(lba);
3568
3569 if (lba == map_index_to_lba(index) &&
3570 lba + sdebug_unmap_granularity <= end &&
3571 index < map_size) {
3572 clear_bit(index, sip->map_storep);
3573 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3574 memset(fsp + lba * sdebug_sector_size,
3575 (sdebug_lbprz & 1) ? 0 : 0xff,
3576 sdebug_sector_size *
3577 sdebug_unmap_granularity);
3578 }
3579 if (sip->dif_storep) {
3580 memset(sip->dif_storep + lba, 0xff,
3581 sizeof(*sip->dif_storep) *
3582 sdebug_unmap_granularity);
3583 }
3584 }
3585 lba = map_index_to_lba(index + 1);
3586 }
3587}
3588
3589static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3590{
3591 bool check_prot;
3592 u32 num;
3593 u32 ei_lba;
3594 int ret;
3595 u64 lba;
3596 struct sdeb_store_info *sip = devip2sip(devip, true);
3597 u8 *cmd = scp->cmnd;
3598
3599 switch (cmd[0]) {
3600 case WRITE_16:
3601 ei_lba = 0;
3602 lba = get_unaligned_be64(cmd + 2);
3603 num = get_unaligned_be32(cmd + 10);
3604 check_prot = true;
3605 break;
3606 case WRITE_10:
3607 ei_lba = 0;
3608 lba = get_unaligned_be32(cmd + 2);
3609 num = get_unaligned_be16(cmd + 7);
3610 check_prot = true;
3611 break;
3612 case WRITE_6:
3613 ei_lba = 0;
3614 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3615 (u32)(cmd[1] & 0x1f) << 16;
3616 num = (0 == cmd[4]) ? 256 : cmd[4];
3617 check_prot = true;
3618 break;
3619 case WRITE_12:
3620 ei_lba = 0;
3621 lba = get_unaligned_be32(cmd + 2);
3622 num = get_unaligned_be32(cmd + 6);
3623 check_prot = true;
3624 break;
3625 case 0x53: /* XDWRITEREAD(10) */
3626 ei_lba = 0;
3627 lba = get_unaligned_be32(cmd + 2);
3628 num = get_unaligned_be16(cmd + 7);
3629 check_prot = false;
3630 break;
3631 default: /* assume WRITE(32) */
3632 lba = get_unaligned_be64(cmd + 12);
3633 ei_lba = get_unaligned_be32(cmd + 20);
3634 num = get_unaligned_be32(cmd + 28);
3635 check_prot = false;
3636 break;
3637 }
3638 if (unlikely(have_dif_prot && check_prot)) {
3639 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3640 (cmd[1] & 0xe0)) {
3641 mk_sense_invalid_opcode(scp);
3642 return check_condition_result;
3643 }
3644 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3645 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3646 (cmd[1] & 0xe0) == 0)
3647 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3648 "to DIF device\n");
3649 }
3650
3651 sdeb_write_lock(sip);
3652 ret = check_device_access_params(scp, lba, num, true);
3653 if (ret) {
3654 sdeb_write_unlock(sip);
3655 return ret;
3656 }
3657
3658 /* DIX + T10 DIF */
3659 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3660 switch (prot_verify_write(scp, lba, num, ei_lba)) {
3661 case 1: /* Guard tag error */
3662 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3663 sdeb_write_unlock(sip);
3664 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3665 return illegal_condition_result;
3666 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3667 sdeb_write_unlock(sip);
3668 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3669 return check_condition_result;
3670 }
3671 break;
3672 case 3: /* Reference tag error */
3673 if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3674 sdeb_write_unlock(sip);
3675 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3676 return illegal_condition_result;
3677 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3678 sdeb_write_unlock(sip);
3679 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3680 return check_condition_result;
3681 }
3682 break;
3683 }
3684 }
3685
3686 ret = do_device_access(sip, scp, 0, lba, num, true);
3687 if (unlikely(scsi_debug_lbp()))
3688 map_region(sip, lba, num);
3689 /* If ZBC zone then bump its write pointer */
3690 if (sdebug_dev_is_zoned(devip))
3691 zbc_inc_wp(devip, lba, num);
3692 sdeb_write_unlock(sip);
3693 if (unlikely(-1 == ret))
3694 return DID_ERROR << 16;
3695 else if (unlikely(sdebug_verbose &&
3696 (ret < (num * sdebug_sector_size))))
3697 sdev_printk(KERN_INFO, scp->device,
3698 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3699 my_name, num * sdebug_sector_size, ret);
3700
3701 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3702 atomic_read(&sdeb_inject_pending))) {
3703 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3704 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3705 atomic_set(&sdeb_inject_pending, 0);
3706 return check_condition_result;
3707 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3708 /* Logical block guard check failed */
3709 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3710 atomic_set(&sdeb_inject_pending, 0);
3711 return illegal_condition_result;
3712 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3713 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3714 atomic_set(&sdeb_inject_pending, 0);
3715 return illegal_condition_result;
3716 }
3717 }
3718 return 0;
3719}
3720
3721/*
3722 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3723 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3724 */
3725static int resp_write_scat(struct scsi_cmnd *scp,
3726 struct sdebug_dev_info *devip)
3727{
3728 u8 *cmd = scp->cmnd;
3729 u8 *lrdp = NULL;
3730 u8 *up;
3731 struct sdeb_store_info *sip = devip2sip(devip, true);
3732 u8 wrprotect;
3733 u16 lbdof, num_lrd, k;
3734 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3735 u32 lb_size = sdebug_sector_size;
3736 u32 ei_lba;
3737 u64 lba;
3738 int ret, res;
3739 bool is_16;
3740 static const u32 lrd_size = 32; /* + parameter list header size */
3741
3742 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3743 is_16 = false;
3744 wrprotect = (cmd[10] >> 5) & 0x7;
3745 lbdof = get_unaligned_be16(cmd + 12);
3746 num_lrd = get_unaligned_be16(cmd + 16);
3747 bt_len = get_unaligned_be32(cmd + 28);
3748 } else { /* that leaves WRITE SCATTERED(16) */
3749 is_16 = true;
3750 wrprotect = (cmd[2] >> 5) & 0x7;
3751 lbdof = get_unaligned_be16(cmd + 4);
3752 num_lrd = get_unaligned_be16(cmd + 8);
3753 bt_len = get_unaligned_be32(cmd + 10);
3754 if (unlikely(have_dif_prot)) {
3755 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3756 wrprotect) {
3757 mk_sense_invalid_opcode(scp);
3758 return illegal_condition_result;
3759 }
3760 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3761 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3762 wrprotect == 0)
3763 sdev_printk(KERN_ERR, scp->device,
3764 "Unprotected WR to DIF device\n");
3765 }
3766 }
3767 if ((num_lrd == 0) || (bt_len == 0))
3768 return 0; /* T10 says these do-nothings are not errors */
3769 if (lbdof == 0) {
3770 if (sdebug_verbose)
3771 sdev_printk(KERN_INFO, scp->device,
3772 "%s: %s: LB Data Offset field bad\n",
3773 my_name, __func__);
3774 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3775 return illegal_condition_result;
3776 }
3777 lbdof_blen = lbdof * lb_size;
3778 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3779 if (sdebug_verbose)
3780 sdev_printk(KERN_INFO, scp->device,
3781 "%s: %s: LBA range descriptors don't fit\n",
3782 my_name, __func__);
3783 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3784 return illegal_condition_result;
3785 }
3786 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN);
3787 if (lrdp == NULL)
3788 return SCSI_MLQUEUE_HOST_BUSY;
3789 if (sdebug_verbose)
3790 sdev_printk(KERN_INFO, scp->device,
3791 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3792 my_name, __func__, lbdof_blen);
3793 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3794 if (res == -1) {
3795 ret = DID_ERROR << 16;
3796 goto err_out;
3797 }
3798
3799 sdeb_write_lock(sip);
3800 sg_off = lbdof_blen;
3801 /* Spec says Buffer xfer Length field in number of LBs in dout */
3802 cum_lb = 0;
3803 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3804 lba = get_unaligned_be64(up + 0);
3805 num = get_unaligned_be32(up + 8);
3806 if (sdebug_verbose)
3807 sdev_printk(KERN_INFO, scp->device,
3808 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3809 my_name, __func__, k, lba, num, sg_off);
3810 if (num == 0)
3811 continue;
3812 ret = check_device_access_params(scp, lba, num, true);
3813 if (ret)
3814 goto err_out_unlock;
3815 num_by = num * lb_size;
3816 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3817
3818 if ((cum_lb + num) > bt_len) {
3819 if (sdebug_verbose)
3820 sdev_printk(KERN_INFO, scp->device,
3821 "%s: %s: sum of blocks > data provided\n",
3822 my_name, __func__);
3823 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3824 0);
3825 ret = illegal_condition_result;
3826 goto err_out_unlock;
3827 }
3828
3829 /* DIX + T10 DIF */
3830 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3831 int prot_ret = prot_verify_write(scp, lba, num,
3832 ei_lba);
3833
3834 if (prot_ret) {
3835 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3836 prot_ret);
3837 ret = illegal_condition_result;
3838 goto err_out_unlock;
3839 }
3840 }
3841
3842 ret = do_device_access(sip, scp, sg_off, lba, num, true);
3843 /* If ZBC zone then bump its write pointer */
3844 if (sdebug_dev_is_zoned(devip))
3845 zbc_inc_wp(devip, lba, num);
3846 if (unlikely(scsi_debug_lbp()))
3847 map_region(sip, lba, num);
3848 if (unlikely(-1 == ret)) {
3849 ret = DID_ERROR << 16;
3850 goto err_out_unlock;
3851 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3852 sdev_printk(KERN_INFO, scp->device,
3853 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3854 my_name, num_by, ret);
3855
3856 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3857 atomic_read(&sdeb_inject_pending))) {
3858 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3859 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3860 atomic_set(&sdeb_inject_pending, 0);
3861 ret = check_condition_result;
3862 goto err_out_unlock;
3863 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3864 /* Logical block guard check failed */
3865 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3866 atomic_set(&sdeb_inject_pending, 0);
3867 ret = illegal_condition_result;
3868 goto err_out_unlock;
3869 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3870 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3871 atomic_set(&sdeb_inject_pending, 0);
3872 ret = illegal_condition_result;
3873 goto err_out_unlock;
3874 }
3875 }
3876 sg_off += num_by;
3877 cum_lb += num;
3878 }
3879 ret = 0;
3880err_out_unlock:
3881 sdeb_write_unlock(sip);
3882err_out:
3883 kfree(lrdp);
3884 return ret;
3885}
3886
3887static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3888 u32 ei_lba, bool unmap, bool ndob)
3889{
3890 struct scsi_device *sdp = scp->device;
3891 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3892 unsigned long long i;
3893 u64 block, lbaa;
3894 u32 lb_size = sdebug_sector_size;
3895 int ret;
3896 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3897 scp->device->hostdata, true);
3898 u8 *fs1p;
3899 u8 *fsp;
3900
3901 sdeb_write_lock(sip);
3902
3903 ret = check_device_access_params(scp, lba, num, true);
3904 if (ret) {
3905 sdeb_write_unlock(sip);
3906 return ret;
3907 }
3908
3909 if (unmap && scsi_debug_lbp()) {
3910 unmap_region(sip, lba, num);
3911 goto out;
3912 }
3913 lbaa = lba;
3914 block = do_div(lbaa, sdebug_store_sectors);
3915 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3916 fsp = sip->storep;
3917 fs1p = fsp + (block * lb_size);
3918 if (ndob) {
3919 memset(fs1p, 0, lb_size);
3920 ret = 0;
3921 } else
3922 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3923
3924 if (-1 == ret) {
3925 sdeb_write_unlock(sip);
3926 return DID_ERROR << 16;
3927 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3928 sdev_printk(KERN_INFO, scp->device,
3929 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3930 my_name, "write same", lb_size, ret);
3931
3932 /* Copy first sector to remaining blocks */
3933 for (i = 1 ; i < num ; i++) {
3934 lbaa = lba + i;
3935 block = do_div(lbaa, sdebug_store_sectors);
3936 memmove(fsp + (block * lb_size), fs1p, lb_size);
3937 }
3938 if (scsi_debug_lbp())
3939 map_region(sip, lba, num);
3940 /* If ZBC zone then bump its write pointer */
3941 if (sdebug_dev_is_zoned(devip))
3942 zbc_inc_wp(devip, lba, num);
3943out:
3944 sdeb_write_unlock(sip);
3945
3946 return 0;
3947}
3948
3949static int resp_write_same_10(struct scsi_cmnd *scp,
3950 struct sdebug_dev_info *devip)
3951{
3952 u8 *cmd = scp->cmnd;
3953 u32 lba;
3954 u16 num;
3955 u32 ei_lba = 0;
3956 bool unmap = false;
3957
3958 if (cmd[1] & 0x8) {
3959 if (sdebug_lbpws10 == 0) {
3960 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3961 return check_condition_result;
3962 } else
3963 unmap = true;
3964 }
3965 lba = get_unaligned_be32(cmd + 2);
3966 num = get_unaligned_be16(cmd + 7);
3967 if (num > sdebug_write_same_length) {
3968 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3969 return check_condition_result;
3970 }
3971 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3972}
3973
3974static int resp_write_same_16(struct scsi_cmnd *scp,
3975 struct sdebug_dev_info *devip)
3976{
3977 u8 *cmd = scp->cmnd;
3978 u64 lba;
3979 u32 num;
3980 u32 ei_lba = 0;
3981 bool unmap = false;
3982 bool ndob = false;
3983
3984 if (cmd[1] & 0x8) { /* UNMAP */
3985 if (sdebug_lbpws == 0) {
3986 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3987 return check_condition_result;
3988 } else
3989 unmap = true;
3990 }
3991 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3992 ndob = true;
3993 lba = get_unaligned_be64(cmd + 2);
3994 num = get_unaligned_be32(cmd + 10);
3995 if (num > sdebug_write_same_length) {
3996 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3997 return check_condition_result;
3998 }
3999 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
4000}
4001
4002/* Note the mode field is in the same position as the (lower) service action
4003 * field. For the Report supported operation codes command, SPC-4 suggests
4004 * each mode of this command should be reported separately; for future. */
4005static int resp_write_buffer(struct scsi_cmnd *scp,
4006 struct sdebug_dev_info *devip)
4007{
4008 u8 *cmd = scp->cmnd;
4009 struct scsi_device *sdp = scp->device;
4010 struct sdebug_dev_info *dp;
4011 u8 mode;
4012
4013 mode = cmd[1] & 0x1f;
4014 switch (mode) {
4015 case 0x4: /* download microcode (MC) and activate (ACT) */
4016 /* set UAs on this device only */
4017 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4018 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
4019 break;
4020 case 0x5: /* download MC, save and ACT */
4021 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
4022 break;
4023 case 0x6: /* download MC with offsets and ACT */
4024 /* set UAs on most devices (LUs) in this target */
4025 list_for_each_entry(dp,
4026 &devip->sdbg_host->dev_info_list,
4027 dev_list)
4028 if (dp->target == sdp->id) {
4029 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
4030 if (devip != dp)
4031 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
4032 dp->uas_bm);
4033 }
4034 break;
4035 case 0x7: /* download MC with offsets, save, and ACT */
4036 /* set UA on all devices (LUs) in this target */
4037 list_for_each_entry(dp,
4038 &devip->sdbg_host->dev_info_list,
4039 dev_list)
4040 if (dp->target == sdp->id)
4041 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
4042 dp->uas_bm);
4043 break;
4044 default:
4045 /* do nothing for this command for other mode values */
4046 break;
4047 }
4048 return 0;
4049}
4050
4051static int resp_comp_write(struct scsi_cmnd *scp,
4052 struct sdebug_dev_info *devip)
4053{
4054 u8 *cmd = scp->cmnd;
4055 u8 *arr;
4056 struct sdeb_store_info *sip = devip2sip(devip, true);
4057 u64 lba;
4058 u32 dnum;
4059 u32 lb_size = sdebug_sector_size;
4060 u8 num;
4061 int ret;
4062 int retval = 0;
4063
4064 lba = get_unaligned_be64(cmd + 2);
4065 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
4066 if (0 == num)
4067 return 0; /* degenerate case, not an error */
4068 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4069 (cmd[1] & 0xe0)) {
4070 mk_sense_invalid_opcode(scp);
4071 return check_condition_result;
4072 }
4073 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4074 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4075 (cmd[1] & 0xe0) == 0)
4076 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4077 "to DIF device\n");
4078 ret = check_device_access_params(scp, lba, num, false);
4079 if (ret)
4080 return ret;
4081 dnum = 2 * num;
4082 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
4083 if (NULL == arr) {
4084 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4085 INSUFF_RES_ASCQ);
4086 return check_condition_result;
4087 }
4088
4089 sdeb_write_lock(sip);
4090
4091 ret = do_dout_fetch(scp, dnum, arr);
4092 if (ret == -1) {
4093 retval = DID_ERROR << 16;
4094 goto cleanup;
4095 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
4096 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
4097 "indicated=%u, IO sent=%d bytes\n", my_name,
4098 dnum * lb_size, ret);
4099 if (!comp_write_worker(sip, lba, num, arr, false)) {
4100 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4101 retval = check_condition_result;
4102 goto cleanup;
4103 }
4104 if (scsi_debug_lbp())
4105 map_region(sip, lba, num);
4106cleanup:
4107 sdeb_write_unlock(sip);
4108 kfree(arr);
4109 return retval;
4110}
4111
4112struct unmap_block_desc {
4113 __be64 lba;
4114 __be32 blocks;
4115 __be32 __reserved;
4116};
4117
4118static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4119{
4120 unsigned char *buf;
4121 struct unmap_block_desc *desc;
4122 struct sdeb_store_info *sip = devip2sip(devip, true);
4123 unsigned int i, payload_len, descriptors;
4124 int ret;
4125
4126 if (!scsi_debug_lbp())
4127 return 0; /* fib and say its done */
4128 payload_len = get_unaligned_be16(scp->cmnd + 7);
4129 BUG_ON(scsi_bufflen(scp) != payload_len);
4130
4131 descriptors = (payload_len - 8) / 16;
4132 if (descriptors > sdebug_unmap_max_desc) {
4133 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4134 return check_condition_result;
4135 }
4136
4137 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
4138 if (!buf) {
4139 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4140 INSUFF_RES_ASCQ);
4141 return check_condition_result;
4142 }
4143
4144 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
4145
4146 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
4147 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
4148
4149 desc = (void *)&buf[8];
4150
4151 sdeb_write_lock(sip);
4152
4153 for (i = 0 ; i < descriptors ; i++) {
4154 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
4155 unsigned int num = get_unaligned_be32(&desc[i].blocks);
4156
4157 ret = check_device_access_params(scp, lba, num, true);
4158 if (ret)
4159 goto out;
4160
4161 unmap_region(sip, lba, num);
4162 }
4163
4164 ret = 0;
4165
4166out:
4167 sdeb_write_unlock(sip);
4168 kfree(buf);
4169
4170 return ret;
4171}
4172
4173#define SDEBUG_GET_LBA_STATUS_LEN 32
4174
4175static int resp_get_lba_status(struct scsi_cmnd *scp,
4176 struct sdebug_dev_info *devip)
4177{
4178 u8 *cmd = scp->cmnd;
4179 u64 lba;
4180 u32 alloc_len, mapped, num;
4181 int ret;
4182 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
4183
4184 lba = get_unaligned_be64(cmd + 2);
4185 alloc_len = get_unaligned_be32(cmd + 10);
4186
4187 if (alloc_len < 24)
4188 return 0;
4189
4190 ret = check_device_access_params(scp, lba, 1, false);
4191 if (ret)
4192 return ret;
4193
4194 if (scsi_debug_lbp()) {
4195 struct sdeb_store_info *sip = devip2sip(devip, true);
4196
4197 mapped = map_state(sip, lba, &num);
4198 } else {
4199 mapped = 1;
4200 /* following just in case virtual_gb changed */
4201 sdebug_capacity = get_sdebug_capacity();
4202 if (sdebug_capacity - lba <= 0xffffffff)
4203 num = sdebug_capacity - lba;
4204 else
4205 num = 0xffffffff;
4206 }
4207
4208 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4209 put_unaligned_be32(20, arr); /* Parameter Data Length */
4210 put_unaligned_be64(lba, arr + 8); /* LBA */
4211 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4212 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4213
4214 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4215}
4216
4217static int resp_sync_cache(struct scsi_cmnd *scp,
4218 struct sdebug_dev_info *devip)
4219{
4220 int res = 0;
4221 u64 lba;
4222 u32 num_blocks;
4223 u8 *cmd = scp->cmnd;
4224
4225 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4226 lba = get_unaligned_be32(cmd + 2);
4227 num_blocks = get_unaligned_be16(cmd + 7);
4228 } else { /* SYNCHRONIZE_CACHE(16) */
4229 lba = get_unaligned_be64(cmd + 2);
4230 num_blocks = get_unaligned_be32(cmd + 10);
4231 }
4232 if (lba + num_blocks > sdebug_capacity) {
4233 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4234 return check_condition_result;
4235 }
4236 if (!write_since_sync || (cmd[1] & 0x2))
4237 res = SDEG_RES_IMMED_MASK;
4238 else /* delay if write_since_sync and IMMED clear */
4239 write_since_sync = false;
4240 return res;
4241}
4242
4243/*
4244 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4245 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4246 * a GOOD status otherwise. Model a disk with a big cache and yield
4247 * CONDITION MET. Actually tries to bring range in main memory into the
4248 * cache associated with the CPU(s).
4249 */
4250static int resp_pre_fetch(struct scsi_cmnd *scp,
4251 struct sdebug_dev_info *devip)
4252{
4253 int res = 0;
4254 u64 lba;
4255 u64 block, rest = 0;
4256 u32 nblks;
4257 u8 *cmd = scp->cmnd;
4258 struct sdeb_store_info *sip = devip2sip(devip, true);
4259 u8 *fsp = sip->storep;
4260
4261 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4262 lba = get_unaligned_be32(cmd + 2);
4263 nblks = get_unaligned_be16(cmd + 7);
4264 } else { /* PRE-FETCH(16) */
4265 lba = get_unaligned_be64(cmd + 2);
4266 nblks = get_unaligned_be32(cmd + 10);
4267 }
4268 if (lba + nblks > sdebug_capacity) {
4269 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4270 return check_condition_result;
4271 }
4272 if (!fsp)
4273 goto fini;
4274 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4275 block = do_div(lba, sdebug_store_sectors);
4276 if (block + nblks > sdebug_store_sectors)
4277 rest = block + nblks - sdebug_store_sectors;
4278
4279 /* Try to bring the PRE-FETCH range into CPU's cache */
4280 sdeb_read_lock(sip);
4281 prefetch_range(fsp + (sdebug_sector_size * block),
4282 (nblks - rest) * sdebug_sector_size);
4283 if (rest)
4284 prefetch_range(fsp, rest * sdebug_sector_size);
4285 sdeb_read_unlock(sip);
4286fini:
4287 if (cmd[1] & 0x2)
4288 res = SDEG_RES_IMMED_MASK;
4289 return res | condition_met_result;
4290}
4291
4292#define RL_BUCKET_ELEMS 8
4293
4294/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4295 * (W-LUN), the normal Linux scanning logic does not associate it with a
4296 * device (e.g. /dev/sg7). The following magic will make that association:
4297 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4298 * where <n> is a host number. If there are multiple targets in a host then
4299 * the above will associate a W-LUN to each target. To only get a W-LUN
4300 * for target 2, then use "echo '- 2 49409' > scan" .
4301 */
4302static int resp_report_luns(struct scsi_cmnd *scp,
4303 struct sdebug_dev_info *devip)
4304{
4305 unsigned char *cmd = scp->cmnd;
4306 unsigned int alloc_len;
4307 unsigned char select_report;
4308 u64 lun;
4309 struct scsi_lun *lun_p;
4310 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4311 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4312 unsigned int wlun_cnt; /* report luns W-LUN count */
4313 unsigned int tlun_cnt; /* total LUN count */
4314 unsigned int rlen; /* response length (in bytes) */
4315 int k, j, n, res;
4316 unsigned int off_rsp = 0;
4317 const int sz_lun = sizeof(struct scsi_lun);
4318
4319 clear_luns_changed_on_target(devip);
4320
4321 select_report = cmd[2];
4322 alloc_len = get_unaligned_be32(cmd + 6);
4323
4324 if (alloc_len < 4) {
4325 pr_err("alloc len too small %d\n", alloc_len);
4326 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4327 return check_condition_result;
4328 }
4329
4330 switch (select_report) {
4331 case 0: /* all LUNs apart from W-LUNs */
4332 lun_cnt = sdebug_max_luns;
4333 wlun_cnt = 0;
4334 break;
4335 case 1: /* only W-LUNs */
4336 lun_cnt = 0;
4337 wlun_cnt = 1;
4338 break;
4339 case 2: /* all LUNs */
4340 lun_cnt = sdebug_max_luns;
4341 wlun_cnt = 1;
4342 break;
4343 case 0x10: /* only administrative LUs */
4344 case 0x11: /* see SPC-5 */
4345 case 0x12: /* only subsiduary LUs owned by referenced LU */
4346 default:
4347 pr_debug("select report invalid %d\n", select_report);
4348 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4349 return check_condition_result;
4350 }
4351
4352 if (sdebug_no_lun_0 && (lun_cnt > 0))
4353 --lun_cnt;
4354
4355 tlun_cnt = lun_cnt + wlun_cnt;
4356 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4357 scsi_set_resid(scp, scsi_bufflen(scp));
4358 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4359 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4360
4361 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4362 lun = sdebug_no_lun_0 ? 1 : 0;
4363 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4364 memset(arr, 0, sizeof(arr));
4365 lun_p = (struct scsi_lun *)&arr[0];
4366 if (k == 0) {
4367 put_unaligned_be32(rlen, &arr[0]);
4368 ++lun_p;
4369 j = 1;
4370 }
4371 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4372 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4373 break;
4374 int_to_scsilun(lun++, lun_p);
4375 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4376 lun_p->scsi_lun[0] |= 0x40;
4377 }
4378 if (j < RL_BUCKET_ELEMS)
4379 break;
4380 n = j * sz_lun;
4381 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4382 if (res)
4383 return res;
4384 off_rsp += n;
4385 }
4386 if (wlun_cnt) {
4387 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4388 ++j;
4389 }
4390 if (j > 0)
4391 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4392 return res;
4393}
4394
4395static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4396{
4397 bool is_bytchk3 = false;
4398 u8 bytchk;
4399 int ret, j;
4400 u32 vnum, a_num, off;
4401 const u32 lb_size = sdebug_sector_size;
4402 u64 lba;
4403 u8 *arr;
4404 u8 *cmd = scp->cmnd;
4405 struct sdeb_store_info *sip = devip2sip(devip, true);
4406
4407 bytchk = (cmd[1] >> 1) & 0x3;
4408 if (bytchk == 0) {
4409 return 0; /* always claim internal verify okay */
4410 } else if (bytchk == 2) {
4411 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4412 return check_condition_result;
4413 } else if (bytchk == 3) {
4414 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4415 }
4416 switch (cmd[0]) {
4417 case VERIFY_16:
4418 lba = get_unaligned_be64(cmd + 2);
4419 vnum = get_unaligned_be32(cmd + 10);
4420 break;
4421 case VERIFY: /* is VERIFY(10) */
4422 lba = get_unaligned_be32(cmd + 2);
4423 vnum = get_unaligned_be16(cmd + 7);
4424 break;
4425 default:
4426 mk_sense_invalid_opcode(scp);
4427 return check_condition_result;
4428 }
4429 if (vnum == 0)
4430 return 0; /* not an error */
4431 a_num = is_bytchk3 ? 1 : vnum;
4432 /* Treat following check like one for read (i.e. no write) access */
4433 ret = check_device_access_params(scp, lba, a_num, false);
4434 if (ret)
4435 return ret;
4436
4437 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN);
4438 if (!arr) {
4439 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4440 INSUFF_RES_ASCQ);
4441 return check_condition_result;
4442 }
4443 /* Not changing store, so only need read access */
4444 sdeb_read_lock(sip);
4445
4446 ret = do_dout_fetch(scp, a_num, arr);
4447 if (ret == -1) {
4448 ret = DID_ERROR << 16;
4449 goto cleanup;
4450 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4451 sdev_printk(KERN_INFO, scp->device,
4452 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4453 my_name, __func__, a_num * lb_size, ret);
4454 }
4455 if (is_bytchk3) {
4456 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4457 memcpy(arr + off, arr, lb_size);
4458 }
4459 ret = 0;
4460 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4461 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4462 ret = check_condition_result;
4463 goto cleanup;
4464 }
4465cleanup:
4466 sdeb_read_unlock(sip);
4467 kfree(arr);
4468 return ret;
4469}
4470
4471#define RZONES_DESC_HD 64
4472
4473/* Report zones depending on start LBA and reporting options */
4474static int resp_report_zones(struct scsi_cmnd *scp,
4475 struct sdebug_dev_info *devip)
4476{
4477 unsigned int rep_max_zones, nrz = 0;
4478 int ret = 0;
4479 u32 alloc_len, rep_opts, rep_len;
4480 bool partial;
4481 u64 lba, zs_lba;
4482 u8 *arr = NULL, *desc;
4483 u8 *cmd = scp->cmnd;
4484 struct sdeb_zone_state *zsp = NULL;
4485 struct sdeb_store_info *sip = devip2sip(devip, false);
4486
4487 if (!sdebug_dev_is_zoned(devip)) {
4488 mk_sense_invalid_opcode(scp);
4489 return check_condition_result;
4490 }
4491 zs_lba = get_unaligned_be64(cmd + 2);
4492 alloc_len = get_unaligned_be32(cmd + 10);
4493 if (alloc_len == 0)
4494 return 0; /* not an error */
4495 rep_opts = cmd[14] & 0x3f;
4496 partial = cmd[14] & 0x80;
4497
4498 if (zs_lba >= sdebug_capacity) {
4499 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4500 return check_condition_result;
4501 }
4502
4503 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD);
4504
4505 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN);
4506 if (!arr) {
4507 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4508 INSUFF_RES_ASCQ);
4509 return check_condition_result;
4510 }
4511
4512 sdeb_read_lock(sip);
4513
4514 desc = arr + 64;
4515 for (lba = zs_lba; lba < sdebug_capacity;
4516 lba = zsp->z_start + zsp->z_size) {
4517 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba))
4518 break;
4519 zsp = zbc_zone(devip, lba);
4520 switch (rep_opts) {
4521 case 0x00:
4522 /* All zones */
4523 break;
4524 case 0x01:
4525 /* Empty zones */
4526 if (zsp->z_cond != ZC1_EMPTY)
4527 continue;
4528 break;
4529 case 0x02:
4530 /* Implicit open zones */
4531 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4532 continue;
4533 break;
4534 case 0x03:
4535 /* Explicit open zones */
4536 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4537 continue;
4538 break;
4539 case 0x04:
4540 /* Closed zones */
4541 if (zsp->z_cond != ZC4_CLOSED)
4542 continue;
4543 break;
4544 case 0x05:
4545 /* Full zones */
4546 if (zsp->z_cond != ZC5_FULL)
4547 continue;
4548 break;
4549 case 0x06:
4550 case 0x07:
4551 case 0x10:
4552 /*
4553 * Read-only, offline, reset WP recommended are
4554 * not emulated: no zones to report;
4555 */
4556 continue;
4557 case 0x11:
4558 /* non-seq-resource set */
4559 if (!zsp->z_non_seq_resource)
4560 continue;
4561 break;
4562 case 0x3e:
4563 /* All zones except gap zones. */
4564 if (zbc_zone_is_gap(zsp))
4565 continue;
4566 break;
4567 case 0x3f:
4568 /* Not write pointer (conventional) zones */
4569 if (zbc_zone_is_seq(zsp))
4570 continue;
4571 break;
4572 default:
4573 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4574 INVALID_FIELD_IN_CDB, 0);
4575 ret = check_condition_result;
4576 goto fini;
4577 }
4578
4579 if (nrz < rep_max_zones) {
4580 /* Fill zone descriptor */
4581 desc[0] = zsp->z_type;
4582 desc[1] = zsp->z_cond << 4;
4583 if (zsp->z_non_seq_resource)
4584 desc[1] |= 1 << 1;
4585 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4586 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4587 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4588 desc += 64;
4589 }
4590
4591 if (partial && nrz >= rep_max_zones)
4592 break;
4593
4594 nrz++;
4595 }
4596
4597 /* Report header */
4598 /* Zone list length. */
4599 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4600 /* Maximum LBA */
4601 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4602 /* Zone starting LBA granularity. */
4603 if (devip->zcap < devip->zsize)
4604 put_unaligned_be64(devip->zsize, arr + 16);
4605
4606 rep_len = (unsigned long)desc - (unsigned long)arr;
4607 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len));
4608
4609fini:
4610 sdeb_read_unlock(sip);
4611 kfree(arr);
4612 return ret;
4613}
4614
4615/* Logic transplanted from tcmu-runner, file_zbc.c */
4616static void zbc_open_all(struct sdebug_dev_info *devip)
4617{
4618 struct sdeb_zone_state *zsp = &devip->zstate[0];
4619 unsigned int i;
4620
4621 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4622 if (zsp->z_cond == ZC4_CLOSED)
4623 zbc_open_zone(devip, &devip->zstate[i], true);
4624 }
4625}
4626
4627static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4628{
4629 int res = 0;
4630 u64 z_id;
4631 enum sdebug_z_cond zc;
4632 u8 *cmd = scp->cmnd;
4633 struct sdeb_zone_state *zsp;
4634 bool all = cmd[14] & 0x01;
4635 struct sdeb_store_info *sip = devip2sip(devip, false);
4636
4637 if (!sdebug_dev_is_zoned(devip)) {
4638 mk_sense_invalid_opcode(scp);
4639 return check_condition_result;
4640 }
4641
4642 sdeb_write_lock(sip);
4643
4644 if (all) {
4645 /* Check if all closed zones can be open */
4646 if (devip->max_open &&
4647 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4648 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4649 INSUFF_ZONE_ASCQ);
4650 res = check_condition_result;
4651 goto fini;
4652 }
4653 /* Open all closed zones */
4654 zbc_open_all(devip);
4655 goto fini;
4656 }
4657
4658 /* Open the specified zone */
4659 z_id = get_unaligned_be64(cmd + 2);
4660 if (z_id >= sdebug_capacity) {
4661 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4662 res = check_condition_result;
4663 goto fini;
4664 }
4665
4666 zsp = zbc_zone(devip, z_id);
4667 if (z_id != zsp->z_start) {
4668 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4669 res = check_condition_result;
4670 goto fini;
4671 }
4672 if (zbc_zone_is_conv(zsp)) {
4673 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4674 res = check_condition_result;
4675 goto fini;
4676 }
4677
4678 zc = zsp->z_cond;
4679 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4680 goto fini;
4681
4682 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4683 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4684 INSUFF_ZONE_ASCQ);
4685 res = check_condition_result;
4686 goto fini;
4687 }
4688
4689 zbc_open_zone(devip, zsp, true);
4690fini:
4691 sdeb_write_unlock(sip);
4692 return res;
4693}
4694
4695static void zbc_close_all(struct sdebug_dev_info *devip)
4696{
4697 unsigned int i;
4698
4699 for (i = 0; i < devip->nr_zones; i++)
4700 zbc_close_zone(devip, &devip->zstate[i]);
4701}
4702
4703static int resp_close_zone(struct scsi_cmnd *scp,
4704 struct sdebug_dev_info *devip)
4705{
4706 int res = 0;
4707 u64 z_id;
4708 u8 *cmd = scp->cmnd;
4709 struct sdeb_zone_state *zsp;
4710 bool all = cmd[14] & 0x01;
4711 struct sdeb_store_info *sip = devip2sip(devip, false);
4712
4713 if (!sdebug_dev_is_zoned(devip)) {
4714 mk_sense_invalid_opcode(scp);
4715 return check_condition_result;
4716 }
4717
4718 sdeb_write_lock(sip);
4719
4720 if (all) {
4721 zbc_close_all(devip);
4722 goto fini;
4723 }
4724
4725 /* Close specified zone */
4726 z_id = get_unaligned_be64(cmd + 2);
4727 if (z_id >= sdebug_capacity) {
4728 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4729 res = check_condition_result;
4730 goto fini;
4731 }
4732
4733 zsp = zbc_zone(devip, z_id);
4734 if (z_id != zsp->z_start) {
4735 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4736 res = check_condition_result;
4737 goto fini;
4738 }
4739 if (zbc_zone_is_conv(zsp)) {
4740 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4741 res = check_condition_result;
4742 goto fini;
4743 }
4744
4745 zbc_close_zone(devip, zsp);
4746fini:
4747 sdeb_write_unlock(sip);
4748 return res;
4749}
4750
4751static void zbc_finish_zone(struct sdebug_dev_info *devip,
4752 struct sdeb_zone_state *zsp, bool empty)
4753{
4754 enum sdebug_z_cond zc = zsp->z_cond;
4755
4756 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
4757 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
4758 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4759 zbc_close_zone(devip, zsp);
4760 if (zsp->z_cond == ZC4_CLOSED)
4761 devip->nr_closed--;
4762 zsp->z_wp = zsp->z_start + zsp->z_size;
4763 zsp->z_cond = ZC5_FULL;
4764 }
4765}
4766
4767static void zbc_finish_all(struct sdebug_dev_info *devip)
4768{
4769 unsigned int i;
4770
4771 for (i = 0; i < devip->nr_zones; i++)
4772 zbc_finish_zone(devip, &devip->zstate[i], false);
4773}
4774
4775static int resp_finish_zone(struct scsi_cmnd *scp,
4776 struct sdebug_dev_info *devip)
4777{
4778 struct sdeb_zone_state *zsp;
4779 int res = 0;
4780 u64 z_id;
4781 u8 *cmd = scp->cmnd;
4782 bool all = cmd[14] & 0x01;
4783 struct sdeb_store_info *sip = devip2sip(devip, false);
4784
4785 if (!sdebug_dev_is_zoned(devip)) {
4786 mk_sense_invalid_opcode(scp);
4787 return check_condition_result;
4788 }
4789
4790 sdeb_write_lock(sip);
4791
4792 if (all) {
4793 zbc_finish_all(devip);
4794 goto fini;
4795 }
4796
4797 /* Finish the specified zone */
4798 z_id = get_unaligned_be64(cmd + 2);
4799 if (z_id >= sdebug_capacity) {
4800 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4801 res = check_condition_result;
4802 goto fini;
4803 }
4804
4805 zsp = zbc_zone(devip, z_id);
4806 if (z_id != zsp->z_start) {
4807 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4808 res = check_condition_result;
4809 goto fini;
4810 }
4811 if (zbc_zone_is_conv(zsp)) {
4812 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4813 res = check_condition_result;
4814 goto fini;
4815 }
4816
4817 zbc_finish_zone(devip, zsp, true);
4818fini:
4819 sdeb_write_unlock(sip);
4820 return res;
4821}
4822
4823static void zbc_rwp_zone(struct sdebug_dev_info *devip,
4824 struct sdeb_zone_state *zsp)
4825{
4826 enum sdebug_z_cond zc;
4827 struct sdeb_store_info *sip = devip2sip(devip, false);
4828
4829 if (!zbc_zone_is_seq(zsp))
4830 return;
4831
4832 zc = zsp->z_cond;
4833 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4834 zbc_close_zone(devip, zsp);
4835
4836 if (zsp->z_cond == ZC4_CLOSED)
4837 devip->nr_closed--;
4838
4839 if (zsp->z_wp > zsp->z_start)
4840 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0,
4841 (zsp->z_wp - zsp->z_start) * sdebug_sector_size);
4842
4843 zsp->z_non_seq_resource = false;
4844 zsp->z_wp = zsp->z_start;
4845 zsp->z_cond = ZC1_EMPTY;
4846}
4847
4848static void zbc_rwp_all(struct sdebug_dev_info *devip)
4849{
4850 unsigned int i;
4851
4852 for (i = 0; i < devip->nr_zones; i++)
4853 zbc_rwp_zone(devip, &devip->zstate[i]);
4854}
4855
4856static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4857{
4858 struct sdeb_zone_state *zsp;
4859 int res = 0;
4860 u64 z_id;
4861 u8 *cmd = scp->cmnd;
4862 bool all = cmd[14] & 0x01;
4863 struct sdeb_store_info *sip = devip2sip(devip, false);
4864
4865 if (!sdebug_dev_is_zoned(devip)) {
4866 mk_sense_invalid_opcode(scp);
4867 return check_condition_result;
4868 }
4869
4870 sdeb_write_lock(sip);
4871
4872 if (all) {
4873 zbc_rwp_all(devip);
4874 goto fini;
4875 }
4876
4877 z_id = get_unaligned_be64(cmd + 2);
4878 if (z_id >= sdebug_capacity) {
4879 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4880 res = check_condition_result;
4881 goto fini;
4882 }
4883
4884 zsp = zbc_zone(devip, z_id);
4885 if (z_id != zsp->z_start) {
4886 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4887 res = check_condition_result;
4888 goto fini;
4889 }
4890 if (zbc_zone_is_conv(zsp)) {
4891 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4892 res = check_condition_result;
4893 goto fini;
4894 }
4895
4896 zbc_rwp_zone(devip, zsp);
4897fini:
4898 sdeb_write_unlock(sip);
4899 return res;
4900}
4901
4902static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
4903{
4904 u16 hwq;
4905 u32 tag = blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
4906
4907 hwq = blk_mq_unique_tag_to_hwq(tag);
4908
4909 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
4910 if (WARN_ON_ONCE(hwq >= submit_queues))
4911 hwq = 0;
4912
4913 return sdebug_q_arr + hwq;
4914}
4915
4916static u32 get_tag(struct scsi_cmnd *cmnd)
4917{
4918 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
4919}
4920
4921/* Queued (deferred) command completions converge here. */
4922static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
4923{
4924 bool aborted = sd_dp->aborted;
4925 int qc_idx;
4926 int retiring = 0;
4927 unsigned long iflags;
4928 struct sdebug_queue *sqp;
4929 struct sdebug_queued_cmd *sqcp;
4930 struct scsi_cmnd *scp;
4931 struct sdebug_dev_info *devip;
4932
4933 if (unlikely(aborted))
4934 sd_dp->aborted = false;
4935 qc_idx = sd_dp->qc_idx;
4936 sqp = sdebug_q_arr + sd_dp->sqa_idx;
4937 if (sdebug_statistics) {
4938 atomic_inc(&sdebug_completions);
4939 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
4940 atomic_inc(&sdebug_miss_cpus);
4941 }
4942 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
4943 pr_err("wild qc_idx=%d\n", qc_idx);
4944 return;
4945 }
4946 spin_lock_irqsave(&sqp->qc_lock, iflags);
4947 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
4948 sqcp = &sqp->qc_arr[qc_idx];
4949 scp = sqcp->a_cmnd;
4950 if (unlikely(scp == NULL)) {
4951 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4952 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d, hc_idx=%d\n",
4953 sd_dp->sqa_idx, qc_idx, sd_dp->hc_idx);
4954 return;
4955 }
4956 devip = (struct sdebug_dev_info *)scp->device->hostdata;
4957 if (likely(devip))
4958 atomic_dec(&devip->num_in_q);
4959 else
4960 pr_err("devip=NULL\n");
4961 if (unlikely(atomic_read(&retired_max_queue) > 0))
4962 retiring = 1;
4963
4964 sqcp->a_cmnd = NULL;
4965 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
4966 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4967 pr_err("Unexpected completion\n");
4968 return;
4969 }
4970
4971 if (unlikely(retiring)) { /* user has reduced max_queue */
4972 int k, retval;
4973
4974 retval = atomic_read(&retired_max_queue);
4975 if (qc_idx >= retval) {
4976 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4977 pr_err("index %d too large\n", retval);
4978 return;
4979 }
4980 k = find_last_bit(sqp->in_use_bm, retval);
4981 if ((k < sdebug_max_queue) || (k == retval))
4982 atomic_set(&retired_max_queue, 0);
4983 else
4984 atomic_set(&retired_max_queue, k + 1);
4985 }
4986 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4987 if (unlikely(aborted)) {
4988 if (sdebug_verbose)
4989 pr_info("bypassing scsi_done() due to aborted cmd\n");
4990 return;
4991 }
4992 scsi_done(scp); /* callback to mid level */
4993}
4994
4995/* When high resolution timer goes off this function is called. */
4996static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
4997{
4998 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
4999 hrt);
5000 sdebug_q_cmd_complete(sd_dp);
5001 return HRTIMER_NORESTART;
5002}
5003
5004/* When work queue schedules work, it calls this function. */
5005static void sdebug_q_cmd_wq_complete(struct work_struct *work)
5006{
5007 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
5008 ew.work);
5009 sdebug_q_cmd_complete(sd_dp);
5010}
5011
5012static bool got_shared_uuid;
5013static uuid_t shared_uuid;
5014
5015static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
5016{
5017 struct sdeb_zone_state *zsp;
5018 sector_t capacity = get_sdebug_capacity();
5019 sector_t conv_capacity;
5020 sector_t zstart = 0;
5021 unsigned int i;
5022
5023 /*
5024 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
5025 * a zone size allowing for at least 4 zones on the device. Otherwise,
5026 * use the specified zone size checking that at least 2 zones can be
5027 * created for the device.
5028 */
5029 if (!sdeb_zbc_zone_size_mb) {
5030 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
5031 >> ilog2(sdebug_sector_size);
5032 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
5033 devip->zsize >>= 1;
5034 if (devip->zsize < 2) {
5035 pr_err("Device capacity too small\n");
5036 return -EINVAL;
5037 }
5038 } else {
5039 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
5040 pr_err("Zone size is not a power of 2\n");
5041 return -EINVAL;
5042 }
5043 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
5044 >> ilog2(sdebug_sector_size);
5045 if (devip->zsize >= capacity) {
5046 pr_err("Zone size too large for device capacity\n");
5047 return -EINVAL;
5048 }
5049 }
5050
5051 devip->zsize_shift = ilog2(devip->zsize);
5052 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
5053
5054 if (sdeb_zbc_zone_cap_mb == 0) {
5055 devip->zcap = devip->zsize;
5056 } else {
5057 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >>
5058 ilog2(sdebug_sector_size);
5059 if (devip->zcap > devip->zsize) {
5060 pr_err("Zone capacity too large\n");
5061 return -EINVAL;
5062 }
5063 }
5064
5065 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift;
5066 if (conv_capacity >= capacity) {
5067 pr_err("Number of conventional zones too large\n");
5068 return -EINVAL;
5069 }
5070 devip->nr_conv_zones = sdeb_zbc_nr_conv;
5071 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >>
5072 devip->zsize_shift;
5073 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones;
5074
5075 /* Add gap zones if zone capacity is smaller than the zone size */
5076 if (devip->zcap < devip->zsize)
5077 devip->nr_zones += devip->nr_seq_zones;
5078
5079 if (devip->zmodel == BLK_ZONED_HM) {
5080 /* zbc_max_open_zones can be 0, meaning "not reported" */
5081 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
5082 devip->max_open = (devip->nr_zones - 1) / 2;
5083 else
5084 devip->max_open = sdeb_zbc_max_open;
5085 }
5086
5087 devip->zstate = kcalloc(devip->nr_zones,
5088 sizeof(struct sdeb_zone_state), GFP_KERNEL);
5089 if (!devip->zstate)
5090 return -ENOMEM;
5091
5092 for (i = 0; i < devip->nr_zones; i++) {
5093 zsp = &devip->zstate[i];
5094
5095 zsp->z_start = zstart;
5096
5097 if (i < devip->nr_conv_zones) {
5098 zsp->z_type = ZBC_ZTYPE_CNV;
5099 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5100 zsp->z_wp = (sector_t)-1;
5101 zsp->z_size =
5102 min_t(u64, devip->zsize, capacity - zstart);
5103 } else if ((zstart & (devip->zsize - 1)) == 0) {
5104 if (devip->zmodel == BLK_ZONED_HM)
5105 zsp->z_type = ZBC_ZTYPE_SWR;
5106 else
5107 zsp->z_type = ZBC_ZTYPE_SWP;
5108 zsp->z_cond = ZC1_EMPTY;
5109 zsp->z_wp = zsp->z_start;
5110 zsp->z_size =
5111 min_t(u64, devip->zcap, capacity - zstart);
5112 } else {
5113 zsp->z_type = ZBC_ZTYPE_GAP;
5114 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5115 zsp->z_wp = (sector_t)-1;
5116 zsp->z_size = min_t(u64, devip->zsize - devip->zcap,
5117 capacity - zstart);
5118 }
5119
5120 WARN_ON_ONCE((int)zsp->z_size <= 0);
5121 zstart += zsp->z_size;
5122 }
5123
5124 return 0;
5125}
5126
5127static struct sdebug_dev_info *sdebug_device_create(
5128 struct sdebug_host_info *sdbg_host, gfp_t flags)
5129{
5130 struct sdebug_dev_info *devip;
5131
5132 devip = kzalloc(sizeof(*devip), flags);
5133 if (devip) {
5134 if (sdebug_uuid_ctl == 1)
5135 uuid_gen(&devip->lu_name);
5136 else if (sdebug_uuid_ctl == 2) {
5137 if (got_shared_uuid)
5138 devip->lu_name = shared_uuid;
5139 else {
5140 uuid_gen(&shared_uuid);
5141 got_shared_uuid = true;
5142 devip->lu_name = shared_uuid;
5143 }
5144 }
5145 devip->sdbg_host = sdbg_host;
5146 if (sdeb_zbc_in_use) {
5147 devip->zmodel = sdeb_zbc_model;
5148 if (sdebug_device_create_zones(devip)) {
5149 kfree(devip);
5150 return NULL;
5151 }
5152 } else {
5153 devip->zmodel = BLK_ZONED_NONE;
5154 }
5155 devip->sdbg_host = sdbg_host;
5156 devip->create_ts = ktime_get_boottime();
5157 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
5158 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
5159 }
5160 return devip;
5161}
5162
5163static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
5164{
5165 struct sdebug_host_info *sdbg_host;
5166 struct sdebug_dev_info *open_devip = NULL;
5167 struct sdebug_dev_info *devip;
5168
5169 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
5170 if (!sdbg_host) {
5171 pr_err("Host info NULL\n");
5172 return NULL;
5173 }
5174
5175 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5176 if ((devip->used) && (devip->channel == sdev->channel) &&
5177 (devip->target == sdev->id) &&
5178 (devip->lun == sdev->lun))
5179 return devip;
5180 else {
5181 if ((!devip->used) && (!open_devip))
5182 open_devip = devip;
5183 }
5184 }
5185 if (!open_devip) { /* try and make a new one */
5186 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
5187 if (!open_devip) {
5188 pr_err("out of memory at line %d\n", __LINE__);
5189 return NULL;
5190 }
5191 }
5192
5193 open_devip->channel = sdev->channel;
5194 open_devip->target = sdev->id;
5195 open_devip->lun = sdev->lun;
5196 open_devip->sdbg_host = sdbg_host;
5197 atomic_set(&open_devip->num_in_q, 0);
5198 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm);
5199 open_devip->used = true;
5200 return open_devip;
5201}
5202
5203static int scsi_debug_slave_alloc(struct scsi_device *sdp)
5204{
5205 if (sdebug_verbose)
5206 pr_info("slave_alloc <%u %u %u %llu>\n",
5207 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5208 return 0;
5209}
5210
5211static int scsi_debug_slave_configure(struct scsi_device *sdp)
5212{
5213 struct sdebug_dev_info *devip =
5214 (struct sdebug_dev_info *)sdp->hostdata;
5215
5216 if (sdebug_verbose)
5217 pr_info("slave_configure <%u %u %u %llu>\n",
5218 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5219 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
5220 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
5221 if (devip == NULL) {
5222 devip = find_build_dev_info(sdp);
5223 if (devip == NULL)
5224 return 1; /* no resources, will be marked offline */
5225 }
5226 sdp->hostdata = devip;
5227 if (sdebug_no_uld)
5228 sdp->no_uld_attach = 1;
5229 config_cdb_len(sdp);
5230 return 0;
5231}
5232
5233static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5234{
5235 struct sdebug_dev_info *devip =
5236 (struct sdebug_dev_info *)sdp->hostdata;
5237
5238 if (sdebug_verbose)
5239 pr_info("slave_destroy <%u %u %u %llu>\n",
5240 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5241 if (devip) {
5242 /* make this slot available for re-use */
5243 devip->used = false;
5244 sdp->hostdata = NULL;
5245 }
5246}
5247
5248static void stop_qc_helper(struct sdebug_defer *sd_dp,
5249 enum sdeb_defer_type defer_t)
5250{
5251 if (!sd_dp)
5252 return;
5253 if (defer_t == SDEB_DEFER_HRT)
5254 hrtimer_cancel(&sd_dp->hrt);
5255 else if (defer_t == SDEB_DEFER_WQ)
5256 cancel_work_sync(&sd_dp->ew.work);
5257}
5258
5259/* If @cmnd found deletes its timer or work queue and returns true; else
5260 returns false */
5261static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
5262{
5263 unsigned long iflags;
5264 int j, k, qmax, r_qmax;
5265 enum sdeb_defer_type l_defer_t;
5266 struct sdebug_queue *sqp;
5267 struct sdebug_queued_cmd *sqcp;
5268 struct sdebug_dev_info *devip;
5269 struct sdebug_defer *sd_dp;
5270
5271 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5272 spin_lock_irqsave(&sqp->qc_lock, iflags);
5273 qmax = sdebug_max_queue;
5274 r_qmax = atomic_read(&retired_max_queue);
5275 if (r_qmax > qmax)
5276 qmax = r_qmax;
5277 for (k = 0; k < qmax; ++k) {
5278 if (test_bit(k, sqp->in_use_bm)) {
5279 sqcp = &sqp->qc_arr[k];
5280 if (cmnd != sqcp->a_cmnd)
5281 continue;
5282 /* found */
5283 devip = (struct sdebug_dev_info *)
5284 cmnd->device->hostdata;
5285 if (devip)
5286 atomic_dec(&devip->num_in_q);
5287 sqcp->a_cmnd = NULL;
5288 sd_dp = sqcp->sd_dp;
5289 if (sd_dp) {
5290 l_defer_t = READ_ONCE(sd_dp->defer_t);
5291 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
5292 } else
5293 l_defer_t = SDEB_DEFER_NONE;
5294 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5295 stop_qc_helper(sd_dp, l_defer_t);
5296 clear_bit(k, sqp->in_use_bm);
5297 return true;
5298 }
5299 }
5300 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5301 }
5302 return false;
5303}
5304
5305/* Deletes (stops) timers or work queues of all queued commands */
5306static void stop_all_queued(void)
5307{
5308 unsigned long iflags;
5309 int j, k;
5310 enum sdeb_defer_type l_defer_t;
5311 struct sdebug_queue *sqp;
5312 struct sdebug_queued_cmd *sqcp;
5313 struct sdebug_dev_info *devip;
5314 struct sdebug_defer *sd_dp;
5315
5316 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5317 spin_lock_irqsave(&sqp->qc_lock, iflags);
5318 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5319 if (test_bit(k, sqp->in_use_bm)) {
5320 sqcp = &sqp->qc_arr[k];
5321 if (sqcp->a_cmnd == NULL)
5322 continue;
5323 devip = (struct sdebug_dev_info *)
5324 sqcp->a_cmnd->device->hostdata;
5325 if (devip)
5326 atomic_dec(&devip->num_in_q);
5327 sqcp->a_cmnd = NULL;
5328 sd_dp = sqcp->sd_dp;
5329 if (sd_dp) {
5330 l_defer_t = READ_ONCE(sd_dp->defer_t);
5331 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
5332 } else
5333 l_defer_t = SDEB_DEFER_NONE;
5334 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5335 stop_qc_helper(sd_dp, l_defer_t);
5336 clear_bit(k, sqp->in_use_bm);
5337 spin_lock_irqsave(&sqp->qc_lock, iflags);
5338 }
5339 }
5340 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5341 }
5342}
5343
5344/* Free queued command memory on heap */
5345static void free_all_queued(void)
5346{
5347 int j, k;
5348 struct sdebug_queue *sqp;
5349 struct sdebug_queued_cmd *sqcp;
5350
5351 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5352 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5353 sqcp = &sqp->qc_arr[k];
5354 kfree(sqcp->sd_dp);
5355 sqcp->sd_dp = NULL;
5356 }
5357 }
5358}
5359
5360static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5361{
5362 bool ok;
5363
5364 ++num_aborts;
5365 if (SCpnt) {
5366 ok = stop_queued_cmnd(SCpnt);
5367 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5368 sdev_printk(KERN_INFO, SCpnt->device,
5369 "%s: command%s found\n", __func__,
5370 ok ? "" : " not");
5371 }
5372 return SUCCESS;
5373}
5374
5375static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5376{
5377 ++num_dev_resets;
5378 if (SCpnt && SCpnt->device) {
5379 struct scsi_device *sdp = SCpnt->device;
5380 struct sdebug_dev_info *devip =
5381 (struct sdebug_dev_info *)sdp->hostdata;
5382
5383 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5384 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5385 if (devip)
5386 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5387 }
5388 return SUCCESS;
5389}
5390
5391static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5392{
5393 struct sdebug_host_info *sdbg_host;
5394 struct sdebug_dev_info *devip;
5395 struct scsi_device *sdp;
5396 struct Scsi_Host *hp;
5397 int k = 0;
5398
5399 ++num_target_resets;
5400 if (!SCpnt)
5401 goto lie;
5402 sdp = SCpnt->device;
5403 if (!sdp)
5404 goto lie;
5405 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5406 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5407 hp = sdp->host;
5408 if (!hp)
5409 goto lie;
5410 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5411 if (sdbg_host) {
5412 list_for_each_entry(devip,
5413 &sdbg_host->dev_info_list,
5414 dev_list)
5415 if (devip->target == sdp->id) {
5416 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5417 ++k;
5418 }
5419 }
5420 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5421 sdev_printk(KERN_INFO, sdp,
5422 "%s: %d device(s) found in target\n", __func__, k);
5423lie:
5424 return SUCCESS;
5425}
5426
5427static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5428{
5429 struct sdebug_host_info *sdbg_host;
5430 struct sdebug_dev_info *devip;
5431 struct scsi_device *sdp;
5432 struct Scsi_Host *hp;
5433 int k = 0;
5434
5435 ++num_bus_resets;
5436 if (!(SCpnt && SCpnt->device))
5437 goto lie;
5438 sdp = SCpnt->device;
5439 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5440 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5441 hp = sdp->host;
5442 if (hp) {
5443 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5444 if (sdbg_host) {
5445 list_for_each_entry(devip,
5446 &sdbg_host->dev_info_list,
5447 dev_list) {
5448 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5449 ++k;
5450 }
5451 }
5452 }
5453 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5454 sdev_printk(KERN_INFO, sdp,
5455 "%s: %d device(s) found in host\n", __func__, k);
5456lie:
5457 return SUCCESS;
5458}
5459
5460static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5461{
5462 struct sdebug_host_info *sdbg_host;
5463 struct sdebug_dev_info *devip;
5464 int k = 0;
5465
5466 ++num_host_resets;
5467 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5468 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5469 spin_lock(&sdebug_host_list_lock);
5470 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5471 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5472 dev_list) {
5473 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5474 ++k;
5475 }
5476 }
5477 spin_unlock(&sdebug_host_list_lock);
5478 stop_all_queued();
5479 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5480 sdev_printk(KERN_INFO, SCpnt->device,
5481 "%s: %d device(s) found\n", __func__, k);
5482 return SUCCESS;
5483}
5484
5485static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5486{
5487 struct msdos_partition *pp;
5488 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5489 int sectors_per_part, num_sectors, k;
5490 int heads_by_sects, start_sec, end_sec;
5491
5492 /* assume partition table already zeroed */
5493 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5494 return;
5495 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5496 sdebug_num_parts = SDEBUG_MAX_PARTS;
5497 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5498 }
5499 num_sectors = (int)get_sdebug_capacity();
5500 sectors_per_part = (num_sectors - sdebug_sectors_per)
5501 / sdebug_num_parts;
5502 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5503 starts[0] = sdebug_sectors_per;
5504 max_part_secs = sectors_per_part;
5505 for (k = 1; k < sdebug_num_parts; ++k) {
5506 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5507 * heads_by_sects;
5508 if (starts[k] - starts[k - 1] < max_part_secs)
5509 max_part_secs = starts[k] - starts[k - 1];
5510 }
5511 starts[sdebug_num_parts] = num_sectors;
5512 starts[sdebug_num_parts + 1] = 0;
5513
5514 ramp[510] = 0x55; /* magic partition markings */
5515 ramp[511] = 0xAA;
5516 pp = (struct msdos_partition *)(ramp + 0x1be);
5517 for (k = 0; starts[k + 1]; ++k, ++pp) {
5518 start_sec = starts[k];
5519 end_sec = starts[k] + max_part_secs - 1;
5520 pp->boot_ind = 0;
5521
5522 pp->cyl = start_sec / heads_by_sects;
5523 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5524 / sdebug_sectors_per;
5525 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5526
5527 pp->end_cyl = end_sec / heads_by_sects;
5528 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5529 / sdebug_sectors_per;
5530 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5531
5532 pp->start_sect = cpu_to_le32(start_sec);
5533 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5534 pp->sys_ind = 0x83; /* plain Linux partition */
5535 }
5536}
5537
5538static void block_unblock_all_queues(bool block)
5539{
5540 int j;
5541 struct sdebug_queue *sqp;
5542
5543 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
5544 atomic_set(&sqp->blocked, (int)block);
5545}
5546
5547/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5548 * commands will be processed normally before triggers occur.
5549 */
5550static void tweak_cmnd_count(void)
5551{
5552 int count, modulo;
5553
5554 modulo = abs(sdebug_every_nth);
5555 if (modulo < 2)
5556 return;
5557 block_unblock_all_queues(true);
5558 count = atomic_read(&sdebug_cmnd_count);
5559 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5560 block_unblock_all_queues(false);
5561}
5562
5563static void clear_queue_stats(void)
5564{
5565 atomic_set(&sdebug_cmnd_count, 0);
5566 atomic_set(&sdebug_completions, 0);
5567 atomic_set(&sdebug_miss_cpus, 0);
5568 atomic_set(&sdebug_a_tsf, 0);
5569}
5570
5571static bool inject_on_this_cmd(void)
5572{
5573 if (sdebug_every_nth == 0)
5574 return false;
5575 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5576}
5577
5578#define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5579
5580/* Complete the processing of the thread that queued a SCSI command to this
5581 * driver. It either completes the command by calling cmnd_done() or
5582 * schedules a hr timer or work queue then returns 0. Returns
5583 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5584 */
5585static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5586 int scsi_result,
5587 int (*pfp)(struct scsi_cmnd *,
5588 struct sdebug_dev_info *),
5589 int delta_jiff, int ndelay)
5590{
5591 bool new_sd_dp;
5592 bool inject = false;
5593 bool polled = scsi_cmd_to_rq(cmnd)->cmd_flags & REQ_POLLED;
5594 int k, num_in_q, qdepth;
5595 unsigned long iflags;
5596 u64 ns_from_boot = 0;
5597 struct sdebug_queue *sqp;
5598 struct sdebug_queued_cmd *sqcp;
5599 struct scsi_device *sdp;
5600 struct sdebug_defer *sd_dp;
5601
5602 if (unlikely(devip == NULL)) {
5603 if (scsi_result == 0)
5604 scsi_result = DID_NO_CONNECT << 16;
5605 goto respond_in_thread;
5606 }
5607 sdp = cmnd->device;
5608
5609 if (delta_jiff == 0)
5610 goto respond_in_thread;
5611
5612 sqp = get_queue(cmnd);
5613 spin_lock_irqsave(&sqp->qc_lock, iflags);
5614 if (unlikely(atomic_read(&sqp->blocked))) {
5615 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5616 return SCSI_MLQUEUE_HOST_BUSY;
5617 }
5618 num_in_q = atomic_read(&devip->num_in_q);
5619 qdepth = cmnd->device->queue_depth;
5620 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
5621 if (scsi_result) {
5622 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5623 goto respond_in_thread;
5624 } else
5625 scsi_result = device_qfull_result;
5626 } else if (unlikely(sdebug_every_nth &&
5627 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5628 (scsi_result == 0))) {
5629 if ((num_in_q == (qdepth - 1)) &&
5630 (atomic_inc_return(&sdebug_a_tsf) >=
5631 abs(sdebug_every_nth))) {
5632 atomic_set(&sdebug_a_tsf, 0);
5633 inject = true;
5634 scsi_result = device_qfull_result;
5635 }
5636 }
5637
5638 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
5639 if (unlikely(k >= sdebug_max_queue)) {
5640 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5641 if (scsi_result)
5642 goto respond_in_thread;
5643 scsi_result = device_qfull_result;
5644 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
5645 sdev_printk(KERN_INFO, sdp, "%s: max_queue=%d exceeded: TASK SET FULL\n",
5646 __func__, sdebug_max_queue);
5647 goto respond_in_thread;
5648 }
5649 set_bit(k, sqp->in_use_bm);
5650 atomic_inc(&devip->num_in_q);
5651 sqcp = &sqp->qc_arr[k];
5652 sqcp->a_cmnd = cmnd;
5653 cmnd->host_scribble = (unsigned char *)sqcp;
5654 sd_dp = sqcp->sd_dp;
5655 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5656
5657 if (!sd_dp) {
5658 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
5659 if (!sd_dp) {
5660 atomic_dec(&devip->num_in_q);
5661 clear_bit(k, sqp->in_use_bm);
5662 return SCSI_MLQUEUE_HOST_BUSY;
5663 }
5664 new_sd_dp = true;
5665 } else {
5666 new_sd_dp = false;
5667 }
5668
5669 /* Set the hostwide tag */
5670 if (sdebug_host_max_queue)
5671 sd_dp->hc_idx = get_tag(cmnd);
5672
5673 if (polled)
5674 ns_from_boot = ktime_get_boottime_ns();
5675
5676 /* one of the resp_*() response functions is called here */
5677 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
5678 if (cmnd->result & SDEG_RES_IMMED_MASK) {
5679 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5680 delta_jiff = ndelay = 0;
5681 }
5682 if (cmnd->result == 0 && scsi_result != 0)
5683 cmnd->result = scsi_result;
5684 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
5685 if (atomic_read(&sdeb_inject_pending)) {
5686 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
5687 atomic_set(&sdeb_inject_pending, 0);
5688 cmnd->result = check_condition_result;
5689 }
5690 }
5691
5692 if (unlikely(sdebug_verbose && cmnd->result))
5693 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
5694 __func__, cmnd->result);
5695
5696 if (delta_jiff > 0 || ndelay > 0) {
5697 ktime_t kt;
5698
5699 if (delta_jiff > 0) {
5700 u64 ns = jiffies_to_nsecs(delta_jiff);
5701
5702 if (sdebug_random && ns < U32_MAX) {
5703 ns = get_random_u32_below((u32)ns);
5704 } else if (sdebug_random) {
5705 ns >>= 12; /* scale to 4 usec precision */
5706 if (ns < U32_MAX) /* over 4 hours max */
5707 ns = get_random_u32_below((u32)ns);
5708 ns <<= 12;
5709 }
5710 kt = ns_to_ktime(ns);
5711 } else { /* ndelay has a 4.2 second max */
5712 kt = sdebug_random ? get_random_u32_below((u32)ndelay) :
5713 (u32)ndelay;
5714 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
5715 u64 d = ktime_get_boottime_ns() - ns_from_boot;
5716
5717 if (kt <= d) { /* elapsed duration >= kt */
5718 spin_lock_irqsave(&sqp->qc_lock, iflags);
5719 sqcp->a_cmnd = NULL;
5720 atomic_dec(&devip->num_in_q);
5721 clear_bit(k, sqp->in_use_bm);
5722 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5723 if (new_sd_dp)
5724 kfree(sd_dp);
5725 /* call scsi_done() from this thread */
5726 scsi_done(cmnd);
5727 return 0;
5728 }
5729 /* otherwise reduce kt by elapsed time */
5730 kt -= d;
5731 }
5732 }
5733 if (polled) {
5734 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
5735 spin_lock_irqsave(&sqp->qc_lock, iflags);
5736 if (!sd_dp->init_poll) {
5737 sd_dp->init_poll = true;
5738 sqcp->sd_dp = sd_dp;
5739 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5740 sd_dp->qc_idx = k;
5741 }
5742 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
5743 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5744 } else {
5745 if (!sd_dp->init_hrt) {
5746 sd_dp->init_hrt = true;
5747 sqcp->sd_dp = sd_dp;
5748 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
5749 HRTIMER_MODE_REL_PINNED);
5750 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5751 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5752 sd_dp->qc_idx = k;
5753 }
5754 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT);
5755 /* schedule the invocation of scsi_done() for a later time */
5756 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
5757 }
5758 if (sdebug_statistics)
5759 sd_dp->issuing_cpu = raw_smp_processor_id();
5760 } else { /* jdelay < 0, use work queue */
5761 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5762 atomic_read(&sdeb_inject_pending)))
5763 sd_dp->aborted = true;
5764 if (polled) {
5765 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
5766 spin_lock_irqsave(&sqp->qc_lock, iflags);
5767 if (!sd_dp->init_poll) {
5768 sd_dp->init_poll = true;
5769 sqcp->sd_dp = sd_dp;
5770 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5771 sd_dp->qc_idx = k;
5772 }
5773 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
5774 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5775 } else {
5776 if (!sd_dp->init_wq) {
5777 sd_dp->init_wq = true;
5778 sqcp->sd_dp = sd_dp;
5779 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5780 sd_dp->qc_idx = k;
5781 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5782 }
5783 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ);
5784 schedule_work(&sd_dp->ew.work);
5785 }
5786 if (sdebug_statistics)
5787 sd_dp->issuing_cpu = raw_smp_processor_id();
5788 if (unlikely(sd_dp->aborted)) {
5789 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
5790 scsi_cmd_to_rq(cmnd)->tag);
5791 blk_abort_request(scsi_cmd_to_rq(cmnd));
5792 atomic_set(&sdeb_inject_pending, 0);
5793 sd_dp->aborted = false;
5794 }
5795 }
5796 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && scsi_result == device_qfull_result))
5797 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, %s%s\n", __func__,
5798 num_in_q, (inject ? "<inject> " : ""), "status: TASK SET FULL");
5799 return 0;
5800
5801respond_in_thread: /* call back to mid-layer using invocation thread */
5802 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
5803 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5804 if (cmnd->result == 0 && scsi_result != 0)
5805 cmnd->result = scsi_result;
5806 scsi_done(cmnd);
5807 return 0;
5808}
5809
5810/* Note: The following macros create attribute files in the
5811 /sys/module/scsi_debug/parameters directory. Unfortunately this
5812 driver is unaware of a change and cannot trigger auxiliary actions
5813 as it can when the corresponding attribute in the
5814 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
5815 */
5816module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
5817module_param_named(ato, sdebug_ato, int, S_IRUGO);
5818module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
5819module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
5820module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
5821module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
5822module_param_named(dif, sdebug_dif, int, S_IRUGO);
5823module_param_named(dix, sdebug_dix, int, S_IRUGO);
5824module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
5825module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
5826module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
5827module_param_named(guard, sdebug_guard, uint, S_IRUGO);
5828module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
5829module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
5830module_param_string(inq_product, sdebug_inq_product_id,
5831 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
5832module_param_string(inq_rev, sdebug_inq_product_rev,
5833 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
5834module_param_string(inq_vendor, sdebug_inq_vendor_id,
5835 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
5836module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
5837module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
5838module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
5839module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
5840module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
5841module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
5842module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
5843module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
5844module_param_named(medium_error_count, sdebug_medium_error_count, int,
5845 S_IRUGO | S_IWUSR);
5846module_param_named(medium_error_start, sdebug_medium_error_start, int,
5847 S_IRUGO | S_IWUSR);
5848module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
5849module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
5850module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR);
5851module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
5852module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
5853module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
5854module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
5855module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
5856module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
5857module_param_named(per_host_store, sdebug_per_host_store, bool,
5858 S_IRUGO | S_IWUSR);
5859module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
5860module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
5861module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
5862module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
5863module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
5864module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
5865module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
5866module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
5867module_param_named(submit_queues, submit_queues, int, S_IRUGO);
5868module_param_named(poll_queues, poll_queues, int, S_IRUGO);
5869module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
5870module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
5871module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
5872module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
5873module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
5874module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
5875module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
5876module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
5877 S_IRUGO | S_IWUSR);
5878module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
5879module_param_named(write_same_length, sdebug_write_same_length, int,
5880 S_IRUGO | S_IWUSR);
5881module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
5882module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO);
5883module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
5884module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
5885module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
5886
5887MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
5888MODULE_DESCRIPTION("SCSI debug adapter driver");
5889MODULE_LICENSE("GPL");
5890MODULE_VERSION(SDEBUG_VERSION);
5891
5892MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
5893MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
5894MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
5895MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
5896MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
5897MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
5898MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
5899MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
5900MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
5901MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
5902MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
5903MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
5904MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
5905MODULE_PARM_DESC(host_max_queue,
5906 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
5907MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
5908MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
5909 SDEBUG_VERSION "\")");
5910MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
5911MODULE_PARM_DESC(lbprz,
5912 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
5913MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
5914MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
5915MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
5916MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
5917MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
5918MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
5919MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
5920MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
5921MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
5922MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
5923MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
5924MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)");
5925MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
5926MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
5927MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
5928MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
5929MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
5930MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
5931MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
5932MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
5933MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
5934MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
5935MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
5936MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
5937MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
5938MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
5939MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
5940MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
5941MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
5942MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
5943MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
5944MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
5945MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
5946MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
5947MODULE_PARM_DESC(uuid_ctl,
5948 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
5949MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
5950MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
5951MODULE_PARM_DESC(wp, "Write Protect (def=0)");
5952MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
5953MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
5954MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)");
5955MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
5956MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
5957MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
5958
5959#define SDEBUG_INFO_LEN 256
5960static char sdebug_info[SDEBUG_INFO_LEN];
5961
5962static const char *scsi_debug_info(struct Scsi_Host *shp)
5963{
5964 int k;
5965
5966 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
5967 my_name, SDEBUG_VERSION, sdebug_version_date);
5968 if (k >= (SDEBUG_INFO_LEN - 1))
5969 return sdebug_info;
5970 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
5971 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
5972 sdebug_dev_size_mb, sdebug_opts, submit_queues,
5973 "statistics", (int)sdebug_statistics);
5974 return sdebug_info;
5975}
5976
5977/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
5978static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
5979 int length)
5980{
5981 char arr[16];
5982 int opts;
5983 int minLen = length > 15 ? 15 : length;
5984
5985 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
5986 return -EACCES;
5987 memcpy(arr, buffer, minLen);
5988 arr[minLen] = '\0';
5989 if (1 != sscanf(arr, "%d", &opts))
5990 return -EINVAL;
5991 sdebug_opts = opts;
5992 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5993 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5994 if (sdebug_every_nth != 0)
5995 tweak_cmnd_count();
5996 return length;
5997}
5998
5999/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
6000 * same for each scsi_debug host (if more than one). Some of the counters
6001 * output are not atomics so might be inaccurate in a busy system. */
6002static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
6003{
6004 int f, j, l;
6005 struct sdebug_queue *sqp;
6006 struct sdebug_host_info *sdhp;
6007
6008 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
6009 SDEBUG_VERSION, sdebug_version_date);
6010 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
6011 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
6012 sdebug_opts, sdebug_every_nth);
6013 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
6014 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
6015 sdebug_sector_size, "bytes");
6016 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
6017 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
6018 num_aborts);
6019 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
6020 num_dev_resets, num_target_resets, num_bus_resets,
6021 num_host_resets);
6022 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
6023 dix_reads, dix_writes, dif_errors);
6024 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
6025 sdebug_statistics);
6026 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
6027 atomic_read(&sdebug_cmnd_count),
6028 atomic_read(&sdebug_completions),
6029 "miss_cpus", atomic_read(&sdebug_miss_cpus),
6030 atomic_read(&sdebug_a_tsf),
6031 atomic_read(&sdeb_mq_poll_count));
6032
6033 seq_printf(m, "submit_queues=%d\n", submit_queues);
6034 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
6035 seq_printf(m, " queue %d:\n", j);
6036 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
6037 if (f != sdebug_max_queue) {
6038 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
6039 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
6040 "first,last bits", f, l);
6041 }
6042 }
6043
6044 seq_printf(m, "this host_no=%d\n", host->host_no);
6045 if (!xa_empty(per_store_ap)) {
6046 bool niu;
6047 int idx;
6048 unsigned long l_idx;
6049 struct sdeb_store_info *sip;
6050
6051 seq_puts(m, "\nhost list:\n");
6052 j = 0;
6053 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6054 idx = sdhp->si_idx;
6055 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
6056 sdhp->shost->host_no, idx);
6057 ++j;
6058 }
6059 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
6060 sdeb_most_recent_idx);
6061 j = 0;
6062 xa_for_each(per_store_ap, l_idx, sip) {
6063 niu = xa_get_mark(per_store_ap, l_idx,
6064 SDEB_XA_NOT_IN_USE);
6065 idx = (int)l_idx;
6066 seq_printf(m, " %d: idx=%d%s\n", j, idx,
6067 (niu ? " not_in_use" : ""));
6068 ++j;
6069 }
6070 }
6071 return 0;
6072}
6073
6074static ssize_t delay_show(struct device_driver *ddp, char *buf)
6075{
6076 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
6077}
6078/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
6079 * of delay is jiffies.
6080 */
6081static ssize_t delay_store(struct device_driver *ddp, const char *buf,
6082 size_t count)
6083{
6084 int jdelay, res;
6085
6086 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
6087 res = count;
6088 if (sdebug_jdelay != jdelay) {
6089 int j, k;
6090 struct sdebug_queue *sqp;
6091
6092 block_unblock_all_queues(true);
6093 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6094 ++j, ++sqp) {
6095 k = find_first_bit(sqp->in_use_bm,
6096 sdebug_max_queue);
6097 if (k != sdebug_max_queue) {
6098 res = -EBUSY; /* queued commands */
6099 break;
6100 }
6101 }
6102 if (res > 0) {
6103 sdebug_jdelay = jdelay;
6104 sdebug_ndelay = 0;
6105 }
6106 block_unblock_all_queues(false);
6107 }
6108 return res;
6109 }
6110 return -EINVAL;
6111}
6112static DRIVER_ATTR_RW(delay);
6113
6114static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
6115{
6116 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
6117}
6118/* Returns -EBUSY if ndelay is being changed and commands are queued */
6119/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
6120static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
6121 size_t count)
6122{
6123 int ndelay, res;
6124
6125 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
6126 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
6127 res = count;
6128 if (sdebug_ndelay != ndelay) {
6129 int j, k;
6130 struct sdebug_queue *sqp;
6131
6132 block_unblock_all_queues(true);
6133 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6134 ++j, ++sqp) {
6135 k = find_first_bit(sqp->in_use_bm,
6136 sdebug_max_queue);
6137 if (k != sdebug_max_queue) {
6138 res = -EBUSY; /* queued commands */
6139 break;
6140 }
6141 }
6142 if (res > 0) {
6143 sdebug_ndelay = ndelay;
6144 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
6145 : DEF_JDELAY;
6146 }
6147 block_unblock_all_queues(false);
6148 }
6149 return res;
6150 }
6151 return -EINVAL;
6152}
6153static DRIVER_ATTR_RW(ndelay);
6154
6155static ssize_t opts_show(struct device_driver *ddp, char *buf)
6156{
6157 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
6158}
6159
6160static ssize_t opts_store(struct device_driver *ddp, const char *buf,
6161 size_t count)
6162{
6163 int opts;
6164 char work[20];
6165
6166 if (sscanf(buf, "%10s", work) == 1) {
6167 if (strncasecmp(work, "0x", 2) == 0) {
6168 if (kstrtoint(work + 2, 16, &opts) == 0)
6169 goto opts_done;
6170 } else {
6171 if (kstrtoint(work, 10, &opts) == 0)
6172 goto opts_done;
6173 }
6174 }
6175 return -EINVAL;
6176opts_done:
6177 sdebug_opts = opts;
6178 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6179 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6180 tweak_cmnd_count();
6181 return count;
6182}
6183static DRIVER_ATTR_RW(opts);
6184
6185static ssize_t ptype_show(struct device_driver *ddp, char *buf)
6186{
6187 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
6188}
6189static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
6190 size_t count)
6191{
6192 int n;
6193
6194 /* Cannot change from or to TYPE_ZBC with sysfs */
6195 if (sdebug_ptype == TYPE_ZBC)
6196 return -EINVAL;
6197
6198 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6199 if (n == TYPE_ZBC)
6200 return -EINVAL;
6201 sdebug_ptype = n;
6202 return count;
6203 }
6204 return -EINVAL;
6205}
6206static DRIVER_ATTR_RW(ptype);
6207
6208static ssize_t dsense_show(struct device_driver *ddp, char *buf)
6209{
6210 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
6211}
6212static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
6213 size_t count)
6214{
6215 int n;
6216
6217 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6218 sdebug_dsense = n;
6219 return count;
6220 }
6221 return -EINVAL;
6222}
6223static DRIVER_ATTR_RW(dsense);
6224
6225static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
6226{
6227 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
6228}
6229static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
6230 size_t count)
6231{
6232 int n, idx;
6233
6234 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6235 bool want_store = (n == 0);
6236 struct sdebug_host_info *sdhp;
6237
6238 n = (n > 0);
6239 sdebug_fake_rw = (sdebug_fake_rw > 0);
6240 if (sdebug_fake_rw == n)
6241 return count; /* not transitioning so do nothing */
6242
6243 if (want_store) { /* 1 --> 0 transition, set up store */
6244 if (sdeb_first_idx < 0) {
6245 idx = sdebug_add_store();
6246 if (idx < 0)
6247 return idx;
6248 } else {
6249 idx = sdeb_first_idx;
6250 xa_clear_mark(per_store_ap, idx,
6251 SDEB_XA_NOT_IN_USE);
6252 }
6253 /* make all hosts use same store */
6254 list_for_each_entry(sdhp, &sdebug_host_list,
6255 host_list) {
6256 if (sdhp->si_idx != idx) {
6257 xa_set_mark(per_store_ap, sdhp->si_idx,
6258 SDEB_XA_NOT_IN_USE);
6259 sdhp->si_idx = idx;
6260 }
6261 }
6262 sdeb_most_recent_idx = idx;
6263 } else { /* 0 --> 1 transition is trigger for shrink */
6264 sdebug_erase_all_stores(true /* apart from first */);
6265 }
6266 sdebug_fake_rw = n;
6267 return count;
6268 }
6269 return -EINVAL;
6270}
6271static DRIVER_ATTR_RW(fake_rw);
6272
6273static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6274{
6275 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6276}
6277static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6278 size_t count)
6279{
6280 int n;
6281
6282 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6283 sdebug_no_lun_0 = n;
6284 return count;
6285 }
6286 return -EINVAL;
6287}
6288static DRIVER_ATTR_RW(no_lun_0);
6289
6290static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6291{
6292 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6293}
6294static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6295 size_t count)
6296{
6297 int n;
6298
6299 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6300 sdebug_num_tgts = n;
6301 sdebug_max_tgts_luns();
6302 return count;
6303 }
6304 return -EINVAL;
6305}
6306static DRIVER_ATTR_RW(num_tgts);
6307
6308static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6309{
6310 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6311}
6312static DRIVER_ATTR_RO(dev_size_mb);
6313
6314static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6315{
6316 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6317}
6318
6319static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6320 size_t count)
6321{
6322 bool v;
6323
6324 if (kstrtobool(buf, &v))
6325 return -EINVAL;
6326
6327 sdebug_per_host_store = v;
6328 return count;
6329}
6330static DRIVER_ATTR_RW(per_host_store);
6331
6332static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6333{
6334 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6335}
6336static DRIVER_ATTR_RO(num_parts);
6337
6338static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6339{
6340 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6341}
6342static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6343 size_t count)
6344{
6345 int nth;
6346 char work[20];
6347
6348 if (sscanf(buf, "%10s", work) == 1) {
6349 if (strncasecmp(work, "0x", 2) == 0) {
6350 if (kstrtoint(work + 2, 16, &nth) == 0)
6351 goto every_nth_done;
6352 } else {
6353 if (kstrtoint(work, 10, &nth) == 0)
6354 goto every_nth_done;
6355 }
6356 }
6357 return -EINVAL;
6358
6359every_nth_done:
6360 sdebug_every_nth = nth;
6361 if (nth && !sdebug_statistics) {
6362 pr_info("every_nth needs statistics=1, set it\n");
6363 sdebug_statistics = true;
6364 }
6365 tweak_cmnd_count();
6366 return count;
6367}
6368static DRIVER_ATTR_RW(every_nth);
6369
6370static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6371{
6372 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6373}
6374static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6375 size_t count)
6376{
6377 int n;
6378 bool changed;
6379
6380 if (kstrtoint(buf, 0, &n))
6381 return -EINVAL;
6382 if (n >= 0) {
6383 if (n > (int)SAM_LUN_AM_FLAT) {
6384 pr_warn("only LUN address methods 0 and 1 are supported\n");
6385 return -EINVAL;
6386 }
6387 changed = ((int)sdebug_lun_am != n);
6388 sdebug_lun_am = n;
6389 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6390 struct sdebug_host_info *sdhp;
6391 struct sdebug_dev_info *dp;
6392
6393 spin_lock(&sdebug_host_list_lock);
6394 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6395 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6396 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6397 }
6398 }
6399 spin_unlock(&sdebug_host_list_lock);
6400 }
6401 return count;
6402 }
6403 return -EINVAL;
6404}
6405static DRIVER_ATTR_RW(lun_format);
6406
6407static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6408{
6409 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6410}
6411static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6412 size_t count)
6413{
6414 int n;
6415 bool changed;
6416
6417 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6418 if (n > 256) {
6419 pr_warn("max_luns can be no more than 256\n");
6420 return -EINVAL;
6421 }
6422 changed = (sdebug_max_luns != n);
6423 sdebug_max_luns = n;
6424 sdebug_max_tgts_luns();
6425 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6426 struct sdebug_host_info *sdhp;
6427 struct sdebug_dev_info *dp;
6428
6429 spin_lock(&sdebug_host_list_lock);
6430 list_for_each_entry(sdhp, &sdebug_host_list,
6431 host_list) {
6432 list_for_each_entry(dp, &sdhp->dev_info_list,
6433 dev_list) {
6434 set_bit(SDEBUG_UA_LUNS_CHANGED,
6435 dp->uas_bm);
6436 }
6437 }
6438 spin_unlock(&sdebug_host_list_lock);
6439 }
6440 return count;
6441 }
6442 return -EINVAL;
6443}
6444static DRIVER_ATTR_RW(max_luns);
6445
6446static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6447{
6448 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6449}
6450/* N.B. max_queue can be changed while there are queued commands. In flight
6451 * commands beyond the new max_queue will be completed. */
6452static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6453 size_t count)
6454{
6455 int j, n, k, a;
6456 struct sdebug_queue *sqp;
6457
6458 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6459 (n <= SDEBUG_CANQUEUE) &&
6460 (sdebug_host_max_queue == 0)) {
6461 block_unblock_all_queues(true);
6462 k = 0;
6463 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6464 ++j, ++sqp) {
6465 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
6466 if (a > k)
6467 k = a;
6468 }
6469 sdebug_max_queue = n;
6470 if (k == SDEBUG_CANQUEUE)
6471 atomic_set(&retired_max_queue, 0);
6472 else if (k >= n)
6473 atomic_set(&retired_max_queue, k + 1);
6474 else
6475 atomic_set(&retired_max_queue, 0);
6476 block_unblock_all_queues(false);
6477 return count;
6478 }
6479 return -EINVAL;
6480}
6481static DRIVER_ATTR_RW(max_queue);
6482
6483static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6484{
6485 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6486}
6487
6488static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf)
6489{
6490 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock);
6491}
6492
6493static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count)
6494{
6495 bool v;
6496
6497 if (kstrtobool(buf, &v))
6498 return -EINVAL;
6499
6500 sdebug_no_rwlock = v;
6501 return count;
6502}
6503static DRIVER_ATTR_RW(no_rwlock);
6504
6505/*
6506 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6507 * in range [0, sdebug_host_max_queue), we can't change it.
6508 */
6509static DRIVER_ATTR_RO(host_max_queue);
6510
6511static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6512{
6513 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6514}
6515static DRIVER_ATTR_RO(no_uld);
6516
6517static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6518{
6519 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6520}
6521static DRIVER_ATTR_RO(scsi_level);
6522
6523static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6524{
6525 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6526}
6527static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6528 size_t count)
6529{
6530 int n;
6531 bool changed;
6532
6533 /* Ignore capacity change for ZBC drives for now */
6534 if (sdeb_zbc_in_use)
6535 return -ENOTSUPP;
6536
6537 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6538 changed = (sdebug_virtual_gb != n);
6539 sdebug_virtual_gb = n;
6540 sdebug_capacity = get_sdebug_capacity();
6541 if (changed) {
6542 struct sdebug_host_info *sdhp;
6543 struct sdebug_dev_info *dp;
6544
6545 spin_lock(&sdebug_host_list_lock);
6546 list_for_each_entry(sdhp, &sdebug_host_list,
6547 host_list) {
6548 list_for_each_entry(dp, &sdhp->dev_info_list,
6549 dev_list) {
6550 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6551 dp->uas_bm);
6552 }
6553 }
6554 spin_unlock(&sdebug_host_list_lock);
6555 }
6556 return count;
6557 }
6558 return -EINVAL;
6559}
6560static DRIVER_ATTR_RW(virtual_gb);
6561
6562static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6563{
6564 /* absolute number of hosts currently active is what is shown */
6565 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6566}
6567
6568static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6569 size_t count)
6570{
6571 bool found;
6572 unsigned long idx;
6573 struct sdeb_store_info *sip;
6574 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6575 int delta_hosts;
6576
6577 if (sscanf(buf, "%d", &delta_hosts) != 1)
6578 return -EINVAL;
6579 if (delta_hosts > 0) {
6580 do {
6581 found = false;
6582 if (want_phs) {
6583 xa_for_each_marked(per_store_ap, idx, sip,
6584 SDEB_XA_NOT_IN_USE) {
6585 sdeb_most_recent_idx = (int)idx;
6586 found = true;
6587 break;
6588 }
6589 if (found) /* re-use case */
6590 sdebug_add_host_helper((int)idx);
6591 else
6592 sdebug_do_add_host(true);
6593 } else {
6594 sdebug_do_add_host(false);
6595 }
6596 } while (--delta_hosts);
6597 } else if (delta_hosts < 0) {
6598 do {
6599 sdebug_do_remove_host(false);
6600 } while (++delta_hosts);
6601 }
6602 return count;
6603}
6604static DRIVER_ATTR_RW(add_host);
6605
6606static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6607{
6608 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6609}
6610static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6611 size_t count)
6612{
6613 int n;
6614
6615 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6616 sdebug_vpd_use_hostno = n;
6617 return count;
6618 }
6619 return -EINVAL;
6620}
6621static DRIVER_ATTR_RW(vpd_use_hostno);
6622
6623static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6624{
6625 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6626}
6627static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6628 size_t count)
6629{
6630 int n;
6631
6632 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6633 if (n > 0)
6634 sdebug_statistics = true;
6635 else {
6636 clear_queue_stats();
6637 sdebug_statistics = false;
6638 }
6639 return count;
6640 }
6641 return -EINVAL;
6642}
6643static DRIVER_ATTR_RW(statistics);
6644
6645static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6646{
6647 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6648}
6649static DRIVER_ATTR_RO(sector_size);
6650
6651static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6652{
6653 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6654}
6655static DRIVER_ATTR_RO(submit_queues);
6656
6657static ssize_t dix_show(struct device_driver *ddp, char *buf)
6658{
6659 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
6660}
6661static DRIVER_ATTR_RO(dix);
6662
6663static ssize_t dif_show(struct device_driver *ddp, char *buf)
6664{
6665 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
6666}
6667static DRIVER_ATTR_RO(dif);
6668
6669static ssize_t guard_show(struct device_driver *ddp, char *buf)
6670{
6671 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
6672}
6673static DRIVER_ATTR_RO(guard);
6674
6675static ssize_t ato_show(struct device_driver *ddp, char *buf)
6676{
6677 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
6678}
6679static DRIVER_ATTR_RO(ato);
6680
6681static ssize_t map_show(struct device_driver *ddp, char *buf)
6682{
6683 ssize_t count = 0;
6684
6685 if (!scsi_debug_lbp())
6686 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
6687 sdebug_store_sectors);
6688
6689 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
6690 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
6691
6692 if (sip)
6693 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
6694 (int)map_size, sip->map_storep);
6695 }
6696 buf[count++] = '\n';
6697 buf[count] = '\0';
6698
6699 return count;
6700}
6701static DRIVER_ATTR_RO(map);
6702
6703static ssize_t random_show(struct device_driver *ddp, char *buf)
6704{
6705 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
6706}
6707
6708static ssize_t random_store(struct device_driver *ddp, const char *buf,
6709 size_t count)
6710{
6711 bool v;
6712
6713 if (kstrtobool(buf, &v))
6714 return -EINVAL;
6715
6716 sdebug_random = v;
6717 return count;
6718}
6719static DRIVER_ATTR_RW(random);
6720
6721static ssize_t removable_show(struct device_driver *ddp, char *buf)
6722{
6723 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
6724}
6725static ssize_t removable_store(struct device_driver *ddp, const char *buf,
6726 size_t count)
6727{
6728 int n;
6729
6730 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6731 sdebug_removable = (n > 0);
6732 return count;
6733 }
6734 return -EINVAL;
6735}
6736static DRIVER_ATTR_RW(removable);
6737
6738static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
6739{
6740 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
6741}
6742/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
6743static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
6744 size_t count)
6745{
6746 int n;
6747
6748 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6749 sdebug_host_lock = (n > 0);
6750 return count;
6751 }
6752 return -EINVAL;
6753}
6754static DRIVER_ATTR_RW(host_lock);
6755
6756static ssize_t strict_show(struct device_driver *ddp, char *buf)
6757{
6758 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
6759}
6760static ssize_t strict_store(struct device_driver *ddp, const char *buf,
6761 size_t count)
6762{
6763 int n;
6764
6765 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6766 sdebug_strict = (n > 0);
6767 return count;
6768 }
6769 return -EINVAL;
6770}
6771static DRIVER_ATTR_RW(strict);
6772
6773static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
6774{
6775 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
6776}
6777static DRIVER_ATTR_RO(uuid_ctl);
6778
6779static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
6780{
6781 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
6782}
6783static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
6784 size_t count)
6785{
6786 int ret, n;
6787
6788 ret = kstrtoint(buf, 0, &n);
6789 if (ret)
6790 return ret;
6791 sdebug_cdb_len = n;
6792 all_config_cdb_len();
6793 return count;
6794}
6795static DRIVER_ATTR_RW(cdb_len);
6796
6797static const char * const zbc_model_strs_a[] = {
6798 [BLK_ZONED_NONE] = "none",
6799 [BLK_ZONED_HA] = "host-aware",
6800 [BLK_ZONED_HM] = "host-managed",
6801};
6802
6803static const char * const zbc_model_strs_b[] = {
6804 [BLK_ZONED_NONE] = "no",
6805 [BLK_ZONED_HA] = "aware",
6806 [BLK_ZONED_HM] = "managed",
6807};
6808
6809static const char * const zbc_model_strs_c[] = {
6810 [BLK_ZONED_NONE] = "0",
6811 [BLK_ZONED_HA] = "1",
6812 [BLK_ZONED_HM] = "2",
6813};
6814
6815static int sdeb_zbc_model_str(const char *cp)
6816{
6817 int res = sysfs_match_string(zbc_model_strs_a, cp);
6818
6819 if (res < 0) {
6820 res = sysfs_match_string(zbc_model_strs_b, cp);
6821 if (res < 0) {
6822 res = sysfs_match_string(zbc_model_strs_c, cp);
6823 if (res < 0)
6824 return -EINVAL;
6825 }
6826 }
6827 return res;
6828}
6829
6830static ssize_t zbc_show(struct device_driver *ddp, char *buf)
6831{
6832 return scnprintf(buf, PAGE_SIZE, "%s\n",
6833 zbc_model_strs_a[sdeb_zbc_model]);
6834}
6835static DRIVER_ATTR_RO(zbc);
6836
6837static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
6838{
6839 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
6840}
6841static DRIVER_ATTR_RO(tur_ms_to_ready);
6842
6843/* Note: The following array creates attribute files in the
6844 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
6845 files (over those found in the /sys/module/scsi_debug/parameters
6846 directory) is that auxiliary actions can be triggered when an attribute
6847 is changed. For example see: add_host_store() above.
6848 */
6849
6850static struct attribute *sdebug_drv_attrs[] = {
6851 &driver_attr_delay.attr,
6852 &driver_attr_opts.attr,
6853 &driver_attr_ptype.attr,
6854 &driver_attr_dsense.attr,
6855 &driver_attr_fake_rw.attr,
6856 &driver_attr_host_max_queue.attr,
6857 &driver_attr_no_lun_0.attr,
6858 &driver_attr_num_tgts.attr,
6859 &driver_attr_dev_size_mb.attr,
6860 &driver_attr_num_parts.attr,
6861 &driver_attr_every_nth.attr,
6862 &driver_attr_lun_format.attr,
6863 &driver_attr_max_luns.attr,
6864 &driver_attr_max_queue.attr,
6865 &driver_attr_no_rwlock.attr,
6866 &driver_attr_no_uld.attr,
6867 &driver_attr_scsi_level.attr,
6868 &driver_attr_virtual_gb.attr,
6869 &driver_attr_add_host.attr,
6870 &driver_attr_per_host_store.attr,
6871 &driver_attr_vpd_use_hostno.attr,
6872 &driver_attr_sector_size.attr,
6873 &driver_attr_statistics.attr,
6874 &driver_attr_submit_queues.attr,
6875 &driver_attr_dix.attr,
6876 &driver_attr_dif.attr,
6877 &driver_attr_guard.attr,
6878 &driver_attr_ato.attr,
6879 &driver_attr_map.attr,
6880 &driver_attr_random.attr,
6881 &driver_attr_removable.attr,
6882 &driver_attr_host_lock.attr,
6883 &driver_attr_ndelay.attr,
6884 &driver_attr_strict.attr,
6885 &driver_attr_uuid_ctl.attr,
6886 &driver_attr_cdb_len.attr,
6887 &driver_attr_tur_ms_to_ready.attr,
6888 &driver_attr_zbc.attr,
6889 NULL,
6890};
6891ATTRIBUTE_GROUPS(sdebug_drv);
6892
6893static struct device *pseudo_primary;
6894
6895static int __init scsi_debug_init(void)
6896{
6897 bool want_store = (sdebug_fake_rw == 0);
6898 unsigned long sz;
6899 int k, ret, hosts_to_add;
6900 int idx = -1;
6901
6902 ramdisk_lck_a[0] = &atomic_rw;
6903 ramdisk_lck_a[1] = &atomic_rw2;
6904 atomic_set(&retired_max_queue, 0);
6905
6906 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
6907 pr_warn("ndelay must be less than 1 second, ignored\n");
6908 sdebug_ndelay = 0;
6909 } else if (sdebug_ndelay > 0)
6910 sdebug_jdelay = JDELAY_OVERRIDDEN;
6911
6912 switch (sdebug_sector_size) {
6913 case 512:
6914 case 1024:
6915 case 2048:
6916 case 4096:
6917 break;
6918 default:
6919 pr_err("invalid sector_size %d\n", sdebug_sector_size);
6920 return -EINVAL;
6921 }
6922
6923 switch (sdebug_dif) {
6924 case T10_PI_TYPE0_PROTECTION:
6925 break;
6926 case T10_PI_TYPE1_PROTECTION:
6927 case T10_PI_TYPE2_PROTECTION:
6928 case T10_PI_TYPE3_PROTECTION:
6929 have_dif_prot = true;
6930 break;
6931
6932 default:
6933 pr_err("dif must be 0, 1, 2 or 3\n");
6934 return -EINVAL;
6935 }
6936
6937 if (sdebug_num_tgts < 0) {
6938 pr_err("num_tgts must be >= 0\n");
6939 return -EINVAL;
6940 }
6941
6942 if (sdebug_guard > 1) {
6943 pr_err("guard must be 0 or 1\n");
6944 return -EINVAL;
6945 }
6946
6947 if (sdebug_ato > 1) {
6948 pr_err("ato must be 0 or 1\n");
6949 return -EINVAL;
6950 }
6951
6952 if (sdebug_physblk_exp > 15) {
6953 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
6954 return -EINVAL;
6955 }
6956
6957 sdebug_lun_am = sdebug_lun_am_i;
6958 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
6959 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
6960 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
6961 }
6962
6963 if (sdebug_max_luns > 256) {
6964 if (sdebug_max_luns > 16384) {
6965 pr_warn("max_luns can be no more than 16384, use default\n");
6966 sdebug_max_luns = DEF_MAX_LUNS;
6967 }
6968 sdebug_lun_am = SAM_LUN_AM_FLAT;
6969 }
6970
6971 if (sdebug_lowest_aligned > 0x3fff) {
6972 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
6973 return -EINVAL;
6974 }
6975
6976 if (submit_queues < 1) {
6977 pr_err("submit_queues must be 1 or more\n");
6978 return -EINVAL;
6979 }
6980
6981 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
6982 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
6983 return -EINVAL;
6984 }
6985
6986 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
6987 (sdebug_host_max_queue < 0)) {
6988 pr_err("host_max_queue must be in range [0 %d]\n",
6989 SDEBUG_CANQUEUE);
6990 return -EINVAL;
6991 }
6992
6993 if (sdebug_host_max_queue &&
6994 (sdebug_max_queue != sdebug_host_max_queue)) {
6995 sdebug_max_queue = sdebug_host_max_queue;
6996 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
6997 sdebug_max_queue);
6998 }
6999
7000 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
7001 GFP_KERNEL);
7002 if (sdebug_q_arr == NULL)
7003 return -ENOMEM;
7004 for (k = 0; k < submit_queues; ++k)
7005 spin_lock_init(&sdebug_q_arr[k].qc_lock);
7006
7007 /*
7008 * check for host managed zoned block device specified with
7009 * ptype=0x14 or zbc=XXX.
7010 */
7011 if (sdebug_ptype == TYPE_ZBC) {
7012 sdeb_zbc_model = BLK_ZONED_HM;
7013 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
7014 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
7015 if (k < 0) {
7016 ret = k;
7017 goto free_q_arr;
7018 }
7019 sdeb_zbc_model = k;
7020 switch (sdeb_zbc_model) {
7021 case BLK_ZONED_NONE:
7022 case BLK_ZONED_HA:
7023 sdebug_ptype = TYPE_DISK;
7024 break;
7025 case BLK_ZONED_HM:
7026 sdebug_ptype = TYPE_ZBC;
7027 break;
7028 default:
7029 pr_err("Invalid ZBC model\n");
7030 ret = -EINVAL;
7031 goto free_q_arr;
7032 }
7033 }
7034 if (sdeb_zbc_model != BLK_ZONED_NONE) {
7035 sdeb_zbc_in_use = true;
7036 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7037 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
7038 }
7039
7040 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7041 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
7042 if (sdebug_dev_size_mb < 1)
7043 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
7044 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7045 sdebug_store_sectors = sz / sdebug_sector_size;
7046 sdebug_capacity = get_sdebug_capacity();
7047
7048 /* play around with geometry, don't waste too much on track 0 */
7049 sdebug_heads = 8;
7050 sdebug_sectors_per = 32;
7051 if (sdebug_dev_size_mb >= 256)
7052 sdebug_heads = 64;
7053 else if (sdebug_dev_size_mb >= 16)
7054 sdebug_heads = 32;
7055 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7056 (sdebug_sectors_per * sdebug_heads);
7057 if (sdebug_cylinders_per >= 1024) {
7058 /* other LLDs do this; implies >= 1GB ram disk ... */
7059 sdebug_heads = 255;
7060 sdebug_sectors_per = 63;
7061 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7062 (sdebug_sectors_per * sdebug_heads);
7063 }
7064 if (scsi_debug_lbp()) {
7065 sdebug_unmap_max_blocks =
7066 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
7067
7068 sdebug_unmap_max_desc =
7069 clamp(sdebug_unmap_max_desc, 0U, 256U);
7070
7071 sdebug_unmap_granularity =
7072 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
7073
7074 if (sdebug_unmap_alignment &&
7075 sdebug_unmap_granularity <=
7076 sdebug_unmap_alignment) {
7077 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
7078 ret = -EINVAL;
7079 goto free_q_arr;
7080 }
7081 }
7082 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
7083 if (want_store) {
7084 idx = sdebug_add_store();
7085 if (idx < 0) {
7086 ret = idx;
7087 goto free_q_arr;
7088 }
7089 }
7090
7091 pseudo_primary = root_device_register("pseudo_0");
7092 if (IS_ERR(pseudo_primary)) {
7093 pr_warn("root_device_register() error\n");
7094 ret = PTR_ERR(pseudo_primary);
7095 goto free_vm;
7096 }
7097 ret = bus_register(&pseudo_lld_bus);
7098 if (ret < 0) {
7099 pr_warn("bus_register error: %d\n", ret);
7100 goto dev_unreg;
7101 }
7102 ret = driver_register(&sdebug_driverfs_driver);
7103 if (ret < 0) {
7104 pr_warn("driver_register error: %d\n", ret);
7105 goto bus_unreg;
7106 }
7107
7108 hosts_to_add = sdebug_add_host;
7109 sdebug_add_host = 0;
7110
7111 for (k = 0; k < hosts_to_add; k++) {
7112 if (want_store && k == 0) {
7113 ret = sdebug_add_host_helper(idx);
7114 if (ret < 0) {
7115 pr_err("add_host_helper k=%d, error=%d\n",
7116 k, -ret);
7117 break;
7118 }
7119 } else {
7120 ret = sdebug_do_add_host(want_store &&
7121 sdebug_per_host_store);
7122 if (ret < 0) {
7123 pr_err("add_host k=%d error=%d\n", k, -ret);
7124 break;
7125 }
7126 }
7127 }
7128 if (sdebug_verbose)
7129 pr_info("built %d host(s)\n", sdebug_num_hosts);
7130
7131 return 0;
7132
7133bus_unreg:
7134 bus_unregister(&pseudo_lld_bus);
7135dev_unreg:
7136 root_device_unregister(pseudo_primary);
7137free_vm:
7138 sdebug_erase_store(idx, NULL);
7139free_q_arr:
7140 kfree(sdebug_q_arr);
7141 return ret;
7142}
7143
7144static void __exit scsi_debug_exit(void)
7145{
7146 int k = sdebug_num_hosts;
7147
7148 stop_all_queued();
7149 for (; k; k--)
7150 sdebug_do_remove_host(true);
7151 free_all_queued();
7152 driver_unregister(&sdebug_driverfs_driver);
7153 bus_unregister(&pseudo_lld_bus);
7154 root_device_unregister(pseudo_primary);
7155
7156 sdebug_erase_all_stores(false);
7157 xa_destroy(per_store_ap);
7158 kfree(sdebug_q_arr);
7159}
7160
7161device_initcall(scsi_debug_init);
7162module_exit(scsi_debug_exit);
7163
7164static void sdebug_release_adapter(struct device *dev)
7165{
7166 struct sdebug_host_info *sdbg_host;
7167
7168 sdbg_host = to_sdebug_host(dev);
7169 kfree(sdbg_host);
7170}
7171
7172/* idx must be valid, if sip is NULL then it will be obtained using idx */
7173static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
7174{
7175 if (idx < 0)
7176 return;
7177 if (!sip) {
7178 if (xa_empty(per_store_ap))
7179 return;
7180 sip = xa_load(per_store_ap, idx);
7181 if (!sip)
7182 return;
7183 }
7184 vfree(sip->map_storep);
7185 vfree(sip->dif_storep);
7186 vfree(sip->storep);
7187 xa_erase(per_store_ap, idx);
7188 kfree(sip);
7189}
7190
7191/* Assume apart_from_first==false only in shutdown case. */
7192static void sdebug_erase_all_stores(bool apart_from_first)
7193{
7194 unsigned long idx;
7195 struct sdeb_store_info *sip = NULL;
7196
7197 xa_for_each(per_store_ap, idx, sip) {
7198 if (apart_from_first)
7199 apart_from_first = false;
7200 else
7201 sdebug_erase_store(idx, sip);
7202 }
7203 if (apart_from_first)
7204 sdeb_most_recent_idx = sdeb_first_idx;
7205}
7206
7207/*
7208 * Returns store xarray new element index (idx) if >=0 else negated errno.
7209 * Limit the number of stores to 65536.
7210 */
7211static int sdebug_add_store(void)
7212{
7213 int res;
7214 u32 n_idx;
7215 unsigned long iflags;
7216 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7217 struct sdeb_store_info *sip = NULL;
7218 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
7219
7220 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
7221 if (!sip)
7222 return -ENOMEM;
7223
7224 xa_lock_irqsave(per_store_ap, iflags);
7225 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
7226 if (unlikely(res < 0)) {
7227 xa_unlock_irqrestore(per_store_ap, iflags);
7228 kfree(sip);
7229 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
7230 return res;
7231 }
7232 sdeb_most_recent_idx = n_idx;
7233 if (sdeb_first_idx < 0)
7234 sdeb_first_idx = n_idx;
7235 xa_unlock_irqrestore(per_store_ap, iflags);
7236
7237 res = -ENOMEM;
7238 sip->storep = vzalloc(sz);
7239 if (!sip->storep) {
7240 pr_err("user data oom\n");
7241 goto err;
7242 }
7243 if (sdebug_num_parts > 0)
7244 sdebug_build_parts(sip->storep, sz);
7245
7246 /* DIF/DIX: what T10 calls Protection Information (PI) */
7247 if (sdebug_dix) {
7248 int dif_size;
7249
7250 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
7251 sip->dif_storep = vmalloc(dif_size);
7252
7253 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
7254 sip->dif_storep);
7255
7256 if (!sip->dif_storep) {
7257 pr_err("DIX oom\n");
7258 goto err;
7259 }
7260 memset(sip->dif_storep, 0xff, dif_size);
7261 }
7262 /* Logical Block Provisioning */
7263 if (scsi_debug_lbp()) {
7264 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
7265 sip->map_storep = vmalloc(array_size(sizeof(long),
7266 BITS_TO_LONGS(map_size)));
7267
7268 pr_info("%lu provisioning blocks\n", map_size);
7269
7270 if (!sip->map_storep) {
7271 pr_err("LBP map oom\n");
7272 goto err;
7273 }
7274
7275 bitmap_zero(sip->map_storep, map_size);
7276
7277 /* Map first 1KB for partition table */
7278 if (sdebug_num_parts)
7279 map_region(sip, 0, 2);
7280 }
7281
7282 rwlock_init(&sip->macc_lck);
7283 return (int)n_idx;
7284err:
7285 sdebug_erase_store((int)n_idx, sip);
7286 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7287 return res;
7288}
7289
7290static int sdebug_add_host_helper(int per_host_idx)
7291{
7292 int k, devs_per_host, idx;
7293 int error = -ENOMEM;
7294 struct sdebug_host_info *sdbg_host;
7295 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7296
7297 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7298 if (!sdbg_host)
7299 return -ENOMEM;
7300 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7301 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7302 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7303 sdbg_host->si_idx = idx;
7304
7305 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7306
7307 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7308 for (k = 0; k < devs_per_host; k++) {
7309 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7310 if (!sdbg_devinfo)
7311 goto clean;
7312 }
7313
7314 spin_lock(&sdebug_host_list_lock);
7315 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7316 spin_unlock(&sdebug_host_list_lock);
7317
7318 sdbg_host->dev.bus = &pseudo_lld_bus;
7319 sdbg_host->dev.parent = pseudo_primary;
7320 sdbg_host->dev.release = &sdebug_release_adapter;
7321 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7322
7323 error = device_register(&sdbg_host->dev);
7324 if (error) {
7325 spin_lock(&sdebug_host_list_lock);
7326 list_del(&sdbg_host->host_list);
7327 spin_unlock(&sdebug_host_list_lock);
7328 goto clean;
7329 }
7330
7331 ++sdebug_num_hosts;
7332 return 0;
7333
7334clean:
7335 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7336 dev_list) {
7337 list_del(&sdbg_devinfo->dev_list);
7338 kfree(sdbg_devinfo->zstate);
7339 kfree(sdbg_devinfo);
7340 }
7341 if (sdbg_host->dev.release)
7342 put_device(&sdbg_host->dev);
7343 else
7344 kfree(sdbg_host);
7345 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7346 return error;
7347}
7348
7349static int sdebug_do_add_host(bool mk_new_store)
7350{
7351 int ph_idx = sdeb_most_recent_idx;
7352
7353 if (mk_new_store) {
7354 ph_idx = sdebug_add_store();
7355 if (ph_idx < 0)
7356 return ph_idx;
7357 }
7358 return sdebug_add_host_helper(ph_idx);
7359}
7360
7361static void sdebug_do_remove_host(bool the_end)
7362{
7363 int idx = -1;
7364 struct sdebug_host_info *sdbg_host = NULL;
7365 struct sdebug_host_info *sdbg_host2;
7366
7367 spin_lock(&sdebug_host_list_lock);
7368 if (!list_empty(&sdebug_host_list)) {
7369 sdbg_host = list_entry(sdebug_host_list.prev,
7370 struct sdebug_host_info, host_list);
7371 idx = sdbg_host->si_idx;
7372 }
7373 if (!the_end && idx >= 0) {
7374 bool unique = true;
7375
7376 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7377 if (sdbg_host2 == sdbg_host)
7378 continue;
7379 if (idx == sdbg_host2->si_idx) {
7380 unique = false;
7381 break;
7382 }
7383 }
7384 if (unique) {
7385 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7386 if (idx == sdeb_most_recent_idx)
7387 --sdeb_most_recent_idx;
7388 }
7389 }
7390 if (sdbg_host)
7391 list_del(&sdbg_host->host_list);
7392 spin_unlock(&sdebug_host_list_lock);
7393
7394 if (!sdbg_host)
7395 return;
7396
7397 device_unregister(&sdbg_host->dev);
7398 --sdebug_num_hosts;
7399}
7400
7401static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7402{
7403 int num_in_q = 0;
7404 struct sdebug_dev_info *devip;
7405
7406 block_unblock_all_queues(true);
7407 devip = (struct sdebug_dev_info *)sdev->hostdata;
7408 if (NULL == devip) {
7409 block_unblock_all_queues(false);
7410 return -ENODEV;
7411 }
7412 num_in_q = atomic_read(&devip->num_in_q);
7413
7414 if (qdepth > SDEBUG_CANQUEUE) {
7415 qdepth = SDEBUG_CANQUEUE;
7416 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
7417 qdepth, SDEBUG_CANQUEUE);
7418 }
7419 if (qdepth < 1)
7420 qdepth = 1;
7421 if (qdepth != sdev->queue_depth)
7422 scsi_change_queue_depth(sdev, qdepth);
7423
7424 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
7425 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
7426 __func__, qdepth, num_in_q);
7427 }
7428 block_unblock_all_queues(false);
7429 return sdev->queue_depth;
7430}
7431
7432static bool fake_timeout(struct scsi_cmnd *scp)
7433{
7434 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7435 if (sdebug_every_nth < -1)
7436 sdebug_every_nth = -1;
7437 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7438 return true; /* ignore command causing timeout */
7439 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7440 scsi_medium_access_command(scp))
7441 return true; /* time out reads and writes */
7442 }
7443 return false;
7444}
7445
7446/* Response to TUR or media access command when device stopped */
7447static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7448{
7449 int stopped_state;
7450 u64 diff_ns = 0;
7451 ktime_t now_ts = ktime_get_boottime();
7452 struct scsi_device *sdp = scp->device;
7453
7454 stopped_state = atomic_read(&devip->stopped);
7455 if (stopped_state == 2) {
7456 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7457 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7458 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7459 /* tur_ms_to_ready timer extinguished */
7460 atomic_set(&devip->stopped, 0);
7461 return 0;
7462 }
7463 }
7464 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7465 if (sdebug_verbose)
7466 sdev_printk(KERN_INFO, sdp,
7467 "%s: Not ready: in process of becoming ready\n", my_name);
7468 if (scp->cmnd[0] == TEST_UNIT_READY) {
7469 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7470
7471 if (diff_ns <= tur_nanosecs_to_ready)
7472 diff_ns = tur_nanosecs_to_ready - diff_ns;
7473 else
7474 diff_ns = tur_nanosecs_to_ready;
7475 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7476 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7477 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7478 diff_ns);
7479 return check_condition_result;
7480 }
7481 }
7482 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7483 if (sdebug_verbose)
7484 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7485 my_name);
7486 return check_condition_result;
7487}
7488
7489static void sdebug_map_queues(struct Scsi_Host *shost)
7490{
7491 int i, qoff;
7492
7493 if (shost->nr_hw_queues == 1)
7494 return;
7495
7496 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
7497 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
7498
7499 map->nr_queues = 0;
7500
7501 if (i == HCTX_TYPE_DEFAULT)
7502 map->nr_queues = submit_queues - poll_queues;
7503 else if (i == HCTX_TYPE_POLL)
7504 map->nr_queues = poll_queues;
7505
7506 if (!map->nr_queues) {
7507 BUG_ON(i == HCTX_TYPE_DEFAULT);
7508 continue;
7509 }
7510
7511 map->queue_offset = qoff;
7512 blk_mq_map_queues(map);
7513
7514 qoff += map->nr_queues;
7515 }
7516}
7517
7518static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
7519{
7520 bool first;
7521 bool retiring = false;
7522 int num_entries = 0;
7523 unsigned int qc_idx = 0;
7524 unsigned long iflags;
7525 ktime_t kt_from_boot = ktime_get_boottime();
7526 struct sdebug_queue *sqp;
7527 struct sdebug_queued_cmd *sqcp;
7528 struct scsi_cmnd *scp;
7529 struct sdebug_dev_info *devip;
7530 struct sdebug_defer *sd_dp;
7531
7532 sqp = sdebug_q_arr + queue_num;
7533
7534 spin_lock_irqsave(&sqp->qc_lock, iflags);
7535
7536 qc_idx = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
7537 if (qc_idx >= sdebug_max_queue)
7538 goto unlock;
7539
7540 for (first = true; first || qc_idx + 1 < sdebug_max_queue; ) {
7541 if (first) {
7542 first = false;
7543 if (!test_bit(qc_idx, sqp->in_use_bm))
7544 continue;
7545 } else {
7546 qc_idx = find_next_bit(sqp->in_use_bm, sdebug_max_queue, qc_idx + 1);
7547 }
7548 if (qc_idx >= sdebug_max_queue)
7549 break;
7550
7551 sqcp = &sqp->qc_arr[qc_idx];
7552 sd_dp = sqcp->sd_dp;
7553 if (unlikely(!sd_dp))
7554 continue;
7555 scp = sqcp->a_cmnd;
7556 if (unlikely(scp == NULL)) {
7557 pr_err("scp is NULL, queue_num=%d, qc_idx=%u from %s\n",
7558 queue_num, qc_idx, __func__);
7559 break;
7560 }
7561 if (READ_ONCE(sd_dp->defer_t) == SDEB_DEFER_POLL) {
7562 if (kt_from_boot < sd_dp->cmpl_ts)
7563 continue;
7564
7565 } else /* ignoring non REQ_POLLED requests */
7566 continue;
7567 devip = (struct sdebug_dev_info *)scp->device->hostdata;
7568 if (likely(devip))
7569 atomic_dec(&devip->num_in_q);
7570 else
7571 pr_err("devip=NULL from %s\n", __func__);
7572 if (unlikely(atomic_read(&retired_max_queue) > 0))
7573 retiring = true;
7574
7575 sqcp->a_cmnd = NULL;
7576 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
7577 pr_err("Unexpected completion sqp %p queue_num=%d qc_idx=%u from %s\n",
7578 sqp, queue_num, qc_idx, __func__);
7579 break;
7580 }
7581 if (unlikely(retiring)) { /* user has reduced max_queue */
7582 int k, retval;
7583
7584 retval = atomic_read(&retired_max_queue);
7585 if (qc_idx >= retval) {
7586 pr_err("index %d too large\n", retval);
7587 break;
7588 }
7589 k = find_last_bit(sqp->in_use_bm, retval);
7590 if ((k < sdebug_max_queue) || (k == retval))
7591 atomic_set(&retired_max_queue, 0);
7592 else
7593 atomic_set(&retired_max_queue, k + 1);
7594 }
7595 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
7596 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7597 scsi_done(scp); /* callback to mid level */
7598 num_entries++;
7599 spin_lock_irqsave(&sqp->qc_lock, iflags);
7600 if (find_first_bit(sqp->in_use_bm, sdebug_max_queue) >= sdebug_max_queue)
7601 break;
7602 }
7603
7604unlock:
7605 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7606
7607 if (num_entries > 0)
7608 atomic_add(num_entries, &sdeb_mq_poll_count);
7609 return num_entries;
7610}
7611
7612static int scsi_debug_queuecommand(struct Scsi_Host *shost,
7613 struct scsi_cmnd *scp)
7614{
7615 u8 sdeb_i;
7616 struct scsi_device *sdp = scp->device;
7617 const struct opcode_info_t *oip;
7618 const struct opcode_info_t *r_oip;
7619 struct sdebug_dev_info *devip;
7620 u8 *cmd = scp->cmnd;
7621 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
7622 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
7623 int k, na;
7624 int errsts = 0;
7625 u64 lun_index = sdp->lun & 0x3FFF;
7626 u32 flags;
7627 u16 sa;
7628 u8 opcode = cmd[0];
7629 bool has_wlun_rl;
7630 bool inject_now;
7631
7632 scsi_set_resid(scp, 0);
7633 if (sdebug_statistics) {
7634 atomic_inc(&sdebug_cmnd_count);
7635 inject_now = inject_on_this_cmd();
7636 } else {
7637 inject_now = false;
7638 }
7639 if (unlikely(sdebug_verbose &&
7640 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
7641 char b[120];
7642 int n, len, sb;
7643
7644 len = scp->cmd_len;
7645 sb = (int)sizeof(b);
7646 if (len > 32)
7647 strcpy(b, "too long, over 32 bytes");
7648 else {
7649 for (k = 0, n = 0; k < len && n < sb; ++k)
7650 n += scnprintf(b + n, sb - n, "%02x ",
7651 (u32)cmd[k]);
7652 }
7653 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
7654 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b);
7655 }
7656 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
7657 return SCSI_MLQUEUE_HOST_BUSY;
7658 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
7659 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
7660 goto err_out;
7661
7662 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
7663 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
7664 devip = (struct sdebug_dev_info *)sdp->hostdata;
7665 if (unlikely(!devip)) {
7666 devip = find_build_dev_info(sdp);
7667 if (NULL == devip)
7668 goto err_out;
7669 }
7670 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
7671 atomic_set(&sdeb_inject_pending, 1);
7672
7673 na = oip->num_attached;
7674 r_pfp = oip->pfp;
7675 if (na) { /* multiple commands with this opcode */
7676 r_oip = oip;
7677 if (FF_SA & r_oip->flags) {
7678 if (F_SA_LOW & oip->flags)
7679 sa = 0x1f & cmd[1];
7680 else
7681 sa = get_unaligned_be16(cmd + 8);
7682 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7683 if (opcode == oip->opcode && sa == oip->sa)
7684 break;
7685 }
7686 } else { /* since no service action only check opcode */
7687 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7688 if (opcode == oip->opcode)
7689 break;
7690 }
7691 }
7692 if (k > na) {
7693 if (F_SA_LOW & r_oip->flags)
7694 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
7695 else if (F_SA_HIGH & r_oip->flags)
7696 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
7697 else
7698 mk_sense_invalid_opcode(scp);
7699 goto check_cond;
7700 }
7701 } /* else (when na==0) we assume the oip is a match */
7702 flags = oip->flags;
7703 if (unlikely(F_INV_OP & flags)) {
7704 mk_sense_invalid_opcode(scp);
7705 goto check_cond;
7706 }
7707 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
7708 if (sdebug_verbose)
7709 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
7710 my_name, opcode, " supported for wlun");
7711 mk_sense_invalid_opcode(scp);
7712 goto check_cond;
7713 }
7714 if (unlikely(sdebug_strict)) { /* check cdb against mask */
7715 u8 rem;
7716 int j;
7717
7718 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
7719 rem = ~oip->len_mask[k] & cmd[k];
7720 if (rem) {
7721 for (j = 7; j >= 0; --j, rem <<= 1) {
7722 if (0x80 & rem)
7723 break;
7724 }
7725 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
7726 goto check_cond;
7727 }
7728 }
7729 }
7730 if (unlikely(!(F_SKIP_UA & flags) &&
7731 find_first_bit(devip->uas_bm,
7732 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
7733 errsts = make_ua(scp, devip);
7734 if (errsts)
7735 goto check_cond;
7736 }
7737 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
7738 atomic_read(&devip->stopped))) {
7739 errsts = resp_not_ready(scp, devip);
7740 if (errsts)
7741 goto fini;
7742 }
7743 if (sdebug_fake_rw && (F_FAKE_RW & flags))
7744 goto fini;
7745 if (unlikely(sdebug_every_nth)) {
7746 if (fake_timeout(scp))
7747 return 0; /* ignore command: make trouble */
7748 }
7749 if (likely(oip->pfp))
7750 pfp = oip->pfp; /* calls a resp_* function */
7751 else
7752 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
7753
7754fini:
7755 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
7756 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
7757 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
7758 sdebug_ndelay > 10000)) {
7759 /*
7760 * Skip long delays if ndelay <= 10 microseconds. Otherwise
7761 * for Start Stop Unit (SSU) want at least 1 second delay and
7762 * if sdebug_jdelay>1 want a long delay of that many seconds.
7763 * For Synchronize Cache want 1/20 of SSU's delay.
7764 */
7765 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
7766 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
7767
7768 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
7769 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
7770 } else
7771 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
7772 sdebug_ndelay);
7773check_cond:
7774 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
7775err_out:
7776 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
7777}
7778
7779static struct scsi_host_template sdebug_driver_template = {
7780 .show_info = scsi_debug_show_info,
7781 .write_info = scsi_debug_write_info,
7782 .proc_name = sdebug_proc_name,
7783 .name = "SCSI DEBUG",
7784 .info = scsi_debug_info,
7785 .slave_alloc = scsi_debug_slave_alloc,
7786 .slave_configure = scsi_debug_slave_configure,
7787 .slave_destroy = scsi_debug_slave_destroy,
7788 .ioctl = scsi_debug_ioctl,
7789 .queuecommand = scsi_debug_queuecommand,
7790 .change_queue_depth = sdebug_change_qdepth,
7791 .map_queues = sdebug_map_queues,
7792 .mq_poll = sdebug_blk_mq_poll,
7793 .eh_abort_handler = scsi_debug_abort,
7794 .eh_device_reset_handler = scsi_debug_device_reset,
7795 .eh_target_reset_handler = scsi_debug_target_reset,
7796 .eh_bus_reset_handler = scsi_debug_bus_reset,
7797 .eh_host_reset_handler = scsi_debug_host_reset,
7798 .can_queue = SDEBUG_CANQUEUE,
7799 .this_id = 7,
7800 .sg_tablesize = SG_MAX_SEGMENTS,
7801 .cmd_per_lun = DEF_CMD_PER_LUN,
7802 .max_sectors = -1U,
7803 .max_segment_size = -1U,
7804 .module = THIS_MODULE,
7805 .track_queue_depth = 1,
7806};
7807
7808static int sdebug_driver_probe(struct device *dev)
7809{
7810 int error = 0;
7811 struct sdebug_host_info *sdbg_host;
7812 struct Scsi_Host *hpnt;
7813 int hprot;
7814
7815 sdbg_host = to_sdebug_host(dev);
7816
7817 sdebug_driver_template.can_queue = sdebug_max_queue;
7818 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
7819 if (!sdebug_clustering)
7820 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
7821
7822 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
7823 if (NULL == hpnt) {
7824 pr_err("scsi_host_alloc failed\n");
7825 error = -ENODEV;
7826 return error;
7827 }
7828 if (submit_queues > nr_cpu_ids) {
7829 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
7830 my_name, submit_queues, nr_cpu_ids);
7831 submit_queues = nr_cpu_ids;
7832 }
7833 /*
7834 * Decide whether to tell scsi subsystem that we want mq. The
7835 * following should give the same answer for each host.
7836 */
7837 hpnt->nr_hw_queues = submit_queues;
7838 if (sdebug_host_max_queue)
7839 hpnt->host_tagset = 1;
7840
7841 /* poll queues are possible for nr_hw_queues > 1 */
7842 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
7843 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
7844 my_name, poll_queues, hpnt->nr_hw_queues);
7845 poll_queues = 0;
7846 }
7847
7848 /*
7849 * Poll queues don't need interrupts, but we need at least one I/O queue
7850 * left over for non-polled I/O.
7851 * If condition not met, trim poll_queues to 1 (just for simplicity).
7852 */
7853 if (poll_queues >= submit_queues) {
7854 if (submit_queues < 3)
7855 pr_warn("%s: trim poll_queues to 1\n", my_name);
7856 else
7857 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
7858 my_name, submit_queues - 1);
7859 poll_queues = 1;
7860 }
7861 if (poll_queues)
7862 hpnt->nr_maps = 3;
7863
7864 sdbg_host->shost = hpnt;
7865 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
7866 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
7867 hpnt->max_id = sdebug_num_tgts + 1;
7868 else
7869 hpnt->max_id = sdebug_num_tgts;
7870 /* = sdebug_max_luns; */
7871 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
7872
7873 hprot = 0;
7874
7875 switch (sdebug_dif) {
7876
7877 case T10_PI_TYPE1_PROTECTION:
7878 hprot = SHOST_DIF_TYPE1_PROTECTION;
7879 if (sdebug_dix)
7880 hprot |= SHOST_DIX_TYPE1_PROTECTION;
7881 break;
7882
7883 case T10_PI_TYPE2_PROTECTION:
7884 hprot = SHOST_DIF_TYPE2_PROTECTION;
7885 if (sdebug_dix)
7886 hprot |= SHOST_DIX_TYPE2_PROTECTION;
7887 break;
7888
7889 case T10_PI_TYPE3_PROTECTION:
7890 hprot = SHOST_DIF_TYPE3_PROTECTION;
7891 if (sdebug_dix)
7892 hprot |= SHOST_DIX_TYPE3_PROTECTION;
7893 break;
7894
7895 default:
7896 if (sdebug_dix)
7897 hprot |= SHOST_DIX_TYPE0_PROTECTION;
7898 break;
7899 }
7900
7901 scsi_host_set_prot(hpnt, hprot);
7902
7903 if (have_dif_prot || sdebug_dix)
7904 pr_info("host protection%s%s%s%s%s%s%s\n",
7905 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
7906 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
7907 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
7908 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
7909 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
7910 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
7911 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
7912
7913 if (sdebug_guard == 1)
7914 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
7915 else
7916 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
7917
7918 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
7919 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
7920 if (sdebug_every_nth) /* need stats counters for every_nth */
7921 sdebug_statistics = true;
7922 error = scsi_add_host(hpnt, &sdbg_host->dev);
7923 if (error) {
7924 pr_err("scsi_add_host failed\n");
7925 error = -ENODEV;
7926 scsi_host_put(hpnt);
7927 } else {
7928 scsi_scan_host(hpnt);
7929 }
7930
7931 return error;
7932}
7933
7934static void sdebug_driver_remove(struct device *dev)
7935{
7936 struct sdebug_host_info *sdbg_host;
7937 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7938
7939 sdbg_host = to_sdebug_host(dev);
7940
7941 scsi_remove_host(sdbg_host->shost);
7942
7943 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7944 dev_list) {
7945 list_del(&sdbg_devinfo->dev_list);
7946 kfree(sdbg_devinfo->zstate);
7947 kfree(sdbg_devinfo);
7948 }
7949
7950 scsi_host_put(sdbg_host->shost);
7951}
7952
7953static int pseudo_lld_bus_match(struct device *dev,
7954 struct device_driver *dev_driver)
7955{
7956 return 1;
7957}
7958
7959static struct bus_type pseudo_lld_bus = {
7960 .name = "pseudo",
7961 .match = pseudo_lld_bus_match,
7962 .probe = sdebug_driver_probe,
7963 .remove = sdebug_driver_remove,
7964 .drv_groups = sdebug_drv_groups,
7965};