Loading...
1/*
2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
8 *
9 * Copyright (C) 2001 - 2018 Douglas Gilbert
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2, or (at your option)
14 * any later version.
15 *
16 * For documentation see http://sg.danny.cz/sg/sdebug26.html
17 *
18 */
19
20
21#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
22
23#include <linux/module.h>
24
25#include <linux/kernel.h>
26#include <linux/errno.h>
27#include <linux/jiffies.h>
28#include <linux/slab.h>
29#include <linux/types.h>
30#include <linux/string.h>
31#include <linux/genhd.h>
32#include <linux/fs.h>
33#include <linux/init.h>
34#include <linux/proc_fs.h>
35#include <linux/vmalloc.h>
36#include <linux/moduleparam.h>
37#include <linux/scatterlist.h>
38#include <linux/blkdev.h>
39#include <linux/crc-t10dif.h>
40#include <linux/spinlock.h>
41#include <linux/interrupt.h>
42#include <linux/atomic.h>
43#include <linux/hrtimer.h>
44#include <linux/uuid.h>
45#include <linux/t10-pi.h>
46
47#include <net/checksum.h>
48
49#include <asm/unaligned.h>
50
51#include <scsi/scsi.h>
52#include <scsi/scsi_cmnd.h>
53#include <scsi/scsi_device.h>
54#include <scsi/scsi_host.h>
55#include <scsi/scsicam.h>
56#include <scsi/scsi_eh.h>
57#include <scsi/scsi_tcq.h>
58#include <scsi/scsi_dbg.h>
59
60#include "sd.h"
61#include "scsi_logging.h"
62
63/* make sure inq_product_rev string corresponds to this version */
64#define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
65static const char *sdebug_version_date = "20180128";
66
67#define MY_NAME "scsi_debug"
68
69/* Additional Sense Code (ASC) */
70#define NO_ADDITIONAL_SENSE 0x0
71#define LOGICAL_UNIT_NOT_READY 0x4
72#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73#define UNRECOVERED_READ_ERR 0x11
74#define PARAMETER_LIST_LENGTH_ERR 0x1a
75#define INVALID_OPCODE 0x20
76#define LBA_OUT_OF_RANGE 0x21
77#define INVALID_FIELD_IN_CDB 0x24
78#define INVALID_FIELD_IN_PARAM_LIST 0x26
79#define UA_RESET_ASC 0x29
80#define UA_CHANGED_ASC 0x2a
81#define TARGET_CHANGED_ASC 0x3f
82#define LUNS_CHANGED_ASCQ 0x0e
83#define INSUFF_RES_ASC 0x55
84#define INSUFF_RES_ASCQ 0x3
85#define POWER_ON_RESET_ASCQ 0x0
86#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88#define CAPACITY_CHANGED_ASCQ 0x9
89#define SAVING_PARAMS_UNSUP 0x39
90#define TRANSPORT_PROBLEM 0x4b
91#define THRESHOLD_EXCEEDED 0x5d
92#define LOW_POWER_COND_ON 0x5e
93#define MISCOMPARE_VERIFY_ASC 0x1d
94#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96#define WRITE_ERROR_ASC 0xc
97
98/* Additional Sense Code Qualifier (ASCQ) */
99#define ACK_NAK_TO 0x3
100
101/* Default values for driver parameters */
102#define DEF_NUM_HOST 1
103#define DEF_NUM_TGTS 1
104#define DEF_MAX_LUNS 1
105/* With these defaults, this driver will make 1 host with 1 target
106 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
107 */
108#define DEF_ATO 1
109#define DEF_CDB_LEN 10
110#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
111#define DEF_DEV_SIZE_MB 8
112#define DEF_DIF 0
113#define DEF_DIX 0
114#define DEF_D_SENSE 0
115#define DEF_EVERY_NTH 0
116#define DEF_FAKE_RW 0
117#define DEF_GUARD 0
118#define DEF_HOST_LOCK 0
119#define DEF_LBPU 0
120#define DEF_LBPWS 0
121#define DEF_LBPWS10 0
122#define DEF_LBPRZ 1
123#define DEF_LOWEST_ALIGNED 0
124#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
125#define DEF_NO_LUN_0 0
126#define DEF_NUM_PARTS 0
127#define DEF_OPTS 0
128#define DEF_OPT_BLKS 1024
129#define DEF_PHYSBLK_EXP 0
130#define DEF_OPT_XFERLEN_EXP 0
131#define DEF_PTYPE TYPE_DISK
132#define DEF_REMOVABLE false
133#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
134#define DEF_SECTOR_SIZE 512
135#define DEF_UNMAP_ALIGNMENT 0
136#define DEF_UNMAP_GRANULARITY 1
137#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
138#define DEF_UNMAP_MAX_DESC 256
139#define DEF_VIRTUAL_GB 0
140#define DEF_VPD_USE_HOSTNO 1
141#define DEF_WRITESAME_LENGTH 0xFFFF
142#define DEF_STRICT 0
143#define DEF_STATISTICS false
144#define DEF_SUBMIT_QUEUES 1
145#define DEF_UUID_CTL 0
146#define JDELAY_OVERRIDDEN -9999
147
148#define SDEBUG_LUN_0_VAL 0
149
150/* bit mask values for sdebug_opts */
151#define SDEBUG_OPT_NOISE 1
152#define SDEBUG_OPT_MEDIUM_ERR 2
153#define SDEBUG_OPT_TIMEOUT 4
154#define SDEBUG_OPT_RECOVERED_ERR 8
155#define SDEBUG_OPT_TRANSPORT_ERR 16
156#define SDEBUG_OPT_DIF_ERR 32
157#define SDEBUG_OPT_DIX_ERR 64
158#define SDEBUG_OPT_MAC_TIMEOUT 128
159#define SDEBUG_OPT_SHORT_TRANSFER 0x100
160#define SDEBUG_OPT_Q_NOISE 0x200
161#define SDEBUG_OPT_ALL_TSF 0x400
162#define SDEBUG_OPT_RARE_TSF 0x800
163#define SDEBUG_OPT_N_WCE 0x1000
164#define SDEBUG_OPT_RESET_NOISE 0x2000
165#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
166#define SDEBUG_OPT_HOST_BUSY 0x8000
167#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
168 SDEBUG_OPT_RESET_NOISE)
169#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
170 SDEBUG_OPT_TRANSPORT_ERR | \
171 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
172 SDEBUG_OPT_SHORT_TRANSFER | \
173 SDEBUG_OPT_HOST_BUSY)
174/* When "every_nth" > 0 then modulo "every_nth" commands:
175 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
176 * - a RECOVERED_ERROR is simulated on successful read and write
177 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
178 * - a TRANSPORT_ERROR is simulated on successful read and write
179 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
180 *
181 * When "every_nth" < 0 then after "- every_nth" commands:
182 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
183 * - a RECOVERED_ERROR is simulated on successful read and write
184 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
185 * - a TRANSPORT_ERROR is simulated on successful read and write
186 * commands if _DEBUG_OPT_TRANSPORT_ERR is set.
187 * This will continue on every subsequent command until some other action
188 * occurs (e.g. the user * writing a new value (other than -1 or 1) to
189 * every_nth via sysfs).
190 */
191
192/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
193 * priority order. In the subset implemented here lower numbers have higher
194 * priority. The UA numbers should be a sequence starting from 0 with
195 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
196#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
197#define SDEBUG_UA_BUS_RESET 1
198#define SDEBUG_UA_MODE_CHANGED 2
199#define SDEBUG_UA_CAPACITY_CHANGED 3
200#define SDEBUG_UA_LUNS_CHANGED 4
201#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
202#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
203#define SDEBUG_NUM_UAS 7
204
205/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
206 * sector on read commands: */
207#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
208#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
209
210/* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
211 * or "peripheral device" addressing (value 0) */
212#define SAM2_LUN_ADDRESS_METHOD 0
213
214/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
215 * (for response) per submit queue at one time. Can be reduced by max_queue
216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
217 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
219 * but cannot exceed SDEBUG_CANQUEUE .
220 */
221#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
222#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
223#define DEF_CMD_PER_LUN 255
224
225#define F_D_IN 1
226#define F_D_OUT 2
227#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
228#define F_D_UNKN 8
229#define F_RL_WLUN_OK 0x10
230#define F_SKIP_UA 0x20
231#define F_DELAY_OVERR 0x40
232#define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
233#define F_SA_HIGH 0x100 /* as used by variable length cdbs */
234#define F_INV_OP 0x200
235#define F_FAKE_RW 0x400
236#define F_M_ACCESS 0x800 /* media access */
237#define F_SSU_DELAY 0x1000
238#define F_SYNC_DELAY 0x2000
239
240#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
241#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
242#define FF_SA (F_SA_HIGH | F_SA_LOW)
243#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
244
245#define SDEBUG_MAX_PARTS 4
246
247#define SDEBUG_MAX_CMD_LEN 32
248
249
250struct sdebug_dev_info {
251 struct list_head dev_list;
252 unsigned int channel;
253 unsigned int target;
254 u64 lun;
255 uuid_t lu_name;
256 struct sdebug_host_info *sdbg_host;
257 unsigned long uas_bm[1];
258 atomic_t num_in_q;
259 atomic_t stopped;
260 bool used;
261};
262
263struct sdebug_host_info {
264 struct list_head host_list;
265 struct Scsi_Host *shost;
266 struct device dev;
267 struct list_head dev_info_list;
268};
269
270#define to_sdebug_host(d) \
271 container_of(d, struct sdebug_host_info, dev)
272
273enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
274 SDEB_DEFER_WQ = 2};
275
276struct sdebug_defer {
277 struct hrtimer hrt;
278 struct execute_work ew;
279 int sqa_idx; /* index of sdebug_queue array */
280 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
281 int issuing_cpu;
282 bool init_hrt;
283 bool init_wq;
284 enum sdeb_defer_type defer_t;
285};
286
287struct sdebug_queued_cmd {
288 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
289 * instance indicates this slot is in use.
290 */
291 struct sdebug_defer *sd_dp;
292 struct scsi_cmnd *a_cmnd;
293 unsigned int inj_recovered:1;
294 unsigned int inj_transport:1;
295 unsigned int inj_dif:1;
296 unsigned int inj_dix:1;
297 unsigned int inj_short:1;
298 unsigned int inj_host_busy:1;
299};
300
301struct sdebug_queue {
302 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
303 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
304 spinlock_t qc_lock;
305 atomic_t blocked; /* to temporarily stop more being queued */
306};
307
308static atomic_t sdebug_cmnd_count; /* number of incoming commands */
309static atomic_t sdebug_completions; /* count of deferred completions */
310static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
311static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
312
313struct opcode_info_t {
314 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
315 /* for terminating element */
316 u8 opcode; /* if num_attached > 0, preferred */
317 u16 sa; /* service action */
318 u32 flags; /* OR-ed set of SDEB_F_* */
319 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
320 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
321 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
322 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
323};
324
325/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
326enum sdeb_opcode_index {
327 SDEB_I_INVALID_OPCODE = 0,
328 SDEB_I_INQUIRY = 1,
329 SDEB_I_REPORT_LUNS = 2,
330 SDEB_I_REQUEST_SENSE = 3,
331 SDEB_I_TEST_UNIT_READY = 4,
332 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
333 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
334 SDEB_I_LOG_SENSE = 7,
335 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
336 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
337 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
338 SDEB_I_START_STOP = 11,
339 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
340 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
341 SDEB_I_MAINT_IN = 14,
342 SDEB_I_MAINT_OUT = 15,
343 SDEB_I_VERIFY = 16, /* 10 only */
344 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
345 SDEB_I_RESERVE = 18, /* 6, 10 */
346 SDEB_I_RELEASE = 19, /* 6, 10 */
347 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
348 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
349 SDEB_I_ATA_PT = 22, /* 12, 16 */
350 SDEB_I_SEND_DIAG = 23,
351 SDEB_I_UNMAP = 24,
352 SDEB_I_XDWRITEREAD = 25, /* 10 only */
353 SDEB_I_WRITE_BUFFER = 26,
354 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
355 SDEB_I_SYNC_CACHE = 28, /* 10, 16 */
356 SDEB_I_COMP_WRITE = 29,
357 SDEB_I_LAST_ELEMENT = 30, /* keep this last (previous + 1) */
358};
359
360
361static const unsigned char opcode_ind_arr[256] = {
362/* 0x0; 0x0->0x1f: 6 byte cdbs */
363 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
364 0, 0, 0, 0,
365 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
366 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
367 SDEB_I_RELEASE,
368 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
369 SDEB_I_ALLOW_REMOVAL, 0,
370/* 0x20; 0x20->0x3f: 10 byte cdbs */
371 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
372 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
373 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
374 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
375/* 0x40; 0x40->0x5f: 10 byte cdbs */
376 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
377 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
378 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
379 SDEB_I_RELEASE,
380 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
381/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
382 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
383 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
384 0, SDEB_I_VARIABLE_LEN,
385/* 0x80; 0x80->0x9f: 16 byte cdbs */
386 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
387 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
388 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
389 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
390/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
391 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
392 SDEB_I_MAINT_OUT, 0, 0, 0,
393 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
394 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
395 0, 0, 0, 0, 0, 0, 0, 0,
396 0, 0, 0, 0, 0, 0, 0, 0,
397/* 0xc0; 0xc0->0xff: vendor specific */
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
399 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
400 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
401 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
402};
403
404/*
405 * The following "response" functions return the SCSI mid-level's 4 byte
406 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
407 * command completion, they can mask their return value with
408 * SDEG_RES_IMMED_MASK .
409 */
410#define SDEG_RES_IMMED_MASK 0x40000000
411
412static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
413static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
414static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
415static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
416static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
417static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
418static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
419static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
420static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
421static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
422static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
423static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
424static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
425static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
426static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
427static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
428static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
429static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
430static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
431static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
432static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
433static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
434static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
435
436/*
437 * The following are overflow arrays for cdbs that "hit" the same index in
438 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
439 * should be placed in opcode_info_arr[], the others should be placed here.
440 */
441static const struct opcode_info_t msense_iarr[] = {
442 {0, 0x1a, 0, F_D_IN, NULL, NULL,
443 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
444};
445
446static const struct opcode_info_t mselect_iarr[] = {
447 {0, 0x15, 0, F_D_OUT, NULL, NULL,
448 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
449};
450
451static const struct opcode_info_t read_iarr[] = {
452 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
453 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
454 0, 0, 0, 0} },
455 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
456 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
457 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
458 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
459 0xc7, 0, 0, 0, 0} },
460};
461
462static const struct opcode_info_t write_iarr[] = {
463 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
464 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
465 0, 0, 0, 0, 0, 0} },
466 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
467 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
468 0, 0, 0} },
469 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
470 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
471 0xbf, 0xc7, 0, 0, 0, 0} },
472};
473
474static const struct opcode_info_t sa_in_16_iarr[] = {
475 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
476 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
477 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
478};
479
480static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
481 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
482 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
483 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
484 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
485 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
486 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
487};
488
489static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
490 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
491 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
492 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
493 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
494 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
495 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
496};
497
498static const struct opcode_info_t write_same_iarr[] = {
499 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
500 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
501 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
502};
503
504static const struct opcode_info_t reserve_iarr[] = {
505 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
506 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
507};
508
509static const struct opcode_info_t release_iarr[] = {
510 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
511 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
512};
513
514static const struct opcode_info_t sync_cache_iarr[] = {
515 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
516 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
517 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
518};
519
520
521/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
522 * plus the terminating elements for logic that scans this table such as
523 * REPORT SUPPORTED OPERATION CODES. */
524static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
525/* 0 */
526 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
527 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
528 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
529 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
530 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
531 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
532 0, 0} }, /* REPORT LUNS */
533 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
534 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
535 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
536 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
537/* 5 */
538 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
539 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
540 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
541 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
542 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
543 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
544 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
545 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
546 0, 0, 0} },
547 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
548 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
549 0, 0} },
550 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
551 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
552 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
553/* 10 */
554 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
555 resp_write_dt0, write_iarr, /* WRITE(16) */
556 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
557 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
558 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
559 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
560 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
561 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
562 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
563 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
564 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
565 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
566 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
567 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
568 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
569 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
570 0xff, 0, 0xc7, 0, 0, 0, 0} },
571/* 15 */
572 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
573 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
574 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
575 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
576 0, 0, 0, 0, 0, 0} },
577 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
578 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
579 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
580 0xff, 0xff} },
581 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
582 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
583 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
584 0} },
585 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
586 NULL, release_iarr, /* RELEASE(10) <no response function> */
587 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
588 0} },
589/* 20 */
590 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
591 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
592 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
593 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
594 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
595 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
596 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
597 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
598 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
599 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
600/* 25 */
601 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_MEDIA_IO, resp_xdwriteread_10,
602 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
603 0, 0, 0, 0, 0, 0} }, /* XDWRITEREAD(10) */
604 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
605 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
606 0, 0, 0, 0} }, /* WRITE_BUFFER */
607 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
608 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
609 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
610 0, 0, 0, 0, 0} },
611 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
612 resp_sync_cache, sync_cache_iarr,
613 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
614 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
615 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
616 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
617 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
618
619/* 30 */
620 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
621 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
622};
623
624static int sdebug_add_host = DEF_NUM_HOST;
625static int sdebug_ato = DEF_ATO;
626static int sdebug_cdb_len = DEF_CDB_LEN;
627static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
628static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
629static int sdebug_dif = DEF_DIF;
630static int sdebug_dix = DEF_DIX;
631static int sdebug_dsense = DEF_D_SENSE;
632static int sdebug_every_nth = DEF_EVERY_NTH;
633static int sdebug_fake_rw = DEF_FAKE_RW;
634static unsigned int sdebug_guard = DEF_GUARD;
635static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
636static int sdebug_max_luns = DEF_MAX_LUNS;
637static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
638static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
639static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
640static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
641static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
642static int sdebug_no_lun_0 = DEF_NO_LUN_0;
643static int sdebug_no_uld;
644static int sdebug_num_parts = DEF_NUM_PARTS;
645static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
646static int sdebug_opt_blks = DEF_OPT_BLKS;
647static int sdebug_opts = DEF_OPTS;
648static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
649static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
650static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
651static int sdebug_scsi_level = DEF_SCSI_LEVEL;
652static int sdebug_sector_size = DEF_SECTOR_SIZE;
653static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
654static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
655static unsigned int sdebug_lbpu = DEF_LBPU;
656static unsigned int sdebug_lbpws = DEF_LBPWS;
657static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
658static unsigned int sdebug_lbprz = DEF_LBPRZ;
659static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
660static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
661static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
662static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
663static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
664static int sdebug_uuid_ctl = DEF_UUID_CTL;
665static bool sdebug_removable = DEF_REMOVABLE;
666static bool sdebug_clustering;
667static bool sdebug_host_lock = DEF_HOST_LOCK;
668static bool sdebug_strict = DEF_STRICT;
669static bool sdebug_any_injecting_opt;
670static bool sdebug_verbose;
671static bool have_dif_prot;
672static bool write_since_sync;
673static bool sdebug_statistics = DEF_STATISTICS;
674
675static unsigned int sdebug_store_sectors;
676static sector_t sdebug_capacity; /* in sectors */
677
678/* old BIOS stuff, kernel may get rid of them but some mode sense pages
679 may still need them */
680static int sdebug_heads; /* heads per disk */
681static int sdebug_cylinders_per; /* cylinders per surface */
682static int sdebug_sectors_per; /* sectors per cylinder */
683
684static LIST_HEAD(sdebug_host_list);
685static DEFINE_SPINLOCK(sdebug_host_list_lock);
686
687static unsigned char *fake_storep; /* ramdisk storage */
688static struct t10_pi_tuple *dif_storep; /* protection info */
689static void *map_storep; /* provisioning map */
690
691static unsigned long map_size;
692static int num_aborts;
693static int num_dev_resets;
694static int num_target_resets;
695static int num_bus_resets;
696static int num_host_resets;
697static int dix_writes;
698static int dix_reads;
699static int dif_errors;
700
701static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
702static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
703
704static DEFINE_RWLOCK(atomic_rw);
705
706static char sdebug_proc_name[] = MY_NAME;
707static const char *my_name = MY_NAME;
708
709static struct bus_type pseudo_lld_bus;
710
711static struct device_driver sdebug_driverfs_driver = {
712 .name = sdebug_proc_name,
713 .bus = &pseudo_lld_bus,
714};
715
716static const int check_condition_result =
717 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
718
719static const int illegal_condition_result =
720 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
721
722static const int device_qfull_result =
723 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
724
725
726/* Only do the extra work involved in logical block provisioning if one or
727 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
728 * real reads and writes (i.e. not skipping them for speed).
729 */
730static inline bool scsi_debug_lbp(void)
731{
732 return 0 == sdebug_fake_rw &&
733 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
734}
735
736static void *fake_store(unsigned long long lba)
737{
738 lba = do_div(lba, sdebug_store_sectors);
739
740 return fake_storep + lba * sdebug_sector_size;
741}
742
743static struct t10_pi_tuple *dif_store(sector_t sector)
744{
745 sector = sector_div(sector, sdebug_store_sectors);
746
747 return dif_storep + sector;
748}
749
750static void sdebug_max_tgts_luns(void)
751{
752 struct sdebug_host_info *sdbg_host;
753 struct Scsi_Host *hpnt;
754
755 spin_lock(&sdebug_host_list_lock);
756 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
757 hpnt = sdbg_host->shost;
758 if ((hpnt->this_id >= 0) &&
759 (sdebug_num_tgts > hpnt->this_id))
760 hpnt->max_id = sdebug_num_tgts + 1;
761 else
762 hpnt->max_id = sdebug_num_tgts;
763 /* sdebug_max_luns; */
764 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
765 }
766 spin_unlock(&sdebug_host_list_lock);
767}
768
769enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
770
771/* Set in_bit to -1 to indicate no bit position of invalid field */
772static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
773 enum sdeb_cmd_data c_d,
774 int in_byte, int in_bit)
775{
776 unsigned char *sbuff;
777 u8 sks[4];
778 int sl, asc;
779
780 sbuff = scp->sense_buffer;
781 if (!sbuff) {
782 sdev_printk(KERN_ERR, scp->device,
783 "%s: sense_buffer is NULL\n", __func__);
784 return;
785 }
786 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
787 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
788 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
789 memset(sks, 0, sizeof(sks));
790 sks[0] = 0x80;
791 if (c_d)
792 sks[0] |= 0x40;
793 if (in_bit >= 0) {
794 sks[0] |= 0x8;
795 sks[0] |= 0x7 & in_bit;
796 }
797 put_unaligned_be16(in_byte, sks + 1);
798 if (sdebug_dsense) {
799 sl = sbuff[7] + 8;
800 sbuff[7] = sl;
801 sbuff[sl] = 0x2;
802 sbuff[sl + 1] = 0x6;
803 memcpy(sbuff + sl + 4, sks, 3);
804 } else
805 memcpy(sbuff + 15, sks, 3);
806 if (sdebug_verbose)
807 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
808 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
809 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
810}
811
812static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
813{
814 unsigned char *sbuff;
815
816 sbuff = scp->sense_buffer;
817 if (!sbuff) {
818 sdev_printk(KERN_ERR, scp->device,
819 "%s: sense_buffer is NULL\n", __func__);
820 return;
821 }
822 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
823
824 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
825
826 if (sdebug_verbose)
827 sdev_printk(KERN_INFO, scp->device,
828 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
829 my_name, key, asc, asq);
830}
831
832static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
833{
834 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
835}
836
837static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
838{
839 if (sdebug_verbose) {
840 if (0x1261 == cmd)
841 sdev_printk(KERN_INFO, dev,
842 "%s: BLKFLSBUF [0x1261]\n", __func__);
843 else if (0x5331 == cmd)
844 sdev_printk(KERN_INFO, dev,
845 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
846 __func__);
847 else
848 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
849 __func__, cmd);
850 }
851 return -EINVAL;
852 /* return -ENOTTY; // correct return but upsets fdisk */
853}
854
855static void config_cdb_len(struct scsi_device *sdev)
856{
857 switch (sdebug_cdb_len) {
858 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
859 sdev->use_10_for_rw = false;
860 sdev->use_16_for_rw = false;
861 sdev->use_10_for_ms = false;
862 break;
863 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
864 sdev->use_10_for_rw = true;
865 sdev->use_16_for_rw = false;
866 sdev->use_10_for_ms = false;
867 break;
868 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
869 sdev->use_10_for_rw = true;
870 sdev->use_16_for_rw = false;
871 sdev->use_10_for_ms = true;
872 break;
873 case 16:
874 sdev->use_10_for_rw = false;
875 sdev->use_16_for_rw = true;
876 sdev->use_10_for_ms = true;
877 break;
878 case 32: /* No knobs to suggest this so same as 16 for now */
879 sdev->use_10_for_rw = false;
880 sdev->use_16_for_rw = true;
881 sdev->use_10_for_ms = true;
882 break;
883 default:
884 pr_warn("unexpected cdb_len=%d, force to 10\n",
885 sdebug_cdb_len);
886 sdev->use_10_for_rw = true;
887 sdev->use_16_for_rw = false;
888 sdev->use_10_for_ms = false;
889 sdebug_cdb_len = 10;
890 break;
891 }
892}
893
894static void all_config_cdb_len(void)
895{
896 struct sdebug_host_info *sdbg_host;
897 struct Scsi_Host *shost;
898 struct scsi_device *sdev;
899
900 spin_lock(&sdebug_host_list_lock);
901 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
902 shost = sdbg_host->shost;
903 shost_for_each_device(sdev, shost) {
904 config_cdb_len(sdev);
905 }
906 }
907 spin_unlock(&sdebug_host_list_lock);
908}
909
910static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
911{
912 struct sdebug_host_info *sdhp;
913 struct sdebug_dev_info *dp;
914
915 spin_lock(&sdebug_host_list_lock);
916 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
917 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
918 if ((devip->sdbg_host == dp->sdbg_host) &&
919 (devip->target == dp->target))
920 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
921 }
922 }
923 spin_unlock(&sdebug_host_list_lock);
924}
925
926static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
927{
928 int k;
929
930 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
931 if (k != SDEBUG_NUM_UAS) {
932 const char *cp = NULL;
933
934 switch (k) {
935 case SDEBUG_UA_POR:
936 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
937 POWER_ON_RESET_ASCQ);
938 if (sdebug_verbose)
939 cp = "power on reset";
940 break;
941 case SDEBUG_UA_BUS_RESET:
942 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
943 BUS_RESET_ASCQ);
944 if (sdebug_verbose)
945 cp = "bus reset";
946 break;
947 case SDEBUG_UA_MODE_CHANGED:
948 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
949 MODE_CHANGED_ASCQ);
950 if (sdebug_verbose)
951 cp = "mode parameters changed";
952 break;
953 case SDEBUG_UA_CAPACITY_CHANGED:
954 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
955 CAPACITY_CHANGED_ASCQ);
956 if (sdebug_verbose)
957 cp = "capacity data changed";
958 break;
959 case SDEBUG_UA_MICROCODE_CHANGED:
960 mk_sense_buffer(scp, UNIT_ATTENTION,
961 TARGET_CHANGED_ASC,
962 MICROCODE_CHANGED_ASCQ);
963 if (sdebug_verbose)
964 cp = "microcode has been changed";
965 break;
966 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
967 mk_sense_buffer(scp, UNIT_ATTENTION,
968 TARGET_CHANGED_ASC,
969 MICROCODE_CHANGED_WO_RESET_ASCQ);
970 if (sdebug_verbose)
971 cp = "microcode has been changed without reset";
972 break;
973 case SDEBUG_UA_LUNS_CHANGED:
974 /*
975 * SPC-3 behavior is to report a UNIT ATTENTION with
976 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
977 * on the target, until a REPORT LUNS command is
978 * received. SPC-4 behavior is to report it only once.
979 * NOTE: sdebug_scsi_level does not use the same
980 * values as struct scsi_device->scsi_level.
981 */
982 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
983 clear_luns_changed_on_target(devip);
984 mk_sense_buffer(scp, UNIT_ATTENTION,
985 TARGET_CHANGED_ASC,
986 LUNS_CHANGED_ASCQ);
987 if (sdebug_verbose)
988 cp = "reported luns data has changed";
989 break;
990 default:
991 pr_warn("unexpected unit attention code=%d\n", k);
992 if (sdebug_verbose)
993 cp = "unknown";
994 break;
995 }
996 clear_bit(k, devip->uas_bm);
997 if (sdebug_verbose)
998 sdev_printk(KERN_INFO, scp->device,
999 "%s reports: Unit attention: %s\n",
1000 my_name, cp);
1001 return check_condition_result;
1002 }
1003 return 0;
1004}
1005
1006/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1007static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1008 int arr_len)
1009{
1010 int act_len;
1011 struct scsi_data_buffer *sdb = scsi_in(scp);
1012
1013 if (!sdb->length)
1014 return 0;
1015 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
1016 return DID_ERROR << 16;
1017
1018 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1019 arr, arr_len);
1020 sdb->resid = scsi_bufflen(scp) - act_len;
1021
1022 return 0;
1023}
1024
1025/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1026 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1027 * calls, not required to write in ascending offset order. Assumes resid
1028 * set to scsi_bufflen() prior to any calls.
1029 */
1030static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1031 int arr_len, unsigned int off_dst)
1032{
1033 int act_len, n;
1034 struct scsi_data_buffer *sdb = scsi_in(scp);
1035 off_t skip = off_dst;
1036
1037 if (sdb->length <= off_dst)
1038 return 0;
1039 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
1040 return DID_ERROR << 16;
1041
1042 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1043 arr, arr_len, skip);
1044 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1045 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid);
1046 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
1047 sdb->resid = min(sdb->resid, n);
1048 return 0;
1049}
1050
1051/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1052 * 'arr' or -1 if error.
1053 */
1054static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1055 int arr_len)
1056{
1057 if (!scsi_bufflen(scp))
1058 return 0;
1059 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
1060 return -1;
1061
1062 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1063}
1064
1065
1066static char sdebug_inq_vendor_id[9] = "Linux ";
1067static char sdebug_inq_product_id[17] = "scsi_debug ";
1068static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1069/* Use some locally assigned NAAs for SAS addresses. */
1070static const u64 naa3_comp_a = 0x3222222000000000ULL;
1071static const u64 naa3_comp_b = 0x3333333000000000ULL;
1072static const u64 naa3_comp_c = 0x3111111000000000ULL;
1073
1074/* Device identification VPD page. Returns number of bytes placed in arr */
1075static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1076 int target_dev_id, int dev_id_num,
1077 const char *dev_id_str, int dev_id_str_len,
1078 const uuid_t *lu_name)
1079{
1080 int num, port_a;
1081 char b[32];
1082
1083 port_a = target_dev_id + 1;
1084 /* T10 vendor identifier field format (faked) */
1085 arr[0] = 0x2; /* ASCII */
1086 arr[1] = 0x1;
1087 arr[2] = 0x0;
1088 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1089 memcpy(&arr[12], sdebug_inq_product_id, 16);
1090 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1091 num = 8 + 16 + dev_id_str_len;
1092 arr[3] = num;
1093 num += 4;
1094 if (dev_id_num >= 0) {
1095 if (sdebug_uuid_ctl) {
1096 /* Locally assigned UUID */
1097 arr[num++] = 0x1; /* binary (not necessarily sas) */
1098 arr[num++] = 0xa; /* PIV=0, lu, naa */
1099 arr[num++] = 0x0;
1100 arr[num++] = 0x12;
1101 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1102 arr[num++] = 0x0;
1103 memcpy(arr + num, lu_name, 16);
1104 num += 16;
1105 } else {
1106 /* NAA-3, Logical unit identifier (binary) */
1107 arr[num++] = 0x1; /* binary (not necessarily sas) */
1108 arr[num++] = 0x3; /* PIV=0, lu, naa */
1109 arr[num++] = 0x0;
1110 arr[num++] = 0x8;
1111 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1112 num += 8;
1113 }
1114 /* Target relative port number */
1115 arr[num++] = 0x61; /* proto=sas, binary */
1116 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1117 arr[num++] = 0x0; /* reserved */
1118 arr[num++] = 0x4; /* length */
1119 arr[num++] = 0x0; /* reserved */
1120 arr[num++] = 0x0; /* reserved */
1121 arr[num++] = 0x0;
1122 arr[num++] = 0x1; /* relative port A */
1123 }
1124 /* NAA-3, Target port identifier */
1125 arr[num++] = 0x61; /* proto=sas, binary */
1126 arr[num++] = 0x93; /* piv=1, target port, naa */
1127 arr[num++] = 0x0;
1128 arr[num++] = 0x8;
1129 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1130 num += 8;
1131 /* NAA-3, Target port group identifier */
1132 arr[num++] = 0x61; /* proto=sas, binary */
1133 arr[num++] = 0x95; /* piv=1, target port group id */
1134 arr[num++] = 0x0;
1135 arr[num++] = 0x4;
1136 arr[num++] = 0;
1137 arr[num++] = 0;
1138 put_unaligned_be16(port_group_id, arr + num);
1139 num += 2;
1140 /* NAA-3, Target device identifier */
1141 arr[num++] = 0x61; /* proto=sas, binary */
1142 arr[num++] = 0xa3; /* piv=1, target device, naa */
1143 arr[num++] = 0x0;
1144 arr[num++] = 0x8;
1145 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1146 num += 8;
1147 /* SCSI name string: Target device identifier */
1148 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1149 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1150 arr[num++] = 0x0;
1151 arr[num++] = 24;
1152 memcpy(arr + num, "naa.32222220", 12);
1153 num += 12;
1154 snprintf(b, sizeof(b), "%08X", target_dev_id);
1155 memcpy(arr + num, b, 8);
1156 num += 8;
1157 memset(arr + num, 0, 4);
1158 num += 4;
1159 return num;
1160}
1161
1162static unsigned char vpd84_data[] = {
1163/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1164 0x22,0x22,0x22,0x0,0xbb,0x1,
1165 0x22,0x22,0x22,0x0,0xbb,0x2,
1166};
1167
1168/* Software interface identification VPD page */
1169static int inquiry_vpd_84(unsigned char *arr)
1170{
1171 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1172 return sizeof(vpd84_data);
1173}
1174
1175/* Management network addresses VPD page */
1176static int inquiry_vpd_85(unsigned char *arr)
1177{
1178 int num = 0;
1179 const char *na1 = "https://www.kernel.org/config";
1180 const char *na2 = "http://www.kernel.org/log";
1181 int plen, olen;
1182
1183 arr[num++] = 0x1; /* lu, storage config */
1184 arr[num++] = 0x0; /* reserved */
1185 arr[num++] = 0x0;
1186 olen = strlen(na1);
1187 plen = olen + 1;
1188 if (plen % 4)
1189 plen = ((plen / 4) + 1) * 4;
1190 arr[num++] = plen; /* length, null termianted, padded */
1191 memcpy(arr + num, na1, olen);
1192 memset(arr + num + olen, 0, plen - olen);
1193 num += plen;
1194
1195 arr[num++] = 0x4; /* lu, logging */
1196 arr[num++] = 0x0; /* reserved */
1197 arr[num++] = 0x0;
1198 olen = strlen(na2);
1199 plen = olen + 1;
1200 if (plen % 4)
1201 plen = ((plen / 4) + 1) * 4;
1202 arr[num++] = plen; /* length, null terminated, padded */
1203 memcpy(arr + num, na2, olen);
1204 memset(arr + num + olen, 0, plen - olen);
1205 num += plen;
1206
1207 return num;
1208}
1209
1210/* SCSI ports VPD page */
1211static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1212{
1213 int num = 0;
1214 int port_a, port_b;
1215
1216 port_a = target_dev_id + 1;
1217 port_b = port_a + 1;
1218 arr[num++] = 0x0; /* reserved */
1219 arr[num++] = 0x0; /* reserved */
1220 arr[num++] = 0x0;
1221 arr[num++] = 0x1; /* relative port 1 (primary) */
1222 memset(arr + num, 0, 6);
1223 num += 6;
1224 arr[num++] = 0x0;
1225 arr[num++] = 12; /* length tp descriptor */
1226 /* naa-5 target port identifier (A) */
1227 arr[num++] = 0x61; /* proto=sas, binary */
1228 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1229 arr[num++] = 0x0; /* reserved */
1230 arr[num++] = 0x8; /* length */
1231 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1232 num += 8;
1233 arr[num++] = 0x0; /* reserved */
1234 arr[num++] = 0x0; /* reserved */
1235 arr[num++] = 0x0;
1236 arr[num++] = 0x2; /* relative port 2 (secondary) */
1237 memset(arr + num, 0, 6);
1238 num += 6;
1239 arr[num++] = 0x0;
1240 arr[num++] = 12; /* length tp descriptor */
1241 /* naa-5 target port identifier (B) */
1242 arr[num++] = 0x61; /* proto=sas, binary */
1243 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1244 arr[num++] = 0x0; /* reserved */
1245 arr[num++] = 0x8; /* length */
1246 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1247 num += 8;
1248
1249 return num;
1250}
1251
1252
1253static unsigned char vpd89_data[] = {
1254/* from 4th byte */ 0,0,0,0,
1255'l','i','n','u','x',' ',' ',' ',
1256'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1257'1','2','3','4',
12580x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
12590xec,0,0,0,
12600x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
12610,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
12620x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
12630x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
12640x53,0x41,
12650x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
12660x20,0x20,
12670x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
12680x10,0x80,
12690,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
12700x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
12710x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
12720,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
12730x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
12740x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
12750,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
12760,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12770,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12780,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12790x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
12800,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
12810xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
12820,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
12830,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12840,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12850,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12860,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12870,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12880,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12890,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12900,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12910,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12920,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12930,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12940,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1295};
1296
1297/* ATA Information VPD page */
1298static int inquiry_vpd_89(unsigned char *arr)
1299{
1300 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1301 return sizeof(vpd89_data);
1302}
1303
1304
1305static unsigned char vpdb0_data[] = {
1306 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1307 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1308 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1309 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1310};
1311
1312/* Block limits VPD page (SBC-3) */
1313static int inquiry_vpd_b0(unsigned char *arr)
1314{
1315 unsigned int gran;
1316
1317 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1318
1319 /* Optimal transfer length granularity */
1320 if (sdebug_opt_xferlen_exp != 0 &&
1321 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1322 gran = 1 << sdebug_opt_xferlen_exp;
1323 else
1324 gran = 1 << sdebug_physblk_exp;
1325 put_unaligned_be16(gran, arr + 2);
1326
1327 /* Maximum Transfer Length */
1328 if (sdebug_store_sectors > 0x400)
1329 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1330
1331 /* Optimal Transfer Length */
1332 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1333
1334 if (sdebug_lbpu) {
1335 /* Maximum Unmap LBA Count */
1336 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1337
1338 /* Maximum Unmap Block Descriptor Count */
1339 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1340 }
1341
1342 /* Unmap Granularity Alignment */
1343 if (sdebug_unmap_alignment) {
1344 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1345 arr[28] |= 0x80; /* UGAVALID */
1346 }
1347
1348 /* Optimal Unmap Granularity */
1349 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1350
1351 /* Maximum WRITE SAME Length */
1352 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1353
1354 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1355
1356 return sizeof(vpdb0_data);
1357}
1358
1359/* Block device characteristics VPD page (SBC-3) */
1360static int inquiry_vpd_b1(unsigned char *arr)
1361{
1362 memset(arr, 0, 0x3c);
1363 arr[0] = 0;
1364 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1365 arr[2] = 0;
1366 arr[3] = 5; /* less than 1.8" */
1367
1368 return 0x3c;
1369}
1370
1371/* Logical block provisioning VPD page (SBC-4) */
1372static int inquiry_vpd_b2(unsigned char *arr)
1373{
1374 memset(arr, 0, 0x4);
1375 arr[0] = 0; /* threshold exponent */
1376 if (sdebug_lbpu)
1377 arr[1] = 1 << 7;
1378 if (sdebug_lbpws)
1379 arr[1] |= 1 << 6;
1380 if (sdebug_lbpws10)
1381 arr[1] |= 1 << 5;
1382 if (sdebug_lbprz && scsi_debug_lbp())
1383 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1384 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1385 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1386 /* threshold_percentage=0 */
1387 return 0x4;
1388}
1389
1390#define SDEBUG_LONG_INQ_SZ 96
1391#define SDEBUG_MAX_INQ_ARR_SZ 584
1392
1393static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1394{
1395 unsigned char pq_pdt;
1396 unsigned char *arr;
1397 unsigned char *cmd = scp->cmnd;
1398 int alloc_len, n, ret;
1399 bool have_wlun, is_disk;
1400
1401 alloc_len = get_unaligned_be16(cmd + 3);
1402 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1403 if (! arr)
1404 return DID_REQUEUE << 16;
1405 is_disk = (sdebug_ptype == TYPE_DISK);
1406 have_wlun = scsi_is_wlun(scp->device->lun);
1407 if (have_wlun)
1408 pq_pdt = TYPE_WLUN; /* present, wlun */
1409 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1410 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1411 else
1412 pq_pdt = (sdebug_ptype & 0x1f);
1413 arr[0] = pq_pdt;
1414 if (0x2 & cmd[1]) { /* CMDDT bit set */
1415 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1416 kfree(arr);
1417 return check_condition_result;
1418 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1419 int lu_id_num, port_group_id, target_dev_id, len;
1420 char lu_id_str[6];
1421 int host_no = devip->sdbg_host->shost->host_no;
1422
1423 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1424 (devip->channel & 0x7f);
1425 if (sdebug_vpd_use_hostno == 0)
1426 host_no = 0;
1427 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1428 (devip->target * 1000) + devip->lun);
1429 target_dev_id = ((host_no + 1) * 2000) +
1430 (devip->target * 1000) - 3;
1431 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1432 if (0 == cmd[2]) { /* supported vital product data pages */
1433 arr[1] = cmd[2]; /*sanity */
1434 n = 4;
1435 arr[n++] = 0x0; /* this page */
1436 arr[n++] = 0x80; /* unit serial number */
1437 arr[n++] = 0x83; /* device identification */
1438 arr[n++] = 0x84; /* software interface ident. */
1439 arr[n++] = 0x85; /* management network addresses */
1440 arr[n++] = 0x86; /* extended inquiry */
1441 arr[n++] = 0x87; /* mode page policy */
1442 arr[n++] = 0x88; /* SCSI ports */
1443 if (is_disk) { /* SBC only */
1444 arr[n++] = 0x89; /* ATA information */
1445 arr[n++] = 0xb0; /* Block limits */
1446 arr[n++] = 0xb1; /* Block characteristics */
1447 arr[n++] = 0xb2; /* Logical Block Prov */
1448 }
1449 arr[3] = n - 4; /* number of supported VPD pages */
1450 } else if (0x80 == cmd[2]) { /* unit serial number */
1451 arr[1] = cmd[2]; /*sanity */
1452 arr[3] = len;
1453 memcpy(&arr[4], lu_id_str, len);
1454 } else if (0x83 == cmd[2]) { /* device identification */
1455 arr[1] = cmd[2]; /*sanity */
1456 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1457 target_dev_id, lu_id_num,
1458 lu_id_str, len,
1459 &devip->lu_name);
1460 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1461 arr[1] = cmd[2]; /*sanity */
1462 arr[3] = inquiry_vpd_84(&arr[4]);
1463 } else if (0x85 == cmd[2]) { /* Management network addresses */
1464 arr[1] = cmd[2]; /*sanity */
1465 arr[3] = inquiry_vpd_85(&arr[4]);
1466 } else if (0x86 == cmd[2]) { /* extended inquiry */
1467 arr[1] = cmd[2]; /*sanity */
1468 arr[3] = 0x3c; /* number of following entries */
1469 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1470 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1471 else if (have_dif_prot)
1472 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1473 else
1474 arr[4] = 0x0; /* no protection stuff */
1475 arr[5] = 0x7; /* head of q, ordered + simple q's */
1476 } else if (0x87 == cmd[2]) { /* mode page policy */
1477 arr[1] = cmd[2]; /*sanity */
1478 arr[3] = 0x8; /* number of following entries */
1479 arr[4] = 0x2; /* disconnect-reconnect mp */
1480 arr[6] = 0x80; /* mlus, shared */
1481 arr[8] = 0x18; /* protocol specific lu */
1482 arr[10] = 0x82; /* mlus, per initiator port */
1483 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1484 arr[1] = cmd[2]; /*sanity */
1485 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1486 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1487 arr[1] = cmd[2]; /*sanity */
1488 n = inquiry_vpd_89(&arr[4]);
1489 put_unaligned_be16(n, arr + 2);
1490 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1491 arr[1] = cmd[2]; /*sanity */
1492 arr[3] = inquiry_vpd_b0(&arr[4]);
1493 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1494 arr[1] = cmd[2]; /*sanity */
1495 arr[3] = inquiry_vpd_b1(&arr[4]);
1496 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1497 arr[1] = cmd[2]; /*sanity */
1498 arr[3] = inquiry_vpd_b2(&arr[4]);
1499 } else {
1500 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1501 kfree(arr);
1502 return check_condition_result;
1503 }
1504 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1505 ret = fill_from_dev_buffer(scp, arr,
1506 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1507 kfree(arr);
1508 return ret;
1509 }
1510 /* drops through here for a standard inquiry */
1511 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1512 arr[2] = sdebug_scsi_level;
1513 arr[3] = 2; /* response_data_format==2 */
1514 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1515 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1516 if (sdebug_vpd_use_hostno == 0)
1517 arr[5] |= 0x10; /* claim: implicit TPGS */
1518 arr[6] = 0x10; /* claim: MultiP */
1519 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1520 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1521 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1522 memcpy(&arr[16], sdebug_inq_product_id, 16);
1523 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1524 /* Use Vendor Specific area to place driver date in ASCII hex */
1525 memcpy(&arr[36], sdebug_version_date, 8);
1526 /* version descriptors (2 bytes each) follow */
1527 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1528 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1529 n = 62;
1530 if (is_disk) { /* SBC-4 no version claimed */
1531 put_unaligned_be16(0x600, arr + n);
1532 n += 2;
1533 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1534 put_unaligned_be16(0x525, arr + n);
1535 n += 2;
1536 }
1537 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1538 ret = fill_from_dev_buffer(scp, arr,
1539 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1540 kfree(arr);
1541 return ret;
1542}
1543
1544static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1545 0, 0, 0x0, 0x0};
1546
1547static int resp_requests(struct scsi_cmnd *scp,
1548 struct sdebug_dev_info *devip)
1549{
1550 unsigned char *sbuff;
1551 unsigned char *cmd = scp->cmnd;
1552 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1553 bool dsense;
1554 int len = 18;
1555
1556 memset(arr, 0, sizeof(arr));
1557 dsense = !!(cmd[1] & 1);
1558 sbuff = scp->sense_buffer;
1559 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1560 if (dsense) {
1561 arr[0] = 0x72;
1562 arr[1] = 0x0; /* NO_SENSE in sense_key */
1563 arr[2] = THRESHOLD_EXCEEDED;
1564 arr[3] = 0xff; /* TEST set and MRIE==6 */
1565 len = 8;
1566 } else {
1567 arr[0] = 0x70;
1568 arr[2] = 0x0; /* NO_SENSE in sense_key */
1569 arr[7] = 0xa; /* 18 byte sense buffer */
1570 arr[12] = THRESHOLD_EXCEEDED;
1571 arr[13] = 0xff; /* TEST set and MRIE==6 */
1572 }
1573 } else {
1574 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1575 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1576 ; /* have sense and formats match */
1577 else if (arr[0] <= 0x70) {
1578 if (dsense) {
1579 memset(arr, 0, 8);
1580 arr[0] = 0x72;
1581 len = 8;
1582 } else {
1583 memset(arr, 0, 18);
1584 arr[0] = 0x70;
1585 arr[7] = 0xa;
1586 }
1587 } else if (dsense) {
1588 memset(arr, 0, 8);
1589 arr[0] = 0x72;
1590 arr[1] = sbuff[2]; /* sense key */
1591 arr[2] = sbuff[12]; /* asc */
1592 arr[3] = sbuff[13]; /* ascq */
1593 len = 8;
1594 } else {
1595 memset(arr, 0, 18);
1596 arr[0] = 0x70;
1597 arr[2] = sbuff[1];
1598 arr[7] = 0xa;
1599 arr[12] = sbuff[1];
1600 arr[13] = sbuff[3];
1601 }
1602
1603 }
1604 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1605 return fill_from_dev_buffer(scp, arr, len);
1606}
1607
1608static int resp_start_stop(struct scsi_cmnd *scp,
1609 struct sdebug_dev_info *devip)
1610{
1611 unsigned char *cmd = scp->cmnd;
1612 int power_cond, stop;
1613 bool changing;
1614
1615 power_cond = (cmd[4] & 0xf0) >> 4;
1616 if (power_cond) {
1617 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1618 return check_condition_result;
1619 }
1620 stop = !(cmd[4] & 1);
1621 changing = atomic_read(&devip->stopped) == !stop;
1622 atomic_xchg(&devip->stopped, stop);
1623 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1624 return SDEG_RES_IMMED_MASK;
1625 else
1626 return 0;
1627}
1628
1629static sector_t get_sdebug_capacity(void)
1630{
1631 static const unsigned int gibibyte = 1073741824;
1632
1633 if (sdebug_virtual_gb > 0)
1634 return (sector_t)sdebug_virtual_gb *
1635 (gibibyte / sdebug_sector_size);
1636 else
1637 return sdebug_store_sectors;
1638}
1639
1640#define SDEBUG_READCAP_ARR_SZ 8
1641static int resp_readcap(struct scsi_cmnd *scp,
1642 struct sdebug_dev_info *devip)
1643{
1644 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1645 unsigned int capac;
1646
1647 /* following just in case virtual_gb changed */
1648 sdebug_capacity = get_sdebug_capacity();
1649 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1650 if (sdebug_capacity < 0xffffffff) {
1651 capac = (unsigned int)sdebug_capacity - 1;
1652 put_unaligned_be32(capac, arr + 0);
1653 } else
1654 put_unaligned_be32(0xffffffff, arr + 0);
1655 put_unaligned_be16(sdebug_sector_size, arr + 6);
1656 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1657}
1658
1659#define SDEBUG_READCAP16_ARR_SZ 32
1660static int resp_readcap16(struct scsi_cmnd *scp,
1661 struct sdebug_dev_info *devip)
1662{
1663 unsigned char *cmd = scp->cmnd;
1664 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1665 int alloc_len;
1666
1667 alloc_len = get_unaligned_be32(cmd + 10);
1668 /* following just in case virtual_gb changed */
1669 sdebug_capacity = get_sdebug_capacity();
1670 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1671 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1672 put_unaligned_be32(sdebug_sector_size, arr + 8);
1673 arr[13] = sdebug_physblk_exp & 0xf;
1674 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1675
1676 if (scsi_debug_lbp()) {
1677 arr[14] |= 0x80; /* LBPME */
1678 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1679 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1680 * in the wider field maps to 0 in this field.
1681 */
1682 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1683 arr[14] |= 0x40;
1684 }
1685
1686 arr[15] = sdebug_lowest_aligned & 0xff;
1687
1688 if (have_dif_prot) {
1689 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1690 arr[12] |= 1; /* PROT_EN */
1691 }
1692
1693 return fill_from_dev_buffer(scp, arr,
1694 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1695}
1696
1697#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1698
1699static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1700 struct sdebug_dev_info *devip)
1701{
1702 unsigned char *cmd = scp->cmnd;
1703 unsigned char *arr;
1704 int host_no = devip->sdbg_host->shost->host_no;
1705 int n, ret, alen, rlen;
1706 int port_group_a, port_group_b, port_a, port_b;
1707
1708 alen = get_unaligned_be32(cmd + 6);
1709 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1710 if (! arr)
1711 return DID_REQUEUE << 16;
1712 /*
1713 * EVPD page 0x88 states we have two ports, one
1714 * real and a fake port with no device connected.
1715 * So we create two port groups with one port each
1716 * and set the group with port B to unavailable.
1717 */
1718 port_a = 0x1; /* relative port A */
1719 port_b = 0x2; /* relative port B */
1720 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1721 (devip->channel & 0x7f);
1722 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1723 (devip->channel & 0x7f) + 0x80;
1724
1725 /*
1726 * The asymmetric access state is cycled according to the host_id.
1727 */
1728 n = 4;
1729 if (sdebug_vpd_use_hostno == 0) {
1730 arr[n++] = host_no % 3; /* Asymm access state */
1731 arr[n++] = 0x0F; /* claim: all states are supported */
1732 } else {
1733 arr[n++] = 0x0; /* Active/Optimized path */
1734 arr[n++] = 0x01; /* only support active/optimized paths */
1735 }
1736 put_unaligned_be16(port_group_a, arr + n);
1737 n += 2;
1738 arr[n++] = 0; /* Reserved */
1739 arr[n++] = 0; /* Status code */
1740 arr[n++] = 0; /* Vendor unique */
1741 arr[n++] = 0x1; /* One port per group */
1742 arr[n++] = 0; /* Reserved */
1743 arr[n++] = 0; /* Reserved */
1744 put_unaligned_be16(port_a, arr + n);
1745 n += 2;
1746 arr[n++] = 3; /* Port unavailable */
1747 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1748 put_unaligned_be16(port_group_b, arr + n);
1749 n += 2;
1750 arr[n++] = 0; /* Reserved */
1751 arr[n++] = 0; /* Status code */
1752 arr[n++] = 0; /* Vendor unique */
1753 arr[n++] = 0x1; /* One port per group */
1754 arr[n++] = 0; /* Reserved */
1755 arr[n++] = 0; /* Reserved */
1756 put_unaligned_be16(port_b, arr + n);
1757 n += 2;
1758
1759 rlen = n - 4;
1760 put_unaligned_be32(rlen, arr + 0);
1761
1762 /*
1763 * Return the smallest value of either
1764 * - The allocated length
1765 * - The constructed command length
1766 * - The maximum array size
1767 */
1768 rlen = min(alen,n);
1769 ret = fill_from_dev_buffer(scp, arr,
1770 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1771 kfree(arr);
1772 return ret;
1773}
1774
1775static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1776 struct sdebug_dev_info *devip)
1777{
1778 bool rctd;
1779 u8 reporting_opts, req_opcode, sdeb_i, supp;
1780 u16 req_sa, u;
1781 u32 alloc_len, a_len;
1782 int k, offset, len, errsts, count, bump, na;
1783 const struct opcode_info_t *oip;
1784 const struct opcode_info_t *r_oip;
1785 u8 *arr;
1786 u8 *cmd = scp->cmnd;
1787
1788 rctd = !!(cmd[2] & 0x80);
1789 reporting_opts = cmd[2] & 0x7;
1790 req_opcode = cmd[3];
1791 req_sa = get_unaligned_be16(cmd + 4);
1792 alloc_len = get_unaligned_be32(cmd + 6);
1793 if (alloc_len < 4 || alloc_len > 0xffff) {
1794 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1795 return check_condition_result;
1796 }
1797 if (alloc_len > 8192)
1798 a_len = 8192;
1799 else
1800 a_len = alloc_len;
1801 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1802 if (NULL == arr) {
1803 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1804 INSUFF_RES_ASCQ);
1805 return check_condition_result;
1806 }
1807 switch (reporting_opts) {
1808 case 0: /* all commands */
1809 /* count number of commands */
1810 for (count = 0, oip = opcode_info_arr;
1811 oip->num_attached != 0xff; ++oip) {
1812 if (F_INV_OP & oip->flags)
1813 continue;
1814 count += (oip->num_attached + 1);
1815 }
1816 bump = rctd ? 20 : 8;
1817 put_unaligned_be32(count * bump, arr);
1818 for (offset = 4, oip = opcode_info_arr;
1819 oip->num_attached != 0xff && offset < a_len; ++oip) {
1820 if (F_INV_OP & oip->flags)
1821 continue;
1822 na = oip->num_attached;
1823 arr[offset] = oip->opcode;
1824 put_unaligned_be16(oip->sa, arr + offset + 2);
1825 if (rctd)
1826 arr[offset + 5] |= 0x2;
1827 if (FF_SA & oip->flags)
1828 arr[offset + 5] |= 0x1;
1829 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1830 if (rctd)
1831 put_unaligned_be16(0xa, arr + offset + 8);
1832 r_oip = oip;
1833 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1834 if (F_INV_OP & oip->flags)
1835 continue;
1836 offset += bump;
1837 arr[offset] = oip->opcode;
1838 put_unaligned_be16(oip->sa, arr + offset + 2);
1839 if (rctd)
1840 arr[offset + 5] |= 0x2;
1841 if (FF_SA & oip->flags)
1842 arr[offset + 5] |= 0x1;
1843 put_unaligned_be16(oip->len_mask[0],
1844 arr + offset + 6);
1845 if (rctd)
1846 put_unaligned_be16(0xa,
1847 arr + offset + 8);
1848 }
1849 oip = r_oip;
1850 offset += bump;
1851 }
1852 break;
1853 case 1: /* one command: opcode only */
1854 case 2: /* one command: opcode plus service action */
1855 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1856 sdeb_i = opcode_ind_arr[req_opcode];
1857 oip = &opcode_info_arr[sdeb_i];
1858 if (F_INV_OP & oip->flags) {
1859 supp = 1;
1860 offset = 4;
1861 } else {
1862 if (1 == reporting_opts) {
1863 if (FF_SA & oip->flags) {
1864 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1865 2, 2);
1866 kfree(arr);
1867 return check_condition_result;
1868 }
1869 req_sa = 0;
1870 } else if (2 == reporting_opts &&
1871 0 == (FF_SA & oip->flags)) {
1872 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1873 kfree(arr); /* point at requested sa */
1874 return check_condition_result;
1875 }
1876 if (0 == (FF_SA & oip->flags) &&
1877 req_opcode == oip->opcode)
1878 supp = 3;
1879 else if (0 == (FF_SA & oip->flags)) {
1880 na = oip->num_attached;
1881 for (k = 0, oip = oip->arrp; k < na;
1882 ++k, ++oip) {
1883 if (req_opcode == oip->opcode)
1884 break;
1885 }
1886 supp = (k >= na) ? 1 : 3;
1887 } else if (req_sa != oip->sa) {
1888 na = oip->num_attached;
1889 for (k = 0, oip = oip->arrp; k < na;
1890 ++k, ++oip) {
1891 if (req_sa == oip->sa)
1892 break;
1893 }
1894 supp = (k >= na) ? 1 : 3;
1895 } else
1896 supp = 3;
1897 if (3 == supp) {
1898 u = oip->len_mask[0];
1899 put_unaligned_be16(u, arr + 2);
1900 arr[4] = oip->opcode;
1901 for (k = 1; k < u; ++k)
1902 arr[4 + k] = (k < 16) ?
1903 oip->len_mask[k] : 0xff;
1904 offset = 4 + u;
1905 } else
1906 offset = 4;
1907 }
1908 arr[1] = (rctd ? 0x80 : 0) | supp;
1909 if (rctd) {
1910 put_unaligned_be16(0xa, arr + offset);
1911 offset += 12;
1912 }
1913 break;
1914 default:
1915 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1916 kfree(arr);
1917 return check_condition_result;
1918 }
1919 offset = (offset < a_len) ? offset : a_len;
1920 len = (offset < alloc_len) ? offset : alloc_len;
1921 errsts = fill_from_dev_buffer(scp, arr, len);
1922 kfree(arr);
1923 return errsts;
1924}
1925
1926static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1927 struct sdebug_dev_info *devip)
1928{
1929 bool repd;
1930 u32 alloc_len, len;
1931 u8 arr[16];
1932 u8 *cmd = scp->cmnd;
1933
1934 memset(arr, 0, sizeof(arr));
1935 repd = !!(cmd[2] & 0x80);
1936 alloc_len = get_unaligned_be32(cmd + 6);
1937 if (alloc_len < 4) {
1938 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1939 return check_condition_result;
1940 }
1941 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1942 arr[1] = 0x1; /* ITNRS */
1943 if (repd) {
1944 arr[3] = 0xc;
1945 len = 16;
1946 } else
1947 len = 4;
1948
1949 len = (len < alloc_len) ? len : alloc_len;
1950 return fill_from_dev_buffer(scp, arr, len);
1951}
1952
1953/* <<Following mode page info copied from ST318451LW>> */
1954
1955static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1956{ /* Read-Write Error Recovery page for mode_sense */
1957 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1958 5, 0, 0xff, 0xff};
1959
1960 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1961 if (1 == pcontrol)
1962 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1963 return sizeof(err_recov_pg);
1964}
1965
1966static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1967{ /* Disconnect-Reconnect page for mode_sense */
1968 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1969 0, 0, 0, 0, 0, 0, 0, 0};
1970
1971 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1972 if (1 == pcontrol)
1973 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1974 return sizeof(disconnect_pg);
1975}
1976
1977static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1978{ /* Format device page for mode_sense */
1979 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1980 0, 0, 0, 0, 0, 0, 0, 0,
1981 0, 0, 0, 0, 0x40, 0, 0, 0};
1982
1983 memcpy(p, format_pg, sizeof(format_pg));
1984 put_unaligned_be16(sdebug_sectors_per, p + 10);
1985 put_unaligned_be16(sdebug_sector_size, p + 12);
1986 if (sdebug_removable)
1987 p[20] |= 0x20; /* should agree with INQUIRY */
1988 if (1 == pcontrol)
1989 memset(p + 2, 0, sizeof(format_pg) - 2);
1990 return sizeof(format_pg);
1991}
1992
1993static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1994 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1995 0, 0, 0, 0};
1996
1997static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1998{ /* Caching page for mode_sense */
1999 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2000 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2001 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2002 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2003
2004 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2005 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2006 memcpy(p, caching_pg, sizeof(caching_pg));
2007 if (1 == pcontrol)
2008 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2009 else if (2 == pcontrol)
2010 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2011 return sizeof(caching_pg);
2012}
2013
2014static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2015 0, 0, 0x2, 0x4b};
2016
2017static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2018{ /* Control mode page for mode_sense */
2019 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2020 0, 0, 0, 0};
2021 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2022 0, 0, 0x2, 0x4b};
2023
2024 if (sdebug_dsense)
2025 ctrl_m_pg[2] |= 0x4;
2026 else
2027 ctrl_m_pg[2] &= ~0x4;
2028
2029 if (sdebug_ato)
2030 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2031
2032 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2033 if (1 == pcontrol)
2034 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2035 else if (2 == pcontrol)
2036 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2037 return sizeof(ctrl_m_pg);
2038}
2039
2040
2041static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2042{ /* Informational Exceptions control mode page for mode_sense */
2043 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2044 0, 0, 0x0, 0x0};
2045 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2046 0, 0, 0x0, 0x0};
2047
2048 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2049 if (1 == pcontrol)
2050 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2051 else if (2 == pcontrol)
2052 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2053 return sizeof(iec_m_pg);
2054}
2055
2056static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2057{ /* SAS SSP mode page - short format for mode_sense */
2058 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2059 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2060
2061 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2062 if (1 == pcontrol)
2063 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2064 return sizeof(sas_sf_m_pg);
2065}
2066
2067
2068static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2069 int target_dev_id)
2070{ /* SAS phy control and discover mode page for mode_sense */
2071 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2072 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2073 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2074 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2075 0x2, 0, 0, 0, 0, 0, 0, 0,
2076 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2077 0, 0, 0, 0, 0, 0, 0, 0,
2078 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2079 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2080 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2081 0x3, 0, 0, 0, 0, 0, 0, 0,
2082 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2083 0, 0, 0, 0, 0, 0, 0, 0,
2084 };
2085 int port_a, port_b;
2086
2087 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2088 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2089 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2090 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2091 port_a = target_dev_id + 1;
2092 port_b = port_a + 1;
2093 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2094 put_unaligned_be32(port_a, p + 20);
2095 put_unaligned_be32(port_b, p + 48 + 20);
2096 if (1 == pcontrol)
2097 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2098 return sizeof(sas_pcd_m_pg);
2099}
2100
2101static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2102{ /* SAS SSP shared protocol specific port mode subpage */
2103 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2104 0, 0, 0, 0, 0, 0, 0, 0,
2105 };
2106
2107 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2108 if (1 == pcontrol)
2109 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2110 return sizeof(sas_sha_m_pg);
2111}
2112
2113#define SDEBUG_MAX_MSENSE_SZ 256
2114
2115static int resp_mode_sense(struct scsi_cmnd *scp,
2116 struct sdebug_dev_info *devip)
2117{
2118 int pcontrol, pcode, subpcode, bd_len;
2119 unsigned char dev_spec;
2120 int alloc_len, offset, len, target_dev_id;
2121 int target = scp->device->id;
2122 unsigned char *ap;
2123 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2124 unsigned char *cmd = scp->cmnd;
2125 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2126
2127 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2128 pcontrol = (cmd[2] & 0xc0) >> 6;
2129 pcode = cmd[2] & 0x3f;
2130 subpcode = cmd[3];
2131 msense_6 = (MODE_SENSE == cmd[0]);
2132 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2133 is_disk = (sdebug_ptype == TYPE_DISK);
2134 if (is_disk && !dbd)
2135 bd_len = llbaa ? 16 : 8;
2136 else
2137 bd_len = 0;
2138 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2139 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2140 if (0x3 == pcontrol) { /* Saving values not supported */
2141 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2142 return check_condition_result;
2143 }
2144 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2145 (devip->target * 1000) - 3;
2146 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2147 if (is_disk)
2148 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2149 else
2150 dev_spec = 0x0;
2151 if (msense_6) {
2152 arr[2] = dev_spec;
2153 arr[3] = bd_len;
2154 offset = 4;
2155 } else {
2156 arr[3] = dev_spec;
2157 if (16 == bd_len)
2158 arr[4] = 0x1; /* set LONGLBA bit */
2159 arr[7] = bd_len; /* assume 255 or less */
2160 offset = 8;
2161 }
2162 ap = arr + offset;
2163 if ((bd_len > 0) && (!sdebug_capacity))
2164 sdebug_capacity = get_sdebug_capacity();
2165
2166 if (8 == bd_len) {
2167 if (sdebug_capacity > 0xfffffffe)
2168 put_unaligned_be32(0xffffffff, ap + 0);
2169 else
2170 put_unaligned_be32(sdebug_capacity, ap + 0);
2171 put_unaligned_be16(sdebug_sector_size, ap + 6);
2172 offset += bd_len;
2173 ap = arr + offset;
2174 } else if (16 == bd_len) {
2175 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2176 put_unaligned_be32(sdebug_sector_size, ap + 12);
2177 offset += bd_len;
2178 ap = arr + offset;
2179 }
2180
2181 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2182 /* TODO: Control Extension page */
2183 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2184 return check_condition_result;
2185 }
2186 bad_pcode = false;
2187
2188 switch (pcode) {
2189 case 0x1: /* Read-Write error recovery page, direct access */
2190 len = resp_err_recov_pg(ap, pcontrol, target);
2191 offset += len;
2192 break;
2193 case 0x2: /* Disconnect-Reconnect page, all devices */
2194 len = resp_disconnect_pg(ap, pcontrol, target);
2195 offset += len;
2196 break;
2197 case 0x3: /* Format device page, direct access */
2198 if (is_disk) {
2199 len = resp_format_pg(ap, pcontrol, target);
2200 offset += len;
2201 } else
2202 bad_pcode = true;
2203 break;
2204 case 0x8: /* Caching page, direct access */
2205 if (is_disk) {
2206 len = resp_caching_pg(ap, pcontrol, target);
2207 offset += len;
2208 } else
2209 bad_pcode = true;
2210 break;
2211 case 0xa: /* Control Mode page, all devices */
2212 len = resp_ctrl_m_pg(ap, pcontrol, target);
2213 offset += len;
2214 break;
2215 case 0x19: /* if spc==1 then sas phy, control+discover */
2216 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2217 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2218 return check_condition_result;
2219 }
2220 len = 0;
2221 if ((0x0 == subpcode) || (0xff == subpcode))
2222 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2223 if ((0x1 == subpcode) || (0xff == subpcode))
2224 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2225 target_dev_id);
2226 if ((0x2 == subpcode) || (0xff == subpcode))
2227 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2228 offset += len;
2229 break;
2230 case 0x1c: /* Informational Exceptions Mode page, all devices */
2231 len = resp_iec_m_pg(ap, pcontrol, target);
2232 offset += len;
2233 break;
2234 case 0x3f: /* Read all Mode pages */
2235 if ((0 == subpcode) || (0xff == subpcode)) {
2236 len = resp_err_recov_pg(ap, pcontrol, target);
2237 len += resp_disconnect_pg(ap + len, pcontrol, target);
2238 if (is_disk) {
2239 len += resp_format_pg(ap + len, pcontrol,
2240 target);
2241 len += resp_caching_pg(ap + len, pcontrol,
2242 target);
2243 }
2244 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2245 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2246 if (0xff == subpcode) {
2247 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2248 target, target_dev_id);
2249 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2250 }
2251 len += resp_iec_m_pg(ap + len, pcontrol, target);
2252 offset += len;
2253 } else {
2254 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2255 return check_condition_result;
2256 }
2257 break;
2258 default:
2259 bad_pcode = true;
2260 break;
2261 }
2262 if (bad_pcode) {
2263 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2264 return check_condition_result;
2265 }
2266 if (msense_6)
2267 arr[0] = offset - 1;
2268 else
2269 put_unaligned_be16((offset - 2), arr + 0);
2270 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2271}
2272
2273#define SDEBUG_MAX_MSELECT_SZ 512
2274
2275static int resp_mode_select(struct scsi_cmnd *scp,
2276 struct sdebug_dev_info *devip)
2277{
2278 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2279 int param_len, res, mpage;
2280 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2281 unsigned char *cmd = scp->cmnd;
2282 int mselect6 = (MODE_SELECT == cmd[0]);
2283
2284 memset(arr, 0, sizeof(arr));
2285 pf = cmd[1] & 0x10;
2286 sp = cmd[1] & 0x1;
2287 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2288 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2289 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2290 return check_condition_result;
2291 }
2292 res = fetch_to_dev_buffer(scp, arr, param_len);
2293 if (-1 == res)
2294 return DID_ERROR << 16;
2295 else if (sdebug_verbose && (res < param_len))
2296 sdev_printk(KERN_INFO, scp->device,
2297 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2298 __func__, param_len, res);
2299 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2300 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2301 if (md_len > 2) {
2302 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2303 return check_condition_result;
2304 }
2305 off = bd_len + (mselect6 ? 4 : 8);
2306 mpage = arr[off] & 0x3f;
2307 ps = !!(arr[off] & 0x80);
2308 if (ps) {
2309 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2310 return check_condition_result;
2311 }
2312 spf = !!(arr[off] & 0x40);
2313 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2314 (arr[off + 1] + 2);
2315 if ((pg_len + off) > param_len) {
2316 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2317 PARAMETER_LIST_LENGTH_ERR, 0);
2318 return check_condition_result;
2319 }
2320 switch (mpage) {
2321 case 0x8: /* Caching Mode page */
2322 if (caching_pg[1] == arr[off + 1]) {
2323 memcpy(caching_pg + 2, arr + off + 2,
2324 sizeof(caching_pg) - 2);
2325 goto set_mode_changed_ua;
2326 }
2327 break;
2328 case 0xa: /* Control Mode page */
2329 if (ctrl_m_pg[1] == arr[off + 1]) {
2330 memcpy(ctrl_m_pg + 2, arr + off + 2,
2331 sizeof(ctrl_m_pg) - 2);
2332 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2333 goto set_mode_changed_ua;
2334 }
2335 break;
2336 case 0x1c: /* Informational Exceptions Mode page */
2337 if (iec_m_pg[1] == arr[off + 1]) {
2338 memcpy(iec_m_pg + 2, arr + off + 2,
2339 sizeof(iec_m_pg) - 2);
2340 goto set_mode_changed_ua;
2341 }
2342 break;
2343 default:
2344 break;
2345 }
2346 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2347 return check_condition_result;
2348set_mode_changed_ua:
2349 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2350 return 0;
2351}
2352
2353static int resp_temp_l_pg(unsigned char *arr)
2354{
2355 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2356 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2357 };
2358
2359 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2360 return sizeof(temp_l_pg);
2361}
2362
2363static int resp_ie_l_pg(unsigned char *arr)
2364{
2365 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2366 };
2367
2368 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2369 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2370 arr[4] = THRESHOLD_EXCEEDED;
2371 arr[5] = 0xff;
2372 }
2373 return sizeof(ie_l_pg);
2374}
2375
2376#define SDEBUG_MAX_LSENSE_SZ 512
2377
2378static int resp_log_sense(struct scsi_cmnd *scp,
2379 struct sdebug_dev_info *devip)
2380{
2381 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2382 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2383 unsigned char *cmd = scp->cmnd;
2384
2385 memset(arr, 0, sizeof(arr));
2386 ppc = cmd[1] & 0x2;
2387 sp = cmd[1] & 0x1;
2388 if (ppc || sp) {
2389 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2390 return check_condition_result;
2391 }
2392 pcode = cmd[2] & 0x3f;
2393 subpcode = cmd[3] & 0xff;
2394 alloc_len = get_unaligned_be16(cmd + 7);
2395 arr[0] = pcode;
2396 if (0 == subpcode) {
2397 switch (pcode) {
2398 case 0x0: /* Supported log pages log page */
2399 n = 4;
2400 arr[n++] = 0x0; /* this page */
2401 arr[n++] = 0xd; /* Temperature */
2402 arr[n++] = 0x2f; /* Informational exceptions */
2403 arr[3] = n - 4;
2404 break;
2405 case 0xd: /* Temperature log page */
2406 arr[3] = resp_temp_l_pg(arr + 4);
2407 break;
2408 case 0x2f: /* Informational exceptions log page */
2409 arr[3] = resp_ie_l_pg(arr + 4);
2410 break;
2411 default:
2412 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2413 return check_condition_result;
2414 }
2415 } else if (0xff == subpcode) {
2416 arr[0] |= 0x40;
2417 arr[1] = subpcode;
2418 switch (pcode) {
2419 case 0x0: /* Supported log pages and subpages log page */
2420 n = 4;
2421 arr[n++] = 0x0;
2422 arr[n++] = 0x0; /* 0,0 page */
2423 arr[n++] = 0x0;
2424 arr[n++] = 0xff; /* this page */
2425 arr[n++] = 0xd;
2426 arr[n++] = 0x0; /* Temperature */
2427 arr[n++] = 0x2f;
2428 arr[n++] = 0x0; /* Informational exceptions */
2429 arr[3] = n - 4;
2430 break;
2431 case 0xd: /* Temperature subpages */
2432 n = 4;
2433 arr[n++] = 0xd;
2434 arr[n++] = 0x0; /* Temperature */
2435 arr[3] = n - 4;
2436 break;
2437 case 0x2f: /* Informational exceptions subpages */
2438 n = 4;
2439 arr[n++] = 0x2f;
2440 arr[n++] = 0x0; /* Informational exceptions */
2441 arr[3] = n - 4;
2442 break;
2443 default:
2444 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2445 return check_condition_result;
2446 }
2447 } else {
2448 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2449 return check_condition_result;
2450 }
2451 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2452 return fill_from_dev_buffer(scp, arr,
2453 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2454}
2455
2456static int check_device_access_params(struct scsi_cmnd *scp,
2457 unsigned long long lba, unsigned int num)
2458{
2459 if (lba + num > sdebug_capacity) {
2460 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2461 return check_condition_result;
2462 }
2463 /* transfer length excessive (tie in to block limits VPD page) */
2464 if (num > sdebug_store_sectors) {
2465 /* needs work to find which cdb byte 'num' comes from */
2466 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2467 return check_condition_result;
2468 }
2469 return 0;
2470}
2471
2472/* Returns number of bytes copied or -1 if error. */
2473static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2474 u32 num, bool do_write)
2475{
2476 int ret;
2477 u64 block, rest = 0;
2478 struct scsi_data_buffer *sdb;
2479 enum dma_data_direction dir;
2480
2481 if (do_write) {
2482 sdb = scsi_out(scmd);
2483 dir = DMA_TO_DEVICE;
2484 write_since_sync = true;
2485 } else {
2486 sdb = scsi_in(scmd);
2487 dir = DMA_FROM_DEVICE;
2488 }
2489
2490 if (!sdb->length)
2491 return 0;
2492 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2493 return -1;
2494
2495 block = do_div(lba, sdebug_store_sectors);
2496 if (block + num > sdebug_store_sectors)
2497 rest = block + num - sdebug_store_sectors;
2498
2499 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2500 fake_storep + (block * sdebug_sector_size),
2501 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2502 if (ret != (num - rest) * sdebug_sector_size)
2503 return ret;
2504
2505 if (rest) {
2506 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2507 fake_storep, rest * sdebug_sector_size,
2508 sg_skip + ((num - rest) * sdebug_sector_size),
2509 do_write);
2510 }
2511
2512 return ret;
2513}
2514
2515/* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2516 * arr into fake_store(lba,num) and return true. If comparison fails then
2517 * return false. */
2518static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2519{
2520 bool res;
2521 u64 block, rest = 0;
2522 u32 store_blks = sdebug_store_sectors;
2523 u32 lb_size = sdebug_sector_size;
2524
2525 block = do_div(lba, store_blks);
2526 if (block + num > store_blks)
2527 rest = block + num - store_blks;
2528
2529 res = !memcmp(fake_storep + (block * lb_size), arr,
2530 (num - rest) * lb_size);
2531 if (!res)
2532 return res;
2533 if (rest)
2534 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2535 rest * lb_size);
2536 if (!res)
2537 return res;
2538 arr += num * lb_size;
2539 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2540 if (rest)
2541 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2542 rest * lb_size);
2543 return res;
2544}
2545
2546static __be16 dif_compute_csum(const void *buf, int len)
2547{
2548 __be16 csum;
2549
2550 if (sdebug_guard)
2551 csum = (__force __be16)ip_compute_csum(buf, len);
2552 else
2553 csum = cpu_to_be16(crc_t10dif(buf, len));
2554
2555 return csum;
2556}
2557
2558static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2559 sector_t sector, u32 ei_lba)
2560{
2561 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2562
2563 if (sdt->guard_tag != csum) {
2564 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2565 (unsigned long)sector,
2566 be16_to_cpu(sdt->guard_tag),
2567 be16_to_cpu(csum));
2568 return 0x01;
2569 }
2570 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2571 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2572 pr_err("REF check failed on sector %lu\n",
2573 (unsigned long)sector);
2574 return 0x03;
2575 }
2576 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2577 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2578 pr_err("REF check failed on sector %lu\n",
2579 (unsigned long)sector);
2580 return 0x03;
2581 }
2582 return 0;
2583}
2584
2585static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2586 unsigned int sectors, bool read)
2587{
2588 size_t resid;
2589 void *paddr;
2590 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2591 struct sg_mapping_iter miter;
2592
2593 /* Bytes of protection data to copy into sgl */
2594 resid = sectors * sizeof(*dif_storep);
2595
2596 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2597 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2598 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2599
2600 while (sg_miter_next(&miter) && resid > 0) {
2601 size_t len = min(miter.length, resid);
2602 void *start = dif_store(sector);
2603 size_t rest = 0;
2604
2605 if (dif_store_end < start + len)
2606 rest = start + len - dif_store_end;
2607
2608 paddr = miter.addr;
2609
2610 if (read)
2611 memcpy(paddr, start, len - rest);
2612 else
2613 memcpy(start, paddr, len - rest);
2614
2615 if (rest) {
2616 if (read)
2617 memcpy(paddr + len - rest, dif_storep, rest);
2618 else
2619 memcpy(dif_storep, paddr + len - rest, rest);
2620 }
2621
2622 sector += len / sizeof(*dif_storep);
2623 resid -= len;
2624 }
2625 sg_miter_stop(&miter);
2626}
2627
2628static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2629 unsigned int sectors, u32 ei_lba)
2630{
2631 unsigned int i;
2632 struct t10_pi_tuple *sdt;
2633 sector_t sector;
2634
2635 for (i = 0; i < sectors; i++, ei_lba++) {
2636 int ret;
2637
2638 sector = start_sec + i;
2639 sdt = dif_store(sector);
2640
2641 if (sdt->app_tag == cpu_to_be16(0xffff))
2642 continue;
2643
2644 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2645 if (ret) {
2646 dif_errors++;
2647 return ret;
2648 }
2649 }
2650
2651 dif_copy_prot(SCpnt, start_sec, sectors, true);
2652 dix_reads++;
2653
2654 return 0;
2655}
2656
2657static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2658{
2659 u8 *cmd = scp->cmnd;
2660 struct sdebug_queued_cmd *sqcp;
2661 u64 lba;
2662 u32 num;
2663 u32 ei_lba;
2664 unsigned long iflags;
2665 int ret;
2666 bool check_prot;
2667
2668 switch (cmd[0]) {
2669 case READ_16:
2670 ei_lba = 0;
2671 lba = get_unaligned_be64(cmd + 2);
2672 num = get_unaligned_be32(cmd + 10);
2673 check_prot = true;
2674 break;
2675 case READ_10:
2676 ei_lba = 0;
2677 lba = get_unaligned_be32(cmd + 2);
2678 num = get_unaligned_be16(cmd + 7);
2679 check_prot = true;
2680 break;
2681 case READ_6:
2682 ei_lba = 0;
2683 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2684 (u32)(cmd[1] & 0x1f) << 16;
2685 num = (0 == cmd[4]) ? 256 : cmd[4];
2686 check_prot = true;
2687 break;
2688 case READ_12:
2689 ei_lba = 0;
2690 lba = get_unaligned_be32(cmd + 2);
2691 num = get_unaligned_be32(cmd + 6);
2692 check_prot = true;
2693 break;
2694 case XDWRITEREAD_10:
2695 ei_lba = 0;
2696 lba = get_unaligned_be32(cmd + 2);
2697 num = get_unaligned_be16(cmd + 7);
2698 check_prot = false;
2699 break;
2700 default: /* assume READ(32) */
2701 lba = get_unaligned_be64(cmd + 12);
2702 ei_lba = get_unaligned_be32(cmd + 20);
2703 num = get_unaligned_be32(cmd + 28);
2704 check_prot = false;
2705 break;
2706 }
2707 if (unlikely(have_dif_prot && check_prot)) {
2708 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2709 (cmd[1] & 0xe0)) {
2710 mk_sense_invalid_opcode(scp);
2711 return check_condition_result;
2712 }
2713 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2714 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2715 (cmd[1] & 0xe0) == 0)
2716 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2717 "to DIF device\n");
2718 }
2719 if (unlikely(sdebug_any_injecting_opt)) {
2720 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2721
2722 if (sqcp) {
2723 if (sqcp->inj_short)
2724 num /= 2;
2725 }
2726 } else
2727 sqcp = NULL;
2728
2729 /* inline check_device_access_params() */
2730 if (unlikely(lba + num > sdebug_capacity)) {
2731 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2732 return check_condition_result;
2733 }
2734 /* transfer length excessive (tie in to block limits VPD page) */
2735 if (unlikely(num > sdebug_store_sectors)) {
2736 /* needs work to find which cdb byte 'num' comes from */
2737 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2738 return check_condition_result;
2739 }
2740
2741 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2742 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2743 ((lba + num) > sdebug_medium_error_start))) {
2744 /* claim unrecoverable read error */
2745 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2746 /* set info field and valid bit for fixed descriptor */
2747 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2748 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2749 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2750 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2751 put_unaligned_be32(ret, scp->sense_buffer + 3);
2752 }
2753 scsi_set_resid(scp, scsi_bufflen(scp));
2754 return check_condition_result;
2755 }
2756
2757 read_lock_irqsave(&atomic_rw, iflags);
2758
2759 /* DIX + T10 DIF */
2760 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2761 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2762
2763 if (prot_ret) {
2764 read_unlock_irqrestore(&atomic_rw, iflags);
2765 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2766 return illegal_condition_result;
2767 }
2768 }
2769
2770 ret = do_device_access(scp, 0, lba, num, false);
2771 read_unlock_irqrestore(&atomic_rw, iflags);
2772 if (unlikely(ret == -1))
2773 return DID_ERROR << 16;
2774
2775 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2776
2777 if (unlikely(sqcp)) {
2778 if (sqcp->inj_recovered) {
2779 mk_sense_buffer(scp, RECOVERED_ERROR,
2780 THRESHOLD_EXCEEDED, 0);
2781 return check_condition_result;
2782 } else if (sqcp->inj_transport) {
2783 mk_sense_buffer(scp, ABORTED_COMMAND,
2784 TRANSPORT_PROBLEM, ACK_NAK_TO);
2785 return check_condition_result;
2786 } else if (sqcp->inj_dif) {
2787 /* Logical block guard check failed */
2788 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2789 return illegal_condition_result;
2790 } else if (sqcp->inj_dix) {
2791 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2792 return illegal_condition_result;
2793 }
2794 }
2795 return 0;
2796}
2797
2798static void dump_sector(unsigned char *buf, int len)
2799{
2800 int i, j, n;
2801
2802 pr_err(">>> Sector Dump <<<\n");
2803 for (i = 0 ; i < len ; i += 16) {
2804 char b[128];
2805
2806 for (j = 0, n = 0; j < 16; j++) {
2807 unsigned char c = buf[i+j];
2808
2809 if (c >= 0x20 && c < 0x7e)
2810 n += scnprintf(b + n, sizeof(b) - n,
2811 " %c ", buf[i+j]);
2812 else
2813 n += scnprintf(b + n, sizeof(b) - n,
2814 "%02x ", buf[i+j]);
2815 }
2816 pr_err("%04d: %s\n", i, b);
2817 }
2818}
2819
2820static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2821 unsigned int sectors, u32 ei_lba)
2822{
2823 int ret;
2824 struct t10_pi_tuple *sdt;
2825 void *daddr;
2826 sector_t sector = start_sec;
2827 int ppage_offset;
2828 int dpage_offset;
2829 struct sg_mapping_iter diter;
2830 struct sg_mapping_iter piter;
2831
2832 BUG_ON(scsi_sg_count(SCpnt) == 0);
2833 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2834
2835 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2836 scsi_prot_sg_count(SCpnt),
2837 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2838 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2839 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2840
2841 /* For each protection page */
2842 while (sg_miter_next(&piter)) {
2843 dpage_offset = 0;
2844 if (WARN_ON(!sg_miter_next(&diter))) {
2845 ret = 0x01;
2846 goto out;
2847 }
2848
2849 for (ppage_offset = 0; ppage_offset < piter.length;
2850 ppage_offset += sizeof(struct t10_pi_tuple)) {
2851 /* If we're at the end of the current
2852 * data page advance to the next one
2853 */
2854 if (dpage_offset >= diter.length) {
2855 if (WARN_ON(!sg_miter_next(&diter))) {
2856 ret = 0x01;
2857 goto out;
2858 }
2859 dpage_offset = 0;
2860 }
2861
2862 sdt = piter.addr + ppage_offset;
2863 daddr = diter.addr + dpage_offset;
2864
2865 ret = dif_verify(sdt, daddr, sector, ei_lba);
2866 if (ret) {
2867 dump_sector(daddr, sdebug_sector_size);
2868 goto out;
2869 }
2870
2871 sector++;
2872 ei_lba++;
2873 dpage_offset += sdebug_sector_size;
2874 }
2875 diter.consumed = dpage_offset;
2876 sg_miter_stop(&diter);
2877 }
2878 sg_miter_stop(&piter);
2879
2880 dif_copy_prot(SCpnt, start_sec, sectors, false);
2881 dix_writes++;
2882
2883 return 0;
2884
2885out:
2886 dif_errors++;
2887 sg_miter_stop(&diter);
2888 sg_miter_stop(&piter);
2889 return ret;
2890}
2891
2892static unsigned long lba_to_map_index(sector_t lba)
2893{
2894 if (sdebug_unmap_alignment)
2895 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2896 sector_div(lba, sdebug_unmap_granularity);
2897 return lba;
2898}
2899
2900static sector_t map_index_to_lba(unsigned long index)
2901{
2902 sector_t lba = index * sdebug_unmap_granularity;
2903
2904 if (sdebug_unmap_alignment)
2905 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2906 return lba;
2907}
2908
2909static unsigned int map_state(sector_t lba, unsigned int *num)
2910{
2911 sector_t end;
2912 unsigned int mapped;
2913 unsigned long index;
2914 unsigned long next;
2915
2916 index = lba_to_map_index(lba);
2917 mapped = test_bit(index, map_storep);
2918
2919 if (mapped)
2920 next = find_next_zero_bit(map_storep, map_size, index);
2921 else
2922 next = find_next_bit(map_storep, map_size, index);
2923
2924 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2925 *num = end - lba;
2926 return mapped;
2927}
2928
2929static void map_region(sector_t lba, unsigned int len)
2930{
2931 sector_t end = lba + len;
2932
2933 while (lba < end) {
2934 unsigned long index = lba_to_map_index(lba);
2935
2936 if (index < map_size)
2937 set_bit(index, map_storep);
2938
2939 lba = map_index_to_lba(index + 1);
2940 }
2941}
2942
2943static void unmap_region(sector_t lba, unsigned int len)
2944{
2945 sector_t end = lba + len;
2946
2947 while (lba < end) {
2948 unsigned long index = lba_to_map_index(lba);
2949
2950 if (lba == map_index_to_lba(index) &&
2951 lba + sdebug_unmap_granularity <= end &&
2952 index < map_size) {
2953 clear_bit(index, map_storep);
2954 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2955 memset(fake_storep +
2956 lba * sdebug_sector_size,
2957 (sdebug_lbprz & 1) ? 0 : 0xff,
2958 sdebug_sector_size *
2959 sdebug_unmap_granularity);
2960 }
2961 if (dif_storep) {
2962 memset(dif_storep + lba, 0xff,
2963 sizeof(*dif_storep) *
2964 sdebug_unmap_granularity);
2965 }
2966 }
2967 lba = map_index_to_lba(index + 1);
2968 }
2969}
2970
2971static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2972{
2973 u8 *cmd = scp->cmnd;
2974 u64 lba;
2975 u32 num;
2976 u32 ei_lba;
2977 unsigned long iflags;
2978 int ret;
2979 bool check_prot;
2980
2981 switch (cmd[0]) {
2982 case WRITE_16:
2983 ei_lba = 0;
2984 lba = get_unaligned_be64(cmd + 2);
2985 num = get_unaligned_be32(cmd + 10);
2986 check_prot = true;
2987 break;
2988 case WRITE_10:
2989 ei_lba = 0;
2990 lba = get_unaligned_be32(cmd + 2);
2991 num = get_unaligned_be16(cmd + 7);
2992 check_prot = true;
2993 break;
2994 case WRITE_6:
2995 ei_lba = 0;
2996 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2997 (u32)(cmd[1] & 0x1f) << 16;
2998 num = (0 == cmd[4]) ? 256 : cmd[4];
2999 check_prot = true;
3000 break;
3001 case WRITE_12:
3002 ei_lba = 0;
3003 lba = get_unaligned_be32(cmd + 2);
3004 num = get_unaligned_be32(cmd + 6);
3005 check_prot = true;
3006 break;
3007 case 0x53: /* XDWRITEREAD(10) */
3008 ei_lba = 0;
3009 lba = get_unaligned_be32(cmd + 2);
3010 num = get_unaligned_be16(cmd + 7);
3011 check_prot = false;
3012 break;
3013 default: /* assume WRITE(32) */
3014 lba = get_unaligned_be64(cmd + 12);
3015 ei_lba = get_unaligned_be32(cmd + 20);
3016 num = get_unaligned_be32(cmd + 28);
3017 check_prot = false;
3018 break;
3019 }
3020 if (unlikely(have_dif_prot && check_prot)) {
3021 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3022 (cmd[1] & 0xe0)) {
3023 mk_sense_invalid_opcode(scp);
3024 return check_condition_result;
3025 }
3026 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3027 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3028 (cmd[1] & 0xe0) == 0)
3029 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3030 "to DIF device\n");
3031 }
3032
3033 /* inline check_device_access_params() */
3034 if (unlikely(lba + num > sdebug_capacity)) {
3035 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3036 return check_condition_result;
3037 }
3038 /* transfer length excessive (tie in to block limits VPD page) */
3039 if (unlikely(num > sdebug_store_sectors)) {
3040 /* needs work to find which cdb byte 'num' comes from */
3041 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3042 return check_condition_result;
3043 }
3044
3045 write_lock_irqsave(&atomic_rw, iflags);
3046
3047 /* DIX + T10 DIF */
3048 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3049 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3050
3051 if (prot_ret) {
3052 write_unlock_irqrestore(&atomic_rw, iflags);
3053 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3054 return illegal_condition_result;
3055 }
3056 }
3057
3058 ret = do_device_access(scp, 0, lba, num, true);
3059 if (unlikely(scsi_debug_lbp()))
3060 map_region(lba, num);
3061 write_unlock_irqrestore(&atomic_rw, iflags);
3062 if (unlikely(-1 == ret))
3063 return DID_ERROR << 16;
3064 else if (unlikely(sdebug_verbose &&
3065 (ret < (num * sdebug_sector_size))))
3066 sdev_printk(KERN_INFO, scp->device,
3067 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3068 my_name, num * sdebug_sector_size, ret);
3069
3070 if (unlikely(sdebug_any_injecting_opt)) {
3071 struct sdebug_queued_cmd *sqcp =
3072 (struct sdebug_queued_cmd *)scp->host_scribble;
3073
3074 if (sqcp) {
3075 if (sqcp->inj_recovered) {
3076 mk_sense_buffer(scp, RECOVERED_ERROR,
3077 THRESHOLD_EXCEEDED, 0);
3078 return check_condition_result;
3079 } else if (sqcp->inj_dif) {
3080 /* Logical block guard check failed */
3081 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3082 return illegal_condition_result;
3083 } else if (sqcp->inj_dix) {
3084 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3085 return illegal_condition_result;
3086 }
3087 }
3088 }
3089 return 0;
3090}
3091
3092/*
3093 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3094 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3095 */
3096static int resp_write_scat(struct scsi_cmnd *scp,
3097 struct sdebug_dev_info *devip)
3098{
3099 u8 *cmd = scp->cmnd;
3100 u8 *lrdp = NULL;
3101 u8 *up;
3102 u8 wrprotect;
3103 u16 lbdof, num_lrd, k;
3104 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3105 u32 lb_size = sdebug_sector_size;
3106 u32 ei_lba;
3107 u64 lba;
3108 unsigned long iflags;
3109 int ret, res;
3110 bool is_16;
3111 static const u32 lrd_size = 32; /* + parameter list header size */
3112
3113 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3114 is_16 = false;
3115 wrprotect = (cmd[10] >> 5) & 0x7;
3116 lbdof = get_unaligned_be16(cmd + 12);
3117 num_lrd = get_unaligned_be16(cmd + 16);
3118 bt_len = get_unaligned_be32(cmd + 28);
3119 } else { /* that leaves WRITE SCATTERED(16) */
3120 is_16 = true;
3121 wrprotect = (cmd[2] >> 5) & 0x7;
3122 lbdof = get_unaligned_be16(cmd + 4);
3123 num_lrd = get_unaligned_be16(cmd + 8);
3124 bt_len = get_unaligned_be32(cmd + 10);
3125 if (unlikely(have_dif_prot)) {
3126 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3127 wrprotect) {
3128 mk_sense_invalid_opcode(scp);
3129 return illegal_condition_result;
3130 }
3131 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3132 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3133 wrprotect == 0)
3134 sdev_printk(KERN_ERR, scp->device,
3135 "Unprotected WR to DIF device\n");
3136 }
3137 }
3138 if ((num_lrd == 0) || (bt_len == 0))
3139 return 0; /* T10 says these do-nothings are not errors */
3140 if (lbdof == 0) {
3141 if (sdebug_verbose)
3142 sdev_printk(KERN_INFO, scp->device,
3143 "%s: %s: LB Data Offset field bad\n",
3144 my_name, __func__);
3145 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3146 return illegal_condition_result;
3147 }
3148 lbdof_blen = lbdof * lb_size;
3149 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3150 if (sdebug_verbose)
3151 sdev_printk(KERN_INFO, scp->device,
3152 "%s: %s: LBA range descriptors don't fit\n",
3153 my_name, __func__);
3154 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3155 return illegal_condition_result;
3156 }
3157 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3158 if (lrdp == NULL)
3159 return SCSI_MLQUEUE_HOST_BUSY;
3160 if (sdebug_verbose)
3161 sdev_printk(KERN_INFO, scp->device,
3162 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3163 my_name, __func__, lbdof_blen);
3164 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3165 if (res == -1) {
3166 ret = DID_ERROR << 16;
3167 goto err_out;
3168 }
3169
3170 write_lock_irqsave(&atomic_rw, iflags);
3171 sg_off = lbdof_blen;
3172 /* Spec says Buffer xfer Length field in number of LBs in dout */
3173 cum_lb = 0;
3174 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3175 lba = get_unaligned_be64(up + 0);
3176 num = get_unaligned_be32(up + 8);
3177 if (sdebug_verbose)
3178 sdev_printk(KERN_INFO, scp->device,
3179 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3180 my_name, __func__, k, lba, num, sg_off);
3181 if (num == 0)
3182 continue;
3183 ret = check_device_access_params(scp, lba, num);
3184 if (ret)
3185 goto err_out_unlock;
3186 num_by = num * lb_size;
3187 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3188
3189 if ((cum_lb + num) > bt_len) {
3190 if (sdebug_verbose)
3191 sdev_printk(KERN_INFO, scp->device,
3192 "%s: %s: sum of blocks > data provided\n",
3193 my_name, __func__);
3194 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3195 0);
3196 ret = illegal_condition_result;
3197 goto err_out_unlock;
3198 }
3199
3200 /* DIX + T10 DIF */
3201 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3202 int prot_ret = prot_verify_write(scp, lba, num,
3203 ei_lba);
3204
3205 if (prot_ret) {
3206 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3207 prot_ret);
3208 ret = illegal_condition_result;
3209 goto err_out_unlock;
3210 }
3211 }
3212
3213 ret = do_device_access(scp, sg_off, lba, num, true);
3214 if (unlikely(scsi_debug_lbp()))
3215 map_region(lba, num);
3216 if (unlikely(-1 == ret)) {
3217 ret = DID_ERROR << 16;
3218 goto err_out_unlock;
3219 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3220 sdev_printk(KERN_INFO, scp->device,
3221 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3222 my_name, num_by, ret);
3223
3224 if (unlikely(sdebug_any_injecting_opt)) {
3225 struct sdebug_queued_cmd *sqcp =
3226 (struct sdebug_queued_cmd *)scp->host_scribble;
3227
3228 if (sqcp) {
3229 if (sqcp->inj_recovered) {
3230 mk_sense_buffer(scp, RECOVERED_ERROR,
3231 THRESHOLD_EXCEEDED, 0);
3232 ret = illegal_condition_result;
3233 goto err_out_unlock;
3234 } else if (sqcp->inj_dif) {
3235 /* Logical block guard check failed */
3236 mk_sense_buffer(scp, ABORTED_COMMAND,
3237 0x10, 1);
3238 ret = illegal_condition_result;
3239 goto err_out_unlock;
3240 } else if (sqcp->inj_dix) {
3241 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3242 0x10, 1);
3243 ret = illegal_condition_result;
3244 goto err_out_unlock;
3245 }
3246 }
3247 }
3248 sg_off += num_by;
3249 cum_lb += num;
3250 }
3251 ret = 0;
3252err_out_unlock:
3253 write_unlock_irqrestore(&atomic_rw, iflags);
3254err_out:
3255 kfree(lrdp);
3256 return ret;
3257}
3258
3259static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3260 u32 ei_lba, bool unmap, bool ndob)
3261{
3262 unsigned long iflags;
3263 unsigned long long i;
3264 int ret;
3265 u64 lba_off;
3266
3267 ret = check_device_access_params(scp, lba, num);
3268 if (ret)
3269 return ret;
3270
3271 write_lock_irqsave(&atomic_rw, iflags);
3272
3273 if (unmap && scsi_debug_lbp()) {
3274 unmap_region(lba, num);
3275 goto out;
3276 }
3277
3278 lba_off = lba * sdebug_sector_size;
3279 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3280 if (ndob) {
3281 memset(fake_storep + lba_off, 0, sdebug_sector_size);
3282 ret = 0;
3283 } else
3284 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off,
3285 sdebug_sector_size);
3286
3287 if (-1 == ret) {
3288 write_unlock_irqrestore(&atomic_rw, iflags);
3289 return DID_ERROR << 16;
3290 } else if (sdebug_verbose && !ndob && (ret < sdebug_sector_size))
3291 sdev_printk(KERN_INFO, scp->device,
3292 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3293 my_name, "write same",
3294 sdebug_sector_size, ret);
3295
3296 /* Copy first sector to remaining blocks */
3297 for (i = 1 ; i < num ; i++)
3298 memcpy(fake_storep + ((lba + i) * sdebug_sector_size),
3299 fake_storep + lba_off,
3300 sdebug_sector_size);
3301
3302 if (scsi_debug_lbp())
3303 map_region(lba, num);
3304out:
3305 write_unlock_irqrestore(&atomic_rw, iflags);
3306
3307 return 0;
3308}
3309
3310static int resp_write_same_10(struct scsi_cmnd *scp,
3311 struct sdebug_dev_info *devip)
3312{
3313 u8 *cmd = scp->cmnd;
3314 u32 lba;
3315 u16 num;
3316 u32 ei_lba = 0;
3317 bool unmap = false;
3318
3319 if (cmd[1] & 0x8) {
3320 if (sdebug_lbpws10 == 0) {
3321 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3322 return check_condition_result;
3323 } else
3324 unmap = true;
3325 }
3326 lba = get_unaligned_be32(cmd + 2);
3327 num = get_unaligned_be16(cmd + 7);
3328 if (num > sdebug_write_same_length) {
3329 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3330 return check_condition_result;
3331 }
3332 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3333}
3334
3335static int resp_write_same_16(struct scsi_cmnd *scp,
3336 struct sdebug_dev_info *devip)
3337{
3338 u8 *cmd = scp->cmnd;
3339 u64 lba;
3340 u32 num;
3341 u32 ei_lba = 0;
3342 bool unmap = false;
3343 bool ndob = false;
3344
3345 if (cmd[1] & 0x8) { /* UNMAP */
3346 if (sdebug_lbpws == 0) {
3347 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3348 return check_condition_result;
3349 } else
3350 unmap = true;
3351 }
3352 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3353 ndob = true;
3354 lba = get_unaligned_be64(cmd + 2);
3355 num = get_unaligned_be32(cmd + 10);
3356 if (num > sdebug_write_same_length) {
3357 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3358 return check_condition_result;
3359 }
3360 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3361}
3362
3363/* Note the mode field is in the same position as the (lower) service action
3364 * field. For the Report supported operation codes command, SPC-4 suggests
3365 * each mode of this command should be reported separately; for future. */
3366static int resp_write_buffer(struct scsi_cmnd *scp,
3367 struct sdebug_dev_info *devip)
3368{
3369 u8 *cmd = scp->cmnd;
3370 struct scsi_device *sdp = scp->device;
3371 struct sdebug_dev_info *dp;
3372 u8 mode;
3373
3374 mode = cmd[1] & 0x1f;
3375 switch (mode) {
3376 case 0x4: /* download microcode (MC) and activate (ACT) */
3377 /* set UAs on this device only */
3378 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3379 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3380 break;
3381 case 0x5: /* download MC, save and ACT */
3382 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3383 break;
3384 case 0x6: /* download MC with offsets and ACT */
3385 /* set UAs on most devices (LUs) in this target */
3386 list_for_each_entry(dp,
3387 &devip->sdbg_host->dev_info_list,
3388 dev_list)
3389 if (dp->target == sdp->id) {
3390 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3391 if (devip != dp)
3392 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3393 dp->uas_bm);
3394 }
3395 break;
3396 case 0x7: /* download MC with offsets, save, and ACT */
3397 /* set UA on all devices (LUs) in this target */
3398 list_for_each_entry(dp,
3399 &devip->sdbg_host->dev_info_list,
3400 dev_list)
3401 if (dp->target == sdp->id)
3402 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3403 dp->uas_bm);
3404 break;
3405 default:
3406 /* do nothing for this command for other mode values */
3407 break;
3408 }
3409 return 0;
3410}
3411
3412static int resp_comp_write(struct scsi_cmnd *scp,
3413 struct sdebug_dev_info *devip)
3414{
3415 u8 *cmd = scp->cmnd;
3416 u8 *arr;
3417 u8 *fake_storep_hold;
3418 u64 lba;
3419 u32 dnum;
3420 u32 lb_size = sdebug_sector_size;
3421 u8 num;
3422 unsigned long iflags;
3423 int ret;
3424 int retval = 0;
3425
3426 lba = get_unaligned_be64(cmd + 2);
3427 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3428 if (0 == num)
3429 return 0; /* degenerate case, not an error */
3430 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3431 (cmd[1] & 0xe0)) {
3432 mk_sense_invalid_opcode(scp);
3433 return check_condition_result;
3434 }
3435 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3436 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3437 (cmd[1] & 0xe0) == 0)
3438 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3439 "to DIF device\n");
3440
3441 /* inline check_device_access_params() */
3442 if (lba + num > sdebug_capacity) {
3443 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3444 return check_condition_result;
3445 }
3446 /* transfer length excessive (tie in to block limits VPD page) */
3447 if (num > sdebug_store_sectors) {
3448 /* needs work to find which cdb byte 'num' comes from */
3449 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3450 return check_condition_result;
3451 }
3452 dnum = 2 * num;
3453 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3454 if (NULL == arr) {
3455 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3456 INSUFF_RES_ASCQ);
3457 return check_condition_result;
3458 }
3459
3460 write_lock_irqsave(&atomic_rw, iflags);
3461
3462 /* trick do_device_access() to fetch both compare and write buffers
3463 * from data-in into arr. Safe (atomic) since write_lock held. */
3464 fake_storep_hold = fake_storep;
3465 fake_storep = arr;
3466 ret = do_device_access(scp, 0, 0, dnum, true);
3467 fake_storep = fake_storep_hold;
3468 if (ret == -1) {
3469 retval = DID_ERROR << 16;
3470 goto cleanup;
3471 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3472 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3473 "indicated=%u, IO sent=%d bytes\n", my_name,
3474 dnum * lb_size, ret);
3475 if (!comp_write_worker(lba, num, arr)) {
3476 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3477 retval = check_condition_result;
3478 goto cleanup;
3479 }
3480 if (scsi_debug_lbp())
3481 map_region(lba, num);
3482cleanup:
3483 write_unlock_irqrestore(&atomic_rw, iflags);
3484 kfree(arr);
3485 return retval;
3486}
3487
3488struct unmap_block_desc {
3489 __be64 lba;
3490 __be32 blocks;
3491 __be32 __reserved;
3492};
3493
3494static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3495{
3496 unsigned char *buf;
3497 struct unmap_block_desc *desc;
3498 unsigned int i, payload_len, descriptors;
3499 int ret;
3500 unsigned long iflags;
3501
3502
3503 if (!scsi_debug_lbp())
3504 return 0; /* fib and say its done */
3505 payload_len = get_unaligned_be16(scp->cmnd + 7);
3506 BUG_ON(scsi_bufflen(scp) != payload_len);
3507
3508 descriptors = (payload_len - 8) / 16;
3509 if (descriptors > sdebug_unmap_max_desc) {
3510 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3511 return check_condition_result;
3512 }
3513
3514 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3515 if (!buf) {
3516 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3517 INSUFF_RES_ASCQ);
3518 return check_condition_result;
3519 }
3520
3521 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3522
3523 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3524 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3525
3526 desc = (void *)&buf[8];
3527
3528 write_lock_irqsave(&atomic_rw, iflags);
3529
3530 for (i = 0 ; i < descriptors ; i++) {
3531 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3532 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3533
3534 ret = check_device_access_params(scp, lba, num);
3535 if (ret)
3536 goto out;
3537
3538 unmap_region(lba, num);
3539 }
3540
3541 ret = 0;
3542
3543out:
3544 write_unlock_irqrestore(&atomic_rw, iflags);
3545 kfree(buf);
3546
3547 return ret;
3548}
3549
3550#define SDEBUG_GET_LBA_STATUS_LEN 32
3551
3552static int resp_get_lba_status(struct scsi_cmnd *scp,
3553 struct sdebug_dev_info *devip)
3554{
3555 u8 *cmd = scp->cmnd;
3556 u64 lba;
3557 u32 alloc_len, mapped, num;
3558 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3559 int ret;
3560
3561 lba = get_unaligned_be64(cmd + 2);
3562 alloc_len = get_unaligned_be32(cmd + 10);
3563
3564 if (alloc_len < 24)
3565 return 0;
3566
3567 ret = check_device_access_params(scp, lba, 1);
3568 if (ret)
3569 return ret;
3570
3571 if (scsi_debug_lbp())
3572 mapped = map_state(lba, &num);
3573 else {
3574 mapped = 1;
3575 /* following just in case virtual_gb changed */
3576 sdebug_capacity = get_sdebug_capacity();
3577 if (sdebug_capacity - lba <= 0xffffffff)
3578 num = sdebug_capacity - lba;
3579 else
3580 num = 0xffffffff;
3581 }
3582
3583 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3584 put_unaligned_be32(20, arr); /* Parameter Data Length */
3585 put_unaligned_be64(lba, arr + 8); /* LBA */
3586 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3587 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3588
3589 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3590}
3591
3592static int resp_sync_cache(struct scsi_cmnd *scp,
3593 struct sdebug_dev_info *devip)
3594{
3595 int res = 0;
3596 u64 lba;
3597 u32 num_blocks;
3598 u8 *cmd = scp->cmnd;
3599
3600 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3601 lba = get_unaligned_be32(cmd + 2);
3602 num_blocks = get_unaligned_be16(cmd + 7);
3603 } else { /* SYNCHRONIZE_CACHE(16) */
3604 lba = get_unaligned_be64(cmd + 2);
3605 num_blocks = get_unaligned_be32(cmd + 10);
3606 }
3607 if (lba + num_blocks > sdebug_capacity) {
3608 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3609 return check_condition_result;
3610 }
3611 if (!write_since_sync || cmd[1] & 0x2)
3612 res = SDEG_RES_IMMED_MASK;
3613 else /* delay if write_since_sync and IMMED clear */
3614 write_since_sync = false;
3615 return res;
3616}
3617
3618#define RL_BUCKET_ELEMS 8
3619
3620/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3621 * (W-LUN), the normal Linux scanning logic does not associate it with a
3622 * device (e.g. /dev/sg7). The following magic will make that association:
3623 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3624 * where <n> is a host number. If there are multiple targets in a host then
3625 * the above will associate a W-LUN to each target. To only get a W-LUN
3626 * for target 2, then use "echo '- 2 49409' > scan" .
3627 */
3628static int resp_report_luns(struct scsi_cmnd *scp,
3629 struct sdebug_dev_info *devip)
3630{
3631 unsigned char *cmd = scp->cmnd;
3632 unsigned int alloc_len;
3633 unsigned char select_report;
3634 u64 lun;
3635 struct scsi_lun *lun_p;
3636 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3637 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3638 unsigned int wlun_cnt; /* report luns W-LUN count */
3639 unsigned int tlun_cnt; /* total LUN count */
3640 unsigned int rlen; /* response length (in bytes) */
3641 int k, j, n, res;
3642 unsigned int off_rsp = 0;
3643 const int sz_lun = sizeof(struct scsi_lun);
3644
3645 clear_luns_changed_on_target(devip);
3646
3647 select_report = cmd[2];
3648 alloc_len = get_unaligned_be32(cmd + 6);
3649
3650 if (alloc_len < 4) {
3651 pr_err("alloc len too small %d\n", alloc_len);
3652 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3653 return check_condition_result;
3654 }
3655
3656 switch (select_report) {
3657 case 0: /* all LUNs apart from W-LUNs */
3658 lun_cnt = sdebug_max_luns;
3659 wlun_cnt = 0;
3660 break;
3661 case 1: /* only W-LUNs */
3662 lun_cnt = 0;
3663 wlun_cnt = 1;
3664 break;
3665 case 2: /* all LUNs */
3666 lun_cnt = sdebug_max_luns;
3667 wlun_cnt = 1;
3668 break;
3669 case 0x10: /* only administrative LUs */
3670 case 0x11: /* see SPC-5 */
3671 case 0x12: /* only subsiduary LUs owned by referenced LU */
3672 default:
3673 pr_debug("select report invalid %d\n", select_report);
3674 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3675 return check_condition_result;
3676 }
3677
3678 if (sdebug_no_lun_0 && (lun_cnt > 0))
3679 --lun_cnt;
3680
3681 tlun_cnt = lun_cnt + wlun_cnt;
3682 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3683 scsi_set_resid(scp, scsi_bufflen(scp));
3684 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3685 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3686
3687 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3688 lun = sdebug_no_lun_0 ? 1 : 0;
3689 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3690 memset(arr, 0, sizeof(arr));
3691 lun_p = (struct scsi_lun *)&arr[0];
3692 if (k == 0) {
3693 put_unaligned_be32(rlen, &arr[0]);
3694 ++lun_p;
3695 j = 1;
3696 }
3697 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3698 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3699 break;
3700 int_to_scsilun(lun++, lun_p);
3701 }
3702 if (j < RL_BUCKET_ELEMS)
3703 break;
3704 n = j * sz_lun;
3705 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3706 if (res)
3707 return res;
3708 off_rsp += n;
3709 }
3710 if (wlun_cnt) {
3711 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3712 ++j;
3713 }
3714 if (j > 0)
3715 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3716 return res;
3717}
3718
3719static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3720 unsigned int num, struct sdebug_dev_info *devip)
3721{
3722 int j;
3723 unsigned char *kaddr, *buf;
3724 unsigned int offset;
3725 struct scsi_data_buffer *sdb = scsi_in(scp);
3726 struct sg_mapping_iter miter;
3727
3728 /* better not to use temporary buffer. */
3729 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3730 if (!buf) {
3731 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3732 INSUFF_RES_ASCQ);
3733 return check_condition_result;
3734 }
3735
3736 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3737
3738 offset = 0;
3739 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3740 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3741
3742 while (sg_miter_next(&miter)) {
3743 kaddr = miter.addr;
3744 for (j = 0; j < miter.length; j++)
3745 *(kaddr + j) ^= *(buf + offset + j);
3746
3747 offset += miter.length;
3748 }
3749 sg_miter_stop(&miter);
3750 kfree(buf);
3751
3752 return 0;
3753}
3754
3755static int resp_xdwriteread_10(struct scsi_cmnd *scp,
3756 struct sdebug_dev_info *devip)
3757{
3758 u8 *cmd = scp->cmnd;
3759 u64 lba;
3760 u32 num;
3761 int errsts;
3762
3763 if (!scsi_bidi_cmnd(scp)) {
3764 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3765 INSUFF_RES_ASCQ);
3766 return check_condition_result;
3767 }
3768 errsts = resp_read_dt0(scp, devip);
3769 if (errsts)
3770 return errsts;
3771 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3772 errsts = resp_write_dt0(scp, devip);
3773 if (errsts)
3774 return errsts;
3775 }
3776 lba = get_unaligned_be32(cmd + 2);
3777 num = get_unaligned_be16(cmd + 7);
3778 return resp_xdwriteread(scp, lba, num, devip);
3779}
3780
3781static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3782{
3783 u32 tag = blk_mq_unique_tag(cmnd->request);
3784 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3785
3786 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3787 if (WARN_ON_ONCE(hwq >= submit_queues))
3788 hwq = 0;
3789 return sdebug_q_arr + hwq;
3790}
3791
3792/* Queued (deferred) command completions converge here. */
3793static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3794{
3795 int qc_idx;
3796 int retiring = 0;
3797 unsigned long iflags;
3798 struct sdebug_queue *sqp;
3799 struct sdebug_queued_cmd *sqcp;
3800 struct scsi_cmnd *scp;
3801 struct sdebug_dev_info *devip;
3802
3803 sd_dp->defer_t = SDEB_DEFER_NONE;
3804 qc_idx = sd_dp->qc_idx;
3805 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3806 if (sdebug_statistics) {
3807 atomic_inc(&sdebug_completions);
3808 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3809 atomic_inc(&sdebug_miss_cpus);
3810 }
3811 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3812 pr_err("wild qc_idx=%d\n", qc_idx);
3813 return;
3814 }
3815 spin_lock_irqsave(&sqp->qc_lock, iflags);
3816 sqcp = &sqp->qc_arr[qc_idx];
3817 scp = sqcp->a_cmnd;
3818 if (unlikely(scp == NULL)) {
3819 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3820 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3821 sd_dp->sqa_idx, qc_idx);
3822 return;
3823 }
3824 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3825 if (likely(devip))
3826 atomic_dec(&devip->num_in_q);
3827 else
3828 pr_err("devip=NULL\n");
3829 if (unlikely(atomic_read(&retired_max_queue) > 0))
3830 retiring = 1;
3831
3832 sqcp->a_cmnd = NULL;
3833 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3834 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3835 pr_err("Unexpected completion\n");
3836 return;
3837 }
3838
3839 if (unlikely(retiring)) { /* user has reduced max_queue */
3840 int k, retval;
3841
3842 retval = atomic_read(&retired_max_queue);
3843 if (qc_idx >= retval) {
3844 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3845 pr_err("index %d too large\n", retval);
3846 return;
3847 }
3848 k = find_last_bit(sqp->in_use_bm, retval);
3849 if ((k < sdebug_max_queue) || (k == retval))
3850 atomic_set(&retired_max_queue, 0);
3851 else
3852 atomic_set(&retired_max_queue, k + 1);
3853 }
3854 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3855 scp->scsi_done(scp); /* callback to mid level */
3856}
3857
3858/* When high resolution timer goes off this function is called. */
3859static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3860{
3861 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3862 hrt);
3863 sdebug_q_cmd_complete(sd_dp);
3864 return HRTIMER_NORESTART;
3865}
3866
3867/* When work queue schedules work, it calls this function. */
3868static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3869{
3870 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3871 ew.work);
3872 sdebug_q_cmd_complete(sd_dp);
3873}
3874
3875static bool got_shared_uuid;
3876static uuid_t shared_uuid;
3877
3878static struct sdebug_dev_info *sdebug_device_create(
3879 struct sdebug_host_info *sdbg_host, gfp_t flags)
3880{
3881 struct sdebug_dev_info *devip;
3882
3883 devip = kzalloc(sizeof(*devip), flags);
3884 if (devip) {
3885 if (sdebug_uuid_ctl == 1)
3886 uuid_gen(&devip->lu_name);
3887 else if (sdebug_uuid_ctl == 2) {
3888 if (got_shared_uuid)
3889 devip->lu_name = shared_uuid;
3890 else {
3891 uuid_gen(&shared_uuid);
3892 got_shared_uuid = true;
3893 devip->lu_name = shared_uuid;
3894 }
3895 }
3896 devip->sdbg_host = sdbg_host;
3897 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3898 }
3899 return devip;
3900}
3901
3902static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3903{
3904 struct sdebug_host_info *sdbg_host;
3905 struct sdebug_dev_info *open_devip = NULL;
3906 struct sdebug_dev_info *devip;
3907
3908 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3909 if (!sdbg_host) {
3910 pr_err("Host info NULL\n");
3911 return NULL;
3912 }
3913 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3914 if ((devip->used) && (devip->channel == sdev->channel) &&
3915 (devip->target == sdev->id) &&
3916 (devip->lun == sdev->lun))
3917 return devip;
3918 else {
3919 if ((!devip->used) && (!open_devip))
3920 open_devip = devip;
3921 }
3922 }
3923 if (!open_devip) { /* try and make a new one */
3924 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3925 if (!open_devip) {
3926 pr_err("out of memory at line %d\n", __LINE__);
3927 return NULL;
3928 }
3929 }
3930
3931 open_devip->channel = sdev->channel;
3932 open_devip->target = sdev->id;
3933 open_devip->lun = sdev->lun;
3934 open_devip->sdbg_host = sdbg_host;
3935 atomic_set(&open_devip->num_in_q, 0);
3936 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3937 open_devip->used = true;
3938 return open_devip;
3939}
3940
3941static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3942{
3943 if (sdebug_verbose)
3944 pr_info("slave_alloc <%u %u %u %llu>\n",
3945 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3946 blk_queue_flag_set(QUEUE_FLAG_BIDI, sdp->request_queue);
3947 return 0;
3948}
3949
3950static int scsi_debug_slave_configure(struct scsi_device *sdp)
3951{
3952 struct sdebug_dev_info *devip =
3953 (struct sdebug_dev_info *)sdp->hostdata;
3954
3955 if (sdebug_verbose)
3956 pr_info("slave_configure <%u %u %u %llu>\n",
3957 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3958 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3959 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3960 if (devip == NULL) {
3961 devip = find_build_dev_info(sdp);
3962 if (devip == NULL)
3963 return 1; /* no resources, will be marked offline */
3964 }
3965 sdp->hostdata = devip;
3966 blk_queue_max_segment_size(sdp->request_queue, -1U);
3967 if (sdebug_no_uld)
3968 sdp->no_uld_attach = 1;
3969 config_cdb_len(sdp);
3970 return 0;
3971}
3972
3973static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3974{
3975 struct sdebug_dev_info *devip =
3976 (struct sdebug_dev_info *)sdp->hostdata;
3977
3978 if (sdebug_verbose)
3979 pr_info("slave_destroy <%u %u %u %llu>\n",
3980 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3981 if (devip) {
3982 /* make this slot available for re-use */
3983 devip->used = false;
3984 sdp->hostdata = NULL;
3985 }
3986}
3987
3988static void stop_qc_helper(struct sdebug_defer *sd_dp,
3989 enum sdeb_defer_type defer_t)
3990{
3991 if (!sd_dp)
3992 return;
3993 if (defer_t == SDEB_DEFER_HRT)
3994 hrtimer_cancel(&sd_dp->hrt);
3995 else if (defer_t == SDEB_DEFER_WQ)
3996 cancel_work_sync(&sd_dp->ew.work);
3997}
3998
3999/* If @cmnd found deletes its timer or work queue and returns true; else
4000 returns false */
4001static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
4002{
4003 unsigned long iflags;
4004 int j, k, qmax, r_qmax;
4005 enum sdeb_defer_type l_defer_t;
4006 struct sdebug_queue *sqp;
4007 struct sdebug_queued_cmd *sqcp;
4008 struct sdebug_dev_info *devip;
4009 struct sdebug_defer *sd_dp;
4010
4011 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4012 spin_lock_irqsave(&sqp->qc_lock, iflags);
4013 qmax = sdebug_max_queue;
4014 r_qmax = atomic_read(&retired_max_queue);
4015 if (r_qmax > qmax)
4016 qmax = r_qmax;
4017 for (k = 0; k < qmax; ++k) {
4018 if (test_bit(k, sqp->in_use_bm)) {
4019 sqcp = &sqp->qc_arr[k];
4020 if (cmnd != sqcp->a_cmnd)
4021 continue;
4022 /* found */
4023 devip = (struct sdebug_dev_info *)
4024 cmnd->device->hostdata;
4025 if (devip)
4026 atomic_dec(&devip->num_in_q);
4027 sqcp->a_cmnd = NULL;
4028 sd_dp = sqcp->sd_dp;
4029 if (sd_dp) {
4030 l_defer_t = sd_dp->defer_t;
4031 sd_dp->defer_t = SDEB_DEFER_NONE;
4032 } else
4033 l_defer_t = SDEB_DEFER_NONE;
4034 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4035 stop_qc_helper(sd_dp, l_defer_t);
4036 clear_bit(k, sqp->in_use_bm);
4037 return true;
4038 }
4039 }
4040 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4041 }
4042 return false;
4043}
4044
4045/* Deletes (stops) timers or work queues of all queued commands */
4046static void stop_all_queued(void)
4047{
4048 unsigned long iflags;
4049 int j, k;
4050 enum sdeb_defer_type l_defer_t;
4051 struct sdebug_queue *sqp;
4052 struct sdebug_queued_cmd *sqcp;
4053 struct sdebug_dev_info *devip;
4054 struct sdebug_defer *sd_dp;
4055
4056 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4057 spin_lock_irqsave(&sqp->qc_lock, iflags);
4058 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4059 if (test_bit(k, sqp->in_use_bm)) {
4060 sqcp = &sqp->qc_arr[k];
4061 if (sqcp->a_cmnd == NULL)
4062 continue;
4063 devip = (struct sdebug_dev_info *)
4064 sqcp->a_cmnd->device->hostdata;
4065 if (devip)
4066 atomic_dec(&devip->num_in_q);
4067 sqcp->a_cmnd = NULL;
4068 sd_dp = sqcp->sd_dp;
4069 if (sd_dp) {
4070 l_defer_t = sd_dp->defer_t;
4071 sd_dp->defer_t = SDEB_DEFER_NONE;
4072 } else
4073 l_defer_t = SDEB_DEFER_NONE;
4074 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4075 stop_qc_helper(sd_dp, l_defer_t);
4076 clear_bit(k, sqp->in_use_bm);
4077 spin_lock_irqsave(&sqp->qc_lock, iflags);
4078 }
4079 }
4080 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4081 }
4082}
4083
4084/* Free queued command memory on heap */
4085static void free_all_queued(void)
4086{
4087 int j, k;
4088 struct sdebug_queue *sqp;
4089 struct sdebug_queued_cmd *sqcp;
4090
4091 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4092 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4093 sqcp = &sqp->qc_arr[k];
4094 kfree(sqcp->sd_dp);
4095 sqcp->sd_dp = NULL;
4096 }
4097 }
4098}
4099
4100static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4101{
4102 bool ok;
4103
4104 ++num_aborts;
4105 if (SCpnt) {
4106 ok = stop_queued_cmnd(SCpnt);
4107 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4108 sdev_printk(KERN_INFO, SCpnt->device,
4109 "%s: command%s found\n", __func__,
4110 ok ? "" : " not");
4111 }
4112 return SUCCESS;
4113}
4114
4115static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4116{
4117 ++num_dev_resets;
4118 if (SCpnt && SCpnt->device) {
4119 struct scsi_device *sdp = SCpnt->device;
4120 struct sdebug_dev_info *devip =
4121 (struct sdebug_dev_info *)sdp->hostdata;
4122
4123 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4124 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4125 if (devip)
4126 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4127 }
4128 return SUCCESS;
4129}
4130
4131static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4132{
4133 struct sdebug_host_info *sdbg_host;
4134 struct sdebug_dev_info *devip;
4135 struct scsi_device *sdp;
4136 struct Scsi_Host *hp;
4137 int k = 0;
4138
4139 ++num_target_resets;
4140 if (!SCpnt)
4141 goto lie;
4142 sdp = SCpnt->device;
4143 if (!sdp)
4144 goto lie;
4145 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4146 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4147 hp = sdp->host;
4148 if (!hp)
4149 goto lie;
4150 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4151 if (sdbg_host) {
4152 list_for_each_entry(devip,
4153 &sdbg_host->dev_info_list,
4154 dev_list)
4155 if (devip->target == sdp->id) {
4156 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4157 ++k;
4158 }
4159 }
4160 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4161 sdev_printk(KERN_INFO, sdp,
4162 "%s: %d device(s) found in target\n", __func__, k);
4163lie:
4164 return SUCCESS;
4165}
4166
4167static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4168{
4169 struct sdebug_host_info *sdbg_host;
4170 struct sdebug_dev_info *devip;
4171 struct scsi_device *sdp;
4172 struct Scsi_Host *hp;
4173 int k = 0;
4174
4175 ++num_bus_resets;
4176 if (!(SCpnt && SCpnt->device))
4177 goto lie;
4178 sdp = SCpnt->device;
4179 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4180 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4181 hp = sdp->host;
4182 if (hp) {
4183 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4184 if (sdbg_host) {
4185 list_for_each_entry(devip,
4186 &sdbg_host->dev_info_list,
4187 dev_list) {
4188 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4189 ++k;
4190 }
4191 }
4192 }
4193 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4194 sdev_printk(KERN_INFO, sdp,
4195 "%s: %d device(s) found in host\n", __func__, k);
4196lie:
4197 return SUCCESS;
4198}
4199
4200static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4201{
4202 struct sdebug_host_info *sdbg_host;
4203 struct sdebug_dev_info *devip;
4204 int k = 0;
4205
4206 ++num_host_resets;
4207 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4208 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4209 spin_lock(&sdebug_host_list_lock);
4210 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4211 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4212 dev_list) {
4213 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4214 ++k;
4215 }
4216 }
4217 spin_unlock(&sdebug_host_list_lock);
4218 stop_all_queued();
4219 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4220 sdev_printk(KERN_INFO, SCpnt->device,
4221 "%s: %d device(s) found\n", __func__, k);
4222 return SUCCESS;
4223}
4224
4225static void __init sdebug_build_parts(unsigned char *ramp,
4226 unsigned long store_size)
4227{
4228 struct partition *pp;
4229 int starts[SDEBUG_MAX_PARTS + 2];
4230 int sectors_per_part, num_sectors, k;
4231 int heads_by_sects, start_sec, end_sec;
4232
4233 /* assume partition table already zeroed */
4234 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4235 return;
4236 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4237 sdebug_num_parts = SDEBUG_MAX_PARTS;
4238 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4239 }
4240 num_sectors = (int)sdebug_store_sectors;
4241 sectors_per_part = (num_sectors - sdebug_sectors_per)
4242 / sdebug_num_parts;
4243 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4244 starts[0] = sdebug_sectors_per;
4245 for (k = 1; k < sdebug_num_parts; ++k)
4246 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4247 * heads_by_sects;
4248 starts[sdebug_num_parts] = num_sectors;
4249 starts[sdebug_num_parts + 1] = 0;
4250
4251 ramp[510] = 0x55; /* magic partition markings */
4252 ramp[511] = 0xAA;
4253 pp = (struct partition *)(ramp + 0x1be);
4254 for (k = 0; starts[k + 1]; ++k, ++pp) {
4255 start_sec = starts[k];
4256 end_sec = starts[k + 1] - 1;
4257 pp->boot_ind = 0;
4258
4259 pp->cyl = start_sec / heads_by_sects;
4260 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4261 / sdebug_sectors_per;
4262 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4263
4264 pp->end_cyl = end_sec / heads_by_sects;
4265 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4266 / sdebug_sectors_per;
4267 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4268
4269 pp->start_sect = cpu_to_le32(start_sec);
4270 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4271 pp->sys_ind = 0x83; /* plain Linux partition */
4272 }
4273}
4274
4275static void block_unblock_all_queues(bool block)
4276{
4277 int j;
4278 struct sdebug_queue *sqp;
4279
4280 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4281 atomic_set(&sqp->blocked, (int)block);
4282}
4283
4284/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4285 * commands will be processed normally before triggers occur.
4286 */
4287static void tweak_cmnd_count(void)
4288{
4289 int count, modulo;
4290
4291 modulo = abs(sdebug_every_nth);
4292 if (modulo < 2)
4293 return;
4294 block_unblock_all_queues(true);
4295 count = atomic_read(&sdebug_cmnd_count);
4296 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4297 block_unblock_all_queues(false);
4298}
4299
4300static void clear_queue_stats(void)
4301{
4302 atomic_set(&sdebug_cmnd_count, 0);
4303 atomic_set(&sdebug_completions, 0);
4304 atomic_set(&sdebug_miss_cpus, 0);
4305 atomic_set(&sdebug_a_tsf, 0);
4306}
4307
4308static void setup_inject(struct sdebug_queue *sqp,
4309 struct sdebug_queued_cmd *sqcp)
4310{
4311 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4312 if (sdebug_every_nth > 0)
4313 sqcp->inj_recovered = sqcp->inj_transport
4314 = sqcp->inj_dif
4315 = sqcp->inj_dix = sqcp->inj_short = 0;
4316 return;
4317 }
4318 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4319 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4320 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4321 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4322 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4323 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4324}
4325
4326/* Complete the processing of the thread that queued a SCSI command to this
4327 * driver. It either completes the command by calling cmnd_done() or
4328 * schedules a hr timer or work queue then returns 0. Returns
4329 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4330 */
4331static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4332 int scsi_result,
4333 int (*pfp)(struct scsi_cmnd *,
4334 struct sdebug_dev_info *),
4335 int delta_jiff, int ndelay)
4336{
4337 unsigned long iflags;
4338 int k, num_in_q, qdepth, inject;
4339 struct sdebug_queue *sqp;
4340 struct sdebug_queued_cmd *sqcp;
4341 struct scsi_device *sdp;
4342 struct sdebug_defer *sd_dp;
4343
4344 if (unlikely(devip == NULL)) {
4345 if (scsi_result == 0)
4346 scsi_result = DID_NO_CONNECT << 16;
4347 goto respond_in_thread;
4348 }
4349 sdp = cmnd->device;
4350
4351 if (delta_jiff == 0)
4352 goto respond_in_thread;
4353
4354 /* schedule the response at a later time if resources permit */
4355 sqp = get_queue(cmnd);
4356 spin_lock_irqsave(&sqp->qc_lock, iflags);
4357 if (unlikely(atomic_read(&sqp->blocked))) {
4358 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4359 return SCSI_MLQUEUE_HOST_BUSY;
4360 }
4361 num_in_q = atomic_read(&devip->num_in_q);
4362 qdepth = cmnd->device->queue_depth;
4363 inject = 0;
4364 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4365 if (scsi_result) {
4366 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4367 goto respond_in_thread;
4368 } else
4369 scsi_result = device_qfull_result;
4370 } else if (unlikely(sdebug_every_nth &&
4371 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4372 (scsi_result == 0))) {
4373 if ((num_in_q == (qdepth - 1)) &&
4374 (atomic_inc_return(&sdebug_a_tsf) >=
4375 abs(sdebug_every_nth))) {
4376 atomic_set(&sdebug_a_tsf, 0);
4377 inject = 1;
4378 scsi_result = device_qfull_result;
4379 }
4380 }
4381
4382 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4383 if (unlikely(k >= sdebug_max_queue)) {
4384 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4385 if (scsi_result)
4386 goto respond_in_thread;
4387 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4388 scsi_result = device_qfull_result;
4389 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4390 sdev_printk(KERN_INFO, sdp,
4391 "%s: max_queue=%d exceeded, %s\n",
4392 __func__, sdebug_max_queue,
4393 (scsi_result ? "status: TASK SET FULL" :
4394 "report: host busy"));
4395 if (scsi_result)
4396 goto respond_in_thread;
4397 else
4398 return SCSI_MLQUEUE_HOST_BUSY;
4399 }
4400 __set_bit(k, sqp->in_use_bm);
4401 atomic_inc(&devip->num_in_q);
4402 sqcp = &sqp->qc_arr[k];
4403 sqcp->a_cmnd = cmnd;
4404 cmnd->host_scribble = (unsigned char *)sqcp;
4405 sd_dp = sqcp->sd_dp;
4406 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4407 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4408 setup_inject(sqp, sqcp);
4409 if (sd_dp == NULL) {
4410 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4411 if (sd_dp == NULL)
4412 return SCSI_MLQUEUE_HOST_BUSY;
4413 }
4414
4415 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4416 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4417 /*
4418 * This is the F_DELAY_OVERR case. No delay.
4419 */
4420 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4421 delta_jiff = ndelay = 0;
4422 }
4423 if (cmnd->result == 0 && scsi_result != 0)
4424 cmnd->result = scsi_result;
4425
4426 if (unlikely(sdebug_verbose && cmnd->result))
4427 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4428 __func__, cmnd->result);
4429
4430 if (delta_jiff > 0 || ndelay > 0) {
4431 ktime_t kt;
4432
4433 if (delta_jiff > 0) {
4434 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4435 } else
4436 kt = ndelay;
4437 if (!sd_dp->init_hrt) {
4438 sd_dp->init_hrt = true;
4439 sqcp->sd_dp = sd_dp;
4440 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4441 HRTIMER_MODE_REL_PINNED);
4442 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4443 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4444 sd_dp->qc_idx = k;
4445 }
4446 if (sdebug_statistics)
4447 sd_dp->issuing_cpu = raw_smp_processor_id();
4448 sd_dp->defer_t = SDEB_DEFER_HRT;
4449 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4450 } else { /* jdelay < 0, use work queue */
4451 if (!sd_dp->init_wq) {
4452 sd_dp->init_wq = true;
4453 sqcp->sd_dp = sd_dp;
4454 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4455 sd_dp->qc_idx = k;
4456 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4457 }
4458 if (sdebug_statistics)
4459 sd_dp->issuing_cpu = raw_smp_processor_id();
4460 sd_dp->defer_t = SDEB_DEFER_WQ;
4461 schedule_work(&sd_dp->ew.work);
4462 }
4463 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4464 (scsi_result == device_qfull_result)))
4465 sdev_printk(KERN_INFO, sdp,
4466 "%s: num_in_q=%d +1, %s%s\n", __func__,
4467 num_in_q, (inject ? "<inject> " : ""),
4468 "status: TASK SET FULL");
4469 return 0;
4470
4471respond_in_thread: /* call back to mid-layer using invocation thread */
4472 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4473 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4474 if (cmnd->result == 0 && scsi_result != 0)
4475 cmnd->result = scsi_result;
4476 cmnd->scsi_done(cmnd);
4477 return 0;
4478}
4479
4480/* Note: The following macros create attribute files in the
4481 /sys/module/scsi_debug/parameters directory. Unfortunately this
4482 driver is unaware of a change and cannot trigger auxiliary actions
4483 as it can when the corresponding attribute in the
4484 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4485 */
4486module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4487module_param_named(ato, sdebug_ato, int, S_IRUGO);
4488module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4489module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4490module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4491module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4492module_param_named(dif, sdebug_dif, int, S_IRUGO);
4493module_param_named(dix, sdebug_dix, int, S_IRUGO);
4494module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4495module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4496module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4497module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4498module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4499module_param_string(inq_vendor, sdebug_inq_vendor_id,
4500 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4501module_param_string(inq_product, sdebug_inq_product_id,
4502 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4503module_param_string(inq_rev, sdebug_inq_product_rev,
4504 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4505module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4506module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4507module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4508module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4509module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4510module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4511module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4512module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4513module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4514module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4515module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4516module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4517module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4518module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4519module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4520module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4521module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4522module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4523module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4524module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4525module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4526module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4527module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4528module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4529module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4530module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4531module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4532module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4533module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4534module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4535module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4536module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4537 S_IRUGO | S_IWUSR);
4538module_param_named(write_same_length, sdebug_write_same_length, int,
4539 S_IRUGO | S_IWUSR);
4540
4541MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4542MODULE_DESCRIPTION("SCSI debug adapter driver");
4543MODULE_LICENSE("GPL");
4544MODULE_VERSION(SDEBUG_VERSION);
4545
4546MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4547MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4548MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4549MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4550MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4551MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4552MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4553MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4554MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4555MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4556MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4557MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4558MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4559MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4560MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4561MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4562 SDEBUG_VERSION "\")");
4563MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4564MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4565MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4566MODULE_PARM_DESC(lbprz,
4567 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4568MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4569MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4570MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4571MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4572MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4573MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4574MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4575MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4576MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4577MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4578MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4579MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4580MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4581MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4582MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4583MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4584MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4585MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4586MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4587MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4588MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4589MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4590MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4591MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4592MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4593MODULE_PARM_DESC(uuid_ctl,
4594 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4595MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4596MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4597MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4598
4599#define SDEBUG_INFO_LEN 256
4600static char sdebug_info[SDEBUG_INFO_LEN];
4601
4602static const char *scsi_debug_info(struct Scsi_Host *shp)
4603{
4604 int k;
4605
4606 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4607 my_name, SDEBUG_VERSION, sdebug_version_date);
4608 if (k >= (SDEBUG_INFO_LEN - 1))
4609 return sdebug_info;
4610 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4611 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4612 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4613 "statistics", (int)sdebug_statistics);
4614 return sdebug_info;
4615}
4616
4617/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4618static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4619 int length)
4620{
4621 char arr[16];
4622 int opts;
4623 int minLen = length > 15 ? 15 : length;
4624
4625 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4626 return -EACCES;
4627 memcpy(arr, buffer, minLen);
4628 arr[minLen] = '\0';
4629 if (1 != sscanf(arr, "%d", &opts))
4630 return -EINVAL;
4631 sdebug_opts = opts;
4632 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4633 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4634 if (sdebug_every_nth != 0)
4635 tweak_cmnd_count();
4636 return length;
4637}
4638
4639/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4640 * same for each scsi_debug host (if more than one). Some of the counters
4641 * output are not atomics so might be inaccurate in a busy system. */
4642static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4643{
4644 int f, j, l;
4645 struct sdebug_queue *sqp;
4646
4647 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4648 SDEBUG_VERSION, sdebug_version_date);
4649 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4650 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4651 sdebug_opts, sdebug_every_nth);
4652 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4653 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4654 sdebug_sector_size, "bytes");
4655 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4656 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4657 num_aborts);
4658 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4659 num_dev_resets, num_target_resets, num_bus_resets,
4660 num_host_resets);
4661 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4662 dix_reads, dix_writes, dif_errors);
4663 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4664 sdebug_statistics);
4665 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4666 atomic_read(&sdebug_cmnd_count),
4667 atomic_read(&sdebug_completions),
4668 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4669 atomic_read(&sdebug_a_tsf));
4670
4671 seq_printf(m, "submit_queues=%d\n", submit_queues);
4672 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4673 seq_printf(m, " queue %d:\n", j);
4674 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4675 if (f != sdebug_max_queue) {
4676 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4677 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4678 "first,last bits", f, l);
4679 }
4680 }
4681 return 0;
4682}
4683
4684static ssize_t delay_show(struct device_driver *ddp, char *buf)
4685{
4686 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4687}
4688/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4689 * of delay is jiffies.
4690 */
4691static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4692 size_t count)
4693{
4694 int jdelay, res;
4695
4696 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4697 res = count;
4698 if (sdebug_jdelay != jdelay) {
4699 int j, k;
4700 struct sdebug_queue *sqp;
4701
4702 block_unblock_all_queues(true);
4703 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4704 ++j, ++sqp) {
4705 k = find_first_bit(sqp->in_use_bm,
4706 sdebug_max_queue);
4707 if (k != sdebug_max_queue) {
4708 res = -EBUSY; /* queued commands */
4709 break;
4710 }
4711 }
4712 if (res > 0) {
4713 sdebug_jdelay = jdelay;
4714 sdebug_ndelay = 0;
4715 }
4716 block_unblock_all_queues(false);
4717 }
4718 return res;
4719 }
4720 return -EINVAL;
4721}
4722static DRIVER_ATTR_RW(delay);
4723
4724static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4725{
4726 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4727}
4728/* Returns -EBUSY if ndelay is being changed and commands are queued */
4729/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4730static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4731 size_t count)
4732{
4733 int ndelay, res;
4734
4735 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4736 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4737 res = count;
4738 if (sdebug_ndelay != ndelay) {
4739 int j, k;
4740 struct sdebug_queue *sqp;
4741
4742 block_unblock_all_queues(true);
4743 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4744 ++j, ++sqp) {
4745 k = find_first_bit(sqp->in_use_bm,
4746 sdebug_max_queue);
4747 if (k != sdebug_max_queue) {
4748 res = -EBUSY; /* queued commands */
4749 break;
4750 }
4751 }
4752 if (res > 0) {
4753 sdebug_ndelay = ndelay;
4754 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4755 : DEF_JDELAY;
4756 }
4757 block_unblock_all_queues(false);
4758 }
4759 return res;
4760 }
4761 return -EINVAL;
4762}
4763static DRIVER_ATTR_RW(ndelay);
4764
4765static ssize_t opts_show(struct device_driver *ddp, char *buf)
4766{
4767 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4768}
4769
4770static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4771 size_t count)
4772{
4773 int opts;
4774 char work[20];
4775
4776 if (sscanf(buf, "%10s", work) == 1) {
4777 if (strncasecmp(work, "0x", 2) == 0) {
4778 if (kstrtoint(work + 2, 16, &opts) == 0)
4779 goto opts_done;
4780 } else {
4781 if (kstrtoint(work, 10, &opts) == 0)
4782 goto opts_done;
4783 }
4784 }
4785 return -EINVAL;
4786opts_done:
4787 sdebug_opts = opts;
4788 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4789 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4790 tweak_cmnd_count();
4791 return count;
4792}
4793static DRIVER_ATTR_RW(opts);
4794
4795static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4796{
4797 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4798}
4799static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4800 size_t count)
4801{
4802 int n;
4803
4804 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4805 sdebug_ptype = n;
4806 return count;
4807 }
4808 return -EINVAL;
4809}
4810static DRIVER_ATTR_RW(ptype);
4811
4812static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4813{
4814 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4815}
4816static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4817 size_t count)
4818{
4819 int n;
4820
4821 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4822 sdebug_dsense = n;
4823 return count;
4824 }
4825 return -EINVAL;
4826}
4827static DRIVER_ATTR_RW(dsense);
4828
4829static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4830{
4831 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4832}
4833static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4834 size_t count)
4835{
4836 int n;
4837
4838 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4839 n = (n > 0);
4840 sdebug_fake_rw = (sdebug_fake_rw > 0);
4841 if (sdebug_fake_rw != n) {
4842 if ((0 == n) && (NULL == fake_storep)) {
4843 unsigned long sz =
4844 (unsigned long)sdebug_dev_size_mb *
4845 1048576;
4846
4847 fake_storep = vmalloc(sz);
4848 if (NULL == fake_storep) {
4849 pr_err("out of memory, 9\n");
4850 return -ENOMEM;
4851 }
4852 memset(fake_storep, 0, sz);
4853 }
4854 sdebug_fake_rw = n;
4855 }
4856 return count;
4857 }
4858 return -EINVAL;
4859}
4860static DRIVER_ATTR_RW(fake_rw);
4861
4862static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4863{
4864 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4865}
4866static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4867 size_t count)
4868{
4869 int n;
4870
4871 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4872 sdebug_no_lun_0 = n;
4873 return count;
4874 }
4875 return -EINVAL;
4876}
4877static DRIVER_ATTR_RW(no_lun_0);
4878
4879static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4880{
4881 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4882}
4883static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4884 size_t count)
4885{
4886 int n;
4887
4888 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4889 sdebug_num_tgts = n;
4890 sdebug_max_tgts_luns();
4891 return count;
4892 }
4893 return -EINVAL;
4894}
4895static DRIVER_ATTR_RW(num_tgts);
4896
4897static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4898{
4899 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4900}
4901static DRIVER_ATTR_RO(dev_size_mb);
4902
4903static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4904{
4905 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4906}
4907static DRIVER_ATTR_RO(num_parts);
4908
4909static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4910{
4911 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4912}
4913static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4914 size_t count)
4915{
4916 int nth;
4917
4918 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4919 sdebug_every_nth = nth;
4920 if (nth && !sdebug_statistics) {
4921 pr_info("every_nth needs statistics=1, set it\n");
4922 sdebug_statistics = true;
4923 }
4924 tweak_cmnd_count();
4925 return count;
4926 }
4927 return -EINVAL;
4928}
4929static DRIVER_ATTR_RW(every_nth);
4930
4931static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4932{
4933 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4934}
4935static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4936 size_t count)
4937{
4938 int n;
4939 bool changed;
4940
4941 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4942 if (n > 256) {
4943 pr_warn("max_luns can be no more than 256\n");
4944 return -EINVAL;
4945 }
4946 changed = (sdebug_max_luns != n);
4947 sdebug_max_luns = n;
4948 sdebug_max_tgts_luns();
4949 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4950 struct sdebug_host_info *sdhp;
4951 struct sdebug_dev_info *dp;
4952
4953 spin_lock(&sdebug_host_list_lock);
4954 list_for_each_entry(sdhp, &sdebug_host_list,
4955 host_list) {
4956 list_for_each_entry(dp, &sdhp->dev_info_list,
4957 dev_list) {
4958 set_bit(SDEBUG_UA_LUNS_CHANGED,
4959 dp->uas_bm);
4960 }
4961 }
4962 spin_unlock(&sdebug_host_list_lock);
4963 }
4964 return count;
4965 }
4966 return -EINVAL;
4967}
4968static DRIVER_ATTR_RW(max_luns);
4969
4970static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4971{
4972 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4973}
4974/* N.B. max_queue can be changed while there are queued commands. In flight
4975 * commands beyond the new max_queue will be completed. */
4976static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4977 size_t count)
4978{
4979 int j, n, k, a;
4980 struct sdebug_queue *sqp;
4981
4982 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4983 (n <= SDEBUG_CANQUEUE)) {
4984 block_unblock_all_queues(true);
4985 k = 0;
4986 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4987 ++j, ++sqp) {
4988 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4989 if (a > k)
4990 k = a;
4991 }
4992 sdebug_max_queue = n;
4993 if (k == SDEBUG_CANQUEUE)
4994 atomic_set(&retired_max_queue, 0);
4995 else if (k >= n)
4996 atomic_set(&retired_max_queue, k + 1);
4997 else
4998 atomic_set(&retired_max_queue, 0);
4999 block_unblock_all_queues(false);
5000 return count;
5001 }
5002 return -EINVAL;
5003}
5004static DRIVER_ATTR_RW(max_queue);
5005
5006static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
5007{
5008 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
5009}
5010static DRIVER_ATTR_RO(no_uld);
5011
5012static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
5013{
5014 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
5015}
5016static DRIVER_ATTR_RO(scsi_level);
5017
5018static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
5019{
5020 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
5021}
5022static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
5023 size_t count)
5024{
5025 int n;
5026 bool changed;
5027
5028 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5029 changed = (sdebug_virtual_gb != n);
5030 sdebug_virtual_gb = n;
5031 sdebug_capacity = get_sdebug_capacity();
5032 if (changed) {
5033 struct sdebug_host_info *sdhp;
5034 struct sdebug_dev_info *dp;
5035
5036 spin_lock(&sdebug_host_list_lock);
5037 list_for_each_entry(sdhp, &sdebug_host_list,
5038 host_list) {
5039 list_for_each_entry(dp, &sdhp->dev_info_list,
5040 dev_list) {
5041 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
5042 dp->uas_bm);
5043 }
5044 }
5045 spin_unlock(&sdebug_host_list_lock);
5046 }
5047 return count;
5048 }
5049 return -EINVAL;
5050}
5051static DRIVER_ATTR_RW(virtual_gb);
5052
5053static ssize_t add_host_show(struct device_driver *ddp, char *buf)
5054{
5055 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
5056}
5057
5058static int sdebug_add_adapter(void);
5059static void sdebug_remove_adapter(void);
5060
5061static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
5062 size_t count)
5063{
5064 int delta_hosts;
5065
5066 if (sscanf(buf, "%d", &delta_hosts) != 1)
5067 return -EINVAL;
5068 if (delta_hosts > 0) {
5069 do {
5070 sdebug_add_adapter();
5071 } while (--delta_hosts);
5072 } else if (delta_hosts < 0) {
5073 do {
5074 sdebug_remove_adapter();
5075 } while (++delta_hosts);
5076 }
5077 return count;
5078}
5079static DRIVER_ATTR_RW(add_host);
5080
5081static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5082{
5083 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5084}
5085static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5086 size_t count)
5087{
5088 int n;
5089
5090 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5091 sdebug_vpd_use_hostno = n;
5092 return count;
5093 }
5094 return -EINVAL;
5095}
5096static DRIVER_ATTR_RW(vpd_use_hostno);
5097
5098static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5099{
5100 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5101}
5102static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5103 size_t count)
5104{
5105 int n;
5106
5107 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5108 if (n > 0)
5109 sdebug_statistics = true;
5110 else {
5111 clear_queue_stats();
5112 sdebug_statistics = false;
5113 }
5114 return count;
5115 }
5116 return -EINVAL;
5117}
5118static DRIVER_ATTR_RW(statistics);
5119
5120static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5121{
5122 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5123}
5124static DRIVER_ATTR_RO(sector_size);
5125
5126static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5127{
5128 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5129}
5130static DRIVER_ATTR_RO(submit_queues);
5131
5132static ssize_t dix_show(struct device_driver *ddp, char *buf)
5133{
5134 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5135}
5136static DRIVER_ATTR_RO(dix);
5137
5138static ssize_t dif_show(struct device_driver *ddp, char *buf)
5139{
5140 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5141}
5142static DRIVER_ATTR_RO(dif);
5143
5144static ssize_t guard_show(struct device_driver *ddp, char *buf)
5145{
5146 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5147}
5148static DRIVER_ATTR_RO(guard);
5149
5150static ssize_t ato_show(struct device_driver *ddp, char *buf)
5151{
5152 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5153}
5154static DRIVER_ATTR_RO(ato);
5155
5156static ssize_t map_show(struct device_driver *ddp, char *buf)
5157{
5158 ssize_t count;
5159
5160 if (!scsi_debug_lbp())
5161 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5162 sdebug_store_sectors);
5163
5164 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5165 (int)map_size, map_storep);
5166 buf[count++] = '\n';
5167 buf[count] = '\0';
5168
5169 return count;
5170}
5171static DRIVER_ATTR_RO(map);
5172
5173static ssize_t removable_show(struct device_driver *ddp, char *buf)
5174{
5175 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5176}
5177static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5178 size_t count)
5179{
5180 int n;
5181
5182 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5183 sdebug_removable = (n > 0);
5184 return count;
5185 }
5186 return -EINVAL;
5187}
5188static DRIVER_ATTR_RW(removable);
5189
5190static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5191{
5192 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5193}
5194/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5195static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5196 size_t count)
5197{
5198 int n;
5199
5200 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5201 sdebug_host_lock = (n > 0);
5202 return count;
5203 }
5204 return -EINVAL;
5205}
5206static DRIVER_ATTR_RW(host_lock);
5207
5208static ssize_t strict_show(struct device_driver *ddp, char *buf)
5209{
5210 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5211}
5212static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5213 size_t count)
5214{
5215 int n;
5216
5217 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5218 sdebug_strict = (n > 0);
5219 return count;
5220 }
5221 return -EINVAL;
5222}
5223static DRIVER_ATTR_RW(strict);
5224
5225static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5226{
5227 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5228}
5229static DRIVER_ATTR_RO(uuid_ctl);
5230
5231static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5232{
5233 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5234}
5235static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5236 size_t count)
5237{
5238 int ret, n;
5239
5240 ret = kstrtoint(buf, 0, &n);
5241 if (ret)
5242 return ret;
5243 sdebug_cdb_len = n;
5244 all_config_cdb_len();
5245 return count;
5246}
5247static DRIVER_ATTR_RW(cdb_len);
5248
5249
5250/* Note: The following array creates attribute files in the
5251 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5252 files (over those found in the /sys/module/scsi_debug/parameters
5253 directory) is that auxiliary actions can be triggered when an attribute
5254 is changed. For example see: sdebug_add_host_store() above.
5255 */
5256
5257static struct attribute *sdebug_drv_attrs[] = {
5258 &driver_attr_delay.attr,
5259 &driver_attr_opts.attr,
5260 &driver_attr_ptype.attr,
5261 &driver_attr_dsense.attr,
5262 &driver_attr_fake_rw.attr,
5263 &driver_attr_no_lun_0.attr,
5264 &driver_attr_num_tgts.attr,
5265 &driver_attr_dev_size_mb.attr,
5266 &driver_attr_num_parts.attr,
5267 &driver_attr_every_nth.attr,
5268 &driver_attr_max_luns.attr,
5269 &driver_attr_max_queue.attr,
5270 &driver_attr_no_uld.attr,
5271 &driver_attr_scsi_level.attr,
5272 &driver_attr_virtual_gb.attr,
5273 &driver_attr_add_host.attr,
5274 &driver_attr_vpd_use_hostno.attr,
5275 &driver_attr_sector_size.attr,
5276 &driver_attr_statistics.attr,
5277 &driver_attr_submit_queues.attr,
5278 &driver_attr_dix.attr,
5279 &driver_attr_dif.attr,
5280 &driver_attr_guard.attr,
5281 &driver_attr_ato.attr,
5282 &driver_attr_map.attr,
5283 &driver_attr_removable.attr,
5284 &driver_attr_host_lock.attr,
5285 &driver_attr_ndelay.attr,
5286 &driver_attr_strict.attr,
5287 &driver_attr_uuid_ctl.attr,
5288 &driver_attr_cdb_len.attr,
5289 NULL,
5290};
5291ATTRIBUTE_GROUPS(sdebug_drv);
5292
5293static struct device *pseudo_primary;
5294
5295static int __init scsi_debug_init(void)
5296{
5297 unsigned long sz;
5298 int host_to_add;
5299 int k;
5300 int ret;
5301
5302 atomic_set(&retired_max_queue, 0);
5303
5304 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5305 pr_warn("ndelay must be less than 1 second, ignored\n");
5306 sdebug_ndelay = 0;
5307 } else if (sdebug_ndelay > 0)
5308 sdebug_jdelay = JDELAY_OVERRIDDEN;
5309
5310 switch (sdebug_sector_size) {
5311 case 512:
5312 case 1024:
5313 case 2048:
5314 case 4096:
5315 break;
5316 default:
5317 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5318 return -EINVAL;
5319 }
5320
5321 switch (sdebug_dif) {
5322 case T10_PI_TYPE0_PROTECTION:
5323 break;
5324 case T10_PI_TYPE1_PROTECTION:
5325 case T10_PI_TYPE2_PROTECTION:
5326 case T10_PI_TYPE3_PROTECTION:
5327 have_dif_prot = true;
5328 break;
5329
5330 default:
5331 pr_err("dif must be 0, 1, 2 or 3\n");
5332 return -EINVAL;
5333 }
5334
5335 if (sdebug_guard > 1) {
5336 pr_err("guard must be 0 or 1\n");
5337 return -EINVAL;
5338 }
5339
5340 if (sdebug_ato > 1) {
5341 pr_err("ato must be 0 or 1\n");
5342 return -EINVAL;
5343 }
5344
5345 if (sdebug_physblk_exp > 15) {
5346 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5347 return -EINVAL;
5348 }
5349 if (sdebug_max_luns > 256) {
5350 pr_warn("max_luns can be no more than 256, use default\n");
5351 sdebug_max_luns = DEF_MAX_LUNS;
5352 }
5353
5354 if (sdebug_lowest_aligned > 0x3fff) {
5355 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5356 return -EINVAL;
5357 }
5358
5359 if (submit_queues < 1) {
5360 pr_err("submit_queues must be 1 or more\n");
5361 return -EINVAL;
5362 }
5363 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5364 GFP_KERNEL);
5365 if (sdebug_q_arr == NULL)
5366 return -ENOMEM;
5367 for (k = 0; k < submit_queues; ++k)
5368 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5369
5370 if (sdebug_dev_size_mb < 1)
5371 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5372 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5373 sdebug_store_sectors = sz / sdebug_sector_size;
5374 sdebug_capacity = get_sdebug_capacity();
5375
5376 /* play around with geometry, don't waste too much on track 0 */
5377 sdebug_heads = 8;
5378 sdebug_sectors_per = 32;
5379 if (sdebug_dev_size_mb >= 256)
5380 sdebug_heads = 64;
5381 else if (sdebug_dev_size_mb >= 16)
5382 sdebug_heads = 32;
5383 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5384 (sdebug_sectors_per * sdebug_heads);
5385 if (sdebug_cylinders_per >= 1024) {
5386 /* other LLDs do this; implies >= 1GB ram disk ... */
5387 sdebug_heads = 255;
5388 sdebug_sectors_per = 63;
5389 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5390 (sdebug_sectors_per * sdebug_heads);
5391 }
5392
5393 if (sdebug_fake_rw == 0) {
5394 fake_storep = vmalloc(sz);
5395 if (NULL == fake_storep) {
5396 pr_err("out of memory, 1\n");
5397 ret = -ENOMEM;
5398 goto free_q_arr;
5399 }
5400 memset(fake_storep, 0, sz);
5401 if (sdebug_num_parts > 0)
5402 sdebug_build_parts(fake_storep, sz);
5403 }
5404
5405 if (sdebug_dix) {
5406 int dif_size;
5407
5408 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5409 dif_storep = vmalloc(dif_size);
5410
5411 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5412
5413 if (dif_storep == NULL) {
5414 pr_err("out of mem. (DIX)\n");
5415 ret = -ENOMEM;
5416 goto free_vm;
5417 }
5418
5419 memset(dif_storep, 0xff, dif_size);
5420 }
5421
5422 /* Logical Block Provisioning */
5423 if (scsi_debug_lbp()) {
5424 sdebug_unmap_max_blocks =
5425 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5426
5427 sdebug_unmap_max_desc =
5428 clamp(sdebug_unmap_max_desc, 0U, 256U);
5429
5430 sdebug_unmap_granularity =
5431 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5432
5433 if (sdebug_unmap_alignment &&
5434 sdebug_unmap_granularity <=
5435 sdebug_unmap_alignment) {
5436 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5437 ret = -EINVAL;
5438 goto free_vm;
5439 }
5440
5441 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5442 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
5443
5444 pr_info("%lu provisioning blocks\n", map_size);
5445
5446 if (map_storep == NULL) {
5447 pr_err("out of mem. (MAP)\n");
5448 ret = -ENOMEM;
5449 goto free_vm;
5450 }
5451
5452 bitmap_zero(map_storep, map_size);
5453
5454 /* Map first 1KB for partition table */
5455 if (sdebug_num_parts)
5456 map_region(0, 2);
5457 }
5458
5459 pseudo_primary = root_device_register("pseudo_0");
5460 if (IS_ERR(pseudo_primary)) {
5461 pr_warn("root_device_register() error\n");
5462 ret = PTR_ERR(pseudo_primary);
5463 goto free_vm;
5464 }
5465 ret = bus_register(&pseudo_lld_bus);
5466 if (ret < 0) {
5467 pr_warn("bus_register error: %d\n", ret);
5468 goto dev_unreg;
5469 }
5470 ret = driver_register(&sdebug_driverfs_driver);
5471 if (ret < 0) {
5472 pr_warn("driver_register error: %d\n", ret);
5473 goto bus_unreg;
5474 }
5475
5476 host_to_add = sdebug_add_host;
5477 sdebug_add_host = 0;
5478
5479 for (k = 0; k < host_to_add; k++) {
5480 if (sdebug_add_adapter()) {
5481 pr_err("sdebug_add_adapter failed k=%d\n", k);
5482 break;
5483 }
5484 }
5485
5486 if (sdebug_verbose)
5487 pr_info("built %d host(s)\n", sdebug_add_host);
5488
5489 return 0;
5490
5491bus_unreg:
5492 bus_unregister(&pseudo_lld_bus);
5493dev_unreg:
5494 root_device_unregister(pseudo_primary);
5495free_vm:
5496 vfree(map_storep);
5497 vfree(dif_storep);
5498 vfree(fake_storep);
5499free_q_arr:
5500 kfree(sdebug_q_arr);
5501 return ret;
5502}
5503
5504static void __exit scsi_debug_exit(void)
5505{
5506 int k = sdebug_add_host;
5507
5508 stop_all_queued();
5509 free_all_queued();
5510 for (; k; k--)
5511 sdebug_remove_adapter();
5512 driver_unregister(&sdebug_driverfs_driver);
5513 bus_unregister(&pseudo_lld_bus);
5514 root_device_unregister(pseudo_primary);
5515
5516 vfree(map_storep);
5517 vfree(dif_storep);
5518 vfree(fake_storep);
5519 kfree(sdebug_q_arr);
5520}
5521
5522device_initcall(scsi_debug_init);
5523module_exit(scsi_debug_exit);
5524
5525static void sdebug_release_adapter(struct device *dev)
5526{
5527 struct sdebug_host_info *sdbg_host;
5528
5529 sdbg_host = to_sdebug_host(dev);
5530 kfree(sdbg_host);
5531}
5532
5533static int sdebug_add_adapter(void)
5534{
5535 int k, devs_per_host;
5536 int error = 0;
5537 struct sdebug_host_info *sdbg_host;
5538 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5539
5540 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5541 if (sdbg_host == NULL) {
5542 pr_err("out of memory at line %d\n", __LINE__);
5543 return -ENOMEM;
5544 }
5545
5546 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5547
5548 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5549 for (k = 0; k < devs_per_host; k++) {
5550 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5551 if (!sdbg_devinfo) {
5552 pr_err("out of memory at line %d\n", __LINE__);
5553 error = -ENOMEM;
5554 goto clean;
5555 }
5556 }
5557
5558 spin_lock(&sdebug_host_list_lock);
5559 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5560 spin_unlock(&sdebug_host_list_lock);
5561
5562 sdbg_host->dev.bus = &pseudo_lld_bus;
5563 sdbg_host->dev.parent = pseudo_primary;
5564 sdbg_host->dev.release = &sdebug_release_adapter;
5565 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5566
5567 error = device_register(&sdbg_host->dev);
5568
5569 if (error)
5570 goto clean;
5571
5572 ++sdebug_add_host;
5573 return error;
5574
5575clean:
5576 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5577 dev_list) {
5578 list_del(&sdbg_devinfo->dev_list);
5579 kfree(sdbg_devinfo);
5580 }
5581
5582 kfree(sdbg_host);
5583 return error;
5584}
5585
5586static void sdebug_remove_adapter(void)
5587{
5588 struct sdebug_host_info *sdbg_host = NULL;
5589
5590 spin_lock(&sdebug_host_list_lock);
5591 if (!list_empty(&sdebug_host_list)) {
5592 sdbg_host = list_entry(sdebug_host_list.prev,
5593 struct sdebug_host_info, host_list);
5594 list_del(&sdbg_host->host_list);
5595 }
5596 spin_unlock(&sdebug_host_list_lock);
5597
5598 if (!sdbg_host)
5599 return;
5600
5601 device_unregister(&sdbg_host->dev);
5602 --sdebug_add_host;
5603}
5604
5605static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5606{
5607 int num_in_q = 0;
5608 struct sdebug_dev_info *devip;
5609
5610 block_unblock_all_queues(true);
5611 devip = (struct sdebug_dev_info *)sdev->hostdata;
5612 if (NULL == devip) {
5613 block_unblock_all_queues(false);
5614 return -ENODEV;
5615 }
5616 num_in_q = atomic_read(&devip->num_in_q);
5617
5618 if (qdepth < 1)
5619 qdepth = 1;
5620 /* allow to exceed max host qc_arr elements for testing */
5621 if (qdepth > SDEBUG_CANQUEUE + 10)
5622 qdepth = SDEBUG_CANQUEUE + 10;
5623 scsi_change_queue_depth(sdev, qdepth);
5624
5625 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5626 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5627 __func__, qdepth, num_in_q);
5628 }
5629 block_unblock_all_queues(false);
5630 return sdev->queue_depth;
5631}
5632
5633static bool fake_timeout(struct scsi_cmnd *scp)
5634{
5635 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5636 if (sdebug_every_nth < -1)
5637 sdebug_every_nth = -1;
5638 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5639 return true; /* ignore command causing timeout */
5640 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5641 scsi_medium_access_command(scp))
5642 return true; /* time out reads and writes */
5643 }
5644 return false;
5645}
5646
5647static bool fake_host_busy(struct scsi_cmnd *scp)
5648{
5649 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5650 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5651}
5652
5653static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5654 struct scsi_cmnd *scp)
5655{
5656 u8 sdeb_i;
5657 struct scsi_device *sdp = scp->device;
5658 const struct opcode_info_t *oip;
5659 const struct opcode_info_t *r_oip;
5660 struct sdebug_dev_info *devip;
5661 u8 *cmd = scp->cmnd;
5662 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5663 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5664 int k, na;
5665 int errsts = 0;
5666 u32 flags;
5667 u16 sa;
5668 u8 opcode = cmd[0];
5669 bool has_wlun_rl;
5670
5671 scsi_set_resid(scp, 0);
5672 if (sdebug_statistics)
5673 atomic_inc(&sdebug_cmnd_count);
5674 if (unlikely(sdebug_verbose &&
5675 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5676 char b[120];
5677 int n, len, sb;
5678
5679 len = scp->cmd_len;
5680 sb = (int)sizeof(b);
5681 if (len > 32)
5682 strcpy(b, "too long, over 32 bytes");
5683 else {
5684 for (k = 0, n = 0; k < len && n < sb; ++k)
5685 n += scnprintf(b + n, sb - n, "%02x ",
5686 (u32)cmd[k]);
5687 }
5688 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5689 blk_mq_unique_tag(scp->request), b);
5690 }
5691 if (fake_host_busy(scp))
5692 return SCSI_MLQUEUE_HOST_BUSY;
5693 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5694 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5695 goto err_out;
5696
5697 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5698 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5699 devip = (struct sdebug_dev_info *)sdp->hostdata;
5700 if (unlikely(!devip)) {
5701 devip = find_build_dev_info(sdp);
5702 if (NULL == devip)
5703 goto err_out;
5704 }
5705 na = oip->num_attached;
5706 r_pfp = oip->pfp;
5707 if (na) { /* multiple commands with this opcode */
5708 r_oip = oip;
5709 if (FF_SA & r_oip->flags) {
5710 if (F_SA_LOW & oip->flags)
5711 sa = 0x1f & cmd[1];
5712 else
5713 sa = get_unaligned_be16(cmd + 8);
5714 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5715 if (opcode == oip->opcode && sa == oip->sa)
5716 break;
5717 }
5718 } else { /* since no service action only check opcode */
5719 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5720 if (opcode == oip->opcode)
5721 break;
5722 }
5723 }
5724 if (k > na) {
5725 if (F_SA_LOW & r_oip->flags)
5726 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5727 else if (F_SA_HIGH & r_oip->flags)
5728 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5729 else
5730 mk_sense_invalid_opcode(scp);
5731 goto check_cond;
5732 }
5733 } /* else (when na==0) we assume the oip is a match */
5734 flags = oip->flags;
5735 if (unlikely(F_INV_OP & flags)) {
5736 mk_sense_invalid_opcode(scp);
5737 goto check_cond;
5738 }
5739 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5740 if (sdebug_verbose)
5741 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5742 my_name, opcode, " supported for wlun");
5743 mk_sense_invalid_opcode(scp);
5744 goto check_cond;
5745 }
5746 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5747 u8 rem;
5748 int j;
5749
5750 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5751 rem = ~oip->len_mask[k] & cmd[k];
5752 if (rem) {
5753 for (j = 7; j >= 0; --j, rem <<= 1) {
5754 if (0x80 & rem)
5755 break;
5756 }
5757 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5758 goto check_cond;
5759 }
5760 }
5761 }
5762 if (unlikely(!(F_SKIP_UA & flags) &&
5763 find_first_bit(devip->uas_bm,
5764 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5765 errsts = make_ua(scp, devip);
5766 if (errsts)
5767 goto check_cond;
5768 }
5769 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5770 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5771 if (sdebug_verbose)
5772 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5773 "%s\n", my_name, "initializing command "
5774 "required");
5775 errsts = check_condition_result;
5776 goto fini;
5777 }
5778 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5779 goto fini;
5780 if (unlikely(sdebug_every_nth)) {
5781 if (fake_timeout(scp))
5782 return 0; /* ignore command: make trouble */
5783 }
5784 if (likely(oip->pfp))
5785 pfp = oip->pfp; /* calls a resp_* function */
5786 else
5787 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5788
5789fini:
5790 if (F_DELAY_OVERR & flags)
5791 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5792 else if ((sdebug_jdelay || sdebug_ndelay) && (flags & F_LONG_DELAY)) {
5793 /*
5794 * If any delay is active, for F_SSU_DELAY want at least 1
5795 * second and if sdebug_jdelay>0 want a long delay of that
5796 * many seconds; for F_SYNC_DELAY want 1/20 of that.
5797 */
5798 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5799 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5800
5801 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5802 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5803 } else
5804 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5805 sdebug_ndelay);
5806check_cond:
5807 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5808err_out:
5809 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5810}
5811
5812static struct scsi_host_template sdebug_driver_template = {
5813 .show_info = scsi_debug_show_info,
5814 .write_info = scsi_debug_write_info,
5815 .proc_name = sdebug_proc_name,
5816 .name = "SCSI DEBUG",
5817 .info = scsi_debug_info,
5818 .slave_alloc = scsi_debug_slave_alloc,
5819 .slave_configure = scsi_debug_slave_configure,
5820 .slave_destroy = scsi_debug_slave_destroy,
5821 .ioctl = scsi_debug_ioctl,
5822 .queuecommand = scsi_debug_queuecommand,
5823 .change_queue_depth = sdebug_change_qdepth,
5824 .eh_abort_handler = scsi_debug_abort,
5825 .eh_device_reset_handler = scsi_debug_device_reset,
5826 .eh_target_reset_handler = scsi_debug_target_reset,
5827 .eh_bus_reset_handler = scsi_debug_bus_reset,
5828 .eh_host_reset_handler = scsi_debug_host_reset,
5829 .can_queue = SDEBUG_CANQUEUE,
5830 .this_id = 7,
5831 .sg_tablesize = SG_MAX_SEGMENTS,
5832 .cmd_per_lun = DEF_CMD_PER_LUN,
5833 .max_sectors = -1U,
5834 .use_clustering = DISABLE_CLUSTERING,
5835 .module = THIS_MODULE,
5836 .track_queue_depth = 1,
5837};
5838
5839static int sdebug_driver_probe(struct device *dev)
5840{
5841 int error = 0;
5842 struct sdebug_host_info *sdbg_host;
5843 struct Scsi_Host *hpnt;
5844 int hprot;
5845
5846 sdbg_host = to_sdebug_host(dev);
5847
5848 sdebug_driver_template.can_queue = sdebug_max_queue;
5849 if (sdebug_clustering)
5850 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5851 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5852 if (NULL == hpnt) {
5853 pr_err("scsi_host_alloc failed\n");
5854 error = -ENODEV;
5855 return error;
5856 }
5857 if (submit_queues > nr_cpu_ids) {
5858 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5859 my_name, submit_queues, nr_cpu_ids);
5860 submit_queues = nr_cpu_ids;
5861 }
5862 /* Decide whether to tell scsi subsystem that we want mq */
5863 /* Following should give the same answer for each host */
5864 if (shost_use_blk_mq(hpnt))
5865 hpnt->nr_hw_queues = submit_queues;
5866
5867 sdbg_host->shost = hpnt;
5868 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5869 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5870 hpnt->max_id = sdebug_num_tgts + 1;
5871 else
5872 hpnt->max_id = sdebug_num_tgts;
5873 /* = sdebug_max_luns; */
5874 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5875
5876 hprot = 0;
5877
5878 switch (sdebug_dif) {
5879
5880 case T10_PI_TYPE1_PROTECTION:
5881 hprot = SHOST_DIF_TYPE1_PROTECTION;
5882 if (sdebug_dix)
5883 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5884 break;
5885
5886 case T10_PI_TYPE2_PROTECTION:
5887 hprot = SHOST_DIF_TYPE2_PROTECTION;
5888 if (sdebug_dix)
5889 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5890 break;
5891
5892 case T10_PI_TYPE3_PROTECTION:
5893 hprot = SHOST_DIF_TYPE3_PROTECTION;
5894 if (sdebug_dix)
5895 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5896 break;
5897
5898 default:
5899 if (sdebug_dix)
5900 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5901 break;
5902 }
5903
5904 scsi_host_set_prot(hpnt, hprot);
5905
5906 if (have_dif_prot || sdebug_dix)
5907 pr_info("host protection%s%s%s%s%s%s%s\n",
5908 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5909 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5910 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5911 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5912 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5913 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5914 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5915
5916 if (sdebug_guard == 1)
5917 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5918 else
5919 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5920
5921 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5922 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5923 if (sdebug_every_nth) /* need stats counters for every_nth */
5924 sdebug_statistics = true;
5925 error = scsi_add_host(hpnt, &sdbg_host->dev);
5926 if (error) {
5927 pr_err("scsi_add_host failed\n");
5928 error = -ENODEV;
5929 scsi_host_put(hpnt);
5930 } else
5931 scsi_scan_host(hpnt);
5932
5933 return error;
5934}
5935
5936static int sdebug_driver_remove(struct device *dev)
5937{
5938 struct sdebug_host_info *sdbg_host;
5939 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5940
5941 sdbg_host = to_sdebug_host(dev);
5942
5943 if (!sdbg_host) {
5944 pr_err("Unable to locate host info\n");
5945 return -ENODEV;
5946 }
5947
5948 scsi_remove_host(sdbg_host->shost);
5949
5950 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5951 dev_list) {
5952 list_del(&sdbg_devinfo->dev_list);
5953 kfree(sdbg_devinfo);
5954 }
5955
5956 scsi_host_put(sdbg_host->shost);
5957 return 0;
5958}
5959
5960static int pseudo_lld_bus_match(struct device *dev,
5961 struct device_driver *dev_driver)
5962{
5963 return 1;
5964}
5965
5966static struct bus_type pseudo_lld_bus = {
5967 .name = "pseudo",
5968 .match = pseudo_lld_bus_match,
5969 .probe = sdebug_driver_probe,
5970 .remove = sdebug_driver_remove,
5971 .drv_groups = sdebug_drv_groups,
5972};
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2020 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/genhd.h>
27#include <linux/fs.h>
28#include <linux/init.h>
29#include <linux/proc_fs.h>
30#include <linux/vmalloc.h>
31#include <linux/moduleparam.h>
32#include <linux/scatterlist.h>
33#include <linux/blkdev.h>
34#include <linux/crc-t10dif.h>
35#include <linux/spinlock.h>
36#include <linux/interrupt.h>
37#include <linux/atomic.h>
38#include <linux/hrtimer.h>
39#include <linux/uuid.h>
40#include <linux/t10-pi.h>
41#include <linux/msdos_partition.h>
42#include <linux/random.h>
43#include <linux/xarray.h>
44#include <linux/prefetch.h>
45
46#include <net/checksum.h>
47
48#include <asm/unaligned.h>
49
50#include <scsi/scsi.h>
51#include <scsi/scsi_cmnd.h>
52#include <scsi/scsi_device.h>
53#include <scsi/scsi_host.h>
54#include <scsi/scsicam.h>
55#include <scsi/scsi_eh.h>
56#include <scsi/scsi_tcq.h>
57#include <scsi/scsi_dbg.h>
58
59#include "sd.h"
60#include "scsi_logging.h"
61
62/* make sure inq_product_rev string corresponds to this version */
63#define SDEBUG_VERSION "0190" /* format to fit INQUIRY revision field */
64static const char *sdebug_version_date = "20200710";
65
66#define MY_NAME "scsi_debug"
67
68/* Additional Sense Code (ASC) */
69#define NO_ADDITIONAL_SENSE 0x0
70#define LOGICAL_UNIT_NOT_READY 0x4
71#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
72#define UNRECOVERED_READ_ERR 0x11
73#define PARAMETER_LIST_LENGTH_ERR 0x1a
74#define INVALID_OPCODE 0x20
75#define LBA_OUT_OF_RANGE 0x21
76#define INVALID_FIELD_IN_CDB 0x24
77#define INVALID_FIELD_IN_PARAM_LIST 0x26
78#define WRITE_PROTECTED 0x27
79#define UA_RESET_ASC 0x29
80#define UA_CHANGED_ASC 0x2a
81#define TARGET_CHANGED_ASC 0x3f
82#define LUNS_CHANGED_ASCQ 0x0e
83#define INSUFF_RES_ASC 0x55
84#define INSUFF_RES_ASCQ 0x3
85#define POWER_ON_RESET_ASCQ 0x0
86#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88#define CAPACITY_CHANGED_ASCQ 0x9
89#define SAVING_PARAMS_UNSUP 0x39
90#define TRANSPORT_PROBLEM 0x4b
91#define THRESHOLD_EXCEEDED 0x5d
92#define LOW_POWER_COND_ON 0x5e
93#define MISCOMPARE_VERIFY_ASC 0x1d
94#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96#define WRITE_ERROR_ASC 0xc
97#define UNALIGNED_WRITE_ASCQ 0x4
98#define WRITE_BOUNDARY_ASCQ 0x5
99#define READ_INVDATA_ASCQ 0x6
100#define READ_BOUNDARY_ASCQ 0x7
101#define INSUFF_ZONE_ASCQ 0xe
102
103/* Additional Sense Code Qualifier (ASCQ) */
104#define ACK_NAK_TO 0x3
105
106/* Default values for driver parameters */
107#define DEF_NUM_HOST 1
108#define DEF_NUM_TGTS 1
109#define DEF_MAX_LUNS 1
110/* With these defaults, this driver will make 1 host with 1 target
111 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
112 */
113#define DEF_ATO 1
114#define DEF_CDB_LEN 10
115#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
116#define DEF_DEV_SIZE_PRE_INIT 0
117#define DEF_DEV_SIZE_MB 8
118#define DEF_ZBC_DEV_SIZE_MB 128
119#define DEF_DIF 0
120#define DEF_DIX 0
121#define DEF_PER_HOST_STORE false
122#define DEF_D_SENSE 0
123#define DEF_EVERY_NTH 0
124#define DEF_FAKE_RW 0
125#define DEF_GUARD 0
126#define DEF_HOST_LOCK 0
127#define DEF_LBPU 0
128#define DEF_LBPWS 0
129#define DEF_LBPWS10 0
130#define DEF_LBPRZ 1
131#define DEF_LOWEST_ALIGNED 0
132#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
133#define DEF_NO_LUN_0 0
134#define DEF_NUM_PARTS 0
135#define DEF_OPTS 0
136#define DEF_OPT_BLKS 1024
137#define DEF_PHYSBLK_EXP 0
138#define DEF_OPT_XFERLEN_EXP 0
139#define DEF_PTYPE TYPE_DISK
140#define DEF_RANDOM false
141#define DEF_REMOVABLE false
142#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
143#define DEF_SECTOR_SIZE 512
144#define DEF_UNMAP_ALIGNMENT 0
145#define DEF_UNMAP_GRANULARITY 1
146#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
147#define DEF_UNMAP_MAX_DESC 256
148#define DEF_VIRTUAL_GB 0
149#define DEF_VPD_USE_HOSTNO 1
150#define DEF_WRITESAME_LENGTH 0xFFFF
151#define DEF_STRICT 0
152#define DEF_STATISTICS false
153#define DEF_SUBMIT_QUEUES 1
154#define DEF_TUR_MS_TO_READY 0
155#define DEF_UUID_CTL 0
156#define JDELAY_OVERRIDDEN -9999
157
158/* Default parameters for ZBC drives */
159#define DEF_ZBC_ZONE_SIZE_MB 128
160#define DEF_ZBC_MAX_OPEN_ZONES 8
161#define DEF_ZBC_NR_CONV_ZONES 1
162
163#define SDEBUG_LUN_0_VAL 0
164
165/* bit mask values for sdebug_opts */
166#define SDEBUG_OPT_NOISE 1
167#define SDEBUG_OPT_MEDIUM_ERR 2
168#define SDEBUG_OPT_TIMEOUT 4
169#define SDEBUG_OPT_RECOVERED_ERR 8
170#define SDEBUG_OPT_TRANSPORT_ERR 16
171#define SDEBUG_OPT_DIF_ERR 32
172#define SDEBUG_OPT_DIX_ERR 64
173#define SDEBUG_OPT_MAC_TIMEOUT 128
174#define SDEBUG_OPT_SHORT_TRANSFER 0x100
175#define SDEBUG_OPT_Q_NOISE 0x200
176#define SDEBUG_OPT_ALL_TSF 0x400
177#define SDEBUG_OPT_RARE_TSF 0x800
178#define SDEBUG_OPT_N_WCE 0x1000
179#define SDEBUG_OPT_RESET_NOISE 0x2000
180#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
181#define SDEBUG_OPT_HOST_BUSY 0x8000
182#define SDEBUG_OPT_CMD_ABORT 0x10000
183#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
184 SDEBUG_OPT_RESET_NOISE)
185#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
186 SDEBUG_OPT_TRANSPORT_ERR | \
187 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
188 SDEBUG_OPT_SHORT_TRANSFER | \
189 SDEBUG_OPT_HOST_BUSY | \
190 SDEBUG_OPT_CMD_ABORT)
191#define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
192 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
193
194/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
195 * priority order. In the subset implemented here lower numbers have higher
196 * priority. The UA numbers should be a sequence starting from 0 with
197 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
198#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
199#define SDEBUG_UA_BUS_RESET 1
200#define SDEBUG_UA_MODE_CHANGED 2
201#define SDEBUG_UA_CAPACITY_CHANGED 3
202#define SDEBUG_UA_LUNS_CHANGED 4
203#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
204#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
205#define SDEBUG_NUM_UAS 7
206
207/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
208 * sector on read commands: */
209#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
210#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
211
212/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
213 * (for response) per submit queue at one time. Can be reduced by max_queue
214 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
215 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
216 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
217 * but cannot exceed SDEBUG_CANQUEUE .
218 */
219#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
220#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
221#define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
222
223/* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
224#define F_D_IN 1 /* Data-in command (e.g. READ) */
225#define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
226#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
227#define F_D_UNKN 8
228#define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
229#define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
230#define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
231#define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
232#define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
233#define F_INV_OP 0x200 /* invalid opcode (not supported) */
234#define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
235#define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
236#define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
237#define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
238
239/* Useful combinations of the above flags */
240#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
241#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
242#define FF_SA (F_SA_HIGH | F_SA_LOW)
243#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
244
245#define SDEBUG_MAX_PARTS 4
246
247#define SDEBUG_MAX_CMD_LEN 32
248
249#define SDEB_XA_NOT_IN_USE XA_MARK_1
250
251/* Zone types (zbcr05 table 25) */
252enum sdebug_z_type {
253 ZBC_ZONE_TYPE_CNV = 0x1,
254 ZBC_ZONE_TYPE_SWR = 0x2,
255 ZBC_ZONE_TYPE_SWP = 0x3,
256};
257
258/* enumeration names taken from table 26, zbcr05 */
259enum sdebug_z_cond {
260 ZBC_NOT_WRITE_POINTER = 0x0,
261 ZC1_EMPTY = 0x1,
262 ZC2_IMPLICIT_OPEN = 0x2,
263 ZC3_EXPLICIT_OPEN = 0x3,
264 ZC4_CLOSED = 0x4,
265 ZC6_READ_ONLY = 0xd,
266 ZC5_FULL = 0xe,
267 ZC7_OFFLINE = 0xf,
268};
269
270struct sdeb_zone_state { /* ZBC: per zone state */
271 enum sdebug_z_type z_type;
272 enum sdebug_z_cond z_cond;
273 bool z_non_seq_resource;
274 unsigned int z_size;
275 sector_t z_start;
276 sector_t z_wp;
277};
278
279struct sdebug_dev_info {
280 struct list_head dev_list;
281 unsigned int channel;
282 unsigned int target;
283 u64 lun;
284 uuid_t lu_name;
285 struct sdebug_host_info *sdbg_host;
286 unsigned long uas_bm[1];
287 atomic_t num_in_q;
288 atomic_t stopped; /* 1: by SSU, 2: device start */
289 bool used;
290
291 /* For ZBC devices */
292 enum blk_zoned_model zmodel;
293 unsigned int zsize;
294 unsigned int zsize_shift;
295 unsigned int nr_zones;
296 unsigned int nr_conv_zones;
297 unsigned int nr_imp_open;
298 unsigned int nr_exp_open;
299 unsigned int nr_closed;
300 unsigned int max_open;
301 ktime_t create_ts; /* time since bootup that this device was created */
302 struct sdeb_zone_state *zstate;
303};
304
305struct sdebug_host_info {
306 struct list_head host_list;
307 int si_idx; /* sdeb_store_info (per host) xarray index */
308 struct Scsi_Host *shost;
309 struct device dev;
310 struct list_head dev_info_list;
311};
312
313/* There is an xarray of pointers to this struct's objects, one per host */
314struct sdeb_store_info {
315 rwlock_t macc_lck; /* for atomic media access on this store */
316 u8 *storep; /* user data storage (ram) */
317 struct t10_pi_tuple *dif_storep; /* protection info */
318 void *map_storep; /* provisioning map */
319};
320
321#define to_sdebug_host(d) \
322 container_of(d, struct sdebug_host_info, dev)
323
324enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
325 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
326
327struct sdebug_defer {
328 struct hrtimer hrt;
329 struct execute_work ew;
330 ktime_t cmpl_ts;/* time since boot to complete this cmd */
331 int sqa_idx; /* index of sdebug_queue array */
332 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
333 int hc_idx; /* hostwide tag index */
334 int issuing_cpu;
335 bool init_hrt;
336 bool init_wq;
337 bool init_poll;
338 bool aborted; /* true when blk_abort_request() already called */
339 enum sdeb_defer_type defer_t;
340};
341
342struct sdebug_queued_cmd {
343 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
344 * instance indicates this slot is in use.
345 */
346 struct sdebug_defer *sd_dp;
347 struct scsi_cmnd *a_cmnd;
348};
349
350struct sdebug_queue {
351 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
352 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
353 spinlock_t qc_lock;
354 atomic_t blocked; /* to temporarily stop more being queued */
355};
356
357static atomic_t sdebug_cmnd_count; /* number of incoming commands */
358static atomic_t sdebug_completions; /* count of deferred completions */
359static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
360static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
361static atomic_t sdeb_inject_pending;
362static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
363
364struct opcode_info_t {
365 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
366 /* for terminating element */
367 u8 opcode; /* if num_attached > 0, preferred */
368 u16 sa; /* service action */
369 u32 flags; /* OR-ed set of SDEB_F_* */
370 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
371 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
372 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
373 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
374};
375
376/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
377enum sdeb_opcode_index {
378 SDEB_I_INVALID_OPCODE = 0,
379 SDEB_I_INQUIRY = 1,
380 SDEB_I_REPORT_LUNS = 2,
381 SDEB_I_REQUEST_SENSE = 3,
382 SDEB_I_TEST_UNIT_READY = 4,
383 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
384 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
385 SDEB_I_LOG_SENSE = 7,
386 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
387 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
388 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
389 SDEB_I_START_STOP = 11,
390 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
391 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
392 SDEB_I_MAINT_IN = 14,
393 SDEB_I_MAINT_OUT = 15,
394 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
395 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
396 SDEB_I_RESERVE = 18, /* 6, 10 */
397 SDEB_I_RELEASE = 19, /* 6, 10 */
398 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
399 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
400 SDEB_I_ATA_PT = 22, /* 12, 16 */
401 SDEB_I_SEND_DIAG = 23,
402 SDEB_I_UNMAP = 24,
403 SDEB_I_WRITE_BUFFER = 25,
404 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
405 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
406 SDEB_I_COMP_WRITE = 28,
407 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
408 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
409 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
410 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
411};
412
413
414static const unsigned char opcode_ind_arr[256] = {
415/* 0x0; 0x0->0x1f: 6 byte cdbs */
416 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
417 0, 0, 0, 0,
418 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
419 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
420 SDEB_I_RELEASE,
421 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
422 SDEB_I_ALLOW_REMOVAL, 0,
423/* 0x20; 0x20->0x3f: 10 byte cdbs */
424 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
425 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
426 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
427 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
428/* 0x40; 0x40->0x5f: 10 byte cdbs */
429 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
430 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
431 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
432 SDEB_I_RELEASE,
433 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
434/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
435 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
436 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
437 0, SDEB_I_VARIABLE_LEN,
438/* 0x80; 0x80->0x9f: 16 byte cdbs */
439 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
440 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
441 0, 0, 0, SDEB_I_VERIFY,
442 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
443 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
444 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
445/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
446 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
447 SDEB_I_MAINT_OUT, 0, 0, 0,
448 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
449 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
450 0, 0, 0, 0, 0, 0, 0, 0,
451 0, 0, 0, 0, 0, 0, 0, 0,
452/* 0xc0; 0xc0->0xff: vendor specific */
453 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
454 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
455 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
456 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
457};
458
459/*
460 * The following "response" functions return the SCSI mid-level's 4 byte
461 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
462 * command completion, they can mask their return value with
463 * SDEG_RES_IMMED_MASK .
464 */
465#define SDEG_RES_IMMED_MASK 0x40000000
466
467static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
468static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
469static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
470static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
471static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
472static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
473static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
474static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
475static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
476static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
477static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
478static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
479static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
480static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
481static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
482static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
483static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
484static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
485static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
486static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
487static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
488static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
489static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
490static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
491static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
492static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
493static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
494static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
495static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
496
497static int sdebug_do_add_host(bool mk_new_store);
498static int sdebug_add_host_helper(int per_host_idx);
499static void sdebug_do_remove_host(bool the_end);
500static int sdebug_add_store(void);
501static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
502static void sdebug_erase_all_stores(bool apart_from_first);
503
504/*
505 * The following are overflow arrays for cdbs that "hit" the same index in
506 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
507 * should be placed in opcode_info_arr[], the others should be placed here.
508 */
509static const struct opcode_info_t msense_iarr[] = {
510 {0, 0x1a, 0, F_D_IN, NULL, NULL,
511 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
512};
513
514static const struct opcode_info_t mselect_iarr[] = {
515 {0, 0x15, 0, F_D_OUT, NULL, NULL,
516 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
517};
518
519static const struct opcode_info_t read_iarr[] = {
520 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
521 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
522 0, 0, 0, 0} },
523 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
524 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
525 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
526 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
527 0xc7, 0, 0, 0, 0} },
528};
529
530static const struct opcode_info_t write_iarr[] = {
531 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
532 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
533 0, 0, 0, 0, 0, 0} },
534 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
535 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
536 0, 0, 0} },
537 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
538 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
539 0xbf, 0xc7, 0, 0, 0, 0} },
540};
541
542static const struct opcode_info_t verify_iarr[] = {
543 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
544 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
545 0, 0, 0, 0, 0, 0} },
546};
547
548static const struct opcode_info_t sa_in_16_iarr[] = {
549 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
550 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
551 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
552};
553
554static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
555 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
556 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
557 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
558 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
559 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
560 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
561};
562
563static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
564 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
565 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
566 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
567 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
568 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
569 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
570};
571
572static const struct opcode_info_t write_same_iarr[] = {
573 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
574 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
575 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
576};
577
578static const struct opcode_info_t reserve_iarr[] = {
579 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
580 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
581};
582
583static const struct opcode_info_t release_iarr[] = {
584 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
585 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
586};
587
588static const struct opcode_info_t sync_cache_iarr[] = {
589 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
590 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
591 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
592};
593
594static const struct opcode_info_t pre_fetch_iarr[] = {
595 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
596 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
597 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
598};
599
600static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
601 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
602 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
603 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
604 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
605 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
606 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
607 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
608 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
609 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
610};
611
612static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
613 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
614 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
615 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
616};
617
618
619/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
620 * plus the terminating elements for logic that scans this table such as
621 * REPORT SUPPORTED OPERATION CODES. */
622static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
623/* 0 */
624 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
625 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
626 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
627 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
628 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
629 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
630 0, 0} }, /* REPORT LUNS */
631 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
632 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
633 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
634 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
635/* 5 */
636 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
637 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
638 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
639 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
640 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
641 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
642 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
643 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
644 0, 0, 0} },
645 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
646 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
647 0, 0} },
648 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
649 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
650 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
651/* 10 */
652 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
653 resp_write_dt0, write_iarr, /* WRITE(16) */
654 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
655 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
656 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
657 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
658 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
659 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
660 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
661 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
662 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
663 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
664 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
665 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
666 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
667 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
668 0xff, 0, 0xc7, 0, 0, 0, 0} },
669/* 15 */
670 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
671 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
672 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
673 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
674 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
675 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
676 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
677 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
678 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
679 0xff, 0xff} },
680 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
681 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
682 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
683 0} },
684 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
685 NULL, release_iarr, /* RELEASE(10) <no response function> */
686 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
687 0} },
688/* 20 */
689 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
690 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
691 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
692 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
693 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
694 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
695 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
696 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
697 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
698 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
699/* 25 */
700 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
701 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
702 0, 0, 0, 0} }, /* WRITE_BUFFER */
703 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
704 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
705 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
706 0, 0, 0, 0, 0} },
707 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
708 resp_sync_cache, sync_cache_iarr,
709 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
710 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
711 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
712 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
713 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
714 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
715 resp_pre_fetch, pre_fetch_iarr,
716 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
717 0, 0, 0, 0} }, /* PRE-FETCH (10) */
718
719/* 30 */
720 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
721 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
722 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
723 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
724 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
725 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
726 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
727 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
728/* sentinel */
729 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
730 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
731};
732
733static int sdebug_num_hosts;
734static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
735static int sdebug_ato = DEF_ATO;
736static int sdebug_cdb_len = DEF_CDB_LEN;
737static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
738static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
739static int sdebug_dif = DEF_DIF;
740static int sdebug_dix = DEF_DIX;
741static int sdebug_dsense = DEF_D_SENSE;
742static int sdebug_every_nth = DEF_EVERY_NTH;
743static int sdebug_fake_rw = DEF_FAKE_RW;
744static unsigned int sdebug_guard = DEF_GUARD;
745static int sdebug_host_max_queue; /* per host */
746static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
747static int sdebug_max_luns = DEF_MAX_LUNS;
748static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
749static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
750static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
751static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
752static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
753static int sdebug_no_lun_0 = DEF_NO_LUN_0;
754static int sdebug_no_uld;
755static int sdebug_num_parts = DEF_NUM_PARTS;
756static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
757static int sdebug_opt_blks = DEF_OPT_BLKS;
758static int sdebug_opts = DEF_OPTS;
759static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
760static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
761static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
762static int sdebug_scsi_level = DEF_SCSI_LEVEL;
763static int sdebug_sector_size = DEF_SECTOR_SIZE;
764static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
765static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
766static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
767static unsigned int sdebug_lbpu = DEF_LBPU;
768static unsigned int sdebug_lbpws = DEF_LBPWS;
769static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
770static unsigned int sdebug_lbprz = DEF_LBPRZ;
771static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
772static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
773static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
774static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
775static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
776static int sdebug_uuid_ctl = DEF_UUID_CTL;
777static bool sdebug_random = DEF_RANDOM;
778static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
779static bool sdebug_removable = DEF_REMOVABLE;
780static bool sdebug_clustering;
781static bool sdebug_host_lock = DEF_HOST_LOCK;
782static bool sdebug_strict = DEF_STRICT;
783static bool sdebug_any_injecting_opt;
784static bool sdebug_verbose;
785static bool have_dif_prot;
786static bool write_since_sync;
787static bool sdebug_statistics = DEF_STATISTICS;
788static bool sdebug_wp;
789/* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */
790static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE;
791static char *sdeb_zbc_model_s;
792
793enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
794 SAM_LUN_AM_FLAT = 0x1,
795 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
796 SAM_LUN_AM_EXTENDED = 0x3};
797static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
798static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
799
800static unsigned int sdebug_store_sectors;
801static sector_t sdebug_capacity; /* in sectors */
802
803/* old BIOS stuff, kernel may get rid of them but some mode sense pages
804 may still need them */
805static int sdebug_heads; /* heads per disk */
806static int sdebug_cylinders_per; /* cylinders per surface */
807static int sdebug_sectors_per; /* sectors per cylinder */
808
809static LIST_HEAD(sdebug_host_list);
810static DEFINE_SPINLOCK(sdebug_host_list_lock);
811
812static struct xarray per_store_arr;
813static struct xarray *per_store_ap = &per_store_arr;
814static int sdeb_first_idx = -1; /* invalid index ==> none created */
815static int sdeb_most_recent_idx = -1;
816static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
817
818static unsigned long map_size;
819static int num_aborts;
820static int num_dev_resets;
821static int num_target_resets;
822static int num_bus_resets;
823static int num_host_resets;
824static int dix_writes;
825static int dix_reads;
826static int dif_errors;
827
828/* ZBC global data */
829static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
830static int sdeb_zbc_zone_size_mb;
831static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
832static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
833
834static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
835static int poll_queues; /* iouring iopoll interface.*/
836static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
837
838static DEFINE_RWLOCK(atomic_rw);
839static DEFINE_RWLOCK(atomic_rw2);
840
841static rwlock_t *ramdisk_lck_a[2];
842
843static char sdebug_proc_name[] = MY_NAME;
844static const char *my_name = MY_NAME;
845
846static struct bus_type pseudo_lld_bus;
847
848static struct device_driver sdebug_driverfs_driver = {
849 .name = sdebug_proc_name,
850 .bus = &pseudo_lld_bus,
851};
852
853static const int check_condition_result =
854 SAM_STAT_CHECK_CONDITION;
855
856static const int illegal_condition_result =
857 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
858
859static const int device_qfull_result =
860 (DID_OK << 16) | SAM_STAT_TASK_SET_FULL;
861
862static const int condition_met_result = SAM_STAT_CONDITION_MET;
863
864
865/* Only do the extra work involved in logical block provisioning if one or
866 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
867 * real reads and writes (i.e. not skipping them for speed).
868 */
869static inline bool scsi_debug_lbp(void)
870{
871 return 0 == sdebug_fake_rw &&
872 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
873}
874
875static void *lba2fake_store(struct sdeb_store_info *sip,
876 unsigned long long lba)
877{
878 struct sdeb_store_info *lsip = sip;
879
880 lba = do_div(lba, sdebug_store_sectors);
881 if (!sip || !sip->storep) {
882 WARN_ON_ONCE(true);
883 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
884 }
885 return lsip->storep + lba * sdebug_sector_size;
886}
887
888static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
889 sector_t sector)
890{
891 sector = sector_div(sector, sdebug_store_sectors);
892
893 return sip->dif_storep + sector;
894}
895
896static void sdebug_max_tgts_luns(void)
897{
898 struct sdebug_host_info *sdbg_host;
899 struct Scsi_Host *hpnt;
900
901 spin_lock(&sdebug_host_list_lock);
902 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
903 hpnt = sdbg_host->shost;
904 if ((hpnt->this_id >= 0) &&
905 (sdebug_num_tgts > hpnt->this_id))
906 hpnt->max_id = sdebug_num_tgts + 1;
907 else
908 hpnt->max_id = sdebug_num_tgts;
909 /* sdebug_max_luns; */
910 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
911 }
912 spin_unlock(&sdebug_host_list_lock);
913}
914
915enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
916
917/* Set in_bit to -1 to indicate no bit position of invalid field */
918static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
919 enum sdeb_cmd_data c_d,
920 int in_byte, int in_bit)
921{
922 unsigned char *sbuff;
923 u8 sks[4];
924 int sl, asc;
925
926 sbuff = scp->sense_buffer;
927 if (!sbuff) {
928 sdev_printk(KERN_ERR, scp->device,
929 "%s: sense_buffer is NULL\n", __func__);
930 return;
931 }
932 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
933 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
934 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
935 memset(sks, 0, sizeof(sks));
936 sks[0] = 0x80;
937 if (c_d)
938 sks[0] |= 0x40;
939 if (in_bit >= 0) {
940 sks[0] |= 0x8;
941 sks[0] |= 0x7 & in_bit;
942 }
943 put_unaligned_be16(in_byte, sks + 1);
944 if (sdebug_dsense) {
945 sl = sbuff[7] + 8;
946 sbuff[7] = sl;
947 sbuff[sl] = 0x2;
948 sbuff[sl + 1] = 0x6;
949 memcpy(sbuff + sl + 4, sks, 3);
950 } else
951 memcpy(sbuff + 15, sks, 3);
952 if (sdebug_verbose)
953 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
954 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
955 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
956}
957
958static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
959{
960 if (!scp->sense_buffer) {
961 sdev_printk(KERN_ERR, scp->device,
962 "%s: sense_buffer is NULL\n", __func__);
963 return;
964 }
965 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
966
967 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
968
969 if (sdebug_verbose)
970 sdev_printk(KERN_INFO, scp->device,
971 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
972 my_name, key, asc, asq);
973}
974
975static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
976{
977 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
978}
979
980static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
981 void __user *arg)
982{
983 if (sdebug_verbose) {
984 if (0x1261 == cmd)
985 sdev_printk(KERN_INFO, dev,
986 "%s: BLKFLSBUF [0x1261]\n", __func__);
987 else if (0x5331 == cmd)
988 sdev_printk(KERN_INFO, dev,
989 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
990 __func__);
991 else
992 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
993 __func__, cmd);
994 }
995 return -EINVAL;
996 /* return -ENOTTY; // correct return but upsets fdisk */
997}
998
999static void config_cdb_len(struct scsi_device *sdev)
1000{
1001 switch (sdebug_cdb_len) {
1002 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1003 sdev->use_10_for_rw = false;
1004 sdev->use_16_for_rw = false;
1005 sdev->use_10_for_ms = false;
1006 break;
1007 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1008 sdev->use_10_for_rw = true;
1009 sdev->use_16_for_rw = false;
1010 sdev->use_10_for_ms = false;
1011 break;
1012 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1013 sdev->use_10_for_rw = true;
1014 sdev->use_16_for_rw = false;
1015 sdev->use_10_for_ms = true;
1016 break;
1017 case 16:
1018 sdev->use_10_for_rw = false;
1019 sdev->use_16_for_rw = true;
1020 sdev->use_10_for_ms = true;
1021 break;
1022 case 32: /* No knobs to suggest this so same as 16 for now */
1023 sdev->use_10_for_rw = false;
1024 sdev->use_16_for_rw = true;
1025 sdev->use_10_for_ms = true;
1026 break;
1027 default:
1028 pr_warn("unexpected cdb_len=%d, force to 10\n",
1029 sdebug_cdb_len);
1030 sdev->use_10_for_rw = true;
1031 sdev->use_16_for_rw = false;
1032 sdev->use_10_for_ms = false;
1033 sdebug_cdb_len = 10;
1034 break;
1035 }
1036}
1037
1038static void all_config_cdb_len(void)
1039{
1040 struct sdebug_host_info *sdbg_host;
1041 struct Scsi_Host *shost;
1042 struct scsi_device *sdev;
1043
1044 spin_lock(&sdebug_host_list_lock);
1045 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1046 shost = sdbg_host->shost;
1047 shost_for_each_device(sdev, shost) {
1048 config_cdb_len(sdev);
1049 }
1050 }
1051 spin_unlock(&sdebug_host_list_lock);
1052}
1053
1054static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1055{
1056 struct sdebug_host_info *sdhp;
1057 struct sdebug_dev_info *dp;
1058
1059 spin_lock(&sdebug_host_list_lock);
1060 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
1061 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1062 if ((devip->sdbg_host == dp->sdbg_host) &&
1063 (devip->target == dp->target))
1064 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1065 }
1066 }
1067 spin_unlock(&sdebug_host_list_lock);
1068}
1069
1070static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1071{
1072 int k;
1073
1074 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1075 if (k != SDEBUG_NUM_UAS) {
1076 const char *cp = NULL;
1077
1078 switch (k) {
1079 case SDEBUG_UA_POR:
1080 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1081 POWER_ON_RESET_ASCQ);
1082 if (sdebug_verbose)
1083 cp = "power on reset";
1084 break;
1085 case SDEBUG_UA_BUS_RESET:
1086 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1087 BUS_RESET_ASCQ);
1088 if (sdebug_verbose)
1089 cp = "bus reset";
1090 break;
1091 case SDEBUG_UA_MODE_CHANGED:
1092 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1093 MODE_CHANGED_ASCQ);
1094 if (sdebug_verbose)
1095 cp = "mode parameters changed";
1096 break;
1097 case SDEBUG_UA_CAPACITY_CHANGED:
1098 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1099 CAPACITY_CHANGED_ASCQ);
1100 if (sdebug_verbose)
1101 cp = "capacity data changed";
1102 break;
1103 case SDEBUG_UA_MICROCODE_CHANGED:
1104 mk_sense_buffer(scp, UNIT_ATTENTION,
1105 TARGET_CHANGED_ASC,
1106 MICROCODE_CHANGED_ASCQ);
1107 if (sdebug_verbose)
1108 cp = "microcode has been changed";
1109 break;
1110 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1111 mk_sense_buffer(scp, UNIT_ATTENTION,
1112 TARGET_CHANGED_ASC,
1113 MICROCODE_CHANGED_WO_RESET_ASCQ);
1114 if (sdebug_verbose)
1115 cp = "microcode has been changed without reset";
1116 break;
1117 case SDEBUG_UA_LUNS_CHANGED:
1118 /*
1119 * SPC-3 behavior is to report a UNIT ATTENTION with
1120 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1121 * on the target, until a REPORT LUNS command is
1122 * received. SPC-4 behavior is to report it only once.
1123 * NOTE: sdebug_scsi_level does not use the same
1124 * values as struct scsi_device->scsi_level.
1125 */
1126 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1127 clear_luns_changed_on_target(devip);
1128 mk_sense_buffer(scp, UNIT_ATTENTION,
1129 TARGET_CHANGED_ASC,
1130 LUNS_CHANGED_ASCQ);
1131 if (sdebug_verbose)
1132 cp = "reported luns data has changed";
1133 break;
1134 default:
1135 pr_warn("unexpected unit attention code=%d\n", k);
1136 if (sdebug_verbose)
1137 cp = "unknown";
1138 break;
1139 }
1140 clear_bit(k, devip->uas_bm);
1141 if (sdebug_verbose)
1142 sdev_printk(KERN_INFO, scp->device,
1143 "%s reports: Unit attention: %s\n",
1144 my_name, cp);
1145 return check_condition_result;
1146 }
1147 return 0;
1148}
1149
1150/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1151static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1152 int arr_len)
1153{
1154 int act_len;
1155 struct scsi_data_buffer *sdb = &scp->sdb;
1156
1157 if (!sdb->length)
1158 return 0;
1159 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1160 return DID_ERROR << 16;
1161
1162 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1163 arr, arr_len);
1164 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1165
1166 return 0;
1167}
1168
1169/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1170 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1171 * calls, not required to write in ascending offset order. Assumes resid
1172 * set to scsi_bufflen() prior to any calls.
1173 */
1174static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1175 int arr_len, unsigned int off_dst)
1176{
1177 unsigned int act_len, n;
1178 struct scsi_data_buffer *sdb = &scp->sdb;
1179 off_t skip = off_dst;
1180
1181 if (sdb->length <= off_dst)
1182 return 0;
1183 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1184 return DID_ERROR << 16;
1185
1186 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1187 arr, arr_len, skip);
1188 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1189 __func__, off_dst, scsi_bufflen(scp), act_len,
1190 scsi_get_resid(scp));
1191 n = scsi_bufflen(scp) - (off_dst + act_len);
1192 scsi_set_resid(scp, min_t(int, scsi_get_resid(scp), n));
1193 return 0;
1194}
1195
1196/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1197 * 'arr' or -1 if error.
1198 */
1199static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1200 int arr_len)
1201{
1202 if (!scsi_bufflen(scp))
1203 return 0;
1204 if (scp->sc_data_direction != DMA_TO_DEVICE)
1205 return -1;
1206
1207 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1208}
1209
1210
1211static char sdebug_inq_vendor_id[9] = "Linux ";
1212static char sdebug_inq_product_id[17] = "scsi_debug ";
1213static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1214/* Use some locally assigned NAAs for SAS addresses. */
1215static const u64 naa3_comp_a = 0x3222222000000000ULL;
1216static const u64 naa3_comp_b = 0x3333333000000000ULL;
1217static const u64 naa3_comp_c = 0x3111111000000000ULL;
1218
1219/* Device identification VPD page. Returns number of bytes placed in arr */
1220static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1221 int target_dev_id, int dev_id_num,
1222 const char *dev_id_str, int dev_id_str_len,
1223 const uuid_t *lu_name)
1224{
1225 int num, port_a;
1226 char b[32];
1227
1228 port_a = target_dev_id + 1;
1229 /* T10 vendor identifier field format (faked) */
1230 arr[0] = 0x2; /* ASCII */
1231 arr[1] = 0x1;
1232 arr[2] = 0x0;
1233 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1234 memcpy(&arr[12], sdebug_inq_product_id, 16);
1235 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1236 num = 8 + 16 + dev_id_str_len;
1237 arr[3] = num;
1238 num += 4;
1239 if (dev_id_num >= 0) {
1240 if (sdebug_uuid_ctl) {
1241 /* Locally assigned UUID */
1242 arr[num++] = 0x1; /* binary (not necessarily sas) */
1243 arr[num++] = 0xa; /* PIV=0, lu, naa */
1244 arr[num++] = 0x0;
1245 arr[num++] = 0x12;
1246 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1247 arr[num++] = 0x0;
1248 memcpy(arr + num, lu_name, 16);
1249 num += 16;
1250 } else {
1251 /* NAA-3, Logical unit identifier (binary) */
1252 arr[num++] = 0x1; /* binary (not necessarily sas) */
1253 arr[num++] = 0x3; /* PIV=0, lu, naa */
1254 arr[num++] = 0x0;
1255 arr[num++] = 0x8;
1256 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1257 num += 8;
1258 }
1259 /* Target relative port number */
1260 arr[num++] = 0x61; /* proto=sas, binary */
1261 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1262 arr[num++] = 0x0; /* reserved */
1263 arr[num++] = 0x4; /* length */
1264 arr[num++] = 0x0; /* reserved */
1265 arr[num++] = 0x0; /* reserved */
1266 arr[num++] = 0x0;
1267 arr[num++] = 0x1; /* relative port A */
1268 }
1269 /* NAA-3, Target port identifier */
1270 arr[num++] = 0x61; /* proto=sas, binary */
1271 arr[num++] = 0x93; /* piv=1, target port, naa */
1272 arr[num++] = 0x0;
1273 arr[num++] = 0x8;
1274 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1275 num += 8;
1276 /* NAA-3, Target port group identifier */
1277 arr[num++] = 0x61; /* proto=sas, binary */
1278 arr[num++] = 0x95; /* piv=1, target port group id */
1279 arr[num++] = 0x0;
1280 arr[num++] = 0x4;
1281 arr[num++] = 0;
1282 arr[num++] = 0;
1283 put_unaligned_be16(port_group_id, arr + num);
1284 num += 2;
1285 /* NAA-3, Target device identifier */
1286 arr[num++] = 0x61; /* proto=sas, binary */
1287 arr[num++] = 0xa3; /* piv=1, target device, naa */
1288 arr[num++] = 0x0;
1289 arr[num++] = 0x8;
1290 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1291 num += 8;
1292 /* SCSI name string: Target device identifier */
1293 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1294 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1295 arr[num++] = 0x0;
1296 arr[num++] = 24;
1297 memcpy(arr + num, "naa.32222220", 12);
1298 num += 12;
1299 snprintf(b, sizeof(b), "%08X", target_dev_id);
1300 memcpy(arr + num, b, 8);
1301 num += 8;
1302 memset(arr + num, 0, 4);
1303 num += 4;
1304 return num;
1305}
1306
1307static unsigned char vpd84_data[] = {
1308/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1309 0x22,0x22,0x22,0x0,0xbb,0x1,
1310 0x22,0x22,0x22,0x0,0xbb,0x2,
1311};
1312
1313/* Software interface identification VPD page */
1314static int inquiry_vpd_84(unsigned char *arr)
1315{
1316 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1317 return sizeof(vpd84_data);
1318}
1319
1320/* Management network addresses VPD page */
1321static int inquiry_vpd_85(unsigned char *arr)
1322{
1323 int num = 0;
1324 const char *na1 = "https://www.kernel.org/config";
1325 const char *na2 = "http://www.kernel.org/log";
1326 int plen, olen;
1327
1328 arr[num++] = 0x1; /* lu, storage config */
1329 arr[num++] = 0x0; /* reserved */
1330 arr[num++] = 0x0;
1331 olen = strlen(na1);
1332 plen = olen + 1;
1333 if (plen % 4)
1334 plen = ((plen / 4) + 1) * 4;
1335 arr[num++] = plen; /* length, null termianted, padded */
1336 memcpy(arr + num, na1, olen);
1337 memset(arr + num + olen, 0, plen - olen);
1338 num += plen;
1339
1340 arr[num++] = 0x4; /* lu, logging */
1341 arr[num++] = 0x0; /* reserved */
1342 arr[num++] = 0x0;
1343 olen = strlen(na2);
1344 plen = olen + 1;
1345 if (plen % 4)
1346 plen = ((plen / 4) + 1) * 4;
1347 arr[num++] = plen; /* length, null terminated, padded */
1348 memcpy(arr + num, na2, olen);
1349 memset(arr + num + olen, 0, plen - olen);
1350 num += plen;
1351
1352 return num;
1353}
1354
1355/* SCSI ports VPD page */
1356static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1357{
1358 int num = 0;
1359 int port_a, port_b;
1360
1361 port_a = target_dev_id + 1;
1362 port_b = port_a + 1;
1363 arr[num++] = 0x0; /* reserved */
1364 arr[num++] = 0x0; /* reserved */
1365 arr[num++] = 0x0;
1366 arr[num++] = 0x1; /* relative port 1 (primary) */
1367 memset(arr + num, 0, 6);
1368 num += 6;
1369 arr[num++] = 0x0;
1370 arr[num++] = 12; /* length tp descriptor */
1371 /* naa-5 target port identifier (A) */
1372 arr[num++] = 0x61; /* proto=sas, binary */
1373 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1374 arr[num++] = 0x0; /* reserved */
1375 arr[num++] = 0x8; /* length */
1376 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1377 num += 8;
1378 arr[num++] = 0x0; /* reserved */
1379 arr[num++] = 0x0; /* reserved */
1380 arr[num++] = 0x0;
1381 arr[num++] = 0x2; /* relative port 2 (secondary) */
1382 memset(arr + num, 0, 6);
1383 num += 6;
1384 arr[num++] = 0x0;
1385 arr[num++] = 12; /* length tp descriptor */
1386 /* naa-5 target port identifier (B) */
1387 arr[num++] = 0x61; /* proto=sas, binary */
1388 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1389 arr[num++] = 0x0; /* reserved */
1390 arr[num++] = 0x8; /* length */
1391 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1392 num += 8;
1393
1394 return num;
1395}
1396
1397
1398static unsigned char vpd89_data[] = {
1399/* from 4th byte */ 0,0,0,0,
1400'l','i','n','u','x',' ',' ',' ',
1401'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1402'1','2','3','4',
14030x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
14040xec,0,0,0,
14050x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
14060,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
14070x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
14080x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
14090x53,0x41,
14100x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14110x20,0x20,
14120x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14130x10,0x80,
14140,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
14150x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
14160x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
14170,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
14180x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
14190x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
14200,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
14210,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14220,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14230,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14240x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
14250,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
14260xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
14270,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
14280,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14290,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14300,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14310,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14320,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14330,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14340,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14350,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14360,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14370,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14380,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14390,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1440};
1441
1442/* ATA Information VPD page */
1443static int inquiry_vpd_89(unsigned char *arr)
1444{
1445 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1446 return sizeof(vpd89_data);
1447}
1448
1449
1450static unsigned char vpdb0_data[] = {
1451 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1452 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1453 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1454 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1455};
1456
1457/* Block limits VPD page (SBC-3) */
1458static int inquiry_vpd_b0(unsigned char *arr)
1459{
1460 unsigned int gran;
1461
1462 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1463
1464 /* Optimal transfer length granularity */
1465 if (sdebug_opt_xferlen_exp != 0 &&
1466 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1467 gran = 1 << sdebug_opt_xferlen_exp;
1468 else
1469 gran = 1 << sdebug_physblk_exp;
1470 put_unaligned_be16(gran, arr + 2);
1471
1472 /* Maximum Transfer Length */
1473 if (sdebug_store_sectors > 0x400)
1474 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1475
1476 /* Optimal Transfer Length */
1477 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1478
1479 if (sdebug_lbpu) {
1480 /* Maximum Unmap LBA Count */
1481 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1482
1483 /* Maximum Unmap Block Descriptor Count */
1484 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1485 }
1486
1487 /* Unmap Granularity Alignment */
1488 if (sdebug_unmap_alignment) {
1489 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1490 arr[28] |= 0x80; /* UGAVALID */
1491 }
1492
1493 /* Optimal Unmap Granularity */
1494 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1495
1496 /* Maximum WRITE SAME Length */
1497 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1498
1499 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1500
1501 return sizeof(vpdb0_data);
1502}
1503
1504/* Block device characteristics VPD page (SBC-3) */
1505static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1506{
1507 memset(arr, 0, 0x3c);
1508 arr[0] = 0;
1509 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1510 arr[2] = 0;
1511 arr[3] = 5; /* less than 1.8" */
1512 if (devip->zmodel == BLK_ZONED_HA)
1513 arr[4] = 1 << 4; /* zoned field = 01b */
1514
1515 return 0x3c;
1516}
1517
1518/* Logical block provisioning VPD page (SBC-4) */
1519static int inquiry_vpd_b2(unsigned char *arr)
1520{
1521 memset(arr, 0, 0x4);
1522 arr[0] = 0; /* threshold exponent */
1523 if (sdebug_lbpu)
1524 arr[1] = 1 << 7;
1525 if (sdebug_lbpws)
1526 arr[1] |= 1 << 6;
1527 if (sdebug_lbpws10)
1528 arr[1] |= 1 << 5;
1529 if (sdebug_lbprz && scsi_debug_lbp())
1530 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1531 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1532 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1533 /* threshold_percentage=0 */
1534 return 0x4;
1535}
1536
1537/* Zoned block device characteristics VPD page (ZBC mandatory) */
1538static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1539{
1540 memset(arr, 0, 0x3c);
1541 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1542 /*
1543 * Set Optimal number of open sequential write preferred zones and
1544 * Optimal number of non-sequentially written sequential write
1545 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1546 * fields set to zero, apart from Max. number of open swrz_s field.
1547 */
1548 put_unaligned_be32(0xffffffff, &arr[4]);
1549 put_unaligned_be32(0xffffffff, &arr[8]);
1550 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1551 put_unaligned_be32(devip->max_open, &arr[12]);
1552 else
1553 put_unaligned_be32(0xffffffff, &arr[12]);
1554 return 0x3c;
1555}
1556
1557#define SDEBUG_LONG_INQ_SZ 96
1558#define SDEBUG_MAX_INQ_ARR_SZ 584
1559
1560static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1561{
1562 unsigned char pq_pdt;
1563 unsigned char *arr;
1564 unsigned char *cmd = scp->cmnd;
1565 int alloc_len, n, ret;
1566 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1567
1568 alloc_len = get_unaligned_be16(cmd + 3);
1569 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1570 if (! arr)
1571 return DID_REQUEUE << 16;
1572 is_disk = (sdebug_ptype == TYPE_DISK);
1573 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
1574 is_disk_zbc = (is_disk || is_zbc);
1575 have_wlun = scsi_is_wlun(scp->device->lun);
1576 if (have_wlun)
1577 pq_pdt = TYPE_WLUN; /* present, wlun */
1578 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1579 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1580 else
1581 pq_pdt = (sdebug_ptype & 0x1f);
1582 arr[0] = pq_pdt;
1583 if (0x2 & cmd[1]) { /* CMDDT bit set */
1584 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1585 kfree(arr);
1586 return check_condition_result;
1587 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1588 int lu_id_num, port_group_id, target_dev_id, len;
1589 char lu_id_str[6];
1590 int host_no = devip->sdbg_host->shost->host_no;
1591
1592 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1593 (devip->channel & 0x7f);
1594 if (sdebug_vpd_use_hostno == 0)
1595 host_no = 0;
1596 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1597 (devip->target * 1000) + devip->lun);
1598 target_dev_id = ((host_no + 1) * 2000) +
1599 (devip->target * 1000) - 3;
1600 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1601 if (0 == cmd[2]) { /* supported vital product data pages */
1602 arr[1] = cmd[2]; /*sanity */
1603 n = 4;
1604 arr[n++] = 0x0; /* this page */
1605 arr[n++] = 0x80; /* unit serial number */
1606 arr[n++] = 0x83; /* device identification */
1607 arr[n++] = 0x84; /* software interface ident. */
1608 arr[n++] = 0x85; /* management network addresses */
1609 arr[n++] = 0x86; /* extended inquiry */
1610 arr[n++] = 0x87; /* mode page policy */
1611 arr[n++] = 0x88; /* SCSI ports */
1612 if (is_disk_zbc) { /* SBC or ZBC */
1613 arr[n++] = 0x89; /* ATA information */
1614 arr[n++] = 0xb0; /* Block limits */
1615 arr[n++] = 0xb1; /* Block characteristics */
1616 if (is_disk)
1617 arr[n++] = 0xb2; /* LB Provisioning */
1618 if (is_zbc)
1619 arr[n++] = 0xb6; /* ZB dev. char. */
1620 }
1621 arr[3] = n - 4; /* number of supported VPD pages */
1622 } else if (0x80 == cmd[2]) { /* unit serial number */
1623 arr[1] = cmd[2]; /*sanity */
1624 arr[3] = len;
1625 memcpy(&arr[4], lu_id_str, len);
1626 } else if (0x83 == cmd[2]) { /* device identification */
1627 arr[1] = cmd[2]; /*sanity */
1628 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1629 target_dev_id, lu_id_num,
1630 lu_id_str, len,
1631 &devip->lu_name);
1632 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1633 arr[1] = cmd[2]; /*sanity */
1634 arr[3] = inquiry_vpd_84(&arr[4]);
1635 } else if (0x85 == cmd[2]) { /* Management network addresses */
1636 arr[1] = cmd[2]; /*sanity */
1637 arr[3] = inquiry_vpd_85(&arr[4]);
1638 } else if (0x86 == cmd[2]) { /* extended inquiry */
1639 arr[1] = cmd[2]; /*sanity */
1640 arr[3] = 0x3c; /* number of following entries */
1641 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1642 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1643 else if (have_dif_prot)
1644 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1645 else
1646 arr[4] = 0x0; /* no protection stuff */
1647 arr[5] = 0x7; /* head of q, ordered + simple q's */
1648 } else if (0x87 == cmd[2]) { /* mode page policy */
1649 arr[1] = cmd[2]; /*sanity */
1650 arr[3] = 0x8; /* number of following entries */
1651 arr[4] = 0x2; /* disconnect-reconnect mp */
1652 arr[6] = 0x80; /* mlus, shared */
1653 arr[8] = 0x18; /* protocol specific lu */
1654 arr[10] = 0x82; /* mlus, per initiator port */
1655 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1656 arr[1] = cmd[2]; /*sanity */
1657 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1658 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1659 arr[1] = cmd[2]; /*sanity */
1660 n = inquiry_vpd_89(&arr[4]);
1661 put_unaligned_be16(n, arr + 2);
1662 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1663 arr[1] = cmd[2]; /*sanity */
1664 arr[3] = inquiry_vpd_b0(&arr[4]);
1665 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1666 arr[1] = cmd[2]; /*sanity */
1667 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1668 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1669 arr[1] = cmd[2]; /*sanity */
1670 arr[3] = inquiry_vpd_b2(&arr[4]);
1671 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1672 arr[1] = cmd[2]; /*sanity */
1673 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1674 } else {
1675 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1676 kfree(arr);
1677 return check_condition_result;
1678 }
1679 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1680 ret = fill_from_dev_buffer(scp, arr,
1681 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1682 kfree(arr);
1683 return ret;
1684 }
1685 /* drops through here for a standard inquiry */
1686 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1687 arr[2] = sdebug_scsi_level;
1688 arr[3] = 2; /* response_data_format==2 */
1689 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1690 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1691 if (sdebug_vpd_use_hostno == 0)
1692 arr[5] |= 0x10; /* claim: implicit TPGS */
1693 arr[6] = 0x10; /* claim: MultiP */
1694 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1695 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1696 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1697 memcpy(&arr[16], sdebug_inq_product_id, 16);
1698 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1699 /* Use Vendor Specific area to place driver date in ASCII hex */
1700 memcpy(&arr[36], sdebug_version_date, 8);
1701 /* version descriptors (2 bytes each) follow */
1702 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1703 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1704 n = 62;
1705 if (is_disk) { /* SBC-4 no version claimed */
1706 put_unaligned_be16(0x600, arr + n);
1707 n += 2;
1708 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1709 put_unaligned_be16(0x525, arr + n);
1710 n += 2;
1711 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
1712 put_unaligned_be16(0x624, arr + n);
1713 n += 2;
1714 }
1715 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1716 ret = fill_from_dev_buffer(scp, arr,
1717 min_t(int, alloc_len, SDEBUG_LONG_INQ_SZ));
1718 kfree(arr);
1719 return ret;
1720}
1721
1722/* See resp_iec_m_pg() for how this data is manipulated */
1723static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1724 0, 0, 0x0, 0x0};
1725
1726static int resp_requests(struct scsi_cmnd *scp,
1727 struct sdebug_dev_info *devip)
1728{
1729 unsigned char *cmd = scp->cmnd;
1730 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
1731 bool dsense = !!(cmd[1] & 1);
1732 int alloc_len = cmd[4];
1733 int len = 18;
1734 int stopped_state = atomic_read(&devip->stopped);
1735
1736 memset(arr, 0, sizeof(arr));
1737 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
1738 if (dsense) {
1739 arr[0] = 0x72;
1740 arr[1] = NOT_READY;
1741 arr[2] = LOGICAL_UNIT_NOT_READY;
1742 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
1743 len = 8;
1744 } else {
1745 arr[0] = 0x70;
1746 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
1747 arr[7] = 0xa; /* 18 byte sense buffer */
1748 arr[12] = LOGICAL_UNIT_NOT_READY;
1749 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
1750 }
1751 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1752 /* Information exceptions control mode page: TEST=1, MRIE=6 */
1753 if (dsense) {
1754 arr[0] = 0x72;
1755 arr[1] = 0x0; /* NO_SENSE in sense_key */
1756 arr[2] = THRESHOLD_EXCEEDED;
1757 arr[3] = 0xff; /* Failure prediction(false) */
1758 len = 8;
1759 } else {
1760 arr[0] = 0x70;
1761 arr[2] = 0x0; /* NO_SENSE in sense_key */
1762 arr[7] = 0xa; /* 18 byte sense buffer */
1763 arr[12] = THRESHOLD_EXCEEDED;
1764 arr[13] = 0xff; /* Failure prediction(false) */
1765 }
1766 } else { /* nothing to report */
1767 if (dsense) {
1768 len = 8;
1769 memset(arr, 0, len);
1770 arr[0] = 0x72;
1771 } else {
1772 memset(arr, 0, len);
1773 arr[0] = 0x70;
1774 arr[7] = 0xa;
1775 }
1776 }
1777 return fill_from_dev_buffer(scp, arr, min_t(int, len, alloc_len));
1778}
1779
1780static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1781{
1782 unsigned char *cmd = scp->cmnd;
1783 int power_cond, want_stop, stopped_state;
1784 bool changing;
1785
1786 power_cond = (cmd[4] & 0xf0) >> 4;
1787 if (power_cond) {
1788 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1789 return check_condition_result;
1790 }
1791 want_stop = !(cmd[4] & 1);
1792 stopped_state = atomic_read(&devip->stopped);
1793 if (stopped_state == 2) {
1794 ktime_t now_ts = ktime_get_boottime();
1795
1796 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
1797 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
1798
1799 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
1800 /* tur_ms_to_ready timer extinguished */
1801 atomic_set(&devip->stopped, 0);
1802 stopped_state = 0;
1803 }
1804 }
1805 if (stopped_state == 2) {
1806 if (want_stop) {
1807 stopped_state = 1; /* dummy up success */
1808 } else { /* Disallow tur_ms_to_ready delay to be overridden */
1809 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
1810 return check_condition_result;
1811 }
1812 }
1813 }
1814 changing = (stopped_state != want_stop);
1815 if (changing)
1816 atomic_xchg(&devip->stopped, want_stop);
1817 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
1818 return SDEG_RES_IMMED_MASK;
1819 else
1820 return 0;
1821}
1822
1823static sector_t get_sdebug_capacity(void)
1824{
1825 static const unsigned int gibibyte = 1073741824;
1826
1827 if (sdebug_virtual_gb > 0)
1828 return (sector_t)sdebug_virtual_gb *
1829 (gibibyte / sdebug_sector_size);
1830 else
1831 return sdebug_store_sectors;
1832}
1833
1834#define SDEBUG_READCAP_ARR_SZ 8
1835static int resp_readcap(struct scsi_cmnd *scp,
1836 struct sdebug_dev_info *devip)
1837{
1838 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1839 unsigned int capac;
1840
1841 /* following just in case virtual_gb changed */
1842 sdebug_capacity = get_sdebug_capacity();
1843 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1844 if (sdebug_capacity < 0xffffffff) {
1845 capac = (unsigned int)sdebug_capacity - 1;
1846 put_unaligned_be32(capac, arr + 0);
1847 } else
1848 put_unaligned_be32(0xffffffff, arr + 0);
1849 put_unaligned_be16(sdebug_sector_size, arr + 6);
1850 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1851}
1852
1853#define SDEBUG_READCAP16_ARR_SZ 32
1854static int resp_readcap16(struct scsi_cmnd *scp,
1855 struct sdebug_dev_info *devip)
1856{
1857 unsigned char *cmd = scp->cmnd;
1858 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1859 int alloc_len;
1860
1861 alloc_len = get_unaligned_be32(cmd + 10);
1862 /* following just in case virtual_gb changed */
1863 sdebug_capacity = get_sdebug_capacity();
1864 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1865 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1866 put_unaligned_be32(sdebug_sector_size, arr + 8);
1867 arr[13] = sdebug_physblk_exp & 0xf;
1868 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1869
1870 if (scsi_debug_lbp()) {
1871 arr[14] |= 0x80; /* LBPME */
1872 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1873 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1874 * in the wider field maps to 0 in this field.
1875 */
1876 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1877 arr[14] |= 0x40;
1878 }
1879
1880 arr[15] = sdebug_lowest_aligned & 0xff;
1881
1882 if (have_dif_prot) {
1883 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1884 arr[12] |= 1; /* PROT_EN */
1885 }
1886
1887 return fill_from_dev_buffer(scp, arr,
1888 min_t(int, alloc_len, SDEBUG_READCAP16_ARR_SZ));
1889}
1890
1891#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1892
1893static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1894 struct sdebug_dev_info *devip)
1895{
1896 unsigned char *cmd = scp->cmnd;
1897 unsigned char *arr;
1898 int host_no = devip->sdbg_host->shost->host_no;
1899 int n, ret, alen, rlen;
1900 int port_group_a, port_group_b, port_a, port_b;
1901
1902 alen = get_unaligned_be32(cmd + 6);
1903 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1904 if (! arr)
1905 return DID_REQUEUE << 16;
1906 /*
1907 * EVPD page 0x88 states we have two ports, one
1908 * real and a fake port with no device connected.
1909 * So we create two port groups with one port each
1910 * and set the group with port B to unavailable.
1911 */
1912 port_a = 0x1; /* relative port A */
1913 port_b = 0x2; /* relative port B */
1914 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1915 (devip->channel & 0x7f);
1916 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1917 (devip->channel & 0x7f) + 0x80;
1918
1919 /*
1920 * The asymmetric access state is cycled according to the host_id.
1921 */
1922 n = 4;
1923 if (sdebug_vpd_use_hostno == 0) {
1924 arr[n++] = host_no % 3; /* Asymm access state */
1925 arr[n++] = 0x0F; /* claim: all states are supported */
1926 } else {
1927 arr[n++] = 0x0; /* Active/Optimized path */
1928 arr[n++] = 0x01; /* only support active/optimized paths */
1929 }
1930 put_unaligned_be16(port_group_a, arr + n);
1931 n += 2;
1932 arr[n++] = 0; /* Reserved */
1933 arr[n++] = 0; /* Status code */
1934 arr[n++] = 0; /* Vendor unique */
1935 arr[n++] = 0x1; /* One port per group */
1936 arr[n++] = 0; /* Reserved */
1937 arr[n++] = 0; /* Reserved */
1938 put_unaligned_be16(port_a, arr + n);
1939 n += 2;
1940 arr[n++] = 3; /* Port unavailable */
1941 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1942 put_unaligned_be16(port_group_b, arr + n);
1943 n += 2;
1944 arr[n++] = 0; /* Reserved */
1945 arr[n++] = 0; /* Status code */
1946 arr[n++] = 0; /* Vendor unique */
1947 arr[n++] = 0x1; /* One port per group */
1948 arr[n++] = 0; /* Reserved */
1949 arr[n++] = 0; /* Reserved */
1950 put_unaligned_be16(port_b, arr + n);
1951 n += 2;
1952
1953 rlen = n - 4;
1954 put_unaligned_be32(rlen, arr + 0);
1955
1956 /*
1957 * Return the smallest value of either
1958 * - The allocated length
1959 * - The constructed command length
1960 * - The maximum array size
1961 */
1962 rlen = min_t(int, alen, n);
1963 ret = fill_from_dev_buffer(scp, arr,
1964 min_t(int, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1965 kfree(arr);
1966 return ret;
1967}
1968
1969static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1970 struct sdebug_dev_info *devip)
1971{
1972 bool rctd;
1973 u8 reporting_opts, req_opcode, sdeb_i, supp;
1974 u16 req_sa, u;
1975 u32 alloc_len, a_len;
1976 int k, offset, len, errsts, count, bump, na;
1977 const struct opcode_info_t *oip;
1978 const struct opcode_info_t *r_oip;
1979 u8 *arr;
1980 u8 *cmd = scp->cmnd;
1981
1982 rctd = !!(cmd[2] & 0x80);
1983 reporting_opts = cmd[2] & 0x7;
1984 req_opcode = cmd[3];
1985 req_sa = get_unaligned_be16(cmd + 4);
1986 alloc_len = get_unaligned_be32(cmd + 6);
1987 if (alloc_len < 4 || alloc_len > 0xffff) {
1988 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1989 return check_condition_result;
1990 }
1991 if (alloc_len > 8192)
1992 a_len = 8192;
1993 else
1994 a_len = alloc_len;
1995 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1996 if (NULL == arr) {
1997 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1998 INSUFF_RES_ASCQ);
1999 return check_condition_result;
2000 }
2001 switch (reporting_opts) {
2002 case 0: /* all commands */
2003 /* count number of commands */
2004 for (count = 0, oip = opcode_info_arr;
2005 oip->num_attached != 0xff; ++oip) {
2006 if (F_INV_OP & oip->flags)
2007 continue;
2008 count += (oip->num_attached + 1);
2009 }
2010 bump = rctd ? 20 : 8;
2011 put_unaligned_be32(count * bump, arr);
2012 for (offset = 4, oip = opcode_info_arr;
2013 oip->num_attached != 0xff && offset < a_len; ++oip) {
2014 if (F_INV_OP & oip->flags)
2015 continue;
2016 na = oip->num_attached;
2017 arr[offset] = oip->opcode;
2018 put_unaligned_be16(oip->sa, arr + offset + 2);
2019 if (rctd)
2020 arr[offset + 5] |= 0x2;
2021 if (FF_SA & oip->flags)
2022 arr[offset + 5] |= 0x1;
2023 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2024 if (rctd)
2025 put_unaligned_be16(0xa, arr + offset + 8);
2026 r_oip = oip;
2027 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2028 if (F_INV_OP & oip->flags)
2029 continue;
2030 offset += bump;
2031 arr[offset] = oip->opcode;
2032 put_unaligned_be16(oip->sa, arr + offset + 2);
2033 if (rctd)
2034 arr[offset + 5] |= 0x2;
2035 if (FF_SA & oip->flags)
2036 arr[offset + 5] |= 0x1;
2037 put_unaligned_be16(oip->len_mask[0],
2038 arr + offset + 6);
2039 if (rctd)
2040 put_unaligned_be16(0xa,
2041 arr + offset + 8);
2042 }
2043 oip = r_oip;
2044 offset += bump;
2045 }
2046 break;
2047 case 1: /* one command: opcode only */
2048 case 2: /* one command: opcode plus service action */
2049 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2050 sdeb_i = opcode_ind_arr[req_opcode];
2051 oip = &opcode_info_arr[sdeb_i];
2052 if (F_INV_OP & oip->flags) {
2053 supp = 1;
2054 offset = 4;
2055 } else {
2056 if (1 == reporting_opts) {
2057 if (FF_SA & oip->flags) {
2058 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2059 2, 2);
2060 kfree(arr);
2061 return check_condition_result;
2062 }
2063 req_sa = 0;
2064 } else if (2 == reporting_opts &&
2065 0 == (FF_SA & oip->flags)) {
2066 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2067 kfree(arr); /* point at requested sa */
2068 return check_condition_result;
2069 }
2070 if (0 == (FF_SA & oip->flags) &&
2071 req_opcode == oip->opcode)
2072 supp = 3;
2073 else if (0 == (FF_SA & oip->flags)) {
2074 na = oip->num_attached;
2075 for (k = 0, oip = oip->arrp; k < na;
2076 ++k, ++oip) {
2077 if (req_opcode == oip->opcode)
2078 break;
2079 }
2080 supp = (k >= na) ? 1 : 3;
2081 } else if (req_sa != oip->sa) {
2082 na = oip->num_attached;
2083 for (k = 0, oip = oip->arrp; k < na;
2084 ++k, ++oip) {
2085 if (req_sa == oip->sa)
2086 break;
2087 }
2088 supp = (k >= na) ? 1 : 3;
2089 } else
2090 supp = 3;
2091 if (3 == supp) {
2092 u = oip->len_mask[0];
2093 put_unaligned_be16(u, arr + 2);
2094 arr[4] = oip->opcode;
2095 for (k = 1; k < u; ++k)
2096 arr[4 + k] = (k < 16) ?
2097 oip->len_mask[k] : 0xff;
2098 offset = 4 + u;
2099 } else
2100 offset = 4;
2101 }
2102 arr[1] = (rctd ? 0x80 : 0) | supp;
2103 if (rctd) {
2104 put_unaligned_be16(0xa, arr + offset);
2105 offset += 12;
2106 }
2107 break;
2108 default:
2109 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2110 kfree(arr);
2111 return check_condition_result;
2112 }
2113 offset = (offset < a_len) ? offset : a_len;
2114 len = (offset < alloc_len) ? offset : alloc_len;
2115 errsts = fill_from_dev_buffer(scp, arr, len);
2116 kfree(arr);
2117 return errsts;
2118}
2119
2120static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2121 struct sdebug_dev_info *devip)
2122{
2123 bool repd;
2124 u32 alloc_len, len;
2125 u8 arr[16];
2126 u8 *cmd = scp->cmnd;
2127
2128 memset(arr, 0, sizeof(arr));
2129 repd = !!(cmd[2] & 0x80);
2130 alloc_len = get_unaligned_be32(cmd + 6);
2131 if (alloc_len < 4) {
2132 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2133 return check_condition_result;
2134 }
2135 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2136 arr[1] = 0x1; /* ITNRS */
2137 if (repd) {
2138 arr[3] = 0xc;
2139 len = 16;
2140 } else
2141 len = 4;
2142
2143 len = (len < alloc_len) ? len : alloc_len;
2144 return fill_from_dev_buffer(scp, arr, len);
2145}
2146
2147/* <<Following mode page info copied from ST318451LW>> */
2148
2149static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2150{ /* Read-Write Error Recovery page for mode_sense */
2151 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2152 5, 0, 0xff, 0xff};
2153
2154 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2155 if (1 == pcontrol)
2156 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2157 return sizeof(err_recov_pg);
2158}
2159
2160static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2161{ /* Disconnect-Reconnect page for mode_sense */
2162 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2163 0, 0, 0, 0, 0, 0, 0, 0};
2164
2165 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2166 if (1 == pcontrol)
2167 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2168 return sizeof(disconnect_pg);
2169}
2170
2171static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2172{ /* Format device page for mode_sense */
2173 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2174 0, 0, 0, 0, 0, 0, 0, 0,
2175 0, 0, 0, 0, 0x40, 0, 0, 0};
2176
2177 memcpy(p, format_pg, sizeof(format_pg));
2178 put_unaligned_be16(sdebug_sectors_per, p + 10);
2179 put_unaligned_be16(sdebug_sector_size, p + 12);
2180 if (sdebug_removable)
2181 p[20] |= 0x20; /* should agree with INQUIRY */
2182 if (1 == pcontrol)
2183 memset(p + 2, 0, sizeof(format_pg) - 2);
2184 return sizeof(format_pg);
2185}
2186
2187static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2188 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2189 0, 0, 0, 0};
2190
2191static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2192{ /* Caching page for mode_sense */
2193 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2194 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2195 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2196 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2197
2198 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2199 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2200 memcpy(p, caching_pg, sizeof(caching_pg));
2201 if (1 == pcontrol)
2202 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2203 else if (2 == pcontrol)
2204 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2205 return sizeof(caching_pg);
2206}
2207
2208static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2209 0, 0, 0x2, 0x4b};
2210
2211static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2212{ /* Control mode page for mode_sense */
2213 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2214 0, 0, 0, 0};
2215 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2216 0, 0, 0x2, 0x4b};
2217
2218 if (sdebug_dsense)
2219 ctrl_m_pg[2] |= 0x4;
2220 else
2221 ctrl_m_pg[2] &= ~0x4;
2222
2223 if (sdebug_ato)
2224 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2225
2226 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2227 if (1 == pcontrol)
2228 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2229 else if (2 == pcontrol)
2230 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2231 return sizeof(ctrl_m_pg);
2232}
2233
2234
2235static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2236{ /* Informational Exceptions control mode page for mode_sense */
2237 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2238 0, 0, 0x0, 0x0};
2239 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2240 0, 0, 0x0, 0x0};
2241
2242 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2243 if (1 == pcontrol)
2244 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2245 else if (2 == pcontrol)
2246 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2247 return sizeof(iec_m_pg);
2248}
2249
2250static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2251{ /* SAS SSP mode page - short format for mode_sense */
2252 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2253 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2254
2255 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2256 if (1 == pcontrol)
2257 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2258 return sizeof(sas_sf_m_pg);
2259}
2260
2261
2262static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2263 int target_dev_id)
2264{ /* SAS phy control and discover mode page for mode_sense */
2265 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2266 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2267 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2268 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2269 0x2, 0, 0, 0, 0, 0, 0, 0,
2270 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2271 0, 0, 0, 0, 0, 0, 0, 0,
2272 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2273 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2274 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2275 0x3, 0, 0, 0, 0, 0, 0, 0,
2276 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2277 0, 0, 0, 0, 0, 0, 0, 0,
2278 };
2279 int port_a, port_b;
2280
2281 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2282 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2283 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2284 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2285 port_a = target_dev_id + 1;
2286 port_b = port_a + 1;
2287 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2288 put_unaligned_be32(port_a, p + 20);
2289 put_unaligned_be32(port_b, p + 48 + 20);
2290 if (1 == pcontrol)
2291 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2292 return sizeof(sas_pcd_m_pg);
2293}
2294
2295static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2296{ /* SAS SSP shared protocol specific port mode subpage */
2297 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2298 0, 0, 0, 0, 0, 0, 0, 0,
2299 };
2300
2301 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2302 if (1 == pcontrol)
2303 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2304 return sizeof(sas_sha_m_pg);
2305}
2306
2307#define SDEBUG_MAX_MSENSE_SZ 256
2308
2309static int resp_mode_sense(struct scsi_cmnd *scp,
2310 struct sdebug_dev_info *devip)
2311{
2312 int pcontrol, pcode, subpcode, bd_len;
2313 unsigned char dev_spec;
2314 int alloc_len, offset, len, target_dev_id;
2315 int target = scp->device->id;
2316 unsigned char *ap;
2317 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2318 unsigned char *cmd = scp->cmnd;
2319 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2320
2321 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2322 pcontrol = (cmd[2] & 0xc0) >> 6;
2323 pcode = cmd[2] & 0x3f;
2324 subpcode = cmd[3];
2325 msense_6 = (MODE_SENSE == cmd[0]);
2326 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2327 is_disk = (sdebug_ptype == TYPE_DISK);
2328 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
2329 if ((is_disk || is_zbc) && !dbd)
2330 bd_len = llbaa ? 16 : 8;
2331 else
2332 bd_len = 0;
2333 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2334 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2335 if (0x3 == pcontrol) { /* Saving values not supported */
2336 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2337 return check_condition_result;
2338 }
2339 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2340 (devip->target * 1000) - 3;
2341 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2342 if (is_disk || is_zbc) {
2343 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2344 if (sdebug_wp)
2345 dev_spec |= 0x80;
2346 } else
2347 dev_spec = 0x0;
2348 if (msense_6) {
2349 arr[2] = dev_spec;
2350 arr[3] = bd_len;
2351 offset = 4;
2352 } else {
2353 arr[3] = dev_spec;
2354 if (16 == bd_len)
2355 arr[4] = 0x1; /* set LONGLBA bit */
2356 arr[7] = bd_len; /* assume 255 or less */
2357 offset = 8;
2358 }
2359 ap = arr + offset;
2360 if ((bd_len > 0) && (!sdebug_capacity))
2361 sdebug_capacity = get_sdebug_capacity();
2362
2363 if (8 == bd_len) {
2364 if (sdebug_capacity > 0xfffffffe)
2365 put_unaligned_be32(0xffffffff, ap + 0);
2366 else
2367 put_unaligned_be32(sdebug_capacity, ap + 0);
2368 put_unaligned_be16(sdebug_sector_size, ap + 6);
2369 offset += bd_len;
2370 ap = arr + offset;
2371 } else if (16 == bd_len) {
2372 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2373 put_unaligned_be32(sdebug_sector_size, ap + 12);
2374 offset += bd_len;
2375 ap = arr + offset;
2376 }
2377
2378 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2379 /* TODO: Control Extension page */
2380 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2381 return check_condition_result;
2382 }
2383 bad_pcode = false;
2384
2385 switch (pcode) {
2386 case 0x1: /* Read-Write error recovery page, direct access */
2387 len = resp_err_recov_pg(ap, pcontrol, target);
2388 offset += len;
2389 break;
2390 case 0x2: /* Disconnect-Reconnect page, all devices */
2391 len = resp_disconnect_pg(ap, pcontrol, target);
2392 offset += len;
2393 break;
2394 case 0x3: /* Format device page, direct access */
2395 if (is_disk) {
2396 len = resp_format_pg(ap, pcontrol, target);
2397 offset += len;
2398 } else
2399 bad_pcode = true;
2400 break;
2401 case 0x8: /* Caching page, direct access */
2402 if (is_disk || is_zbc) {
2403 len = resp_caching_pg(ap, pcontrol, target);
2404 offset += len;
2405 } else
2406 bad_pcode = true;
2407 break;
2408 case 0xa: /* Control Mode page, all devices */
2409 len = resp_ctrl_m_pg(ap, pcontrol, target);
2410 offset += len;
2411 break;
2412 case 0x19: /* if spc==1 then sas phy, control+discover */
2413 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2414 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2415 return check_condition_result;
2416 }
2417 len = 0;
2418 if ((0x0 == subpcode) || (0xff == subpcode))
2419 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2420 if ((0x1 == subpcode) || (0xff == subpcode))
2421 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2422 target_dev_id);
2423 if ((0x2 == subpcode) || (0xff == subpcode))
2424 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2425 offset += len;
2426 break;
2427 case 0x1c: /* Informational Exceptions Mode page, all devices */
2428 len = resp_iec_m_pg(ap, pcontrol, target);
2429 offset += len;
2430 break;
2431 case 0x3f: /* Read all Mode pages */
2432 if ((0 == subpcode) || (0xff == subpcode)) {
2433 len = resp_err_recov_pg(ap, pcontrol, target);
2434 len += resp_disconnect_pg(ap + len, pcontrol, target);
2435 if (is_disk) {
2436 len += resp_format_pg(ap + len, pcontrol,
2437 target);
2438 len += resp_caching_pg(ap + len, pcontrol,
2439 target);
2440 } else if (is_zbc) {
2441 len += resp_caching_pg(ap + len, pcontrol,
2442 target);
2443 }
2444 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2445 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2446 if (0xff == subpcode) {
2447 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2448 target, target_dev_id);
2449 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2450 }
2451 len += resp_iec_m_pg(ap + len, pcontrol, target);
2452 offset += len;
2453 } else {
2454 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2455 return check_condition_result;
2456 }
2457 break;
2458 default:
2459 bad_pcode = true;
2460 break;
2461 }
2462 if (bad_pcode) {
2463 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2464 return check_condition_result;
2465 }
2466 if (msense_6)
2467 arr[0] = offset - 1;
2468 else
2469 put_unaligned_be16((offset - 2), arr + 0);
2470 return fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, offset));
2471}
2472
2473#define SDEBUG_MAX_MSELECT_SZ 512
2474
2475static int resp_mode_select(struct scsi_cmnd *scp,
2476 struct sdebug_dev_info *devip)
2477{
2478 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2479 int param_len, res, mpage;
2480 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2481 unsigned char *cmd = scp->cmnd;
2482 int mselect6 = (MODE_SELECT == cmd[0]);
2483
2484 memset(arr, 0, sizeof(arr));
2485 pf = cmd[1] & 0x10;
2486 sp = cmd[1] & 0x1;
2487 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2488 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2489 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2490 return check_condition_result;
2491 }
2492 res = fetch_to_dev_buffer(scp, arr, param_len);
2493 if (-1 == res)
2494 return DID_ERROR << 16;
2495 else if (sdebug_verbose && (res < param_len))
2496 sdev_printk(KERN_INFO, scp->device,
2497 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2498 __func__, param_len, res);
2499 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2500 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2501 if (md_len > 2) {
2502 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2503 return check_condition_result;
2504 }
2505 off = bd_len + (mselect6 ? 4 : 8);
2506 mpage = arr[off] & 0x3f;
2507 ps = !!(arr[off] & 0x80);
2508 if (ps) {
2509 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2510 return check_condition_result;
2511 }
2512 spf = !!(arr[off] & 0x40);
2513 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2514 (arr[off + 1] + 2);
2515 if ((pg_len + off) > param_len) {
2516 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2517 PARAMETER_LIST_LENGTH_ERR, 0);
2518 return check_condition_result;
2519 }
2520 switch (mpage) {
2521 case 0x8: /* Caching Mode page */
2522 if (caching_pg[1] == arr[off + 1]) {
2523 memcpy(caching_pg + 2, arr + off + 2,
2524 sizeof(caching_pg) - 2);
2525 goto set_mode_changed_ua;
2526 }
2527 break;
2528 case 0xa: /* Control Mode page */
2529 if (ctrl_m_pg[1] == arr[off + 1]) {
2530 memcpy(ctrl_m_pg + 2, arr + off + 2,
2531 sizeof(ctrl_m_pg) - 2);
2532 if (ctrl_m_pg[4] & 0x8)
2533 sdebug_wp = true;
2534 else
2535 sdebug_wp = false;
2536 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2537 goto set_mode_changed_ua;
2538 }
2539 break;
2540 case 0x1c: /* Informational Exceptions Mode page */
2541 if (iec_m_pg[1] == arr[off + 1]) {
2542 memcpy(iec_m_pg + 2, arr + off + 2,
2543 sizeof(iec_m_pg) - 2);
2544 goto set_mode_changed_ua;
2545 }
2546 break;
2547 default:
2548 break;
2549 }
2550 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2551 return check_condition_result;
2552set_mode_changed_ua:
2553 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2554 return 0;
2555}
2556
2557static int resp_temp_l_pg(unsigned char *arr)
2558{
2559 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2560 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2561 };
2562
2563 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2564 return sizeof(temp_l_pg);
2565}
2566
2567static int resp_ie_l_pg(unsigned char *arr)
2568{
2569 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2570 };
2571
2572 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2573 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2574 arr[4] = THRESHOLD_EXCEEDED;
2575 arr[5] = 0xff;
2576 }
2577 return sizeof(ie_l_pg);
2578}
2579
2580#define SDEBUG_MAX_LSENSE_SZ 512
2581
2582static int resp_log_sense(struct scsi_cmnd *scp,
2583 struct sdebug_dev_info *devip)
2584{
2585 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2586 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2587 unsigned char *cmd = scp->cmnd;
2588
2589 memset(arr, 0, sizeof(arr));
2590 ppc = cmd[1] & 0x2;
2591 sp = cmd[1] & 0x1;
2592 if (ppc || sp) {
2593 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2594 return check_condition_result;
2595 }
2596 pcode = cmd[2] & 0x3f;
2597 subpcode = cmd[3] & 0xff;
2598 alloc_len = get_unaligned_be16(cmd + 7);
2599 arr[0] = pcode;
2600 if (0 == subpcode) {
2601 switch (pcode) {
2602 case 0x0: /* Supported log pages log page */
2603 n = 4;
2604 arr[n++] = 0x0; /* this page */
2605 arr[n++] = 0xd; /* Temperature */
2606 arr[n++] = 0x2f; /* Informational exceptions */
2607 arr[3] = n - 4;
2608 break;
2609 case 0xd: /* Temperature log page */
2610 arr[3] = resp_temp_l_pg(arr + 4);
2611 break;
2612 case 0x2f: /* Informational exceptions log page */
2613 arr[3] = resp_ie_l_pg(arr + 4);
2614 break;
2615 default:
2616 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2617 return check_condition_result;
2618 }
2619 } else if (0xff == subpcode) {
2620 arr[0] |= 0x40;
2621 arr[1] = subpcode;
2622 switch (pcode) {
2623 case 0x0: /* Supported log pages and subpages log page */
2624 n = 4;
2625 arr[n++] = 0x0;
2626 arr[n++] = 0x0; /* 0,0 page */
2627 arr[n++] = 0x0;
2628 arr[n++] = 0xff; /* this page */
2629 arr[n++] = 0xd;
2630 arr[n++] = 0x0; /* Temperature */
2631 arr[n++] = 0x2f;
2632 arr[n++] = 0x0; /* Informational exceptions */
2633 arr[3] = n - 4;
2634 break;
2635 case 0xd: /* Temperature subpages */
2636 n = 4;
2637 arr[n++] = 0xd;
2638 arr[n++] = 0x0; /* Temperature */
2639 arr[3] = n - 4;
2640 break;
2641 case 0x2f: /* Informational exceptions subpages */
2642 n = 4;
2643 arr[n++] = 0x2f;
2644 arr[n++] = 0x0; /* Informational exceptions */
2645 arr[3] = n - 4;
2646 break;
2647 default:
2648 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2649 return check_condition_result;
2650 }
2651 } else {
2652 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2653 return check_condition_result;
2654 }
2655 len = min_t(int, get_unaligned_be16(arr + 2) + 4, alloc_len);
2656 return fill_from_dev_buffer(scp, arr,
2657 min_t(int, len, SDEBUG_MAX_INQ_ARR_SZ));
2658}
2659
2660static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
2661{
2662 return devip->nr_zones != 0;
2663}
2664
2665static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
2666 unsigned long long lba)
2667{
2668 return &devip->zstate[lba >> devip->zsize_shift];
2669}
2670
2671static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
2672{
2673 return zsp->z_type == ZBC_ZONE_TYPE_CNV;
2674}
2675
2676static void zbc_close_zone(struct sdebug_dev_info *devip,
2677 struct sdeb_zone_state *zsp)
2678{
2679 enum sdebug_z_cond zc;
2680
2681 if (zbc_zone_is_conv(zsp))
2682 return;
2683
2684 zc = zsp->z_cond;
2685 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
2686 return;
2687
2688 if (zc == ZC2_IMPLICIT_OPEN)
2689 devip->nr_imp_open--;
2690 else
2691 devip->nr_exp_open--;
2692
2693 if (zsp->z_wp == zsp->z_start) {
2694 zsp->z_cond = ZC1_EMPTY;
2695 } else {
2696 zsp->z_cond = ZC4_CLOSED;
2697 devip->nr_closed++;
2698 }
2699}
2700
2701static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
2702{
2703 struct sdeb_zone_state *zsp = &devip->zstate[0];
2704 unsigned int i;
2705
2706 for (i = 0; i < devip->nr_zones; i++, zsp++) {
2707 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
2708 zbc_close_zone(devip, zsp);
2709 return;
2710 }
2711 }
2712}
2713
2714static void zbc_open_zone(struct sdebug_dev_info *devip,
2715 struct sdeb_zone_state *zsp, bool explicit)
2716{
2717 enum sdebug_z_cond zc;
2718
2719 if (zbc_zone_is_conv(zsp))
2720 return;
2721
2722 zc = zsp->z_cond;
2723 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
2724 (!explicit && zc == ZC2_IMPLICIT_OPEN))
2725 return;
2726
2727 /* Close an implicit open zone if necessary */
2728 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
2729 zbc_close_zone(devip, zsp);
2730 else if (devip->max_open &&
2731 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
2732 zbc_close_imp_open_zone(devip);
2733
2734 if (zsp->z_cond == ZC4_CLOSED)
2735 devip->nr_closed--;
2736 if (explicit) {
2737 zsp->z_cond = ZC3_EXPLICIT_OPEN;
2738 devip->nr_exp_open++;
2739 } else {
2740 zsp->z_cond = ZC2_IMPLICIT_OPEN;
2741 devip->nr_imp_open++;
2742 }
2743}
2744
2745static void zbc_inc_wp(struct sdebug_dev_info *devip,
2746 unsigned long long lba, unsigned int num)
2747{
2748 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2749 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
2750
2751 if (zbc_zone_is_conv(zsp))
2752 return;
2753
2754 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2755 zsp->z_wp += num;
2756 if (zsp->z_wp >= zend)
2757 zsp->z_cond = ZC5_FULL;
2758 return;
2759 }
2760
2761 while (num) {
2762 if (lba != zsp->z_wp)
2763 zsp->z_non_seq_resource = true;
2764
2765 end = lba + num;
2766 if (end >= zend) {
2767 n = zend - lba;
2768 zsp->z_wp = zend;
2769 } else if (end > zsp->z_wp) {
2770 n = num;
2771 zsp->z_wp = end;
2772 } else {
2773 n = num;
2774 }
2775 if (zsp->z_wp >= zend)
2776 zsp->z_cond = ZC5_FULL;
2777
2778 num -= n;
2779 lba += n;
2780 if (num) {
2781 zsp++;
2782 zend = zsp->z_start + zsp->z_size;
2783 }
2784 }
2785}
2786
2787static int check_zbc_access_params(struct scsi_cmnd *scp,
2788 unsigned long long lba, unsigned int num, bool write)
2789{
2790 struct scsi_device *sdp = scp->device;
2791 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2792 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2793 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
2794
2795 if (!write) {
2796 if (devip->zmodel == BLK_ZONED_HA)
2797 return 0;
2798 /* For host-managed, reads cannot cross zone types boundaries */
2799 if (zsp_end != zsp &&
2800 zbc_zone_is_conv(zsp) &&
2801 !zbc_zone_is_conv(zsp_end)) {
2802 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2803 LBA_OUT_OF_RANGE,
2804 READ_INVDATA_ASCQ);
2805 return check_condition_result;
2806 }
2807 return 0;
2808 }
2809
2810 /* No restrictions for writes within conventional zones */
2811 if (zbc_zone_is_conv(zsp)) {
2812 if (!zbc_zone_is_conv(zsp_end)) {
2813 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2814 LBA_OUT_OF_RANGE,
2815 WRITE_BOUNDARY_ASCQ);
2816 return check_condition_result;
2817 }
2818 return 0;
2819 }
2820
2821 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2822 /* Writes cannot cross sequential zone boundaries */
2823 if (zsp_end != zsp) {
2824 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2825 LBA_OUT_OF_RANGE,
2826 WRITE_BOUNDARY_ASCQ);
2827 return check_condition_result;
2828 }
2829 /* Cannot write full zones */
2830 if (zsp->z_cond == ZC5_FULL) {
2831 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2832 INVALID_FIELD_IN_CDB, 0);
2833 return check_condition_result;
2834 }
2835 /* Writes must be aligned to the zone WP */
2836 if (lba != zsp->z_wp) {
2837 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2838 LBA_OUT_OF_RANGE,
2839 UNALIGNED_WRITE_ASCQ);
2840 return check_condition_result;
2841 }
2842 }
2843
2844 /* Handle implicit open of closed and empty zones */
2845 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
2846 if (devip->max_open &&
2847 devip->nr_exp_open >= devip->max_open) {
2848 mk_sense_buffer(scp, DATA_PROTECT,
2849 INSUFF_RES_ASC,
2850 INSUFF_ZONE_ASCQ);
2851 return check_condition_result;
2852 }
2853 zbc_open_zone(devip, zsp, false);
2854 }
2855
2856 return 0;
2857}
2858
2859static inline int check_device_access_params
2860 (struct scsi_cmnd *scp, unsigned long long lba,
2861 unsigned int num, bool write)
2862{
2863 struct scsi_device *sdp = scp->device;
2864 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2865
2866 if (lba + num > sdebug_capacity) {
2867 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2868 return check_condition_result;
2869 }
2870 /* transfer length excessive (tie in to block limits VPD page) */
2871 if (num > sdebug_store_sectors) {
2872 /* needs work to find which cdb byte 'num' comes from */
2873 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2874 return check_condition_result;
2875 }
2876 if (write && unlikely(sdebug_wp)) {
2877 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2878 return check_condition_result;
2879 }
2880 if (sdebug_dev_is_zoned(devip))
2881 return check_zbc_access_params(scp, lba, num, write);
2882
2883 return 0;
2884}
2885
2886/*
2887 * Note: if BUG_ON() fires it usually indicates a problem with the parser
2888 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
2889 * that access any of the "stores" in struct sdeb_store_info should call this
2890 * function with bug_if_fake_rw set to true.
2891 */
2892static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
2893 bool bug_if_fake_rw)
2894{
2895 if (sdebug_fake_rw) {
2896 BUG_ON(bug_if_fake_rw); /* See note above */
2897 return NULL;
2898 }
2899 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
2900}
2901
2902/* Returns number of bytes copied or -1 if error. */
2903static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
2904 u32 sg_skip, u64 lba, u32 num, bool do_write)
2905{
2906 int ret;
2907 u64 block, rest = 0;
2908 enum dma_data_direction dir;
2909 struct scsi_data_buffer *sdb = &scp->sdb;
2910 u8 *fsp;
2911
2912 if (do_write) {
2913 dir = DMA_TO_DEVICE;
2914 write_since_sync = true;
2915 } else {
2916 dir = DMA_FROM_DEVICE;
2917 }
2918
2919 if (!sdb->length || !sip)
2920 return 0;
2921 if (scp->sc_data_direction != dir)
2922 return -1;
2923 fsp = sip->storep;
2924
2925 block = do_div(lba, sdebug_store_sectors);
2926 if (block + num > sdebug_store_sectors)
2927 rest = block + num - sdebug_store_sectors;
2928
2929 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2930 fsp + (block * sdebug_sector_size),
2931 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2932 if (ret != (num - rest) * sdebug_sector_size)
2933 return ret;
2934
2935 if (rest) {
2936 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2937 fsp, rest * sdebug_sector_size,
2938 sg_skip + ((num - rest) * sdebug_sector_size),
2939 do_write);
2940 }
2941
2942 return ret;
2943}
2944
2945/* Returns number of bytes copied or -1 if error. */
2946static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
2947{
2948 struct scsi_data_buffer *sdb = &scp->sdb;
2949
2950 if (!sdb->length)
2951 return 0;
2952 if (scp->sc_data_direction != DMA_TO_DEVICE)
2953 return -1;
2954 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
2955 num * sdebug_sector_size, 0, true);
2956}
2957
2958/* If sip->storep+lba compares equal to arr(num), then copy top half of
2959 * arr into sip->storep+lba and return true. If comparison fails then
2960 * return false. */
2961static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
2962 const u8 *arr, bool compare_only)
2963{
2964 bool res;
2965 u64 block, rest = 0;
2966 u32 store_blks = sdebug_store_sectors;
2967 u32 lb_size = sdebug_sector_size;
2968 u8 *fsp = sip->storep;
2969
2970 block = do_div(lba, store_blks);
2971 if (block + num > store_blks)
2972 rest = block + num - store_blks;
2973
2974 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2975 if (!res)
2976 return res;
2977 if (rest)
2978 res = memcmp(fsp, arr + ((num - rest) * lb_size),
2979 rest * lb_size);
2980 if (!res)
2981 return res;
2982 if (compare_only)
2983 return true;
2984 arr += num * lb_size;
2985 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2986 if (rest)
2987 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
2988 return res;
2989}
2990
2991static __be16 dif_compute_csum(const void *buf, int len)
2992{
2993 __be16 csum;
2994
2995 if (sdebug_guard)
2996 csum = (__force __be16)ip_compute_csum(buf, len);
2997 else
2998 csum = cpu_to_be16(crc_t10dif(buf, len));
2999
3000 return csum;
3001}
3002
3003static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3004 sector_t sector, u32 ei_lba)
3005{
3006 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3007
3008 if (sdt->guard_tag != csum) {
3009 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3010 (unsigned long)sector,
3011 be16_to_cpu(sdt->guard_tag),
3012 be16_to_cpu(csum));
3013 return 0x01;
3014 }
3015 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3016 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3017 pr_err("REF check failed on sector %lu\n",
3018 (unsigned long)sector);
3019 return 0x03;
3020 }
3021 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3022 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3023 pr_err("REF check failed on sector %lu\n",
3024 (unsigned long)sector);
3025 return 0x03;
3026 }
3027 return 0;
3028}
3029
3030static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3031 unsigned int sectors, bool read)
3032{
3033 size_t resid;
3034 void *paddr;
3035 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3036 scp->device->hostdata, true);
3037 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3038 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3039 struct sg_mapping_iter miter;
3040
3041 /* Bytes of protection data to copy into sgl */
3042 resid = sectors * sizeof(*dif_storep);
3043
3044 sg_miter_start(&miter, scsi_prot_sglist(scp),
3045 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3046 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3047
3048 while (sg_miter_next(&miter) && resid > 0) {
3049 size_t len = min_t(size_t, miter.length, resid);
3050 void *start = dif_store(sip, sector);
3051 size_t rest = 0;
3052
3053 if (dif_store_end < start + len)
3054 rest = start + len - dif_store_end;
3055
3056 paddr = miter.addr;
3057
3058 if (read)
3059 memcpy(paddr, start, len - rest);
3060 else
3061 memcpy(start, paddr, len - rest);
3062
3063 if (rest) {
3064 if (read)
3065 memcpy(paddr + len - rest, dif_storep, rest);
3066 else
3067 memcpy(dif_storep, paddr + len - rest, rest);
3068 }
3069
3070 sector += len / sizeof(*dif_storep);
3071 resid -= len;
3072 }
3073 sg_miter_stop(&miter);
3074}
3075
3076static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3077 unsigned int sectors, u32 ei_lba)
3078{
3079 unsigned int i;
3080 sector_t sector;
3081 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3082 scp->device->hostdata, true);
3083 struct t10_pi_tuple *sdt;
3084
3085 for (i = 0; i < sectors; i++, ei_lba++) {
3086 int ret;
3087
3088 sector = start_sec + i;
3089 sdt = dif_store(sip, sector);
3090
3091 if (sdt->app_tag == cpu_to_be16(0xffff))
3092 continue;
3093
3094 ret = dif_verify(sdt, lba2fake_store(sip, sector), sector,
3095 ei_lba);
3096 if (ret) {
3097 dif_errors++;
3098 return ret;
3099 }
3100 }
3101
3102 dif_copy_prot(scp, start_sec, sectors, true);
3103 dix_reads++;
3104
3105 return 0;
3106}
3107
3108static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3109{
3110 bool check_prot;
3111 u32 num;
3112 u32 ei_lba;
3113 int ret;
3114 u64 lba;
3115 struct sdeb_store_info *sip = devip2sip(devip, true);
3116 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
3117 u8 *cmd = scp->cmnd;
3118
3119 switch (cmd[0]) {
3120 case READ_16:
3121 ei_lba = 0;
3122 lba = get_unaligned_be64(cmd + 2);
3123 num = get_unaligned_be32(cmd + 10);
3124 check_prot = true;
3125 break;
3126 case READ_10:
3127 ei_lba = 0;
3128 lba = get_unaligned_be32(cmd + 2);
3129 num = get_unaligned_be16(cmd + 7);
3130 check_prot = true;
3131 break;
3132 case READ_6:
3133 ei_lba = 0;
3134 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3135 (u32)(cmd[1] & 0x1f) << 16;
3136 num = (0 == cmd[4]) ? 256 : cmd[4];
3137 check_prot = true;
3138 break;
3139 case READ_12:
3140 ei_lba = 0;
3141 lba = get_unaligned_be32(cmd + 2);
3142 num = get_unaligned_be32(cmd + 6);
3143 check_prot = true;
3144 break;
3145 case XDWRITEREAD_10:
3146 ei_lba = 0;
3147 lba = get_unaligned_be32(cmd + 2);
3148 num = get_unaligned_be16(cmd + 7);
3149 check_prot = false;
3150 break;
3151 default: /* assume READ(32) */
3152 lba = get_unaligned_be64(cmd + 12);
3153 ei_lba = get_unaligned_be32(cmd + 20);
3154 num = get_unaligned_be32(cmd + 28);
3155 check_prot = false;
3156 break;
3157 }
3158 if (unlikely(have_dif_prot && check_prot)) {
3159 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3160 (cmd[1] & 0xe0)) {
3161 mk_sense_invalid_opcode(scp);
3162 return check_condition_result;
3163 }
3164 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3165 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3166 (cmd[1] & 0xe0) == 0)
3167 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3168 "to DIF device\n");
3169 }
3170 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3171 atomic_read(&sdeb_inject_pending))) {
3172 num /= 2;
3173 atomic_set(&sdeb_inject_pending, 0);
3174 }
3175
3176 ret = check_device_access_params(scp, lba, num, false);
3177 if (ret)
3178 return ret;
3179 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3180 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3181 ((lba + num) > sdebug_medium_error_start))) {
3182 /* claim unrecoverable read error */
3183 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3184 /* set info field and valid bit for fixed descriptor */
3185 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3186 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3187 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3188 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3189 put_unaligned_be32(ret, scp->sense_buffer + 3);
3190 }
3191 scsi_set_resid(scp, scsi_bufflen(scp));
3192 return check_condition_result;
3193 }
3194
3195 read_lock(macc_lckp);
3196
3197 /* DIX + T10 DIF */
3198 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3199 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
3200
3201 if (prot_ret) {
3202 read_unlock(macc_lckp);
3203 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
3204 return illegal_condition_result;
3205 }
3206 }
3207
3208 ret = do_device_access(sip, scp, 0, lba, num, false);
3209 read_unlock(macc_lckp);
3210 if (unlikely(ret == -1))
3211 return DID_ERROR << 16;
3212
3213 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3214
3215 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3216 atomic_read(&sdeb_inject_pending))) {
3217 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3218 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3219 atomic_set(&sdeb_inject_pending, 0);
3220 return check_condition_result;
3221 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3222 /* Logical block guard check failed */
3223 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3224 atomic_set(&sdeb_inject_pending, 0);
3225 return illegal_condition_result;
3226 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3227 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3228 atomic_set(&sdeb_inject_pending, 0);
3229 return illegal_condition_result;
3230 }
3231 }
3232 return 0;
3233}
3234
3235static void dump_sector(unsigned char *buf, int len)
3236{
3237 int i, j, n;
3238
3239 pr_err(">>> Sector Dump <<<\n");
3240 for (i = 0 ; i < len ; i += 16) {
3241 char b[128];
3242
3243 for (j = 0, n = 0; j < 16; j++) {
3244 unsigned char c = buf[i+j];
3245
3246 if (c >= 0x20 && c < 0x7e)
3247 n += scnprintf(b + n, sizeof(b) - n,
3248 " %c ", buf[i+j]);
3249 else
3250 n += scnprintf(b + n, sizeof(b) - n,
3251 "%02x ", buf[i+j]);
3252 }
3253 pr_err("%04d: %s\n", i, b);
3254 }
3255}
3256
3257static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3258 unsigned int sectors, u32 ei_lba)
3259{
3260 int ret;
3261 struct t10_pi_tuple *sdt;
3262 void *daddr;
3263 sector_t sector = start_sec;
3264 int ppage_offset;
3265 int dpage_offset;
3266 struct sg_mapping_iter diter;
3267 struct sg_mapping_iter piter;
3268
3269 BUG_ON(scsi_sg_count(SCpnt) == 0);
3270 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3271
3272 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3273 scsi_prot_sg_count(SCpnt),
3274 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3275 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3276 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3277
3278 /* For each protection page */
3279 while (sg_miter_next(&piter)) {
3280 dpage_offset = 0;
3281 if (WARN_ON(!sg_miter_next(&diter))) {
3282 ret = 0x01;
3283 goto out;
3284 }
3285
3286 for (ppage_offset = 0; ppage_offset < piter.length;
3287 ppage_offset += sizeof(struct t10_pi_tuple)) {
3288 /* If we're at the end of the current
3289 * data page advance to the next one
3290 */
3291 if (dpage_offset >= diter.length) {
3292 if (WARN_ON(!sg_miter_next(&diter))) {
3293 ret = 0x01;
3294 goto out;
3295 }
3296 dpage_offset = 0;
3297 }
3298
3299 sdt = piter.addr + ppage_offset;
3300 daddr = diter.addr + dpage_offset;
3301
3302 ret = dif_verify(sdt, daddr, sector, ei_lba);
3303 if (ret) {
3304 dump_sector(daddr, sdebug_sector_size);
3305 goto out;
3306 }
3307
3308 sector++;
3309 ei_lba++;
3310 dpage_offset += sdebug_sector_size;
3311 }
3312 diter.consumed = dpage_offset;
3313 sg_miter_stop(&diter);
3314 }
3315 sg_miter_stop(&piter);
3316
3317 dif_copy_prot(SCpnt, start_sec, sectors, false);
3318 dix_writes++;
3319
3320 return 0;
3321
3322out:
3323 dif_errors++;
3324 sg_miter_stop(&diter);
3325 sg_miter_stop(&piter);
3326 return ret;
3327}
3328
3329static unsigned long lba_to_map_index(sector_t lba)
3330{
3331 if (sdebug_unmap_alignment)
3332 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3333 sector_div(lba, sdebug_unmap_granularity);
3334 return lba;
3335}
3336
3337static sector_t map_index_to_lba(unsigned long index)
3338{
3339 sector_t lba = index * sdebug_unmap_granularity;
3340
3341 if (sdebug_unmap_alignment)
3342 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3343 return lba;
3344}
3345
3346static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3347 unsigned int *num)
3348{
3349 sector_t end;
3350 unsigned int mapped;
3351 unsigned long index;
3352 unsigned long next;
3353
3354 index = lba_to_map_index(lba);
3355 mapped = test_bit(index, sip->map_storep);
3356
3357 if (mapped)
3358 next = find_next_zero_bit(sip->map_storep, map_size, index);
3359 else
3360 next = find_next_bit(sip->map_storep, map_size, index);
3361
3362 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3363 *num = end - lba;
3364 return mapped;
3365}
3366
3367static void map_region(struct sdeb_store_info *sip, sector_t lba,
3368 unsigned int len)
3369{
3370 sector_t end = lba + len;
3371
3372 while (lba < end) {
3373 unsigned long index = lba_to_map_index(lba);
3374
3375 if (index < map_size)
3376 set_bit(index, sip->map_storep);
3377
3378 lba = map_index_to_lba(index + 1);
3379 }
3380}
3381
3382static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3383 unsigned int len)
3384{
3385 sector_t end = lba + len;
3386 u8 *fsp = sip->storep;
3387
3388 while (lba < end) {
3389 unsigned long index = lba_to_map_index(lba);
3390
3391 if (lba == map_index_to_lba(index) &&
3392 lba + sdebug_unmap_granularity <= end &&
3393 index < map_size) {
3394 clear_bit(index, sip->map_storep);
3395 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3396 memset(fsp + lba * sdebug_sector_size,
3397 (sdebug_lbprz & 1) ? 0 : 0xff,
3398 sdebug_sector_size *
3399 sdebug_unmap_granularity);
3400 }
3401 if (sip->dif_storep) {
3402 memset(sip->dif_storep + lba, 0xff,
3403 sizeof(*sip->dif_storep) *
3404 sdebug_unmap_granularity);
3405 }
3406 }
3407 lba = map_index_to_lba(index + 1);
3408 }
3409}
3410
3411static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3412{
3413 bool check_prot;
3414 u32 num;
3415 u32 ei_lba;
3416 int ret;
3417 u64 lba;
3418 struct sdeb_store_info *sip = devip2sip(devip, true);
3419 rwlock_t *macc_lckp = &sip->macc_lck;
3420 u8 *cmd = scp->cmnd;
3421
3422 switch (cmd[0]) {
3423 case WRITE_16:
3424 ei_lba = 0;
3425 lba = get_unaligned_be64(cmd + 2);
3426 num = get_unaligned_be32(cmd + 10);
3427 check_prot = true;
3428 break;
3429 case WRITE_10:
3430 ei_lba = 0;
3431 lba = get_unaligned_be32(cmd + 2);
3432 num = get_unaligned_be16(cmd + 7);
3433 check_prot = true;
3434 break;
3435 case WRITE_6:
3436 ei_lba = 0;
3437 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3438 (u32)(cmd[1] & 0x1f) << 16;
3439 num = (0 == cmd[4]) ? 256 : cmd[4];
3440 check_prot = true;
3441 break;
3442 case WRITE_12:
3443 ei_lba = 0;
3444 lba = get_unaligned_be32(cmd + 2);
3445 num = get_unaligned_be32(cmd + 6);
3446 check_prot = true;
3447 break;
3448 case 0x53: /* XDWRITEREAD(10) */
3449 ei_lba = 0;
3450 lba = get_unaligned_be32(cmd + 2);
3451 num = get_unaligned_be16(cmd + 7);
3452 check_prot = false;
3453 break;
3454 default: /* assume WRITE(32) */
3455 lba = get_unaligned_be64(cmd + 12);
3456 ei_lba = get_unaligned_be32(cmd + 20);
3457 num = get_unaligned_be32(cmd + 28);
3458 check_prot = false;
3459 break;
3460 }
3461 if (unlikely(have_dif_prot && check_prot)) {
3462 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3463 (cmd[1] & 0xe0)) {
3464 mk_sense_invalid_opcode(scp);
3465 return check_condition_result;
3466 }
3467 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3468 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3469 (cmd[1] & 0xe0) == 0)
3470 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3471 "to DIF device\n");
3472 }
3473
3474 write_lock(macc_lckp);
3475 ret = check_device_access_params(scp, lba, num, true);
3476 if (ret) {
3477 write_unlock(macc_lckp);
3478 return ret;
3479 }
3480
3481 /* DIX + T10 DIF */
3482 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3483 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3484
3485 if (prot_ret) {
3486 write_unlock(macc_lckp);
3487 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3488 return illegal_condition_result;
3489 }
3490 }
3491
3492 ret = do_device_access(sip, scp, 0, lba, num, true);
3493 if (unlikely(scsi_debug_lbp()))
3494 map_region(sip, lba, num);
3495 /* If ZBC zone then bump its write pointer */
3496 if (sdebug_dev_is_zoned(devip))
3497 zbc_inc_wp(devip, lba, num);
3498 write_unlock(macc_lckp);
3499 if (unlikely(-1 == ret))
3500 return DID_ERROR << 16;
3501 else if (unlikely(sdebug_verbose &&
3502 (ret < (num * sdebug_sector_size))))
3503 sdev_printk(KERN_INFO, scp->device,
3504 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3505 my_name, num * sdebug_sector_size, ret);
3506
3507 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3508 atomic_read(&sdeb_inject_pending))) {
3509 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3510 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3511 atomic_set(&sdeb_inject_pending, 0);
3512 return check_condition_result;
3513 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3514 /* Logical block guard check failed */
3515 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3516 atomic_set(&sdeb_inject_pending, 0);
3517 return illegal_condition_result;
3518 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3519 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3520 atomic_set(&sdeb_inject_pending, 0);
3521 return illegal_condition_result;
3522 }
3523 }
3524 return 0;
3525}
3526
3527/*
3528 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3529 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3530 */
3531static int resp_write_scat(struct scsi_cmnd *scp,
3532 struct sdebug_dev_info *devip)
3533{
3534 u8 *cmd = scp->cmnd;
3535 u8 *lrdp = NULL;
3536 u8 *up;
3537 struct sdeb_store_info *sip = devip2sip(devip, true);
3538 rwlock_t *macc_lckp = &sip->macc_lck;
3539 u8 wrprotect;
3540 u16 lbdof, num_lrd, k;
3541 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3542 u32 lb_size = sdebug_sector_size;
3543 u32 ei_lba;
3544 u64 lba;
3545 int ret, res;
3546 bool is_16;
3547 static const u32 lrd_size = 32; /* + parameter list header size */
3548
3549 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3550 is_16 = false;
3551 wrprotect = (cmd[10] >> 5) & 0x7;
3552 lbdof = get_unaligned_be16(cmd + 12);
3553 num_lrd = get_unaligned_be16(cmd + 16);
3554 bt_len = get_unaligned_be32(cmd + 28);
3555 } else { /* that leaves WRITE SCATTERED(16) */
3556 is_16 = true;
3557 wrprotect = (cmd[2] >> 5) & 0x7;
3558 lbdof = get_unaligned_be16(cmd + 4);
3559 num_lrd = get_unaligned_be16(cmd + 8);
3560 bt_len = get_unaligned_be32(cmd + 10);
3561 if (unlikely(have_dif_prot)) {
3562 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3563 wrprotect) {
3564 mk_sense_invalid_opcode(scp);
3565 return illegal_condition_result;
3566 }
3567 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3568 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3569 wrprotect == 0)
3570 sdev_printk(KERN_ERR, scp->device,
3571 "Unprotected WR to DIF device\n");
3572 }
3573 }
3574 if ((num_lrd == 0) || (bt_len == 0))
3575 return 0; /* T10 says these do-nothings are not errors */
3576 if (lbdof == 0) {
3577 if (sdebug_verbose)
3578 sdev_printk(KERN_INFO, scp->device,
3579 "%s: %s: LB Data Offset field bad\n",
3580 my_name, __func__);
3581 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3582 return illegal_condition_result;
3583 }
3584 lbdof_blen = lbdof * lb_size;
3585 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3586 if (sdebug_verbose)
3587 sdev_printk(KERN_INFO, scp->device,
3588 "%s: %s: LBA range descriptors don't fit\n",
3589 my_name, __func__);
3590 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3591 return illegal_condition_result;
3592 }
3593 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3594 if (lrdp == NULL)
3595 return SCSI_MLQUEUE_HOST_BUSY;
3596 if (sdebug_verbose)
3597 sdev_printk(KERN_INFO, scp->device,
3598 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3599 my_name, __func__, lbdof_blen);
3600 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3601 if (res == -1) {
3602 ret = DID_ERROR << 16;
3603 goto err_out;
3604 }
3605
3606 write_lock(macc_lckp);
3607 sg_off = lbdof_blen;
3608 /* Spec says Buffer xfer Length field in number of LBs in dout */
3609 cum_lb = 0;
3610 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3611 lba = get_unaligned_be64(up + 0);
3612 num = get_unaligned_be32(up + 8);
3613 if (sdebug_verbose)
3614 sdev_printk(KERN_INFO, scp->device,
3615 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3616 my_name, __func__, k, lba, num, sg_off);
3617 if (num == 0)
3618 continue;
3619 ret = check_device_access_params(scp, lba, num, true);
3620 if (ret)
3621 goto err_out_unlock;
3622 num_by = num * lb_size;
3623 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3624
3625 if ((cum_lb + num) > bt_len) {
3626 if (sdebug_verbose)
3627 sdev_printk(KERN_INFO, scp->device,
3628 "%s: %s: sum of blocks > data provided\n",
3629 my_name, __func__);
3630 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3631 0);
3632 ret = illegal_condition_result;
3633 goto err_out_unlock;
3634 }
3635
3636 /* DIX + T10 DIF */
3637 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3638 int prot_ret = prot_verify_write(scp, lba, num,
3639 ei_lba);
3640
3641 if (prot_ret) {
3642 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3643 prot_ret);
3644 ret = illegal_condition_result;
3645 goto err_out_unlock;
3646 }
3647 }
3648
3649 ret = do_device_access(sip, scp, sg_off, lba, num, true);
3650 /* If ZBC zone then bump its write pointer */
3651 if (sdebug_dev_is_zoned(devip))
3652 zbc_inc_wp(devip, lba, num);
3653 if (unlikely(scsi_debug_lbp()))
3654 map_region(sip, lba, num);
3655 if (unlikely(-1 == ret)) {
3656 ret = DID_ERROR << 16;
3657 goto err_out_unlock;
3658 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3659 sdev_printk(KERN_INFO, scp->device,
3660 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3661 my_name, num_by, ret);
3662
3663 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3664 atomic_read(&sdeb_inject_pending))) {
3665 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3666 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3667 atomic_set(&sdeb_inject_pending, 0);
3668 ret = check_condition_result;
3669 goto err_out_unlock;
3670 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3671 /* Logical block guard check failed */
3672 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3673 atomic_set(&sdeb_inject_pending, 0);
3674 ret = illegal_condition_result;
3675 goto err_out_unlock;
3676 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3677 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3678 atomic_set(&sdeb_inject_pending, 0);
3679 ret = illegal_condition_result;
3680 goto err_out_unlock;
3681 }
3682 }
3683 sg_off += num_by;
3684 cum_lb += num;
3685 }
3686 ret = 0;
3687err_out_unlock:
3688 write_unlock(macc_lckp);
3689err_out:
3690 kfree(lrdp);
3691 return ret;
3692}
3693
3694static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3695 u32 ei_lba, bool unmap, bool ndob)
3696{
3697 struct scsi_device *sdp = scp->device;
3698 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3699 unsigned long long i;
3700 u64 block, lbaa;
3701 u32 lb_size = sdebug_sector_size;
3702 int ret;
3703 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3704 scp->device->hostdata, true);
3705 rwlock_t *macc_lckp = &sip->macc_lck;
3706 u8 *fs1p;
3707 u8 *fsp;
3708
3709 write_lock(macc_lckp);
3710
3711 ret = check_device_access_params(scp, lba, num, true);
3712 if (ret) {
3713 write_unlock(macc_lckp);
3714 return ret;
3715 }
3716
3717 if (unmap && scsi_debug_lbp()) {
3718 unmap_region(sip, lba, num);
3719 goto out;
3720 }
3721 lbaa = lba;
3722 block = do_div(lbaa, sdebug_store_sectors);
3723 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3724 fsp = sip->storep;
3725 fs1p = fsp + (block * lb_size);
3726 if (ndob) {
3727 memset(fs1p, 0, lb_size);
3728 ret = 0;
3729 } else
3730 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3731
3732 if (-1 == ret) {
3733 write_unlock(&sip->macc_lck);
3734 return DID_ERROR << 16;
3735 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3736 sdev_printk(KERN_INFO, scp->device,
3737 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3738 my_name, "write same", lb_size, ret);
3739
3740 /* Copy first sector to remaining blocks */
3741 for (i = 1 ; i < num ; i++) {
3742 lbaa = lba + i;
3743 block = do_div(lbaa, sdebug_store_sectors);
3744 memmove(fsp + (block * lb_size), fs1p, lb_size);
3745 }
3746 if (scsi_debug_lbp())
3747 map_region(sip, lba, num);
3748 /* If ZBC zone then bump its write pointer */
3749 if (sdebug_dev_is_zoned(devip))
3750 zbc_inc_wp(devip, lba, num);
3751out:
3752 write_unlock(macc_lckp);
3753
3754 return 0;
3755}
3756
3757static int resp_write_same_10(struct scsi_cmnd *scp,
3758 struct sdebug_dev_info *devip)
3759{
3760 u8 *cmd = scp->cmnd;
3761 u32 lba;
3762 u16 num;
3763 u32 ei_lba = 0;
3764 bool unmap = false;
3765
3766 if (cmd[1] & 0x8) {
3767 if (sdebug_lbpws10 == 0) {
3768 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3769 return check_condition_result;
3770 } else
3771 unmap = true;
3772 }
3773 lba = get_unaligned_be32(cmd + 2);
3774 num = get_unaligned_be16(cmd + 7);
3775 if (num > sdebug_write_same_length) {
3776 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3777 return check_condition_result;
3778 }
3779 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3780}
3781
3782static int resp_write_same_16(struct scsi_cmnd *scp,
3783 struct sdebug_dev_info *devip)
3784{
3785 u8 *cmd = scp->cmnd;
3786 u64 lba;
3787 u32 num;
3788 u32 ei_lba = 0;
3789 bool unmap = false;
3790 bool ndob = false;
3791
3792 if (cmd[1] & 0x8) { /* UNMAP */
3793 if (sdebug_lbpws == 0) {
3794 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3795 return check_condition_result;
3796 } else
3797 unmap = true;
3798 }
3799 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3800 ndob = true;
3801 lba = get_unaligned_be64(cmd + 2);
3802 num = get_unaligned_be32(cmd + 10);
3803 if (num > sdebug_write_same_length) {
3804 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3805 return check_condition_result;
3806 }
3807 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3808}
3809
3810/* Note the mode field is in the same position as the (lower) service action
3811 * field. For the Report supported operation codes command, SPC-4 suggests
3812 * each mode of this command should be reported separately; for future. */
3813static int resp_write_buffer(struct scsi_cmnd *scp,
3814 struct sdebug_dev_info *devip)
3815{
3816 u8 *cmd = scp->cmnd;
3817 struct scsi_device *sdp = scp->device;
3818 struct sdebug_dev_info *dp;
3819 u8 mode;
3820
3821 mode = cmd[1] & 0x1f;
3822 switch (mode) {
3823 case 0x4: /* download microcode (MC) and activate (ACT) */
3824 /* set UAs on this device only */
3825 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3826 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3827 break;
3828 case 0x5: /* download MC, save and ACT */
3829 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3830 break;
3831 case 0x6: /* download MC with offsets and ACT */
3832 /* set UAs on most devices (LUs) in this target */
3833 list_for_each_entry(dp,
3834 &devip->sdbg_host->dev_info_list,
3835 dev_list)
3836 if (dp->target == sdp->id) {
3837 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3838 if (devip != dp)
3839 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3840 dp->uas_bm);
3841 }
3842 break;
3843 case 0x7: /* download MC with offsets, save, and ACT */
3844 /* set UA on all devices (LUs) in this target */
3845 list_for_each_entry(dp,
3846 &devip->sdbg_host->dev_info_list,
3847 dev_list)
3848 if (dp->target == sdp->id)
3849 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3850 dp->uas_bm);
3851 break;
3852 default:
3853 /* do nothing for this command for other mode values */
3854 break;
3855 }
3856 return 0;
3857}
3858
3859static int resp_comp_write(struct scsi_cmnd *scp,
3860 struct sdebug_dev_info *devip)
3861{
3862 u8 *cmd = scp->cmnd;
3863 u8 *arr;
3864 struct sdeb_store_info *sip = devip2sip(devip, true);
3865 rwlock_t *macc_lckp = &sip->macc_lck;
3866 u64 lba;
3867 u32 dnum;
3868 u32 lb_size = sdebug_sector_size;
3869 u8 num;
3870 int ret;
3871 int retval = 0;
3872
3873 lba = get_unaligned_be64(cmd + 2);
3874 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3875 if (0 == num)
3876 return 0; /* degenerate case, not an error */
3877 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3878 (cmd[1] & 0xe0)) {
3879 mk_sense_invalid_opcode(scp);
3880 return check_condition_result;
3881 }
3882 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3883 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3884 (cmd[1] & 0xe0) == 0)
3885 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3886 "to DIF device\n");
3887 ret = check_device_access_params(scp, lba, num, false);
3888 if (ret)
3889 return ret;
3890 dnum = 2 * num;
3891 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3892 if (NULL == arr) {
3893 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3894 INSUFF_RES_ASCQ);
3895 return check_condition_result;
3896 }
3897
3898 write_lock(macc_lckp);
3899
3900 ret = do_dout_fetch(scp, dnum, arr);
3901 if (ret == -1) {
3902 retval = DID_ERROR << 16;
3903 goto cleanup;
3904 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3905 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3906 "indicated=%u, IO sent=%d bytes\n", my_name,
3907 dnum * lb_size, ret);
3908 if (!comp_write_worker(sip, lba, num, arr, false)) {
3909 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3910 retval = check_condition_result;
3911 goto cleanup;
3912 }
3913 if (scsi_debug_lbp())
3914 map_region(sip, lba, num);
3915cleanup:
3916 write_unlock(macc_lckp);
3917 kfree(arr);
3918 return retval;
3919}
3920
3921struct unmap_block_desc {
3922 __be64 lba;
3923 __be32 blocks;
3924 __be32 __reserved;
3925};
3926
3927static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3928{
3929 unsigned char *buf;
3930 struct unmap_block_desc *desc;
3931 struct sdeb_store_info *sip = devip2sip(devip, true);
3932 rwlock_t *macc_lckp = &sip->macc_lck;
3933 unsigned int i, payload_len, descriptors;
3934 int ret;
3935
3936 if (!scsi_debug_lbp())
3937 return 0; /* fib and say its done */
3938 payload_len = get_unaligned_be16(scp->cmnd + 7);
3939 BUG_ON(scsi_bufflen(scp) != payload_len);
3940
3941 descriptors = (payload_len - 8) / 16;
3942 if (descriptors > sdebug_unmap_max_desc) {
3943 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3944 return check_condition_result;
3945 }
3946
3947 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3948 if (!buf) {
3949 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3950 INSUFF_RES_ASCQ);
3951 return check_condition_result;
3952 }
3953
3954 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3955
3956 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3957 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3958
3959 desc = (void *)&buf[8];
3960
3961 write_lock(macc_lckp);
3962
3963 for (i = 0 ; i < descriptors ; i++) {
3964 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3965 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3966
3967 ret = check_device_access_params(scp, lba, num, true);
3968 if (ret)
3969 goto out;
3970
3971 unmap_region(sip, lba, num);
3972 }
3973
3974 ret = 0;
3975
3976out:
3977 write_unlock(macc_lckp);
3978 kfree(buf);
3979
3980 return ret;
3981}
3982
3983#define SDEBUG_GET_LBA_STATUS_LEN 32
3984
3985static int resp_get_lba_status(struct scsi_cmnd *scp,
3986 struct sdebug_dev_info *devip)
3987{
3988 u8 *cmd = scp->cmnd;
3989 u64 lba;
3990 u32 alloc_len, mapped, num;
3991 int ret;
3992 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3993
3994 lba = get_unaligned_be64(cmd + 2);
3995 alloc_len = get_unaligned_be32(cmd + 10);
3996
3997 if (alloc_len < 24)
3998 return 0;
3999
4000 ret = check_device_access_params(scp, lba, 1, false);
4001 if (ret)
4002 return ret;
4003
4004 if (scsi_debug_lbp()) {
4005 struct sdeb_store_info *sip = devip2sip(devip, true);
4006
4007 mapped = map_state(sip, lba, &num);
4008 } else {
4009 mapped = 1;
4010 /* following just in case virtual_gb changed */
4011 sdebug_capacity = get_sdebug_capacity();
4012 if (sdebug_capacity - lba <= 0xffffffff)
4013 num = sdebug_capacity - lba;
4014 else
4015 num = 0xffffffff;
4016 }
4017
4018 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4019 put_unaligned_be32(20, arr); /* Parameter Data Length */
4020 put_unaligned_be64(lba, arr + 8); /* LBA */
4021 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4022 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4023
4024 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4025}
4026
4027static int resp_sync_cache(struct scsi_cmnd *scp,
4028 struct sdebug_dev_info *devip)
4029{
4030 int res = 0;
4031 u64 lba;
4032 u32 num_blocks;
4033 u8 *cmd = scp->cmnd;
4034
4035 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4036 lba = get_unaligned_be32(cmd + 2);
4037 num_blocks = get_unaligned_be16(cmd + 7);
4038 } else { /* SYNCHRONIZE_CACHE(16) */
4039 lba = get_unaligned_be64(cmd + 2);
4040 num_blocks = get_unaligned_be32(cmd + 10);
4041 }
4042 if (lba + num_blocks > sdebug_capacity) {
4043 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4044 return check_condition_result;
4045 }
4046 if (!write_since_sync || (cmd[1] & 0x2))
4047 res = SDEG_RES_IMMED_MASK;
4048 else /* delay if write_since_sync and IMMED clear */
4049 write_since_sync = false;
4050 return res;
4051}
4052
4053/*
4054 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4055 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4056 * a GOOD status otherwise. Model a disk with a big cache and yield
4057 * CONDITION MET. Actually tries to bring range in main memory into the
4058 * cache associated with the CPU(s).
4059 */
4060static int resp_pre_fetch(struct scsi_cmnd *scp,
4061 struct sdebug_dev_info *devip)
4062{
4063 int res = 0;
4064 u64 lba;
4065 u64 block, rest = 0;
4066 u32 nblks;
4067 u8 *cmd = scp->cmnd;
4068 struct sdeb_store_info *sip = devip2sip(devip, true);
4069 rwlock_t *macc_lckp = &sip->macc_lck;
4070 u8 *fsp = sip->storep;
4071
4072 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4073 lba = get_unaligned_be32(cmd + 2);
4074 nblks = get_unaligned_be16(cmd + 7);
4075 } else { /* PRE-FETCH(16) */
4076 lba = get_unaligned_be64(cmd + 2);
4077 nblks = get_unaligned_be32(cmd + 10);
4078 }
4079 if (lba + nblks > sdebug_capacity) {
4080 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4081 return check_condition_result;
4082 }
4083 if (!fsp)
4084 goto fini;
4085 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4086 block = do_div(lba, sdebug_store_sectors);
4087 if (block + nblks > sdebug_store_sectors)
4088 rest = block + nblks - sdebug_store_sectors;
4089
4090 /* Try to bring the PRE-FETCH range into CPU's cache */
4091 read_lock(macc_lckp);
4092 prefetch_range(fsp + (sdebug_sector_size * block),
4093 (nblks - rest) * sdebug_sector_size);
4094 if (rest)
4095 prefetch_range(fsp, rest * sdebug_sector_size);
4096 read_unlock(macc_lckp);
4097fini:
4098 if (cmd[1] & 0x2)
4099 res = SDEG_RES_IMMED_MASK;
4100 return res | condition_met_result;
4101}
4102
4103#define RL_BUCKET_ELEMS 8
4104
4105/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4106 * (W-LUN), the normal Linux scanning logic does not associate it with a
4107 * device (e.g. /dev/sg7). The following magic will make that association:
4108 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4109 * where <n> is a host number. If there are multiple targets in a host then
4110 * the above will associate a W-LUN to each target. To only get a W-LUN
4111 * for target 2, then use "echo '- 2 49409' > scan" .
4112 */
4113static int resp_report_luns(struct scsi_cmnd *scp,
4114 struct sdebug_dev_info *devip)
4115{
4116 unsigned char *cmd = scp->cmnd;
4117 unsigned int alloc_len;
4118 unsigned char select_report;
4119 u64 lun;
4120 struct scsi_lun *lun_p;
4121 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4122 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4123 unsigned int wlun_cnt; /* report luns W-LUN count */
4124 unsigned int tlun_cnt; /* total LUN count */
4125 unsigned int rlen; /* response length (in bytes) */
4126 int k, j, n, res;
4127 unsigned int off_rsp = 0;
4128 const int sz_lun = sizeof(struct scsi_lun);
4129
4130 clear_luns_changed_on_target(devip);
4131
4132 select_report = cmd[2];
4133 alloc_len = get_unaligned_be32(cmd + 6);
4134
4135 if (alloc_len < 4) {
4136 pr_err("alloc len too small %d\n", alloc_len);
4137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4138 return check_condition_result;
4139 }
4140
4141 switch (select_report) {
4142 case 0: /* all LUNs apart from W-LUNs */
4143 lun_cnt = sdebug_max_luns;
4144 wlun_cnt = 0;
4145 break;
4146 case 1: /* only W-LUNs */
4147 lun_cnt = 0;
4148 wlun_cnt = 1;
4149 break;
4150 case 2: /* all LUNs */
4151 lun_cnt = sdebug_max_luns;
4152 wlun_cnt = 1;
4153 break;
4154 case 0x10: /* only administrative LUs */
4155 case 0x11: /* see SPC-5 */
4156 case 0x12: /* only subsiduary LUs owned by referenced LU */
4157 default:
4158 pr_debug("select report invalid %d\n", select_report);
4159 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4160 return check_condition_result;
4161 }
4162
4163 if (sdebug_no_lun_0 && (lun_cnt > 0))
4164 --lun_cnt;
4165
4166 tlun_cnt = lun_cnt + wlun_cnt;
4167 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4168 scsi_set_resid(scp, scsi_bufflen(scp));
4169 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4170 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4171
4172 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4173 lun = sdebug_no_lun_0 ? 1 : 0;
4174 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4175 memset(arr, 0, sizeof(arr));
4176 lun_p = (struct scsi_lun *)&arr[0];
4177 if (k == 0) {
4178 put_unaligned_be32(rlen, &arr[0]);
4179 ++lun_p;
4180 j = 1;
4181 }
4182 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4183 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4184 break;
4185 int_to_scsilun(lun++, lun_p);
4186 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4187 lun_p->scsi_lun[0] |= 0x40;
4188 }
4189 if (j < RL_BUCKET_ELEMS)
4190 break;
4191 n = j * sz_lun;
4192 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4193 if (res)
4194 return res;
4195 off_rsp += n;
4196 }
4197 if (wlun_cnt) {
4198 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4199 ++j;
4200 }
4201 if (j > 0)
4202 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4203 return res;
4204}
4205
4206static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4207{
4208 bool is_bytchk3 = false;
4209 u8 bytchk;
4210 int ret, j;
4211 u32 vnum, a_num, off;
4212 const u32 lb_size = sdebug_sector_size;
4213 u64 lba;
4214 u8 *arr;
4215 u8 *cmd = scp->cmnd;
4216 struct sdeb_store_info *sip = devip2sip(devip, true);
4217 rwlock_t *macc_lckp = &sip->macc_lck;
4218
4219 bytchk = (cmd[1] >> 1) & 0x3;
4220 if (bytchk == 0) {
4221 return 0; /* always claim internal verify okay */
4222 } else if (bytchk == 2) {
4223 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4224 return check_condition_result;
4225 } else if (bytchk == 3) {
4226 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4227 }
4228 switch (cmd[0]) {
4229 case VERIFY_16:
4230 lba = get_unaligned_be64(cmd + 2);
4231 vnum = get_unaligned_be32(cmd + 10);
4232 break;
4233 case VERIFY: /* is VERIFY(10) */
4234 lba = get_unaligned_be32(cmd + 2);
4235 vnum = get_unaligned_be16(cmd + 7);
4236 break;
4237 default:
4238 mk_sense_invalid_opcode(scp);
4239 return check_condition_result;
4240 }
4241 a_num = is_bytchk3 ? 1 : vnum;
4242 /* Treat following check like one for read (i.e. no write) access */
4243 ret = check_device_access_params(scp, lba, a_num, false);
4244 if (ret)
4245 return ret;
4246
4247 arr = kcalloc(lb_size, vnum, GFP_ATOMIC);
4248 if (!arr) {
4249 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4250 INSUFF_RES_ASCQ);
4251 return check_condition_result;
4252 }
4253 /* Not changing store, so only need read access */
4254 read_lock(macc_lckp);
4255
4256 ret = do_dout_fetch(scp, a_num, arr);
4257 if (ret == -1) {
4258 ret = DID_ERROR << 16;
4259 goto cleanup;
4260 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4261 sdev_printk(KERN_INFO, scp->device,
4262 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4263 my_name, __func__, a_num * lb_size, ret);
4264 }
4265 if (is_bytchk3) {
4266 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4267 memcpy(arr + off, arr, lb_size);
4268 }
4269 ret = 0;
4270 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4271 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4272 ret = check_condition_result;
4273 goto cleanup;
4274 }
4275cleanup:
4276 read_unlock(macc_lckp);
4277 kfree(arr);
4278 return ret;
4279}
4280
4281#define RZONES_DESC_HD 64
4282
4283/* Report zones depending on start LBA nad reporting options */
4284static int resp_report_zones(struct scsi_cmnd *scp,
4285 struct sdebug_dev_info *devip)
4286{
4287 unsigned int i, max_zones, rep_max_zones, nrz = 0;
4288 int ret = 0;
4289 u32 alloc_len, rep_opts, rep_len;
4290 bool partial;
4291 u64 lba, zs_lba;
4292 u8 *arr = NULL, *desc;
4293 u8 *cmd = scp->cmnd;
4294 struct sdeb_zone_state *zsp;
4295 struct sdeb_store_info *sip = devip2sip(devip, false);
4296 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4297
4298 if (!sdebug_dev_is_zoned(devip)) {
4299 mk_sense_invalid_opcode(scp);
4300 return check_condition_result;
4301 }
4302 zs_lba = get_unaligned_be64(cmd + 2);
4303 alloc_len = get_unaligned_be32(cmd + 10);
4304 rep_opts = cmd[14] & 0x3f;
4305 partial = cmd[14] & 0x80;
4306
4307 if (zs_lba >= sdebug_capacity) {
4308 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4309 return check_condition_result;
4310 }
4311
4312 max_zones = devip->nr_zones - (zs_lba >> devip->zsize_shift);
4313 rep_max_zones = min((alloc_len - 64) >> ilog2(RZONES_DESC_HD),
4314 max_zones);
4315
4316 arr = kcalloc(RZONES_DESC_HD, alloc_len, GFP_ATOMIC);
4317 if (!arr) {
4318 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4319 INSUFF_RES_ASCQ);
4320 return check_condition_result;
4321 }
4322
4323 read_lock(macc_lckp);
4324
4325 desc = arr + 64;
4326 for (i = 0; i < max_zones; i++) {
4327 lba = zs_lba + devip->zsize * i;
4328 if (lba > sdebug_capacity)
4329 break;
4330 zsp = zbc_zone(devip, lba);
4331 switch (rep_opts) {
4332 case 0x00:
4333 /* All zones */
4334 break;
4335 case 0x01:
4336 /* Empty zones */
4337 if (zsp->z_cond != ZC1_EMPTY)
4338 continue;
4339 break;
4340 case 0x02:
4341 /* Implicit open zones */
4342 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4343 continue;
4344 break;
4345 case 0x03:
4346 /* Explicit open zones */
4347 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4348 continue;
4349 break;
4350 case 0x04:
4351 /* Closed zones */
4352 if (zsp->z_cond != ZC4_CLOSED)
4353 continue;
4354 break;
4355 case 0x05:
4356 /* Full zones */
4357 if (zsp->z_cond != ZC5_FULL)
4358 continue;
4359 break;
4360 case 0x06:
4361 case 0x07:
4362 case 0x10:
4363 /*
4364 * Read-only, offline, reset WP recommended are
4365 * not emulated: no zones to report;
4366 */
4367 continue;
4368 case 0x11:
4369 /* non-seq-resource set */
4370 if (!zsp->z_non_seq_resource)
4371 continue;
4372 break;
4373 case 0x3f:
4374 /* Not write pointer (conventional) zones */
4375 if (!zbc_zone_is_conv(zsp))
4376 continue;
4377 break;
4378 default:
4379 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4380 INVALID_FIELD_IN_CDB, 0);
4381 ret = check_condition_result;
4382 goto fini;
4383 }
4384
4385 if (nrz < rep_max_zones) {
4386 /* Fill zone descriptor */
4387 desc[0] = zsp->z_type;
4388 desc[1] = zsp->z_cond << 4;
4389 if (zsp->z_non_seq_resource)
4390 desc[1] |= 1 << 1;
4391 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4392 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4393 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4394 desc += 64;
4395 }
4396
4397 if (partial && nrz >= rep_max_zones)
4398 break;
4399
4400 nrz++;
4401 }
4402
4403 /* Report header */
4404 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4405 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4406
4407 rep_len = (unsigned long)desc - (unsigned long)arr;
4408 ret = fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, rep_len));
4409
4410fini:
4411 read_unlock(macc_lckp);
4412 kfree(arr);
4413 return ret;
4414}
4415
4416/* Logic transplanted from tcmu-runner, file_zbc.c */
4417static void zbc_open_all(struct sdebug_dev_info *devip)
4418{
4419 struct sdeb_zone_state *zsp = &devip->zstate[0];
4420 unsigned int i;
4421
4422 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4423 if (zsp->z_cond == ZC4_CLOSED)
4424 zbc_open_zone(devip, &devip->zstate[i], true);
4425 }
4426}
4427
4428static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4429{
4430 int res = 0;
4431 u64 z_id;
4432 enum sdebug_z_cond zc;
4433 u8 *cmd = scp->cmnd;
4434 struct sdeb_zone_state *zsp;
4435 bool all = cmd[14] & 0x01;
4436 struct sdeb_store_info *sip = devip2sip(devip, false);
4437 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4438
4439 if (!sdebug_dev_is_zoned(devip)) {
4440 mk_sense_invalid_opcode(scp);
4441 return check_condition_result;
4442 }
4443
4444 write_lock(macc_lckp);
4445
4446 if (all) {
4447 /* Check if all closed zones can be open */
4448 if (devip->max_open &&
4449 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4450 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4451 INSUFF_ZONE_ASCQ);
4452 res = check_condition_result;
4453 goto fini;
4454 }
4455 /* Open all closed zones */
4456 zbc_open_all(devip);
4457 goto fini;
4458 }
4459
4460 /* Open the specified zone */
4461 z_id = get_unaligned_be64(cmd + 2);
4462 if (z_id >= sdebug_capacity) {
4463 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4464 res = check_condition_result;
4465 goto fini;
4466 }
4467
4468 zsp = zbc_zone(devip, z_id);
4469 if (z_id != zsp->z_start) {
4470 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4471 res = check_condition_result;
4472 goto fini;
4473 }
4474 if (zbc_zone_is_conv(zsp)) {
4475 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4476 res = check_condition_result;
4477 goto fini;
4478 }
4479
4480 zc = zsp->z_cond;
4481 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4482 goto fini;
4483
4484 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4485 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4486 INSUFF_ZONE_ASCQ);
4487 res = check_condition_result;
4488 goto fini;
4489 }
4490
4491 zbc_open_zone(devip, zsp, true);
4492fini:
4493 write_unlock(macc_lckp);
4494 return res;
4495}
4496
4497static void zbc_close_all(struct sdebug_dev_info *devip)
4498{
4499 unsigned int i;
4500
4501 for (i = 0; i < devip->nr_zones; i++)
4502 zbc_close_zone(devip, &devip->zstate[i]);
4503}
4504
4505static int resp_close_zone(struct scsi_cmnd *scp,
4506 struct sdebug_dev_info *devip)
4507{
4508 int res = 0;
4509 u64 z_id;
4510 u8 *cmd = scp->cmnd;
4511 struct sdeb_zone_state *zsp;
4512 bool all = cmd[14] & 0x01;
4513 struct sdeb_store_info *sip = devip2sip(devip, false);
4514 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4515
4516 if (!sdebug_dev_is_zoned(devip)) {
4517 mk_sense_invalid_opcode(scp);
4518 return check_condition_result;
4519 }
4520
4521 write_lock(macc_lckp);
4522
4523 if (all) {
4524 zbc_close_all(devip);
4525 goto fini;
4526 }
4527
4528 /* Close specified zone */
4529 z_id = get_unaligned_be64(cmd + 2);
4530 if (z_id >= sdebug_capacity) {
4531 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4532 res = check_condition_result;
4533 goto fini;
4534 }
4535
4536 zsp = zbc_zone(devip, z_id);
4537 if (z_id != zsp->z_start) {
4538 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4539 res = check_condition_result;
4540 goto fini;
4541 }
4542 if (zbc_zone_is_conv(zsp)) {
4543 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4544 res = check_condition_result;
4545 goto fini;
4546 }
4547
4548 zbc_close_zone(devip, zsp);
4549fini:
4550 write_unlock(macc_lckp);
4551 return res;
4552}
4553
4554static void zbc_finish_zone(struct sdebug_dev_info *devip,
4555 struct sdeb_zone_state *zsp, bool empty)
4556{
4557 enum sdebug_z_cond zc = zsp->z_cond;
4558
4559 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
4560 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
4561 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4562 zbc_close_zone(devip, zsp);
4563 if (zsp->z_cond == ZC4_CLOSED)
4564 devip->nr_closed--;
4565 zsp->z_wp = zsp->z_start + zsp->z_size;
4566 zsp->z_cond = ZC5_FULL;
4567 }
4568}
4569
4570static void zbc_finish_all(struct sdebug_dev_info *devip)
4571{
4572 unsigned int i;
4573
4574 for (i = 0; i < devip->nr_zones; i++)
4575 zbc_finish_zone(devip, &devip->zstate[i], false);
4576}
4577
4578static int resp_finish_zone(struct scsi_cmnd *scp,
4579 struct sdebug_dev_info *devip)
4580{
4581 struct sdeb_zone_state *zsp;
4582 int res = 0;
4583 u64 z_id;
4584 u8 *cmd = scp->cmnd;
4585 bool all = cmd[14] & 0x01;
4586 struct sdeb_store_info *sip = devip2sip(devip, false);
4587 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4588
4589 if (!sdebug_dev_is_zoned(devip)) {
4590 mk_sense_invalid_opcode(scp);
4591 return check_condition_result;
4592 }
4593
4594 write_lock(macc_lckp);
4595
4596 if (all) {
4597 zbc_finish_all(devip);
4598 goto fini;
4599 }
4600
4601 /* Finish the specified zone */
4602 z_id = get_unaligned_be64(cmd + 2);
4603 if (z_id >= sdebug_capacity) {
4604 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4605 res = check_condition_result;
4606 goto fini;
4607 }
4608
4609 zsp = zbc_zone(devip, z_id);
4610 if (z_id != zsp->z_start) {
4611 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4612 res = check_condition_result;
4613 goto fini;
4614 }
4615 if (zbc_zone_is_conv(zsp)) {
4616 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4617 res = check_condition_result;
4618 goto fini;
4619 }
4620
4621 zbc_finish_zone(devip, zsp, true);
4622fini:
4623 write_unlock(macc_lckp);
4624 return res;
4625}
4626
4627static void zbc_rwp_zone(struct sdebug_dev_info *devip,
4628 struct sdeb_zone_state *zsp)
4629{
4630 enum sdebug_z_cond zc;
4631
4632 if (zbc_zone_is_conv(zsp))
4633 return;
4634
4635 zc = zsp->z_cond;
4636 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4637 zbc_close_zone(devip, zsp);
4638
4639 if (zsp->z_cond == ZC4_CLOSED)
4640 devip->nr_closed--;
4641
4642 zsp->z_non_seq_resource = false;
4643 zsp->z_wp = zsp->z_start;
4644 zsp->z_cond = ZC1_EMPTY;
4645}
4646
4647static void zbc_rwp_all(struct sdebug_dev_info *devip)
4648{
4649 unsigned int i;
4650
4651 for (i = 0; i < devip->nr_zones; i++)
4652 zbc_rwp_zone(devip, &devip->zstate[i]);
4653}
4654
4655static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4656{
4657 struct sdeb_zone_state *zsp;
4658 int res = 0;
4659 u64 z_id;
4660 u8 *cmd = scp->cmnd;
4661 bool all = cmd[14] & 0x01;
4662 struct sdeb_store_info *sip = devip2sip(devip, false);
4663 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4664
4665 if (!sdebug_dev_is_zoned(devip)) {
4666 mk_sense_invalid_opcode(scp);
4667 return check_condition_result;
4668 }
4669
4670 write_lock(macc_lckp);
4671
4672 if (all) {
4673 zbc_rwp_all(devip);
4674 goto fini;
4675 }
4676
4677 z_id = get_unaligned_be64(cmd + 2);
4678 if (z_id >= sdebug_capacity) {
4679 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4680 res = check_condition_result;
4681 goto fini;
4682 }
4683
4684 zsp = zbc_zone(devip, z_id);
4685 if (z_id != zsp->z_start) {
4686 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4687 res = check_condition_result;
4688 goto fini;
4689 }
4690 if (zbc_zone_is_conv(zsp)) {
4691 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4692 res = check_condition_result;
4693 goto fini;
4694 }
4695
4696 zbc_rwp_zone(devip, zsp);
4697fini:
4698 write_unlock(macc_lckp);
4699 return res;
4700}
4701
4702static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
4703{
4704 u16 hwq;
4705 u32 tag = blk_mq_unique_tag(cmnd->request);
4706
4707 hwq = blk_mq_unique_tag_to_hwq(tag);
4708
4709 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
4710 if (WARN_ON_ONCE(hwq >= submit_queues))
4711 hwq = 0;
4712
4713 return sdebug_q_arr + hwq;
4714}
4715
4716static u32 get_tag(struct scsi_cmnd *cmnd)
4717{
4718 return blk_mq_unique_tag(cmnd->request);
4719}
4720
4721/* Queued (deferred) command completions converge here. */
4722static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
4723{
4724 bool aborted = sd_dp->aborted;
4725 int qc_idx;
4726 int retiring = 0;
4727 unsigned long iflags;
4728 struct sdebug_queue *sqp;
4729 struct sdebug_queued_cmd *sqcp;
4730 struct scsi_cmnd *scp;
4731 struct sdebug_dev_info *devip;
4732
4733 if (unlikely(aborted))
4734 sd_dp->aborted = false;
4735 qc_idx = sd_dp->qc_idx;
4736 sqp = sdebug_q_arr + sd_dp->sqa_idx;
4737 if (sdebug_statistics) {
4738 atomic_inc(&sdebug_completions);
4739 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
4740 atomic_inc(&sdebug_miss_cpus);
4741 }
4742 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
4743 pr_err("wild qc_idx=%d\n", qc_idx);
4744 return;
4745 }
4746 spin_lock_irqsave(&sqp->qc_lock, iflags);
4747 sd_dp->defer_t = SDEB_DEFER_NONE;
4748 sqcp = &sqp->qc_arr[qc_idx];
4749 scp = sqcp->a_cmnd;
4750 if (unlikely(scp == NULL)) {
4751 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4752 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d, hc_idx=%d\n",
4753 sd_dp->sqa_idx, qc_idx, sd_dp->hc_idx);
4754 return;
4755 }
4756 devip = (struct sdebug_dev_info *)scp->device->hostdata;
4757 if (likely(devip))
4758 atomic_dec(&devip->num_in_q);
4759 else
4760 pr_err("devip=NULL\n");
4761 if (unlikely(atomic_read(&retired_max_queue) > 0))
4762 retiring = 1;
4763
4764 sqcp->a_cmnd = NULL;
4765 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
4766 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4767 pr_err("Unexpected completion\n");
4768 return;
4769 }
4770
4771 if (unlikely(retiring)) { /* user has reduced max_queue */
4772 int k, retval;
4773
4774 retval = atomic_read(&retired_max_queue);
4775 if (qc_idx >= retval) {
4776 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4777 pr_err("index %d too large\n", retval);
4778 return;
4779 }
4780 k = find_last_bit(sqp->in_use_bm, retval);
4781 if ((k < sdebug_max_queue) || (k == retval))
4782 atomic_set(&retired_max_queue, 0);
4783 else
4784 atomic_set(&retired_max_queue, k + 1);
4785 }
4786 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4787 if (unlikely(aborted)) {
4788 if (sdebug_verbose)
4789 pr_info("bypassing scsi_done() due to aborted cmd\n");
4790 return;
4791 }
4792 scp->scsi_done(scp); /* callback to mid level */
4793}
4794
4795/* When high resolution timer goes off this function is called. */
4796static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
4797{
4798 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
4799 hrt);
4800 sdebug_q_cmd_complete(sd_dp);
4801 return HRTIMER_NORESTART;
4802}
4803
4804/* When work queue schedules work, it calls this function. */
4805static void sdebug_q_cmd_wq_complete(struct work_struct *work)
4806{
4807 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
4808 ew.work);
4809 sdebug_q_cmd_complete(sd_dp);
4810}
4811
4812static bool got_shared_uuid;
4813static uuid_t shared_uuid;
4814
4815static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
4816{
4817 struct sdeb_zone_state *zsp;
4818 sector_t capacity = get_sdebug_capacity();
4819 sector_t zstart = 0;
4820 unsigned int i;
4821
4822 /*
4823 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
4824 * a zone size allowing for at least 4 zones on the device. Otherwise,
4825 * use the specified zone size checking that at least 2 zones can be
4826 * created for the device.
4827 */
4828 if (!sdeb_zbc_zone_size_mb) {
4829 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
4830 >> ilog2(sdebug_sector_size);
4831 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
4832 devip->zsize >>= 1;
4833 if (devip->zsize < 2) {
4834 pr_err("Device capacity too small\n");
4835 return -EINVAL;
4836 }
4837 } else {
4838 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
4839 pr_err("Zone size is not a power of 2\n");
4840 return -EINVAL;
4841 }
4842 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
4843 >> ilog2(sdebug_sector_size);
4844 if (devip->zsize >= capacity) {
4845 pr_err("Zone size too large for device capacity\n");
4846 return -EINVAL;
4847 }
4848 }
4849
4850 devip->zsize_shift = ilog2(devip->zsize);
4851 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
4852
4853 if (sdeb_zbc_nr_conv >= devip->nr_zones) {
4854 pr_err("Number of conventional zones too large\n");
4855 return -EINVAL;
4856 }
4857 devip->nr_conv_zones = sdeb_zbc_nr_conv;
4858
4859 if (devip->zmodel == BLK_ZONED_HM) {
4860 /* zbc_max_open_zones can be 0, meaning "not reported" */
4861 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
4862 devip->max_open = (devip->nr_zones - 1) / 2;
4863 else
4864 devip->max_open = sdeb_zbc_max_open;
4865 }
4866
4867 devip->zstate = kcalloc(devip->nr_zones,
4868 sizeof(struct sdeb_zone_state), GFP_KERNEL);
4869 if (!devip->zstate)
4870 return -ENOMEM;
4871
4872 for (i = 0; i < devip->nr_zones; i++) {
4873 zsp = &devip->zstate[i];
4874
4875 zsp->z_start = zstart;
4876
4877 if (i < devip->nr_conv_zones) {
4878 zsp->z_type = ZBC_ZONE_TYPE_CNV;
4879 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
4880 zsp->z_wp = (sector_t)-1;
4881 } else {
4882 if (devip->zmodel == BLK_ZONED_HM)
4883 zsp->z_type = ZBC_ZONE_TYPE_SWR;
4884 else
4885 zsp->z_type = ZBC_ZONE_TYPE_SWP;
4886 zsp->z_cond = ZC1_EMPTY;
4887 zsp->z_wp = zsp->z_start;
4888 }
4889
4890 if (zsp->z_start + devip->zsize < capacity)
4891 zsp->z_size = devip->zsize;
4892 else
4893 zsp->z_size = capacity - zsp->z_start;
4894
4895 zstart += zsp->z_size;
4896 }
4897
4898 return 0;
4899}
4900
4901static struct sdebug_dev_info *sdebug_device_create(
4902 struct sdebug_host_info *sdbg_host, gfp_t flags)
4903{
4904 struct sdebug_dev_info *devip;
4905
4906 devip = kzalloc(sizeof(*devip), flags);
4907 if (devip) {
4908 if (sdebug_uuid_ctl == 1)
4909 uuid_gen(&devip->lu_name);
4910 else if (sdebug_uuid_ctl == 2) {
4911 if (got_shared_uuid)
4912 devip->lu_name = shared_uuid;
4913 else {
4914 uuid_gen(&shared_uuid);
4915 got_shared_uuid = true;
4916 devip->lu_name = shared_uuid;
4917 }
4918 }
4919 devip->sdbg_host = sdbg_host;
4920 if (sdeb_zbc_in_use) {
4921 devip->zmodel = sdeb_zbc_model;
4922 if (sdebug_device_create_zones(devip)) {
4923 kfree(devip);
4924 return NULL;
4925 }
4926 } else {
4927 devip->zmodel = BLK_ZONED_NONE;
4928 }
4929 devip->sdbg_host = sdbg_host;
4930 devip->create_ts = ktime_get_boottime();
4931 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
4932 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
4933 }
4934 return devip;
4935}
4936
4937static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
4938{
4939 struct sdebug_host_info *sdbg_host;
4940 struct sdebug_dev_info *open_devip = NULL;
4941 struct sdebug_dev_info *devip;
4942
4943 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
4944 if (!sdbg_host) {
4945 pr_err("Host info NULL\n");
4946 return NULL;
4947 }
4948
4949 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
4950 if ((devip->used) && (devip->channel == sdev->channel) &&
4951 (devip->target == sdev->id) &&
4952 (devip->lun == sdev->lun))
4953 return devip;
4954 else {
4955 if ((!devip->used) && (!open_devip))
4956 open_devip = devip;
4957 }
4958 }
4959 if (!open_devip) { /* try and make a new one */
4960 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
4961 if (!open_devip) {
4962 pr_err("out of memory at line %d\n", __LINE__);
4963 return NULL;
4964 }
4965 }
4966
4967 open_devip->channel = sdev->channel;
4968 open_devip->target = sdev->id;
4969 open_devip->lun = sdev->lun;
4970 open_devip->sdbg_host = sdbg_host;
4971 atomic_set(&open_devip->num_in_q, 0);
4972 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
4973 open_devip->used = true;
4974 return open_devip;
4975}
4976
4977static int scsi_debug_slave_alloc(struct scsi_device *sdp)
4978{
4979 if (sdebug_verbose)
4980 pr_info("slave_alloc <%u %u %u %llu>\n",
4981 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4982 return 0;
4983}
4984
4985static int scsi_debug_slave_configure(struct scsi_device *sdp)
4986{
4987 struct sdebug_dev_info *devip =
4988 (struct sdebug_dev_info *)sdp->hostdata;
4989
4990 if (sdebug_verbose)
4991 pr_info("slave_configure <%u %u %u %llu>\n",
4992 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4993 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
4994 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
4995 if (devip == NULL) {
4996 devip = find_build_dev_info(sdp);
4997 if (devip == NULL)
4998 return 1; /* no resources, will be marked offline */
4999 }
5000 sdp->hostdata = devip;
5001 if (sdebug_no_uld)
5002 sdp->no_uld_attach = 1;
5003 config_cdb_len(sdp);
5004 return 0;
5005}
5006
5007static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5008{
5009 struct sdebug_dev_info *devip =
5010 (struct sdebug_dev_info *)sdp->hostdata;
5011
5012 if (sdebug_verbose)
5013 pr_info("slave_destroy <%u %u %u %llu>\n",
5014 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5015 if (devip) {
5016 /* make this slot available for re-use */
5017 devip->used = false;
5018 sdp->hostdata = NULL;
5019 }
5020}
5021
5022static void stop_qc_helper(struct sdebug_defer *sd_dp,
5023 enum sdeb_defer_type defer_t)
5024{
5025 if (!sd_dp)
5026 return;
5027 if (defer_t == SDEB_DEFER_HRT)
5028 hrtimer_cancel(&sd_dp->hrt);
5029 else if (defer_t == SDEB_DEFER_WQ)
5030 cancel_work_sync(&sd_dp->ew.work);
5031}
5032
5033/* If @cmnd found deletes its timer or work queue and returns true; else
5034 returns false */
5035static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
5036{
5037 unsigned long iflags;
5038 int j, k, qmax, r_qmax;
5039 enum sdeb_defer_type l_defer_t;
5040 struct sdebug_queue *sqp;
5041 struct sdebug_queued_cmd *sqcp;
5042 struct sdebug_dev_info *devip;
5043 struct sdebug_defer *sd_dp;
5044
5045 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5046 spin_lock_irqsave(&sqp->qc_lock, iflags);
5047 qmax = sdebug_max_queue;
5048 r_qmax = atomic_read(&retired_max_queue);
5049 if (r_qmax > qmax)
5050 qmax = r_qmax;
5051 for (k = 0; k < qmax; ++k) {
5052 if (test_bit(k, sqp->in_use_bm)) {
5053 sqcp = &sqp->qc_arr[k];
5054 if (cmnd != sqcp->a_cmnd)
5055 continue;
5056 /* found */
5057 devip = (struct sdebug_dev_info *)
5058 cmnd->device->hostdata;
5059 if (devip)
5060 atomic_dec(&devip->num_in_q);
5061 sqcp->a_cmnd = NULL;
5062 sd_dp = sqcp->sd_dp;
5063 if (sd_dp) {
5064 l_defer_t = sd_dp->defer_t;
5065 sd_dp->defer_t = SDEB_DEFER_NONE;
5066 } else
5067 l_defer_t = SDEB_DEFER_NONE;
5068 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5069 stop_qc_helper(sd_dp, l_defer_t);
5070 clear_bit(k, sqp->in_use_bm);
5071 return true;
5072 }
5073 }
5074 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5075 }
5076 return false;
5077}
5078
5079/* Deletes (stops) timers or work queues of all queued commands */
5080static void stop_all_queued(void)
5081{
5082 unsigned long iflags;
5083 int j, k;
5084 enum sdeb_defer_type l_defer_t;
5085 struct sdebug_queue *sqp;
5086 struct sdebug_queued_cmd *sqcp;
5087 struct sdebug_dev_info *devip;
5088 struct sdebug_defer *sd_dp;
5089
5090 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5091 spin_lock_irqsave(&sqp->qc_lock, iflags);
5092 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5093 if (test_bit(k, sqp->in_use_bm)) {
5094 sqcp = &sqp->qc_arr[k];
5095 if (sqcp->a_cmnd == NULL)
5096 continue;
5097 devip = (struct sdebug_dev_info *)
5098 sqcp->a_cmnd->device->hostdata;
5099 if (devip)
5100 atomic_dec(&devip->num_in_q);
5101 sqcp->a_cmnd = NULL;
5102 sd_dp = sqcp->sd_dp;
5103 if (sd_dp) {
5104 l_defer_t = sd_dp->defer_t;
5105 sd_dp->defer_t = SDEB_DEFER_NONE;
5106 } else
5107 l_defer_t = SDEB_DEFER_NONE;
5108 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5109 stop_qc_helper(sd_dp, l_defer_t);
5110 clear_bit(k, sqp->in_use_bm);
5111 spin_lock_irqsave(&sqp->qc_lock, iflags);
5112 }
5113 }
5114 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5115 }
5116}
5117
5118/* Free queued command memory on heap */
5119static void free_all_queued(void)
5120{
5121 int j, k;
5122 struct sdebug_queue *sqp;
5123 struct sdebug_queued_cmd *sqcp;
5124
5125 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5126 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5127 sqcp = &sqp->qc_arr[k];
5128 kfree(sqcp->sd_dp);
5129 sqcp->sd_dp = NULL;
5130 }
5131 }
5132}
5133
5134static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5135{
5136 bool ok;
5137
5138 ++num_aborts;
5139 if (SCpnt) {
5140 ok = stop_queued_cmnd(SCpnt);
5141 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5142 sdev_printk(KERN_INFO, SCpnt->device,
5143 "%s: command%s found\n", __func__,
5144 ok ? "" : " not");
5145 }
5146 return SUCCESS;
5147}
5148
5149static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5150{
5151 ++num_dev_resets;
5152 if (SCpnt && SCpnt->device) {
5153 struct scsi_device *sdp = SCpnt->device;
5154 struct sdebug_dev_info *devip =
5155 (struct sdebug_dev_info *)sdp->hostdata;
5156
5157 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5158 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5159 if (devip)
5160 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5161 }
5162 return SUCCESS;
5163}
5164
5165static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5166{
5167 struct sdebug_host_info *sdbg_host;
5168 struct sdebug_dev_info *devip;
5169 struct scsi_device *sdp;
5170 struct Scsi_Host *hp;
5171 int k = 0;
5172
5173 ++num_target_resets;
5174 if (!SCpnt)
5175 goto lie;
5176 sdp = SCpnt->device;
5177 if (!sdp)
5178 goto lie;
5179 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5180 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5181 hp = sdp->host;
5182 if (!hp)
5183 goto lie;
5184 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5185 if (sdbg_host) {
5186 list_for_each_entry(devip,
5187 &sdbg_host->dev_info_list,
5188 dev_list)
5189 if (devip->target == sdp->id) {
5190 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5191 ++k;
5192 }
5193 }
5194 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5195 sdev_printk(KERN_INFO, sdp,
5196 "%s: %d device(s) found in target\n", __func__, k);
5197lie:
5198 return SUCCESS;
5199}
5200
5201static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5202{
5203 struct sdebug_host_info *sdbg_host;
5204 struct sdebug_dev_info *devip;
5205 struct scsi_device *sdp;
5206 struct Scsi_Host *hp;
5207 int k = 0;
5208
5209 ++num_bus_resets;
5210 if (!(SCpnt && SCpnt->device))
5211 goto lie;
5212 sdp = SCpnt->device;
5213 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5214 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5215 hp = sdp->host;
5216 if (hp) {
5217 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5218 if (sdbg_host) {
5219 list_for_each_entry(devip,
5220 &sdbg_host->dev_info_list,
5221 dev_list) {
5222 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5223 ++k;
5224 }
5225 }
5226 }
5227 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5228 sdev_printk(KERN_INFO, sdp,
5229 "%s: %d device(s) found in host\n", __func__, k);
5230lie:
5231 return SUCCESS;
5232}
5233
5234static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5235{
5236 struct sdebug_host_info *sdbg_host;
5237 struct sdebug_dev_info *devip;
5238 int k = 0;
5239
5240 ++num_host_resets;
5241 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5242 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5243 spin_lock(&sdebug_host_list_lock);
5244 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5245 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5246 dev_list) {
5247 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5248 ++k;
5249 }
5250 }
5251 spin_unlock(&sdebug_host_list_lock);
5252 stop_all_queued();
5253 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5254 sdev_printk(KERN_INFO, SCpnt->device,
5255 "%s: %d device(s) found\n", __func__, k);
5256 return SUCCESS;
5257}
5258
5259static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5260{
5261 struct msdos_partition *pp;
5262 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5263 int sectors_per_part, num_sectors, k;
5264 int heads_by_sects, start_sec, end_sec;
5265
5266 /* assume partition table already zeroed */
5267 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5268 return;
5269 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5270 sdebug_num_parts = SDEBUG_MAX_PARTS;
5271 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5272 }
5273 num_sectors = (int)get_sdebug_capacity();
5274 sectors_per_part = (num_sectors - sdebug_sectors_per)
5275 / sdebug_num_parts;
5276 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5277 starts[0] = sdebug_sectors_per;
5278 max_part_secs = sectors_per_part;
5279 for (k = 1; k < sdebug_num_parts; ++k) {
5280 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5281 * heads_by_sects;
5282 if (starts[k] - starts[k - 1] < max_part_secs)
5283 max_part_secs = starts[k] - starts[k - 1];
5284 }
5285 starts[sdebug_num_parts] = num_sectors;
5286 starts[sdebug_num_parts + 1] = 0;
5287
5288 ramp[510] = 0x55; /* magic partition markings */
5289 ramp[511] = 0xAA;
5290 pp = (struct msdos_partition *)(ramp + 0x1be);
5291 for (k = 0; starts[k + 1]; ++k, ++pp) {
5292 start_sec = starts[k];
5293 end_sec = starts[k] + max_part_secs - 1;
5294 pp->boot_ind = 0;
5295
5296 pp->cyl = start_sec / heads_by_sects;
5297 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5298 / sdebug_sectors_per;
5299 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5300
5301 pp->end_cyl = end_sec / heads_by_sects;
5302 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5303 / sdebug_sectors_per;
5304 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5305
5306 pp->start_sect = cpu_to_le32(start_sec);
5307 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5308 pp->sys_ind = 0x83; /* plain Linux partition */
5309 }
5310}
5311
5312static void block_unblock_all_queues(bool block)
5313{
5314 int j;
5315 struct sdebug_queue *sqp;
5316
5317 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
5318 atomic_set(&sqp->blocked, (int)block);
5319}
5320
5321/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5322 * commands will be processed normally before triggers occur.
5323 */
5324static void tweak_cmnd_count(void)
5325{
5326 int count, modulo;
5327
5328 modulo = abs(sdebug_every_nth);
5329 if (modulo < 2)
5330 return;
5331 block_unblock_all_queues(true);
5332 count = atomic_read(&sdebug_cmnd_count);
5333 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5334 block_unblock_all_queues(false);
5335}
5336
5337static void clear_queue_stats(void)
5338{
5339 atomic_set(&sdebug_cmnd_count, 0);
5340 atomic_set(&sdebug_completions, 0);
5341 atomic_set(&sdebug_miss_cpus, 0);
5342 atomic_set(&sdebug_a_tsf, 0);
5343}
5344
5345static bool inject_on_this_cmd(void)
5346{
5347 if (sdebug_every_nth == 0)
5348 return false;
5349 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5350}
5351
5352#define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5353
5354/* Complete the processing of the thread that queued a SCSI command to this
5355 * driver. It either completes the command by calling cmnd_done() or
5356 * schedules a hr timer or work queue then returns 0. Returns
5357 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5358 */
5359static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5360 int scsi_result,
5361 int (*pfp)(struct scsi_cmnd *,
5362 struct sdebug_dev_info *),
5363 int delta_jiff, int ndelay)
5364{
5365 bool new_sd_dp;
5366 bool inject = false;
5367 bool hipri = (cmnd->request->cmd_flags & REQ_HIPRI);
5368 int k, num_in_q, qdepth;
5369 unsigned long iflags;
5370 u64 ns_from_boot = 0;
5371 struct sdebug_queue *sqp;
5372 struct sdebug_queued_cmd *sqcp;
5373 struct scsi_device *sdp;
5374 struct sdebug_defer *sd_dp;
5375
5376 if (unlikely(devip == NULL)) {
5377 if (scsi_result == 0)
5378 scsi_result = DID_NO_CONNECT << 16;
5379 goto respond_in_thread;
5380 }
5381 sdp = cmnd->device;
5382
5383 if (delta_jiff == 0)
5384 goto respond_in_thread;
5385
5386 sqp = get_queue(cmnd);
5387 spin_lock_irqsave(&sqp->qc_lock, iflags);
5388 if (unlikely(atomic_read(&sqp->blocked))) {
5389 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5390 return SCSI_MLQUEUE_HOST_BUSY;
5391 }
5392 num_in_q = atomic_read(&devip->num_in_q);
5393 qdepth = cmnd->device->queue_depth;
5394 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
5395 if (scsi_result) {
5396 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5397 goto respond_in_thread;
5398 } else
5399 scsi_result = device_qfull_result;
5400 } else if (unlikely(sdebug_every_nth &&
5401 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5402 (scsi_result == 0))) {
5403 if ((num_in_q == (qdepth - 1)) &&
5404 (atomic_inc_return(&sdebug_a_tsf) >=
5405 abs(sdebug_every_nth))) {
5406 atomic_set(&sdebug_a_tsf, 0);
5407 inject = true;
5408 scsi_result = device_qfull_result;
5409 }
5410 }
5411
5412 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
5413 if (unlikely(k >= sdebug_max_queue)) {
5414 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5415 if (scsi_result)
5416 goto respond_in_thread;
5417 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
5418 scsi_result = device_qfull_result;
5419 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
5420 sdev_printk(KERN_INFO, sdp,
5421 "%s: max_queue=%d exceeded, %s\n",
5422 __func__, sdebug_max_queue,
5423 (scsi_result ? "status: TASK SET FULL" :
5424 "report: host busy"));
5425 if (scsi_result)
5426 goto respond_in_thread;
5427 else
5428 return SCSI_MLQUEUE_HOST_BUSY;
5429 }
5430 set_bit(k, sqp->in_use_bm);
5431 atomic_inc(&devip->num_in_q);
5432 sqcp = &sqp->qc_arr[k];
5433 sqcp->a_cmnd = cmnd;
5434 cmnd->host_scribble = (unsigned char *)sqcp;
5435 sd_dp = sqcp->sd_dp;
5436 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5437
5438 if (!sd_dp) {
5439 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
5440 if (!sd_dp) {
5441 atomic_dec(&devip->num_in_q);
5442 clear_bit(k, sqp->in_use_bm);
5443 return SCSI_MLQUEUE_HOST_BUSY;
5444 }
5445 new_sd_dp = true;
5446 } else {
5447 new_sd_dp = false;
5448 }
5449
5450 /* Set the hostwide tag */
5451 if (sdebug_host_max_queue)
5452 sd_dp->hc_idx = get_tag(cmnd);
5453
5454 if (hipri)
5455 ns_from_boot = ktime_get_boottime_ns();
5456
5457 /* one of the resp_*() response functions is called here */
5458 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
5459 if (cmnd->result & SDEG_RES_IMMED_MASK) {
5460 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5461 delta_jiff = ndelay = 0;
5462 }
5463 if (cmnd->result == 0 && scsi_result != 0)
5464 cmnd->result = scsi_result;
5465 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
5466 if (atomic_read(&sdeb_inject_pending)) {
5467 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
5468 atomic_set(&sdeb_inject_pending, 0);
5469 cmnd->result = check_condition_result;
5470 }
5471 }
5472
5473 if (unlikely(sdebug_verbose && cmnd->result))
5474 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
5475 __func__, cmnd->result);
5476
5477 if (delta_jiff > 0 || ndelay > 0) {
5478 ktime_t kt;
5479
5480 if (delta_jiff > 0) {
5481 u64 ns = jiffies_to_nsecs(delta_jiff);
5482
5483 if (sdebug_random && ns < U32_MAX) {
5484 ns = prandom_u32_max((u32)ns);
5485 } else if (sdebug_random) {
5486 ns >>= 12; /* scale to 4 usec precision */
5487 if (ns < U32_MAX) /* over 4 hours max */
5488 ns = prandom_u32_max((u32)ns);
5489 ns <<= 12;
5490 }
5491 kt = ns_to_ktime(ns);
5492 } else { /* ndelay has a 4.2 second max */
5493 kt = sdebug_random ? prandom_u32_max((u32)ndelay) :
5494 (u32)ndelay;
5495 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
5496 u64 d = ktime_get_boottime_ns() - ns_from_boot;
5497
5498 if (kt <= d) { /* elapsed duration >= kt */
5499 spin_lock_irqsave(&sqp->qc_lock, iflags);
5500 sqcp->a_cmnd = NULL;
5501 atomic_dec(&devip->num_in_q);
5502 clear_bit(k, sqp->in_use_bm);
5503 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5504 if (new_sd_dp)
5505 kfree(sd_dp);
5506 /* call scsi_done() from this thread */
5507 cmnd->scsi_done(cmnd);
5508 return 0;
5509 }
5510 /* otherwise reduce kt by elapsed time */
5511 kt -= d;
5512 }
5513 }
5514 if (hipri) {
5515 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
5516 spin_lock_irqsave(&sqp->qc_lock, iflags);
5517 if (!sd_dp->init_poll) {
5518 sd_dp->init_poll = true;
5519 sqcp->sd_dp = sd_dp;
5520 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5521 sd_dp->qc_idx = k;
5522 }
5523 sd_dp->defer_t = SDEB_DEFER_POLL;
5524 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5525 } else {
5526 if (!sd_dp->init_hrt) {
5527 sd_dp->init_hrt = true;
5528 sqcp->sd_dp = sd_dp;
5529 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
5530 HRTIMER_MODE_REL_PINNED);
5531 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5532 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5533 sd_dp->qc_idx = k;
5534 }
5535 sd_dp->defer_t = SDEB_DEFER_HRT;
5536 /* schedule the invocation of scsi_done() for a later time */
5537 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
5538 }
5539 if (sdebug_statistics)
5540 sd_dp->issuing_cpu = raw_smp_processor_id();
5541 } else { /* jdelay < 0, use work queue */
5542 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5543 atomic_read(&sdeb_inject_pending)))
5544 sd_dp->aborted = true;
5545 if (hipri) {
5546 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
5547 spin_lock_irqsave(&sqp->qc_lock, iflags);
5548 if (!sd_dp->init_poll) {
5549 sd_dp->init_poll = true;
5550 sqcp->sd_dp = sd_dp;
5551 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5552 sd_dp->qc_idx = k;
5553 }
5554 sd_dp->defer_t = SDEB_DEFER_POLL;
5555 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5556 } else {
5557 if (!sd_dp->init_wq) {
5558 sd_dp->init_wq = true;
5559 sqcp->sd_dp = sd_dp;
5560 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5561 sd_dp->qc_idx = k;
5562 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5563 }
5564 sd_dp->defer_t = SDEB_DEFER_WQ;
5565 schedule_work(&sd_dp->ew.work);
5566 }
5567 if (sdebug_statistics)
5568 sd_dp->issuing_cpu = raw_smp_processor_id();
5569 if (unlikely(sd_dp->aborted)) {
5570 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n", cmnd->request->tag);
5571 blk_abort_request(cmnd->request);
5572 atomic_set(&sdeb_inject_pending, 0);
5573 sd_dp->aborted = false;
5574 }
5575 }
5576 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && scsi_result == device_qfull_result))
5577 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, %s%s\n", __func__,
5578 num_in_q, (inject ? "<inject> " : ""), "status: TASK SET FULL");
5579 return 0;
5580
5581respond_in_thread: /* call back to mid-layer using invocation thread */
5582 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
5583 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5584 if (cmnd->result == 0 && scsi_result != 0)
5585 cmnd->result = scsi_result;
5586 cmnd->scsi_done(cmnd);
5587 return 0;
5588}
5589
5590/* Note: The following macros create attribute files in the
5591 /sys/module/scsi_debug/parameters directory. Unfortunately this
5592 driver is unaware of a change and cannot trigger auxiliary actions
5593 as it can when the corresponding attribute in the
5594 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
5595 */
5596module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
5597module_param_named(ato, sdebug_ato, int, S_IRUGO);
5598module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
5599module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
5600module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
5601module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
5602module_param_named(dif, sdebug_dif, int, S_IRUGO);
5603module_param_named(dix, sdebug_dix, int, S_IRUGO);
5604module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
5605module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
5606module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
5607module_param_named(guard, sdebug_guard, uint, S_IRUGO);
5608module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
5609module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
5610module_param_string(inq_product, sdebug_inq_product_id,
5611 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
5612module_param_string(inq_rev, sdebug_inq_product_rev,
5613 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
5614module_param_string(inq_vendor, sdebug_inq_vendor_id,
5615 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
5616module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
5617module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
5618module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
5619module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
5620module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
5621module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
5622module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
5623module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
5624module_param_named(medium_error_count, sdebug_medium_error_count, int,
5625 S_IRUGO | S_IWUSR);
5626module_param_named(medium_error_start, sdebug_medium_error_start, int,
5627 S_IRUGO | S_IWUSR);
5628module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
5629module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
5630module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
5631module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
5632module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
5633module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
5634module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
5635module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
5636module_param_named(per_host_store, sdebug_per_host_store, bool,
5637 S_IRUGO | S_IWUSR);
5638module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
5639module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
5640module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
5641module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
5642module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
5643module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
5644module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
5645module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
5646module_param_named(submit_queues, submit_queues, int, S_IRUGO);
5647module_param_named(poll_queues, poll_queues, int, S_IRUGO);
5648module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
5649module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
5650module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
5651module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
5652module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
5653module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
5654module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
5655module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
5656 S_IRUGO | S_IWUSR);
5657module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
5658module_param_named(write_same_length, sdebug_write_same_length, int,
5659 S_IRUGO | S_IWUSR);
5660module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
5661module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
5662module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
5663module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
5664
5665MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
5666MODULE_DESCRIPTION("SCSI debug adapter driver");
5667MODULE_LICENSE("GPL");
5668MODULE_VERSION(SDEBUG_VERSION);
5669
5670MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
5671MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
5672MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
5673MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
5674MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
5675MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
5676MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
5677MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
5678MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
5679MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
5680MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
5681MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
5682MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
5683MODULE_PARM_DESC(host_max_queue,
5684 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
5685MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
5686MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
5687 SDEBUG_VERSION "\")");
5688MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
5689MODULE_PARM_DESC(lbprz,
5690 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
5691MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
5692MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
5693MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
5694MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
5695MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
5696MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
5697MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
5698MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
5699MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
5700MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
5701MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
5702MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
5703MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
5704MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
5705MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
5706MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
5707MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
5708MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
5709MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
5710MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
5711MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
5712MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
5713MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
5714MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
5715MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
5716MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
5717MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
5718MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
5719MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
5720MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
5721MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
5722MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
5723MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
5724MODULE_PARM_DESC(uuid_ctl,
5725 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
5726MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
5727MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
5728MODULE_PARM_DESC(wp, "Write Protect (def=0)");
5729MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
5730MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
5731MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
5732MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
5733MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
5734
5735#define SDEBUG_INFO_LEN 256
5736static char sdebug_info[SDEBUG_INFO_LEN];
5737
5738static const char *scsi_debug_info(struct Scsi_Host *shp)
5739{
5740 int k;
5741
5742 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
5743 my_name, SDEBUG_VERSION, sdebug_version_date);
5744 if (k >= (SDEBUG_INFO_LEN - 1))
5745 return sdebug_info;
5746 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
5747 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
5748 sdebug_dev_size_mb, sdebug_opts, submit_queues,
5749 "statistics", (int)sdebug_statistics);
5750 return sdebug_info;
5751}
5752
5753/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
5754static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
5755 int length)
5756{
5757 char arr[16];
5758 int opts;
5759 int minLen = length > 15 ? 15 : length;
5760
5761 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
5762 return -EACCES;
5763 memcpy(arr, buffer, minLen);
5764 arr[minLen] = '\0';
5765 if (1 != sscanf(arr, "%d", &opts))
5766 return -EINVAL;
5767 sdebug_opts = opts;
5768 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5769 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5770 if (sdebug_every_nth != 0)
5771 tweak_cmnd_count();
5772 return length;
5773}
5774
5775/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
5776 * same for each scsi_debug host (if more than one). Some of the counters
5777 * output are not atomics so might be inaccurate in a busy system. */
5778static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
5779{
5780 int f, j, l;
5781 struct sdebug_queue *sqp;
5782 struct sdebug_host_info *sdhp;
5783
5784 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
5785 SDEBUG_VERSION, sdebug_version_date);
5786 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
5787 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
5788 sdebug_opts, sdebug_every_nth);
5789 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
5790 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
5791 sdebug_sector_size, "bytes");
5792 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
5793 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
5794 num_aborts);
5795 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
5796 num_dev_resets, num_target_resets, num_bus_resets,
5797 num_host_resets);
5798 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
5799 dix_reads, dix_writes, dif_errors);
5800 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
5801 sdebug_statistics);
5802 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
5803 atomic_read(&sdebug_cmnd_count),
5804 atomic_read(&sdebug_completions),
5805 "miss_cpus", atomic_read(&sdebug_miss_cpus),
5806 atomic_read(&sdebug_a_tsf),
5807 atomic_read(&sdeb_mq_poll_count));
5808
5809 seq_printf(m, "submit_queues=%d\n", submit_queues);
5810 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5811 seq_printf(m, " queue %d:\n", j);
5812 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
5813 if (f != sdebug_max_queue) {
5814 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
5815 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
5816 "first,last bits", f, l);
5817 }
5818 }
5819
5820 seq_printf(m, "this host_no=%d\n", host->host_no);
5821 if (!xa_empty(per_store_ap)) {
5822 bool niu;
5823 int idx;
5824 unsigned long l_idx;
5825 struct sdeb_store_info *sip;
5826
5827 seq_puts(m, "\nhost list:\n");
5828 j = 0;
5829 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
5830 idx = sdhp->si_idx;
5831 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
5832 sdhp->shost->host_no, idx);
5833 ++j;
5834 }
5835 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
5836 sdeb_most_recent_idx);
5837 j = 0;
5838 xa_for_each(per_store_ap, l_idx, sip) {
5839 niu = xa_get_mark(per_store_ap, l_idx,
5840 SDEB_XA_NOT_IN_USE);
5841 idx = (int)l_idx;
5842 seq_printf(m, " %d: idx=%d%s\n", j, idx,
5843 (niu ? " not_in_use" : ""));
5844 ++j;
5845 }
5846 }
5847 return 0;
5848}
5849
5850static ssize_t delay_show(struct device_driver *ddp, char *buf)
5851{
5852 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
5853}
5854/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
5855 * of delay is jiffies.
5856 */
5857static ssize_t delay_store(struct device_driver *ddp, const char *buf,
5858 size_t count)
5859{
5860 int jdelay, res;
5861
5862 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
5863 res = count;
5864 if (sdebug_jdelay != jdelay) {
5865 int j, k;
5866 struct sdebug_queue *sqp;
5867
5868 block_unblock_all_queues(true);
5869 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5870 ++j, ++sqp) {
5871 k = find_first_bit(sqp->in_use_bm,
5872 sdebug_max_queue);
5873 if (k != sdebug_max_queue) {
5874 res = -EBUSY; /* queued commands */
5875 break;
5876 }
5877 }
5878 if (res > 0) {
5879 sdebug_jdelay = jdelay;
5880 sdebug_ndelay = 0;
5881 }
5882 block_unblock_all_queues(false);
5883 }
5884 return res;
5885 }
5886 return -EINVAL;
5887}
5888static DRIVER_ATTR_RW(delay);
5889
5890static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
5891{
5892 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
5893}
5894/* Returns -EBUSY if ndelay is being changed and commands are queued */
5895/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
5896static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
5897 size_t count)
5898{
5899 int ndelay, res;
5900
5901 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
5902 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
5903 res = count;
5904 if (sdebug_ndelay != ndelay) {
5905 int j, k;
5906 struct sdebug_queue *sqp;
5907
5908 block_unblock_all_queues(true);
5909 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5910 ++j, ++sqp) {
5911 k = find_first_bit(sqp->in_use_bm,
5912 sdebug_max_queue);
5913 if (k != sdebug_max_queue) {
5914 res = -EBUSY; /* queued commands */
5915 break;
5916 }
5917 }
5918 if (res > 0) {
5919 sdebug_ndelay = ndelay;
5920 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
5921 : DEF_JDELAY;
5922 }
5923 block_unblock_all_queues(false);
5924 }
5925 return res;
5926 }
5927 return -EINVAL;
5928}
5929static DRIVER_ATTR_RW(ndelay);
5930
5931static ssize_t opts_show(struct device_driver *ddp, char *buf)
5932{
5933 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
5934}
5935
5936static ssize_t opts_store(struct device_driver *ddp, const char *buf,
5937 size_t count)
5938{
5939 int opts;
5940 char work[20];
5941
5942 if (sscanf(buf, "%10s", work) == 1) {
5943 if (strncasecmp(work, "0x", 2) == 0) {
5944 if (kstrtoint(work + 2, 16, &opts) == 0)
5945 goto opts_done;
5946 } else {
5947 if (kstrtoint(work, 10, &opts) == 0)
5948 goto opts_done;
5949 }
5950 }
5951 return -EINVAL;
5952opts_done:
5953 sdebug_opts = opts;
5954 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5955 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5956 tweak_cmnd_count();
5957 return count;
5958}
5959static DRIVER_ATTR_RW(opts);
5960
5961static ssize_t ptype_show(struct device_driver *ddp, char *buf)
5962{
5963 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
5964}
5965static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
5966 size_t count)
5967{
5968 int n;
5969
5970 /* Cannot change from or to TYPE_ZBC with sysfs */
5971 if (sdebug_ptype == TYPE_ZBC)
5972 return -EINVAL;
5973
5974 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5975 if (n == TYPE_ZBC)
5976 return -EINVAL;
5977 sdebug_ptype = n;
5978 return count;
5979 }
5980 return -EINVAL;
5981}
5982static DRIVER_ATTR_RW(ptype);
5983
5984static ssize_t dsense_show(struct device_driver *ddp, char *buf)
5985{
5986 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
5987}
5988static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
5989 size_t count)
5990{
5991 int n;
5992
5993 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5994 sdebug_dsense = n;
5995 return count;
5996 }
5997 return -EINVAL;
5998}
5999static DRIVER_ATTR_RW(dsense);
6000
6001static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
6002{
6003 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
6004}
6005static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
6006 size_t count)
6007{
6008 int n, idx;
6009
6010 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6011 bool want_store = (n == 0);
6012 struct sdebug_host_info *sdhp;
6013
6014 n = (n > 0);
6015 sdebug_fake_rw = (sdebug_fake_rw > 0);
6016 if (sdebug_fake_rw == n)
6017 return count; /* not transitioning so do nothing */
6018
6019 if (want_store) { /* 1 --> 0 transition, set up store */
6020 if (sdeb_first_idx < 0) {
6021 idx = sdebug_add_store();
6022 if (idx < 0)
6023 return idx;
6024 } else {
6025 idx = sdeb_first_idx;
6026 xa_clear_mark(per_store_ap, idx,
6027 SDEB_XA_NOT_IN_USE);
6028 }
6029 /* make all hosts use same store */
6030 list_for_each_entry(sdhp, &sdebug_host_list,
6031 host_list) {
6032 if (sdhp->si_idx != idx) {
6033 xa_set_mark(per_store_ap, sdhp->si_idx,
6034 SDEB_XA_NOT_IN_USE);
6035 sdhp->si_idx = idx;
6036 }
6037 }
6038 sdeb_most_recent_idx = idx;
6039 } else { /* 0 --> 1 transition is trigger for shrink */
6040 sdebug_erase_all_stores(true /* apart from first */);
6041 }
6042 sdebug_fake_rw = n;
6043 return count;
6044 }
6045 return -EINVAL;
6046}
6047static DRIVER_ATTR_RW(fake_rw);
6048
6049static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6050{
6051 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6052}
6053static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6054 size_t count)
6055{
6056 int n;
6057
6058 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6059 sdebug_no_lun_0 = n;
6060 return count;
6061 }
6062 return -EINVAL;
6063}
6064static DRIVER_ATTR_RW(no_lun_0);
6065
6066static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6067{
6068 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6069}
6070static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6071 size_t count)
6072{
6073 int n;
6074
6075 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6076 sdebug_num_tgts = n;
6077 sdebug_max_tgts_luns();
6078 return count;
6079 }
6080 return -EINVAL;
6081}
6082static DRIVER_ATTR_RW(num_tgts);
6083
6084static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6085{
6086 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6087}
6088static DRIVER_ATTR_RO(dev_size_mb);
6089
6090static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6091{
6092 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6093}
6094
6095static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6096 size_t count)
6097{
6098 bool v;
6099
6100 if (kstrtobool(buf, &v))
6101 return -EINVAL;
6102
6103 sdebug_per_host_store = v;
6104 return count;
6105}
6106static DRIVER_ATTR_RW(per_host_store);
6107
6108static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6109{
6110 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6111}
6112static DRIVER_ATTR_RO(num_parts);
6113
6114static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6115{
6116 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6117}
6118static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6119 size_t count)
6120{
6121 int nth;
6122 char work[20];
6123
6124 if (sscanf(buf, "%10s", work) == 1) {
6125 if (strncasecmp(work, "0x", 2) == 0) {
6126 if (kstrtoint(work + 2, 16, &nth) == 0)
6127 goto every_nth_done;
6128 } else {
6129 if (kstrtoint(work, 10, &nth) == 0)
6130 goto every_nth_done;
6131 }
6132 }
6133 return -EINVAL;
6134
6135every_nth_done:
6136 sdebug_every_nth = nth;
6137 if (nth && !sdebug_statistics) {
6138 pr_info("every_nth needs statistics=1, set it\n");
6139 sdebug_statistics = true;
6140 }
6141 tweak_cmnd_count();
6142 return count;
6143}
6144static DRIVER_ATTR_RW(every_nth);
6145
6146static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6147{
6148 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6149}
6150static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6151 size_t count)
6152{
6153 int n;
6154 bool changed;
6155
6156 if (kstrtoint(buf, 0, &n))
6157 return -EINVAL;
6158 if (n >= 0) {
6159 if (n > (int)SAM_LUN_AM_FLAT) {
6160 pr_warn("only LUN address methods 0 and 1 are supported\n");
6161 return -EINVAL;
6162 }
6163 changed = ((int)sdebug_lun_am != n);
6164 sdebug_lun_am = n;
6165 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6166 struct sdebug_host_info *sdhp;
6167 struct sdebug_dev_info *dp;
6168
6169 spin_lock(&sdebug_host_list_lock);
6170 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6171 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6172 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6173 }
6174 }
6175 spin_unlock(&sdebug_host_list_lock);
6176 }
6177 return count;
6178 }
6179 return -EINVAL;
6180}
6181static DRIVER_ATTR_RW(lun_format);
6182
6183static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6184{
6185 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6186}
6187static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6188 size_t count)
6189{
6190 int n;
6191 bool changed;
6192
6193 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6194 if (n > 256) {
6195 pr_warn("max_luns can be no more than 256\n");
6196 return -EINVAL;
6197 }
6198 changed = (sdebug_max_luns != n);
6199 sdebug_max_luns = n;
6200 sdebug_max_tgts_luns();
6201 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6202 struct sdebug_host_info *sdhp;
6203 struct sdebug_dev_info *dp;
6204
6205 spin_lock(&sdebug_host_list_lock);
6206 list_for_each_entry(sdhp, &sdebug_host_list,
6207 host_list) {
6208 list_for_each_entry(dp, &sdhp->dev_info_list,
6209 dev_list) {
6210 set_bit(SDEBUG_UA_LUNS_CHANGED,
6211 dp->uas_bm);
6212 }
6213 }
6214 spin_unlock(&sdebug_host_list_lock);
6215 }
6216 return count;
6217 }
6218 return -EINVAL;
6219}
6220static DRIVER_ATTR_RW(max_luns);
6221
6222static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6223{
6224 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6225}
6226/* N.B. max_queue can be changed while there are queued commands. In flight
6227 * commands beyond the new max_queue will be completed. */
6228static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6229 size_t count)
6230{
6231 int j, n, k, a;
6232 struct sdebug_queue *sqp;
6233
6234 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6235 (n <= SDEBUG_CANQUEUE) &&
6236 (sdebug_host_max_queue == 0)) {
6237 block_unblock_all_queues(true);
6238 k = 0;
6239 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6240 ++j, ++sqp) {
6241 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
6242 if (a > k)
6243 k = a;
6244 }
6245 sdebug_max_queue = n;
6246 if (k == SDEBUG_CANQUEUE)
6247 atomic_set(&retired_max_queue, 0);
6248 else if (k >= n)
6249 atomic_set(&retired_max_queue, k + 1);
6250 else
6251 atomic_set(&retired_max_queue, 0);
6252 block_unblock_all_queues(false);
6253 return count;
6254 }
6255 return -EINVAL;
6256}
6257static DRIVER_ATTR_RW(max_queue);
6258
6259static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6260{
6261 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6262}
6263
6264/*
6265 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6266 * in range [0, sdebug_host_max_queue), we can't change it.
6267 */
6268static DRIVER_ATTR_RO(host_max_queue);
6269
6270static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6271{
6272 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6273}
6274static DRIVER_ATTR_RO(no_uld);
6275
6276static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6277{
6278 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6279}
6280static DRIVER_ATTR_RO(scsi_level);
6281
6282static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6283{
6284 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6285}
6286static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6287 size_t count)
6288{
6289 int n;
6290 bool changed;
6291
6292 /* Ignore capacity change for ZBC drives for now */
6293 if (sdeb_zbc_in_use)
6294 return -ENOTSUPP;
6295
6296 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6297 changed = (sdebug_virtual_gb != n);
6298 sdebug_virtual_gb = n;
6299 sdebug_capacity = get_sdebug_capacity();
6300 if (changed) {
6301 struct sdebug_host_info *sdhp;
6302 struct sdebug_dev_info *dp;
6303
6304 spin_lock(&sdebug_host_list_lock);
6305 list_for_each_entry(sdhp, &sdebug_host_list,
6306 host_list) {
6307 list_for_each_entry(dp, &sdhp->dev_info_list,
6308 dev_list) {
6309 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6310 dp->uas_bm);
6311 }
6312 }
6313 spin_unlock(&sdebug_host_list_lock);
6314 }
6315 return count;
6316 }
6317 return -EINVAL;
6318}
6319static DRIVER_ATTR_RW(virtual_gb);
6320
6321static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6322{
6323 /* absolute number of hosts currently active is what is shown */
6324 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6325}
6326
6327static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6328 size_t count)
6329{
6330 bool found;
6331 unsigned long idx;
6332 struct sdeb_store_info *sip;
6333 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6334 int delta_hosts;
6335
6336 if (sscanf(buf, "%d", &delta_hosts) != 1)
6337 return -EINVAL;
6338 if (delta_hosts > 0) {
6339 do {
6340 found = false;
6341 if (want_phs) {
6342 xa_for_each_marked(per_store_ap, idx, sip,
6343 SDEB_XA_NOT_IN_USE) {
6344 sdeb_most_recent_idx = (int)idx;
6345 found = true;
6346 break;
6347 }
6348 if (found) /* re-use case */
6349 sdebug_add_host_helper((int)idx);
6350 else
6351 sdebug_do_add_host(true);
6352 } else {
6353 sdebug_do_add_host(false);
6354 }
6355 } while (--delta_hosts);
6356 } else if (delta_hosts < 0) {
6357 do {
6358 sdebug_do_remove_host(false);
6359 } while (++delta_hosts);
6360 }
6361 return count;
6362}
6363static DRIVER_ATTR_RW(add_host);
6364
6365static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6366{
6367 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6368}
6369static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6370 size_t count)
6371{
6372 int n;
6373
6374 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6375 sdebug_vpd_use_hostno = n;
6376 return count;
6377 }
6378 return -EINVAL;
6379}
6380static DRIVER_ATTR_RW(vpd_use_hostno);
6381
6382static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6383{
6384 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6385}
6386static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6387 size_t count)
6388{
6389 int n;
6390
6391 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6392 if (n > 0)
6393 sdebug_statistics = true;
6394 else {
6395 clear_queue_stats();
6396 sdebug_statistics = false;
6397 }
6398 return count;
6399 }
6400 return -EINVAL;
6401}
6402static DRIVER_ATTR_RW(statistics);
6403
6404static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6405{
6406 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6407}
6408static DRIVER_ATTR_RO(sector_size);
6409
6410static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6411{
6412 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6413}
6414static DRIVER_ATTR_RO(submit_queues);
6415
6416static ssize_t dix_show(struct device_driver *ddp, char *buf)
6417{
6418 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
6419}
6420static DRIVER_ATTR_RO(dix);
6421
6422static ssize_t dif_show(struct device_driver *ddp, char *buf)
6423{
6424 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
6425}
6426static DRIVER_ATTR_RO(dif);
6427
6428static ssize_t guard_show(struct device_driver *ddp, char *buf)
6429{
6430 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
6431}
6432static DRIVER_ATTR_RO(guard);
6433
6434static ssize_t ato_show(struct device_driver *ddp, char *buf)
6435{
6436 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
6437}
6438static DRIVER_ATTR_RO(ato);
6439
6440static ssize_t map_show(struct device_driver *ddp, char *buf)
6441{
6442 ssize_t count = 0;
6443
6444 if (!scsi_debug_lbp())
6445 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
6446 sdebug_store_sectors);
6447
6448 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
6449 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
6450
6451 if (sip)
6452 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
6453 (int)map_size, sip->map_storep);
6454 }
6455 buf[count++] = '\n';
6456 buf[count] = '\0';
6457
6458 return count;
6459}
6460static DRIVER_ATTR_RO(map);
6461
6462static ssize_t random_show(struct device_driver *ddp, char *buf)
6463{
6464 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
6465}
6466
6467static ssize_t random_store(struct device_driver *ddp, const char *buf,
6468 size_t count)
6469{
6470 bool v;
6471
6472 if (kstrtobool(buf, &v))
6473 return -EINVAL;
6474
6475 sdebug_random = v;
6476 return count;
6477}
6478static DRIVER_ATTR_RW(random);
6479
6480static ssize_t removable_show(struct device_driver *ddp, char *buf)
6481{
6482 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
6483}
6484static ssize_t removable_store(struct device_driver *ddp, const char *buf,
6485 size_t count)
6486{
6487 int n;
6488
6489 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6490 sdebug_removable = (n > 0);
6491 return count;
6492 }
6493 return -EINVAL;
6494}
6495static DRIVER_ATTR_RW(removable);
6496
6497static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
6498{
6499 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
6500}
6501/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
6502static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
6503 size_t count)
6504{
6505 int n;
6506
6507 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6508 sdebug_host_lock = (n > 0);
6509 return count;
6510 }
6511 return -EINVAL;
6512}
6513static DRIVER_ATTR_RW(host_lock);
6514
6515static ssize_t strict_show(struct device_driver *ddp, char *buf)
6516{
6517 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
6518}
6519static ssize_t strict_store(struct device_driver *ddp, const char *buf,
6520 size_t count)
6521{
6522 int n;
6523
6524 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6525 sdebug_strict = (n > 0);
6526 return count;
6527 }
6528 return -EINVAL;
6529}
6530static DRIVER_ATTR_RW(strict);
6531
6532static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
6533{
6534 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
6535}
6536static DRIVER_ATTR_RO(uuid_ctl);
6537
6538static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
6539{
6540 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
6541}
6542static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
6543 size_t count)
6544{
6545 int ret, n;
6546
6547 ret = kstrtoint(buf, 0, &n);
6548 if (ret)
6549 return ret;
6550 sdebug_cdb_len = n;
6551 all_config_cdb_len();
6552 return count;
6553}
6554static DRIVER_ATTR_RW(cdb_len);
6555
6556static const char * const zbc_model_strs_a[] = {
6557 [BLK_ZONED_NONE] = "none",
6558 [BLK_ZONED_HA] = "host-aware",
6559 [BLK_ZONED_HM] = "host-managed",
6560};
6561
6562static const char * const zbc_model_strs_b[] = {
6563 [BLK_ZONED_NONE] = "no",
6564 [BLK_ZONED_HA] = "aware",
6565 [BLK_ZONED_HM] = "managed",
6566};
6567
6568static const char * const zbc_model_strs_c[] = {
6569 [BLK_ZONED_NONE] = "0",
6570 [BLK_ZONED_HA] = "1",
6571 [BLK_ZONED_HM] = "2",
6572};
6573
6574static int sdeb_zbc_model_str(const char *cp)
6575{
6576 int res = sysfs_match_string(zbc_model_strs_a, cp);
6577
6578 if (res < 0) {
6579 res = sysfs_match_string(zbc_model_strs_b, cp);
6580 if (res < 0) {
6581 res = sysfs_match_string(zbc_model_strs_c, cp);
6582 if (res < 0)
6583 return -EINVAL;
6584 }
6585 }
6586 return res;
6587}
6588
6589static ssize_t zbc_show(struct device_driver *ddp, char *buf)
6590{
6591 return scnprintf(buf, PAGE_SIZE, "%s\n",
6592 zbc_model_strs_a[sdeb_zbc_model]);
6593}
6594static DRIVER_ATTR_RO(zbc);
6595
6596static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
6597{
6598 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
6599}
6600static DRIVER_ATTR_RO(tur_ms_to_ready);
6601
6602/* Note: The following array creates attribute files in the
6603 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
6604 files (over those found in the /sys/module/scsi_debug/parameters
6605 directory) is that auxiliary actions can be triggered when an attribute
6606 is changed. For example see: add_host_store() above.
6607 */
6608
6609static struct attribute *sdebug_drv_attrs[] = {
6610 &driver_attr_delay.attr,
6611 &driver_attr_opts.attr,
6612 &driver_attr_ptype.attr,
6613 &driver_attr_dsense.attr,
6614 &driver_attr_fake_rw.attr,
6615 &driver_attr_host_max_queue.attr,
6616 &driver_attr_no_lun_0.attr,
6617 &driver_attr_num_tgts.attr,
6618 &driver_attr_dev_size_mb.attr,
6619 &driver_attr_num_parts.attr,
6620 &driver_attr_every_nth.attr,
6621 &driver_attr_lun_format.attr,
6622 &driver_attr_max_luns.attr,
6623 &driver_attr_max_queue.attr,
6624 &driver_attr_no_uld.attr,
6625 &driver_attr_scsi_level.attr,
6626 &driver_attr_virtual_gb.attr,
6627 &driver_attr_add_host.attr,
6628 &driver_attr_per_host_store.attr,
6629 &driver_attr_vpd_use_hostno.attr,
6630 &driver_attr_sector_size.attr,
6631 &driver_attr_statistics.attr,
6632 &driver_attr_submit_queues.attr,
6633 &driver_attr_dix.attr,
6634 &driver_attr_dif.attr,
6635 &driver_attr_guard.attr,
6636 &driver_attr_ato.attr,
6637 &driver_attr_map.attr,
6638 &driver_attr_random.attr,
6639 &driver_attr_removable.attr,
6640 &driver_attr_host_lock.attr,
6641 &driver_attr_ndelay.attr,
6642 &driver_attr_strict.attr,
6643 &driver_attr_uuid_ctl.attr,
6644 &driver_attr_cdb_len.attr,
6645 &driver_attr_tur_ms_to_ready.attr,
6646 &driver_attr_zbc.attr,
6647 NULL,
6648};
6649ATTRIBUTE_GROUPS(sdebug_drv);
6650
6651static struct device *pseudo_primary;
6652
6653static int __init scsi_debug_init(void)
6654{
6655 bool want_store = (sdebug_fake_rw == 0);
6656 unsigned long sz;
6657 int k, ret, hosts_to_add;
6658 int idx = -1;
6659
6660 ramdisk_lck_a[0] = &atomic_rw;
6661 ramdisk_lck_a[1] = &atomic_rw2;
6662 atomic_set(&retired_max_queue, 0);
6663
6664 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
6665 pr_warn("ndelay must be less than 1 second, ignored\n");
6666 sdebug_ndelay = 0;
6667 } else if (sdebug_ndelay > 0)
6668 sdebug_jdelay = JDELAY_OVERRIDDEN;
6669
6670 switch (sdebug_sector_size) {
6671 case 512:
6672 case 1024:
6673 case 2048:
6674 case 4096:
6675 break;
6676 default:
6677 pr_err("invalid sector_size %d\n", sdebug_sector_size);
6678 return -EINVAL;
6679 }
6680
6681 switch (sdebug_dif) {
6682 case T10_PI_TYPE0_PROTECTION:
6683 break;
6684 case T10_PI_TYPE1_PROTECTION:
6685 case T10_PI_TYPE2_PROTECTION:
6686 case T10_PI_TYPE3_PROTECTION:
6687 have_dif_prot = true;
6688 break;
6689
6690 default:
6691 pr_err("dif must be 0, 1, 2 or 3\n");
6692 return -EINVAL;
6693 }
6694
6695 if (sdebug_num_tgts < 0) {
6696 pr_err("num_tgts must be >= 0\n");
6697 return -EINVAL;
6698 }
6699
6700 if (sdebug_guard > 1) {
6701 pr_err("guard must be 0 or 1\n");
6702 return -EINVAL;
6703 }
6704
6705 if (sdebug_ato > 1) {
6706 pr_err("ato must be 0 or 1\n");
6707 return -EINVAL;
6708 }
6709
6710 if (sdebug_physblk_exp > 15) {
6711 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
6712 return -EINVAL;
6713 }
6714
6715 sdebug_lun_am = sdebug_lun_am_i;
6716 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
6717 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
6718 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
6719 }
6720
6721 if (sdebug_max_luns > 256) {
6722 if (sdebug_max_luns > 16384) {
6723 pr_warn("max_luns can be no more than 16384, use default\n");
6724 sdebug_max_luns = DEF_MAX_LUNS;
6725 }
6726 sdebug_lun_am = SAM_LUN_AM_FLAT;
6727 }
6728
6729 if (sdebug_lowest_aligned > 0x3fff) {
6730 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
6731 return -EINVAL;
6732 }
6733
6734 if (submit_queues < 1) {
6735 pr_err("submit_queues must be 1 or more\n");
6736 return -EINVAL;
6737 }
6738
6739 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
6740 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
6741 return -EINVAL;
6742 }
6743
6744 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
6745 (sdebug_host_max_queue < 0)) {
6746 pr_err("host_max_queue must be in range [0 %d]\n",
6747 SDEBUG_CANQUEUE);
6748 return -EINVAL;
6749 }
6750
6751 if (sdebug_host_max_queue &&
6752 (sdebug_max_queue != sdebug_host_max_queue)) {
6753 sdebug_max_queue = sdebug_host_max_queue;
6754 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
6755 sdebug_max_queue);
6756 }
6757
6758 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
6759 GFP_KERNEL);
6760 if (sdebug_q_arr == NULL)
6761 return -ENOMEM;
6762 for (k = 0; k < submit_queues; ++k)
6763 spin_lock_init(&sdebug_q_arr[k].qc_lock);
6764
6765 /*
6766 * check for host managed zoned block device specified with
6767 * ptype=0x14 or zbc=XXX.
6768 */
6769 if (sdebug_ptype == TYPE_ZBC) {
6770 sdeb_zbc_model = BLK_ZONED_HM;
6771 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
6772 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
6773 if (k < 0) {
6774 ret = k;
6775 goto free_q_arr;
6776 }
6777 sdeb_zbc_model = k;
6778 switch (sdeb_zbc_model) {
6779 case BLK_ZONED_NONE:
6780 case BLK_ZONED_HA:
6781 sdebug_ptype = TYPE_DISK;
6782 break;
6783 case BLK_ZONED_HM:
6784 sdebug_ptype = TYPE_ZBC;
6785 break;
6786 default:
6787 pr_err("Invalid ZBC model\n");
6788 ret = -EINVAL;
6789 goto free_q_arr;
6790 }
6791 }
6792 if (sdeb_zbc_model != BLK_ZONED_NONE) {
6793 sdeb_zbc_in_use = true;
6794 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6795 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
6796 }
6797
6798 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6799 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
6800 if (sdebug_dev_size_mb < 1)
6801 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
6802 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6803 sdebug_store_sectors = sz / sdebug_sector_size;
6804 sdebug_capacity = get_sdebug_capacity();
6805
6806 /* play around with geometry, don't waste too much on track 0 */
6807 sdebug_heads = 8;
6808 sdebug_sectors_per = 32;
6809 if (sdebug_dev_size_mb >= 256)
6810 sdebug_heads = 64;
6811 else if (sdebug_dev_size_mb >= 16)
6812 sdebug_heads = 32;
6813 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6814 (sdebug_sectors_per * sdebug_heads);
6815 if (sdebug_cylinders_per >= 1024) {
6816 /* other LLDs do this; implies >= 1GB ram disk ... */
6817 sdebug_heads = 255;
6818 sdebug_sectors_per = 63;
6819 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6820 (sdebug_sectors_per * sdebug_heads);
6821 }
6822 if (scsi_debug_lbp()) {
6823 sdebug_unmap_max_blocks =
6824 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
6825
6826 sdebug_unmap_max_desc =
6827 clamp(sdebug_unmap_max_desc, 0U, 256U);
6828
6829 sdebug_unmap_granularity =
6830 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
6831
6832 if (sdebug_unmap_alignment &&
6833 sdebug_unmap_granularity <=
6834 sdebug_unmap_alignment) {
6835 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
6836 ret = -EINVAL;
6837 goto free_q_arr;
6838 }
6839 }
6840 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
6841 if (want_store) {
6842 idx = sdebug_add_store();
6843 if (idx < 0) {
6844 ret = idx;
6845 goto free_q_arr;
6846 }
6847 }
6848
6849 pseudo_primary = root_device_register("pseudo_0");
6850 if (IS_ERR(pseudo_primary)) {
6851 pr_warn("root_device_register() error\n");
6852 ret = PTR_ERR(pseudo_primary);
6853 goto free_vm;
6854 }
6855 ret = bus_register(&pseudo_lld_bus);
6856 if (ret < 0) {
6857 pr_warn("bus_register error: %d\n", ret);
6858 goto dev_unreg;
6859 }
6860 ret = driver_register(&sdebug_driverfs_driver);
6861 if (ret < 0) {
6862 pr_warn("driver_register error: %d\n", ret);
6863 goto bus_unreg;
6864 }
6865
6866 hosts_to_add = sdebug_add_host;
6867 sdebug_add_host = 0;
6868
6869 for (k = 0; k < hosts_to_add; k++) {
6870 if (want_store && k == 0) {
6871 ret = sdebug_add_host_helper(idx);
6872 if (ret < 0) {
6873 pr_err("add_host_helper k=%d, error=%d\n",
6874 k, -ret);
6875 break;
6876 }
6877 } else {
6878 ret = sdebug_do_add_host(want_store &&
6879 sdebug_per_host_store);
6880 if (ret < 0) {
6881 pr_err("add_host k=%d error=%d\n", k, -ret);
6882 break;
6883 }
6884 }
6885 }
6886 if (sdebug_verbose)
6887 pr_info("built %d host(s)\n", sdebug_num_hosts);
6888
6889 return 0;
6890
6891bus_unreg:
6892 bus_unregister(&pseudo_lld_bus);
6893dev_unreg:
6894 root_device_unregister(pseudo_primary);
6895free_vm:
6896 sdebug_erase_store(idx, NULL);
6897free_q_arr:
6898 kfree(sdebug_q_arr);
6899 return ret;
6900}
6901
6902static void __exit scsi_debug_exit(void)
6903{
6904 int k = sdebug_num_hosts;
6905
6906 stop_all_queued();
6907 for (; k; k--)
6908 sdebug_do_remove_host(true);
6909 free_all_queued();
6910 driver_unregister(&sdebug_driverfs_driver);
6911 bus_unregister(&pseudo_lld_bus);
6912 root_device_unregister(pseudo_primary);
6913
6914 sdebug_erase_all_stores(false);
6915 xa_destroy(per_store_ap);
6916 kfree(sdebug_q_arr);
6917}
6918
6919device_initcall(scsi_debug_init);
6920module_exit(scsi_debug_exit);
6921
6922static void sdebug_release_adapter(struct device *dev)
6923{
6924 struct sdebug_host_info *sdbg_host;
6925
6926 sdbg_host = to_sdebug_host(dev);
6927 kfree(sdbg_host);
6928}
6929
6930/* idx must be valid, if sip is NULL then it will be obtained using idx */
6931static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
6932{
6933 if (idx < 0)
6934 return;
6935 if (!sip) {
6936 if (xa_empty(per_store_ap))
6937 return;
6938 sip = xa_load(per_store_ap, idx);
6939 if (!sip)
6940 return;
6941 }
6942 vfree(sip->map_storep);
6943 vfree(sip->dif_storep);
6944 vfree(sip->storep);
6945 xa_erase(per_store_ap, idx);
6946 kfree(sip);
6947}
6948
6949/* Assume apart_from_first==false only in shutdown case. */
6950static void sdebug_erase_all_stores(bool apart_from_first)
6951{
6952 unsigned long idx;
6953 struct sdeb_store_info *sip = NULL;
6954
6955 xa_for_each(per_store_ap, idx, sip) {
6956 if (apart_from_first)
6957 apart_from_first = false;
6958 else
6959 sdebug_erase_store(idx, sip);
6960 }
6961 if (apart_from_first)
6962 sdeb_most_recent_idx = sdeb_first_idx;
6963}
6964
6965/*
6966 * Returns store xarray new element index (idx) if >=0 else negated errno.
6967 * Limit the number of stores to 65536.
6968 */
6969static int sdebug_add_store(void)
6970{
6971 int res;
6972 u32 n_idx;
6973 unsigned long iflags;
6974 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6975 struct sdeb_store_info *sip = NULL;
6976 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
6977
6978 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
6979 if (!sip)
6980 return -ENOMEM;
6981
6982 xa_lock_irqsave(per_store_ap, iflags);
6983 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
6984 if (unlikely(res < 0)) {
6985 xa_unlock_irqrestore(per_store_ap, iflags);
6986 kfree(sip);
6987 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
6988 return res;
6989 }
6990 sdeb_most_recent_idx = n_idx;
6991 if (sdeb_first_idx < 0)
6992 sdeb_first_idx = n_idx;
6993 xa_unlock_irqrestore(per_store_ap, iflags);
6994
6995 res = -ENOMEM;
6996 sip->storep = vzalloc(sz);
6997 if (!sip->storep) {
6998 pr_err("user data oom\n");
6999 goto err;
7000 }
7001 if (sdebug_num_parts > 0)
7002 sdebug_build_parts(sip->storep, sz);
7003
7004 /* DIF/DIX: what T10 calls Protection Information (PI) */
7005 if (sdebug_dix) {
7006 int dif_size;
7007
7008 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
7009 sip->dif_storep = vmalloc(dif_size);
7010
7011 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
7012 sip->dif_storep);
7013
7014 if (!sip->dif_storep) {
7015 pr_err("DIX oom\n");
7016 goto err;
7017 }
7018 memset(sip->dif_storep, 0xff, dif_size);
7019 }
7020 /* Logical Block Provisioning */
7021 if (scsi_debug_lbp()) {
7022 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
7023 sip->map_storep = vmalloc(array_size(sizeof(long),
7024 BITS_TO_LONGS(map_size)));
7025
7026 pr_info("%lu provisioning blocks\n", map_size);
7027
7028 if (!sip->map_storep) {
7029 pr_err("LBP map oom\n");
7030 goto err;
7031 }
7032
7033 bitmap_zero(sip->map_storep, map_size);
7034
7035 /* Map first 1KB for partition table */
7036 if (sdebug_num_parts)
7037 map_region(sip, 0, 2);
7038 }
7039
7040 rwlock_init(&sip->macc_lck);
7041 return (int)n_idx;
7042err:
7043 sdebug_erase_store((int)n_idx, sip);
7044 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7045 return res;
7046}
7047
7048static int sdebug_add_host_helper(int per_host_idx)
7049{
7050 int k, devs_per_host, idx;
7051 int error = -ENOMEM;
7052 struct sdebug_host_info *sdbg_host;
7053 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7054
7055 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7056 if (!sdbg_host)
7057 return -ENOMEM;
7058 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7059 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7060 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7061 sdbg_host->si_idx = idx;
7062
7063 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7064
7065 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7066 for (k = 0; k < devs_per_host; k++) {
7067 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7068 if (!sdbg_devinfo)
7069 goto clean;
7070 }
7071
7072 spin_lock(&sdebug_host_list_lock);
7073 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7074 spin_unlock(&sdebug_host_list_lock);
7075
7076 sdbg_host->dev.bus = &pseudo_lld_bus;
7077 sdbg_host->dev.parent = pseudo_primary;
7078 sdbg_host->dev.release = &sdebug_release_adapter;
7079 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7080
7081 error = device_register(&sdbg_host->dev);
7082 if (error)
7083 goto clean;
7084
7085 ++sdebug_num_hosts;
7086 return 0;
7087
7088clean:
7089 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7090 dev_list) {
7091 list_del(&sdbg_devinfo->dev_list);
7092 kfree(sdbg_devinfo->zstate);
7093 kfree(sdbg_devinfo);
7094 }
7095 kfree(sdbg_host);
7096 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7097 return error;
7098}
7099
7100static int sdebug_do_add_host(bool mk_new_store)
7101{
7102 int ph_idx = sdeb_most_recent_idx;
7103
7104 if (mk_new_store) {
7105 ph_idx = sdebug_add_store();
7106 if (ph_idx < 0)
7107 return ph_idx;
7108 }
7109 return sdebug_add_host_helper(ph_idx);
7110}
7111
7112static void sdebug_do_remove_host(bool the_end)
7113{
7114 int idx = -1;
7115 struct sdebug_host_info *sdbg_host = NULL;
7116 struct sdebug_host_info *sdbg_host2;
7117
7118 spin_lock(&sdebug_host_list_lock);
7119 if (!list_empty(&sdebug_host_list)) {
7120 sdbg_host = list_entry(sdebug_host_list.prev,
7121 struct sdebug_host_info, host_list);
7122 idx = sdbg_host->si_idx;
7123 }
7124 if (!the_end && idx >= 0) {
7125 bool unique = true;
7126
7127 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7128 if (sdbg_host2 == sdbg_host)
7129 continue;
7130 if (idx == sdbg_host2->si_idx) {
7131 unique = false;
7132 break;
7133 }
7134 }
7135 if (unique) {
7136 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7137 if (idx == sdeb_most_recent_idx)
7138 --sdeb_most_recent_idx;
7139 }
7140 }
7141 if (sdbg_host)
7142 list_del(&sdbg_host->host_list);
7143 spin_unlock(&sdebug_host_list_lock);
7144
7145 if (!sdbg_host)
7146 return;
7147
7148 device_unregister(&sdbg_host->dev);
7149 --sdebug_num_hosts;
7150}
7151
7152static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7153{
7154 int num_in_q = 0;
7155 struct sdebug_dev_info *devip;
7156
7157 block_unblock_all_queues(true);
7158 devip = (struct sdebug_dev_info *)sdev->hostdata;
7159 if (NULL == devip) {
7160 block_unblock_all_queues(false);
7161 return -ENODEV;
7162 }
7163 num_in_q = atomic_read(&devip->num_in_q);
7164
7165 if (qdepth > SDEBUG_CANQUEUE) {
7166 qdepth = SDEBUG_CANQUEUE;
7167 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
7168 qdepth, SDEBUG_CANQUEUE);
7169 }
7170 if (qdepth < 1)
7171 qdepth = 1;
7172 if (qdepth != sdev->queue_depth)
7173 scsi_change_queue_depth(sdev, qdepth);
7174
7175 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
7176 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
7177 __func__, qdepth, num_in_q);
7178 }
7179 block_unblock_all_queues(false);
7180 return sdev->queue_depth;
7181}
7182
7183static bool fake_timeout(struct scsi_cmnd *scp)
7184{
7185 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7186 if (sdebug_every_nth < -1)
7187 sdebug_every_nth = -1;
7188 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7189 return true; /* ignore command causing timeout */
7190 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7191 scsi_medium_access_command(scp))
7192 return true; /* time out reads and writes */
7193 }
7194 return false;
7195}
7196
7197/* Response to TUR or media access command when device stopped */
7198static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7199{
7200 int stopped_state;
7201 u64 diff_ns = 0;
7202 ktime_t now_ts = ktime_get_boottime();
7203 struct scsi_device *sdp = scp->device;
7204
7205 stopped_state = atomic_read(&devip->stopped);
7206 if (stopped_state == 2) {
7207 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7208 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7209 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7210 /* tur_ms_to_ready timer extinguished */
7211 atomic_set(&devip->stopped, 0);
7212 return 0;
7213 }
7214 }
7215 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7216 if (sdebug_verbose)
7217 sdev_printk(KERN_INFO, sdp,
7218 "%s: Not ready: in process of becoming ready\n", my_name);
7219 if (scp->cmnd[0] == TEST_UNIT_READY) {
7220 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7221
7222 if (diff_ns <= tur_nanosecs_to_ready)
7223 diff_ns = tur_nanosecs_to_ready - diff_ns;
7224 else
7225 diff_ns = tur_nanosecs_to_ready;
7226 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7227 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7228 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7229 diff_ns);
7230 return check_condition_result;
7231 }
7232 }
7233 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7234 if (sdebug_verbose)
7235 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7236 my_name);
7237 return check_condition_result;
7238}
7239
7240static int sdebug_map_queues(struct Scsi_Host *shost)
7241{
7242 int i, qoff;
7243
7244 if (shost->nr_hw_queues == 1)
7245 return 0;
7246
7247 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
7248 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
7249
7250 map->nr_queues = 0;
7251
7252 if (i == HCTX_TYPE_DEFAULT)
7253 map->nr_queues = submit_queues - poll_queues;
7254 else if (i == HCTX_TYPE_POLL)
7255 map->nr_queues = poll_queues;
7256
7257 if (!map->nr_queues) {
7258 BUG_ON(i == HCTX_TYPE_DEFAULT);
7259 continue;
7260 }
7261
7262 map->queue_offset = qoff;
7263 blk_mq_map_queues(map);
7264
7265 qoff += map->nr_queues;
7266 }
7267
7268 return 0;
7269
7270}
7271
7272static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
7273{
7274 bool first;
7275 bool retiring = false;
7276 int num_entries = 0;
7277 unsigned int qc_idx = 0;
7278 unsigned long iflags;
7279 ktime_t kt_from_boot = ktime_get_boottime();
7280 struct sdebug_queue *sqp;
7281 struct sdebug_queued_cmd *sqcp;
7282 struct scsi_cmnd *scp;
7283 struct sdebug_dev_info *devip;
7284 struct sdebug_defer *sd_dp;
7285
7286 sqp = sdebug_q_arr + queue_num;
7287 spin_lock_irqsave(&sqp->qc_lock, iflags);
7288
7289 for (first = true; first || qc_idx + 1 < sdebug_max_queue; ) {
7290 if (first) {
7291 qc_idx = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
7292 first = false;
7293 } else {
7294 qc_idx = find_next_bit(sqp->in_use_bm, sdebug_max_queue, qc_idx + 1);
7295 }
7296 if (unlikely(qc_idx >= sdebug_max_queue))
7297 break;
7298
7299 sqcp = &sqp->qc_arr[qc_idx];
7300 sd_dp = sqcp->sd_dp;
7301 if (unlikely(!sd_dp))
7302 continue;
7303 scp = sqcp->a_cmnd;
7304 if (unlikely(scp == NULL)) {
7305 pr_err("scp is NULL, queue_num=%d, qc_idx=%u from %s\n",
7306 queue_num, qc_idx, __func__);
7307 break;
7308 }
7309 if (sd_dp->defer_t == SDEB_DEFER_POLL) {
7310 if (kt_from_boot < sd_dp->cmpl_ts)
7311 continue;
7312
7313 } else /* ignoring non REQ_HIPRI requests */
7314 continue;
7315 devip = (struct sdebug_dev_info *)scp->device->hostdata;
7316 if (likely(devip))
7317 atomic_dec(&devip->num_in_q);
7318 else
7319 pr_err("devip=NULL from %s\n", __func__);
7320 if (unlikely(atomic_read(&retired_max_queue) > 0))
7321 retiring = true;
7322
7323 sqcp->a_cmnd = NULL;
7324 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
7325 pr_err("Unexpected completion sqp %p queue_num=%d qc_idx=%u from %s\n",
7326 sqp, queue_num, qc_idx, __func__);
7327 break;
7328 }
7329 if (unlikely(retiring)) { /* user has reduced max_queue */
7330 int k, retval;
7331
7332 retval = atomic_read(&retired_max_queue);
7333 if (qc_idx >= retval) {
7334 pr_err("index %d too large\n", retval);
7335 break;
7336 }
7337 k = find_last_bit(sqp->in_use_bm, retval);
7338 if ((k < sdebug_max_queue) || (k == retval))
7339 atomic_set(&retired_max_queue, 0);
7340 else
7341 atomic_set(&retired_max_queue, k + 1);
7342 }
7343 sd_dp->defer_t = SDEB_DEFER_NONE;
7344 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7345 scp->scsi_done(scp); /* callback to mid level */
7346 spin_lock_irqsave(&sqp->qc_lock, iflags);
7347 num_entries++;
7348 }
7349 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7350 if (num_entries > 0)
7351 atomic_add(num_entries, &sdeb_mq_poll_count);
7352 return num_entries;
7353}
7354
7355static int scsi_debug_queuecommand(struct Scsi_Host *shost,
7356 struct scsi_cmnd *scp)
7357{
7358 u8 sdeb_i;
7359 struct scsi_device *sdp = scp->device;
7360 const struct opcode_info_t *oip;
7361 const struct opcode_info_t *r_oip;
7362 struct sdebug_dev_info *devip;
7363 u8 *cmd = scp->cmnd;
7364 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
7365 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
7366 int k, na;
7367 int errsts = 0;
7368 u64 lun_index = sdp->lun & 0x3FFF;
7369 u32 flags;
7370 u16 sa;
7371 u8 opcode = cmd[0];
7372 bool has_wlun_rl;
7373 bool inject_now;
7374
7375 scsi_set_resid(scp, 0);
7376 if (sdebug_statistics) {
7377 atomic_inc(&sdebug_cmnd_count);
7378 inject_now = inject_on_this_cmd();
7379 } else {
7380 inject_now = false;
7381 }
7382 if (unlikely(sdebug_verbose &&
7383 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
7384 char b[120];
7385 int n, len, sb;
7386
7387 len = scp->cmd_len;
7388 sb = (int)sizeof(b);
7389 if (len > 32)
7390 strcpy(b, "too long, over 32 bytes");
7391 else {
7392 for (k = 0, n = 0; k < len && n < sb; ++k)
7393 n += scnprintf(b + n, sb - n, "%02x ",
7394 (u32)cmd[k]);
7395 }
7396 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
7397 blk_mq_unique_tag(scp->request), b);
7398 }
7399 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
7400 return SCSI_MLQUEUE_HOST_BUSY;
7401 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
7402 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
7403 goto err_out;
7404
7405 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
7406 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
7407 devip = (struct sdebug_dev_info *)sdp->hostdata;
7408 if (unlikely(!devip)) {
7409 devip = find_build_dev_info(sdp);
7410 if (NULL == devip)
7411 goto err_out;
7412 }
7413 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
7414 atomic_set(&sdeb_inject_pending, 1);
7415
7416 na = oip->num_attached;
7417 r_pfp = oip->pfp;
7418 if (na) { /* multiple commands with this opcode */
7419 r_oip = oip;
7420 if (FF_SA & r_oip->flags) {
7421 if (F_SA_LOW & oip->flags)
7422 sa = 0x1f & cmd[1];
7423 else
7424 sa = get_unaligned_be16(cmd + 8);
7425 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7426 if (opcode == oip->opcode && sa == oip->sa)
7427 break;
7428 }
7429 } else { /* since no service action only check opcode */
7430 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7431 if (opcode == oip->opcode)
7432 break;
7433 }
7434 }
7435 if (k > na) {
7436 if (F_SA_LOW & r_oip->flags)
7437 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
7438 else if (F_SA_HIGH & r_oip->flags)
7439 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
7440 else
7441 mk_sense_invalid_opcode(scp);
7442 goto check_cond;
7443 }
7444 } /* else (when na==0) we assume the oip is a match */
7445 flags = oip->flags;
7446 if (unlikely(F_INV_OP & flags)) {
7447 mk_sense_invalid_opcode(scp);
7448 goto check_cond;
7449 }
7450 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
7451 if (sdebug_verbose)
7452 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
7453 my_name, opcode, " supported for wlun");
7454 mk_sense_invalid_opcode(scp);
7455 goto check_cond;
7456 }
7457 if (unlikely(sdebug_strict)) { /* check cdb against mask */
7458 u8 rem;
7459 int j;
7460
7461 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
7462 rem = ~oip->len_mask[k] & cmd[k];
7463 if (rem) {
7464 for (j = 7; j >= 0; --j, rem <<= 1) {
7465 if (0x80 & rem)
7466 break;
7467 }
7468 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
7469 goto check_cond;
7470 }
7471 }
7472 }
7473 if (unlikely(!(F_SKIP_UA & flags) &&
7474 find_first_bit(devip->uas_bm,
7475 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
7476 errsts = make_ua(scp, devip);
7477 if (errsts)
7478 goto check_cond;
7479 }
7480 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
7481 atomic_read(&devip->stopped))) {
7482 errsts = resp_not_ready(scp, devip);
7483 if (errsts)
7484 goto fini;
7485 }
7486 if (sdebug_fake_rw && (F_FAKE_RW & flags))
7487 goto fini;
7488 if (unlikely(sdebug_every_nth)) {
7489 if (fake_timeout(scp))
7490 return 0; /* ignore command: make trouble */
7491 }
7492 if (likely(oip->pfp))
7493 pfp = oip->pfp; /* calls a resp_* function */
7494 else
7495 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
7496
7497fini:
7498 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
7499 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
7500 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
7501 sdebug_ndelay > 10000)) {
7502 /*
7503 * Skip long delays if ndelay <= 10 microseconds. Otherwise
7504 * for Start Stop Unit (SSU) want at least 1 second delay and
7505 * if sdebug_jdelay>1 want a long delay of that many seconds.
7506 * For Synchronize Cache want 1/20 of SSU's delay.
7507 */
7508 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
7509 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
7510
7511 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
7512 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
7513 } else
7514 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
7515 sdebug_ndelay);
7516check_cond:
7517 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
7518err_out:
7519 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
7520}
7521
7522static struct scsi_host_template sdebug_driver_template = {
7523 .show_info = scsi_debug_show_info,
7524 .write_info = scsi_debug_write_info,
7525 .proc_name = sdebug_proc_name,
7526 .name = "SCSI DEBUG",
7527 .info = scsi_debug_info,
7528 .slave_alloc = scsi_debug_slave_alloc,
7529 .slave_configure = scsi_debug_slave_configure,
7530 .slave_destroy = scsi_debug_slave_destroy,
7531 .ioctl = scsi_debug_ioctl,
7532 .queuecommand = scsi_debug_queuecommand,
7533 .change_queue_depth = sdebug_change_qdepth,
7534 .map_queues = sdebug_map_queues,
7535 .mq_poll = sdebug_blk_mq_poll,
7536 .eh_abort_handler = scsi_debug_abort,
7537 .eh_device_reset_handler = scsi_debug_device_reset,
7538 .eh_target_reset_handler = scsi_debug_target_reset,
7539 .eh_bus_reset_handler = scsi_debug_bus_reset,
7540 .eh_host_reset_handler = scsi_debug_host_reset,
7541 .can_queue = SDEBUG_CANQUEUE,
7542 .this_id = 7,
7543 .sg_tablesize = SG_MAX_SEGMENTS,
7544 .cmd_per_lun = DEF_CMD_PER_LUN,
7545 .max_sectors = -1U,
7546 .max_segment_size = -1U,
7547 .module = THIS_MODULE,
7548 .track_queue_depth = 1,
7549};
7550
7551static int sdebug_driver_probe(struct device *dev)
7552{
7553 int error = 0;
7554 struct sdebug_host_info *sdbg_host;
7555 struct Scsi_Host *hpnt;
7556 int hprot;
7557
7558 sdbg_host = to_sdebug_host(dev);
7559
7560 sdebug_driver_template.can_queue = sdebug_max_queue;
7561 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
7562 if (!sdebug_clustering)
7563 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
7564
7565 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
7566 if (NULL == hpnt) {
7567 pr_err("scsi_host_alloc failed\n");
7568 error = -ENODEV;
7569 return error;
7570 }
7571 if (submit_queues > nr_cpu_ids) {
7572 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
7573 my_name, submit_queues, nr_cpu_ids);
7574 submit_queues = nr_cpu_ids;
7575 }
7576 /*
7577 * Decide whether to tell scsi subsystem that we want mq. The
7578 * following should give the same answer for each host.
7579 */
7580 hpnt->nr_hw_queues = submit_queues;
7581 if (sdebug_host_max_queue)
7582 hpnt->host_tagset = 1;
7583
7584 /* poll queues are possible for nr_hw_queues > 1 */
7585 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
7586 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
7587 my_name, poll_queues, hpnt->nr_hw_queues);
7588 poll_queues = 0;
7589 }
7590
7591 /*
7592 * Poll queues don't need interrupts, but we need at least one I/O queue
7593 * left over for non-polled I/O.
7594 * If condition not met, trim poll_queues to 1 (just for simplicity).
7595 */
7596 if (poll_queues >= submit_queues) {
7597 if (submit_queues < 3)
7598 pr_warn("%s: trim poll_queues to 1\n", my_name);
7599 else
7600 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
7601 my_name, submit_queues - 1);
7602 poll_queues = 1;
7603 }
7604 if (poll_queues)
7605 hpnt->nr_maps = 3;
7606
7607 sdbg_host->shost = hpnt;
7608 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
7609 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
7610 hpnt->max_id = sdebug_num_tgts + 1;
7611 else
7612 hpnt->max_id = sdebug_num_tgts;
7613 /* = sdebug_max_luns; */
7614 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
7615
7616 hprot = 0;
7617
7618 switch (sdebug_dif) {
7619
7620 case T10_PI_TYPE1_PROTECTION:
7621 hprot = SHOST_DIF_TYPE1_PROTECTION;
7622 if (sdebug_dix)
7623 hprot |= SHOST_DIX_TYPE1_PROTECTION;
7624 break;
7625
7626 case T10_PI_TYPE2_PROTECTION:
7627 hprot = SHOST_DIF_TYPE2_PROTECTION;
7628 if (sdebug_dix)
7629 hprot |= SHOST_DIX_TYPE2_PROTECTION;
7630 break;
7631
7632 case T10_PI_TYPE3_PROTECTION:
7633 hprot = SHOST_DIF_TYPE3_PROTECTION;
7634 if (sdebug_dix)
7635 hprot |= SHOST_DIX_TYPE3_PROTECTION;
7636 break;
7637
7638 default:
7639 if (sdebug_dix)
7640 hprot |= SHOST_DIX_TYPE0_PROTECTION;
7641 break;
7642 }
7643
7644 scsi_host_set_prot(hpnt, hprot);
7645
7646 if (have_dif_prot || sdebug_dix)
7647 pr_info("host protection%s%s%s%s%s%s%s\n",
7648 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
7649 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
7650 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
7651 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
7652 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
7653 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
7654 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
7655
7656 if (sdebug_guard == 1)
7657 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
7658 else
7659 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
7660
7661 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
7662 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
7663 if (sdebug_every_nth) /* need stats counters for every_nth */
7664 sdebug_statistics = true;
7665 error = scsi_add_host(hpnt, &sdbg_host->dev);
7666 if (error) {
7667 pr_err("scsi_add_host failed\n");
7668 error = -ENODEV;
7669 scsi_host_put(hpnt);
7670 } else {
7671 scsi_scan_host(hpnt);
7672 }
7673
7674 return error;
7675}
7676
7677static int sdebug_driver_remove(struct device *dev)
7678{
7679 struct sdebug_host_info *sdbg_host;
7680 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7681
7682 sdbg_host = to_sdebug_host(dev);
7683
7684 scsi_remove_host(sdbg_host->shost);
7685
7686 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7687 dev_list) {
7688 list_del(&sdbg_devinfo->dev_list);
7689 kfree(sdbg_devinfo->zstate);
7690 kfree(sdbg_devinfo);
7691 }
7692
7693 scsi_host_put(sdbg_host->shost);
7694 return 0;
7695}
7696
7697static int pseudo_lld_bus_match(struct device *dev,
7698 struct device_driver *dev_driver)
7699{
7700 return 1;
7701}
7702
7703static struct bus_type pseudo_lld_bus = {
7704 .name = "pseudo",
7705 .match = pseudo_lld_bus_match,
7706 .probe = sdebug_driver_probe,
7707 .remove = sdebug_driver_remove,
7708 .drv_groups = sdebug_drv_groups,
7709};