Loading...
1/*
2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
8 *
9 * This version is more generic, simulating a variable number of disk
10 * (or disk like devices) sharing a common amount of RAM. To be more
11 * realistic, the simulated devices have the transport attributes of
12 * SAS disks.
13 *
14 *
15 * For documentation see http://sg.danny.cz/sg/sdebug26.html
16 *
17 * D. Gilbert (dpg) work for Magneto-Optical device test [20010421]
18 * dpg: work for devfs large number of disks [20010809]
19 * forked for lk 2.5 series [20011216, 20020101]
20 * use vmalloc() more inquiry+mode_sense [20020302]
21 * add timers for delayed responses [20020721]
22 * Patrick Mansfield <patmans@us.ibm.com> max_luns+scsi_level [20021031]
23 * Mike Anderson <andmike@us.ibm.com> sysfs work [20021118]
24 * dpg: change style of boot options to "scsi_debug.num_tgts=2" and
25 * module options to "modprobe scsi_debug num_tgts=2" [20021221]
26 */
27
28
29#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
30
31#include <linux/module.h>
32
33#include <linux/kernel.h>
34#include <linux/errno.h>
35#include <linux/timer.h>
36#include <linux/slab.h>
37#include <linux/types.h>
38#include <linux/string.h>
39#include <linux/genhd.h>
40#include <linux/fs.h>
41#include <linux/init.h>
42#include <linux/proc_fs.h>
43#include <linux/vmalloc.h>
44#include <linux/moduleparam.h>
45#include <linux/scatterlist.h>
46#include <linux/blkdev.h>
47#include <linux/crc-t10dif.h>
48#include <linux/spinlock.h>
49#include <linux/interrupt.h>
50#include <linux/atomic.h>
51#include <linux/hrtimer.h>
52
53#include <net/checksum.h>
54
55#include <asm/unaligned.h>
56
57#include <scsi/scsi.h>
58#include <scsi/scsi_cmnd.h>
59#include <scsi/scsi_device.h>
60#include <scsi/scsi_host.h>
61#include <scsi/scsicam.h>
62#include <scsi/scsi_eh.h>
63#include <scsi/scsi_tcq.h>
64#include <scsi/scsi_dbg.h>
65
66#include "sd.h"
67#include "scsi_logging.h"
68
69#define SCSI_DEBUG_VERSION "1.85"
70static const char *scsi_debug_version_date = "20141022";
71
72#define MY_NAME "scsi_debug"
73
74/* Additional Sense Code (ASC) */
75#define NO_ADDITIONAL_SENSE 0x0
76#define LOGICAL_UNIT_NOT_READY 0x4
77#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
78#define UNRECOVERED_READ_ERR 0x11
79#define PARAMETER_LIST_LENGTH_ERR 0x1a
80#define INVALID_OPCODE 0x20
81#define LBA_OUT_OF_RANGE 0x21
82#define INVALID_FIELD_IN_CDB 0x24
83#define INVALID_FIELD_IN_PARAM_LIST 0x26
84#define UA_RESET_ASC 0x29
85#define UA_CHANGED_ASC 0x2a
86#define TARGET_CHANGED_ASC 0x3f
87#define LUNS_CHANGED_ASCQ 0x0e
88#define INSUFF_RES_ASC 0x55
89#define INSUFF_RES_ASCQ 0x3
90#define POWER_ON_RESET_ASCQ 0x0
91#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
92#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
93#define CAPACITY_CHANGED_ASCQ 0x9
94#define SAVING_PARAMS_UNSUP 0x39
95#define TRANSPORT_PROBLEM 0x4b
96#define THRESHOLD_EXCEEDED 0x5d
97#define LOW_POWER_COND_ON 0x5e
98#define MISCOMPARE_VERIFY_ASC 0x1d
99#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
100#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
101
102/* Additional Sense Code Qualifier (ASCQ) */
103#define ACK_NAK_TO 0x3
104
105
106/* Default values for driver parameters */
107#define DEF_NUM_HOST 1
108#define DEF_NUM_TGTS 1
109#define DEF_MAX_LUNS 1
110/* With these defaults, this driver will make 1 host with 1 target
111 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
112 */
113#define DEF_ATO 1
114#define DEF_DELAY 1 /* if > 0 unit is a jiffy */
115#define DEF_DEV_SIZE_MB 8
116#define DEF_DIF 0
117#define DEF_DIX 0
118#define DEF_D_SENSE 0
119#define DEF_EVERY_NTH 0
120#define DEF_FAKE_RW 0
121#define DEF_GUARD 0
122#define DEF_HOST_LOCK 0
123#define DEF_LBPU 0
124#define DEF_LBPWS 0
125#define DEF_LBPWS10 0
126#define DEF_LBPRZ 1
127#define DEF_LOWEST_ALIGNED 0
128#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
129#define DEF_NO_LUN_0 0
130#define DEF_NUM_PARTS 0
131#define DEF_OPTS 0
132#define DEF_OPT_BLKS 1024
133#define DEF_PHYSBLK_EXP 0
134#define DEF_PTYPE 0
135#define DEF_REMOVABLE false
136#define DEF_SCSI_LEVEL 6 /* INQUIRY, byte2 [6->SPC-4] */
137#define DEF_SECTOR_SIZE 512
138#define DEF_UNMAP_ALIGNMENT 0
139#define DEF_UNMAP_GRANULARITY 1
140#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
141#define DEF_UNMAP_MAX_DESC 256
142#define DEF_VIRTUAL_GB 0
143#define DEF_VPD_USE_HOSTNO 1
144#define DEF_WRITESAME_LENGTH 0xFFFF
145#define DEF_STRICT 0
146#define DELAY_OVERRIDDEN -9999
147
148/* bit mask values for scsi_debug_opts */
149#define SCSI_DEBUG_OPT_NOISE 1
150#define SCSI_DEBUG_OPT_MEDIUM_ERR 2
151#define SCSI_DEBUG_OPT_TIMEOUT 4
152#define SCSI_DEBUG_OPT_RECOVERED_ERR 8
153#define SCSI_DEBUG_OPT_TRANSPORT_ERR 16
154#define SCSI_DEBUG_OPT_DIF_ERR 32
155#define SCSI_DEBUG_OPT_DIX_ERR 64
156#define SCSI_DEBUG_OPT_MAC_TIMEOUT 128
157#define SCSI_DEBUG_OPT_SHORT_TRANSFER 0x100
158#define SCSI_DEBUG_OPT_Q_NOISE 0x200
159#define SCSI_DEBUG_OPT_ALL_TSF 0x400
160#define SCSI_DEBUG_OPT_RARE_TSF 0x800
161#define SCSI_DEBUG_OPT_N_WCE 0x1000
162#define SCSI_DEBUG_OPT_RESET_NOISE 0x2000
163#define SCSI_DEBUG_OPT_NO_CDB_NOISE 0x4000
164#define SCSI_DEBUG_OPT_ALL_NOISE (0x1 | 0x200 | 0x2000)
165/* When "every_nth" > 0 then modulo "every_nth" commands:
166 * - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
167 * - a RECOVERED_ERROR is simulated on successful read and write
168 * commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
169 * - a TRANSPORT_ERROR is simulated on successful read and write
170 * commands if SCSI_DEBUG_OPT_TRANSPORT_ERR is set.
171 *
172 * When "every_nth" < 0 then after "- every_nth" commands:
173 * - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
174 * - a RECOVERED_ERROR is simulated on successful read and write
175 * commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
176 * - a TRANSPORT_ERROR is simulated on successful read and write
177 * commands if SCSI_DEBUG_OPT_TRANSPORT_ERR is set.
178 * This will continue until some other action occurs (e.g. the user
179 * writing a new value (other than -1 or 1) to every_nth via sysfs).
180 */
181
182/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs)are returned in
183 * priority order. In the subset implemented here lower numbers have higher
184 * priority. The UA numbers should be a sequence starting from 0 with
185 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
186#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
187#define SDEBUG_UA_BUS_RESET 1
188#define SDEBUG_UA_MODE_CHANGED 2
189#define SDEBUG_UA_CAPACITY_CHANGED 3
190#define SDEBUG_UA_LUNS_CHANGED 4
191#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
192#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
193#define SDEBUG_NUM_UAS 7
194
195/* for check_readiness() */
196#define UAS_ONLY 1 /* check for UAs only */
197#define UAS_TUR 0 /* if no UAs then check if media access possible */
198
199/* when 1==SCSI_DEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
200 * sector on read commands: */
201#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
202#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
203
204/* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
205 * or "peripheral device" addressing (value 0) */
206#define SAM2_LUN_ADDRESS_METHOD 0
207
208/* SCSI_DEBUG_CANQUEUE is the maximum number of commands that can be queued
209 * (for response) at one time. Can be reduced by max_queue option. Command
210 * responses are not queued when delay=0 and ndelay=0. The per-device
211 * DEF_CMD_PER_LUN can be changed via sysfs:
212 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth but cannot exceed
213 * SCSI_DEBUG_CANQUEUE. */
214#define SCSI_DEBUG_CANQUEUE_WORDS 9 /* a WORD is bits in a long */
215#define SCSI_DEBUG_CANQUEUE (SCSI_DEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
216#define DEF_CMD_PER_LUN 255
217
218#if DEF_CMD_PER_LUN > SCSI_DEBUG_CANQUEUE
219#warning "Expect DEF_CMD_PER_LUN <= SCSI_DEBUG_CANQUEUE"
220#endif
221
222/* SCSI opcodes (first byte of cdb) mapped onto these indexes */
223enum sdeb_opcode_index {
224 SDEB_I_INVALID_OPCODE = 0,
225 SDEB_I_INQUIRY = 1,
226 SDEB_I_REPORT_LUNS = 2,
227 SDEB_I_REQUEST_SENSE = 3,
228 SDEB_I_TEST_UNIT_READY = 4,
229 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
230 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
231 SDEB_I_LOG_SENSE = 7,
232 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
233 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
234 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
235 SDEB_I_START_STOP = 11,
236 SDEB_I_SERV_ACT_IN = 12, /* 12, 16 */
237 SDEB_I_SERV_ACT_OUT = 13, /* 12, 16 */
238 SDEB_I_MAINT_IN = 14,
239 SDEB_I_MAINT_OUT = 15,
240 SDEB_I_VERIFY = 16, /* 10 only */
241 SDEB_I_VARIABLE_LEN = 17,
242 SDEB_I_RESERVE = 18, /* 6, 10 */
243 SDEB_I_RELEASE = 19, /* 6, 10 */
244 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
245 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
246 SDEB_I_ATA_PT = 22, /* 12, 16 */
247 SDEB_I_SEND_DIAG = 23,
248 SDEB_I_UNMAP = 24,
249 SDEB_I_XDWRITEREAD = 25, /* 10 only */
250 SDEB_I_WRITE_BUFFER = 26,
251 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
252 SDEB_I_SYNC_CACHE = 28, /* 10 only */
253 SDEB_I_COMP_WRITE = 29,
254 SDEB_I_LAST_ELEMENT = 30, /* keep this last */
255};
256
257static const unsigned char opcode_ind_arr[256] = {
258/* 0x0; 0x0->0x1f: 6 byte cdbs */
259 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
260 0, 0, 0, 0,
261 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
262 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
263 SDEB_I_RELEASE,
264 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
265 SDEB_I_ALLOW_REMOVAL, 0,
266/* 0x20; 0x20->0x3f: 10 byte cdbs */
267 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
268 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
269 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
270 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
271/* 0x40; 0x40->0x5f: 10 byte cdbs */
272 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
273 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
274 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
275 SDEB_I_RELEASE,
276 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
277/* 0x60; 0x60->0x7d are reserved */
278 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
279 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
280 0, SDEB_I_VARIABLE_LEN,
281/* 0x80; 0x80->0x9f: 16 byte cdbs */
282 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
283 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
284 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
285 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN, SDEB_I_SERV_ACT_OUT,
286/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
287 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
288 SDEB_I_MAINT_OUT, 0, 0, 0,
289 SDEB_I_READ, SDEB_I_SERV_ACT_OUT, SDEB_I_WRITE, SDEB_I_SERV_ACT_IN,
290 0, 0, 0, 0,
291 0, 0, 0, 0, 0, 0, 0, 0,
292 0, 0, 0, 0, 0, 0, 0, 0,
293/* 0xc0; 0xc0->0xff: vendor specific */
294 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
295 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
296 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
297 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
298};
299
300#define F_D_IN 1
301#define F_D_OUT 2
302#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
303#define F_D_UNKN 8
304#define F_RL_WLUN_OK 0x10
305#define F_SKIP_UA 0x20
306#define F_DELAY_OVERR 0x40
307#define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
308#define F_SA_HIGH 0x100 /* as used by variable length cdbs */
309#define F_INV_OP 0x200
310#define F_FAKE_RW 0x400
311#define F_M_ACCESS 0x800 /* media access */
312
313#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
314#define FF_DIRECT_IO (F_M_ACCESS | F_FAKE_RW)
315#define FF_SA (F_SA_HIGH | F_SA_LOW)
316
317struct sdebug_dev_info;
318static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
319static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
320static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
321static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
322static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
323static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
324static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
325static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
326static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
327static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
328static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
329static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
330static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
331static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
332static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
333static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
334static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
335static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
336static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
337static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
338static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
339
340struct opcode_info_t {
341 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff
342 * for terminating element */
343 u8 opcode; /* if num_attached > 0, preferred */
344 u16 sa; /* service action */
345 u32 flags; /* OR-ed set of SDEB_F_* */
346 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
347 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
348 u8 len_mask[16]; /* len=len_mask[0], then mask for cdb[1]... */
349 /* ignore cdb bytes after position 15 */
350};
351
352static const struct opcode_info_t msense_iarr[1] = {
353 {0, 0x1a, 0, F_D_IN, NULL, NULL,
354 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
355};
356
357static const struct opcode_info_t mselect_iarr[1] = {
358 {0, 0x15, 0, F_D_OUT, NULL, NULL,
359 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
360};
361
362static const struct opcode_info_t read_iarr[3] = {
363 {0, 0x28, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(10) */
364 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
365 0, 0, 0, 0} },
366 {0, 0x8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL, /* READ(6) */
367 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
368 {0, 0xa8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(12) */
369 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
370 0xc7, 0, 0, 0, 0} },
371};
372
373static const struct opcode_info_t write_iarr[3] = {
374 {0, 0x2a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 10 */
375 {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
376 0, 0, 0, 0} },
377 {0, 0xa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 6 */
378 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
379 {0, 0xaa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 12 */
380 {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
381 0xc7, 0, 0, 0, 0} },
382};
383
384static const struct opcode_info_t sa_in_iarr[1] = {
385 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
386 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
387 0xff, 0xff, 0xff, 0, 0xc7} },
388};
389
390static const struct opcode_info_t vl_iarr[1] = { /* VARIABLE LENGTH */
391 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_DIRECT_IO, resp_write_dt0,
392 NULL, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0xb, 0xfa,
393 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
394};
395
396static const struct opcode_info_t maint_in_iarr[2] = {
397 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
398 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
399 0xc7, 0, 0, 0, 0} },
400 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
401 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
402 0, 0} },
403};
404
405static const struct opcode_info_t write_same_iarr[1] = {
406 {0, 0x93, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_16, NULL,
407 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
408 0xff, 0xff, 0xff, 0x1f, 0xc7} },
409};
410
411static const struct opcode_info_t reserve_iarr[1] = {
412 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
413 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
414};
415
416static const struct opcode_info_t release_iarr[1] = {
417 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
418 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
419};
420
421
422/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
423 * plus the terminating elements for logic that scans this table such as
424 * REPORT SUPPORTED OPERATION CODES. */
425static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
426/* 0 */
427 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL,
428 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
429 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL,
430 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
431 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
432 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
433 0, 0} },
434 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
435 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
436 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
437 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
438 {1, 0x5a, 0, F_D_IN, resp_mode_sense, msense_iarr,
439 {10, 0xf8, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
440 0} },
441 {1, 0x55, 0, F_D_OUT, resp_mode_select, mselect_iarr,
442 {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
443 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL,
444 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
445 0, 0, 0} },
446 {0, 0x25, 0, F_D_IN, resp_readcap, NULL,
447 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
448 0, 0} },
449 {3, 0x88, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, read_iarr,
450 {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
451 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* READ(16) */
452/* 10 */
453 {3, 0x8a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, write_iarr,
454 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
455 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* WRITE(16) */
456 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */
457 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
458 {1, 0x9e, 0x10, F_SA_LOW | F_D_IN, resp_readcap16, sa_in_iarr,
459 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
460 0xff, 0xff, 0xff, 0x1, 0xc7} }, /* READ CAPACITY(16) */
461 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* SA OUT */
462 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
463 {2, 0xa3, 0xa, F_SA_LOW | F_D_IN, resp_report_tgtpgs, maint_in_iarr,
464 {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 0,
465 0} },
466 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
467 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
468 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, NULL, NULL, /* VERIFY(10) */
469 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
470 0, 0, 0, 0, 0, 0} },
471 {1, 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_DIRECT_IO, resp_read_dt0,
472 vl_iarr, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0x9, 0xfe, 0,
473 0xff, 0xff, 0xff, 0xff} },/* VARIABLE LENGTH, READ(32) */
474 {1, 0x56, 0, F_D_OUT, NULL, reserve_iarr, /* RESERVE(10) */
475 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
476 0} },
477 {1, 0x57, 0, F_D_OUT, NULL, release_iarr, /* RELEASE(10) */
478 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
479 0} },
480/* 20 */
481 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
482 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
483 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
484 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
485 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
486 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
487 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
488 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
489 {0, 0x42, 0, F_D_OUT | FF_DIRECT_IO, resp_unmap, NULL, /* UNMAP */
490 {10, 0x1, 0, 0, 0, 0, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
491 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_DIRECT_IO, resp_xdwriteread_10,
492 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7,
493 0, 0, 0, 0, 0, 0} },
494 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
495 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
496 0, 0, 0, 0} }, /* WRITE_BUFFER */
497 {1, 0x41, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_10,
498 write_same_iarr, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff,
499 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
500 {0, 0x35, 0, F_DELAY_OVERR | FF_DIRECT_IO, NULL, NULL, /* SYNC_CACHE */
501 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
502 0, 0, 0, 0} },
503 {0, 0x89, 0, F_D_OUT | FF_DIRECT_IO, resp_comp_write, NULL,
504 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
505 0, 0xff, 0x1f, 0xc7} }, /* COMPARE AND WRITE */
506
507/* 30 */
508 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
509 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
510};
511
512struct sdebug_scmd_extra_t {
513 bool inj_recovered;
514 bool inj_transport;
515 bool inj_dif;
516 bool inj_dix;
517 bool inj_short;
518};
519
520static int scsi_debug_add_host = DEF_NUM_HOST;
521static int scsi_debug_ato = DEF_ATO;
522static int scsi_debug_delay = DEF_DELAY;
523static int scsi_debug_dev_size_mb = DEF_DEV_SIZE_MB;
524static int scsi_debug_dif = DEF_DIF;
525static int scsi_debug_dix = DEF_DIX;
526static int scsi_debug_dsense = DEF_D_SENSE;
527static int scsi_debug_every_nth = DEF_EVERY_NTH;
528static int scsi_debug_fake_rw = DEF_FAKE_RW;
529static unsigned int scsi_debug_guard = DEF_GUARD;
530static int scsi_debug_lowest_aligned = DEF_LOWEST_ALIGNED;
531static int scsi_debug_max_luns = DEF_MAX_LUNS;
532static int scsi_debug_max_queue = SCSI_DEBUG_CANQUEUE;
533static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
534static int scsi_debug_ndelay = DEF_NDELAY;
535static int scsi_debug_no_lun_0 = DEF_NO_LUN_0;
536static int scsi_debug_no_uld = 0;
537static int scsi_debug_num_parts = DEF_NUM_PARTS;
538static int scsi_debug_num_tgts = DEF_NUM_TGTS; /* targets per host */
539static int scsi_debug_opt_blks = DEF_OPT_BLKS;
540static int scsi_debug_opts = DEF_OPTS;
541static int scsi_debug_physblk_exp = DEF_PHYSBLK_EXP;
542static int scsi_debug_ptype = DEF_PTYPE; /* SCSI peripheral type (0==disk) */
543static int scsi_debug_scsi_level = DEF_SCSI_LEVEL;
544static int scsi_debug_sector_size = DEF_SECTOR_SIZE;
545static int scsi_debug_virtual_gb = DEF_VIRTUAL_GB;
546static int scsi_debug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
547static unsigned int scsi_debug_lbpu = DEF_LBPU;
548static unsigned int scsi_debug_lbpws = DEF_LBPWS;
549static unsigned int scsi_debug_lbpws10 = DEF_LBPWS10;
550static unsigned int scsi_debug_lbprz = DEF_LBPRZ;
551static unsigned int scsi_debug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
552static unsigned int scsi_debug_unmap_granularity = DEF_UNMAP_GRANULARITY;
553static unsigned int scsi_debug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
554static unsigned int scsi_debug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
555static unsigned int scsi_debug_write_same_length = DEF_WRITESAME_LENGTH;
556static bool scsi_debug_removable = DEF_REMOVABLE;
557static bool scsi_debug_clustering;
558static bool scsi_debug_host_lock = DEF_HOST_LOCK;
559static bool scsi_debug_strict = DEF_STRICT;
560static bool sdebug_any_injecting_opt;
561
562static atomic_t sdebug_cmnd_count;
563static atomic_t sdebug_completions;
564static atomic_t sdebug_a_tsf; /* counter of 'almost' TSFs */
565
566#define DEV_READONLY(TGT) (0)
567
568static unsigned int sdebug_store_sectors;
569static sector_t sdebug_capacity; /* in sectors */
570
571/* old BIOS stuff, kernel may get rid of them but some mode sense pages
572 may still need them */
573static int sdebug_heads; /* heads per disk */
574static int sdebug_cylinders_per; /* cylinders per surface */
575static int sdebug_sectors_per; /* sectors per cylinder */
576
577#define SDEBUG_MAX_PARTS 4
578
579#define SCSI_DEBUG_MAX_CMD_LEN 32
580
581static unsigned int scsi_debug_lbp(void)
582{
583 return ((0 == scsi_debug_fake_rw) &&
584 (scsi_debug_lbpu | scsi_debug_lbpws | scsi_debug_lbpws10));
585}
586
587struct sdebug_dev_info {
588 struct list_head dev_list;
589 unsigned int channel;
590 unsigned int target;
591 u64 lun;
592 struct sdebug_host_info *sdbg_host;
593 unsigned long uas_bm[1];
594 atomic_t num_in_q;
595 char stopped; /* TODO: should be atomic */
596 bool used;
597};
598
599struct sdebug_host_info {
600 struct list_head host_list;
601 struct Scsi_Host *shost;
602 struct device dev;
603 struct list_head dev_info_list;
604};
605
606#define to_sdebug_host(d) \
607 container_of(d, struct sdebug_host_info, dev)
608
609static LIST_HEAD(sdebug_host_list);
610static DEFINE_SPINLOCK(sdebug_host_list_lock);
611
612
613struct sdebug_hrtimer { /* ... is derived from hrtimer */
614 struct hrtimer hrt; /* must be first element */
615 int qa_indx;
616};
617
618struct sdebug_queued_cmd {
619 /* in_use flagged by a bit in queued_in_use_bm[] */
620 struct timer_list *cmnd_timerp;
621 struct tasklet_struct *tletp;
622 struct sdebug_hrtimer *sd_hrtp;
623 struct scsi_cmnd * a_cmnd;
624};
625static struct sdebug_queued_cmd queued_arr[SCSI_DEBUG_CANQUEUE];
626static unsigned long queued_in_use_bm[SCSI_DEBUG_CANQUEUE_WORDS];
627
628
629static unsigned char * fake_storep; /* ramdisk storage */
630static struct sd_dif_tuple *dif_storep; /* protection info */
631static void *map_storep; /* provisioning map */
632
633static unsigned long map_size;
634static int num_aborts;
635static int num_dev_resets;
636static int num_target_resets;
637static int num_bus_resets;
638static int num_host_resets;
639static int dix_writes;
640static int dix_reads;
641static int dif_errors;
642
643static DEFINE_SPINLOCK(queued_arr_lock);
644static DEFINE_RWLOCK(atomic_rw);
645
646static char sdebug_proc_name[] = MY_NAME;
647static const char *my_name = MY_NAME;
648
649static struct bus_type pseudo_lld_bus;
650
651static struct device_driver sdebug_driverfs_driver = {
652 .name = sdebug_proc_name,
653 .bus = &pseudo_lld_bus,
654};
655
656static const int check_condition_result =
657 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
658
659static const int illegal_condition_result =
660 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
661
662static const int device_qfull_result =
663 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
664
665static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
666 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
667 0, 0, 0, 0};
668static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
669 0, 0, 0x2, 0x4b};
670static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
671 0, 0, 0x0, 0x0};
672
673static void *fake_store(unsigned long long lba)
674{
675 lba = do_div(lba, sdebug_store_sectors);
676
677 return fake_storep + lba * scsi_debug_sector_size;
678}
679
680static struct sd_dif_tuple *dif_store(sector_t sector)
681{
682 sector = sector_div(sector, sdebug_store_sectors);
683
684 return dif_storep + sector;
685}
686
687static int sdebug_add_adapter(void);
688static void sdebug_remove_adapter(void);
689
690static void sdebug_max_tgts_luns(void)
691{
692 struct sdebug_host_info *sdbg_host;
693 struct Scsi_Host *hpnt;
694
695 spin_lock(&sdebug_host_list_lock);
696 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
697 hpnt = sdbg_host->shost;
698 if ((hpnt->this_id >= 0) &&
699 (scsi_debug_num_tgts > hpnt->this_id))
700 hpnt->max_id = scsi_debug_num_tgts + 1;
701 else
702 hpnt->max_id = scsi_debug_num_tgts;
703 /* scsi_debug_max_luns; */
704 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
705 }
706 spin_unlock(&sdebug_host_list_lock);
707}
708
709enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
710
711/* Set in_bit to -1 to indicate no bit position of invalid field */
712static void
713mk_sense_invalid_fld(struct scsi_cmnd *scp, enum sdeb_cmd_data c_d,
714 int in_byte, int in_bit)
715{
716 unsigned char *sbuff;
717 u8 sks[4];
718 int sl, asc;
719
720 sbuff = scp->sense_buffer;
721 if (!sbuff) {
722 sdev_printk(KERN_ERR, scp->device,
723 "%s: sense_buffer is NULL\n", __func__);
724 return;
725 }
726 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
727 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
728 scsi_build_sense_buffer(scsi_debug_dsense, sbuff, ILLEGAL_REQUEST,
729 asc, 0);
730 memset(sks, 0, sizeof(sks));
731 sks[0] = 0x80;
732 if (c_d)
733 sks[0] |= 0x40;
734 if (in_bit >= 0) {
735 sks[0] |= 0x8;
736 sks[0] |= 0x7 & in_bit;
737 }
738 put_unaligned_be16(in_byte, sks + 1);
739 if (scsi_debug_dsense) {
740 sl = sbuff[7] + 8;
741 sbuff[7] = sl;
742 sbuff[sl] = 0x2;
743 sbuff[sl + 1] = 0x6;
744 memcpy(sbuff + sl + 4, sks, 3);
745 } else
746 memcpy(sbuff + 15, sks, 3);
747 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
748 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
749 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
750 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
751}
752
753static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
754{
755 unsigned char *sbuff;
756
757 sbuff = scp->sense_buffer;
758 if (!sbuff) {
759 sdev_printk(KERN_ERR, scp->device,
760 "%s: sense_buffer is NULL\n", __func__);
761 return;
762 }
763 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
764
765 scsi_build_sense_buffer(scsi_debug_dsense, sbuff, key, asc, asq);
766
767 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
768 sdev_printk(KERN_INFO, scp->device,
769 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
770 my_name, key, asc, asq);
771}
772
773static void
774mk_sense_invalid_opcode(struct scsi_cmnd *scp)
775{
776 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
777}
778
779static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
780{
781 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) {
782 if (0x1261 == cmd)
783 sdev_printk(KERN_INFO, dev,
784 "%s: BLKFLSBUF [0x1261]\n", __func__);
785 else if (0x5331 == cmd)
786 sdev_printk(KERN_INFO, dev,
787 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
788 __func__);
789 else
790 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
791 __func__, cmd);
792 }
793 return -EINVAL;
794 /* return -ENOTTY; // correct return but upsets fdisk */
795}
796
797static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
798{
799 struct sdebug_host_info *sdhp;
800 struct sdebug_dev_info *dp;
801
802 spin_lock(&sdebug_host_list_lock);
803 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
804 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
805 if ((devip->sdbg_host == dp->sdbg_host) &&
806 (devip->target == dp->target))
807 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
808 }
809 }
810 spin_unlock(&sdebug_host_list_lock);
811}
812
813static int check_readiness(struct scsi_cmnd *SCpnt, int uas_only,
814 struct sdebug_dev_info * devip)
815{
816 int k;
817 bool debug = !!(SCSI_DEBUG_OPT_NOISE & scsi_debug_opts);
818
819 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
820 if (k != SDEBUG_NUM_UAS) {
821 const char *cp = NULL;
822
823 switch (k) {
824 case SDEBUG_UA_POR:
825 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
826 UA_RESET_ASC, POWER_ON_RESET_ASCQ);
827 if (debug)
828 cp = "power on reset";
829 break;
830 case SDEBUG_UA_BUS_RESET:
831 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
832 UA_RESET_ASC, BUS_RESET_ASCQ);
833 if (debug)
834 cp = "bus reset";
835 break;
836 case SDEBUG_UA_MODE_CHANGED:
837 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
838 UA_CHANGED_ASC, MODE_CHANGED_ASCQ);
839 if (debug)
840 cp = "mode parameters changed";
841 break;
842 case SDEBUG_UA_CAPACITY_CHANGED:
843 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
844 UA_CHANGED_ASC, CAPACITY_CHANGED_ASCQ);
845 if (debug)
846 cp = "capacity data changed";
847 break;
848 case SDEBUG_UA_MICROCODE_CHANGED:
849 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
850 TARGET_CHANGED_ASC, MICROCODE_CHANGED_ASCQ);
851 if (debug)
852 cp = "microcode has been changed";
853 break;
854 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
855 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
856 TARGET_CHANGED_ASC,
857 MICROCODE_CHANGED_WO_RESET_ASCQ);
858 if (debug)
859 cp = "microcode has been changed without reset";
860 break;
861 case SDEBUG_UA_LUNS_CHANGED:
862 /*
863 * SPC-3 behavior is to report a UNIT ATTENTION with
864 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
865 * on the target, until a REPORT LUNS command is
866 * received. SPC-4 behavior is to report it only once.
867 * NOTE: scsi_debug_scsi_level does not use the same
868 * values as struct scsi_device->scsi_level.
869 */
870 if (scsi_debug_scsi_level >= 6) /* SPC-4 and above */
871 clear_luns_changed_on_target(devip);
872 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
873 TARGET_CHANGED_ASC,
874 LUNS_CHANGED_ASCQ);
875 if (debug)
876 cp = "reported luns data has changed";
877 break;
878 default:
879 pr_warn("%s: unexpected unit attention code=%d\n",
880 __func__, k);
881 if (debug)
882 cp = "unknown";
883 break;
884 }
885 clear_bit(k, devip->uas_bm);
886 if (debug)
887 sdev_printk(KERN_INFO, SCpnt->device,
888 "%s reports: Unit attention: %s\n",
889 my_name, cp);
890 return check_condition_result;
891 }
892 if ((UAS_TUR == uas_only) && devip->stopped) {
893 mk_sense_buffer(SCpnt, NOT_READY, LOGICAL_UNIT_NOT_READY,
894 0x2);
895 if (debug)
896 sdev_printk(KERN_INFO, SCpnt->device,
897 "%s reports: Not ready: %s\n", my_name,
898 "initializing command required");
899 return check_condition_result;
900 }
901 return 0;
902}
903
904/* Returns 0 if ok else (DID_ERROR << 16). Sets scp->resid . */
905static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
906 int arr_len)
907{
908 int act_len;
909 struct scsi_data_buffer *sdb = scsi_in(scp);
910
911 if (!sdb->length)
912 return 0;
913 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
914 return (DID_ERROR << 16);
915
916 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
917 arr, arr_len);
918 sdb->resid = scsi_bufflen(scp) - act_len;
919
920 return 0;
921}
922
923/* Returns number of bytes fetched into 'arr' or -1 if error. */
924static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
925 int arr_len)
926{
927 if (!scsi_bufflen(scp))
928 return 0;
929 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
930 return -1;
931
932 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
933}
934
935
936static const char * inq_vendor_id = "Linux ";
937static const char * inq_product_id = "scsi_debug ";
938static const char *inq_product_rev = "0184"; /* version less '.' */
939
940/* Device identification VPD page. Returns number of bytes placed in arr */
941static int inquiry_evpd_83(unsigned char * arr, int port_group_id,
942 int target_dev_id, int dev_id_num,
943 const char * dev_id_str,
944 int dev_id_str_len)
945{
946 int num, port_a;
947 char b[32];
948
949 port_a = target_dev_id + 1;
950 /* T10 vendor identifier field format (faked) */
951 arr[0] = 0x2; /* ASCII */
952 arr[1] = 0x1;
953 arr[2] = 0x0;
954 memcpy(&arr[4], inq_vendor_id, 8);
955 memcpy(&arr[12], inq_product_id, 16);
956 memcpy(&arr[28], dev_id_str, dev_id_str_len);
957 num = 8 + 16 + dev_id_str_len;
958 arr[3] = num;
959 num += 4;
960 if (dev_id_num >= 0) {
961 /* NAA-5, Logical unit identifier (binary) */
962 arr[num++] = 0x1; /* binary (not necessarily sas) */
963 arr[num++] = 0x3; /* PIV=0, lu, naa */
964 arr[num++] = 0x0;
965 arr[num++] = 0x8;
966 arr[num++] = 0x53; /* naa-5 ieee company id=0x333333 (fake) */
967 arr[num++] = 0x33;
968 arr[num++] = 0x33;
969 arr[num++] = 0x30;
970 arr[num++] = (dev_id_num >> 24);
971 arr[num++] = (dev_id_num >> 16) & 0xff;
972 arr[num++] = (dev_id_num >> 8) & 0xff;
973 arr[num++] = dev_id_num & 0xff;
974 /* Target relative port number */
975 arr[num++] = 0x61; /* proto=sas, binary */
976 arr[num++] = 0x94; /* PIV=1, target port, rel port */
977 arr[num++] = 0x0; /* reserved */
978 arr[num++] = 0x4; /* length */
979 arr[num++] = 0x0; /* reserved */
980 arr[num++] = 0x0; /* reserved */
981 arr[num++] = 0x0;
982 arr[num++] = 0x1; /* relative port A */
983 }
984 /* NAA-5, Target port identifier */
985 arr[num++] = 0x61; /* proto=sas, binary */
986 arr[num++] = 0x93; /* piv=1, target port, naa */
987 arr[num++] = 0x0;
988 arr[num++] = 0x8;
989 arr[num++] = 0x52; /* naa-5, company id=0x222222 (fake) */
990 arr[num++] = 0x22;
991 arr[num++] = 0x22;
992 arr[num++] = 0x20;
993 arr[num++] = (port_a >> 24);
994 arr[num++] = (port_a >> 16) & 0xff;
995 arr[num++] = (port_a >> 8) & 0xff;
996 arr[num++] = port_a & 0xff;
997 /* NAA-5, Target port group identifier */
998 arr[num++] = 0x61; /* proto=sas, binary */
999 arr[num++] = 0x95; /* piv=1, target port group id */
1000 arr[num++] = 0x0;
1001 arr[num++] = 0x4;
1002 arr[num++] = 0;
1003 arr[num++] = 0;
1004 arr[num++] = (port_group_id >> 8) & 0xff;
1005 arr[num++] = port_group_id & 0xff;
1006 /* NAA-5, Target device identifier */
1007 arr[num++] = 0x61; /* proto=sas, binary */
1008 arr[num++] = 0xa3; /* piv=1, target device, naa */
1009 arr[num++] = 0x0;
1010 arr[num++] = 0x8;
1011 arr[num++] = 0x52; /* naa-5, company id=0x222222 (fake) */
1012 arr[num++] = 0x22;
1013 arr[num++] = 0x22;
1014 arr[num++] = 0x20;
1015 arr[num++] = (target_dev_id >> 24);
1016 arr[num++] = (target_dev_id >> 16) & 0xff;
1017 arr[num++] = (target_dev_id >> 8) & 0xff;
1018 arr[num++] = target_dev_id & 0xff;
1019 /* SCSI name string: Target device identifier */
1020 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1021 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1022 arr[num++] = 0x0;
1023 arr[num++] = 24;
1024 memcpy(arr + num, "naa.52222220", 12);
1025 num += 12;
1026 snprintf(b, sizeof(b), "%08X", target_dev_id);
1027 memcpy(arr + num, b, 8);
1028 num += 8;
1029 memset(arr + num, 0, 4);
1030 num += 4;
1031 return num;
1032}
1033
1034
1035static unsigned char vpd84_data[] = {
1036/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1037 0x22,0x22,0x22,0x0,0xbb,0x1,
1038 0x22,0x22,0x22,0x0,0xbb,0x2,
1039};
1040
1041/* Software interface identification VPD page */
1042static int inquiry_evpd_84(unsigned char * arr)
1043{
1044 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1045 return sizeof(vpd84_data);
1046}
1047
1048/* Management network addresses VPD page */
1049static int inquiry_evpd_85(unsigned char * arr)
1050{
1051 int num = 0;
1052 const char * na1 = "https://www.kernel.org/config";
1053 const char * na2 = "http://www.kernel.org/log";
1054 int plen, olen;
1055
1056 arr[num++] = 0x1; /* lu, storage config */
1057 arr[num++] = 0x0; /* reserved */
1058 arr[num++] = 0x0;
1059 olen = strlen(na1);
1060 plen = olen + 1;
1061 if (plen % 4)
1062 plen = ((plen / 4) + 1) * 4;
1063 arr[num++] = plen; /* length, null termianted, padded */
1064 memcpy(arr + num, na1, olen);
1065 memset(arr + num + olen, 0, plen - olen);
1066 num += plen;
1067
1068 arr[num++] = 0x4; /* lu, logging */
1069 arr[num++] = 0x0; /* reserved */
1070 arr[num++] = 0x0;
1071 olen = strlen(na2);
1072 plen = olen + 1;
1073 if (plen % 4)
1074 plen = ((plen / 4) + 1) * 4;
1075 arr[num++] = plen; /* length, null terminated, padded */
1076 memcpy(arr + num, na2, olen);
1077 memset(arr + num + olen, 0, plen - olen);
1078 num += plen;
1079
1080 return num;
1081}
1082
1083/* SCSI ports VPD page */
1084static int inquiry_evpd_88(unsigned char * arr, int target_dev_id)
1085{
1086 int num = 0;
1087 int port_a, port_b;
1088
1089 port_a = target_dev_id + 1;
1090 port_b = port_a + 1;
1091 arr[num++] = 0x0; /* reserved */
1092 arr[num++] = 0x0; /* reserved */
1093 arr[num++] = 0x0;
1094 arr[num++] = 0x1; /* relative port 1 (primary) */
1095 memset(arr + num, 0, 6);
1096 num += 6;
1097 arr[num++] = 0x0;
1098 arr[num++] = 12; /* length tp descriptor */
1099 /* naa-5 target port identifier (A) */
1100 arr[num++] = 0x61; /* proto=sas, binary */
1101 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1102 arr[num++] = 0x0; /* reserved */
1103 arr[num++] = 0x8; /* length */
1104 arr[num++] = 0x52; /* NAA-5, company_id=0x222222 (fake) */
1105 arr[num++] = 0x22;
1106 arr[num++] = 0x22;
1107 arr[num++] = 0x20;
1108 arr[num++] = (port_a >> 24);
1109 arr[num++] = (port_a >> 16) & 0xff;
1110 arr[num++] = (port_a >> 8) & 0xff;
1111 arr[num++] = port_a & 0xff;
1112
1113 arr[num++] = 0x0; /* reserved */
1114 arr[num++] = 0x0; /* reserved */
1115 arr[num++] = 0x0;
1116 arr[num++] = 0x2; /* relative port 2 (secondary) */
1117 memset(arr + num, 0, 6);
1118 num += 6;
1119 arr[num++] = 0x0;
1120 arr[num++] = 12; /* length tp descriptor */
1121 /* naa-5 target port identifier (B) */
1122 arr[num++] = 0x61; /* proto=sas, binary */
1123 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1124 arr[num++] = 0x0; /* reserved */
1125 arr[num++] = 0x8; /* length */
1126 arr[num++] = 0x52; /* NAA-5, company_id=0x222222 (fake) */
1127 arr[num++] = 0x22;
1128 arr[num++] = 0x22;
1129 arr[num++] = 0x20;
1130 arr[num++] = (port_b >> 24);
1131 arr[num++] = (port_b >> 16) & 0xff;
1132 arr[num++] = (port_b >> 8) & 0xff;
1133 arr[num++] = port_b & 0xff;
1134
1135 return num;
1136}
1137
1138
1139static unsigned char vpd89_data[] = {
1140/* from 4th byte */ 0,0,0,0,
1141'l','i','n','u','x',' ',' ',' ',
1142'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1143'1','2','3','4',
11440x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
11450xec,0,0,0,
11460x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
11470,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
11480x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
11490x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
11500x53,0x41,
11510x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
11520x20,0x20,
11530x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
11540x10,0x80,
11550,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
11560x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
11570x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
11580,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
11590x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
11600x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
11610,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
11620,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11630,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11640,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11650x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
11660,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
11670xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
11680,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
11690,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11700,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11710,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11720,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11730,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11740,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11750,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11760,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11770,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11780,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11790,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
11800,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1181};
1182
1183/* ATA Information VPD page */
1184static int inquiry_evpd_89(unsigned char * arr)
1185{
1186 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1187 return sizeof(vpd89_data);
1188}
1189
1190
1191static unsigned char vpdb0_data[] = {
1192 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1193 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1194 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1195 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1196};
1197
1198/* Block limits VPD page (SBC-3) */
1199static int inquiry_evpd_b0(unsigned char * arr)
1200{
1201 unsigned int gran;
1202
1203 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1204
1205 /* Optimal transfer length granularity */
1206 gran = 1 << scsi_debug_physblk_exp;
1207 arr[2] = (gran >> 8) & 0xff;
1208 arr[3] = gran & 0xff;
1209
1210 /* Maximum Transfer Length */
1211 if (sdebug_store_sectors > 0x400) {
1212 arr[4] = (sdebug_store_sectors >> 24) & 0xff;
1213 arr[5] = (sdebug_store_sectors >> 16) & 0xff;
1214 arr[6] = (sdebug_store_sectors >> 8) & 0xff;
1215 arr[7] = sdebug_store_sectors & 0xff;
1216 }
1217
1218 /* Optimal Transfer Length */
1219 put_unaligned_be32(scsi_debug_opt_blks, &arr[8]);
1220
1221 if (scsi_debug_lbpu) {
1222 /* Maximum Unmap LBA Count */
1223 put_unaligned_be32(scsi_debug_unmap_max_blocks, &arr[16]);
1224
1225 /* Maximum Unmap Block Descriptor Count */
1226 put_unaligned_be32(scsi_debug_unmap_max_desc, &arr[20]);
1227 }
1228
1229 /* Unmap Granularity Alignment */
1230 if (scsi_debug_unmap_alignment) {
1231 put_unaligned_be32(scsi_debug_unmap_alignment, &arr[28]);
1232 arr[28] |= 0x80; /* UGAVALID */
1233 }
1234
1235 /* Optimal Unmap Granularity */
1236 put_unaligned_be32(scsi_debug_unmap_granularity, &arr[24]);
1237
1238 /* Maximum WRITE SAME Length */
1239 put_unaligned_be64(scsi_debug_write_same_length, &arr[32]);
1240
1241 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1242
1243 return sizeof(vpdb0_data);
1244}
1245
1246/* Block device characteristics VPD page (SBC-3) */
1247static int inquiry_evpd_b1(unsigned char *arr)
1248{
1249 memset(arr, 0, 0x3c);
1250 arr[0] = 0;
1251 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1252 arr[2] = 0;
1253 arr[3] = 5; /* less than 1.8" */
1254
1255 return 0x3c;
1256}
1257
1258/* Logical block provisioning VPD page (SBC-3) */
1259static int inquiry_evpd_b2(unsigned char *arr)
1260{
1261 memset(arr, 0, 0x4);
1262 arr[0] = 0; /* threshold exponent */
1263
1264 if (scsi_debug_lbpu)
1265 arr[1] = 1 << 7;
1266
1267 if (scsi_debug_lbpws)
1268 arr[1] |= 1 << 6;
1269
1270 if (scsi_debug_lbpws10)
1271 arr[1] |= 1 << 5;
1272
1273 if (scsi_debug_lbprz)
1274 arr[1] |= 1 << 2;
1275
1276 return 0x4;
1277}
1278
1279#define SDEBUG_LONG_INQ_SZ 96
1280#define SDEBUG_MAX_INQ_ARR_SZ 584
1281
1282static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1283{
1284 unsigned char pq_pdt;
1285 unsigned char * arr;
1286 unsigned char *cmd = scp->cmnd;
1287 int alloc_len, n, ret;
1288 bool have_wlun;
1289
1290 alloc_len = (cmd[3] << 8) + cmd[4];
1291 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1292 if (! arr)
1293 return DID_REQUEUE << 16;
1294 have_wlun = (scp->device->lun == SCSI_W_LUN_REPORT_LUNS);
1295 if (have_wlun)
1296 pq_pdt = 0x1e; /* present, wlun */
1297 else if (scsi_debug_no_lun_0 && (0 == devip->lun))
1298 pq_pdt = 0x7f; /* not present, no device type */
1299 else
1300 pq_pdt = (scsi_debug_ptype & 0x1f);
1301 arr[0] = pq_pdt;
1302 if (0x2 & cmd[1]) { /* CMDDT bit set */
1303 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1304 kfree(arr);
1305 return check_condition_result;
1306 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1307 int lu_id_num, port_group_id, target_dev_id, len;
1308 char lu_id_str[6];
1309 int host_no = devip->sdbg_host->shost->host_no;
1310
1311 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1312 (devip->channel & 0x7f);
1313 if (0 == scsi_debug_vpd_use_hostno)
1314 host_no = 0;
1315 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1316 (devip->target * 1000) + devip->lun);
1317 target_dev_id = ((host_no + 1) * 2000) +
1318 (devip->target * 1000) - 3;
1319 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1320 if (0 == cmd[2]) { /* supported vital product data pages */
1321 arr[1] = cmd[2]; /*sanity */
1322 n = 4;
1323 arr[n++] = 0x0; /* this page */
1324 arr[n++] = 0x80; /* unit serial number */
1325 arr[n++] = 0x83; /* device identification */
1326 arr[n++] = 0x84; /* software interface ident. */
1327 arr[n++] = 0x85; /* management network addresses */
1328 arr[n++] = 0x86; /* extended inquiry */
1329 arr[n++] = 0x87; /* mode page policy */
1330 arr[n++] = 0x88; /* SCSI ports */
1331 arr[n++] = 0x89; /* ATA information */
1332 arr[n++] = 0xb0; /* Block limits (SBC) */
1333 arr[n++] = 0xb1; /* Block characteristics (SBC) */
1334 if (scsi_debug_lbp()) /* Logical Block Prov. (SBC) */
1335 arr[n++] = 0xb2;
1336 arr[3] = n - 4; /* number of supported VPD pages */
1337 } else if (0x80 == cmd[2]) { /* unit serial number */
1338 arr[1] = cmd[2]; /*sanity */
1339 arr[3] = len;
1340 memcpy(&arr[4], lu_id_str, len);
1341 } else if (0x83 == cmd[2]) { /* device identification */
1342 arr[1] = cmd[2]; /*sanity */
1343 arr[3] = inquiry_evpd_83(&arr[4], port_group_id,
1344 target_dev_id, lu_id_num,
1345 lu_id_str, len);
1346 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1347 arr[1] = cmd[2]; /*sanity */
1348 arr[3] = inquiry_evpd_84(&arr[4]);
1349 } else if (0x85 == cmd[2]) { /* Management network addresses */
1350 arr[1] = cmd[2]; /*sanity */
1351 arr[3] = inquiry_evpd_85(&arr[4]);
1352 } else if (0x86 == cmd[2]) { /* extended inquiry */
1353 arr[1] = cmd[2]; /*sanity */
1354 arr[3] = 0x3c; /* number of following entries */
1355 if (scsi_debug_dif == SD_DIF_TYPE3_PROTECTION)
1356 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1357 else if (scsi_debug_dif)
1358 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1359 else
1360 arr[4] = 0x0; /* no protection stuff */
1361 arr[5] = 0x7; /* head of q, ordered + simple q's */
1362 } else if (0x87 == cmd[2]) { /* mode page policy */
1363 arr[1] = cmd[2]; /*sanity */
1364 arr[3] = 0x8; /* number of following entries */
1365 arr[4] = 0x2; /* disconnect-reconnect mp */
1366 arr[6] = 0x80; /* mlus, shared */
1367 arr[8] = 0x18; /* protocol specific lu */
1368 arr[10] = 0x82; /* mlus, per initiator port */
1369 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1370 arr[1] = cmd[2]; /*sanity */
1371 arr[3] = inquiry_evpd_88(&arr[4], target_dev_id);
1372 } else if (0x89 == cmd[2]) { /* ATA information */
1373 arr[1] = cmd[2]; /*sanity */
1374 n = inquiry_evpd_89(&arr[4]);
1375 arr[2] = (n >> 8);
1376 arr[3] = (n & 0xff);
1377 } else if (0xb0 == cmd[2]) { /* Block limits (SBC) */
1378 arr[1] = cmd[2]; /*sanity */
1379 arr[3] = inquiry_evpd_b0(&arr[4]);
1380 } else if (0xb1 == cmd[2]) { /* Block characteristics (SBC) */
1381 arr[1] = cmd[2]; /*sanity */
1382 arr[3] = inquiry_evpd_b1(&arr[4]);
1383 } else if (0xb2 == cmd[2]) { /* Logical Block Prov. (SBC) */
1384 arr[1] = cmd[2]; /*sanity */
1385 arr[3] = inquiry_evpd_b2(&arr[4]);
1386 } else {
1387 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1388 kfree(arr);
1389 return check_condition_result;
1390 }
1391 len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
1392 ret = fill_from_dev_buffer(scp, arr,
1393 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1394 kfree(arr);
1395 return ret;
1396 }
1397 /* drops through here for a standard inquiry */
1398 arr[1] = scsi_debug_removable ? 0x80 : 0; /* Removable disk */
1399 arr[2] = scsi_debug_scsi_level;
1400 arr[3] = 2; /* response_data_format==2 */
1401 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1402 arr[5] = scsi_debug_dif ? 1 : 0; /* PROTECT bit */
1403 if (0 == scsi_debug_vpd_use_hostno)
1404 arr[5] = 0x10; /* claim: implicit TGPS */
1405 arr[6] = 0x10; /* claim: MultiP */
1406 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1407 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1408 memcpy(&arr[8], inq_vendor_id, 8);
1409 memcpy(&arr[16], inq_product_id, 16);
1410 memcpy(&arr[32], inq_product_rev, 4);
1411 /* version descriptors (2 bytes each) follow */
1412 arr[58] = 0x0; arr[59] = 0xa2; /* SAM-5 rev 4 */
1413 arr[60] = 0x4; arr[61] = 0x68; /* SPC-4 rev 37 */
1414 n = 62;
1415 if (scsi_debug_ptype == 0) {
1416 arr[n++] = 0x4; arr[n++] = 0xc5; /* SBC-4 rev 36 */
1417 } else if (scsi_debug_ptype == 1) {
1418 arr[n++] = 0x5; arr[n++] = 0x25; /* SSC-4 rev 3 */
1419 }
1420 arr[n++] = 0x20; arr[n++] = 0xe6; /* SPL-3 rev 7 */
1421 ret = fill_from_dev_buffer(scp, arr,
1422 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1423 kfree(arr);
1424 return ret;
1425}
1426
1427static int resp_requests(struct scsi_cmnd * scp,
1428 struct sdebug_dev_info * devip)
1429{
1430 unsigned char * sbuff;
1431 unsigned char *cmd = scp->cmnd;
1432 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1433 bool dsense;
1434 int len = 18;
1435
1436 memset(arr, 0, sizeof(arr));
1437 dsense = !!(cmd[1] & 1);
1438 sbuff = scp->sense_buffer;
1439 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1440 if (dsense) {
1441 arr[0] = 0x72;
1442 arr[1] = 0x0; /* NO_SENSE in sense_key */
1443 arr[2] = THRESHOLD_EXCEEDED;
1444 arr[3] = 0xff; /* TEST set and MRIE==6 */
1445 len = 8;
1446 } else {
1447 arr[0] = 0x70;
1448 arr[2] = 0x0; /* NO_SENSE in sense_key */
1449 arr[7] = 0xa; /* 18 byte sense buffer */
1450 arr[12] = THRESHOLD_EXCEEDED;
1451 arr[13] = 0xff; /* TEST set and MRIE==6 */
1452 }
1453 } else {
1454 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1455 if (arr[0] >= 0x70 && dsense == scsi_debug_dsense)
1456 ; /* have sense and formats match */
1457 else if (arr[0] <= 0x70) {
1458 if (dsense) {
1459 memset(arr, 0, 8);
1460 arr[0] = 0x72;
1461 len = 8;
1462 } else {
1463 memset(arr, 0, 18);
1464 arr[0] = 0x70;
1465 arr[7] = 0xa;
1466 }
1467 } else if (dsense) {
1468 memset(arr, 0, 8);
1469 arr[0] = 0x72;
1470 arr[1] = sbuff[2]; /* sense key */
1471 arr[2] = sbuff[12]; /* asc */
1472 arr[3] = sbuff[13]; /* ascq */
1473 len = 8;
1474 } else {
1475 memset(arr, 0, 18);
1476 arr[0] = 0x70;
1477 arr[2] = sbuff[1];
1478 arr[7] = 0xa;
1479 arr[12] = sbuff[1];
1480 arr[13] = sbuff[3];
1481 }
1482
1483 }
1484 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1485 return fill_from_dev_buffer(scp, arr, len);
1486}
1487
1488static int resp_start_stop(struct scsi_cmnd * scp,
1489 struct sdebug_dev_info * devip)
1490{
1491 unsigned char *cmd = scp->cmnd;
1492 int power_cond, start;
1493
1494 power_cond = (cmd[4] & 0xf0) >> 4;
1495 if (power_cond) {
1496 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1497 return check_condition_result;
1498 }
1499 start = cmd[4] & 1;
1500 if (start == devip->stopped)
1501 devip->stopped = !start;
1502 return 0;
1503}
1504
1505static sector_t get_sdebug_capacity(void)
1506{
1507 if (scsi_debug_virtual_gb > 0)
1508 return (sector_t)scsi_debug_virtual_gb *
1509 (1073741824 / scsi_debug_sector_size);
1510 else
1511 return sdebug_store_sectors;
1512}
1513
1514#define SDEBUG_READCAP_ARR_SZ 8
1515static int resp_readcap(struct scsi_cmnd * scp,
1516 struct sdebug_dev_info * devip)
1517{
1518 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1519 unsigned int capac;
1520
1521 /* following just in case virtual_gb changed */
1522 sdebug_capacity = get_sdebug_capacity();
1523 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1524 if (sdebug_capacity < 0xffffffff) {
1525 capac = (unsigned int)sdebug_capacity - 1;
1526 arr[0] = (capac >> 24);
1527 arr[1] = (capac >> 16) & 0xff;
1528 arr[2] = (capac >> 8) & 0xff;
1529 arr[3] = capac & 0xff;
1530 } else {
1531 arr[0] = 0xff;
1532 arr[1] = 0xff;
1533 arr[2] = 0xff;
1534 arr[3] = 0xff;
1535 }
1536 arr[6] = (scsi_debug_sector_size >> 8) & 0xff;
1537 arr[7] = scsi_debug_sector_size & 0xff;
1538 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1539}
1540
1541#define SDEBUG_READCAP16_ARR_SZ 32
1542static int resp_readcap16(struct scsi_cmnd * scp,
1543 struct sdebug_dev_info * devip)
1544{
1545 unsigned char *cmd = scp->cmnd;
1546 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1547 unsigned long long capac;
1548 int k, alloc_len;
1549
1550 alloc_len = ((cmd[10] << 24) + (cmd[11] << 16) + (cmd[12] << 8)
1551 + cmd[13]);
1552 /* following just in case virtual_gb changed */
1553 sdebug_capacity = get_sdebug_capacity();
1554 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1555 capac = sdebug_capacity - 1;
1556 for (k = 0; k < 8; ++k, capac >>= 8)
1557 arr[7 - k] = capac & 0xff;
1558 arr[8] = (scsi_debug_sector_size >> 24) & 0xff;
1559 arr[9] = (scsi_debug_sector_size >> 16) & 0xff;
1560 arr[10] = (scsi_debug_sector_size >> 8) & 0xff;
1561 arr[11] = scsi_debug_sector_size & 0xff;
1562 arr[13] = scsi_debug_physblk_exp & 0xf;
1563 arr[14] = (scsi_debug_lowest_aligned >> 8) & 0x3f;
1564
1565 if (scsi_debug_lbp()) {
1566 arr[14] |= 0x80; /* LBPME */
1567 if (scsi_debug_lbprz)
1568 arr[14] |= 0x40; /* LBPRZ */
1569 }
1570
1571 arr[15] = scsi_debug_lowest_aligned & 0xff;
1572
1573 if (scsi_debug_dif) {
1574 arr[12] = (scsi_debug_dif - 1) << 1; /* P_TYPE */
1575 arr[12] |= 1; /* PROT_EN */
1576 }
1577
1578 return fill_from_dev_buffer(scp, arr,
1579 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1580}
1581
1582#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1583
1584static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1585 struct sdebug_dev_info * devip)
1586{
1587 unsigned char *cmd = scp->cmnd;
1588 unsigned char * arr;
1589 int host_no = devip->sdbg_host->shost->host_no;
1590 int n, ret, alen, rlen;
1591 int port_group_a, port_group_b, port_a, port_b;
1592
1593 alen = ((cmd[6] << 24) + (cmd[7] << 16) + (cmd[8] << 8)
1594 + cmd[9]);
1595
1596 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1597 if (! arr)
1598 return DID_REQUEUE << 16;
1599 /*
1600 * EVPD page 0x88 states we have two ports, one
1601 * real and a fake port with no device connected.
1602 * So we create two port groups with one port each
1603 * and set the group with port B to unavailable.
1604 */
1605 port_a = 0x1; /* relative port A */
1606 port_b = 0x2; /* relative port B */
1607 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1608 (devip->channel & 0x7f);
1609 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1610 (devip->channel & 0x7f) + 0x80;
1611
1612 /*
1613 * The asymmetric access state is cycled according to the host_id.
1614 */
1615 n = 4;
1616 if (0 == scsi_debug_vpd_use_hostno) {
1617 arr[n++] = host_no % 3; /* Asymm access state */
1618 arr[n++] = 0x0F; /* claim: all states are supported */
1619 } else {
1620 arr[n++] = 0x0; /* Active/Optimized path */
1621 arr[n++] = 0x01; /* claim: only support active/optimized paths */
1622 }
1623 arr[n++] = (port_group_a >> 8) & 0xff;
1624 arr[n++] = port_group_a & 0xff;
1625 arr[n++] = 0; /* Reserved */
1626 arr[n++] = 0; /* Status code */
1627 arr[n++] = 0; /* Vendor unique */
1628 arr[n++] = 0x1; /* One port per group */
1629 arr[n++] = 0; /* Reserved */
1630 arr[n++] = 0; /* Reserved */
1631 arr[n++] = (port_a >> 8) & 0xff;
1632 arr[n++] = port_a & 0xff;
1633 arr[n++] = 3; /* Port unavailable */
1634 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1635 arr[n++] = (port_group_b >> 8) & 0xff;
1636 arr[n++] = port_group_b & 0xff;
1637 arr[n++] = 0; /* Reserved */
1638 arr[n++] = 0; /* Status code */
1639 arr[n++] = 0; /* Vendor unique */
1640 arr[n++] = 0x1; /* One port per group */
1641 arr[n++] = 0; /* Reserved */
1642 arr[n++] = 0; /* Reserved */
1643 arr[n++] = (port_b >> 8) & 0xff;
1644 arr[n++] = port_b & 0xff;
1645
1646 rlen = n - 4;
1647 arr[0] = (rlen >> 24) & 0xff;
1648 arr[1] = (rlen >> 16) & 0xff;
1649 arr[2] = (rlen >> 8) & 0xff;
1650 arr[3] = rlen & 0xff;
1651
1652 /*
1653 * Return the smallest value of either
1654 * - The allocated length
1655 * - The constructed command length
1656 * - The maximum array size
1657 */
1658 rlen = min(alen,n);
1659 ret = fill_from_dev_buffer(scp, arr,
1660 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1661 kfree(arr);
1662 return ret;
1663}
1664
1665static int
1666resp_rsup_opcodes(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1667{
1668 bool rctd;
1669 u8 reporting_opts, req_opcode, sdeb_i, supp;
1670 u16 req_sa, u;
1671 u32 alloc_len, a_len;
1672 int k, offset, len, errsts, count, bump, na;
1673 const struct opcode_info_t *oip;
1674 const struct opcode_info_t *r_oip;
1675 u8 *arr;
1676 u8 *cmd = scp->cmnd;
1677
1678 rctd = !!(cmd[2] & 0x80);
1679 reporting_opts = cmd[2] & 0x7;
1680 req_opcode = cmd[3];
1681 req_sa = get_unaligned_be16(cmd + 4);
1682 alloc_len = get_unaligned_be32(cmd + 6);
1683 if (alloc_len < 4 || alloc_len > 0xffff) {
1684 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1685 return check_condition_result;
1686 }
1687 if (alloc_len > 8192)
1688 a_len = 8192;
1689 else
1690 a_len = alloc_len;
1691 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1692 if (NULL == arr) {
1693 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1694 INSUFF_RES_ASCQ);
1695 return check_condition_result;
1696 }
1697 switch (reporting_opts) {
1698 case 0: /* all commands */
1699 /* count number of commands */
1700 for (count = 0, oip = opcode_info_arr;
1701 oip->num_attached != 0xff; ++oip) {
1702 if (F_INV_OP & oip->flags)
1703 continue;
1704 count += (oip->num_attached + 1);
1705 }
1706 bump = rctd ? 20 : 8;
1707 put_unaligned_be32(count * bump, arr);
1708 for (offset = 4, oip = opcode_info_arr;
1709 oip->num_attached != 0xff && offset < a_len; ++oip) {
1710 if (F_INV_OP & oip->flags)
1711 continue;
1712 na = oip->num_attached;
1713 arr[offset] = oip->opcode;
1714 put_unaligned_be16(oip->sa, arr + offset + 2);
1715 if (rctd)
1716 arr[offset + 5] |= 0x2;
1717 if (FF_SA & oip->flags)
1718 arr[offset + 5] |= 0x1;
1719 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1720 if (rctd)
1721 put_unaligned_be16(0xa, arr + offset + 8);
1722 r_oip = oip;
1723 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1724 if (F_INV_OP & oip->flags)
1725 continue;
1726 offset += bump;
1727 arr[offset] = oip->opcode;
1728 put_unaligned_be16(oip->sa, arr + offset + 2);
1729 if (rctd)
1730 arr[offset + 5] |= 0x2;
1731 if (FF_SA & oip->flags)
1732 arr[offset + 5] |= 0x1;
1733 put_unaligned_be16(oip->len_mask[0],
1734 arr + offset + 6);
1735 if (rctd)
1736 put_unaligned_be16(0xa,
1737 arr + offset + 8);
1738 }
1739 oip = r_oip;
1740 offset += bump;
1741 }
1742 break;
1743 case 1: /* one command: opcode only */
1744 case 2: /* one command: opcode plus service action */
1745 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1746 sdeb_i = opcode_ind_arr[req_opcode];
1747 oip = &opcode_info_arr[sdeb_i];
1748 if (F_INV_OP & oip->flags) {
1749 supp = 1;
1750 offset = 4;
1751 } else {
1752 if (1 == reporting_opts) {
1753 if (FF_SA & oip->flags) {
1754 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1755 2, 2);
1756 kfree(arr);
1757 return check_condition_result;
1758 }
1759 req_sa = 0;
1760 } else if (2 == reporting_opts &&
1761 0 == (FF_SA & oip->flags)) {
1762 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1763 kfree(arr); /* point at requested sa */
1764 return check_condition_result;
1765 }
1766 if (0 == (FF_SA & oip->flags) &&
1767 req_opcode == oip->opcode)
1768 supp = 3;
1769 else if (0 == (FF_SA & oip->flags)) {
1770 na = oip->num_attached;
1771 for (k = 0, oip = oip->arrp; k < na;
1772 ++k, ++oip) {
1773 if (req_opcode == oip->opcode)
1774 break;
1775 }
1776 supp = (k >= na) ? 1 : 3;
1777 } else if (req_sa != oip->sa) {
1778 na = oip->num_attached;
1779 for (k = 0, oip = oip->arrp; k < na;
1780 ++k, ++oip) {
1781 if (req_sa == oip->sa)
1782 break;
1783 }
1784 supp = (k >= na) ? 1 : 3;
1785 } else
1786 supp = 3;
1787 if (3 == supp) {
1788 u = oip->len_mask[0];
1789 put_unaligned_be16(u, arr + 2);
1790 arr[4] = oip->opcode;
1791 for (k = 1; k < u; ++k)
1792 arr[4 + k] = (k < 16) ?
1793 oip->len_mask[k] : 0xff;
1794 offset = 4 + u;
1795 } else
1796 offset = 4;
1797 }
1798 arr[1] = (rctd ? 0x80 : 0) | supp;
1799 if (rctd) {
1800 put_unaligned_be16(0xa, arr + offset);
1801 offset += 12;
1802 }
1803 break;
1804 default:
1805 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1806 kfree(arr);
1807 return check_condition_result;
1808 }
1809 offset = (offset < a_len) ? offset : a_len;
1810 len = (offset < alloc_len) ? offset : alloc_len;
1811 errsts = fill_from_dev_buffer(scp, arr, len);
1812 kfree(arr);
1813 return errsts;
1814}
1815
1816static int
1817resp_rsup_tmfs(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1818{
1819 bool repd;
1820 u32 alloc_len, len;
1821 u8 arr[16];
1822 u8 *cmd = scp->cmnd;
1823
1824 memset(arr, 0, sizeof(arr));
1825 repd = !!(cmd[2] & 0x80);
1826 alloc_len = get_unaligned_be32(cmd + 6);
1827 if (alloc_len < 4) {
1828 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1829 return check_condition_result;
1830 }
1831 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1832 arr[1] = 0x1; /* ITNRS */
1833 if (repd) {
1834 arr[3] = 0xc;
1835 len = 16;
1836 } else
1837 len = 4;
1838
1839 len = (len < alloc_len) ? len : alloc_len;
1840 return fill_from_dev_buffer(scp, arr, len);
1841}
1842
1843/* <<Following mode page info copied from ST318451LW>> */
1844
1845static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1846{ /* Read-Write Error Recovery page for mode_sense */
1847 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1848 5, 0, 0xff, 0xff};
1849
1850 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1851 if (1 == pcontrol)
1852 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1853 return sizeof(err_recov_pg);
1854}
1855
1856static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1857{ /* Disconnect-Reconnect page for mode_sense */
1858 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1859 0, 0, 0, 0, 0, 0, 0, 0};
1860
1861 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1862 if (1 == pcontrol)
1863 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1864 return sizeof(disconnect_pg);
1865}
1866
1867static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1868{ /* Format device page for mode_sense */
1869 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1870 0, 0, 0, 0, 0, 0, 0, 0,
1871 0, 0, 0, 0, 0x40, 0, 0, 0};
1872
1873 memcpy(p, format_pg, sizeof(format_pg));
1874 p[10] = (sdebug_sectors_per >> 8) & 0xff;
1875 p[11] = sdebug_sectors_per & 0xff;
1876 p[12] = (scsi_debug_sector_size >> 8) & 0xff;
1877 p[13] = scsi_debug_sector_size & 0xff;
1878 if (scsi_debug_removable)
1879 p[20] |= 0x20; /* should agree with INQUIRY */
1880 if (1 == pcontrol)
1881 memset(p + 2, 0, sizeof(format_pg) - 2);
1882 return sizeof(format_pg);
1883}
1884
1885static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1886{ /* Caching page for mode_sense */
1887 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1888 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1889 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1890 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1891
1892 if (SCSI_DEBUG_OPT_N_WCE & scsi_debug_opts)
1893 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
1894 memcpy(p, caching_pg, sizeof(caching_pg));
1895 if (1 == pcontrol)
1896 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
1897 else if (2 == pcontrol)
1898 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
1899 return sizeof(caching_pg);
1900}
1901
1902static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1903{ /* Control mode page for mode_sense */
1904 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1905 0, 0, 0, 0};
1906 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1907 0, 0, 0x2, 0x4b};
1908
1909 if (scsi_debug_dsense)
1910 ctrl_m_pg[2] |= 0x4;
1911 else
1912 ctrl_m_pg[2] &= ~0x4;
1913
1914 if (scsi_debug_ato)
1915 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
1916
1917 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
1918 if (1 == pcontrol)
1919 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
1920 else if (2 == pcontrol)
1921 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
1922 return sizeof(ctrl_m_pg);
1923}
1924
1925
1926static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
1927{ /* Informational Exceptions control mode page for mode_sense */
1928 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
1929 0, 0, 0x0, 0x0};
1930 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1931 0, 0, 0x0, 0x0};
1932
1933 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
1934 if (1 == pcontrol)
1935 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
1936 else if (2 == pcontrol)
1937 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
1938 return sizeof(iec_m_pg);
1939}
1940
1941static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
1942{ /* SAS SSP mode page - short format for mode_sense */
1943 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
1944 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
1945
1946 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
1947 if (1 == pcontrol)
1948 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
1949 return sizeof(sas_sf_m_pg);
1950}
1951
1952
1953static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
1954 int target_dev_id)
1955{ /* SAS phy control and discover mode page for mode_sense */
1956 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
1957 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
1958 0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1959 0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1960 0x2, 0, 0, 0, 0, 0, 0, 0,
1961 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1962 0, 0, 0, 0, 0, 0, 0, 0,
1963 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
1964 0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1965 0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1966 0x3, 0, 0, 0, 0, 0, 0, 0,
1967 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1968 0, 0, 0, 0, 0, 0, 0, 0,
1969 };
1970 int port_a, port_b;
1971
1972 port_a = target_dev_id + 1;
1973 port_b = port_a + 1;
1974 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
1975 p[20] = (port_a >> 24);
1976 p[21] = (port_a >> 16) & 0xff;
1977 p[22] = (port_a >> 8) & 0xff;
1978 p[23] = port_a & 0xff;
1979 p[48 + 20] = (port_b >> 24);
1980 p[48 + 21] = (port_b >> 16) & 0xff;
1981 p[48 + 22] = (port_b >> 8) & 0xff;
1982 p[48 + 23] = port_b & 0xff;
1983 if (1 == pcontrol)
1984 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
1985 return sizeof(sas_pcd_m_pg);
1986}
1987
1988static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
1989{ /* SAS SSP shared protocol specific port mode subpage */
1990 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
1991 0, 0, 0, 0, 0, 0, 0, 0,
1992 };
1993
1994 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
1995 if (1 == pcontrol)
1996 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
1997 return sizeof(sas_sha_m_pg);
1998}
1999
2000#define SDEBUG_MAX_MSENSE_SZ 256
2001
2002static int
2003resp_mode_sense(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2004{
2005 unsigned char dbd, llbaa;
2006 int pcontrol, pcode, subpcode, bd_len;
2007 unsigned char dev_spec;
2008 int k, alloc_len, msense_6, offset, len, target_dev_id;
2009 int target = scp->device->id;
2010 unsigned char * ap;
2011 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2012 unsigned char *cmd = scp->cmnd;
2013
2014 dbd = !!(cmd[1] & 0x8);
2015 pcontrol = (cmd[2] & 0xc0) >> 6;
2016 pcode = cmd[2] & 0x3f;
2017 subpcode = cmd[3];
2018 msense_6 = (MODE_SENSE == cmd[0]);
2019 llbaa = msense_6 ? 0 : !!(cmd[1] & 0x10);
2020 if ((0 == scsi_debug_ptype) && (0 == dbd))
2021 bd_len = llbaa ? 16 : 8;
2022 else
2023 bd_len = 0;
2024 alloc_len = msense_6 ? cmd[4] : ((cmd[7] << 8) | cmd[8]);
2025 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2026 if (0x3 == pcontrol) { /* Saving values not supported */
2027 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2028 return check_condition_result;
2029 }
2030 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2031 (devip->target * 1000) - 3;
2032 /* set DPOFUA bit for disks */
2033 if (0 == scsi_debug_ptype)
2034 dev_spec = (DEV_READONLY(target) ? 0x80 : 0x0) | 0x10;
2035 else
2036 dev_spec = 0x0;
2037 if (msense_6) {
2038 arr[2] = dev_spec;
2039 arr[3] = bd_len;
2040 offset = 4;
2041 } else {
2042 arr[3] = dev_spec;
2043 if (16 == bd_len)
2044 arr[4] = 0x1; /* set LONGLBA bit */
2045 arr[7] = bd_len; /* assume 255 or less */
2046 offset = 8;
2047 }
2048 ap = arr + offset;
2049 if ((bd_len > 0) && (!sdebug_capacity))
2050 sdebug_capacity = get_sdebug_capacity();
2051
2052 if (8 == bd_len) {
2053 if (sdebug_capacity > 0xfffffffe) {
2054 ap[0] = 0xff;
2055 ap[1] = 0xff;
2056 ap[2] = 0xff;
2057 ap[3] = 0xff;
2058 } else {
2059 ap[0] = (sdebug_capacity >> 24) & 0xff;
2060 ap[1] = (sdebug_capacity >> 16) & 0xff;
2061 ap[2] = (sdebug_capacity >> 8) & 0xff;
2062 ap[3] = sdebug_capacity & 0xff;
2063 }
2064 ap[6] = (scsi_debug_sector_size >> 8) & 0xff;
2065 ap[7] = scsi_debug_sector_size & 0xff;
2066 offset += bd_len;
2067 ap = arr + offset;
2068 } else if (16 == bd_len) {
2069 unsigned long long capac = sdebug_capacity;
2070
2071 for (k = 0; k < 8; ++k, capac >>= 8)
2072 ap[7 - k] = capac & 0xff;
2073 ap[12] = (scsi_debug_sector_size >> 24) & 0xff;
2074 ap[13] = (scsi_debug_sector_size >> 16) & 0xff;
2075 ap[14] = (scsi_debug_sector_size >> 8) & 0xff;
2076 ap[15] = scsi_debug_sector_size & 0xff;
2077 offset += bd_len;
2078 ap = arr + offset;
2079 }
2080
2081 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2082 /* TODO: Control Extension page */
2083 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2084 return check_condition_result;
2085 }
2086 switch (pcode) {
2087 case 0x1: /* Read-Write error recovery page, direct access */
2088 len = resp_err_recov_pg(ap, pcontrol, target);
2089 offset += len;
2090 break;
2091 case 0x2: /* Disconnect-Reconnect page, all devices */
2092 len = resp_disconnect_pg(ap, pcontrol, target);
2093 offset += len;
2094 break;
2095 case 0x3: /* Format device page, direct access */
2096 len = resp_format_pg(ap, pcontrol, target);
2097 offset += len;
2098 break;
2099 case 0x8: /* Caching page, direct access */
2100 len = resp_caching_pg(ap, pcontrol, target);
2101 offset += len;
2102 break;
2103 case 0xa: /* Control Mode page, all devices */
2104 len = resp_ctrl_m_pg(ap, pcontrol, target);
2105 offset += len;
2106 break;
2107 case 0x19: /* if spc==1 then sas phy, control+discover */
2108 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2109 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2110 return check_condition_result;
2111 }
2112 len = 0;
2113 if ((0x0 == subpcode) || (0xff == subpcode))
2114 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2115 if ((0x1 == subpcode) || (0xff == subpcode))
2116 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2117 target_dev_id);
2118 if ((0x2 == subpcode) || (0xff == subpcode))
2119 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2120 offset += len;
2121 break;
2122 case 0x1c: /* Informational Exceptions Mode page, all devices */
2123 len = resp_iec_m_pg(ap, pcontrol, target);
2124 offset += len;
2125 break;
2126 case 0x3f: /* Read all Mode pages */
2127 if ((0 == subpcode) || (0xff == subpcode)) {
2128 len = resp_err_recov_pg(ap, pcontrol, target);
2129 len += resp_disconnect_pg(ap + len, pcontrol, target);
2130 len += resp_format_pg(ap + len, pcontrol, target);
2131 len += resp_caching_pg(ap + len, pcontrol, target);
2132 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2133 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2134 if (0xff == subpcode) {
2135 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2136 target, target_dev_id);
2137 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2138 }
2139 len += resp_iec_m_pg(ap + len, pcontrol, target);
2140 } else {
2141 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2142 return check_condition_result;
2143 }
2144 offset += len;
2145 break;
2146 default:
2147 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2148 return check_condition_result;
2149 }
2150 if (msense_6)
2151 arr[0] = offset - 1;
2152 else {
2153 arr[0] = ((offset - 2) >> 8) & 0xff;
2154 arr[1] = (offset - 2) & 0xff;
2155 }
2156 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2157}
2158
2159#define SDEBUG_MAX_MSELECT_SZ 512
2160
2161static int
2162resp_mode_select(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2163{
2164 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2165 int param_len, res, mpage;
2166 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2167 unsigned char *cmd = scp->cmnd;
2168 int mselect6 = (MODE_SELECT == cmd[0]);
2169
2170 memset(arr, 0, sizeof(arr));
2171 pf = cmd[1] & 0x10;
2172 sp = cmd[1] & 0x1;
2173 param_len = mselect6 ? cmd[4] : ((cmd[7] << 8) + cmd[8]);
2174 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2175 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2176 return check_condition_result;
2177 }
2178 res = fetch_to_dev_buffer(scp, arr, param_len);
2179 if (-1 == res)
2180 return (DID_ERROR << 16);
2181 else if ((res < param_len) &&
2182 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
2183 sdev_printk(KERN_INFO, scp->device,
2184 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2185 __func__, param_len, res);
2186 md_len = mselect6 ? (arr[0] + 1) : ((arr[0] << 8) + arr[1] + 2);
2187 bd_len = mselect6 ? arr[3] : ((arr[6] << 8) + arr[7]);
2188 if (md_len > 2) {
2189 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2190 return check_condition_result;
2191 }
2192 off = bd_len + (mselect6 ? 4 : 8);
2193 mpage = arr[off] & 0x3f;
2194 ps = !!(arr[off] & 0x80);
2195 if (ps) {
2196 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2197 return check_condition_result;
2198 }
2199 spf = !!(arr[off] & 0x40);
2200 pg_len = spf ? ((arr[off + 2] << 8) + arr[off + 3] + 4) :
2201 (arr[off + 1] + 2);
2202 if ((pg_len + off) > param_len) {
2203 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2204 PARAMETER_LIST_LENGTH_ERR, 0);
2205 return check_condition_result;
2206 }
2207 switch (mpage) {
2208 case 0x8: /* Caching Mode page */
2209 if (caching_pg[1] == arr[off + 1]) {
2210 memcpy(caching_pg + 2, arr + off + 2,
2211 sizeof(caching_pg) - 2);
2212 goto set_mode_changed_ua;
2213 }
2214 break;
2215 case 0xa: /* Control Mode page */
2216 if (ctrl_m_pg[1] == arr[off + 1]) {
2217 memcpy(ctrl_m_pg + 2, arr + off + 2,
2218 sizeof(ctrl_m_pg) - 2);
2219 scsi_debug_dsense = !!(ctrl_m_pg[2] & 0x4);
2220 goto set_mode_changed_ua;
2221 }
2222 break;
2223 case 0x1c: /* Informational Exceptions Mode page */
2224 if (iec_m_pg[1] == arr[off + 1]) {
2225 memcpy(iec_m_pg + 2, arr + off + 2,
2226 sizeof(iec_m_pg) - 2);
2227 goto set_mode_changed_ua;
2228 }
2229 break;
2230 default:
2231 break;
2232 }
2233 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2234 return check_condition_result;
2235set_mode_changed_ua:
2236 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2237 return 0;
2238}
2239
2240static int resp_temp_l_pg(unsigned char * arr)
2241{
2242 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2243 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2244 };
2245
2246 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2247 return sizeof(temp_l_pg);
2248}
2249
2250static int resp_ie_l_pg(unsigned char * arr)
2251{
2252 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2253 };
2254
2255 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2256 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2257 arr[4] = THRESHOLD_EXCEEDED;
2258 arr[5] = 0xff;
2259 }
2260 return sizeof(ie_l_pg);
2261}
2262
2263#define SDEBUG_MAX_LSENSE_SZ 512
2264
2265static int resp_log_sense(struct scsi_cmnd * scp,
2266 struct sdebug_dev_info * devip)
2267{
2268 int ppc, sp, pcontrol, pcode, subpcode, alloc_len, len, n;
2269 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2270 unsigned char *cmd = scp->cmnd;
2271
2272 memset(arr, 0, sizeof(arr));
2273 ppc = cmd[1] & 0x2;
2274 sp = cmd[1] & 0x1;
2275 if (ppc || sp) {
2276 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2277 return check_condition_result;
2278 }
2279 pcontrol = (cmd[2] & 0xc0) >> 6;
2280 pcode = cmd[2] & 0x3f;
2281 subpcode = cmd[3] & 0xff;
2282 alloc_len = (cmd[7] << 8) + cmd[8];
2283 arr[0] = pcode;
2284 if (0 == subpcode) {
2285 switch (pcode) {
2286 case 0x0: /* Supported log pages log page */
2287 n = 4;
2288 arr[n++] = 0x0; /* this page */
2289 arr[n++] = 0xd; /* Temperature */
2290 arr[n++] = 0x2f; /* Informational exceptions */
2291 arr[3] = n - 4;
2292 break;
2293 case 0xd: /* Temperature log page */
2294 arr[3] = resp_temp_l_pg(arr + 4);
2295 break;
2296 case 0x2f: /* Informational exceptions log page */
2297 arr[3] = resp_ie_l_pg(arr + 4);
2298 break;
2299 default:
2300 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2301 return check_condition_result;
2302 }
2303 } else if (0xff == subpcode) {
2304 arr[0] |= 0x40;
2305 arr[1] = subpcode;
2306 switch (pcode) {
2307 case 0x0: /* Supported log pages and subpages log page */
2308 n = 4;
2309 arr[n++] = 0x0;
2310 arr[n++] = 0x0; /* 0,0 page */
2311 arr[n++] = 0x0;
2312 arr[n++] = 0xff; /* this page */
2313 arr[n++] = 0xd;
2314 arr[n++] = 0x0; /* Temperature */
2315 arr[n++] = 0x2f;
2316 arr[n++] = 0x0; /* Informational exceptions */
2317 arr[3] = n - 4;
2318 break;
2319 case 0xd: /* Temperature subpages */
2320 n = 4;
2321 arr[n++] = 0xd;
2322 arr[n++] = 0x0; /* Temperature */
2323 arr[3] = n - 4;
2324 break;
2325 case 0x2f: /* Informational exceptions subpages */
2326 n = 4;
2327 arr[n++] = 0x2f;
2328 arr[n++] = 0x0; /* Informational exceptions */
2329 arr[3] = n - 4;
2330 break;
2331 default:
2332 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2333 return check_condition_result;
2334 }
2335 } else {
2336 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2337 return check_condition_result;
2338 }
2339 len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
2340 return fill_from_dev_buffer(scp, arr,
2341 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2342}
2343
2344static int check_device_access_params(struct scsi_cmnd *scp,
2345 unsigned long long lba, unsigned int num)
2346{
2347 if (lba + num > sdebug_capacity) {
2348 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2349 return check_condition_result;
2350 }
2351 /* transfer length excessive (tie in to block limits VPD page) */
2352 if (num > sdebug_store_sectors) {
2353 /* needs work to find which cdb byte 'num' comes from */
2354 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2355 return check_condition_result;
2356 }
2357 return 0;
2358}
2359
2360/* Returns number of bytes copied or -1 if error. */
2361static int
2362do_device_access(struct scsi_cmnd *scmd, u64 lba, u32 num, bool do_write)
2363{
2364 int ret;
2365 u64 block, rest = 0;
2366 struct scsi_data_buffer *sdb;
2367 enum dma_data_direction dir;
2368
2369 if (do_write) {
2370 sdb = scsi_out(scmd);
2371 dir = DMA_TO_DEVICE;
2372 } else {
2373 sdb = scsi_in(scmd);
2374 dir = DMA_FROM_DEVICE;
2375 }
2376
2377 if (!sdb->length)
2378 return 0;
2379 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2380 return -1;
2381
2382 block = do_div(lba, sdebug_store_sectors);
2383 if (block + num > sdebug_store_sectors)
2384 rest = block + num - sdebug_store_sectors;
2385
2386 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2387 fake_storep + (block * scsi_debug_sector_size),
2388 (num - rest) * scsi_debug_sector_size, 0, do_write);
2389 if (ret != (num - rest) * scsi_debug_sector_size)
2390 return ret;
2391
2392 if (rest) {
2393 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2394 fake_storep, rest * scsi_debug_sector_size,
2395 (num - rest) * scsi_debug_sector_size, do_write);
2396 }
2397
2398 return ret;
2399}
2400
2401/* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2402 * arr into fake_store(lba,num) and return true. If comparison fails then
2403 * return false. */
2404static bool
2405comp_write_worker(u64 lba, u32 num, const u8 *arr)
2406{
2407 bool res;
2408 u64 block, rest = 0;
2409 u32 store_blks = sdebug_store_sectors;
2410 u32 lb_size = scsi_debug_sector_size;
2411
2412 block = do_div(lba, store_blks);
2413 if (block + num > store_blks)
2414 rest = block + num - store_blks;
2415
2416 res = !memcmp(fake_storep + (block * lb_size), arr,
2417 (num - rest) * lb_size);
2418 if (!res)
2419 return res;
2420 if (rest)
2421 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2422 rest * lb_size);
2423 if (!res)
2424 return res;
2425 arr += num * lb_size;
2426 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2427 if (rest)
2428 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2429 rest * lb_size);
2430 return res;
2431}
2432
2433static __be16 dif_compute_csum(const void *buf, int len)
2434{
2435 __be16 csum;
2436
2437 if (scsi_debug_guard)
2438 csum = (__force __be16)ip_compute_csum(buf, len);
2439 else
2440 csum = cpu_to_be16(crc_t10dif(buf, len));
2441
2442 return csum;
2443}
2444
2445static int dif_verify(struct sd_dif_tuple *sdt, const void *data,
2446 sector_t sector, u32 ei_lba)
2447{
2448 __be16 csum = dif_compute_csum(data, scsi_debug_sector_size);
2449
2450 if (sdt->guard_tag != csum) {
2451 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2452 (unsigned long)sector,
2453 be16_to_cpu(sdt->guard_tag),
2454 be16_to_cpu(csum));
2455 return 0x01;
2456 }
2457 if (scsi_debug_dif == SD_DIF_TYPE1_PROTECTION &&
2458 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2459 pr_err("REF check failed on sector %lu\n",
2460 (unsigned long)sector);
2461 return 0x03;
2462 }
2463 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2464 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2465 pr_err("REF check failed on sector %lu\n",
2466 (unsigned long)sector);
2467 return 0x03;
2468 }
2469 return 0;
2470}
2471
2472static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2473 unsigned int sectors, bool read)
2474{
2475 size_t resid;
2476 void *paddr;
2477 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2478 struct sg_mapping_iter miter;
2479
2480 /* Bytes of protection data to copy into sgl */
2481 resid = sectors * sizeof(*dif_storep);
2482
2483 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2484 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2485 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2486
2487 while (sg_miter_next(&miter) && resid > 0) {
2488 size_t len = min(miter.length, resid);
2489 void *start = dif_store(sector);
2490 size_t rest = 0;
2491
2492 if (dif_store_end < start + len)
2493 rest = start + len - dif_store_end;
2494
2495 paddr = miter.addr;
2496
2497 if (read)
2498 memcpy(paddr, start, len - rest);
2499 else
2500 memcpy(start, paddr, len - rest);
2501
2502 if (rest) {
2503 if (read)
2504 memcpy(paddr + len - rest, dif_storep, rest);
2505 else
2506 memcpy(dif_storep, paddr + len - rest, rest);
2507 }
2508
2509 sector += len / sizeof(*dif_storep);
2510 resid -= len;
2511 }
2512 sg_miter_stop(&miter);
2513}
2514
2515static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2516 unsigned int sectors, u32 ei_lba)
2517{
2518 unsigned int i;
2519 struct sd_dif_tuple *sdt;
2520 sector_t sector;
2521
2522 for (i = 0; i < sectors; i++, ei_lba++) {
2523 int ret;
2524
2525 sector = start_sec + i;
2526 sdt = dif_store(sector);
2527
2528 if (sdt->app_tag == cpu_to_be16(0xffff))
2529 continue;
2530
2531 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2532 if (ret) {
2533 dif_errors++;
2534 return ret;
2535 }
2536 }
2537
2538 dif_copy_prot(SCpnt, start_sec, sectors, true);
2539 dix_reads++;
2540
2541 return 0;
2542}
2543
2544static int
2545resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2546{
2547 u8 *cmd = scp->cmnd;
2548 u64 lba;
2549 u32 num;
2550 u32 ei_lba;
2551 unsigned long iflags;
2552 int ret;
2553 bool check_prot;
2554
2555 switch (cmd[0]) {
2556 case READ_16:
2557 ei_lba = 0;
2558 lba = get_unaligned_be64(cmd + 2);
2559 num = get_unaligned_be32(cmd + 10);
2560 check_prot = true;
2561 break;
2562 case READ_10:
2563 ei_lba = 0;
2564 lba = get_unaligned_be32(cmd + 2);
2565 num = get_unaligned_be16(cmd + 7);
2566 check_prot = true;
2567 break;
2568 case READ_6:
2569 ei_lba = 0;
2570 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2571 (u32)(cmd[1] & 0x1f) << 16;
2572 num = (0 == cmd[4]) ? 256 : cmd[4];
2573 check_prot = true;
2574 break;
2575 case READ_12:
2576 ei_lba = 0;
2577 lba = get_unaligned_be32(cmd + 2);
2578 num = get_unaligned_be32(cmd + 6);
2579 check_prot = true;
2580 break;
2581 case XDWRITEREAD_10:
2582 ei_lba = 0;
2583 lba = get_unaligned_be32(cmd + 2);
2584 num = get_unaligned_be16(cmd + 7);
2585 check_prot = false;
2586 break;
2587 default: /* assume READ(32) */
2588 lba = get_unaligned_be64(cmd + 12);
2589 ei_lba = get_unaligned_be32(cmd + 20);
2590 num = get_unaligned_be32(cmd + 28);
2591 check_prot = false;
2592 break;
2593 }
2594 if (check_prot) {
2595 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2596 (cmd[1] & 0xe0)) {
2597 mk_sense_invalid_opcode(scp);
2598 return check_condition_result;
2599 }
2600 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
2601 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
2602 (cmd[1] & 0xe0) == 0)
2603 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2604 "to DIF device\n");
2605 }
2606 if (sdebug_any_injecting_opt) {
2607 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2608
2609 if (ep->inj_short)
2610 num /= 2;
2611 }
2612
2613 /* inline check_device_access_params() */
2614 if (lba + num > sdebug_capacity) {
2615 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2616 return check_condition_result;
2617 }
2618 /* transfer length excessive (tie in to block limits VPD page) */
2619 if (num > sdebug_store_sectors) {
2620 /* needs work to find which cdb byte 'num' comes from */
2621 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2622 return check_condition_result;
2623 }
2624
2625 if ((SCSI_DEBUG_OPT_MEDIUM_ERR & scsi_debug_opts) &&
2626 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) &&
2627 ((lba + num) > OPT_MEDIUM_ERR_ADDR)) {
2628 /* claim unrecoverable read error */
2629 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2630 /* set info field and valid bit for fixed descriptor */
2631 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2632 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2633 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2634 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2635 put_unaligned_be32(ret, scp->sense_buffer + 3);
2636 }
2637 scsi_set_resid(scp, scsi_bufflen(scp));
2638 return check_condition_result;
2639 }
2640
2641 read_lock_irqsave(&atomic_rw, iflags);
2642
2643 /* DIX + T10 DIF */
2644 if (scsi_debug_dix && scsi_prot_sg_count(scp)) {
2645 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2646
2647 if (prot_ret) {
2648 read_unlock_irqrestore(&atomic_rw, iflags);
2649 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2650 return illegal_condition_result;
2651 }
2652 }
2653
2654 ret = do_device_access(scp, lba, num, false);
2655 read_unlock_irqrestore(&atomic_rw, iflags);
2656 if (ret == -1)
2657 return DID_ERROR << 16;
2658
2659 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2660
2661 if (sdebug_any_injecting_opt) {
2662 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2663
2664 if (ep->inj_recovered) {
2665 mk_sense_buffer(scp, RECOVERED_ERROR,
2666 THRESHOLD_EXCEEDED, 0);
2667 return check_condition_result;
2668 } else if (ep->inj_transport) {
2669 mk_sense_buffer(scp, ABORTED_COMMAND,
2670 TRANSPORT_PROBLEM, ACK_NAK_TO);
2671 return check_condition_result;
2672 } else if (ep->inj_dif) {
2673 /* Logical block guard check failed */
2674 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2675 return illegal_condition_result;
2676 } else if (ep->inj_dix) {
2677 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2678 return illegal_condition_result;
2679 }
2680 }
2681 return 0;
2682}
2683
2684static void dump_sector(unsigned char *buf, int len)
2685{
2686 int i, j, n;
2687
2688 pr_err(">>> Sector Dump <<<\n");
2689 for (i = 0 ; i < len ; i += 16) {
2690 char b[128];
2691
2692 for (j = 0, n = 0; j < 16; j++) {
2693 unsigned char c = buf[i+j];
2694
2695 if (c >= 0x20 && c < 0x7e)
2696 n += scnprintf(b + n, sizeof(b) - n,
2697 " %c ", buf[i+j]);
2698 else
2699 n += scnprintf(b + n, sizeof(b) - n,
2700 "%02x ", buf[i+j]);
2701 }
2702 pr_err("%04d: %s\n", i, b);
2703 }
2704}
2705
2706static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2707 unsigned int sectors, u32 ei_lba)
2708{
2709 int ret;
2710 struct sd_dif_tuple *sdt;
2711 void *daddr;
2712 sector_t sector = start_sec;
2713 int ppage_offset;
2714 int dpage_offset;
2715 struct sg_mapping_iter diter;
2716 struct sg_mapping_iter piter;
2717
2718 BUG_ON(scsi_sg_count(SCpnt) == 0);
2719 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2720
2721 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2722 scsi_prot_sg_count(SCpnt),
2723 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2724 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2725 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2726
2727 /* For each protection page */
2728 while (sg_miter_next(&piter)) {
2729 dpage_offset = 0;
2730 if (WARN_ON(!sg_miter_next(&diter))) {
2731 ret = 0x01;
2732 goto out;
2733 }
2734
2735 for (ppage_offset = 0; ppage_offset < piter.length;
2736 ppage_offset += sizeof(struct sd_dif_tuple)) {
2737 /* If we're at the end of the current
2738 * data page advance to the next one
2739 */
2740 if (dpage_offset >= diter.length) {
2741 if (WARN_ON(!sg_miter_next(&diter))) {
2742 ret = 0x01;
2743 goto out;
2744 }
2745 dpage_offset = 0;
2746 }
2747
2748 sdt = piter.addr + ppage_offset;
2749 daddr = diter.addr + dpage_offset;
2750
2751 ret = dif_verify(sdt, daddr, sector, ei_lba);
2752 if (ret) {
2753 dump_sector(daddr, scsi_debug_sector_size);
2754 goto out;
2755 }
2756
2757 sector++;
2758 ei_lba++;
2759 dpage_offset += scsi_debug_sector_size;
2760 }
2761 diter.consumed = dpage_offset;
2762 sg_miter_stop(&diter);
2763 }
2764 sg_miter_stop(&piter);
2765
2766 dif_copy_prot(SCpnt, start_sec, sectors, false);
2767 dix_writes++;
2768
2769 return 0;
2770
2771out:
2772 dif_errors++;
2773 sg_miter_stop(&diter);
2774 sg_miter_stop(&piter);
2775 return ret;
2776}
2777
2778static unsigned long lba_to_map_index(sector_t lba)
2779{
2780 if (scsi_debug_unmap_alignment) {
2781 lba += scsi_debug_unmap_granularity -
2782 scsi_debug_unmap_alignment;
2783 }
2784 sector_div(lba, scsi_debug_unmap_granularity);
2785
2786 return lba;
2787}
2788
2789static sector_t map_index_to_lba(unsigned long index)
2790{
2791 sector_t lba = index * scsi_debug_unmap_granularity;
2792
2793 if (scsi_debug_unmap_alignment) {
2794 lba -= scsi_debug_unmap_granularity -
2795 scsi_debug_unmap_alignment;
2796 }
2797
2798 return lba;
2799}
2800
2801static unsigned int map_state(sector_t lba, unsigned int *num)
2802{
2803 sector_t end;
2804 unsigned int mapped;
2805 unsigned long index;
2806 unsigned long next;
2807
2808 index = lba_to_map_index(lba);
2809 mapped = test_bit(index, map_storep);
2810
2811 if (mapped)
2812 next = find_next_zero_bit(map_storep, map_size, index);
2813 else
2814 next = find_next_bit(map_storep, map_size, index);
2815
2816 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2817 *num = end - lba;
2818
2819 return mapped;
2820}
2821
2822static void map_region(sector_t lba, unsigned int len)
2823{
2824 sector_t end = lba + len;
2825
2826 while (lba < end) {
2827 unsigned long index = lba_to_map_index(lba);
2828
2829 if (index < map_size)
2830 set_bit(index, map_storep);
2831
2832 lba = map_index_to_lba(index + 1);
2833 }
2834}
2835
2836static void unmap_region(sector_t lba, unsigned int len)
2837{
2838 sector_t end = lba + len;
2839
2840 while (lba < end) {
2841 unsigned long index = lba_to_map_index(lba);
2842
2843 if (lba == map_index_to_lba(index) &&
2844 lba + scsi_debug_unmap_granularity <= end &&
2845 index < map_size) {
2846 clear_bit(index, map_storep);
2847 if (scsi_debug_lbprz) {
2848 memset(fake_storep +
2849 lba * scsi_debug_sector_size, 0,
2850 scsi_debug_sector_size *
2851 scsi_debug_unmap_granularity);
2852 }
2853 if (dif_storep) {
2854 memset(dif_storep + lba, 0xff,
2855 sizeof(*dif_storep) *
2856 scsi_debug_unmap_granularity);
2857 }
2858 }
2859 lba = map_index_to_lba(index + 1);
2860 }
2861}
2862
2863static int
2864resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2865{
2866 u8 *cmd = scp->cmnd;
2867 u64 lba;
2868 u32 num;
2869 u32 ei_lba;
2870 unsigned long iflags;
2871 int ret;
2872 bool check_prot;
2873
2874 switch (cmd[0]) {
2875 case WRITE_16:
2876 ei_lba = 0;
2877 lba = get_unaligned_be64(cmd + 2);
2878 num = get_unaligned_be32(cmd + 10);
2879 check_prot = true;
2880 break;
2881 case WRITE_10:
2882 ei_lba = 0;
2883 lba = get_unaligned_be32(cmd + 2);
2884 num = get_unaligned_be16(cmd + 7);
2885 check_prot = true;
2886 break;
2887 case WRITE_6:
2888 ei_lba = 0;
2889 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2890 (u32)(cmd[1] & 0x1f) << 16;
2891 num = (0 == cmd[4]) ? 256 : cmd[4];
2892 check_prot = true;
2893 break;
2894 case WRITE_12:
2895 ei_lba = 0;
2896 lba = get_unaligned_be32(cmd + 2);
2897 num = get_unaligned_be32(cmd + 6);
2898 check_prot = true;
2899 break;
2900 case 0x53: /* XDWRITEREAD(10) */
2901 ei_lba = 0;
2902 lba = get_unaligned_be32(cmd + 2);
2903 num = get_unaligned_be16(cmd + 7);
2904 check_prot = false;
2905 break;
2906 default: /* assume WRITE(32) */
2907 lba = get_unaligned_be64(cmd + 12);
2908 ei_lba = get_unaligned_be32(cmd + 20);
2909 num = get_unaligned_be32(cmd + 28);
2910 check_prot = false;
2911 break;
2912 }
2913 if (check_prot) {
2914 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2915 (cmd[1] & 0xe0)) {
2916 mk_sense_invalid_opcode(scp);
2917 return check_condition_result;
2918 }
2919 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
2920 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
2921 (cmd[1] & 0xe0) == 0)
2922 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
2923 "to DIF device\n");
2924 }
2925
2926 /* inline check_device_access_params() */
2927 if (lba + num > sdebug_capacity) {
2928 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2929 return check_condition_result;
2930 }
2931 /* transfer length excessive (tie in to block limits VPD page) */
2932 if (num > sdebug_store_sectors) {
2933 /* needs work to find which cdb byte 'num' comes from */
2934 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2935 return check_condition_result;
2936 }
2937
2938 write_lock_irqsave(&atomic_rw, iflags);
2939
2940 /* DIX + T10 DIF */
2941 if (scsi_debug_dix && scsi_prot_sg_count(scp)) {
2942 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
2943
2944 if (prot_ret) {
2945 write_unlock_irqrestore(&atomic_rw, iflags);
2946 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
2947 return illegal_condition_result;
2948 }
2949 }
2950
2951 ret = do_device_access(scp, lba, num, true);
2952 if (scsi_debug_lbp())
2953 map_region(lba, num);
2954 write_unlock_irqrestore(&atomic_rw, iflags);
2955 if (-1 == ret)
2956 return (DID_ERROR << 16);
2957 else if ((ret < (num * scsi_debug_sector_size)) &&
2958 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
2959 sdev_printk(KERN_INFO, scp->device,
2960 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
2961 my_name, num * scsi_debug_sector_size, ret);
2962
2963 if (sdebug_any_injecting_opt) {
2964 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2965
2966 if (ep->inj_recovered) {
2967 mk_sense_buffer(scp, RECOVERED_ERROR,
2968 THRESHOLD_EXCEEDED, 0);
2969 return check_condition_result;
2970 } else if (ep->inj_dif) {
2971 /* Logical block guard check failed */
2972 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2973 return illegal_condition_result;
2974 } else if (ep->inj_dix) {
2975 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2976 return illegal_condition_result;
2977 }
2978 }
2979 return 0;
2980}
2981
2982static int
2983resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, u32 ei_lba,
2984 bool unmap, bool ndob)
2985{
2986 unsigned long iflags;
2987 unsigned long long i;
2988 int ret;
2989
2990 ret = check_device_access_params(scp, lba, num);
2991 if (ret)
2992 return ret;
2993
2994 write_lock_irqsave(&atomic_rw, iflags);
2995
2996 if (unmap && scsi_debug_lbp()) {
2997 unmap_region(lba, num);
2998 goto out;
2999 }
3000
3001 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3002 if (ndob) {
3003 memset(fake_storep + (lba * scsi_debug_sector_size), 0,
3004 scsi_debug_sector_size);
3005 ret = 0;
3006 } else
3007 ret = fetch_to_dev_buffer(scp, fake_storep +
3008 (lba * scsi_debug_sector_size),
3009 scsi_debug_sector_size);
3010
3011 if (-1 == ret) {
3012 write_unlock_irqrestore(&atomic_rw, iflags);
3013 return (DID_ERROR << 16);
3014 } else if ((ret < (num * scsi_debug_sector_size)) &&
3015 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3016 sdev_printk(KERN_INFO, scp->device,
3017 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
3018 my_name, "write same",
3019 num * scsi_debug_sector_size, ret);
3020
3021 /* Copy first sector to remaining blocks */
3022 for (i = 1 ; i < num ; i++)
3023 memcpy(fake_storep + ((lba + i) * scsi_debug_sector_size),
3024 fake_storep + (lba * scsi_debug_sector_size),
3025 scsi_debug_sector_size);
3026
3027 if (scsi_debug_lbp())
3028 map_region(lba, num);
3029out:
3030 write_unlock_irqrestore(&atomic_rw, iflags);
3031
3032 return 0;
3033}
3034
3035static int
3036resp_write_same_10(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3037{
3038 u8 *cmd = scp->cmnd;
3039 u32 lba;
3040 u16 num;
3041 u32 ei_lba = 0;
3042 bool unmap = false;
3043
3044 if (cmd[1] & 0x8) {
3045 if (scsi_debug_lbpws10 == 0) {
3046 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3047 return check_condition_result;
3048 } else
3049 unmap = true;
3050 }
3051 lba = get_unaligned_be32(cmd + 2);
3052 num = get_unaligned_be16(cmd + 7);
3053 if (num > scsi_debug_write_same_length) {
3054 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3055 return check_condition_result;
3056 }
3057 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3058}
3059
3060static int
3061resp_write_same_16(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3062{
3063 u8 *cmd = scp->cmnd;
3064 u64 lba;
3065 u32 num;
3066 u32 ei_lba = 0;
3067 bool unmap = false;
3068 bool ndob = false;
3069
3070 if (cmd[1] & 0x8) { /* UNMAP */
3071 if (scsi_debug_lbpws == 0) {
3072 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3073 return check_condition_result;
3074 } else
3075 unmap = true;
3076 }
3077 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3078 ndob = true;
3079 lba = get_unaligned_be64(cmd + 2);
3080 num = get_unaligned_be32(cmd + 10);
3081 if (num > scsi_debug_write_same_length) {
3082 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3083 return check_condition_result;
3084 }
3085 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3086}
3087
3088/* Note the mode field is in the same position as the (lower) service action
3089 * field. For the Report supported operation codes command, SPC-4 suggests
3090 * each mode of this command should be reported separately; for future. */
3091static int
3092resp_write_buffer(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3093{
3094 u8 *cmd = scp->cmnd;
3095 struct scsi_device *sdp = scp->device;
3096 struct sdebug_dev_info *dp;
3097 u8 mode;
3098
3099 mode = cmd[1] & 0x1f;
3100 switch (mode) {
3101 case 0x4: /* download microcode (MC) and activate (ACT) */
3102 /* set UAs on this device only */
3103 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3104 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3105 break;
3106 case 0x5: /* download MC, save and ACT */
3107 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3108 break;
3109 case 0x6: /* download MC with offsets and ACT */
3110 /* set UAs on most devices (LUs) in this target */
3111 list_for_each_entry(dp,
3112 &devip->sdbg_host->dev_info_list,
3113 dev_list)
3114 if (dp->target == sdp->id) {
3115 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3116 if (devip != dp)
3117 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3118 dp->uas_bm);
3119 }
3120 break;
3121 case 0x7: /* download MC with offsets, save, and ACT */
3122 /* set UA on all devices (LUs) in this target */
3123 list_for_each_entry(dp,
3124 &devip->sdbg_host->dev_info_list,
3125 dev_list)
3126 if (dp->target == sdp->id)
3127 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3128 dp->uas_bm);
3129 break;
3130 default:
3131 /* do nothing for this command for other mode values */
3132 break;
3133 }
3134 return 0;
3135}
3136
3137static int
3138resp_comp_write(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3139{
3140 u8 *cmd = scp->cmnd;
3141 u8 *arr;
3142 u8 *fake_storep_hold;
3143 u64 lba;
3144 u32 dnum;
3145 u32 lb_size = scsi_debug_sector_size;
3146 u8 num;
3147 unsigned long iflags;
3148 int ret;
3149 int retval = 0;
3150
3151 lba = get_unaligned_be64(cmd + 2);
3152 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3153 if (0 == num)
3154 return 0; /* degenerate case, not an error */
3155 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
3156 (cmd[1] & 0xe0)) {
3157 mk_sense_invalid_opcode(scp);
3158 return check_condition_result;
3159 }
3160 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
3161 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
3162 (cmd[1] & 0xe0) == 0)
3163 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3164 "to DIF device\n");
3165
3166 /* inline check_device_access_params() */
3167 if (lba + num > sdebug_capacity) {
3168 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3169 return check_condition_result;
3170 }
3171 /* transfer length excessive (tie in to block limits VPD page) */
3172 if (num > sdebug_store_sectors) {
3173 /* needs work to find which cdb byte 'num' comes from */
3174 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3175 return check_condition_result;
3176 }
3177 dnum = 2 * num;
3178 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3179 if (NULL == arr) {
3180 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3181 INSUFF_RES_ASCQ);
3182 return check_condition_result;
3183 }
3184
3185 write_lock_irqsave(&atomic_rw, iflags);
3186
3187 /* trick do_device_access() to fetch both compare and write buffers
3188 * from data-in into arr. Safe (atomic) since write_lock held. */
3189 fake_storep_hold = fake_storep;
3190 fake_storep = arr;
3191 ret = do_device_access(scp, 0, dnum, true);
3192 fake_storep = fake_storep_hold;
3193 if (ret == -1) {
3194 retval = DID_ERROR << 16;
3195 goto cleanup;
3196 } else if ((ret < (dnum * lb_size)) &&
3197 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3198 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3199 "indicated=%u, IO sent=%d bytes\n", my_name,
3200 dnum * lb_size, ret);
3201 if (!comp_write_worker(lba, num, arr)) {
3202 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3203 retval = check_condition_result;
3204 goto cleanup;
3205 }
3206 if (scsi_debug_lbp())
3207 map_region(lba, num);
3208cleanup:
3209 write_unlock_irqrestore(&atomic_rw, iflags);
3210 kfree(arr);
3211 return retval;
3212}
3213
3214struct unmap_block_desc {
3215 __be64 lba;
3216 __be32 blocks;
3217 __be32 __reserved;
3218};
3219
3220static int
3221resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3222{
3223 unsigned char *buf;
3224 struct unmap_block_desc *desc;
3225 unsigned int i, payload_len, descriptors;
3226 int ret;
3227 unsigned long iflags;
3228
3229
3230 if (!scsi_debug_lbp())
3231 return 0; /* fib and say its done */
3232 payload_len = get_unaligned_be16(scp->cmnd + 7);
3233 BUG_ON(scsi_bufflen(scp) != payload_len);
3234
3235 descriptors = (payload_len - 8) / 16;
3236 if (descriptors > scsi_debug_unmap_max_desc) {
3237 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3238 return check_condition_result;
3239 }
3240
3241 buf = kmalloc(scsi_bufflen(scp), GFP_ATOMIC);
3242 if (!buf) {
3243 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3244 INSUFF_RES_ASCQ);
3245 return check_condition_result;
3246 }
3247
3248 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3249
3250 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3251 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3252
3253 desc = (void *)&buf[8];
3254
3255 write_lock_irqsave(&atomic_rw, iflags);
3256
3257 for (i = 0 ; i < descriptors ; i++) {
3258 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3259 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3260
3261 ret = check_device_access_params(scp, lba, num);
3262 if (ret)
3263 goto out;
3264
3265 unmap_region(lba, num);
3266 }
3267
3268 ret = 0;
3269
3270out:
3271 write_unlock_irqrestore(&atomic_rw, iflags);
3272 kfree(buf);
3273
3274 return ret;
3275}
3276
3277#define SDEBUG_GET_LBA_STATUS_LEN 32
3278
3279static int
3280resp_get_lba_status(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3281{
3282 u8 *cmd = scp->cmnd;
3283 u64 lba;
3284 u32 alloc_len, mapped, num;
3285 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3286 int ret;
3287
3288 lba = get_unaligned_be64(cmd + 2);
3289 alloc_len = get_unaligned_be32(cmd + 10);
3290
3291 if (alloc_len < 24)
3292 return 0;
3293
3294 ret = check_device_access_params(scp, lba, 1);
3295 if (ret)
3296 return ret;
3297
3298 if (scsi_debug_lbp())
3299 mapped = map_state(lba, &num);
3300 else {
3301 mapped = 1;
3302 /* following just in case virtual_gb changed */
3303 sdebug_capacity = get_sdebug_capacity();
3304 if (sdebug_capacity - lba <= 0xffffffff)
3305 num = sdebug_capacity - lba;
3306 else
3307 num = 0xffffffff;
3308 }
3309
3310 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3311 put_unaligned_be32(20, arr); /* Parameter Data Length */
3312 put_unaligned_be64(lba, arr + 8); /* LBA */
3313 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3314 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3315
3316 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3317}
3318
3319#define SDEBUG_RLUN_ARR_SZ 256
3320
3321static int resp_report_luns(struct scsi_cmnd * scp,
3322 struct sdebug_dev_info * devip)
3323{
3324 unsigned int alloc_len;
3325 int lun_cnt, i, upper, num, n, want_wlun, shortish;
3326 u64 lun;
3327 unsigned char *cmd = scp->cmnd;
3328 int select_report = (int)cmd[2];
3329 struct scsi_lun *one_lun;
3330 unsigned char arr[SDEBUG_RLUN_ARR_SZ];
3331 unsigned char * max_addr;
3332
3333 clear_luns_changed_on_target(devip);
3334 alloc_len = cmd[9] + (cmd[8] << 8) + (cmd[7] << 16) + (cmd[6] << 24);
3335 shortish = (alloc_len < 4);
3336 if (shortish || (select_report > 2)) {
3337 mk_sense_invalid_fld(scp, SDEB_IN_CDB, shortish ? 6 : 2, -1);
3338 return check_condition_result;
3339 }
3340 /* can produce response with up to 16k luns (lun 0 to lun 16383) */
3341 memset(arr, 0, SDEBUG_RLUN_ARR_SZ);
3342 lun_cnt = scsi_debug_max_luns;
3343 if (1 == select_report)
3344 lun_cnt = 0;
3345 else if (scsi_debug_no_lun_0 && (lun_cnt > 0))
3346 --lun_cnt;
3347 want_wlun = (select_report > 0) ? 1 : 0;
3348 num = lun_cnt + want_wlun;
3349 arr[2] = ((sizeof(struct scsi_lun) * num) >> 8) & 0xff;
3350 arr[3] = (sizeof(struct scsi_lun) * num) & 0xff;
3351 n = min((int)((SDEBUG_RLUN_ARR_SZ - 8) /
3352 sizeof(struct scsi_lun)), num);
3353 if (n < num) {
3354 want_wlun = 0;
3355 lun_cnt = n;
3356 }
3357 one_lun = (struct scsi_lun *) &arr[8];
3358 max_addr = arr + SDEBUG_RLUN_ARR_SZ;
3359 for (i = 0, lun = (scsi_debug_no_lun_0 ? 1 : 0);
3360 ((i < lun_cnt) && ((unsigned char *)(one_lun + i) < max_addr));
3361 i++, lun++) {
3362 upper = (lun >> 8) & 0x3f;
3363 if (upper)
3364 one_lun[i].scsi_lun[0] =
3365 (upper | (SAM2_LUN_ADDRESS_METHOD << 6));
3366 one_lun[i].scsi_lun[1] = lun & 0xff;
3367 }
3368 if (want_wlun) {
3369 one_lun[i].scsi_lun[0] = (SCSI_W_LUN_REPORT_LUNS >> 8) & 0xff;
3370 one_lun[i].scsi_lun[1] = SCSI_W_LUN_REPORT_LUNS & 0xff;
3371 i++;
3372 }
3373 alloc_len = (unsigned char *)(one_lun + i) - arr;
3374 return fill_from_dev_buffer(scp, arr,
3375 min((int)alloc_len, SDEBUG_RLUN_ARR_SZ));
3376}
3377
3378static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3379 unsigned int num, struct sdebug_dev_info *devip)
3380{
3381 int j;
3382 unsigned char *kaddr, *buf;
3383 unsigned int offset;
3384 struct scsi_data_buffer *sdb = scsi_in(scp);
3385 struct sg_mapping_iter miter;
3386
3387 /* better not to use temporary buffer. */
3388 buf = kmalloc(scsi_bufflen(scp), GFP_ATOMIC);
3389 if (!buf) {
3390 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3391 INSUFF_RES_ASCQ);
3392 return check_condition_result;
3393 }
3394
3395 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3396
3397 offset = 0;
3398 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3399 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3400
3401 while (sg_miter_next(&miter)) {
3402 kaddr = miter.addr;
3403 for (j = 0; j < miter.length; j++)
3404 *(kaddr + j) ^= *(buf + offset + j);
3405
3406 offset += miter.length;
3407 }
3408 sg_miter_stop(&miter);
3409 kfree(buf);
3410
3411 return 0;
3412}
3413
3414static int
3415resp_xdwriteread_10(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3416{
3417 u8 *cmd = scp->cmnd;
3418 u64 lba;
3419 u32 num;
3420 int errsts;
3421
3422 if (!scsi_bidi_cmnd(scp)) {
3423 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3424 INSUFF_RES_ASCQ);
3425 return check_condition_result;
3426 }
3427 errsts = resp_read_dt0(scp, devip);
3428 if (errsts)
3429 return errsts;
3430 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3431 errsts = resp_write_dt0(scp, devip);
3432 if (errsts)
3433 return errsts;
3434 }
3435 lba = get_unaligned_be32(cmd + 2);
3436 num = get_unaligned_be16(cmd + 7);
3437 return resp_xdwriteread(scp, lba, num, devip);
3438}
3439
3440/* When timer or tasklet goes off this function is called. */
3441static void sdebug_q_cmd_complete(unsigned long indx)
3442{
3443 int qa_indx;
3444 int retiring = 0;
3445 unsigned long iflags;
3446 struct sdebug_queued_cmd *sqcp;
3447 struct scsi_cmnd *scp;
3448 struct sdebug_dev_info *devip;
3449
3450 atomic_inc(&sdebug_completions);
3451 qa_indx = indx;
3452 if ((qa_indx < 0) || (qa_indx >= SCSI_DEBUG_CANQUEUE)) {
3453 pr_err("wild qa_indx=%d\n", qa_indx);
3454 return;
3455 }
3456 spin_lock_irqsave(&queued_arr_lock, iflags);
3457 sqcp = &queued_arr[qa_indx];
3458 scp = sqcp->a_cmnd;
3459 if (NULL == scp) {
3460 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3461 pr_err("scp is NULL\n");
3462 return;
3463 }
3464 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3465 if (devip)
3466 atomic_dec(&devip->num_in_q);
3467 else
3468 pr_err("devip=NULL\n");
3469 if (atomic_read(&retired_max_queue) > 0)
3470 retiring = 1;
3471
3472 sqcp->a_cmnd = NULL;
3473 if (!test_and_clear_bit(qa_indx, queued_in_use_bm)) {
3474 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3475 pr_err("Unexpected completion\n");
3476 return;
3477 }
3478
3479 if (unlikely(retiring)) { /* user has reduced max_queue */
3480 int k, retval;
3481
3482 retval = atomic_read(&retired_max_queue);
3483 if (qa_indx >= retval) {
3484 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3485 pr_err("index %d too large\n", retval);
3486 return;
3487 }
3488 k = find_last_bit(queued_in_use_bm, retval);
3489 if ((k < scsi_debug_max_queue) || (k == retval))
3490 atomic_set(&retired_max_queue, 0);
3491 else
3492 atomic_set(&retired_max_queue, k + 1);
3493 }
3494 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3495 scp->scsi_done(scp); /* callback to mid level */
3496}
3497
3498/* When high resolution timer goes off this function is called. */
3499static enum hrtimer_restart
3500sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3501{
3502 int qa_indx;
3503 int retiring = 0;
3504 unsigned long iflags;
3505 struct sdebug_hrtimer *sd_hrtp = (struct sdebug_hrtimer *)timer;
3506 struct sdebug_queued_cmd *sqcp;
3507 struct scsi_cmnd *scp;
3508 struct sdebug_dev_info *devip;
3509
3510 atomic_inc(&sdebug_completions);
3511 qa_indx = sd_hrtp->qa_indx;
3512 if ((qa_indx < 0) || (qa_indx >= SCSI_DEBUG_CANQUEUE)) {
3513 pr_err("wild qa_indx=%d\n", qa_indx);
3514 goto the_end;
3515 }
3516 spin_lock_irqsave(&queued_arr_lock, iflags);
3517 sqcp = &queued_arr[qa_indx];
3518 scp = sqcp->a_cmnd;
3519 if (NULL == scp) {
3520 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3521 pr_err("scp is NULL\n");
3522 goto the_end;
3523 }
3524 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3525 if (devip)
3526 atomic_dec(&devip->num_in_q);
3527 else
3528 pr_err("devip=NULL\n");
3529 if (atomic_read(&retired_max_queue) > 0)
3530 retiring = 1;
3531
3532 sqcp->a_cmnd = NULL;
3533 if (!test_and_clear_bit(qa_indx, queued_in_use_bm)) {
3534 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3535 pr_err("Unexpected completion\n");
3536 goto the_end;
3537 }
3538
3539 if (unlikely(retiring)) { /* user has reduced max_queue */
3540 int k, retval;
3541
3542 retval = atomic_read(&retired_max_queue);
3543 if (qa_indx >= retval) {
3544 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3545 pr_err("index %d too large\n", retval);
3546 goto the_end;
3547 }
3548 k = find_last_bit(queued_in_use_bm, retval);
3549 if ((k < scsi_debug_max_queue) || (k == retval))
3550 atomic_set(&retired_max_queue, 0);
3551 else
3552 atomic_set(&retired_max_queue, k + 1);
3553 }
3554 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3555 scp->scsi_done(scp); /* callback to mid level */
3556the_end:
3557 return HRTIMER_NORESTART;
3558}
3559
3560static struct sdebug_dev_info *
3561sdebug_device_create(struct sdebug_host_info *sdbg_host, gfp_t flags)
3562{
3563 struct sdebug_dev_info *devip;
3564
3565 devip = kzalloc(sizeof(*devip), flags);
3566 if (devip) {
3567 devip->sdbg_host = sdbg_host;
3568 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3569 }
3570 return devip;
3571}
3572
3573static struct sdebug_dev_info * devInfoReg(struct scsi_device * sdev)
3574{
3575 struct sdebug_host_info * sdbg_host;
3576 struct sdebug_dev_info * open_devip = NULL;
3577 struct sdebug_dev_info * devip =
3578 (struct sdebug_dev_info *)sdev->hostdata;
3579
3580 if (devip)
3581 return devip;
3582 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3583 if (!sdbg_host) {
3584 pr_err("Host info NULL\n");
3585 return NULL;
3586 }
3587 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3588 if ((devip->used) && (devip->channel == sdev->channel) &&
3589 (devip->target == sdev->id) &&
3590 (devip->lun == sdev->lun))
3591 return devip;
3592 else {
3593 if ((!devip->used) && (!open_devip))
3594 open_devip = devip;
3595 }
3596 }
3597 if (!open_devip) { /* try and make a new one */
3598 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3599 if (!open_devip) {
3600 pr_err("out of memory at line %d\n", __LINE__);
3601 return NULL;
3602 }
3603 }
3604
3605 open_devip->channel = sdev->channel;
3606 open_devip->target = sdev->id;
3607 open_devip->lun = sdev->lun;
3608 open_devip->sdbg_host = sdbg_host;
3609 atomic_set(&open_devip->num_in_q, 0);
3610 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3611 open_devip->used = true;
3612 return open_devip;
3613}
3614
3615static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3616{
3617 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3618 pr_info("slave_alloc <%u %u %u %llu>\n",
3619 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3620 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue);
3621 return 0;
3622}
3623
3624static int scsi_debug_slave_configure(struct scsi_device *sdp)
3625{
3626 struct sdebug_dev_info *devip;
3627
3628 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3629 pr_info("slave_configure <%u %u %u %llu>\n",
3630 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3631 if (sdp->host->max_cmd_len != SCSI_DEBUG_MAX_CMD_LEN)
3632 sdp->host->max_cmd_len = SCSI_DEBUG_MAX_CMD_LEN;
3633 devip = devInfoReg(sdp);
3634 if (NULL == devip)
3635 return 1; /* no resources, will be marked offline */
3636 sdp->hostdata = devip;
3637 blk_queue_max_segment_size(sdp->request_queue, -1U);
3638 if (scsi_debug_no_uld)
3639 sdp->no_uld_attach = 1;
3640 return 0;
3641}
3642
3643static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3644{
3645 struct sdebug_dev_info *devip =
3646 (struct sdebug_dev_info *)sdp->hostdata;
3647
3648 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3649 pr_info("slave_destroy <%u %u %u %llu>\n",
3650 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3651 if (devip) {
3652 /* make this slot available for re-use */
3653 devip->used = false;
3654 sdp->hostdata = NULL;
3655 }
3656}
3657
3658/* Returns 1 if cmnd found (deletes its timer or tasklet), else returns 0 */
3659static int stop_queued_cmnd(struct scsi_cmnd *cmnd)
3660{
3661 unsigned long iflags;
3662 int k, qmax, r_qmax;
3663 struct sdebug_queued_cmd *sqcp;
3664 struct sdebug_dev_info *devip;
3665
3666 spin_lock_irqsave(&queued_arr_lock, iflags);
3667 qmax = scsi_debug_max_queue;
3668 r_qmax = atomic_read(&retired_max_queue);
3669 if (r_qmax > qmax)
3670 qmax = r_qmax;
3671 for (k = 0; k < qmax; ++k) {
3672 if (test_bit(k, queued_in_use_bm)) {
3673 sqcp = &queued_arr[k];
3674 if (cmnd == sqcp->a_cmnd) {
3675 devip = (struct sdebug_dev_info *)
3676 cmnd->device->hostdata;
3677 if (devip)
3678 atomic_dec(&devip->num_in_q);
3679 sqcp->a_cmnd = NULL;
3680 spin_unlock_irqrestore(&queued_arr_lock,
3681 iflags);
3682 if (scsi_debug_ndelay > 0) {
3683 if (sqcp->sd_hrtp)
3684 hrtimer_cancel(
3685 &sqcp->sd_hrtp->hrt);
3686 } else if (scsi_debug_delay > 0) {
3687 if (sqcp->cmnd_timerp)
3688 del_timer_sync(
3689 sqcp->cmnd_timerp);
3690 } else if (scsi_debug_delay < 0) {
3691 if (sqcp->tletp)
3692 tasklet_kill(sqcp->tletp);
3693 }
3694 clear_bit(k, queued_in_use_bm);
3695 return 1;
3696 }
3697 }
3698 }
3699 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3700 return 0;
3701}
3702
3703/* Deletes (stops) timers or tasklets of all queued commands */
3704static void stop_all_queued(void)
3705{
3706 unsigned long iflags;
3707 int k;
3708 struct sdebug_queued_cmd *sqcp;
3709 struct sdebug_dev_info *devip;
3710
3711 spin_lock_irqsave(&queued_arr_lock, iflags);
3712 for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
3713 if (test_bit(k, queued_in_use_bm)) {
3714 sqcp = &queued_arr[k];
3715 if (sqcp->a_cmnd) {
3716 devip = (struct sdebug_dev_info *)
3717 sqcp->a_cmnd->device->hostdata;
3718 if (devip)
3719 atomic_dec(&devip->num_in_q);
3720 sqcp->a_cmnd = NULL;
3721 spin_unlock_irqrestore(&queued_arr_lock,
3722 iflags);
3723 if (scsi_debug_ndelay > 0) {
3724 if (sqcp->sd_hrtp)
3725 hrtimer_cancel(
3726 &sqcp->sd_hrtp->hrt);
3727 } else if (scsi_debug_delay > 0) {
3728 if (sqcp->cmnd_timerp)
3729 del_timer_sync(
3730 sqcp->cmnd_timerp);
3731 } else if (scsi_debug_delay < 0) {
3732 if (sqcp->tletp)
3733 tasklet_kill(sqcp->tletp);
3734 }
3735 clear_bit(k, queued_in_use_bm);
3736 spin_lock_irqsave(&queued_arr_lock, iflags);
3737 }
3738 }
3739 }
3740 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3741}
3742
3743/* Free queued command memory on heap */
3744static void free_all_queued(void)
3745{
3746 unsigned long iflags;
3747 int k;
3748 struct sdebug_queued_cmd *sqcp;
3749
3750 spin_lock_irqsave(&queued_arr_lock, iflags);
3751 for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
3752 sqcp = &queued_arr[k];
3753 kfree(sqcp->cmnd_timerp);
3754 sqcp->cmnd_timerp = NULL;
3755 kfree(sqcp->tletp);
3756 sqcp->tletp = NULL;
3757 kfree(sqcp->sd_hrtp);
3758 sqcp->sd_hrtp = NULL;
3759 }
3760 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3761}
3762
3763static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
3764{
3765 ++num_aborts;
3766 if (SCpnt) {
3767 if (SCpnt->device &&
3768 (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts))
3769 sdev_printk(KERN_INFO, SCpnt->device, "%s\n",
3770 __func__);
3771 stop_queued_cmnd(SCpnt);
3772 }
3773 return SUCCESS;
3774}
3775
3776static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
3777{
3778 struct sdebug_dev_info * devip;
3779
3780 ++num_dev_resets;
3781 if (SCpnt && SCpnt->device) {
3782 struct scsi_device *sdp = SCpnt->device;
3783
3784 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3785 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3786 devip = devInfoReg(sdp);
3787 if (devip)
3788 set_bit(SDEBUG_UA_POR, devip->uas_bm);
3789 }
3790 return SUCCESS;
3791}
3792
3793static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
3794{
3795 struct sdebug_host_info *sdbg_host;
3796 struct sdebug_dev_info *devip;
3797 struct scsi_device *sdp;
3798 struct Scsi_Host *hp;
3799 int k = 0;
3800
3801 ++num_target_resets;
3802 if (!SCpnt)
3803 goto lie;
3804 sdp = SCpnt->device;
3805 if (!sdp)
3806 goto lie;
3807 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3808 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3809 hp = sdp->host;
3810 if (!hp)
3811 goto lie;
3812 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3813 if (sdbg_host) {
3814 list_for_each_entry(devip,
3815 &sdbg_host->dev_info_list,
3816 dev_list)
3817 if (devip->target == sdp->id) {
3818 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3819 ++k;
3820 }
3821 }
3822 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3823 sdev_printk(KERN_INFO, sdp,
3824 "%s: %d device(s) found in target\n", __func__, k);
3825lie:
3826 return SUCCESS;
3827}
3828
3829static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
3830{
3831 struct sdebug_host_info *sdbg_host;
3832 struct sdebug_dev_info *devip;
3833 struct scsi_device * sdp;
3834 struct Scsi_Host * hp;
3835 int k = 0;
3836
3837 ++num_bus_resets;
3838 if (!(SCpnt && SCpnt->device))
3839 goto lie;
3840 sdp = SCpnt->device;
3841 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3842 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3843 hp = sdp->host;
3844 if (hp) {
3845 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3846 if (sdbg_host) {
3847 list_for_each_entry(devip,
3848 &sdbg_host->dev_info_list,
3849 dev_list) {
3850 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3851 ++k;
3852 }
3853 }
3854 }
3855 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3856 sdev_printk(KERN_INFO, sdp,
3857 "%s: %d device(s) found in host\n", __func__, k);
3858lie:
3859 return SUCCESS;
3860}
3861
3862static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
3863{
3864 struct sdebug_host_info * sdbg_host;
3865 struct sdebug_dev_info *devip;
3866 int k = 0;
3867
3868 ++num_host_resets;
3869 if ((SCpnt->device) && (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts))
3870 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
3871 spin_lock(&sdebug_host_list_lock);
3872 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
3873 list_for_each_entry(devip, &sdbg_host->dev_info_list,
3874 dev_list) {
3875 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3876 ++k;
3877 }
3878 }
3879 spin_unlock(&sdebug_host_list_lock);
3880 stop_all_queued();
3881 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3882 sdev_printk(KERN_INFO, SCpnt->device,
3883 "%s: %d device(s) found\n", __func__, k);
3884 return SUCCESS;
3885}
3886
3887static void __init sdebug_build_parts(unsigned char *ramp,
3888 unsigned long store_size)
3889{
3890 struct partition * pp;
3891 int starts[SDEBUG_MAX_PARTS + 2];
3892 int sectors_per_part, num_sectors, k;
3893 int heads_by_sects, start_sec, end_sec;
3894
3895 /* assume partition table already zeroed */
3896 if ((scsi_debug_num_parts < 1) || (store_size < 1048576))
3897 return;
3898 if (scsi_debug_num_parts > SDEBUG_MAX_PARTS) {
3899 scsi_debug_num_parts = SDEBUG_MAX_PARTS;
3900 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
3901 }
3902 num_sectors = (int)sdebug_store_sectors;
3903 sectors_per_part = (num_sectors - sdebug_sectors_per)
3904 / scsi_debug_num_parts;
3905 heads_by_sects = sdebug_heads * sdebug_sectors_per;
3906 starts[0] = sdebug_sectors_per;
3907 for (k = 1; k < scsi_debug_num_parts; ++k)
3908 starts[k] = ((k * sectors_per_part) / heads_by_sects)
3909 * heads_by_sects;
3910 starts[scsi_debug_num_parts] = num_sectors;
3911 starts[scsi_debug_num_parts + 1] = 0;
3912
3913 ramp[510] = 0x55; /* magic partition markings */
3914 ramp[511] = 0xAA;
3915 pp = (struct partition *)(ramp + 0x1be);
3916 for (k = 0; starts[k + 1]; ++k, ++pp) {
3917 start_sec = starts[k];
3918 end_sec = starts[k + 1] - 1;
3919 pp->boot_ind = 0;
3920
3921 pp->cyl = start_sec / heads_by_sects;
3922 pp->head = (start_sec - (pp->cyl * heads_by_sects))
3923 / sdebug_sectors_per;
3924 pp->sector = (start_sec % sdebug_sectors_per) + 1;
3925
3926 pp->end_cyl = end_sec / heads_by_sects;
3927 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
3928 / sdebug_sectors_per;
3929 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
3930
3931 pp->start_sect = cpu_to_le32(start_sec);
3932 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
3933 pp->sys_ind = 0x83; /* plain Linux partition */
3934 }
3935}
3936
3937static int
3938schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
3939 int scsi_result, int delta_jiff)
3940{
3941 unsigned long iflags;
3942 int k, num_in_q, qdepth, inject;
3943 struct sdebug_queued_cmd *sqcp = NULL;
3944 struct scsi_device *sdp;
3945
3946 /* this should never happen */
3947 if (WARN_ON(!cmnd))
3948 return SCSI_MLQUEUE_HOST_BUSY;
3949
3950 if (NULL == devip) {
3951 pr_warn("called devip == NULL\n");
3952 /* no particularly good error to report back */
3953 return SCSI_MLQUEUE_HOST_BUSY;
3954 }
3955
3956 sdp = cmnd->device;
3957
3958 if ((scsi_result) && (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3959 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
3960 __func__, scsi_result);
3961 if (delta_jiff == 0)
3962 goto respond_in_thread;
3963
3964 /* schedule the response at a later time if resources permit */
3965 spin_lock_irqsave(&queued_arr_lock, iflags);
3966 num_in_q = atomic_read(&devip->num_in_q);
3967 qdepth = cmnd->device->queue_depth;
3968 inject = 0;
3969 if ((qdepth > 0) && (num_in_q >= qdepth)) {
3970 if (scsi_result) {
3971 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3972 goto respond_in_thread;
3973 } else
3974 scsi_result = device_qfull_result;
3975 } else if ((scsi_debug_every_nth != 0) &&
3976 (SCSI_DEBUG_OPT_RARE_TSF & scsi_debug_opts) &&
3977 (scsi_result == 0)) {
3978 if ((num_in_q == (qdepth - 1)) &&
3979 (atomic_inc_return(&sdebug_a_tsf) >=
3980 abs(scsi_debug_every_nth))) {
3981 atomic_set(&sdebug_a_tsf, 0);
3982 inject = 1;
3983 scsi_result = device_qfull_result;
3984 }
3985 }
3986
3987 k = find_first_zero_bit(queued_in_use_bm, scsi_debug_max_queue);
3988 if (k >= scsi_debug_max_queue) {
3989 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3990 if (scsi_result)
3991 goto respond_in_thread;
3992 else if (SCSI_DEBUG_OPT_ALL_TSF & scsi_debug_opts)
3993 scsi_result = device_qfull_result;
3994 if (SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts)
3995 sdev_printk(KERN_INFO, sdp,
3996 "%s: max_queue=%d exceeded, %s\n",
3997 __func__, scsi_debug_max_queue,
3998 (scsi_result ? "status: TASK SET FULL" :
3999 "report: host busy"));
4000 if (scsi_result)
4001 goto respond_in_thread;
4002 else
4003 return SCSI_MLQUEUE_HOST_BUSY;
4004 }
4005 __set_bit(k, queued_in_use_bm);
4006 atomic_inc(&devip->num_in_q);
4007 sqcp = &queued_arr[k];
4008 sqcp->a_cmnd = cmnd;
4009 cmnd->result = scsi_result;
4010 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4011 if (delta_jiff > 0) {
4012 if (NULL == sqcp->cmnd_timerp) {
4013 sqcp->cmnd_timerp = kmalloc(sizeof(struct timer_list),
4014 GFP_ATOMIC);
4015 if (NULL == sqcp->cmnd_timerp)
4016 return SCSI_MLQUEUE_HOST_BUSY;
4017 init_timer(sqcp->cmnd_timerp);
4018 }
4019 sqcp->cmnd_timerp->function = sdebug_q_cmd_complete;
4020 sqcp->cmnd_timerp->data = k;
4021 sqcp->cmnd_timerp->expires = get_jiffies_64() + delta_jiff;
4022 add_timer(sqcp->cmnd_timerp);
4023 } else if (scsi_debug_ndelay > 0) {
4024 ktime_t kt = ktime_set(0, scsi_debug_ndelay);
4025 struct sdebug_hrtimer *sd_hp = sqcp->sd_hrtp;
4026
4027 if (NULL == sd_hp) {
4028 sd_hp = kmalloc(sizeof(*sd_hp), GFP_ATOMIC);
4029 if (NULL == sd_hp)
4030 return SCSI_MLQUEUE_HOST_BUSY;
4031 sqcp->sd_hrtp = sd_hp;
4032 hrtimer_init(&sd_hp->hrt, CLOCK_MONOTONIC,
4033 HRTIMER_MODE_REL);
4034 sd_hp->hrt.function = sdebug_q_cmd_hrt_complete;
4035 sd_hp->qa_indx = k;
4036 }
4037 hrtimer_start(&sd_hp->hrt, kt, HRTIMER_MODE_REL);
4038 } else { /* delay < 0 */
4039 if (NULL == sqcp->tletp) {
4040 sqcp->tletp = kmalloc(sizeof(*sqcp->tletp),
4041 GFP_ATOMIC);
4042 if (NULL == sqcp->tletp)
4043 return SCSI_MLQUEUE_HOST_BUSY;
4044 tasklet_init(sqcp->tletp,
4045 sdebug_q_cmd_complete, k);
4046 }
4047 if (-1 == delta_jiff)
4048 tasklet_hi_schedule(sqcp->tletp);
4049 else
4050 tasklet_schedule(sqcp->tletp);
4051 }
4052 if ((SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts) &&
4053 (scsi_result == device_qfull_result))
4054 sdev_printk(KERN_INFO, sdp,
4055 "%s: num_in_q=%d +1, %s%s\n", __func__,
4056 num_in_q, (inject ? "<inject> " : ""),
4057 "status: TASK SET FULL");
4058 return 0;
4059
4060respond_in_thread: /* call back to mid-layer using invocation thread */
4061 cmnd->result = scsi_result;
4062 cmnd->scsi_done(cmnd);
4063 return 0;
4064}
4065
4066/* Note: The following macros create attribute files in the
4067 /sys/module/scsi_debug/parameters directory. Unfortunately this
4068 driver is unaware of a change and cannot trigger auxiliary actions
4069 as it can when the corresponding attribute in the
4070 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4071 */
4072module_param_named(add_host, scsi_debug_add_host, int, S_IRUGO | S_IWUSR);
4073module_param_named(ato, scsi_debug_ato, int, S_IRUGO);
4074module_param_named(clustering, scsi_debug_clustering, bool, S_IRUGO | S_IWUSR);
4075module_param_named(delay, scsi_debug_delay, int, S_IRUGO | S_IWUSR);
4076module_param_named(dev_size_mb, scsi_debug_dev_size_mb, int, S_IRUGO);
4077module_param_named(dif, scsi_debug_dif, int, S_IRUGO);
4078module_param_named(dix, scsi_debug_dix, int, S_IRUGO);
4079module_param_named(dsense, scsi_debug_dsense, int, S_IRUGO | S_IWUSR);
4080module_param_named(every_nth, scsi_debug_every_nth, int, S_IRUGO | S_IWUSR);
4081module_param_named(fake_rw, scsi_debug_fake_rw, int, S_IRUGO | S_IWUSR);
4082module_param_named(guard, scsi_debug_guard, uint, S_IRUGO);
4083module_param_named(host_lock, scsi_debug_host_lock, bool, S_IRUGO | S_IWUSR);
4084module_param_named(lbpu, scsi_debug_lbpu, int, S_IRUGO);
4085module_param_named(lbpws, scsi_debug_lbpws, int, S_IRUGO);
4086module_param_named(lbpws10, scsi_debug_lbpws10, int, S_IRUGO);
4087module_param_named(lbprz, scsi_debug_lbprz, int, S_IRUGO);
4088module_param_named(lowest_aligned, scsi_debug_lowest_aligned, int, S_IRUGO);
4089module_param_named(max_luns, scsi_debug_max_luns, int, S_IRUGO | S_IWUSR);
4090module_param_named(max_queue, scsi_debug_max_queue, int, S_IRUGO | S_IWUSR);
4091module_param_named(ndelay, scsi_debug_ndelay, int, S_IRUGO | S_IWUSR);
4092module_param_named(no_lun_0, scsi_debug_no_lun_0, int, S_IRUGO | S_IWUSR);
4093module_param_named(no_uld, scsi_debug_no_uld, int, S_IRUGO);
4094module_param_named(num_parts, scsi_debug_num_parts, int, S_IRUGO);
4095module_param_named(num_tgts, scsi_debug_num_tgts, int, S_IRUGO | S_IWUSR);
4096module_param_named(opt_blks, scsi_debug_opt_blks, int, S_IRUGO);
4097module_param_named(opts, scsi_debug_opts, int, S_IRUGO | S_IWUSR);
4098module_param_named(physblk_exp, scsi_debug_physblk_exp, int, S_IRUGO);
4099module_param_named(ptype, scsi_debug_ptype, int, S_IRUGO | S_IWUSR);
4100module_param_named(removable, scsi_debug_removable, bool, S_IRUGO | S_IWUSR);
4101module_param_named(scsi_level, scsi_debug_scsi_level, int, S_IRUGO);
4102module_param_named(sector_size, scsi_debug_sector_size, int, S_IRUGO);
4103module_param_named(strict, scsi_debug_strict, bool, S_IRUGO | S_IWUSR);
4104module_param_named(unmap_alignment, scsi_debug_unmap_alignment, int, S_IRUGO);
4105module_param_named(unmap_granularity, scsi_debug_unmap_granularity, int, S_IRUGO);
4106module_param_named(unmap_max_blocks, scsi_debug_unmap_max_blocks, int, S_IRUGO);
4107module_param_named(unmap_max_desc, scsi_debug_unmap_max_desc, int, S_IRUGO);
4108module_param_named(virtual_gb, scsi_debug_virtual_gb, int, S_IRUGO | S_IWUSR);
4109module_param_named(vpd_use_hostno, scsi_debug_vpd_use_hostno, int,
4110 S_IRUGO | S_IWUSR);
4111module_param_named(write_same_length, scsi_debug_write_same_length, int,
4112 S_IRUGO | S_IWUSR);
4113
4114MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4115MODULE_DESCRIPTION("SCSI debug adapter driver");
4116MODULE_LICENSE("GPL");
4117MODULE_VERSION(SCSI_DEBUG_VERSION);
4118
4119MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4120MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4121MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4122MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4123MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4124MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4125MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4126MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4127MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4128MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4129MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4130MODULE_PARM_DESC(host_lock, "use host_lock around all commands (def=0)");
4131MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4132MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4133MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4134MODULE_PARM_DESC(lbprz, "unmapped blocks return 0 on read (def=1)");
4135MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4136MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4137MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4138MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4139MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4140MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4141MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4142MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4143MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4144MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4145MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4146MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4147MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4148MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=6[SPC-4])");
4149MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4150MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4151MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4152MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4153MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4154MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4155MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4156MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4157MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4158
4159static char sdebug_info[256];
4160
4161static const char * scsi_debug_info(struct Scsi_Host * shp)
4162{
4163 sprintf(sdebug_info, "scsi_debug, version %s [%s], "
4164 "dev_size_mb=%d, opts=0x%x", SCSI_DEBUG_VERSION,
4165 scsi_debug_version_date, scsi_debug_dev_size_mb,
4166 scsi_debug_opts);
4167 return sdebug_info;
4168}
4169
4170/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4171static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, int length)
4172{
4173 char arr[16];
4174 int opts;
4175 int minLen = length > 15 ? 15 : length;
4176
4177 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4178 return -EACCES;
4179 memcpy(arr, buffer, minLen);
4180 arr[minLen] = '\0';
4181 if (1 != sscanf(arr, "%d", &opts))
4182 return -EINVAL;
4183 scsi_debug_opts = opts;
4184 if (scsi_debug_every_nth != 0)
4185 atomic_set(&sdebug_cmnd_count, 0);
4186 return length;
4187}
4188
4189/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4190 * same for each scsi_debug host (if more than one). Some of the counters
4191 * output are not atomics so might be inaccurate in a busy system. */
4192static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4193{
4194 int f, l;
4195 char b[32];
4196
4197 if (scsi_debug_every_nth > 0)
4198 snprintf(b, sizeof(b), " (curr:%d)",
4199 ((SCSI_DEBUG_OPT_RARE_TSF & scsi_debug_opts) ?
4200 atomic_read(&sdebug_a_tsf) :
4201 atomic_read(&sdebug_cmnd_count)));
4202 else
4203 b[0] = '\0';
4204
4205 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n"
4206 "num_tgts=%d, shared (ram) size=%d MB, opts=0x%x, "
4207 "every_nth=%d%s\n"
4208 "delay=%d, ndelay=%d, max_luns=%d, q_completions=%d\n"
4209 "sector_size=%d bytes, cylinders=%d, heads=%d, sectors=%d\n"
4210 "command aborts=%d; RESETs: device=%d, target=%d, bus=%d, "
4211 "host=%d\ndix_reads=%d dix_writes=%d dif_errors=%d "
4212 "usec_in_jiffy=%lu\n",
4213 SCSI_DEBUG_VERSION, scsi_debug_version_date,
4214 scsi_debug_num_tgts, scsi_debug_dev_size_mb, scsi_debug_opts,
4215 scsi_debug_every_nth, b, scsi_debug_delay, scsi_debug_ndelay,
4216 scsi_debug_max_luns, atomic_read(&sdebug_completions),
4217 scsi_debug_sector_size, sdebug_cylinders_per, sdebug_heads,
4218 sdebug_sectors_per, num_aborts, num_dev_resets,
4219 num_target_resets, num_bus_resets, num_host_resets,
4220 dix_reads, dix_writes, dif_errors, TICK_NSEC / 1000);
4221
4222 f = find_first_bit(queued_in_use_bm, scsi_debug_max_queue);
4223 if (f != scsi_debug_max_queue) {
4224 l = find_last_bit(queued_in_use_bm, scsi_debug_max_queue);
4225 seq_printf(m, " %s BUSY: first,last bits set: %d,%d\n",
4226 "queued_in_use_bm", f, l);
4227 }
4228 return 0;
4229}
4230
4231static ssize_t delay_show(struct device_driver *ddp, char *buf)
4232{
4233 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_delay);
4234}
4235/* Returns -EBUSY if delay is being changed and commands are queued */
4236static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4237 size_t count)
4238{
4239 int delay, res;
4240
4241 if ((count > 0) && (1 == sscanf(buf, "%d", &delay))) {
4242 res = count;
4243 if (scsi_debug_delay != delay) {
4244 unsigned long iflags;
4245 int k;
4246
4247 spin_lock_irqsave(&queued_arr_lock, iflags);
4248 k = find_first_bit(queued_in_use_bm,
4249 scsi_debug_max_queue);
4250 if (k != scsi_debug_max_queue)
4251 res = -EBUSY; /* have queued commands */
4252 else {
4253 scsi_debug_delay = delay;
4254 scsi_debug_ndelay = 0;
4255 }
4256 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4257 }
4258 return res;
4259 }
4260 return -EINVAL;
4261}
4262static DRIVER_ATTR_RW(delay);
4263
4264static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4265{
4266 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ndelay);
4267}
4268/* Returns -EBUSY if ndelay is being changed and commands are queued */
4269/* If > 0 and accepted then scsi_debug_delay is set to DELAY_OVERRIDDEN */
4270static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4271 size_t count)
4272{
4273 unsigned long iflags;
4274 int ndelay, res, k;
4275
4276 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4277 (ndelay >= 0) && (ndelay < 1000000000)) {
4278 res = count;
4279 if (scsi_debug_ndelay != ndelay) {
4280 spin_lock_irqsave(&queued_arr_lock, iflags);
4281 k = find_first_bit(queued_in_use_bm,
4282 scsi_debug_max_queue);
4283 if (k != scsi_debug_max_queue)
4284 res = -EBUSY; /* have queued commands */
4285 else {
4286 scsi_debug_ndelay = ndelay;
4287 scsi_debug_delay = ndelay ? DELAY_OVERRIDDEN
4288 : DEF_DELAY;
4289 }
4290 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4291 }
4292 return res;
4293 }
4294 return -EINVAL;
4295}
4296static DRIVER_ATTR_RW(ndelay);
4297
4298static ssize_t opts_show(struct device_driver *ddp, char *buf)
4299{
4300 return scnprintf(buf, PAGE_SIZE, "0x%x\n", scsi_debug_opts);
4301}
4302
4303static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4304 size_t count)
4305{
4306 int opts;
4307 char work[20];
4308
4309 if (1 == sscanf(buf, "%10s", work)) {
4310 if (0 == strncasecmp(work,"0x", 2)) {
4311 if (1 == sscanf(&work[2], "%x", &opts))
4312 goto opts_done;
4313 } else {
4314 if (1 == sscanf(work, "%d", &opts))
4315 goto opts_done;
4316 }
4317 }
4318 return -EINVAL;
4319opts_done:
4320 scsi_debug_opts = opts;
4321 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
4322 sdebug_any_injecting_opt = true;
4323 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
4324 sdebug_any_injecting_opt = true;
4325 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
4326 sdebug_any_injecting_opt = true;
4327 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
4328 sdebug_any_injecting_opt = true;
4329 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
4330 sdebug_any_injecting_opt = true;
4331 atomic_set(&sdebug_cmnd_count, 0);
4332 atomic_set(&sdebug_a_tsf, 0);
4333 return count;
4334}
4335static DRIVER_ATTR_RW(opts);
4336
4337static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4338{
4339 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ptype);
4340}
4341static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4342 size_t count)
4343{
4344 int n;
4345
4346 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4347 scsi_debug_ptype = n;
4348 return count;
4349 }
4350 return -EINVAL;
4351}
4352static DRIVER_ATTR_RW(ptype);
4353
4354static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4355{
4356 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dsense);
4357}
4358static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4359 size_t count)
4360{
4361 int n;
4362
4363 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4364 scsi_debug_dsense = n;
4365 return count;
4366 }
4367 return -EINVAL;
4368}
4369static DRIVER_ATTR_RW(dsense);
4370
4371static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4372{
4373 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_fake_rw);
4374}
4375static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4376 size_t count)
4377{
4378 int n;
4379
4380 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4381 n = (n > 0);
4382 scsi_debug_fake_rw = (scsi_debug_fake_rw > 0);
4383 if (scsi_debug_fake_rw != n) {
4384 if ((0 == n) && (NULL == fake_storep)) {
4385 unsigned long sz =
4386 (unsigned long)scsi_debug_dev_size_mb *
4387 1048576;
4388
4389 fake_storep = vmalloc(sz);
4390 if (NULL == fake_storep) {
4391 pr_err("out of memory, 9\n");
4392 return -ENOMEM;
4393 }
4394 memset(fake_storep, 0, sz);
4395 }
4396 scsi_debug_fake_rw = n;
4397 }
4398 return count;
4399 }
4400 return -EINVAL;
4401}
4402static DRIVER_ATTR_RW(fake_rw);
4403
4404static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4405{
4406 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_no_lun_0);
4407}
4408static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4409 size_t count)
4410{
4411 int n;
4412
4413 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4414 scsi_debug_no_lun_0 = n;
4415 return count;
4416 }
4417 return -EINVAL;
4418}
4419static DRIVER_ATTR_RW(no_lun_0);
4420
4421static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4422{
4423 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_tgts);
4424}
4425static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4426 size_t count)
4427{
4428 int n;
4429
4430 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4431 scsi_debug_num_tgts = n;
4432 sdebug_max_tgts_luns();
4433 return count;
4434 }
4435 return -EINVAL;
4436}
4437static DRIVER_ATTR_RW(num_tgts);
4438
4439static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4440{
4441 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dev_size_mb);
4442}
4443static DRIVER_ATTR_RO(dev_size_mb);
4444
4445static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4446{
4447 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_parts);
4448}
4449static DRIVER_ATTR_RO(num_parts);
4450
4451static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4452{
4453 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_every_nth);
4454}
4455static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4456 size_t count)
4457{
4458 int nth;
4459
4460 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4461 scsi_debug_every_nth = nth;
4462 atomic_set(&sdebug_cmnd_count, 0);
4463 return count;
4464 }
4465 return -EINVAL;
4466}
4467static DRIVER_ATTR_RW(every_nth);
4468
4469static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4470{
4471 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_max_luns);
4472}
4473static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4474 size_t count)
4475{
4476 int n;
4477 bool changed;
4478
4479 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4480 changed = (scsi_debug_max_luns != n);
4481 scsi_debug_max_luns = n;
4482 sdebug_max_tgts_luns();
4483 if (changed && (scsi_debug_scsi_level >= 5)) { /* >= SPC-3 */
4484 struct sdebug_host_info *sdhp;
4485 struct sdebug_dev_info *dp;
4486
4487 spin_lock(&sdebug_host_list_lock);
4488 list_for_each_entry(sdhp, &sdebug_host_list,
4489 host_list) {
4490 list_for_each_entry(dp, &sdhp->dev_info_list,
4491 dev_list) {
4492 set_bit(SDEBUG_UA_LUNS_CHANGED,
4493 dp->uas_bm);
4494 }
4495 }
4496 spin_unlock(&sdebug_host_list_lock);
4497 }
4498 return count;
4499 }
4500 return -EINVAL;
4501}
4502static DRIVER_ATTR_RW(max_luns);
4503
4504static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4505{
4506 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_max_queue);
4507}
4508/* N.B. max_queue can be changed while there are queued commands. In flight
4509 * commands beyond the new max_queue will be completed. */
4510static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4511 size_t count)
4512{
4513 unsigned long iflags;
4514 int n, k;
4515
4516 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4517 (n <= SCSI_DEBUG_CANQUEUE)) {
4518 spin_lock_irqsave(&queued_arr_lock, iflags);
4519 k = find_last_bit(queued_in_use_bm, SCSI_DEBUG_CANQUEUE);
4520 scsi_debug_max_queue = n;
4521 if (SCSI_DEBUG_CANQUEUE == k)
4522 atomic_set(&retired_max_queue, 0);
4523 else if (k >= n)
4524 atomic_set(&retired_max_queue, k + 1);
4525 else
4526 atomic_set(&retired_max_queue, 0);
4527 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4528 return count;
4529 }
4530 return -EINVAL;
4531}
4532static DRIVER_ATTR_RW(max_queue);
4533
4534static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4535{
4536 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_no_uld);
4537}
4538static DRIVER_ATTR_RO(no_uld);
4539
4540static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4541{
4542 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_scsi_level);
4543}
4544static DRIVER_ATTR_RO(scsi_level);
4545
4546static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4547{
4548 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_virtual_gb);
4549}
4550static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4551 size_t count)
4552{
4553 int n;
4554 bool changed;
4555
4556 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4557 changed = (scsi_debug_virtual_gb != n);
4558 scsi_debug_virtual_gb = n;
4559 sdebug_capacity = get_sdebug_capacity();
4560 if (changed) {
4561 struct sdebug_host_info *sdhp;
4562 struct sdebug_dev_info *dp;
4563
4564 spin_lock(&sdebug_host_list_lock);
4565 list_for_each_entry(sdhp, &sdebug_host_list,
4566 host_list) {
4567 list_for_each_entry(dp, &sdhp->dev_info_list,
4568 dev_list) {
4569 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4570 dp->uas_bm);
4571 }
4572 }
4573 spin_unlock(&sdebug_host_list_lock);
4574 }
4575 return count;
4576 }
4577 return -EINVAL;
4578}
4579static DRIVER_ATTR_RW(virtual_gb);
4580
4581static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4582{
4583 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_add_host);
4584}
4585
4586static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4587 size_t count)
4588{
4589 int delta_hosts;
4590
4591 if (sscanf(buf, "%d", &delta_hosts) != 1)
4592 return -EINVAL;
4593 if (delta_hosts > 0) {
4594 do {
4595 sdebug_add_adapter();
4596 } while (--delta_hosts);
4597 } else if (delta_hosts < 0) {
4598 do {
4599 sdebug_remove_adapter();
4600 } while (++delta_hosts);
4601 }
4602 return count;
4603}
4604static DRIVER_ATTR_RW(add_host);
4605
4606static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
4607{
4608 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_vpd_use_hostno);
4609}
4610static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
4611 size_t count)
4612{
4613 int n;
4614
4615 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4616 scsi_debug_vpd_use_hostno = n;
4617 return count;
4618 }
4619 return -EINVAL;
4620}
4621static DRIVER_ATTR_RW(vpd_use_hostno);
4622
4623static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
4624{
4625 return scnprintf(buf, PAGE_SIZE, "%u\n", scsi_debug_sector_size);
4626}
4627static DRIVER_ATTR_RO(sector_size);
4628
4629static ssize_t dix_show(struct device_driver *ddp, char *buf)
4630{
4631 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dix);
4632}
4633static DRIVER_ATTR_RO(dix);
4634
4635static ssize_t dif_show(struct device_driver *ddp, char *buf)
4636{
4637 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dif);
4638}
4639static DRIVER_ATTR_RO(dif);
4640
4641static ssize_t guard_show(struct device_driver *ddp, char *buf)
4642{
4643 return scnprintf(buf, PAGE_SIZE, "%u\n", scsi_debug_guard);
4644}
4645static DRIVER_ATTR_RO(guard);
4646
4647static ssize_t ato_show(struct device_driver *ddp, char *buf)
4648{
4649 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ato);
4650}
4651static DRIVER_ATTR_RO(ato);
4652
4653static ssize_t map_show(struct device_driver *ddp, char *buf)
4654{
4655 ssize_t count;
4656
4657 if (!scsi_debug_lbp())
4658 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
4659 sdebug_store_sectors);
4660
4661 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
4662 (int)map_size, map_storep);
4663 buf[count++] = '\n';
4664 buf[count] = '\0';
4665
4666 return count;
4667}
4668static DRIVER_ATTR_RO(map);
4669
4670static ssize_t removable_show(struct device_driver *ddp, char *buf)
4671{
4672 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_removable ? 1 : 0);
4673}
4674static ssize_t removable_store(struct device_driver *ddp, const char *buf,
4675 size_t count)
4676{
4677 int n;
4678
4679 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4680 scsi_debug_removable = (n > 0);
4681 return count;
4682 }
4683 return -EINVAL;
4684}
4685static DRIVER_ATTR_RW(removable);
4686
4687static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
4688{
4689 return scnprintf(buf, PAGE_SIZE, "%d\n", !!scsi_debug_host_lock);
4690}
4691/* Returns -EBUSY if host_lock is being changed and commands are queued */
4692static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
4693 size_t count)
4694{
4695 int n, res;
4696
4697 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4698 bool new_host_lock = (n > 0);
4699
4700 res = count;
4701 if (new_host_lock != scsi_debug_host_lock) {
4702 unsigned long iflags;
4703 int k;
4704
4705 spin_lock_irqsave(&queued_arr_lock, iflags);
4706 k = find_first_bit(queued_in_use_bm,
4707 scsi_debug_max_queue);
4708 if (k != scsi_debug_max_queue)
4709 res = -EBUSY; /* have queued commands */
4710 else
4711 scsi_debug_host_lock = new_host_lock;
4712 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4713 }
4714 return res;
4715 }
4716 return -EINVAL;
4717}
4718static DRIVER_ATTR_RW(host_lock);
4719
4720static ssize_t strict_show(struct device_driver *ddp, char *buf)
4721{
4722 return scnprintf(buf, PAGE_SIZE, "%d\n", !!scsi_debug_strict);
4723}
4724static ssize_t strict_store(struct device_driver *ddp, const char *buf,
4725 size_t count)
4726{
4727 int n;
4728
4729 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4730 scsi_debug_strict = (n > 0);
4731 return count;
4732 }
4733 return -EINVAL;
4734}
4735static DRIVER_ATTR_RW(strict);
4736
4737
4738/* Note: The following array creates attribute files in the
4739 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
4740 files (over those found in the /sys/module/scsi_debug/parameters
4741 directory) is that auxiliary actions can be triggered when an attribute
4742 is changed. For example see: sdebug_add_host_store() above.
4743 */
4744
4745static struct attribute *sdebug_drv_attrs[] = {
4746 &driver_attr_delay.attr,
4747 &driver_attr_opts.attr,
4748 &driver_attr_ptype.attr,
4749 &driver_attr_dsense.attr,
4750 &driver_attr_fake_rw.attr,
4751 &driver_attr_no_lun_0.attr,
4752 &driver_attr_num_tgts.attr,
4753 &driver_attr_dev_size_mb.attr,
4754 &driver_attr_num_parts.attr,
4755 &driver_attr_every_nth.attr,
4756 &driver_attr_max_luns.attr,
4757 &driver_attr_max_queue.attr,
4758 &driver_attr_no_uld.attr,
4759 &driver_attr_scsi_level.attr,
4760 &driver_attr_virtual_gb.attr,
4761 &driver_attr_add_host.attr,
4762 &driver_attr_vpd_use_hostno.attr,
4763 &driver_attr_sector_size.attr,
4764 &driver_attr_dix.attr,
4765 &driver_attr_dif.attr,
4766 &driver_attr_guard.attr,
4767 &driver_attr_ato.attr,
4768 &driver_attr_map.attr,
4769 &driver_attr_removable.attr,
4770 &driver_attr_host_lock.attr,
4771 &driver_attr_ndelay.attr,
4772 &driver_attr_strict.attr,
4773 NULL,
4774};
4775ATTRIBUTE_GROUPS(sdebug_drv);
4776
4777static struct device *pseudo_primary;
4778
4779static int __init scsi_debug_init(void)
4780{
4781 unsigned long sz;
4782 int host_to_add;
4783 int k;
4784 int ret;
4785
4786 atomic_set(&sdebug_cmnd_count, 0);
4787 atomic_set(&sdebug_completions, 0);
4788 atomic_set(&retired_max_queue, 0);
4789
4790 if (scsi_debug_ndelay >= 1000000000) {
4791 pr_warn("ndelay must be less than 1 second, ignored\n");
4792 scsi_debug_ndelay = 0;
4793 } else if (scsi_debug_ndelay > 0)
4794 scsi_debug_delay = DELAY_OVERRIDDEN;
4795
4796 switch (scsi_debug_sector_size) {
4797 case 512:
4798 case 1024:
4799 case 2048:
4800 case 4096:
4801 break;
4802 default:
4803 pr_err("invalid sector_size %d\n", scsi_debug_sector_size);
4804 return -EINVAL;
4805 }
4806
4807 switch (scsi_debug_dif) {
4808
4809 case SD_DIF_TYPE0_PROTECTION:
4810 case SD_DIF_TYPE1_PROTECTION:
4811 case SD_DIF_TYPE2_PROTECTION:
4812 case SD_DIF_TYPE3_PROTECTION:
4813 break;
4814
4815 default:
4816 pr_err("dif must be 0, 1, 2 or 3\n");
4817 return -EINVAL;
4818 }
4819
4820 if (scsi_debug_guard > 1) {
4821 pr_err("guard must be 0 or 1\n");
4822 return -EINVAL;
4823 }
4824
4825 if (scsi_debug_ato > 1) {
4826 pr_err("ato must be 0 or 1\n");
4827 return -EINVAL;
4828 }
4829
4830 if (scsi_debug_physblk_exp > 15) {
4831 pr_err("invalid physblk_exp %u\n", scsi_debug_physblk_exp);
4832 return -EINVAL;
4833 }
4834
4835 if (scsi_debug_lowest_aligned > 0x3fff) {
4836 pr_err("lowest_aligned too big: %u\n",
4837 scsi_debug_lowest_aligned);
4838 return -EINVAL;
4839 }
4840
4841 if (scsi_debug_dev_size_mb < 1)
4842 scsi_debug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
4843 sz = (unsigned long)scsi_debug_dev_size_mb * 1048576;
4844 sdebug_store_sectors = sz / scsi_debug_sector_size;
4845 sdebug_capacity = get_sdebug_capacity();
4846
4847 /* play around with geometry, don't waste too much on track 0 */
4848 sdebug_heads = 8;
4849 sdebug_sectors_per = 32;
4850 if (scsi_debug_dev_size_mb >= 256)
4851 sdebug_heads = 64;
4852 else if (scsi_debug_dev_size_mb >= 16)
4853 sdebug_heads = 32;
4854 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
4855 (sdebug_sectors_per * sdebug_heads);
4856 if (sdebug_cylinders_per >= 1024) {
4857 /* other LLDs do this; implies >= 1GB ram disk ... */
4858 sdebug_heads = 255;
4859 sdebug_sectors_per = 63;
4860 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
4861 (sdebug_sectors_per * sdebug_heads);
4862 }
4863
4864 if (0 == scsi_debug_fake_rw) {
4865 fake_storep = vmalloc(sz);
4866 if (NULL == fake_storep) {
4867 pr_err("out of memory, 1\n");
4868 return -ENOMEM;
4869 }
4870 memset(fake_storep, 0, sz);
4871 if (scsi_debug_num_parts > 0)
4872 sdebug_build_parts(fake_storep, sz);
4873 }
4874
4875 if (scsi_debug_dix) {
4876 int dif_size;
4877
4878 dif_size = sdebug_store_sectors * sizeof(struct sd_dif_tuple);
4879 dif_storep = vmalloc(dif_size);
4880
4881 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
4882
4883 if (dif_storep == NULL) {
4884 pr_err("out of mem. (DIX)\n");
4885 ret = -ENOMEM;
4886 goto free_vm;
4887 }
4888
4889 memset(dif_storep, 0xff, dif_size);
4890 }
4891
4892 /* Logical Block Provisioning */
4893 if (scsi_debug_lbp()) {
4894 scsi_debug_unmap_max_blocks =
4895 clamp(scsi_debug_unmap_max_blocks, 0U, 0xffffffffU);
4896
4897 scsi_debug_unmap_max_desc =
4898 clamp(scsi_debug_unmap_max_desc, 0U, 256U);
4899
4900 scsi_debug_unmap_granularity =
4901 clamp(scsi_debug_unmap_granularity, 1U, 0xffffffffU);
4902
4903 if (scsi_debug_unmap_alignment &&
4904 scsi_debug_unmap_granularity <=
4905 scsi_debug_unmap_alignment) {
4906 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
4907 return -EINVAL;
4908 }
4909
4910 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
4911 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
4912
4913 pr_info("%lu provisioning blocks\n", map_size);
4914
4915 if (map_storep == NULL) {
4916 pr_err("out of mem. (MAP)\n");
4917 ret = -ENOMEM;
4918 goto free_vm;
4919 }
4920
4921 bitmap_zero(map_storep, map_size);
4922
4923 /* Map first 1KB for partition table */
4924 if (scsi_debug_num_parts)
4925 map_region(0, 2);
4926 }
4927
4928 pseudo_primary = root_device_register("pseudo_0");
4929 if (IS_ERR(pseudo_primary)) {
4930 pr_warn("root_device_register() error\n");
4931 ret = PTR_ERR(pseudo_primary);
4932 goto free_vm;
4933 }
4934 ret = bus_register(&pseudo_lld_bus);
4935 if (ret < 0) {
4936 pr_warn("bus_register error: %d\n", ret);
4937 goto dev_unreg;
4938 }
4939 ret = driver_register(&sdebug_driverfs_driver);
4940 if (ret < 0) {
4941 pr_warn("driver_register error: %d\n", ret);
4942 goto bus_unreg;
4943 }
4944
4945 host_to_add = scsi_debug_add_host;
4946 scsi_debug_add_host = 0;
4947
4948 for (k = 0; k < host_to_add; k++) {
4949 if (sdebug_add_adapter()) {
4950 pr_err("sdebug_add_adapter failed k=%d\n", k);
4951 break;
4952 }
4953 }
4954
4955 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
4956 pr_info("built %d host(s)\n", scsi_debug_add_host);
4957
4958 return 0;
4959
4960bus_unreg:
4961 bus_unregister(&pseudo_lld_bus);
4962dev_unreg:
4963 root_device_unregister(pseudo_primary);
4964free_vm:
4965 vfree(map_storep);
4966 vfree(dif_storep);
4967 vfree(fake_storep);
4968
4969 return ret;
4970}
4971
4972static void __exit scsi_debug_exit(void)
4973{
4974 int k = scsi_debug_add_host;
4975
4976 stop_all_queued();
4977 free_all_queued();
4978 for (; k; k--)
4979 sdebug_remove_adapter();
4980 driver_unregister(&sdebug_driverfs_driver);
4981 bus_unregister(&pseudo_lld_bus);
4982 root_device_unregister(pseudo_primary);
4983
4984 vfree(dif_storep);
4985 vfree(fake_storep);
4986}
4987
4988device_initcall(scsi_debug_init);
4989module_exit(scsi_debug_exit);
4990
4991static void sdebug_release_adapter(struct device * dev)
4992{
4993 struct sdebug_host_info *sdbg_host;
4994
4995 sdbg_host = to_sdebug_host(dev);
4996 kfree(sdbg_host);
4997}
4998
4999static int sdebug_add_adapter(void)
5000{
5001 int k, devs_per_host;
5002 int error = 0;
5003 struct sdebug_host_info *sdbg_host;
5004 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5005
5006 sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL);
5007 if (NULL == sdbg_host) {
5008 pr_err("out of memory at line %d\n", __LINE__);
5009 return -ENOMEM;
5010 }
5011
5012 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5013
5014 devs_per_host = scsi_debug_num_tgts * scsi_debug_max_luns;
5015 for (k = 0; k < devs_per_host; k++) {
5016 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5017 if (!sdbg_devinfo) {
5018 pr_err("out of memory at line %d\n", __LINE__);
5019 error = -ENOMEM;
5020 goto clean;
5021 }
5022 }
5023
5024 spin_lock(&sdebug_host_list_lock);
5025 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5026 spin_unlock(&sdebug_host_list_lock);
5027
5028 sdbg_host->dev.bus = &pseudo_lld_bus;
5029 sdbg_host->dev.parent = pseudo_primary;
5030 sdbg_host->dev.release = &sdebug_release_adapter;
5031 dev_set_name(&sdbg_host->dev, "adapter%d", scsi_debug_add_host);
5032
5033 error = device_register(&sdbg_host->dev);
5034
5035 if (error)
5036 goto clean;
5037
5038 ++scsi_debug_add_host;
5039 return error;
5040
5041clean:
5042 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5043 dev_list) {
5044 list_del(&sdbg_devinfo->dev_list);
5045 kfree(sdbg_devinfo);
5046 }
5047
5048 kfree(sdbg_host);
5049 return error;
5050}
5051
5052static void sdebug_remove_adapter(void)
5053{
5054 struct sdebug_host_info * sdbg_host = NULL;
5055
5056 spin_lock(&sdebug_host_list_lock);
5057 if (!list_empty(&sdebug_host_list)) {
5058 sdbg_host = list_entry(sdebug_host_list.prev,
5059 struct sdebug_host_info, host_list);
5060 list_del(&sdbg_host->host_list);
5061 }
5062 spin_unlock(&sdebug_host_list_lock);
5063
5064 if (!sdbg_host)
5065 return;
5066
5067 device_unregister(&sdbg_host->dev);
5068 --scsi_debug_add_host;
5069}
5070
5071static int
5072sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5073{
5074 int num_in_q = 0;
5075 unsigned long iflags;
5076 struct sdebug_dev_info *devip;
5077
5078 spin_lock_irqsave(&queued_arr_lock, iflags);
5079 devip = (struct sdebug_dev_info *)sdev->hostdata;
5080 if (NULL == devip) {
5081 spin_unlock_irqrestore(&queued_arr_lock, iflags);
5082 return -ENODEV;
5083 }
5084 num_in_q = atomic_read(&devip->num_in_q);
5085 spin_unlock_irqrestore(&queued_arr_lock, iflags);
5086
5087 if (qdepth < 1)
5088 qdepth = 1;
5089 /* allow to exceed max host queued_arr elements for testing */
5090 if (qdepth > SCSI_DEBUG_CANQUEUE + 10)
5091 qdepth = SCSI_DEBUG_CANQUEUE + 10;
5092 scsi_change_queue_depth(sdev, qdepth);
5093
5094 if (SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts) {
5095 sdev_printk(KERN_INFO, sdev,
5096 "%s: qdepth=%d, num_in_q=%d\n",
5097 __func__, qdepth, num_in_q);
5098 }
5099 return sdev->queue_depth;
5100}
5101
5102static int
5103check_inject(struct scsi_cmnd *scp)
5104{
5105 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
5106
5107 memset(ep, 0, sizeof(struct sdebug_scmd_extra_t));
5108
5109 if (atomic_inc_return(&sdebug_cmnd_count) >=
5110 abs(scsi_debug_every_nth)) {
5111 atomic_set(&sdebug_cmnd_count, 0);
5112 if (scsi_debug_every_nth < -1)
5113 scsi_debug_every_nth = -1;
5114 if (SCSI_DEBUG_OPT_TIMEOUT & scsi_debug_opts)
5115 return 1; /* ignore command causing timeout */
5116 else if (SCSI_DEBUG_OPT_MAC_TIMEOUT & scsi_debug_opts &&
5117 scsi_medium_access_command(scp))
5118 return 1; /* time out reads and writes */
5119 if (sdebug_any_injecting_opt) {
5120 int opts = scsi_debug_opts;
5121
5122 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
5123 ep->inj_recovered = true;
5124 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
5125 ep->inj_transport = true;
5126 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
5127 ep->inj_dif = true;
5128 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
5129 ep->inj_dix = true;
5130 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
5131 ep->inj_short = true;
5132 }
5133 }
5134 return 0;
5135}
5136
5137static int
5138scsi_debug_queuecommand(struct scsi_cmnd *scp)
5139{
5140 u8 sdeb_i;
5141 struct scsi_device *sdp = scp->device;
5142 const struct opcode_info_t *oip;
5143 const struct opcode_info_t *r_oip;
5144 struct sdebug_dev_info *devip;
5145 u8 *cmd = scp->cmnd;
5146 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5147 int k, na;
5148 int errsts = 0;
5149 int errsts_no_connect = DID_NO_CONNECT << 16;
5150 u32 flags;
5151 u16 sa;
5152 u8 opcode = cmd[0];
5153 bool has_wlun_rl;
5154 bool debug = !!(SCSI_DEBUG_OPT_NOISE & scsi_debug_opts);
5155
5156 scsi_set_resid(scp, 0);
5157 if (debug && !(SCSI_DEBUG_OPT_NO_CDB_NOISE & scsi_debug_opts)) {
5158 char b[120];
5159 int n, len, sb;
5160
5161 len = scp->cmd_len;
5162 sb = (int)sizeof(b);
5163 if (len > 32)
5164 strcpy(b, "too long, over 32 bytes");
5165 else {
5166 for (k = 0, n = 0; k < len && n < sb; ++k)
5167 n += scnprintf(b + n, sb - n, "%02x ",
5168 (u32)cmd[k]);
5169 }
5170 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name, b);
5171 }
5172 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5173 if ((sdp->lun >= scsi_debug_max_luns) && !has_wlun_rl)
5174 return schedule_resp(scp, NULL, errsts_no_connect, 0);
5175
5176 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5177 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5178 devip = (struct sdebug_dev_info *)sdp->hostdata;
5179 if (!devip) {
5180 devip = devInfoReg(sdp);
5181 if (NULL == devip)
5182 return schedule_resp(scp, NULL, errsts_no_connect, 0);
5183 }
5184 na = oip->num_attached;
5185 r_pfp = oip->pfp;
5186 if (na) { /* multiple commands with this opcode */
5187 r_oip = oip;
5188 if (FF_SA & r_oip->flags) {
5189 if (F_SA_LOW & oip->flags)
5190 sa = 0x1f & cmd[1];
5191 else
5192 sa = get_unaligned_be16(cmd + 8);
5193 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5194 if (opcode == oip->opcode && sa == oip->sa)
5195 break;
5196 }
5197 } else { /* since no service action only check opcode */
5198 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5199 if (opcode == oip->opcode)
5200 break;
5201 }
5202 }
5203 if (k > na) {
5204 if (F_SA_LOW & r_oip->flags)
5205 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5206 else if (F_SA_HIGH & r_oip->flags)
5207 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5208 else
5209 mk_sense_invalid_opcode(scp);
5210 goto check_cond;
5211 }
5212 } /* else (when na==0) we assume the oip is a match */
5213 flags = oip->flags;
5214 if (F_INV_OP & flags) {
5215 mk_sense_invalid_opcode(scp);
5216 goto check_cond;
5217 }
5218 if (has_wlun_rl && !(F_RL_WLUN_OK & flags)) {
5219 if (debug)
5220 sdev_printk(KERN_INFO, sdp, "scsi_debug: Opcode: "
5221 "0x%x not supported for wlun\n", opcode);
5222 mk_sense_invalid_opcode(scp);
5223 goto check_cond;
5224 }
5225 if (scsi_debug_strict) { /* check cdb against mask */
5226 u8 rem;
5227 int j;
5228
5229 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5230 rem = ~oip->len_mask[k] & cmd[k];
5231 if (rem) {
5232 for (j = 7; j >= 0; --j, rem <<= 1) {
5233 if (0x80 & rem)
5234 break;
5235 }
5236 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5237 goto check_cond;
5238 }
5239 }
5240 }
5241 if (!(F_SKIP_UA & flags) &&
5242 SDEBUG_NUM_UAS != find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS)) {
5243 errsts = check_readiness(scp, UAS_ONLY, devip);
5244 if (errsts)
5245 goto check_cond;
5246 }
5247 if ((F_M_ACCESS & flags) && devip->stopped) {
5248 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5249 if (debug)
5250 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5251 "%s\n", my_name, "initializing command "
5252 "required");
5253 errsts = check_condition_result;
5254 goto fini;
5255 }
5256 if (scsi_debug_fake_rw && (F_FAKE_RW & flags))
5257 goto fini;
5258 if (scsi_debug_every_nth) {
5259 if (check_inject(scp))
5260 return 0; /* ignore command: make trouble */
5261 }
5262 if (oip->pfp) /* if this command has a resp_* function, call it */
5263 errsts = oip->pfp(scp, devip);
5264 else if (r_pfp) /* if leaf function ptr NULL, try the root's */
5265 errsts = r_pfp(scp, devip);
5266
5267fini:
5268 return schedule_resp(scp, devip, errsts,
5269 ((F_DELAY_OVERR & flags) ? 0 : scsi_debug_delay));
5270check_cond:
5271 return schedule_resp(scp, devip, check_condition_result, 0);
5272}
5273
5274static int
5275sdebug_queuecommand_lock_or_not(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
5276{
5277 if (scsi_debug_host_lock) {
5278 unsigned long iflags;
5279 int rc;
5280
5281 spin_lock_irqsave(shost->host_lock, iflags);
5282 rc = scsi_debug_queuecommand(cmd);
5283 spin_unlock_irqrestore(shost->host_lock, iflags);
5284 return rc;
5285 } else
5286 return scsi_debug_queuecommand(cmd);
5287}
5288
5289static struct scsi_host_template sdebug_driver_template = {
5290 .show_info = scsi_debug_show_info,
5291 .write_info = scsi_debug_write_info,
5292 .proc_name = sdebug_proc_name,
5293 .name = "SCSI DEBUG",
5294 .info = scsi_debug_info,
5295 .slave_alloc = scsi_debug_slave_alloc,
5296 .slave_configure = scsi_debug_slave_configure,
5297 .slave_destroy = scsi_debug_slave_destroy,
5298 .ioctl = scsi_debug_ioctl,
5299 .queuecommand = sdebug_queuecommand_lock_or_not,
5300 .change_queue_depth = sdebug_change_qdepth,
5301 .eh_abort_handler = scsi_debug_abort,
5302 .eh_device_reset_handler = scsi_debug_device_reset,
5303 .eh_target_reset_handler = scsi_debug_target_reset,
5304 .eh_bus_reset_handler = scsi_debug_bus_reset,
5305 .eh_host_reset_handler = scsi_debug_host_reset,
5306 .can_queue = SCSI_DEBUG_CANQUEUE,
5307 .this_id = 7,
5308 .sg_tablesize = SCSI_MAX_SG_CHAIN_SEGMENTS,
5309 .cmd_per_lun = DEF_CMD_PER_LUN,
5310 .max_sectors = -1U,
5311 .use_clustering = DISABLE_CLUSTERING,
5312 .module = THIS_MODULE,
5313 .track_queue_depth = 1,
5314 .cmd_size = sizeof(struct sdebug_scmd_extra_t),
5315};
5316
5317static int sdebug_driver_probe(struct device * dev)
5318{
5319 int error = 0;
5320 int opts;
5321 struct sdebug_host_info *sdbg_host;
5322 struct Scsi_Host *hpnt;
5323 int host_prot;
5324
5325 sdbg_host = to_sdebug_host(dev);
5326
5327 sdebug_driver_template.can_queue = scsi_debug_max_queue;
5328 if (scsi_debug_clustering)
5329 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5330 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5331 if (NULL == hpnt) {
5332 pr_err("scsi_host_alloc failed\n");
5333 error = -ENODEV;
5334 return error;
5335 }
5336
5337 sdbg_host->shost = hpnt;
5338 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5339 if ((hpnt->this_id >= 0) && (scsi_debug_num_tgts > hpnt->this_id))
5340 hpnt->max_id = scsi_debug_num_tgts + 1;
5341 else
5342 hpnt->max_id = scsi_debug_num_tgts;
5343 /* = scsi_debug_max_luns; */
5344 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5345
5346 host_prot = 0;
5347
5348 switch (scsi_debug_dif) {
5349
5350 case SD_DIF_TYPE1_PROTECTION:
5351 host_prot = SHOST_DIF_TYPE1_PROTECTION;
5352 if (scsi_debug_dix)
5353 host_prot |= SHOST_DIX_TYPE1_PROTECTION;
5354 break;
5355
5356 case SD_DIF_TYPE2_PROTECTION:
5357 host_prot = SHOST_DIF_TYPE2_PROTECTION;
5358 if (scsi_debug_dix)
5359 host_prot |= SHOST_DIX_TYPE2_PROTECTION;
5360 break;
5361
5362 case SD_DIF_TYPE3_PROTECTION:
5363 host_prot = SHOST_DIF_TYPE3_PROTECTION;
5364 if (scsi_debug_dix)
5365 host_prot |= SHOST_DIX_TYPE3_PROTECTION;
5366 break;
5367
5368 default:
5369 if (scsi_debug_dix)
5370 host_prot |= SHOST_DIX_TYPE0_PROTECTION;
5371 break;
5372 }
5373
5374 scsi_host_set_prot(hpnt, host_prot);
5375
5376 pr_info("host protection%s%s%s%s%s%s%s\n",
5377 (host_prot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5378 (host_prot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5379 (host_prot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5380 (host_prot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5381 (host_prot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5382 (host_prot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5383 (host_prot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5384
5385 if (scsi_debug_guard == 1)
5386 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5387 else
5388 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5389
5390 opts = scsi_debug_opts;
5391 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
5392 sdebug_any_injecting_opt = true;
5393 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
5394 sdebug_any_injecting_opt = true;
5395 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
5396 sdebug_any_injecting_opt = true;
5397 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
5398 sdebug_any_injecting_opt = true;
5399 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
5400 sdebug_any_injecting_opt = true;
5401
5402 error = scsi_add_host(hpnt, &sdbg_host->dev);
5403 if (error) {
5404 pr_err("scsi_add_host failed\n");
5405 error = -ENODEV;
5406 scsi_host_put(hpnt);
5407 } else
5408 scsi_scan_host(hpnt);
5409
5410 return error;
5411}
5412
5413static int sdebug_driver_remove(struct device * dev)
5414{
5415 struct sdebug_host_info *sdbg_host;
5416 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5417
5418 sdbg_host = to_sdebug_host(dev);
5419
5420 if (!sdbg_host) {
5421 pr_err("Unable to locate host info\n");
5422 return -ENODEV;
5423 }
5424
5425 scsi_remove_host(sdbg_host->shost);
5426
5427 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5428 dev_list) {
5429 list_del(&sdbg_devinfo->dev_list);
5430 kfree(sdbg_devinfo);
5431 }
5432
5433 scsi_host_put(sdbg_host->shost);
5434 return 0;
5435}
5436
5437static int pseudo_lld_bus_match(struct device *dev,
5438 struct device_driver *dev_driver)
5439{
5440 return 1;
5441}
5442
5443static struct bus_type pseudo_lld_bus = {
5444 .name = "pseudo",
5445 .match = pseudo_lld_bus_match,
5446 .probe = sdebug_driver_probe,
5447 .remove = sdebug_driver_remove,
5448 .drv_groups = sdebug_drv_groups,
5449};
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2018 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/sdebug26.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/genhd.h>
27#include <linux/fs.h>
28#include <linux/init.h>
29#include <linux/proc_fs.h>
30#include <linux/vmalloc.h>
31#include <linux/moduleparam.h>
32#include <linux/scatterlist.h>
33#include <linux/blkdev.h>
34#include <linux/crc-t10dif.h>
35#include <linux/spinlock.h>
36#include <linux/interrupt.h>
37#include <linux/atomic.h>
38#include <linux/hrtimer.h>
39#include <linux/uuid.h>
40#include <linux/t10-pi.h>
41
42#include <net/checksum.h>
43
44#include <asm/unaligned.h>
45
46#include <scsi/scsi.h>
47#include <scsi/scsi_cmnd.h>
48#include <scsi/scsi_device.h>
49#include <scsi/scsi_host.h>
50#include <scsi/scsicam.h>
51#include <scsi/scsi_eh.h>
52#include <scsi/scsi_tcq.h>
53#include <scsi/scsi_dbg.h>
54
55#include "sd.h"
56#include "scsi_logging.h"
57
58/* make sure inq_product_rev string corresponds to this version */
59#define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
60static const char *sdebug_version_date = "20190125";
61
62#define MY_NAME "scsi_debug"
63
64/* Additional Sense Code (ASC) */
65#define NO_ADDITIONAL_SENSE 0x0
66#define LOGICAL_UNIT_NOT_READY 0x4
67#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
68#define UNRECOVERED_READ_ERR 0x11
69#define PARAMETER_LIST_LENGTH_ERR 0x1a
70#define INVALID_OPCODE 0x20
71#define LBA_OUT_OF_RANGE 0x21
72#define INVALID_FIELD_IN_CDB 0x24
73#define INVALID_FIELD_IN_PARAM_LIST 0x26
74#define WRITE_PROTECTED 0x27
75#define UA_RESET_ASC 0x29
76#define UA_CHANGED_ASC 0x2a
77#define TARGET_CHANGED_ASC 0x3f
78#define LUNS_CHANGED_ASCQ 0x0e
79#define INSUFF_RES_ASC 0x55
80#define INSUFF_RES_ASCQ 0x3
81#define POWER_ON_RESET_ASCQ 0x0
82#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
83#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
84#define CAPACITY_CHANGED_ASCQ 0x9
85#define SAVING_PARAMS_UNSUP 0x39
86#define TRANSPORT_PROBLEM 0x4b
87#define THRESHOLD_EXCEEDED 0x5d
88#define LOW_POWER_COND_ON 0x5e
89#define MISCOMPARE_VERIFY_ASC 0x1d
90#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
91#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
92#define WRITE_ERROR_ASC 0xc
93
94/* Additional Sense Code Qualifier (ASCQ) */
95#define ACK_NAK_TO 0x3
96
97/* Default values for driver parameters */
98#define DEF_NUM_HOST 1
99#define DEF_NUM_TGTS 1
100#define DEF_MAX_LUNS 1
101/* With these defaults, this driver will make 1 host with 1 target
102 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
103 */
104#define DEF_ATO 1
105#define DEF_CDB_LEN 10
106#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
107#define DEF_DEV_SIZE_MB 8
108#define DEF_DIF 0
109#define DEF_DIX 0
110#define DEF_D_SENSE 0
111#define DEF_EVERY_NTH 0
112#define DEF_FAKE_RW 0
113#define DEF_GUARD 0
114#define DEF_HOST_LOCK 0
115#define DEF_LBPU 0
116#define DEF_LBPWS 0
117#define DEF_LBPWS10 0
118#define DEF_LBPRZ 1
119#define DEF_LOWEST_ALIGNED 0
120#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
121#define DEF_NO_LUN_0 0
122#define DEF_NUM_PARTS 0
123#define DEF_OPTS 0
124#define DEF_OPT_BLKS 1024
125#define DEF_PHYSBLK_EXP 0
126#define DEF_OPT_XFERLEN_EXP 0
127#define DEF_PTYPE TYPE_DISK
128#define DEF_REMOVABLE false
129#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
130#define DEF_SECTOR_SIZE 512
131#define DEF_UNMAP_ALIGNMENT 0
132#define DEF_UNMAP_GRANULARITY 1
133#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
134#define DEF_UNMAP_MAX_DESC 256
135#define DEF_VIRTUAL_GB 0
136#define DEF_VPD_USE_HOSTNO 1
137#define DEF_WRITESAME_LENGTH 0xFFFF
138#define DEF_STRICT 0
139#define DEF_STATISTICS false
140#define DEF_SUBMIT_QUEUES 1
141#define DEF_UUID_CTL 0
142#define JDELAY_OVERRIDDEN -9999
143
144#define SDEBUG_LUN_0_VAL 0
145
146/* bit mask values for sdebug_opts */
147#define SDEBUG_OPT_NOISE 1
148#define SDEBUG_OPT_MEDIUM_ERR 2
149#define SDEBUG_OPT_TIMEOUT 4
150#define SDEBUG_OPT_RECOVERED_ERR 8
151#define SDEBUG_OPT_TRANSPORT_ERR 16
152#define SDEBUG_OPT_DIF_ERR 32
153#define SDEBUG_OPT_DIX_ERR 64
154#define SDEBUG_OPT_MAC_TIMEOUT 128
155#define SDEBUG_OPT_SHORT_TRANSFER 0x100
156#define SDEBUG_OPT_Q_NOISE 0x200
157#define SDEBUG_OPT_ALL_TSF 0x400
158#define SDEBUG_OPT_RARE_TSF 0x800
159#define SDEBUG_OPT_N_WCE 0x1000
160#define SDEBUG_OPT_RESET_NOISE 0x2000
161#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
162#define SDEBUG_OPT_HOST_BUSY 0x8000
163#define SDEBUG_OPT_CMD_ABORT 0x10000
164#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
165 SDEBUG_OPT_RESET_NOISE)
166#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
167 SDEBUG_OPT_TRANSPORT_ERR | \
168 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
169 SDEBUG_OPT_SHORT_TRANSFER | \
170 SDEBUG_OPT_HOST_BUSY | \
171 SDEBUG_OPT_CMD_ABORT)
172/* When "every_nth" > 0 then modulo "every_nth" commands:
173 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
174 * - a RECOVERED_ERROR is simulated on successful read and write
175 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
176 * - a TRANSPORT_ERROR is simulated on successful read and write
177 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
178 * - similarly for DIF_ERR, DIX_ERR, SHORT_TRANSFER, HOST_BUSY and
179 * CMD_ABORT
180 *
181 * When "every_nth" < 0 then after "- every_nth" commands the selected
182 * error will be injected. The error will be injected on every subsequent
183 * command until some other action occurs; for example, the user writing
184 * a new value (other than -1 or 1) to every_nth:
185 * echo 0 > /sys/bus/pseudo/drivers/scsi_debug/every_nth
186 */
187
188/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
189 * priority order. In the subset implemented here lower numbers have higher
190 * priority. The UA numbers should be a sequence starting from 0 with
191 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
192#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
193#define SDEBUG_UA_BUS_RESET 1
194#define SDEBUG_UA_MODE_CHANGED 2
195#define SDEBUG_UA_CAPACITY_CHANGED 3
196#define SDEBUG_UA_LUNS_CHANGED 4
197#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
198#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
199#define SDEBUG_NUM_UAS 7
200
201/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
202 * sector on read commands: */
203#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
204#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
205
206/* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
207 * or "peripheral device" addressing (value 0) */
208#define SAM2_LUN_ADDRESS_METHOD 0
209
210/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
211 * (for response) per submit queue at one time. Can be reduced by max_queue
212 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
213 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
214 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
215 * but cannot exceed SDEBUG_CANQUEUE .
216 */
217#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
218#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
219#define DEF_CMD_PER_LUN 255
220
221#define F_D_IN 1
222#define F_D_OUT 2
223#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
224#define F_D_UNKN 8
225#define F_RL_WLUN_OK 0x10
226#define F_SKIP_UA 0x20
227#define F_DELAY_OVERR 0x40
228#define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
229#define F_SA_HIGH 0x100 /* as used by variable length cdbs */
230#define F_INV_OP 0x200
231#define F_FAKE_RW 0x400
232#define F_M_ACCESS 0x800 /* media access */
233#define F_SSU_DELAY 0x1000
234#define F_SYNC_DELAY 0x2000
235
236#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
237#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
238#define FF_SA (F_SA_HIGH | F_SA_LOW)
239#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
240
241#define SDEBUG_MAX_PARTS 4
242
243#define SDEBUG_MAX_CMD_LEN 32
244
245
246struct sdebug_dev_info {
247 struct list_head dev_list;
248 unsigned int channel;
249 unsigned int target;
250 u64 lun;
251 uuid_t lu_name;
252 struct sdebug_host_info *sdbg_host;
253 unsigned long uas_bm[1];
254 atomic_t num_in_q;
255 atomic_t stopped;
256 bool used;
257};
258
259struct sdebug_host_info {
260 struct list_head host_list;
261 struct Scsi_Host *shost;
262 struct device dev;
263 struct list_head dev_info_list;
264};
265
266#define to_sdebug_host(d) \
267 container_of(d, struct sdebug_host_info, dev)
268
269enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
270 SDEB_DEFER_WQ = 2};
271
272struct sdebug_defer {
273 struct hrtimer hrt;
274 struct execute_work ew;
275 int sqa_idx; /* index of sdebug_queue array */
276 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
277 int issuing_cpu;
278 bool init_hrt;
279 bool init_wq;
280 bool aborted; /* true when blk_abort_request() already called */
281 enum sdeb_defer_type defer_t;
282};
283
284struct sdebug_queued_cmd {
285 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
286 * instance indicates this slot is in use.
287 */
288 struct sdebug_defer *sd_dp;
289 struct scsi_cmnd *a_cmnd;
290 unsigned int inj_recovered:1;
291 unsigned int inj_transport:1;
292 unsigned int inj_dif:1;
293 unsigned int inj_dix:1;
294 unsigned int inj_short:1;
295 unsigned int inj_host_busy:1;
296 unsigned int inj_cmd_abort:1;
297};
298
299struct sdebug_queue {
300 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
301 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
302 spinlock_t qc_lock;
303 atomic_t blocked; /* to temporarily stop more being queued */
304};
305
306static atomic_t sdebug_cmnd_count; /* number of incoming commands */
307static atomic_t sdebug_completions; /* count of deferred completions */
308static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
309static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
310
311struct opcode_info_t {
312 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
313 /* for terminating element */
314 u8 opcode; /* if num_attached > 0, preferred */
315 u16 sa; /* service action */
316 u32 flags; /* OR-ed set of SDEB_F_* */
317 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
318 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
319 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
320 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
321};
322
323/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
324enum sdeb_opcode_index {
325 SDEB_I_INVALID_OPCODE = 0,
326 SDEB_I_INQUIRY = 1,
327 SDEB_I_REPORT_LUNS = 2,
328 SDEB_I_REQUEST_SENSE = 3,
329 SDEB_I_TEST_UNIT_READY = 4,
330 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
331 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
332 SDEB_I_LOG_SENSE = 7,
333 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
334 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
335 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
336 SDEB_I_START_STOP = 11,
337 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
338 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
339 SDEB_I_MAINT_IN = 14,
340 SDEB_I_MAINT_OUT = 15,
341 SDEB_I_VERIFY = 16, /* 10 only */
342 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
343 SDEB_I_RESERVE = 18, /* 6, 10 */
344 SDEB_I_RELEASE = 19, /* 6, 10 */
345 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
346 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
347 SDEB_I_ATA_PT = 22, /* 12, 16 */
348 SDEB_I_SEND_DIAG = 23,
349 SDEB_I_UNMAP = 24,
350 SDEB_I_WRITE_BUFFER = 25,
351 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
352 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
353 SDEB_I_COMP_WRITE = 28,
354 SDEB_I_LAST_ELEMENT = 29, /* keep this last (previous + 1) */
355};
356
357
358static const unsigned char opcode_ind_arr[256] = {
359/* 0x0; 0x0->0x1f: 6 byte cdbs */
360 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
361 0, 0, 0, 0,
362 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
363 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
364 SDEB_I_RELEASE,
365 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
366 SDEB_I_ALLOW_REMOVAL, 0,
367/* 0x20; 0x20->0x3f: 10 byte cdbs */
368 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
369 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
370 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
371 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
372/* 0x40; 0x40->0x5f: 10 byte cdbs */
373 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
374 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
375 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
376 SDEB_I_RELEASE,
377 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
378/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
379 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
381 0, SDEB_I_VARIABLE_LEN,
382/* 0x80; 0x80->0x9f: 16 byte cdbs */
383 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
384 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
385 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
386 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
387/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
388 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
389 SDEB_I_MAINT_OUT, 0, 0, 0,
390 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
391 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
392 0, 0, 0, 0, 0, 0, 0, 0,
393 0, 0, 0, 0, 0, 0, 0, 0,
394/* 0xc0; 0xc0->0xff: vendor specific */
395 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
399};
400
401/*
402 * The following "response" functions return the SCSI mid-level's 4 byte
403 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
404 * command completion, they can mask their return value with
405 * SDEG_RES_IMMED_MASK .
406 */
407#define SDEG_RES_IMMED_MASK 0x40000000
408
409static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
410static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
411static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
412static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
413static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
414static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
415static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
416static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
417static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
418static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
419static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
420static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
421static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
422static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
423static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
424static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
425static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
426static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
427static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
428static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
429static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
430static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
431
432/*
433 * The following are overflow arrays for cdbs that "hit" the same index in
434 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
435 * should be placed in opcode_info_arr[], the others should be placed here.
436 */
437static const struct opcode_info_t msense_iarr[] = {
438 {0, 0x1a, 0, F_D_IN, NULL, NULL,
439 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
440};
441
442static const struct opcode_info_t mselect_iarr[] = {
443 {0, 0x15, 0, F_D_OUT, NULL, NULL,
444 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
445};
446
447static const struct opcode_info_t read_iarr[] = {
448 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
449 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
450 0, 0, 0, 0} },
451 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
452 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
453 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
454 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
455 0xc7, 0, 0, 0, 0} },
456};
457
458static const struct opcode_info_t write_iarr[] = {
459 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
460 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
461 0, 0, 0, 0, 0, 0} },
462 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
463 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
464 0, 0, 0} },
465 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
466 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
467 0xbf, 0xc7, 0, 0, 0, 0} },
468};
469
470static const struct opcode_info_t sa_in_16_iarr[] = {
471 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
472 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
473 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
474};
475
476static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
477 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
478 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
479 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
480 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
481 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
482 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
483};
484
485static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
486 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
487 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
488 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
489 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
490 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
491 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
492};
493
494static const struct opcode_info_t write_same_iarr[] = {
495 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
496 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
497 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
498};
499
500static const struct opcode_info_t reserve_iarr[] = {
501 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
502 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
503};
504
505static const struct opcode_info_t release_iarr[] = {
506 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
507 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
508};
509
510static const struct opcode_info_t sync_cache_iarr[] = {
511 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
512 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
513 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
514};
515
516
517/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
518 * plus the terminating elements for logic that scans this table such as
519 * REPORT SUPPORTED OPERATION CODES. */
520static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
521/* 0 */
522 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
523 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
524 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
525 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
526 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
527 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
528 0, 0} }, /* REPORT LUNS */
529 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
530 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
531 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
532 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
533/* 5 */
534 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
535 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
536 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
537 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
538 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
539 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
540 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
541 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
542 0, 0, 0} },
543 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
544 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
545 0, 0} },
546 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
547 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
548 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
549/* 10 */
550 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
551 resp_write_dt0, write_iarr, /* WRITE(16) */
552 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
553 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
554 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
555 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
556 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
557 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
558 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
559 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
560 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
561 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
562 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
563 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
564 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
565 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
566 0xff, 0, 0xc7, 0, 0, 0, 0} },
567/* 15 */
568 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
569 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
570 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
571 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
572 0, 0, 0, 0, 0, 0} },
573 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
574 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
575 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
576 0xff, 0xff} },
577 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
578 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
579 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
580 0} },
581 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
582 NULL, release_iarr, /* RELEASE(10) <no response function> */
583 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
584 0} },
585/* 20 */
586 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
587 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
588 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
589 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
590 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
591 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
592 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
593 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
594 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
595 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
596/* 25 */
597 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
598 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
599 0, 0, 0, 0} }, /* WRITE_BUFFER */
600 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
601 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
602 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
603 0, 0, 0, 0, 0} },
604 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
605 resp_sync_cache, sync_cache_iarr,
606 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
607 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
608 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
609 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
610 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
611
612/* 29 */
613 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
614 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
615};
616
617static int sdebug_add_host = DEF_NUM_HOST;
618static int sdebug_ato = DEF_ATO;
619static int sdebug_cdb_len = DEF_CDB_LEN;
620static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
621static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
622static int sdebug_dif = DEF_DIF;
623static int sdebug_dix = DEF_DIX;
624static int sdebug_dsense = DEF_D_SENSE;
625static int sdebug_every_nth = DEF_EVERY_NTH;
626static int sdebug_fake_rw = DEF_FAKE_RW;
627static unsigned int sdebug_guard = DEF_GUARD;
628static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
629static int sdebug_max_luns = DEF_MAX_LUNS;
630static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
631static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
632static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
633static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
634static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
635static int sdebug_no_lun_0 = DEF_NO_LUN_0;
636static int sdebug_no_uld;
637static int sdebug_num_parts = DEF_NUM_PARTS;
638static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
639static int sdebug_opt_blks = DEF_OPT_BLKS;
640static int sdebug_opts = DEF_OPTS;
641static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
642static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
643static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
644static int sdebug_scsi_level = DEF_SCSI_LEVEL;
645static int sdebug_sector_size = DEF_SECTOR_SIZE;
646static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
647static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
648static unsigned int sdebug_lbpu = DEF_LBPU;
649static unsigned int sdebug_lbpws = DEF_LBPWS;
650static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
651static unsigned int sdebug_lbprz = DEF_LBPRZ;
652static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
653static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
654static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
655static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
656static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
657static int sdebug_uuid_ctl = DEF_UUID_CTL;
658static bool sdebug_removable = DEF_REMOVABLE;
659static bool sdebug_clustering;
660static bool sdebug_host_lock = DEF_HOST_LOCK;
661static bool sdebug_strict = DEF_STRICT;
662static bool sdebug_any_injecting_opt;
663static bool sdebug_verbose;
664static bool have_dif_prot;
665static bool write_since_sync;
666static bool sdebug_statistics = DEF_STATISTICS;
667static bool sdebug_wp;
668
669static unsigned int sdebug_store_sectors;
670static sector_t sdebug_capacity; /* in sectors */
671
672/* old BIOS stuff, kernel may get rid of them but some mode sense pages
673 may still need them */
674static int sdebug_heads; /* heads per disk */
675static int sdebug_cylinders_per; /* cylinders per surface */
676static int sdebug_sectors_per; /* sectors per cylinder */
677
678static LIST_HEAD(sdebug_host_list);
679static DEFINE_SPINLOCK(sdebug_host_list_lock);
680
681static unsigned char *fake_storep; /* ramdisk storage */
682static struct t10_pi_tuple *dif_storep; /* protection info */
683static void *map_storep; /* provisioning map */
684
685static unsigned long map_size;
686static int num_aborts;
687static int num_dev_resets;
688static int num_target_resets;
689static int num_bus_resets;
690static int num_host_resets;
691static int dix_writes;
692static int dix_reads;
693static int dif_errors;
694
695static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
696static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
697
698static DEFINE_RWLOCK(atomic_rw);
699
700static char sdebug_proc_name[] = MY_NAME;
701static const char *my_name = MY_NAME;
702
703static struct bus_type pseudo_lld_bus;
704
705static struct device_driver sdebug_driverfs_driver = {
706 .name = sdebug_proc_name,
707 .bus = &pseudo_lld_bus,
708};
709
710static const int check_condition_result =
711 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
712
713static const int illegal_condition_result =
714 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
715
716static const int device_qfull_result =
717 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
718
719
720/* Only do the extra work involved in logical block provisioning if one or
721 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
722 * real reads and writes (i.e. not skipping them for speed).
723 */
724static inline bool scsi_debug_lbp(void)
725{
726 return 0 == sdebug_fake_rw &&
727 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
728}
729
730static void *lba2fake_store(unsigned long long lba)
731{
732 lba = do_div(lba, sdebug_store_sectors);
733
734 return fake_storep + lba * sdebug_sector_size;
735}
736
737static struct t10_pi_tuple *dif_store(sector_t sector)
738{
739 sector = sector_div(sector, sdebug_store_sectors);
740
741 return dif_storep + sector;
742}
743
744static void sdebug_max_tgts_luns(void)
745{
746 struct sdebug_host_info *sdbg_host;
747 struct Scsi_Host *hpnt;
748
749 spin_lock(&sdebug_host_list_lock);
750 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
751 hpnt = sdbg_host->shost;
752 if ((hpnt->this_id >= 0) &&
753 (sdebug_num_tgts > hpnt->this_id))
754 hpnt->max_id = sdebug_num_tgts + 1;
755 else
756 hpnt->max_id = sdebug_num_tgts;
757 /* sdebug_max_luns; */
758 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
759 }
760 spin_unlock(&sdebug_host_list_lock);
761}
762
763enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
764
765/* Set in_bit to -1 to indicate no bit position of invalid field */
766static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
767 enum sdeb_cmd_data c_d,
768 int in_byte, int in_bit)
769{
770 unsigned char *sbuff;
771 u8 sks[4];
772 int sl, asc;
773
774 sbuff = scp->sense_buffer;
775 if (!sbuff) {
776 sdev_printk(KERN_ERR, scp->device,
777 "%s: sense_buffer is NULL\n", __func__);
778 return;
779 }
780 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
781 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
782 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
783 memset(sks, 0, sizeof(sks));
784 sks[0] = 0x80;
785 if (c_d)
786 sks[0] |= 0x40;
787 if (in_bit >= 0) {
788 sks[0] |= 0x8;
789 sks[0] |= 0x7 & in_bit;
790 }
791 put_unaligned_be16(in_byte, sks + 1);
792 if (sdebug_dsense) {
793 sl = sbuff[7] + 8;
794 sbuff[7] = sl;
795 sbuff[sl] = 0x2;
796 sbuff[sl + 1] = 0x6;
797 memcpy(sbuff + sl + 4, sks, 3);
798 } else
799 memcpy(sbuff + 15, sks, 3);
800 if (sdebug_verbose)
801 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
802 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
803 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
804}
805
806static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
807{
808 unsigned char *sbuff;
809
810 sbuff = scp->sense_buffer;
811 if (!sbuff) {
812 sdev_printk(KERN_ERR, scp->device,
813 "%s: sense_buffer is NULL\n", __func__);
814 return;
815 }
816 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
817
818 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
819
820 if (sdebug_verbose)
821 sdev_printk(KERN_INFO, scp->device,
822 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
823 my_name, key, asc, asq);
824}
825
826static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
827{
828 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
829}
830
831static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
832 void __user *arg)
833{
834 if (sdebug_verbose) {
835 if (0x1261 == cmd)
836 sdev_printk(KERN_INFO, dev,
837 "%s: BLKFLSBUF [0x1261]\n", __func__);
838 else if (0x5331 == cmd)
839 sdev_printk(KERN_INFO, dev,
840 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
841 __func__);
842 else
843 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
844 __func__, cmd);
845 }
846 return -EINVAL;
847 /* return -ENOTTY; // correct return but upsets fdisk */
848}
849
850static void config_cdb_len(struct scsi_device *sdev)
851{
852 switch (sdebug_cdb_len) {
853 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
854 sdev->use_10_for_rw = false;
855 sdev->use_16_for_rw = false;
856 sdev->use_10_for_ms = false;
857 break;
858 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
859 sdev->use_10_for_rw = true;
860 sdev->use_16_for_rw = false;
861 sdev->use_10_for_ms = false;
862 break;
863 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
864 sdev->use_10_for_rw = true;
865 sdev->use_16_for_rw = false;
866 sdev->use_10_for_ms = true;
867 break;
868 case 16:
869 sdev->use_10_for_rw = false;
870 sdev->use_16_for_rw = true;
871 sdev->use_10_for_ms = true;
872 break;
873 case 32: /* No knobs to suggest this so same as 16 for now */
874 sdev->use_10_for_rw = false;
875 sdev->use_16_for_rw = true;
876 sdev->use_10_for_ms = true;
877 break;
878 default:
879 pr_warn("unexpected cdb_len=%d, force to 10\n",
880 sdebug_cdb_len);
881 sdev->use_10_for_rw = true;
882 sdev->use_16_for_rw = false;
883 sdev->use_10_for_ms = false;
884 sdebug_cdb_len = 10;
885 break;
886 }
887}
888
889static void all_config_cdb_len(void)
890{
891 struct sdebug_host_info *sdbg_host;
892 struct Scsi_Host *shost;
893 struct scsi_device *sdev;
894
895 spin_lock(&sdebug_host_list_lock);
896 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
897 shost = sdbg_host->shost;
898 shost_for_each_device(sdev, shost) {
899 config_cdb_len(sdev);
900 }
901 }
902 spin_unlock(&sdebug_host_list_lock);
903}
904
905static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
906{
907 struct sdebug_host_info *sdhp;
908 struct sdebug_dev_info *dp;
909
910 spin_lock(&sdebug_host_list_lock);
911 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
912 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
913 if ((devip->sdbg_host == dp->sdbg_host) &&
914 (devip->target == dp->target))
915 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
916 }
917 }
918 spin_unlock(&sdebug_host_list_lock);
919}
920
921static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
922{
923 int k;
924
925 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
926 if (k != SDEBUG_NUM_UAS) {
927 const char *cp = NULL;
928
929 switch (k) {
930 case SDEBUG_UA_POR:
931 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
932 POWER_ON_RESET_ASCQ);
933 if (sdebug_verbose)
934 cp = "power on reset";
935 break;
936 case SDEBUG_UA_BUS_RESET:
937 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
938 BUS_RESET_ASCQ);
939 if (sdebug_verbose)
940 cp = "bus reset";
941 break;
942 case SDEBUG_UA_MODE_CHANGED:
943 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
944 MODE_CHANGED_ASCQ);
945 if (sdebug_verbose)
946 cp = "mode parameters changed";
947 break;
948 case SDEBUG_UA_CAPACITY_CHANGED:
949 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
950 CAPACITY_CHANGED_ASCQ);
951 if (sdebug_verbose)
952 cp = "capacity data changed";
953 break;
954 case SDEBUG_UA_MICROCODE_CHANGED:
955 mk_sense_buffer(scp, UNIT_ATTENTION,
956 TARGET_CHANGED_ASC,
957 MICROCODE_CHANGED_ASCQ);
958 if (sdebug_verbose)
959 cp = "microcode has been changed";
960 break;
961 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
962 mk_sense_buffer(scp, UNIT_ATTENTION,
963 TARGET_CHANGED_ASC,
964 MICROCODE_CHANGED_WO_RESET_ASCQ);
965 if (sdebug_verbose)
966 cp = "microcode has been changed without reset";
967 break;
968 case SDEBUG_UA_LUNS_CHANGED:
969 /*
970 * SPC-3 behavior is to report a UNIT ATTENTION with
971 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
972 * on the target, until a REPORT LUNS command is
973 * received. SPC-4 behavior is to report it only once.
974 * NOTE: sdebug_scsi_level does not use the same
975 * values as struct scsi_device->scsi_level.
976 */
977 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
978 clear_luns_changed_on_target(devip);
979 mk_sense_buffer(scp, UNIT_ATTENTION,
980 TARGET_CHANGED_ASC,
981 LUNS_CHANGED_ASCQ);
982 if (sdebug_verbose)
983 cp = "reported luns data has changed";
984 break;
985 default:
986 pr_warn("unexpected unit attention code=%d\n", k);
987 if (sdebug_verbose)
988 cp = "unknown";
989 break;
990 }
991 clear_bit(k, devip->uas_bm);
992 if (sdebug_verbose)
993 sdev_printk(KERN_INFO, scp->device,
994 "%s reports: Unit attention: %s\n",
995 my_name, cp);
996 return check_condition_result;
997 }
998 return 0;
999}
1000
1001/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1002static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1003 int arr_len)
1004{
1005 int act_len;
1006 struct scsi_data_buffer *sdb = &scp->sdb;
1007
1008 if (!sdb->length)
1009 return 0;
1010 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1011 return DID_ERROR << 16;
1012
1013 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1014 arr, arr_len);
1015 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1016
1017 return 0;
1018}
1019
1020/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1021 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1022 * calls, not required to write in ascending offset order. Assumes resid
1023 * set to scsi_bufflen() prior to any calls.
1024 */
1025static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1026 int arr_len, unsigned int off_dst)
1027{
1028 int act_len, n;
1029 struct scsi_data_buffer *sdb = &scp->sdb;
1030 off_t skip = off_dst;
1031
1032 if (sdb->length <= off_dst)
1033 return 0;
1034 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1035 return DID_ERROR << 16;
1036
1037 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1038 arr, arr_len, skip);
1039 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1040 __func__, off_dst, scsi_bufflen(scp), act_len,
1041 scsi_get_resid(scp));
1042 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
1043 scsi_set_resid(scp, min(scsi_get_resid(scp), n));
1044 return 0;
1045}
1046
1047/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1048 * 'arr' or -1 if error.
1049 */
1050static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1051 int arr_len)
1052{
1053 if (!scsi_bufflen(scp))
1054 return 0;
1055 if (scp->sc_data_direction != DMA_TO_DEVICE)
1056 return -1;
1057
1058 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1059}
1060
1061
1062static char sdebug_inq_vendor_id[9] = "Linux ";
1063static char sdebug_inq_product_id[17] = "scsi_debug ";
1064static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1065/* Use some locally assigned NAAs for SAS addresses. */
1066static const u64 naa3_comp_a = 0x3222222000000000ULL;
1067static const u64 naa3_comp_b = 0x3333333000000000ULL;
1068static const u64 naa3_comp_c = 0x3111111000000000ULL;
1069
1070/* Device identification VPD page. Returns number of bytes placed in arr */
1071static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1072 int target_dev_id, int dev_id_num,
1073 const char *dev_id_str, int dev_id_str_len,
1074 const uuid_t *lu_name)
1075{
1076 int num, port_a;
1077 char b[32];
1078
1079 port_a = target_dev_id + 1;
1080 /* T10 vendor identifier field format (faked) */
1081 arr[0] = 0x2; /* ASCII */
1082 arr[1] = 0x1;
1083 arr[2] = 0x0;
1084 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1085 memcpy(&arr[12], sdebug_inq_product_id, 16);
1086 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1087 num = 8 + 16 + dev_id_str_len;
1088 arr[3] = num;
1089 num += 4;
1090 if (dev_id_num >= 0) {
1091 if (sdebug_uuid_ctl) {
1092 /* Locally assigned UUID */
1093 arr[num++] = 0x1; /* binary (not necessarily sas) */
1094 arr[num++] = 0xa; /* PIV=0, lu, naa */
1095 arr[num++] = 0x0;
1096 arr[num++] = 0x12;
1097 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1098 arr[num++] = 0x0;
1099 memcpy(arr + num, lu_name, 16);
1100 num += 16;
1101 } else {
1102 /* NAA-3, Logical unit identifier (binary) */
1103 arr[num++] = 0x1; /* binary (not necessarily sas) */
1104 arr[num++] = 0x3; /* PIV=0, lu, naa */
1105 arr[num++] = 0x0;
1106 arr[num++] = 0x8;
1107 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1108 num += 8;
1109 }
1110 /* Target relative port number */
1111 arr[num++] = 0x61; /* proto=sas, binary */
1112 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1113 arr[num++] = 0x0; /* reserved */
1114 arr[num++] = 0x4; /* length */
1115 arr[num++] = 0x0; /* reserved */
1116 arr[num++] = 0x0; /* reserved */
1117 arr[num++] = 0x0;
1118 arr[num++] = 0x1; /* relative port A */
1119 }
1120 /* NAA-3, Target port identifier */
1121 arr[num++] = 0x61; /* proto=sas, binary */
1122 arr[num++] = 0x93; /* piv=1, target port, naa */
1123 arr[num++] = 0x0;
1124 arr[num++] = 0x8;
1125 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1126 num += 8;
1127 /* NAA-3, Target port group identifier */
1128 arr[num++] = 0x61; /* proto=sas, binary */
1129 arr[num++] = 0x95; /* piv=1, target port group id */
1130 arr[num++] = 0x0;
1131 arr[num++] = 0x4;
1132 arr[num++] = 0;
1133 arr[num++] = 0;
1134 put_unaligned_be16(port_group_id, arr + num);
1135 num += 2;
1136 /* NAA-3, Target device identifier */
1137 arr[num++] = 0x61; /* proto=sas, binary */
1138 arr[num++] = 0xa3; /* piv=1, target device, naa */
1139 arr[num++] = 0x0;
1140 arr[num++] = 0x8;
1141 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1142 num += 8;
1143 /* SCSI name string: Target device identifier */
1144 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1145 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1146 arr[num++] = 0x0;
1147 arr[num++] = 24;
1148 memcpy(arr + num, "naa.32222220", 12);
1149 num += 12;
1150 snprintf(b, sizeof(b), "%08X", target_dev_id);
1151 memcpy(arr + num, b, 8);
1152 num += 8;
1153 memset(arr + num, 0, 4);
1154 num += 4;
1155 return num;
1156}
1157
1158static unsigned char vpd84_data[] = {
1159/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1160 0x22,0x22,0x22,0x0,0xbb,0x1,
1161 0x22,0x22,0x22,0x0,0xbb,0x2,
1162};
1163
1164/* Software interface identification VPD page */
1165static int inquiry_vpd_84(unsigned char *arr)
1166{
1167 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1168 return sizeof(vpd84_data);
1169}
1170
1171/* Management network addresses VPD page */
1172static int inquiry_vpd_85(unsigned char *arr)
1173{
1174 int num = 0;
1175 const char *na1 = "https://www.kernel.org/config";
1176 const char *na2 = "http://www.kernel.org/log";
1177 int plen, olen;
1178
1179 arr[num++] = 0x1; /* lu, storage config */
1180 arr[num++] = 0x0; /* reserved */
1181 arr[num++] = 0x0;
1182 olen = strlen(na1);
1183 plen = olen + 1;
1184 if (plen % 4)
1185 plen = ((plen / 4) + 1) * 4;
1186 arr[num++] = plen; /* length, null termianted, padded */
1187 memcpy(arr + num, na1, olen);
1188 memset(arr + num + olen, 0, plen - olen);
1189 num += plen;
1190
1191 arr[num++] = 0x4; /* lu, logging */
1192 arr[num++] = 0x0; /* reserved */
1193 arr[num++] = 0x0;
1194 olen = strlen(na2);
1195 plen = olen + 1;
1196 if (plen % 4)
1197 plen = ((plen / 4) + 1) * 4;
1198 arr[num++] = plen; /* length, null terminated, padded */
1199 memcpy(arr + num, na2, olen);
1200 memset(arr + num + olen, 0, plen - olen);
1201 num += plen;
1202
1203 return num;
1204}
1205
1206/* SCSI ports VPD page */
1207static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1208{
1209 int num = 0;
1210 int port_a, port_b;
1211
1212 port_a = target_dev_id + 1;
1213 port_b = port_a + 1;
1214 arr[num++] = 0x0; /* reserved */
1215 arr[num++] = 0x0; /* reserved */
1216 arr[num++] = 0x0;
1217 arr[num++] = 0x1; /* relative port 1 (primary) */
1218 memset(arr + num, 0, 6);
1219 num += 6;
1220 arr[num++] = 0x0;
1221 arr[num++] = 12; /* length tp descriptor */
1222 /* naa-5 target port identifier (A) */
1223 arr[num++] = 0x61; /* proto=sas, binary */
1224 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1225 arr[num++] = 0x0; /* reserved */
1226 arr[num++] = 0x8; /* length */
1227 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1228 num += 8;
1229 arr[num++] = 0x0; /* reserved */
1230 arr[num++] = 0x0; /* reserved */
1231 arr[num++] = 0x0;
1232 arr[num++] = 0x2; /* relative port 2 (secondary) */
1233 memset(arr + num, 0, 6);
1234 num += 6;
1235 arr[num++] = 0x0;
1236 arr[num++] = 12; /* length tp descriptor */
1237 /* naa-5 target port identifier (B) */
1238 arr[num++] = 0x61; /* proto=sas, binary */
1239 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1240 arr[num++] = 0x0; /* reserved */
1241 arr[num++] = 0x8; /* length */
1242 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1243 num += 8;
1244
1245 return num;
1246}
1247
1248
1249static unsigned char vpd89_data[] = {
1250/* from 4th byte */ 0,0,0,0,
1251'l','i','n','u','x',' ',' ',' ',
1252'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1253'1','2','3','4',
12540x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
12550xec,0,0,0,
12560x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
12570,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
12580x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
12590x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
12600x53,0x41,
12610x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
12620x20,0x20,
12630x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
12640x10,0x80,
12650,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
12660x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
12670x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
12680,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
12690x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
12700x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
12710,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
12720,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12730,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12740,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12750x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
12760,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
12770xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
12780,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
12790,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12800,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12810,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12820,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12830,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12840,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12850,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12860,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12870,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12880,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12890,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
12900,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1291};
1292
1293/* ATA Information VPD page */
1294static int inquiry_vpd_89(unsigned char *arr)
1295{
1296 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1297 return sizeof(vpd89_data);
1298}
1299
1300
1301static unsigned char vpdb0_data[] = {
1302 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1303 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1304 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1305 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1306};
1307
1308/* Block limits VPD page (SBC-3) */
1309static int inquiry_vpd_b0(unsigned char *arr)
1310{
1311 unsigned int gran;
1312
1313 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1314
1315 /* Optimal transfer length granularity */
1316 if (sdebug_opt_xferlen_exp != 0 &&
1317 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1318 gran = 1 << sdebug_opt_xferlen_exp;
1319 else
1320 gran = 1 << sdebug_physblk_exp;
1321 put_unaligned_be16(gran, arr + 2);
1322
1323 /* Maximum Transfer Length */
1324 if (sdebug_store_sectors > 0x400)
1325 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1326
1327 /* Optimal Transfer Length */
1328 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1329
1330 if (sdebug_lbpu) {
1331 /* Maximum Unmap LBA Count */
1332 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1333
1334 /* Maximum Unmap Block Descriptor Count */
1335 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1336 }
1337
1338 /* Unmap Granularity Alignment */
1339 if (sdebug_unmap_alignment) {
1340 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1341 arr[28] |= 0x80; /* UGAVALID */
1342 }
1343
1344 /* Optimal Unmap Granularity */
1345 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1346
1347 /* Maximum WRITE SAME Length */
1348 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1349
1350 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1351
1352 return sizeof(vpdb0_data);
1353}
1354
1355/* Block device characteristics VPD page (SBC-3) */
1356static int inquiry_vpd_b1(unsigned char *arr)
1357{
1358 memset(arr, 0, 0x3c);
1359 arr[0] = 0;
1360 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1361 arr[2] = 0;
1362 arr[3] = 5; /* less than 1.8" */
1363
1364 return 0x3c;
1365}
1366
1367/* Logical block provisioning VPD page (SBC-4) */
1368static int inquiry_vpd_b2(unsigned char *arr)
1369{
1370 memset(arr, 0, 0x4);
1371 arr[0] = 0; /* threshold exponent */
1372 if (sdebug_lbpu)
1373 arr[1] = 1 << 7;
1374 if (sdebug_lbpws)
1375 arr[1] |= 1 << 6;
1376 if (sdebug_lbpws10)
1377 arr[1] |= 1 << 5;
1378 if (sdebug_lbprz && scsi_debug_lbp())
1379 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1380 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1381 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1382 /* threshold_percentage=0 */
1383 return 0x4;
1384}
1385
1386#define SDEBUG_LONG_INQ_SZ 96
1387#define SDEBUG_MAX_INQ_ARR_SZ 584
1388
1389static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1390{
1391 unsigned char pq_pdt;
1392 unsigned char *arr;
1393 unsigned char *cmd = scp->cmnd;
1394 int alloc_len, n, ret;
1395 bool have_wlun, is_disk;
1396
1397 alloc_len = get_unaligned_be16(cmd + 3);
1398 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1399 if (! arr)
1400 return DID_REQUEUE << 16;
1401 is_disk = (sdebug_ptype == TYPE_DISK);
1402 have_wlun = scsi_is_wlun(scp->device->lun);
1403 if (have_wlun)
1404 pq_pdt = TYPE_WLUN; /* present, wlun */
1405 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1406 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1407 else
1408 pq_pdt = (sdebug_ptype & 0x1f);
1409 arr[0] = pq_pdt;
1410 if (0x2 & cmd[1]) { /* CMDDT bit set */
1411 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1412 kfree(arr);
1413 return check_condition_result;
1414 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1415 int lu_id_num, port_group_id, target_dev_id, len;
1416 char lu_id_str[6];
1417 int host_no = devip->sdbg_host->shost->host_no;
1418
1419 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1420 (devip->channel & 0x7f);
1421 if (sdebug_vpd_use_hostno == 0)
1422 host_no = 0;
1423 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1424 (devip->target * 1000) + devip->lun);
1425 target_dev_id = ((host_no + 1) * 2000) +
1426 (devip->target * 1000) - 3;
1427 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1428 if (0 == cmd[2]) { /* supported vital product data pages */
1429 arr[1] = cmd[2]; /*sanity */
1430 n = 4;
1431 arr[n++] = 0x0; /* this page */
1432 arr[n++] = 0x80; /* unit serial number */
1433 arr[n++] = 0x83; /* device identification */
1434 arr[n++] = 0x84; /* software interface ident. */
1435 arr[n++] = 0x85; /* management network addresses */
1436 arr[n++] = 0x86; /* extended inquiry */
1437 arr[n++] = 0x87; /* mode page policy */
1438 arr[n++] = 0x88; /* SCSI ports */
1439 if (is_disk) { /* SBC only */
1440 arr[n++] = 0x89; /* ATA information */
1441 arr[n++] = 0xb0; /* Block limits */
1442 arr[n++] = 0xb1; /* Block characteristics */
1443 arr[n++] = 0xb2; /* Logical Block Prov */
1444 }
1445 arr[3] = n - 4; /* number of supported VPD pages */
1446 } else if (0x80 == cmd[2]) { /* unit serial number */
1447 arr[1] = cmd[2]; /*sanity */
1448 arr[3] = len;
1449 memcpy(&arr[4], lu_id_str, len);
1450 } else if (0x83 == cmd[2]) { /* device identification */
1451 arr[1] = cmd[2]; /*sanity */
1452 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1453 target_dev_id, lu_id_num,
1454 lu_id_str, len,
1455 &devip->lu_name);
1456 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1457 arr[1] = cmd[2]; /*sanity */
1458 arr[3] = inquiry_vpd_84(&arr[4]);
1459 } else if (0x85 == cmd[2]) { /* Management network addresses */
1460 arr[1] = cmd[2]; /*sanity */
1461 arr[3] = inquiry_vpd_85(&arr[4]);
1462 } else if (0x86 == cmd[2]) { /* extended inquiry */
1463 arr[1] = cmd[2]; /*sanity */
1464 arr[3] = 0x3c; /* number of following entries */
1465 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1466 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1467 else if (have_dif_prot)
1468 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1469 else
1470 arr[4] = 0x0; /* no protection stuff */
1471 arr[5] = 0x7; /* head of q, ordered + simple q's */
1472 } else if (0x87 == cmd[2]) { /* mode page policy */
1473 arr[1] = cmd[2]; /*sanity */
1474 arr[3] = 0x8; /* number of following entries */
1475 arr[4] = 0x2; /* disconnect-reconnect mp */
1476 arr[6] = 0x80; /* mlus, shared */
1477 arr[8] = 0x18; /* protocol specific lu */
1478 arr[10] = 0x82; /* mlus, per initiator port */
1479 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1480 arr[1] = cmd[2]; /*sanity */
1481 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1482 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1483 arr[1] = cmd[2]; /*sanity */
1484 n = inquiry_vpd_89(&arr[4]);
1485 put_unaligned_be16(n, arr + 2);
1486 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1487 arr[1] = cmd[2]; /*sanity */
1488 arr[3] = inquiry_vpd_b0(&arr[4]);
1489 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1490 arr[1] = cmd[2]; /*sanity */
1491 arr[3] = inquiry_vpd_b1(&arr[4]);
1492 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1493 arr[1] = cmd[2]; /*sanity */
1494 arr[3] = inquiry_vpd_b2(&arr[4]);
1495 } else {
1496 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1497 kfree(arr);
1498 return check_condition_result;
1499 }
1500 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1501 ret = fill_from_dev_buffer(scp, arr,
1502 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1503 kfree(arr);
1504 return ret;
1505 }
1506 /* drops through here for a standard inquiry */
1507 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1508 arr[2] = sdebug_scsi_level;
1509 arr[3] = 2; /* response_data_format==2 */
1510 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1511 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1512 if (sdebug_vpd_use_hostno == 0)
1513 arr[5] |= 0x10; /* claim: implicit TPGS */
1514 arr[6] = 0x10; /* claim: MultiP */
1515 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1516 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1517 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1518 memcpy(&arr[16], sdebug_inq_product_id, 16);
1519 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1520 /* Use Vendor Specific area to place driver date in ASCII hex */
1521 memcpy(&arr[36], sdebug_version_date, 8);
1522 /* version descriptors (2 bytes each) follow */
1523 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1524 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1525 n = 62;
1526 if (is_disk) { /* SBC-4 no version claimed */
1527 put_unaligned_be16(0x600, arr + n);
1528 n += 2;
1529 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1530 put_unaligned_be16(0x525, arr + n);
1531 n += 2;
1532 }
1533 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1534 ret = fill_from_dev_buffer(scp, arr,
1535 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1536 kfree(arr);
1537 return ret;
1538}
1539
1540static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1541 0, 0, 0x0, 0x0};
1542
1543static int resp_requests(struct scsi_cmnd *scp,
1544 struct sdebug_dev_info *devip)
1545{
1546 unsigned char *sbuff;
1547 unsigned char *cmd = scp->cmnd;
1548 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1549 bool dsense;
1550 int len = 18;
1551
1552 memset(arr, 0, sizeof(arr));
1553 dsense = !!(cmd[1] & 1);
1554 sbuff = scp->sense_buffer;
1555 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1556 if (dsense) {
1557 arr[0] = 0x72;
1558 arr[1] = 0x0; /* NO_SENSE in sense_key */
1559 arr[2] = THRESHOLD_EXCEEDED;
1560 arr[3] = 0xff; /* TEST set and MRIE==6 */
1561 len = 8;
1562 } else {
1563 arr[0] = 0x70;
1564 arr[2] = 0x0; /* NO_SENSE in sense_key */
1565 arr[7] = 0xa; /* 18 byte sense buffer */
1566 arr[12] = THRESHOLD_EXCEEDED;
1567 arr[13] = 0xff; /* TEST set and MRIE==6 */
1568 }
1569 } else {
1570 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1571 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1572 ; /* have sense and formats match */
1573 else if (arr[0] <= 0x70) {
1574 if (dsense) {
1575 memset(arr, 0, 8);
1576 arr[0] = 0x72;
1577 len = 8;
1578 } else {
1579 memset(arr, 0, 18);
1580 arr[0] = 0x70;
1581 arr[7] = 0xa;
1582 }
1583 } else if (dsense) {
1584 memset(arr, 0, 8);
1585 arr[0] = 0x72;
1586 arr[1] = sbuff[2]; /* sense key */
1587 arr[2] = sbuff[12]; /* asc */
1588 arr[3] = sbuff[13]; /* ascq */
1589 len = 8;
1590 } else {
1591 memset(arr, 0, 18);
1592 arr[0] = 0x70;
1593 arr[2] = sbuff[1];
1594 arr[7] = 0xa;
1595 arr[12] = sbuff[1];
1596 arr[13] = sbuff[3];
1597 }
1598
1599 }
1600 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1601 return fill_from_dev_buffer(scp, arr, len);
1602}
1603
1604static int resp_start_stop(struct scsi_cmnd *scp,
1605 struct sdebug_dev_info *devip)
1606{
1607 unsigned char *cmd = scp->cmnd;
1608 int power_cond, stop;
1609 bool changing;
1610
1611 power_cond = (cmd[4] & 0xf0) >> 4;
1612 if (power_cond) {
1613 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1614 return check_condition_result;
1615 }
1616 stop = !(cmd[4] & 1);
1617 changing = atomic_read(&devip->stopped) == !stop;
1618 atomic_xchg(&devip->stopped, stop);
1619 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1620 return SDEG_RES_IMMED_MASK;
1621 else
1622 return 0;
1623}
1624
1625static sector_t get_sdebug_capacity(void)
1626{
1627 static const unsigned int gibibyte = 1073741824;
1628
1629 if (sdebug_virtual_gb > 0)
1630 return (sector_t)sdebug_virtual_gb *
1631 (gibibyte / sdebug_sector_size);
1632 else
1633 return sdebug_store_sectors;
1634}
1635
1636#define SDEBUG_READCAP_ARR_SZ 8
1637static int resp_readcap(struct scsi_cmnd *scp,
1638 struct sdebug_dev_info *devip)
1639{
1640 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1641 unsigned int capac;
1642
1643 /* following just in case virtual_gb changed */
1644 sdebug_capacity = get_sdebug_capacity();
1645 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1646 if (sdebug_capacity < 0xffffffff) {
1647 capac = (unsigned int)sdebug_capacity - 1;
1648 put_unaligned_be32(capac, arr + 0);
1649 } else
1650 put_unaligned_be32(0xffffffff, arr + 0);
1651 put_unaligned_be16(sdebug_sector_size, arr + 6);
1652 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1653}
1654
1655#define SDEBUG_READCAP16_ARR_SZ 32
1656static int resp_readcap16(struct scsi_cmnd *scp,
1657 struct sdebug_dev_info *devip)
1658{
1659 unsigned char *cmd = scp->cmnd;
1660 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1661 int alloc_len;
1662
1663 alloc_len = get_unaligned_be32(cmd + 10);
1664 /* following just in case virtual_gb changed */
1665 sdebug_capacity = get_sdebug_capacity();
1666 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1667 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1668 put_unaligned_be32(sdebug_sector_size, arr + 8);
1669 arr[13] = sdebug_physblk_exp & 0xf;
1670 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1671
1672 if (scsi_debug_lbp()) {
1673 arr[14] |= 0x80; /* LBPME */
1674 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1675 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1676 * in the wider field maps to 0 in this field.
1677 */
1678 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1679 arr[14] |= 0x40;
1680 }
1681
1682 arr[15] = sdebug_lowest_aligned & 0xff;
1683
1684 if (have_dif_prot) {
1685 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1686 arr[12] |= 1; /* PROT_EN */
1687 }
1688
1689 return fill_from_dev_buffer(scp, arr,
1690 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1691}
1692
1693#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1694
1695static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1696 struct sdebug_dev_info *devip)
1697{
1698 unsigned char *cmd = scp->cmnd;
1699 unsigned char *arr;
1700 int host_no = devip->sdbg_host->shost->host_no;
1701 int n, ret, alen, rlen;
1702 int port_group_a, port_group_b, port_a, port_b;
1703
1704 alen = get_unaligned_be32(cmd + 6);
1705 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1706 if (! arr)
1707 return DID_REQUEUE << 16;
1708 /*
1709 * EVPD page 0x88 states we have two ports, one
1710 * real and a fake port with no device connected.
1711 * So we create two port groups with one port each
1712 * and set the group with port B to unavailable.
1713 */
1714 port_a = 0x1; /* relative port A */
1715 port_b = 0x2; /* relative port B */
1716 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1717 (devip->channel & 0x7f);
1718 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1719 (devip->channel & 0x7f) + 0x80;
1720
1721 /*
1722 * The asymmetric access state is cycled according to the host_id.
1723 */
1724 n = 4;
1725 if (sdebug_vpd_use_hostno == 0) {
1726 arr[n++] = host_no % 3; /* Asymm access state */
1727 arr[n++] = 0x0F; /* claim: all states are supported */
1728 } else {
1729 arr[n++] = 0x0; /* Active/Optimized path */
1730 arr[n++] = 0x01; /* only support active/optimized paths */
1731 }
1732 put_unaligned_be16(port_group_a, arr + n);
1733 n += 2;
1734 arr[n++] = 0; /* Reserved */
1735 arr[n++] = 0; /* Status code */
1736 arr[n++] = 0; /* Vendor unique */
1737 arr[n++] = 0x1; /* One port per group */
1738 arr[n++] = 0; /* Reserved */
1739 arr[n++] = 0; /* Reserved */
1740 put_unaligned_be16(port_a, arr + n);
1741 n += 2;
1742 arr[n++] = 3; /* Port unavailable */
1743 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1744 put_unaligned_be16(port_group_b, arr + n);
1745 n += 2;
1746 arr[n++] = 0; /* Reserved */
1747 arr[n++] = 0; /* Status code */
1748 arr[n++] = 0; /* Vendor unique */
1749 arr[n++] = 0x1; /* One port per group */
1750 arr[n++] = 0; /* Reserved */
1751 arr[n++] = 0; /* Reserved */
1752 put_unaligned_be16(port_b, arr + n);
1753 n += 2;
1754
1755 rlen = n - 4;
1756 put_unaligned_be32(rlen, arr + 0);
1757
1758 /*
1759 * Return the smallest value of either
1760 * - The allocated length
1761 * - The constructed command length
1762 * - The maximum array size
1763 */
1764 rlen = min(alen,n);
1765 ret = fill_from_dev_buffer(scp, arr,
1766 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1767 kfree(arr);
1768 return ret;
1769}
1770
1771static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1772 struct sdebug_dev_info *devip)
1773{
1774 bool rctd;
1775 u8 reporting_opts, req_opcode, sdeb_i, supp;
1776 u16 req_sa, u;
1777 u32 alloc_len, a_len;
1778 int k, offset, len, errsts, count, bump, na;
1779 const struct opcode_info_t *oip;
1780 const struct opcode_info_t *r_oip;
1781 u8 *arr;
1782 u8 *cmd = scp->cmnd;
1783
1784 rctd = !!(cmd[2] & 0x80);
1785 reporting_opts = cmd[2] & 0x7;
1786 req_opcode = cmd[3];
1787 req_sa = get_unaligned_be16(cmd + 4);
1788 alloc_len = get_unaligned_be32(cmd + 6);
1789 if (alloc_len < 4 || alloc_len > 0xffff) {
1790 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1791 return check_condition_result;
1792 }
1793 if (alloc_len > 8192)
1794 a_len = 8192;
1795 else
1796 a_len = alloc_len;
1797 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1798 if (NULL == arr) {
1799 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1800 INSUFF_RES_ASCQ);
1801 return check_condition_result;
1802 }
1803 switch (reporting_opts) {
1804 case 0: /* all commands */
1805 /* count number of commands */
1806 for (count = 0, oip = opcode_info_arr;
1807 oip->num_attached != 0xff; ++oip) {
1808 if (F_INV_OP & oip->flags)
1809 continue;
1810 count += (oip->num_attached + 1);
1811 }
1812 bump = rctd ? 20 : 8;
1813 put_unaligned_be32(count * bump, arr);
1814 for (offset = 4, oip = opcode_info_arr;
1815 oip->num_attached != 0xff && offset < a_len; ++oip) {
1816 if (F_INV_OP & oip->flags)
1817 continue;
1818 na = oip->num_attached;
1819 arr[offset] = oip->opcode;
1820 put_unaligned_be16(oip->sa, arr + offset + 2);
1821 if (rctd)
1822 arr[offset + 5] |= 0x2;
1823 if (FF_SA & oip->flags)
1824 arr[offset + 5] |= 0x1;
1825 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1826 if (rctd)
1827 put_unaligned_be16(0xa, arr + offset + 8);
1828 r_oip = oip;
1829 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1830 if (F_INV_OP & oip->flags)
1831 continue;
1832 offset += bump;
1833 arr[offset] = oip->opcode;
1834 put_unaligned_be16(oip->sa, arr + offset + 2);
1835 if (rctd)
1836 arr[offset + 5] |= 0x2;
1837 if (FF_SA & oip->flags)
1838 arr[offset + 5] |= 0x1;
1839 put_unaligned_be16(oip->len_mask[0],
1840 arr + offset + 6);
1841 if (rctd)
1842 put_unaligned_be16(0xa,
1843 arr + offset + 8);
1844 }
1845 oip = r_oip;
1846 offset += bump;
1847 }
1848 break;
1849 case 1: /* one command: opcode only */
1850 case 2: /* one command: opcode plus service action */
1851 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1852 sdeb_i = opcode_ind_arr[req_opcode];
1853 oip = &opcode_info_arr[sdeb_i];
1854 if (F_INV_OP & oip->flags) {
1855 supp = 1;
1856 offset = 4;
1857 } else {
1858 if (1 == reporting_opts) {
1859 if (FF_SA & oip->flags) {
1860 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1861 2, 2);
1862 kfree(arr);
1863 return check_condition_result;
1864 }
1865 req_sa = 0;
1866 } else if (2 == reporting_opts &&
1867 0 == (FF_SA & oip->flags)) {
1868 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1869 kfree(arr); /* point at requested sa */
1870 return check_condition_result;
1871 }
1872 if (0 == (FF_SA & oip->flags) &&
1873 req_opcode == oip->opcode)
1874 supp = 3;
1875 else if (0 == (FF_SA & oip->flags)) {
1876 na = oip->num_attached;
1877 for (k = 0, oip = oip->arrp; k < na;
1878 ++k, ++oip) {
1879 if (req_opcode == oip->opcode)
1880 break;
1881 }
1882 supp = (k >= na) ? 1 : 3;
1883 } else if (req_sa != oip->sa) {
1884 na = oip->num_attached;
1885 for (k = 0, oip = oip->arrp; k < na;
1886 ++k, ++oip) {
1887 if (req_sa == oip->sa)
1888 break;
1889 }
1890 supp = (k >= na) ? 1 : 3;
1891 } else
1892 supp = 3;
1893 if (3 == supp) {
1894 u = oip->len_mask[0];
1895 put_unaligned_be16(u, arr + 2);
1896 arr[4] = oip->opcode;
1897 for (k = 1; k < u; ++k)
1898 arr[4 + k] = (k < 16) ?
1899 oip->len_mask[k] : 0xff;
1900 offset = 4 + u;
1901 } else
1902 offset = 4;
1903 }
1904 arr[1] = (rctd ? 0x80 : 0) | supp;
1905 if (rctd) {
1906 put_unaligned_be16(0xa, arr + offset);
1907 offset += 12;
1908 }
1909 break;
1910 default:
1911 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1912 kfree(arr);
1913 return check_condition_result;
1914 }
1915 offset = (offset < a_len) ? offset : a_len;
1916 len = (offset < alloc_len) ? offset : alloc_len;
1917 errsts = fill_from_dev_buffer(scp, arr, len);
1918 kfree(arr);
1919 return errsts;
1920}
1921
1922static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1923 struct sdebug_dev_info *devip)
1924{
1925 bool repd;
1926 u32 alloc_len, len;
1927 u8 arr[16];
1928 u8 *cmd = scp->cmnd;
1929
1930 memset(arr, 0, sizeof(arr));
1931 repd = !!(cmd[2] & 0x80);
1932 alloc_len = get_unaligned_be32(cmd + 6);
1933 if (alloc_len < 4) {
1934 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1935 return check_condition_result;
1936 }
1937 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1938 arr[1] = 0x1; /* ITNRS */
1939 if (repd) {
1940 arr[3] = 0xc;
1941 len = 16;
1942 } else
1943 len = 4;
1944
1945 len = (len < alloc_len) ? len : alloc_len;
1946 return fill_from_dev_buffer(scp, arr, len);
1947}
1948
1949/* <<Following mode page info copied from ST318451LW>> */
1950
1951static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1952{ /* Read-Write Error Recovery page for mode_sense */
1953 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1954 5, 0, 0xff, 0xff};
1955
1956 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1957 if (1 == pcontrol)
1958 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1959 return sizeof(err_recov_pg);
1960}
1961
1962static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1963{ /* Disconnect-Reconnect page for mode_sense */
1964 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1965 0, 0, 0, 0, 0, 0, 0, 0};
1966
1967 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1968 if (1 == pcontrol)
1969 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1970 return sizeof(disconnect_pg);
1971}
1972
1973static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1974{ /* Format device page for mode_sense */
1975 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1976 0, 0, 0, 0, 0, 0, 0, 0,
1977 0, 0, 0, 0, 0x40, 0, 0, 0};
1978
1979 memcpy(p, format_pg, sizeof(format_pg));
1980 put_unaligned_be16(sdebug_sectors_per, p + 10);
1981 put_unaligned_be16(sdebug_sector_size, p + 12);
1982 if (sdebug_removable)
1983 p[20] |= 0x20; /* should agree with INQUIRY */
1984 if (1 == pcontrol)
1985 memset(p + 2, 0, sizeof(format_pg) - 2);
1986 return sizeof(format_pg);
1987}
1988
1989static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1990 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1991 0, 0, 0, 0};
1992
1993static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1994{ /* Caching page for mode_sense */
1995 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1996 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1997 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1998 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1999
2000 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2001 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2002 memcpy(p, caching_pg, sizeof(caching_pg));
2003 if (1 == pcontrol)
2004 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2005 else if (2 == pcontrol)
2006 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2007 return sizeof(caching_pg);
2008}
2009
2010static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2011 0, 0, 0x2, 0x4b};
2012
2013static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2014{ /* Control mode page for mode_sense */
2015 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2016 0, 0, 0, 0};
2017 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2018 0, 0, 0x2, 0x4b};
2019
2020 if (sdebug_dsense)
2021 ctrl_m_pg[2] |= 0x4;
2022 else
2023 ctrl_m_pg[2] &= ~0x4;
2024
2025 if (sdebug_ato)
2026 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2027
2028 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2029 if (1 == pcontrol)
2030 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2031 else if (2 == pcontrol)
2032 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2033 return sizeof(ctrl_m_pg);
2034}
2035
2036
2037static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2038{ /* Informational Exceptions control mode page for mode_sense */
2039 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2040 0, 0, 0x0, 0x0};
2041 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2042 0, 0, 0x0, 0x0};
2043
2044 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2045 if (1 == pcontrol)
2046 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2047 else if (2 == pcontrol)
2048 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2049 return sizeof(iec_m_pg);
2050}
2051
2052static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2053{ /* SAS SSP mode page - short format for mode_sense */
2054 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2055 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2056
2057 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2058 if (1 == pcontrol)
2059 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2060 return sizeof(sas_sf_m_pg);
2061}
2062
2063
2064static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2065 int target_dev_id)
2066{ /* SAS phy control and discover mode page for mode_sense */
2067 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2068 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2069 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2070 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2071 0x2, 0, 0, 0, 0, 0, 0, 0,
2072 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2073 0, 0, 0, 0, 0, 0, 0, 0,
2074 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2075 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2076 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2077 0x3, 0, 0, 0, 0, 0, 0, 0,
2078 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2079 0, 0, 0, 0, 0, 0, 0, 0,
2080 };
2081 int port_a, port_b;
2082
2083 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2084 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2085 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2086 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2087 port_a = target_dev_id + 1;
2088 port_b = port_a + 1;
2089 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2090 put_unaligned_be32(port_a, p + 20);
2091 put_unaligned_be32(port_b, p + 48 + 20);
2092 if (1 == pcontrol)
2093 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2094 return sizeof(sas_pcd_m_pg);
2095}
2096
2097static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2098{ /* SAS SSP shared protocol specific port mode subpage */
2099 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2100 0, 0, 0, 0, 0, 0, 0, 0,
2101 };
2102
2103 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2104 if (1 == pcontrol)
2105 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2106 return sizeof(sas_sha_m_pg);
2107}
2108
2109#define SDEBUG_MAX_MSENSE_SZ 256
2110
2111static int resp_mode_sense(struct scsi_cmnd *scp,
2112 struct sdebug_dev_info *devip)
2113{
2114 int pcontrol, pcode, subpcode, bd_len;
2115 unsigned char dev_spec;
2116 int alloc_len, offset, len, target_dev_id;
2117 int target = scp->device->id;
2118 unsigned char *ap;
2119 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2120 unsigned char *cmd = scp->cmnd;
2121 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2122
2123 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2124 pcontrol = (cmd[2] & 0xc0) >> 6;
2125 pcode = cmd[2] & 0x3f;
2126 subpcode = cmd[3];
2127 msense_6 = (MODE_SENSE == cmd[0]);
2128 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2129 is_disk = (sdebug_ptype == TYPE_DISK);
2130 if (is_disk && !dbd)
2131 bd_len = llbaa ? 16 : 8;
2132 else
2133 bd_len = 0;
2134 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2135 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2136 if (0x3 == pcontrol) { /* Saving values not supported */
2137 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2138 return check_condition_result;
2139 }
2140 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2141 (devip->target * 1000) - 3;
2142 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2143 if (is_disk) {
2144 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2145 if (sdebug_wp)
2146 dev_spec |= 0x80;
2147 } else
2148 dev_spec = 0x0;
2149 if (msense_6) {
2150 arr[2] = dev_spec;
2151 arr[3] = bd_len;
2152 offset = 4;
2153 } else {
2154 arr[3] = dev_spec;
2155 if (16 == bd_len)
2156 arr[4] = 0x1; /* set LONGLBA bit */
2157 arr[7] = bd_len; /* assume 255 or less */
2158 offset = 8;
2159 }
2160 ap = arr + offset;
2161 if ((bd_len > 0) && (!sdebug_capacity))
2162 sdebug_capacity = get_sdebug_capacity();
2163
2164 if (8 == bd_len) {
2165 if (sdebug_capacity > 0xfffffffe)
2166 put_unaligned_be32(0xffffffff, ap + 0);
2167 else
2168 put_unaligned_be32(sdebug_capacity, ap + 0);
2169 put_unaligned_be16(sdebug_sector_size, ap + 6);
2170 offset += bd_len;
2171 ap = arr + offset;
2172 } else if (16 == bd_len) {
2173 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2174 put_unaligned_be32(sdebug_sector_size, ap + 12);
2175 offset += bd_len;
2176 ap = arr + offset;
2177 }
2178
2179 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2180 /* TODO: Control Extension page */
2181 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2182 return check_condition_result;
2183 }
2184 bad_pcode = false;
2185
2186 switch (pcode) {
2187 case 0x1: /* Read-Write error recovery page, direct access */
2188 len = resp_err_recov_pg(ap, pcontrol, target);
2189 offset += len;
2190 break;
2191 case 0x2: /* Disconnect-Reconnect page, all devices */
2192 len = resp_disconnect_pg(ap, pcontrol, target);
2193 offset += len;
2194 break;
2195 case 0x3: /* Format device page, direct access */
2196 if (is_disk) {
2197 len = resp_format_pg(ap, pcontrol, target);
2198 offset += len;
2199 } else
2200 bad_pcode = true;
2201 break;
2202 case 0x8: /* Caching page, direct access */
2203 if (is_disk) {
2204 len = resp_caching_pg(ap, pcontrol, target);
2205 offset += len;
2206 } else
2207 bad_pcode = true;
2208 break;
2209 case 0xa: /* Control Mode page, all devices */
2210 len = resp_ctrl_m_pg(ap, pcontrol, target);
2211 offset += len;
2212 break;
2213 case 0x19: /* if spc==1 then sas phy, control+discover */
2214 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2215 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2216 return check_condition_result;
2217 }
2218 len = 0;
2219 if ((0x0 == subpcode) || (0xff == subpcode))
2220 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2221 if ((0x1 == subpcode) || (0xff == subpcode))
2222 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2223 target_dev_id);
2224 if ((0x2 == subpcode) || (0xff == subpcode))
2225 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2226 offset += len;
2227 break;
2228 case 0x1c: /* Informational Exceptions Mode page, all devices */
2229 len = resp_iec_m_pg(ap, pcontrol, target);
2230 offset += len;
2231 break;
2232 case 0x3f: /* Read all Mode pages */
2233 if ((0 == subpcode) || (0xff == subpcode)) {
2234 len = resp_err_recov_pg(ap, pcontrol, target);
2235 len += resp_disconnect_pg(ap + len, pcontrol, target);
2236 if (is_disk) {
2237 len += resp_format_pg(ap + len, pcontrol,
2238 target);
2239 len += resp_caching_pg(ap + len, pcontrol,
2240 target);
2241 }
2242 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2243 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2244 if (0xff == subpcode) {
2245 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2246 target, target_dev_id);
2247 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2248 }
2249 len += resp_iec_m_pg(ap + len, pcontrol, target);
2250 offset += len;
2251 } else {
2252 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2253 return check_condition_result;
2254 }
2255 break;
2256 default:
2257 bad_pcode = true;
2258 break;
2259 }
2260 if (bad_pcode) {
2261 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2262 return check_condition_result;
2263 }
2264 if (msense_6)
2265 arr[0] = offset - 1;
2266 else
2267 put_unaligned_be16((offset - 2), arr + 0);
2268 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2269}
2270
2271#define SDEBUG_MAX_MSELECT_SZ 512
2272
2273static int resp_mode_select(struct scsi_cmnd *scp,
2274 struct sdebug_dev_info *devip)
2275{
2276 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2277 int param_len, res, mpage;
2278 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2279 unsigned char *cmd = scp->cmnd;
2280 int mselect6 = (MODE_SELECT == cmd[0]);
2281
2282 memset(arr, 0, sizeof(arr));
2283 pf = cmd[1] & 0x10;
2284 sp = cmd[1] & 0x1;
2285 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2286 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2287 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2288 return check_condition_result;
2289 }
2290 res = fetch_to_dev_buffer(scp, arr, param_len);
2291 if (-1 == res)
2292 return DID_ERROR << 16;
2293 else if (sdebug_verbose && (res < param_len))
2294 sdev_printk(KERN_INFO, scp->device,
2295 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2296 __func__, param_len, res);
2297 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2298 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2299 if (md_len > 2) {
2300 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2301 return check_condition_result;
2302 }
2303 off = bd_len + (mselect6 ? 4 : 8);
2304 mpage = arr[off] & 0x3f;
2305 ps = !!(arr[off] & 0x80);
2306 if (ps) {
2307 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2308 return check_condition_result;
2309 }
2310 spf = !!(arr[off] & 0x40);
2311 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2312 (arr[off + 1] + 2);
2313 if ((pg_len + off) > param_len) {
2314 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2315 PARAMETER_LIST_LENGTH_ERR, 0);
2316 return check_condition_result;
2317 }
2318 switch (mpage) {
2319 case 0x8: /* Caching Mode page */
2320 if (caching_pg[1] == arr[off + 1]) {
2321 memcpy(caching_pg + 2, arr + off + 2,
2322 sizeof(caching_pg) - 2);
2323 goto set_mode_changed_ua;
2324 }
2325 break;
2326 case 0xa: /* Control Mode page */
2327 if (ctrl_m_pg[1] == arr[off + 1]) {
2328 memcpy(ctrl_m_pg + 2, arr + off + 2,
2329 sizeof(ctrl_m_pg) - 2);
2330 if (ctrl_m_pg[4] & 0x8)
2331 sdebug_wp = true;
2332 else
2333 sdebug_wp = false;
2334 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2335 goto set_mode_changed_ua;
2336 }
2337 break;
2338 case 0x1c: /* Informational Exceptions Mode page */
2339 if (iec_m_pg[1] == arr[off + 1]) {
2340 memcpy(iec_m_pg + 2, arr + off + 2,
2341 sizeof(iec_m_pg) - 2);
2342 goto set_mode_changed_ua;
2343 }
2344 break;
2345 default:
2346 break;
2347 }
2348 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2349 return check_condition_result;
2350set_mode_changed_ua:
2351 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2352 return 0;
2353}
2354
2355static int resp_temp_l_pg(unsigned char *arr)
2356{
2357 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2358 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2359 };
2360
2361 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2362 return sizeof(temp_l_pg);
2363}
2364
2365static int resp_ie_l_pg(unsigned char *arr)
2366{
2367 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2368 };
2369
2370 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2371 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2372 arr[4] = THRESHOLD_EXCEEDED;
2373 arr[5] = 0xff;
2374 }
2375 return sizeof(ie_l_pg);
2376}
2377
2378#define SDEBUG_MAX_LSENSE_SZ 512
2379
2380static int resp_log_sense(struct scsi_cmnd *scp,
2381 struct sdebug_dev_info *devip)
2382{
2383 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2384 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2385 unsigned char *cmd = scp->cmnd;
2386
2387 memset(arr, 0, sizeof(arr));
2388 ppc = cmd[1] & 0x2;
2389 sp = cmd[1] & 0x1;
2390 if (ppc || sp) {
2391 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2392 return check_condition_result;
2393 }
2394 pcode = cmd[2] & 0x3f;
2395 subpcode = cmd[3] & 0xff;
2396 alloc_len = get_unaligned_be16(cmd + 7);
2397 arr[0] = pcode;
2398 if (0 == subpcode) {
2399 switch (pcode) {
2400 case 0x0: /* Supported log pages log page */
2401 n = 4;
2402 arr[n++] = 0x0; /* this page */
2403 arr[n++] = 0xd; /* Temperature */
2404 arr[n++] = 0x2f; /* Informational exceptions */
2405 arr[3] = n - 4;
2406 break;
2407 case 0xd: /* Temperature log page */
2408 arr[3] = resp_temp_l_pg(arr + 4);
2409 break;
2410 case 0x2f: /* Informational exceptions log page */
2411 arr[3] = resp_ie_l_pg(arr + 4);
2412 break;
2413 default:
2414 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2415 return check_condition_result;
2416 }
2417 } else if (0xff == subpcode) {
2418 arr[0] |= 0x40;
2419 arr[1] = subpcode;
2420 switch (pcode) {
2421 case 0x0: /* Supported log pages and subpages log page */
2422 n = 4;
2423 arr[n++] = 0x0;
2424 arr[n++] = 0x0; /* 0,0 page */
2425 arr[n++] = 0x0;
2426 arr[n++] = 0xff; /* this page */
2427 arr[n++] = 0xd;
2428 arr[n++] = 0x0; /* Temperature */
2429 arr[n++] = 0x2f;
2430 arr[n++] = 0x0; /* Informational exceptions */
2431 arr[3] = n - 4;
2432 break;
2433 case 0xd: /* Temperature subpages */
2434 n = 4;
2435 arr[n++] = 0xd;
2436 arr[n++] = 0x0; /* Temperature */
2437 arr[3] = n - 4;
2438 break;
2439 case 0x2f: /* Informational exceptions subpages */
2440 n = 4;
2441 arr[n++] = 0x2f;
2442 arr[n++] = 0x0; /* Informational exceptions */
2443 arr[3] = n - 4;
2444 break;
2445 default:
2446 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2447 return check_condition_result;
2448 }
2449 } else {
2450 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2451 return check_condition_result;
2452 }
2453 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2454 return fill_from_dev_buffer(scp, arr,
2455 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2456}
2457
2458static inline int check_device_access_params(struct scsi_cmnd *scp,
2459 unsigned long long lba, unsigned int num, bool write)
2460{
2461 if (lba + num > sdebug_capacity) {
2462 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2463 return check_condition_result;
2464 }
2465 /* transfer length excessive (tie in to block limits VPD page) */
2466 if (num > sdebug_store_sectors) {
2467 /* needs work to find which cdb byte 'num' comes from */
2468 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2469 return check_condition_result;
2470 }
2471 if (write && unlikely(sdebug_wp)) {
2472 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2473 return check_condition_result;
2474 }
2475 return 0;
2476}
2477
2478/* Returns number of bytes copied or -1 if error. */
2479static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2480 u32 num, bool do_write)
2481{
2482 int ret;
2483 u64 block, rest = 0;
2484 struct scsi_data_buffer *sdb = &scmd->sdb;
2485 enum dma_data_direction dir;
2486
2487 if (do_write) {
2488 dir = DMA_TO_DEVICE;
2489 write_since_sync = true;
2490 } else {
2491 dir = DMA_FROM_DEVICE;
2492 }
2493
2494 if (!sdb->length)
2495 return 0;
2496 if (scmd->sc_data_direction != dir)
2497 return -1;
2498
2499 block = do_div(lba, sdebug_store_sectors);
2500 if (block + num > sdebug_store_sectors)
2501 rest = block + num - sdebug_store_sectors;
2502
2503 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2504 fake_storep + (block * sdebug_sector_size),
2505 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2506 if (ret != (num - rest) * sdebug_sector_size)
2507 return ret;
2508
2509 if (rest) {
2510 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2511 fake_storep, rest * sdebug_sector_size,
2512 sg_skip + ((num - rest) * sdebug_sector_size),
2513 do_write);
2514 }
2515
2516 return ret;
2517}
2518
2519/* If lba2fake_store(lba,num) compares equal to arr(num), then copy top half of
2520 * arr into lba2fake_store(lba,num) and return true. If comparison fails then
2521 * return false. */
2522static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2523{
2524 bool res;
2525 u64 block, rest = 0;
2526 u32 store_blks = sdebug_store_sectors;
2527 u32 lb_size = sdebug_sector_size;
2528
2529 block = do_div(lba, store_blks);
2530 if (block + num > store_blks)
2531 rest = block + num - store_blks;
2532
2533 res = !memcmp(fake_storep + (block * lb_size), arr,
2534 (num - rest) * lb_size);
2535 if (!res)
2536 return res;
2537 if (rest)
2538 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2539 rest * lb_size);
2540 if (!res)
2541 return res;
2542 arr += num * lb_size;
2543 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2544 if (rest)
2545 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2546 rest * lb_size);
2547 return res;
2548}
2549
2550static __be16 dif_compute_csum(const void *buf, int len)
2551{
2552 __be16 csum;
2553
2554 if (sdebug_guard)
2555 csum = (__force __be16)ip_compute_csum(buf, len);
2556 else
2557 csum = cpu_to_be16(crc_t10dif(buf, len));
2558
2559 return csum;
2560}
2561
2562static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2563 sector_t sector, u32 ei_lba)
2564{
2565 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2566
2567 if (sdt->guard_tag != csum) {
2568 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2569 (unsigned long)sector,
2570 be16_to_cpu(sdt->guard_tag),
2571 be16_to_cpu(csum));
2572 return 0x01;
2573 }
2574 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2575 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2576 pr_err("REF check failed on sector %lu\n",
2577 (unsigned long)sector);
2578 return 0x03;
2579 }
2580 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2581 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2582 pr_err("REF check failed on sector %lu\n",
2583 (unsigned long)sector);
2584 return 0x03;
2585 }
2586 return 0;
2587}
2588
2589static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2590 unsigned int sectors, bool read)
2591{
2592 size_t resid;
2593 void *paddr;
2594 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2595 struct sg_mapping_iter miter;
2596
2597 /* Bytes of protection data to copy into sgl */
2598 resid = sectors * sizeof(*dif_storep);
2599
2600 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2601 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2602 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2603
2604 while (sg_miter_next(&miter) && resid > 0) {
2605 size_t len = min(miter.length, resid);
2606 void *start = dif_store(sector);
2607 size_t rest = 0;
2608
2609 if (dif_store_end < start + len)
2610 rest = start + len - dif_store_end;
2611
2612 paddr = miter.addr;
2613
2614 if (read)
2615 memcpy(paddr, start, len - rest);
2616 else
2617 memcpy(start, paddr, len - rest);
2618
2619 if (rest) {
2620 if (read)
2621 memcpy(paddr + len - rest, dif_storep, rest);
2622 else
2623 memcpy(dif_storep, paddr + len - rest, rest);
2624 }
2625
2626 sector += len / sizeof(*dif_storep);
2627 resid -= len;
2628 }
2629 sg_miter_stop(&miter);
2630}
2631
2632static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2633 unsigned int sectors, u32 ei_lba)
2634{
2635 unsigned int i;
2636 struct t10_pi_tuple *sdt;
2637 sector_t sector;
2638
2639 for (i = 0; i < sectors; i++, ei_lba++) {
2640 int ret;
2641
2642 sector = start_sec + i;
2643 sdt = dif_store(sector);
2644
2645 if (sdt->app_tag == cpu_to_be16(0xffff))
2646 continue;
2647
2648 ret = dif_verify(sdt, lba2fake_store(sector), sector, ei_lba);
2649 if (ret) {
2650 dif_errors++;
2651 return ret;
2652 }
2653 }
2654
2655 dif_copy_prot(SCpnt, start_sec, sectors, true);
2656 dix_reads++;
2657
2658 return 0;
2659}
2660
2661static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2662{
2663 u8 *cmd = scp->cmnd;
2664 struct sdebug_queued_cmd *sqcp;
2665 u64 lba;
2666 u32 num;
2667 u32 ei_lba;
2668 unsigned long iflags;
2669 int ret;
2670 bool check_prot;
2671
2672 switch (cmd[0]) {
2673 case READ_16:
2674 ei_lba = 0;
2675 lba = get_unaligned_be64(cmd + 2);
2676 num = get_unaligned_be32(cmd + 10);
2677 check_prot = true;
2678 break;
2679 case READ_10:
2680 ei_lba = 0;
2681 lba = get_unaligned_be32(cmd + 2);
2682 num = get_unaligned_be16(cmd + 7);
2683 check_prot = true;
2684 break;
2685 case READ_6:
2686 ei_lba = 0;
2687 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2688 (u32)(cmd[1] & 0x1f) << 16;
2689 num = (0 == cmd[4]) ? 256 : cmd[4];
2690 check_prot = true;
2691 break;
2692 case READ_12:
2693 ei_lba = 0;
2694 lba = get_unaligned_be32(cmd + 2);
2695 num = get_unaligned_be32(cmd + 6);
2696 check_prot = true;
2697 break;
2698 case XDWRITEREAD_10:
2699 ei_lba = 0;
2700 lba = get_unaligned_be32(cmd + 2);
2701 num = get_unaligned_be16(cmd + 7);
2702 check_prot = false;
2703 break;
2704 default: /* assume READ(32) */
2705 lba = get_unaligned_be64(cmd + 12);
2706 ei_lba = get_unaligned_be32(cmd + 20);
2707 num = get_unaligned_be32(cmd + 28);
2708 check_prot = false;
2709 break;
2710 }
2711 if (unlikely(have_dif_prot && check_prot)) {
2712 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2713 (cmd[1] & 0xe0)) {
2714 mk_sense_invalid_opcode(scp);
2715 return check_condition_result;
2716 }
2717 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2718 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2719 (cmd[1] & 0xe0) == 0)
2720 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2721 "to DIF device\n");
2722 }
2723 if (unlikely(sdebug_any_injecting_opt)) {
2724 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2725
2726 if (sqcp) {
2727 if (sqcp->inj_short)
2728 num /= 2;
2729 }
2730 } else
2731 sqcp = NULL;
2732
2733 ret = check_device_access_params(scp, lba, num, false);
2734 if (ret)
2735 return ret;
2736 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2737 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2738 ((lba + num) > sdebug_medium_error_start))) {
2739 /* claim unrecoverable read error */
2740 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2741 /* set info field and valid bit for fixed descriptor */
2742 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2743 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2744 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2745 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2746 put_unaligned_be32(ret, scp->sense_buffer + 3);
2747 }
2748 scsi_set_resid(scp, scsi_bufflen(scp));
2749 return check_condition_result;
2750 }
2751
2752 read_lock_irqsave(&atomic_rw, iflags);
2753
2754 /* DIX + T10 DIF */
2755 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2756 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2757
2758 if (prot_ret) {
2759 read_unlock_irqrestore(&atomic_rw, iflags);
2760 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2761 return illegal_condition_result;
2762 }
2763 }
2764
2765 ret = do_device_access(scp, 0, lba, num, false);
2766 read_unlock_irqrestore(&atomic_rw, iflags);
2767 if (unlikely(ret == -1))
2768 return DID_ERROR << 16;
2769
2770 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
2771
2772 if (unlikely(sqcp)) {
2773 if (sqcp->inj_recovered) {
2774 mk_sense_buffer(scp, RECOVERED_ERROR,
2775 THRESHOLD_EXCEEDED, 0);
2776 return check_condition_result;
2777 } else if (sqcp->inj_transport) {
2778 mk_sense_buffer(scp, ABORTED_COMMAND,
2779 TRANSPORT_PROBLEM, ACK_NAK_TO);
2780 return check_condition_result;
2781 } else if (sqcp->inj_dif) {
2782 /* Logical block guard check failed */
2783 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2784 return illegal_condition_result;
2785 } else if (sqcp->inj_dix) {
2786 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2787 return illegal_condition_result;
2788 }
2789 }
2790 return 0;
2791}
2792
2793static void dump_sector(unsigned char *buf, int len)
2794{
2795 int i, j, n;
2796
2797 pr_err(">>> Sector Dump <<<\n");
2798 for (i = 0 ; i < len ; i += 16) {
2799 char b[128];
2800
2801 for (j = 0, n = 0; j < 16; j++) {
2802 unsigned char c = buf[i+j];
2803
2804 if (c >= 0x20 && c < 0x7e)
2805 n += scnprintf(b + n, sizeof(b) - n,
2806 " %c ", buf[i+j]);
2807 else
2808 n += scnprintf(b + n, sizeof(b) - n,
2809 "%02x ", buf[i+j]);
2810 }
2811 pr_err("%04d: %s\n", i, b);
2812 }
2813}
2814
2815static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2816 unsigned int sectors, u32 ei_lba)
2817{
2818 int ret;
2819 struct t10_pi_tuple *sdt;
2820 void *daddr;
2821 sector_t sector = start_sec;
2822 int ppage_offset;
2823 int dpage_offset;
2824 struct sg_mapping_iter diter;
2825 struct sg_mapping_iter piter;
2826
2827 BUG_ON(scsi_sg_count(SCpnt) == 0);
2828 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2829
2830 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2831 scsi_prot_sg_count(SCpnt),
2832 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2833 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2834 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2835
2836 /* For each protection page */
2837 while (sg_miter_next(&piter)) {
2838 dpage_offset = 0;
2839 if (WARN_ON(!sg_miter_next(&diter))) {
2840 ret = 0x01;
2841 goto out;
2842 }
2843
2844 for (ppage_offset = 0; ppage_offset < piter.length;
2845 ppage_offset += sizeof(struct t10_pi_tuple)) {
2846 /* If we're at the end of the current
2847 * data page advance to the next one
2848 */
2849 if (dpage_offset >= diter.length) {
2850 if (WARN_ON(!sg_miter_next(&diter))) {
2851 ret = 0x01;
2852 goto out;
2853 }
2854 dpage_offset = 0;
2855 }
2856
2857 sdt = piter.addr + ppage_offset;
2858 daddr = diter.addr + dpage_offset;
2859
2860 ret = dif_verify(sdt, daddr, sector, ei_lba);
2861 if (ret) {
2862 dump_sector(daddr, sdebug_sector_size);
2863 goto out;
2864 }
2865
2866 sector++;
2867 ei_lba++;
2868 dpage_offset += sdebug_sector_size;
2869 }
2870 diter.consumed = dpage_offset;
2871 sg_miter_stop(&diter);
2872 }
2873 sg_miter_stop(&piter);
2874
2875 dif_copy_prot(SCpnt, start_sec, sectors, false);
2876 dix_writes++;
2877
2878 return 0;
2879
2880out:
2881 dif_errors++;
2882 sg_miter_stop(&diter);
2883 sg_miter_stop(&piter);
2884 return ret;
2885}
2886
2887static unsigned long lba_to_map_index(sector_t lba)
2888{
2889 if (sdebug_unmap_alignment)
2890 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2891 sector_div(lba, sdebug_unmap_granularity);
2892 return lba;
2893}
2894
2895static sector_t map_index_to_lba(unsigned long index)
2896{
2897 sector_t lba = index * sdebug_unmap_granularity;
2898
2899 if (sdebug_unmap_alignment)
2900 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2901 return lba;
2902}
2903
2904static unsigned int map_state(sector_t lba, unsigned int *num)
2905{
2906 sector_t end;
2907 unsigned int mapped;
2908 unsigned long index;
2909 unsigned long next;
2910
2911 index = lba_to_map_index(lba);
2912 mapped = test_bit(index, map_storep);
2913
2914 if (mapped)
2915 next = find_next_zero_bit(map_storep, map_size, index);
2916 else
2917 next = find_next_bit(map_storep, map_size, index);
2918
2919 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2920 *num = end - lba;
2921 return mapped;
2922}
2923
2924static void map_region(sector_t lba, unsigned int len)
2925{
2926 sector_t end = lba + len;
2927
2928 while (lba < end) {
2929 unsigned long index = lba_to_map_index(lba);
2930
2931 if (index < map_size)
2932 set_bit(index, map_storep);
2933
2934 lba = map_index_to_lba(index + 1);
2935 }
2936}
2937
2938static void unmap_region(sector_t lba, unsigned int len)
2939{
2940 sector_t end = lba + len;
2941
2942 while (lba < end) {
2943 unsigned long index = lba_to_map_index(lba);
2944
2945 if (lba == map_index_to_lba(index) &&
2946 lba + sdebug_unmap_granularity <= end &&
2947 index < map_size) {
2948 clear_bit(index, map_storep);
2949 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2950 memset(fake_storep +
2951 lba * sdebug_sector_size,
2952 (sdebug_lbprz & 1) ? 0 : 0xff,
2953 sdebug_sector_size *
2954 sdebug_unmap_granularity);
2955 }
2956 if (dif_storep) {
2957 memset(dif_storep + lba, 0xff,
2958 sizeof(*dif_storep) *
2959 sdebug_unmap_granularity);
2960 }
2961 }
2962 lba = map_index_to_lba(index + 1);
2963 }
2964}
2965
2966static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2967{
2968 u8 *cmd = scp->cmnd;
2969 u64 lba;
2970 u32 num;
2971 u32 ei_lba;
2972 unsigned long iflags;
2973 int ret;
2974 bool check_prot;
2975
2976 switch (cmd[0]) {
2977 case WRITE_16:
2978 ei_lba = 0;
2979 lba = get_unaligned_be64(cmd + 2);
2980 num = get_unaligned_be32(cmd + 10);
2981 check_prot = true;
2982 break;
2983 case WRITE_10:
2984 ei_lba = 0;
2985 lba = get_unaligned_be32(cmd + 2);
2986 num = get_unaligned_be16(cmd + 7);
2987 check_prot = true;
2988 break;
2989 case WRITE_6:
2990 ei_lba = 0;
2991 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2992 (u32)(cmd[1] & 0x1f) << 16;
2993 num = (0 == cmd[4]) ? 256 : cmd[4];
2994 check_prot = true;
2995 break;
2996 case WRITE_12:
2997 ei_lba = 0;
2998 lba = get_unaligned_be32(cmd + 2);
2999 num = get_unaligned_be32(cmd + 6);
3000 check_prot = true;
3001 break;
3002 case 0x53: /* XDWRITEREAD(10) */
3003 ei_lba = 0;
3004 lba = get_unaligned_be32(cmd + 2);
3005 num = get_unaligned_be16(cmd + 7);
3006 check_prot = false;
3007 break;
3008 default: /* assume WRITE(32) */
3009 lba = get_unaligned_be64(cmd + 12);
3010 ei_lba = get_unaligned_be32(cmd + 20);
3011 num = get_unaligned_be32(cmd + 28);
3012 check_prot = false;
3013 break;
3014 }
3015 if (unlikely(have_dif_prot && check_prot)) {
3016 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3017 (cmd[1] & 0xe0)) {
3018 mk_sense_invalid_opcode(scp);
3019 return check_condition_result;
3020 }
3021 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3022 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3023 (cmd[1] & 0xe0) == 0)
3024 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3025 "to DIF device\n");
3026 }
3027 ret = check_device_access_params(scp, lba, num, true);
3028 if (ret)
3029 return ret;
3030 write_lock_irqsave(&atomic_rw, iflags);
3031
3032 /* DIX + T10 DIF */
3033 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3034 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3035
3036 if (prot_ret) {
3037 write_unlock_irqrestore(&atomic_rw, iflags);
3038 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3039 return illegal_condition_result;
3040 }
3041 }
3042
3043 ret = do_device_access(scp, 0, lba, num, true);
3044 if (unlikely(scsi_debug_lbp()))
3045 map_region(lba, num);
3046 write_unlock_irqrestore(&atomic_rw, iflags);
3047 if (unlikely(-1 == ret))
3048 return DID_ERROR << 16;
3049 else if (unlikely(sdebug_verbose &&
3050 (ret < (num * sdebug_sector_size))))
3051 sdev_printk(KERN_INFO, scp->device,
3052 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3053 my_name, num * sdebug_sector_size, ret);
3054
3055 if (unlikely(sdebug_any_injecting_opt)) {
3056 struct sdebug_queued_cmd *sqcp =
3057 (struct sdebug_queued_cmd *)scp->host_scribble;
3058
3059 if (sqcp) {
3060 if (sqcp->inj_recovered) {
3061 mk_sense_buffer(scp, RECOVERED_ERROR,
3062 THRESHOLD_EXCEEDED, 0);
3063 return check_condition_result;
3064 } else if (sqcp->inj_dif) {
3065 /* Logical block guard check failed */
3066 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3067 return illegal_condition_result;
3068 } else if (sqcp->inj_dix) {
3069 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3070 return illegal_condition_result;
3071 }
3072 }
3073 }
3074 return 0;
3075}
3076
3077/*
3078 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3079 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3080 */
3081static int resp_write_scat(struct scsi_cmnd *scp,
3082 struct sdebug_dev_info *devip)
3083{
3084 u8 *cmd = scp->cmnd;
3085 u8 *lrdp = NULL;
3086 u8 *up;
3087 u8 wrprotect;
3088 u16 lbdof, num_lrd, k;
3089 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3090 u32 lb_size = sdebug_sector_size;
3091 u32 ei_lba;
3092 u64 lba;
3093 unsigned long iflags;
3094 int ret, res;
3095 bool is_16;
3096 static const u32 lrd_size = 32; /* + parameter list header size */
3097
3098 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3099 is_16 = false;
3100 wrprotect = (cmd[10] >> 5) & 0x7;
3101 lbdof = get_unaligned_be16(cmd + 12);
3102 num_lrd = get_unaligned_be16(cmd + 16);
3103 bt_len = get_unaligned_be32(cmd + 28);
3104 } else { /* that leaves WRITE SCATTERED(16) */
3105 is_16 = true;
3106 wrprotect = (cmd[2] >> 5) & 0x7;
3107 lbdof = get_unaligned_be16(cmd + 4);
3108 num_lrd = get_unaligned_be16(cmd + 8);
3109 bt_len = get_unaligned_be32(cmd + 10);
3110 if (unlikely(have_dif_prot)) {
3111 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3112 wrprotect) {
3113 mk_sense_invalid_opcode(scp);
3114 return illegal_condition_result;
3115 }
3116 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3117 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3118 wrprotect == 0)
3119 sdev_printk(KERN_ERR, scp->device,
3120 "Unprotected WR to DIF device\n");
3121 }
3122 }
3123 if ((num_lrd == 0) || (bt_len == 0))
3124 return 0; /* T10 says these do-nothings are not errors */
3125 if (lbdof == 0) {
3126 if (sdebug_verbose)
3127 sdev_printk(KERN_INFO, scp->device,
3128 "%s: %s: LB Data Offset field bad\n",
3129 my_name, __func__);
3130 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3131 return illegal_condition_result;
3132 }
3133 lbdof_blen = lbdof * lb_size;
3134 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3135 if (sdebug_verbose)
3136 sdev_printk(KERN_INFO, scp->device,
3137 "%s: %s: LBA range descriptors don't fit\n",
3138 my_name, __func__);
3139 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3140 return illegal_condition_result;
3141 }
3142 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3143 if (lrdp == NULL)
3144 return SCSI_MLQUEUE_HOST_BUSY;
3145 if (sdebug_verbose)
3146 sdev_printk(KERN_INFO, scp->device,
3147 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3148 my_name, __func__, lbdof_blen);
3149 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3150 if (res == -1) {
3151 ret = DID_ERROR << 16;
3152 goto err_out;
3153 }
3154
3155 write_lock_irqsave(&atomic_rw, iflags);
3156 sg_off = lbdof_blen;
3157 /* Spec says Buffer xfer Length field in number of LBs in dout */
3158 cum_lb = 0;
3159 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3160 lba = get_unaligned_be64(up + 0);
3161 num = get_unaligned_be32(up + 8);
3162 if (sdebug_verbose)
3163 sdev_printk(KERN_INFO, scp->device,
3164 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3165 my_name, __func__, k, lba, num, sg_off);
3166 if (num == 0)
3167 continue;
3168 ret = check_device_access_params(scp, lba, num, true);
3169 if (ret)
3170 goto err_out_unlock;
3171 num_by = num * lb_size;
3172 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3173
3174 if ((cum_lb + num) > bt_len) {
3175 if (sdebug_verbose)
3176 sdev_printk(KERN_INFO, scp->device,
3177 "%s: %s: sum of blocks > data provided\n",
3178 my_name, __func__);
3179 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3180 0);
3181 ret = illegal_condition_result;
3182 goto err_out_unlock;
3183 }
3184
3185 /* DIX + T10 DIF */
3186 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3187 int prot_ret = prot_verify_write(scp, lba, num,
3188 ei_lba);
3189
3190 if (prot_ret) {
3191 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3192 prot_ret);
3193 ret = illegal_condition_result;
3194 goto err_out_unlock;
3195 }
3196 }
3197
3198 ret = do_device_access(scp, sg_off, lba, num, true);
3199 if (unlikely(scsi_debug_lbp()))
3200 map_region(lba, num);
3201 if (unlikely(-1 == ret)) {
3202 ret = DID_ERROR << 16;
3203 goto err_out_unlock;
3204 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3205 sdev_printk(KERN_INFO, scp->device,
3206 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3207 my_name, num_by, ret);
3208
3209 if (unlikely(sdebug_any_injecting_opt)) {
3210 struct sdebug_queued_cmd *sqcp =
3211 (struct sdebug_queued_cmd *)scp->host_scribble;
3212
3213 if (sqcp) {
3214 if (sqcp->inj_recovered) {
3215 mk_sense_buffer(scp, RECOVERED_ERROR,
3216 THRESHOLD_EXCEEDED, 0);
3217 ret = illegal_condition_result;
3218 goto err_out_unlock;
3219 } else if (sqcp->inj_dif) {
3220 /* Logical block guard check failed */
3221 mk_sense_buffer(scp, ABORTED_COMMAND,
3222 0x10, 1);
3223 ret = illegal_condition_result;
3224 goto err_out_unlock;
3225 } else if (sqcp->inj_dix) {
3226 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3227 0x10, 1);
3228 ret = illegal_condition_result;
3229 goto err_out_unlock;
3230 }
3231 }
3232 }
3233 sg_off += num_by;
3234 cum_lb += num;
3235 }
3236 ret = 0;
3237err_out_unlock:
3238 write_unlock_irqrestore(&atomic_rw, iflags);
3239err_out:
3240 kfree(lrdp);
3241 return ret;
3242}
3243
3244static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3245 u32 ei_lba, bool unmap, bool ndob)
3246{
3247 int ret;
3248 unsigned long iflags;
3249 unsigned long long i;
3250 u32 lb_size = sdebug_sector_size;
3251 u64 block, lbaa;
3252 u8 *fs1p;
3253
3254 ret = check_device_access_params(scp, lba, num, true);
3255 if (ret)
3256 return ret;
3257
3258 write_lock_irqsave(&atomic_rw, iflags);
3259
3260 if (unmap && scsi_debug_lbp()) {
3261 unmap_region(lba, num);
3262 goto out;
3263 }
3264 lbaa = lba;
3265 block = do_div(lbaa, sdebug_store_sectors);
3266 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3267 fs1p = fake_storep + (block * lb_size);
3268 if (ndob) {
3269 memset(fs1p, 0, lb_size);
3270 ret = 0;
3271 } else
3272 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3273
3274 if (-1 == ret) {
3275 write_unlock_irqrestore(&atomic_rw, iflags);
3276 return DID_ERROR << 16;
3277 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3278 sdev_printk(KERN_INFO, scp->device,
3279 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3280 my_name, "write same", lb_size, ret);
3281
3282 /* Copy first sector to remaining blocks */
3283 for (i = 1 ; i < num ; i++) {
3284 lbaa = lba + i;
3285 block = do_div(lbaa, sdebug_store_sectors);
3286 memmove(fake_storep + (block * lb_size), fs1p, lb_size);
3287 }
3288 if (scsi_debug_lbp())
3289 map_region(lba, num);
3290out:
3291 write_unlock_irqrestore(&atomic_rw, iflags);
3292
3293 return 0;
3294}
3295
3296static int resp_write_same_10(struct scsi_cmnd *scp,
3297 struct sdebug_dev_info *devip)
3298{
3299 u8 *cmd = scp->cmnd;
3300 u32 lba;
3301 u16 num;
3302 u32 ei_lba = 0;
3303 bool unmap = false;
3304
3305 if (cmd[1] & 0x8) {
3306 if (sdebug_lbpws10 == 0) {
3307 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3308 return check_condition_result;
3309 } else
3310 unmap = true;
3311 }
3312 lba = get_unaligned_be32(cmd + 2);
3313 num = get_unaligned_be16(cmd + 7);
3314 if (num > sdebug_write_same_length) {
3315 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3316 return check_condition_result;
3317 }
3318 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3319}
3320
3321static int resp_write_same_16(struct scsi_cmnd *scp,
3322 struct sdebug_dev_info *devip)
3323{
3324 u8 *cmd = scp->cmnd;
3325 u64 lba;
3326 u32 num;
3327 u32 ei_lba = 0;
3328 bool unmap = false;
3329 bool ndob = false;
3330
3331 if (cmd[1] & 0x8) { /* UNMAP */
3332 if (sdebug_lbpws == 0) {
3333 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3334 return check_condition_result;
3335 } else
3336 unmap = true;
3337 }
3338 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3339 ndob = true;
3340 lba = get_unaligned_be64(cmd + 2);
3341 num = get_unaligned_be32(cmd + 10);
3342 if (num > sdebug_write_same_length) {
3343 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3344 return check_condition_result;
3345 }
3346 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3347}
3348
3349/* Note the mode field is in the same position as the (lower) service action
3350 * field. For the Report supported operation codes command, SPC-4 suggests
3351 * each mode of this command should be reported separately; for future. */
3352static int resp_write_buffer(struct scsi_cmnd *scp,
3353 struct sdebug_dev_info *devip)
3354{
3355 u8 *cmd = scp->cmnd;
3356 struct scsi_device *sdp = scp->device;
3357 struct sdebug_dev_info *dp;
3358 u8 mode;
3359
3360 mode = cmd[1] & 0x1f;
3361 switch (mode) {
3362 case 0x4: /* download microcode (MC) and activate (ACT) */
3363 /* set UAs on this device only */
3364 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3365 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3366 break;
3367 case 0x5: /* download MC, save and ACT */
3368 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3369 break;
3370 case 0x6: /* download MC with offsets and ACT */
3371 /* set UAs on most devices (LUs) in this target */
3372 list_for_each_entry(dp,
3373 &devip->sdbg_host->dev_info_list,
3374 dev_list)
3375 if (dp->target == sdp->id) {
3376 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3377 if (devip != dp)
3378 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3379 dp->uas_bm);
3380 }
3381 break;
3382 case 0x7: /* download MC with offsets, save, and ACT */
3383 /* set UA on all devices (LUs) in this target */
3384 list_for_each_entry(dp,
3385 &devip->sdbg_host->dev_info_list,
3386 dev_list)
3387 if (dp->target == sdp->id)
3388 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3389 dp->uas_bm);
3390 break;
3391 default:
3392 /* do nothing for this command for other mode values */
3393 break;
3394 }
3395 return 0;
3396}
3397
3398static int resp_comp_write(struct scsi_cmnd *scp,
3399 struct sdebug_dev_info *devip)
3400{
3401 u8 *cmd = scp->cmnd;
3402 u8 *arr;
3403 u8 *fake_storep_hold;
3404 u64 lba;
3405 u32 dnum;
3406 u32 lb_size = sdebug_sector_size;
3407 u8 num;
3408 unsigned long iflags;
3409 int ret;
3410 int retval = 0;
3411
3412 lba = get_unaligned_be64(cmd + 2);
3413 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3414 if (0 == num)
3415 return 0; /* degenerate case, not an error */
3416 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3417 (cmd[1] & 0xe0)) {
3418 mk_sense_invalid_opcode(scp);
3419 return check_condition_result;
3420 }
3421 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3422 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3423 (cmd[1] & 0xe0) == 0)
3424 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3425 "to DIF device\n");
3426 ret = check_device_access_params(scp, lba, num, false);
3427 if (ret)
3428 return ret;
3429 dnum = 2 * num;
3430 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3431 if (NULL == arr) {
3432 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3433 INSUFF_RES_ASCQ);
3434 return check_condition_result;
3435 }
3436
3437 write_lock_irqsave(&atomic_rw, iflags);
3438
3439 /* trick do_device_access() to fetch both compare and write buffers
3440 * from data-in into arr. Safe (atomic) since write_lock held. */
3441 fake_storep_hold = fake_storep;
3442 fake_storep = arr;
3443 ret = do_device_access(scp, 0, 0, dnum, true);
3444 fake_storep = fake_storep_hold;
3445 if (ret == -1) {
3446 retval = DID_ERROR << 16;
3447 goto cleanup;
3448 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3449 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3450 "indicated=%u, IO sent=%d bytes\n", my_name,
3451 dnum * lb_size, ret);
3452 if (!comp_write_worker(lba, num, arr)) {
3453 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3454 retval = check_condition_result;
3455 goto cleanup;
3456 }
3457 if (scsi_debug_lbp())
3458 map_region(lba, num);
3459cleanup:
3460 write_unlock_irqrestore(&atomic_rw, iflags);
3461 kfree(arr);
3462 return retval;
3463}
3464
3465struct unmap_block_desc {
3466 __be64 lba;
3467 __be32 blocks;
3468 __be32 __reserved;
3469};
3470
3471static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3472{
3473 unsigned char *buf;
3474 struct unmap_block_desc *desc;
3475 unsigned int i, payload_len, descriptors;
3476 int ret;
3477 unsigned long iflags;
3478
3479
3480 if (!scsi_debug_lbp())
3481 return 0; /* fib and say its done */
3482 payload_len = get_unaligned_be16(scp->cmnd + 7);
3483 BUG_ON(scsi_bufflen(scp) != payload_len);
3484
3485 descriptors = (payload_len - 8) / 16;
3486 if (descriptors > sdebug_unmap_max_desc) {
3487 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3488 return check_condition_result;
3489 }
3490
3491 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3492 if (!buf) {
3493 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3494 INSUFF_RES_ASCQ);
3495 return check_condition_result;
3496 }
3497
3498 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3499
3500 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3501 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3502
3503 desc = (void *)&buf[8];
3504
3505 write_lock_irqsave(&atomic_rw, iflags);
3506
3507 for (i = 0 ; i < descriptors ; i++) {
3508 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3509 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3510
3511 ret = check_device_access_params(scp, lba, num, true);
3512 if (ret)
3513 goto out;
3514
3515 unmap_region(lba, num);
3516 }
3517
3518 ret = 0;
3519
3520out:
3521 write_unlock_irqrestore(&atomic_rw, iflags);
3522 kfree(buf);
3523
3524 return ret;
3525}
3526
3527#define SDEBUG_GET_LBA_STATUS_LEN 32
3528
3529static int resp_get_lba_status(struct scsi_cmnd *scp,
3530 struct sdebug_dev_info *devip)
3531{
3532 u8 *cmd = scp->cmnd;
3533 u64 lba;
3534 u32 alloc_len, mapped, num;
3535 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3536 int ret;
3537
3538 lba = get_unaligned_be64(cmd + 2);
3539 alloc_len = get_unaligned_be32(cmd + 10);
3540
3541 if (alloc_len < 24)
3542 return 0;
3543
3544 ret = check_device_access_params(scp, lba, 1, false);
3545 if (ret)
3546 return ret;
3547
3548 if (scsi_debug_lbp())
3549 mapped = map_state(lba, &num);
3550 else {
3551 mapped = 1;
3552 /* following just in case virtual_gb changed */
3553 sdebug_capacity = get_sdebug_capacity();
3554 if (sdebug_capacity - lba <= 0xffffffff)
3555 num = sdebug_capacity - lba;
3556 else
3557 num = 0xffffffff;
3558 }
3559
3560 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3561 put_unaligned_be32(20, arr); /* Parameter Data Length */
3562 put_unaligned_be64(lba, arr + 8); /* LBA */
3563 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3564 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3565
3566 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3567}
3568
3569static int resp_sync_cache(struct scsi_cmnd *scp,
3570 struct sdebug_dev_info *devip)
3571{
3572 int res = 0;
3573 u64 lba;
3574 u32 num_blocks;
3575 u8 *cmd = scp->cmnd;
3576
3577 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3578 lba = get_unaligned_be32(cmd + 2);
3579 num_blocks = get_unaligned_be16(cmd + 7);
3580 } else { /* SYNCHRONIZE_CACHE(16) */
3581 lba = get_unaligned_be64(cmd + 2);
3582 num_blocks = get_unaligned_be32(cmd + 10);
3583 }
3584 if (lba + num_blocks > sdebug_capacity) {
3585 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3586 return check_condition_result;
3587 }
3588 if (!write_since_sync || cmd[1] & 0x2)
3589 res = SDEG_RES_IMMED_MASK;
3590 else /* delay if write_since_sync and IMMED clear */
3591 write_since_sync = false;
3592 return res;
3593}
3594
3595#define RL_BUCKET_ELEMS 8
3596
3597/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3598 * (W-LUN), the normal Linux scanning logic does not associate it with a
3599 * device (e.g. /dev/sg7). The following magic will make that association:
3600 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3601 * where <n> is a host number. If there are multiple targets in a host then
3602 * the above will associate a W-LUN to each target. To only get a W-LUN
3603 * for target 2, then use "echo '- 2 49409' > scan" .
3604 */
3605static int resp_report_luns(struct scsi_cmnd *scp,
3606 struct sdebug_dev_info *devip)
3607{
3608 unsigned char *cmd = scp->cmnd;
3609 unsigned int alloc_len;
3610 unsigned char select_report;
3611 u64 lun;
3612 struct scsi_lun *lun_p;
3613 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3614 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3615 unsigned int wlun_cnt; /* report luns W-LUN count */
3616 unsigned int tlun_cnt; /* total LUN count */
3617 unsigned int rlen; /* response length (in bytes) */
3618 int k, j, n, res;
3619 unsigned int off_rsp = 0;
3620 const int sz_lun = sizeof(struct scsi_lun);
3621
3622 clear_luns_changed_on_target(devip);
3623
3624 select_report = cmd[2];
3625 alloc_len = get_unaligned_be32(cmd + 6);
3626
3627 if (alloc_len < 4) {
3628 pr_err("alloc len too small %d\n", alloc_len);
3629 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3630 return check_condition_result;
3631 }
3632
3633 switch (select_report) {
3634 case 0: /* all LUNs apart from W-LUNs */
3635 lun_cnt = sdebug_max_luns;
3636 wlun_cnt = 0;
3637 break;
3638 case 1: /* only W-LUNs */
3639 lun_cnt = 0;
3640 wlun_cnt = 1;
3641 break;
3642 case 2: /* all LUNs */
3643 lun_cnt = sdebug_max_luns;
3644 wlun_cnt = 1;
3645 break;
3646 case 0x10: /* only administrative LUs */
3647 case 0x11: /* see SPC-5 */
3648 case 0x12: /* only subsiduary LUs owned by referenced LU */
3649 default:
3650 pr_debug("select report invalid %d\n", select_report);
3651 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3652 return check_condition_result;
3653 }
3654
3655 if (sdebug_no_lun_0 && (lun_cnt > 0))
3656 --lun_cnt;
3657
3658 tlun_cnt = lun_cnt + wlun_cnt;
3659 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3660 scsi_set_resid(scp, scsi_bufflen(scp));
3661 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3662 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3663
3664 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3665 lun = sdebug_no_lun_0 ? 1 : 0;
3666 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3667 memset(arr, 0, sizeof(arr));
3668 lun_p = (struct scsi_lun *)&arr[0];
3669 if (k == 0) {
3670 put_unaligned_be32(rlen, &arr[0]);
3671 ++lun_p;
3672 j = 1;
3673 }
3674 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3675 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3676 break;
3677 int_to_scsilun(lun++, lun_p);
3678 }
3679 if (j < RL_BUCKET_ELEMS)
3680 break;
3681 n = j * sz_lun;
3682 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3683 if (res)
3684 return res;
3685 off_rsp += n;
3686 }
3687 if (wlun_cnt) {
3688 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3689 ++j;
3690 }
3691 if (j > 0)
3692 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3693 return res;
3694}
3695
3696static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3697{
3698 u32 tag = blk_mq_unique_tag(cmnd->request);
3699 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3700
3701 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3702 if (WARN_ON_ONCE(hwq >= submit_queues))
3703 hwq = 0;
3704 return sdebug_q_arr + hwq;
3705}
3706
3707/* Queued (deferred) command completions converge here. */
3708static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3709{
3710 bool aborted = sd_dp->aborted;
3711 int qc_idx;
3712 int retiring = 0;
3713 unsigned long iflags;
3714 struct sdebug_queue *sqp;
3715 struct sdebug_queued_cmd *sqcp;
3716 struct scsi_cmnd *scp;
3717 struct sdebug_dev_info *devip;
3718
3719 sd_dp->defer_t = SDEB_DEFER_NONE;
3720 if (unlikely(aborted))
3721 sd_dp->aborted = false;
3722 qc_idx = sd_dp->qc_idx;
3723 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3724 if (sdebug_statistics) {
3725 atomic_inc(&sdebug_completions);
3726 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3727 atomic_inc(&sdebug_miss_cpus);
3728 }
3729 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3730 pr_err("wild qc_idx=%d\n", qc_idx);
3731 return;
3732 }
3733 spin_lock_irqsave(&sqp->qc_lock, iflags);
3734 sqcp = &sqp->qc_arr[qc_idx];
3735 scp = sqcp->a_cmnd;
3736 if (unlikely(scp == NULL)) {
3737 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3738 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3739 sd_dp->sqa_idx, qc_idx);
3740 return;
3741 }
3742 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3743 if (likely(devip))
3744 atomic_dec(&devip->num_in_q);
3745 else
3746 pr_err("devip=NULL\n");
3747 if (unlikely(atomic_read(&retired_max_queue) > 0))
3748 retiring = 1;
3749
3750 sqcp->a_cmnd = NULL;
3751 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3752 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3753 pr_err("Unexpected completion\n");
3754 return;
3755 }
3756
3757 if (unlikely(retiring)) { /* user has reduced max_queue */
3758 int k, retval;
3759
3760 retval = atomic_read(&retired_max_queue);
3761 if (qc_idx >= retval) {
3762 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3763 pr_err("index %d too large\n", retval);
3764 return;
3765 }
3766 k = find_last_bit(sqp->in_use_bm, retval);
3767 if ((k < sdebug_max_queue) || (k == retval))
3768 atomic_set(&retired_max_queue, 0);
3769 else
3770 atomic_set(&retired_max_queue, k + 1);
3771 }
3772 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3773 if (unlikely(aborted)) {
3774 if (sdebug_verbose)
3775 pr_info("bypassing scsi_done() due to aborted cmd\n");
3776 return;
3777 }
3778 scp->scsi_done(scp); /* callback to mid level */
3779}
3780
3781/* When high resolution timer goes off this function is called. */
3782static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3783{
3784 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3785 hrt);
3786 sdebug_q_cmd_complete(sd_dp);
3787 return HRTIMER_NORESTART;
3788}
3789
3790/* When work queue schedules work, it calls this function. */
3791static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3792{
3793 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3794 ew.work);
3795 sdebug_q_cmd_complete(sd_dp);
3796}
3797
3798static bool got_shared_uuid;
3799static uuid_t shared_uuid;
3800
3801static struct sdebug_dev_info *sdebug_device_create(
3802 struct sdebug_host_info *sdbg_host, gfp_t flags)
3803{
3804 struct sdebug_dev_info *devip;
3805
3806 devip = kzalloc(sizeof(*devip), flags);
3807 if (devip) {
3808 if (sdebug_uuid_ctl == 1)
3809 uuid_gen(&devip->lu_name);
3810 else if (sdebug_uuid_ctl == 2) {
3811 if (got_shared_uuid)
3812 devip->lu_name = shared_uuid;
3813 else {
3814 uuid_gen(&shared_uuid);
3815 got_shared_uuid = true;
3816 devip->lu_name = shared_uuid;
3817 }
3818 }
3819 devip->sdbg_host = sdbg_host;
3820 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3821 }
3822 return devip;
3823}
3824
3825static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3826{
3827 struct sdebug_host_info *sdbg_host;
3828 struct sdebug_dev_info *open_devip = NULL;
3829 struct sdebug_dev_info *devip;
3830
3831 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3832 if (!sdbg_host) {
3833 pr_err("Host info NULL\n");
3834 return NULL;
3835 }
3836 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3837 if ((devip->used) && (devip->channel == sdev->channel) &&
3838 (devip->target == sdev->id) &&
3839 (devip->lun == sdev->lun))
3840 return devip;
3841 else {
3842 if ((!devip->used) && (!open_devip))
3843 open_devip = devip;
3844 }
3845 }
3846 if (!open_devip) { /* try and make a new one */
3847 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3848 if (!open_devip) {
3849 pr_err("out of memory at line %d\n", __LINE__);
3850 return NULL;
3851 }
3852 }
3853
3854 open_devip->channel = sdev->channel;
3855 open_devip->target = sdev->id;
3856 open_devip->lun = sdev->lun;
3857 open_devip->sdbg_host = sdbg_host;
3858 atomic_set(&open_devip->num_in_q, 0);
3859 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3860 open_devip->used = true;
3861 return open_devip;
3862}
3863
3864static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3865{
3866 if (sdebug_verbose)
3867 pr_info("slave_alloc <%u %u %u %llu>\n",
3868 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3869 return 0;
3870}
3871
3872static int scsi_debug_slave_configure(struct scsi_device *sdp)
3873{
3874 struct sdebug_dev_info *devip =
3875 (struct sdebug_dev_info *)sdp->hostdata;
3876
3877 if (sdebug_verbose)
3878 pr_info("slave_configure <%u %u %u %llu>\n",
3879 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3880 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3881 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3882 if (devip == NULL) {
3883 devip = find_build_dev_info(sdp);
3884 if (devip == NULL)
3885 return 1; /* no resources, will be marked offline */
3886 }
3887 sdp->hostdata = devip;
3888 if (sdebug_no_uld)
3889 sdp->no_uld_attach = 1;
3890 config_cdb_len(sdp);
3891 return 0;
3892}
3893
3894static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3895{
3896 struct sdebug_dev_info *devip =
3897 (struct sdebug_dev_info *)sdp->hostdata;
3898
3899 if (sdebug_verbose)
3900 pr_info("slave_destroy <%u %u %u %llu>\n",
3901 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3902 if (devip) {
3903 /* make this slot available for re-use */
3904 devip->used = false;
3905 sdp->hostdata = NULL;
3906 }
3907}
3908
3909static void stop_qc_helper(struct sdebug_defer *sd_dp,
3910 enum sdeb_defer_type defer_t)
3911{
3912 if (!sd_dp)
3913 return;
3914 if (defer_t == SDEB_DEFER_HRT)
3915 hrtimer_cancel(&sd_dp->hrt);
3916 else if (defer_t == SDEB_DEFER_WQ)
3917 cancel_work_sync(&sd_dp->ew.work);
3918}
3919
3920/* If @cmnd found deletes its timer or work queue and returns true; else
3921 returns false */
3922static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3923{
3924 unsigned long iflags;
3925 int j, k, qmax, r_qmax;
3926 enum sdeb_defer_type l_defer_t;
3927 struct sdebug_queue *sqp;
3928 struct sdebug_queued_cmd *sqcp;
3929 struct sdebug_dev_info *devip;
3930 struct sdebug_defer *sd_dp;
3931
3932 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3933 spin_lock_irqsave(&sqp->qc_lock, iflags);
3934 qmax = sdebug_max_queue;
3935 r_qmax = atomic_read(&retired_max_queue);
3936 if (r_qmax > qmax)
3937 qmax = r_qmax;
3938 for (k = 0; k < qmax; ++k) {
3939 if (test_bit(k, sqp->in_use_bm)) {
3940 sqcp = &sqp->qc_arr[k];
3941 if (cmnd != sqcp->a_cmnd)
3942 continue;
3943 /* found */
3944 devip = (struct sdebug_dev_info *)
3945 cmnd->device->hostdata;
3946 if (devip)
3947 atomic_dec(&devip->num_in_q);
3948 sqcp->a_cmnd = NULL;
3949 sd_dp = sqcp->sd_dp;
3950 if (sd_dp) {
3951 l_defer_t = sd_dp->defer_t;
3952 sd_dp->defer_t = SDEB_DEFER_NONE;
3953 } else
3954 l_defer_t = SDEB_DEFER_NONE;
3955 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3956 stop_qc_helper(sd_dp, l_defer_t);
3957 clear_bit(k, sqp->in_use_bm);
3958 return true;
3959 }
3960 }
3961 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3962 }
3963 return false;
3964}
3965
3966/* Deletes (stops) timers or work queues of all queued commands */
3967static void stop_all_queued(void)
3968{
3969 unsigned long iflags;
3970 int j, k;
3971 enum sdeb_defer_type l_defer_t;
3972 struct sdebug_queue *sqp;
3973 struct sdebug_queued_cmd *sqcp;
3974 struct sdebug_dev_info *devip;
3975 struct sdebug_defer *sd_dp;
3976
3977 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3978 spin_lock_irqsave(&sqp->qc_lock, iflags);
3979 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3980 if (test_bit(k, sqp->in_use_bm)) {
3981 sqcp = &sqp->qc_arr[k];
3982 if (sqcp->a_cmnd == NULL)
3983 continue;
3984 devip = (struct sdebug_dev_info *)
3985 sqcp->a_cmnd->device->hostdata;
3986 if (devip)
3987 atomic_dec(&devip->num_in_q);
3988 sqcp->a_cmnd = NULL;
3989 sd_dp = sqcp->sd_dp;
3990 if (sd_dp) {
3991 l_defer_t = sd_dp->defer_t;
3992 sd_dp->defer_t = SDEB_DEFER_NONE;
3993 } else
3994 l_defer_t = SDEB_DEFER_NONE;
3995 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3996 stop_qc_helper(sd_dp, l_defer_t);
3997 clear_bit(k, sqp->in_use_bm);
3998 spin_lock_irqsave(&sqp->qc_lock, iflags);
3999 }
4000 }
4001 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4002 }
4003}
4004
4005/* Free queued command memory on heap */
4006static void free_all_queued(void)
4007{
4008 int j, k;
4009 struct sdebug_queue *sqp;
4010 struct sdebug_queued_cmd *sqcp;
4011
4012 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4013 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4014 sqcp = &sqp->qc_arr[k];
4015 kfree(sqcp->sd_dp);
4016 sqcp->sd_dp = NULL;
4017 }
4018 }
4019}
4020
4021static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4022{
4023 bool ok;
4024
4025 ++num_aborts;
4026 if (SCpnt) {
4027 ok = stop_queued_cmnd(SCpnt);
4028 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4029 sdev_printk(KERN_INFO, SCpnt->device,
4030 "%s: command%s found\n", __func__,
4031 ok ? "" : " not");
4032 }
4033 return SUCCESS;
4034}
4035
4036static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4037{
4038 ++num_dev_resets;
4039 if (SCpnt && SCpnt->device) {
4040 struct scsi_device *sdp = SCpnt->device;
4041 struct sdebug_dev_info *devip =
4042 (struct sdebug_dev_info *)sdp->hostdata;
4043
4044 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4045 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4046 if (devip)
4047 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4048 }
4049 return SUCCESS;
4050}
4051
4052static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4053{
4054 struct sdebug_host_info *sdbg_host;
4055 struct sdebug_dev_info *devip;
4056 struct scsi_device *sdp;
4057 struct Scsi_Host *hp;
4058 int k = 0;
4059
4060 ++num_target_resets;
4061 if (!SCpnt)
4062 goto lie;
4063 sdp = SCpnt->device;
4064 if (!sdp)
4065 goto lie;
4066 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4067 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4068 hp = sdp->host;
4069 if (!hp)
4070 goto lie;
4071 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4072 if (sdbg_host) {
4073 list_for_each_entry(devip,
4074 &sdbg_host->dev_info_list,
4075 dev_list)
4076 if (devip->target == sdp->id) {
4077 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4078 ++k;
4079 }
4080 }
4081 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4082 sdev_printk(KERN_INFO, sdp,
4083 "%s: %d device(s) found in target\n", __func__, k);
4084lie:
4085 return SUCCESS;
4086}
4087
4088static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4089{
4090 struct sdebug_host_info *sdbg_host;
4091 struct sdebug_dev_info *devip;
4092 struct scsi_device *sdp;
4093 struct Scsi_Host *hp;
4094 int k = 0;
4095
4096 ++num_bus_resets;
4097 if (!(SCpnt && SCpnt->device))
4098 goto lie;
4099 sdp = SCpnt->device;
4100 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4101 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4102 hp = sdp->host;
4103 if (hp) {
4104 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4105 if (sdbg_host) {
4106 list_for_each_entry(devip,
4107 &sdbg_host->dev_info_list,
4108 dev_list) {
4109 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4110 ++k;
4111 }
4112 }
4113 }
4114 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4115 sdev_printk(KERN_INFO, sdp,
4116 "%s: %d device(s) found in host\n", __func__, k);
4117lie:
4118 return SUCCESS;
4119}
4120
4121static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4122{
4123 struct sdebug_host_info *sdbg_host;
4124 struct sdebug_dev_info *devip;
4125 int k = 0;
4126
4127 ++num_host_resets;
4128 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4129 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4130 spin_lock(&sdebug_host_list_lock);
4131 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4132 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4133 dev_list) {
4134 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4135 ++k;
4136 }
4137 }
4138 spin_unlock(&sdebug_host_list_lock);
4139 stop_all_queued();
4140 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4141 sdev_printk(KERN_INFO, SCpnt->device,
4142 "%s: %d device(s) found\n", __func__, k);
4143 return SUCCESS;
4144}
4145
4146static void __init sdebug_build_parts(unsigned char *ramp,
4147 unsigned long store_size)
4148{
4149 struct partition *pp;
4150 int starts[SDEBUG_MAX_PARTS + 2];
4151 int sectors_per_part, num_sectors, k;
4152 int heads_by_sects, start_sec, end_sec;
4153
4154 /* assume partition table already zeroed */
4155 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4156 return;
4157 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4158 sdebug_num_parts = SDEBUG_MAX_PARTS;
4159 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4160 }
4161 num_sectors = (int)sdebug_store_sectors;
4162 sectors_per_part = (num_sectors - sdebug_sectors_per)
4163 / sdebug_num_parts;
4164 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4165 starts[0] = sdebug_sectors_per;
4166 for (k = 1; k < sdebug_num_parts; ++k)
4167 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4168 * heads_by_sects;
4169 starts[sdebug_num_parts] = num_sectors;
4170 starts[sdebug_num_parts + 1] = 0;
4171
4172 ramp[510] = 0x55; /* magic partition markings */
4173 ramp[511] = 0xAA;
4174 pp = (struct partition *)(ramp + 0x1be);
4175 for (k = 0; starts[k + 1]; ++k, ++pp) {
4176 start_sec = starts[k];
4177 end_sec = starts[k + 1] - 1;
4178 pp->boot_ind = 0;
4179
4180 pp->cyl = start_sec / heads_by_sects;
4181 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4182 / sdebug_sectors_per;
4183 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4184
4185 pp->end_cyl = end_sec / heads_by_sects;
4186 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4187 / sdebug_sectors_per;
4188 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4189
4190 pp->start_sect = cpu_to_le32(start_sec);
4191 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4192 pp->sys_ind = 0x83; /* plain Linux partition */
4193 }
4194}
4195
4196static void block_unblock_all_queues(bool block)
4197{
4198 int j;
4199 struct sdebug_queue *sqp;
4200
4201 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4202 atomic_set(&sqp->blocked, (int)block);
4203}
4204
4205/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4206 * commands will be processed normally before triggers occur.
4207 */
4208static void tweak_cmnd_count(void)
4209{
4210 int count, modulo;
4211
4212 modulo = abs(sdebug_every_nth);
4213 if (modulo < 2)
4214 return;
4215 block_unblock_all_queues(true);
4216 count = atomic_read(&sdebug_cmnd_count);
4217 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4218 block_unblock_all_queues(false);
4219}
4220
4221static void clear_queue_stats(void)
4222{
4223 atomic_set(&sdebug_cmnd_count, 0);
4224 atomic_set(&sdebug_completions, 0);
4225 atomic_set(&sdebug_miss_cpus, 0);
4226 atomic_set(&sdebug_a_tsf, 0);
4227}
4228
4229static void setup_inject(struct sdebug_queue *sqp,
4230 struct sdebug_queued_cmd *sqcp)
4231{
4232 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4233 if (sdebug_every_nth > 0)
4234 sqcp->inj_recovered = sqcp->inj_transport
4235 = sqcp->inj_dif
4236 = sqcp->inj_dix = sqcp->inj_short
4237 = sqcp->inj_host_busy = sqcp->inj_cmd_abort = 0;
4238 return;
4239 }
4240 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4241 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4242 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4243 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4244 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4245 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4246 sqcp->inj_cmd_abort = !!(SDEBUG_OPT_CMD_ABORT & sdebug_opts);
4247}
4248
4249/* Complete the processing of the thread that queued a SCSI command to this
4250 * driver. It either completes the command by calling cmnd_done() or
4251 * schedules a hr timer or work queue then returns 0. Returns
4252 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4253 */
4254static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4255 int scsi_result,
4256 int (*pfp)(struct scsi_cmnd *,
4257 struct sdebug_dev_info *),
4258 int delta_jiff, int ndelay)
4259{
4260 unsigned long iflags;
4261 int k, num_in_q, qdepth, inject;
4262 struct sdebug_queue *sqp;
4263 struct sdebug_queued_cmd *sqcp;
4264 struct scsi_device *sdp;
4265 struct sdebug_defer *sd_dp;
4266
4267 if (unlikely(devip == NULL)) {
4268 if (scsi_result == 0)
4269 scsi_result = DID_NO_CONNECT << 16;
4270 goto respond_in_thread;
4271 }
4272 sdp = cmnd->device;
4273
4274 if (delta_jiff == 0)
4275 goto respond_in_thread;
4276
4277 /* schedule the response at a later time if resources permit */
4278 sqp = get_queue(cmnd);
4279 spin_lock_irqsave(&sqp->qc_lock, iflags);
4280 if (unlikely(atomic_read(&sqp->blocked))) {
4281 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4282 return SCSI_MLQUEUE_HOST_BUSY;
4283 }
4284 num_in_q = atomic_read(&devip->num_in_q);
4285 qdepth = cmnd->device->queue_depth;
4286 inject = 0;
4287 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4288 if (scsi_result) {
4289 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4290 goto respond_in_thread;
4291 } else
4292 scsi_result = device_qfull_result;
4293 } else if (unlikely(sdebug_every_nth &&
4294 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4295 (scsi_result == 0))) {
4296 if ((num_in_q == (qdepth - 1)) &&
4297 (atomic_inc_return(&sdebug_a_tsf) >=
4298 abs(sdebug_every_nth))) {
4299 atomic_set(&sdebug_a_tsf, 0);
4300 inject = 1;
4301 scsi_result = device_qfull_result;
4302 }
4303 }
4304
4305 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4306 if (unlikely(k >= sdebug_max_queue)) {
4307 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4308 if (scsi_result)
4309 goto respond_in_thread;
4310 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4311 scsi_result = device_qfull_result;
4312 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4313 sdev_printk(KERN_INFO, sdp,
4314 "%s: max_queue=%d exceeded, %s\n",
4315 __func__, sdebug_max_queue,
4316 (scsi_result ? "status: TASK SET FULL" :
4317 "report: host busy"));
4318 if (scsi_result)
4319 goto respond_in_thread;
4320 else
4321 return SCSI_MLQUEUE_HOST_BUSY;
4322 }
4323 __set_bit(k, sqp->in_use_bm);
4324 atomic_inc(&devip->num_in_q);
4325 sqcp = &sqp->qc_arr[k];
4326 sqcp->a_cmnd = cmnd;
4327 cmnd->host_scribble = (unsigned char *)sqcp;
4328 sd_dp = sqcp->sd_dp;
4329 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4330 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4331 setup_inject(sqp, sqcp);
4332 if (sd_dp == NULL) {
4333 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4334 if (sd_dp == NULL)
4335 return SCSI_MLQUEUE_HOST_BUSY;
4336 }
4337
4338 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4339 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4340 /*
4341 * This is the F_DELAY_OVERR case. No delay.
4342 */
4343 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4344 delta_jiff = ndelay = 0;
4345 }
4346 if (cmnd->result == 0 && scsi_result != 0)
4347 cmnd->result = scsi_result;
4348
4349 if (unlikely(sdebug_verbose && cmnd->result))
4350 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4351 __func__, cmnd->result);
4352
4353 if (delta_jiff > 0 || ndelay > 0) {
4354 ktime_t kt;
4355
4356 if (delta_jiff > 0) {
4357 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4358 } else
4359 kt = ndelay;
4360 if (!sd_dp->init_hrt) {
4361 sd_dp->init_hrt = true;
4362 sqcp->sd_dp = sd_dp;
4363 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4364 HRTIMER_MODE_REL_PINNED);
4365 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4366 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4367 sd_dp->qc_idx = k;
4368 }
4369 if (sdebug_statistics)
4370 sd_dp->issuing_cpu = raw_smp_processor_id();
4371 sd_dp->defer_t = SDEB_DEFER_HRT;
4372 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4373 } else { /* jdelay < 0, use work queue */
4374 if (!sd_dp->init_wq) {
4375 sd_dp->init_wq = true;
4376 sqcp->sd_dp = sd_dp;
4377 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4378 sd_dp->qc_idx = k;
4379 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4380 }
4381 if (sdebug_statistics)
4382 sd_dp->issuing_cpu = raw_smp_processor_id();
4383 sd_dp->defer_t = SDEB_DEFER_WQ;
4384 if (unlikely(sqcp->inj_cmd_abort))
4385 sd_dp->aborted = true;
4386 schedule_work(&sd_dp->ew.work);
4387 if (unlikely(sqcp->inj_cmd_abort)) {
4388 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
4389 cmnd->request->tag);
4390 blk_abort_request(cmnd->request);
4391 }
4392 }
4393 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4394 (scsi_result == device_qfull_result)))
4395 sdev_printk(KERN_INFO, sdp,
4396 "%s: num_in_q=%d +1, %s%s\n", __func__,
4397 num_in_q, (inject ? "<inject> " : ""),
4398 "status: TASK SET FULL");
4399 return 0;
4400
4401respond_in_thread: /* call back to mid-layer using invocation thread */
4402 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4403 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4404 if (cmnd->result == 0 && scsi_result != 0)
4405 cmnd->result = scsi_result;
4406 cmnd->scsi_done(cmnd);
4407 return 0;
4408}
4409
4410/* Note: The following macros create attribute files in the
4411 /sys/module/scsi_debug/parameters directory. Unfortunately this
4412 driver is unaware of a change and cannot trigger auxiliary actions
4413 as it can when the corresponding attribute in the
4414 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4415 */
4416module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4417module_param_named(ato, sdebug_ato, int, S_IRUGO);
4418module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4419module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4420module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4421module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4422module_param_named(dif, sdebug_dif, int, S_IRUGO);
4423module_param_named(dix, sdebug_dix, int, S_IRUGO);
4424module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4425module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4426module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4427module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4428module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4429module_param_string(inq_vendor, sdebug_inq_vendor_id,
4430 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4431module_param_string(inq_product, sdebug_inq_product_id,
4432 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4433module_param_string(inq_rev, sdebug_inq_product_rev,
4434 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4435module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4436module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4437module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4438module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4439module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4440module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4441module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4442module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4443module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4444module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4445module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4446module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4447module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4448module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4449module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4450module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4451module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4452module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4453module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4454module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4455module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4456module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4457module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4458module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4459module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4460module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4461module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4462module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4463module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4464module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4465module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4466module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4467 S_IRUGO | S_IWUSR);
4468module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
4469module_param_named(write_same_length, sdebug_write_same_length, int,
4470 S_IRUGO | S_IWUSR);
4471
4472MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4473MODULE_DESCRIPTION("SCSI debug adapter driver");
4474MODULE_LICENSE("GPL");
4475MODULE_VERSION(SDEBUG_VERSION);
4476
4477MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4478MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4479MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4480MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4481MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4482MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4483MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4484MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4485MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4486MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4487MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4488MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4489MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4490MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4491MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4492MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4493 SDEBUG_VERSION "\")");
4494MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4495MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4496MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4497MODULE_PARM_DESC(lbprz,
4498 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4499MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4500MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4501MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4502MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4503MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4504MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4505MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4506MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4507MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4508MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4509MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4510MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4511MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4512MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4513MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4514MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4515MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4516MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4517MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4518MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4519MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4520MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4521MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4522MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4523MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4524MODULE_PARM_DESC(uuid_ctl,
4525 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4526MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4527MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4528MODULE_PARM_DESC(wp, "Write Protect (def=0)");
4529MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4530
4531#define SDEBUG_INFO_LEN 256
4532static char sdebug_info[SDEBUG_INFO_LEN];
4533
4534static const char *scsi_debug_info(struct Scsi_Host *shp)
4535{
4536 int k;
4537
4538 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4539 my_name, SDEBUG_VERSION, sdebug_version_date);
4540 if (k >= (SDEBUG_INFO_LEN - 1))
4541 return sdebug_info;
4542 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4543 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4544 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4545 "statistics", (int)sdebug_statistics);
4546 return sdebug_info;
4547}
4548
4549/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4550static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4551 int length)
4552{
4553 char arr[16];
4554 int opts;
4555 int minLen = length > 15 ? 15 : length;
4556
4557 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4558 return -EACCES;
4559 memcpy(arr, buffer, minLen);
4560 arr[minLen] = '\0';
4561 if (1 != sscanf(arr, "%d", &opts))
4562 return -EINVAL;
4563 sdebug_opts = opts;
4564 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4565 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4566 if (sdebug_every_nth != 0)
4567 tweak_cmnd_count();
4568 return length;
4569}
4570
4571/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4572 * same for each scsi_debug host (if more than one). Some of the counters
4573 * output are not atomics so might be inaccurate in a busy system. */
4574static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4575{
4576 int f, j, l;
4577 struct sdebug_queue *sqp;
4578
4579 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4580 SDEBUG_VERSION, sdebug_version_date);
4581 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4582 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4583 sdebug_opts, sdebug_every_nth);
4584 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4585 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4586 sdebug_sector_size, "bytes");
4587 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4588 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4589 num_aborts);
4590 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4591 num_dev_resets, num_target_resets, num_bus_resets,
4592 num_host_resets);
4593 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4594 dix_reads, dix_writes, dif_errors);
4595 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4596 sdebug_statistics);
4597 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4598 atomic_read(&sdebug_cmnd_count),
4599 atomic_read(&sdebug_completions),
4600 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4601 atomic_read(&sdebug_a_tsf));
4602
4603 seq_printf(m, "submit_queues=%d\n", submit_queues);
4604 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4605 seq_printf(m, " queue %d:\n", j);
4606 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4607 if (f != sdebug_max_queue) {
4608 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4609 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4610 "first,last bits", f, l);
4611 }
4612 }
4613 return 0;
4614}
4615
4616static ssize_t delay_show(struct device_driver *ddp, char *buf)
4617{
4618 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4619}
4620/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4621 * of delay is jiffies.
4622 */
4623static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4624 size_t count)
4625{
4626 int jdelay, res;
4627
4628 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4629 res = count;
4630 if (sdebug_jdelay != jdelay) {
4631 int j, k;
4632 struct sdebug_queue *sqp;
4633
4634 block_unblock_all_queues(true);
4635 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4636 ++j, ++sqp) {
4637 k = find_first_bit(sqp->in_use_bm,
4638 sdebug_max_queue);
4639 if (k != sdebug_max_queue) {
4640 res = -EBUSY; /* queued commands */
4641 break;
4642 }
4643 }
4644 if (res > 0) {
4645 sdebug_jdelay = jdelay;
4646 sdebug_ndelay = 0;
4647 }
4648 block_unblock_all_queues(false);
4649 }
4650 return res;
4651 }
4652 return -EINVAL;
4653}
4654static DRIVER_ATTR_RW(delay);
4655
4656static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4657{
4658 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4659}
4660/* Returns -EBUSY if ndelay is being changed and commands are queued */
4661/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4662static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4663 size_t count)
4664{
4665 int ndelay, res;
4666
4667 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4668 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4669 res = count;
4670 if (sdebug_ndelay != ndelay) {
4671 int j, k;
4672 struct sdebug_queue *sqp;
4673
4674 block_unblock_all_queues(true);
4675 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4676 ++j, ++sqp) {
4677 k = find_first_bit(sqp->in_use_bm,
4678 sdebug_max_queue);
4679 if (k != sdebug_max_queue) {
4680 res = -EBUSY; /* queued commands */
4681 break;
4682 }
4683 }
4684 if (res > 0) {
4685 sdebug_ndelay = ndelay;
4686 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4687 : DEF_JDELAY;
4688 }
4689 block_unblock_all_queues(false);
4690 }
4691 return res;
4692 }
4693 return -EINVAL;
4694}
4695static DRIVER_ATTR_RW(ndelay);
4696
4697static ssize_t opts_show(struct device_driver *ddp, char *buf)
4698{
4699 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4700}
4701
4702static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4703 size_t count)
4704{
4705 int opts;
4706 char work[20];
4707
4708 if (sscanf(buf, "%10s", work) == 1) {
4709 if (strncasecmp(work, "0x", 2) == 0) {
4710 if (kstrtoint(work + 2, 16, &opts) == 0)
4711 goto opts_done;
4712 } else {
4713 if (kstrtoint(work, 10, &opts) == 0)
4714 goto opts_done;
4715 }
4716 }
4717 return -EINVAL;
4718opts_done:
4719 sdebug_opts = opts;
4720 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4721 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4722 tweak_cmnd_count();
4723 return count;
4724}
4725static DRIVER_ATTR_RW(opts);
4726
4727static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4728{
4729 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4730}
4731static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4732 size_t count)
4733{
4734 int n;
4735
4736 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4737 sdebug_ptype = n;
4738 return count;
4739 }
4740 return -EINVAL;
4741}
4742static DRIVER_ATTR_RW(ptype);
4743
4744static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4745{
4746 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4747}
4748static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4749 size_t count)
4750{
4751 int n;
4752
4753 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4754 sdebug_dsense = n;
4755 return count;
4756 }
4757 return -EINVAL;
4758}
4759static DRIVER_ATTR_RW(dsense);
4760
4761static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4762{
4763 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4764}
4765static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4766 size_t count)
4767{
4768 int n;
4769
4770 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4771 n = (n > 0);
4772 sdebug_fake_rw = (sdebug_fake_rw > 0);
4773 if (sdebug_fake_rw != n) {
4774 if ((0 == n) && (NULL == fake_storep)) {
4775 unsigned long sz =
4776 (unsigned long)sdebug_dev_size_mb *
4777 1048576;
4778
4779 fake_storep = vzalloc(sz);
4780 if (NULL == fake_storep) {
4781 pr_err("out of memory, 9\n");
4782 return -ENOMEM;
4783 }
4784 }
4785 sdebug_fake_rw = n;
4786 }
4787 return count;
4788 }
4789 return -EINVAL;
4790}
4791static DRIVER_ATTR_RW(fake_rw);
4792
4793static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4794{
4795 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4796}
4797static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4798 size_t count)
4799{
4800 int n;
4801
4802 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4803 sdebug_no_lun_0 = n;
4804 return count;
4805 }
4806 return -EINVAL;
4807}
4808static DRIVER_ATTR_RW(no_lun_0);
4809
4810static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4811{
4812 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4813}
4814static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4815 size_t count)
4816{
4817 int n;
4818
4819 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4820 sdebug_num_tgts = n;
4821 sdebug_max_tgts_luns();
4822 return count;
4823 }
4824 return -EINVAL;
4825}
4826static DRIVER_ATTR_RW(num_tgts);
4827
4828static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4829{
4830 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4831}
4832static DRIVER_ATTR_RO(dev_size_mb);
4833
4834static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4835{
4836 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4837}
4838static DRIVER_ATTR_RO(num_parts);
4839
4840static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4841{
4842 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4843}
4844static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4845 size_t count)
4846{
4847 int nth;
4848
4849 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4850 sdebug_every_nth = nth;
4851 if (nth && !sdebug_statistics) {
4852 pr_info("every_nth needs statistics=1, set it\n");
4853 sdebug_statistics = true;
4854 }
4855 tweak_cmnd_count();
4856 return count;
4857 }
4858 return -EINVAL;
4859}
4860static DRIVER_ATTR_RW(every_nth);
4861
4862static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4863{
4864 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4865}
4866static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4867 size_t count)
4868{
4869 int n;
4870 bool changed;
4871
4872 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4873 if (n > 256) {
4874 pr_warn("max_luns can be no more than 256\n");
4875 return -EINVAL;
4876 }
4877 changed = (sdebug_max_luns != n);
4878 sdebug_max_luns = n;
4879 sdebug_max_tgts_luns();
4880 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4881 struct sdebug_host_info *sdhp;
4882 struct sdebug_dev_info *dp;
4883
4884 spin_lock(&sdebug_host_list_lock);
4885 list_for_each_entry(sdhp, &sdebug_host_list,
4886 host_list) {
4887 list_for_each_entry(dp, &sdhp->dev_info_list,
4888 dev_list) {
4889 set_bit(SDEBUG_UA_LUNS_CHANGED,
4890 dp->uas_bm);
4891 }
4892 }
4893 spin_unlock(&sdebug_host_list_lock);
4894 }
4895 return count;
4896 }
4897 return -EINVAL;
4898}
4899static DRIVER_ATTR_RW(max_luns);
4900
4901static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4902{
4903 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4904}
4905/* N.B. max_queue can be changed while there are queued commands. In flight
4906 * commands beyond the new max_queue will be completed. */
4907static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4908 size_t count)
4909{
4910 int j, n, k, a;
4911 struct sdebug_queue *sqp;
4912
4913 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4914 (n <= SDEBUG_CANQUEUE)) {
4915 block_unblock_all_queues(true);
4916 k = 0;
4917 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4918 ++j, ++sqp) {
4919 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4920 if (a > k)
4921 k = a;
4922 }
4923 sdebug_max_queue = n;
4924 if (k == SDEBUG_CANQUEUE)
4925 atomic_set(&retired_max_queue, 0);
4926 else if (k >= n)
4927 atomic_set(&retired_max_queue, k + 1);
4928 else
4929 atomic_set(&retired_max_queue, 0);
4930 block_unblock_all_queues(false);
4931 return count;
4932 }
4933 return -EINVAL;
4934}
4935static DRIVER_ATTR_RW(max_queue);
4936
4937static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4938{
4939 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4940}
4941static DRIVER_ATTR_RO(no_uld);
4942
4943static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4944{
4945 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4946}
4947static DRIVER_ATTR_RO(scsi_level);
4948
4949static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4950{
4951 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4952}
4953static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4954 size_t count)
4955{
4956 int n;
4957 bool changed;
4958
4959 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4960 changed = (sdebug_virtual_gb != n);
4961 sdebug_virtual_gb = n;
4962 sdebug_capacity = get_sdebug_capacity();
4963 if (changed) {
4964 struct sdebug_host_info *sdhp;
4965 struct sdebug_dev_info *dp;
4966
4967 spin_lock(&sdebug_host_list_lock);
4968 list_for_each_entry(sdhp, &sdebug_host_list,
4969 host_list) {
4970 list_for_each_entry(dp, &sdhp->dev_info_list,
4971 dev_list) {
4972 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4973 dp->uas_bm);
4974 }
4975 }
4976 spin_unlock(&sdebug_host_list_lock);
4977 }
4978 return count;
4979 }
4980 return -EINVAL;
4981}
4982static DRIVER_ATTR_RW(virtual_gb);
4983
4984static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4985{
4986 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4987}
4988
4989static int sdebug_add_adapter(void);
4990static void sdebug_remove_adapter(void);
4991
4992static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4993 size_t count)
4994{
4995 int delta_hosts;
4996
4997 if (sscanf(buf, "%d", &delta_hosts) != 1)
4998 return -EINVAL;
4999 if (delta_hosts > 0) {
5000 do {
5001 sdebug_add_adapter();
5002 } while (--delta_hosts);
5003 } else if (delta_hosts < 0) {
5004 do {
5005 sdebug_remove_adapter();
5006 } while (++delta_hosts);
5007 }
5008 return count;
5009}
5010static DRIVER_ATTR_RW(add_host);
5011
5012static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5013{
5014 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5015}
5016static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5017 size_t count)
5018{
5019 int n;
5020
5021 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5022 sdebug_vpd_use_hostno = n;
5023 return count;
5024 }
5025 return -EINVAL;
5026}
5027static DRIVER_ATTR_RW(vpd_use_hostno);
5028
5029static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5030{
5031 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5032}
5033static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5034 size_t count)
5035{
5036 int n;
5037
5038 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5039 if (n > 0)
5040 sdebug_statistics = true;
5041 else {
5042 clear_queue_stats();
5043 sdebug_statistics = false;
5044 }
5045 return count;
5046 }
5047 return -EINVAL;
5048}
5049static DRIVER_ATTR_RW(statistics);
5050
5051static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5052{
5053 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5054}
5055static DRIVER_ATTR_RO(sector_size);
5056
5057static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5058{
5059 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5060}
5061static DRIVER_ATTR_RO(submit_queues);
5062
5063static ssize_t dix_show(struct device_driver *ddp, char *buf)
5064{
5065 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5066}
5067static DRIVER_ATTR_RO(dix);
5068
5069static ssize_t dif_show(struct device_driver *ddp, char *buf)
5070{
5071 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5072}
5073static DRIVER_ATTR_RO(dif);
5074
5075static ssize_t guard_show(struct device_driver *ddp, char *buf)
5076{
5077 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5078}
5079static DRIVER_ATTR_RO(guard);
5080
5081static ssize_t ato_show(struct device_driver *ddp, char *buf)
5082{
5083 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5084}
5085static DRIVER_ATTR_RO(ato);
5086
5087static ssize_t map_show(struct device_driver *ddp, char *buf)
5088{
5089 ssize_t count;
5090
5091 if (!scsi_debug_lbp())
5092 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5093 sdebug_store_sectors);
5094
5095 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5096 (int)map_size, map_storep);
5097 buf[count++] = '\n';
5098 buf[count] = '\0';
5099
5100 return count;
5101}
5102static DRIVER_ATTR_RO(map);
5103
5104static ssize_t removable_show(struct device_driver *ddp, char *buf)
5105{
5106 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5107}
5108static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5109 size_t count)
5110{
5111 int n;
5112
5113 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5114 sdebug_removable = (n > 0);
5115 return count;
5116 }
5117 return -EINVAL;
5118}
5119static DRIVER_ATTR_RW(removable);
5120
5121static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5122{
5123 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5124}
5125/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5126static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5127 size_t count)
5128{
5129 int n;
5130
5131 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5132 sdebug_host_lock = (n > 0);
5133 return count;
5134 }
5135 return -EINVAL;
5136}
5137static DRIVER_ATTR_RW(host_lock);
5138
5139static ssize_t strict_show(struct device_driver *ddp, char *buf)
5140{
5141 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5142}
5143static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5144 size_t count)
5145{
5146 int n;
5147
5148 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5149 sdebug_strict = (n > 0);
5150 return count;
5151 }
5152 return -EINVAL;
5153}
5154static DRIVER_ATTR_RW(strict);
5155
5156static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5157{
5158 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5159}
5160static DRIVER_ATTR_RO(uuid_ctl);
5161
5162static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5163{
5164 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5165}
5166static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5167 size_t count)
5168{
5169 int ret, n;
5170
5171 ret = kstrtoint(buf, 0, &n);
5172 if (ret)
5173 return ret;
5174 sdebug_cdb_len = n;
5175 all_config_cdb_len();
5176 return count;
5177}
5178static DRIVER_ATTR_RW(cdb_len);
5179
5180
5181/* Note: The following array creates attribute files in the
5182 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5183 files (over those found in the /sys/module/scsi_debug/parameters
5184 directory) is that auxiliary actions can be triggered when an attribute
5185 is changed. For example see: sdebug_add_host_store() above.
5186 */
5187
5188static struct attribute *sdebug_drv_attrs[] = {
5189 &driver_attr_delay.attr,
5190 &driver_attr_opts.attr,
5191 &driver_attr_ptype.attr,
5192 &driver_attr_dsense.attr,
5193 &driver_attr_fake_rw.attr,
5194 &driver_attr_no_lun_0.attr,
5195 &driver_attr_num_tgts.attr,
5196 &driver_attr_dev_size_mb.attr,
5197 &driver_attr_num_parts.attr,
5198 &driver_attr_every_nth.attr,
5199 &driver_attr_max_luns.attr,
5200 &driver_attr_max_queue.attr,
5201 &driver_attr_no_uld.attr,
5202 &driver_attr_scsi_level.attr,
5203 &driver_attr_virtual_gb.attr,
5204 &driver_attr_add_host.attr,
5205 &driver_attr_vpd_use_hostno.attr,
5206 &driver_attr_sector_size.attr,
5207 &driver_attr_statistics.attr,
5208 &driver_attr_submit_queues.attr,
5209 &driver_attr_dix.attr,
5210 &driver_attr_dif.attr,
5211 &driver_attr_guard.attr,
5212 &driver_attr_ato.attr,
5213 &driver_attr_map.attr,
5214 &driver_attr_removable.attr,
5215 &driver_attr_host_lock.attr,
5216 &driver_attr_ndelay.attr,
5217 &driver_attr_strict.attr,
5218 &driver_attr_uuid_ctl.attr,
5219 &driver_attr_cdb_len.attr,
5220 NULL,
5221};
5222ATTRIBUTE_GROUPS(sdebug_drv);
5223
5224static struct device *pseudo_primary;
5225
5226static int __init scsi_debug_init(void)
5227{
5228 unsigned long sz;
5229 int host_to_add;
5230 int k;
5231 int ret;
5232
5233 atomic_set(&retired_max_queue, 0);
5234
5235 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5236 pr_warn("ndelay must be less than 1 second, ignored\n");
5237 sdebug_ndelay = 0;
5238 } else if (sdebug_ndelay > 0)
5239 sdebug_jdelay = JDELAY_OVERRIDDEN;
5240
5241 switch (sdebug_sector_size) {
5242 case 512:
5243 case 1024:
5244 case 2048:
5245 case 4096:
5246 break;
5247 default:
5248 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5249 return -EINVAL;
5250 }
5251
5252 switch (sdebug_dif) {
5253 case T10_PI_TYPE0_PROTECTION:
5254 break;
5255 case T10_PI_TYPE1_PROTECTION:
5256 case T10_PI_TYPE2_PROTECTION:
5257 case T10_PI_TYPE3_PROTECTION:
5258 have_dif_prot = true;
5259 break;
5260
5261 default:
5262 pr_err("dif must be 0, 1, 2 or 3\n");
5263 return -EINVAL;
5264 }
5265
5266 if (sdebug_guard > 1) {
5267 pr_err("guard must be 0 or 1\n");
5268 return -EINVAL;
5269 }
5270
5271 if (sdebug_ato > 1) {
5272 pr_err("ato must be 0 or 1\n");
5273 return -EINVAL;
5274 }
5275
5276 if (sdebug_physblk_exp > 15) {
5277 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5278 return -EINVAL;
5279 }
5280 if (sdebug_max_luns > 256) {
5281 pr_warn("max_luns can be no more than 256, use default\n");
5282 sdebug_max_luns = DEF_MAX_LUNS;
5283 }
5284
5285 if (sdebug_lowest_aligned > 0x3fff) {
5286 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5287 return -EINVAL;
5288 }
5289
5290 if (submit_queues < 1) {
5291 pr_err("submit_queues must be 1 or more\n");
5292 return -EINVAL;
5293 }
5294 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5295 GFP_KERNEL);
5296 if (sdebug_q_arr == NULL)
5297 return -ENOMEM;
5298 for (k = 0; k < submit_queues; ++k)
5299 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5300
5301 if (sdebug_dev_size_mb < 1)
5302 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5303 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5304 sdebug_store_sectors = sz / sdebug_sector_size;
5305 sdebug_capacity = get_sdebug_capacity();
5306
5307 /* play around with geometry, don't waste too much on track 0 */
5308 sdebug_heads = 8;
5309 sdebug_sectors_per = 32;
5310 if (sdebug_dev_size_mb >= 256)
5311 sdebug_heads = 64;
5312 else if (sdebug_dev_size_mb >= 16)
5313 sdebug_heads = 32;
5314 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5315 (sdebug_sectors_per * sdebug_heads);
5316 if (sdebug_cylinders_per >= 1024) {
5317 /* other LLDs do this; implies >= 1GB ram disk ... */
5318 sdebug_heads = 255;
5319 sdebug_sectors_per = 63;
5320 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5321 (sdebug_sectors_per * sdebug_heads);
5322 }
5323
5324 if (sdebug_fake_rw == 0) {
5325 fake_storep = vzalloc(sz);
5326 if (NULL == fake_storep) {
5327 pr_err("out of memory, 1\n");
5328 ret = -ENOMEM;
5329 goto free_q_arr;
5330 }
5331 if (sdebug_num_parts > 0)
5332 sdebug_build_parts(fake_storep, sz);
5333 }
5334
5335 if (sdebug_dix) {
5336 int dif_size;
5337
5338 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5339 dif_storep = vmalloc(dif_size);
5340
5341 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5342
5343 if (dif_storep == NULL) {
5344 pr_err("out of mem. (DIX)\n");
5345 ret = -ENOMEM;
5346 goto free_vm;
5347 }
5348
5349 memset(dif_storep, 0xff, dif_size);
5350 }
5351
5352 /* Logical Block Provisioning */
5353 if (scsi_debug_lbp()) {
5354 sdebug_unmap_max_blocks =
5355 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5356
5357 sdebug_unmap_max_desc =
5358 clamp(sdebug_unmap_max_desc, 0U, 256U);
5359
5360 sdebug_unmap_granularity =
5361 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5362
5363 if (sdebug_unmap_alignment &&
5364 sdebug_unmap_granularity <=
5365 sdebug_unmap_alignment) {
5366 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5367 ret = -EINVAL;
5368 goto free_vm;
5369 }
5370
5371 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5372 map_storep = vmalloc(array_size(sizeof(long),
5373 BITS_TO_LONGS(map_size)));
5374
5375 pr_info("%lu provisioning blocks\n", map_size);
5376
5377 if (map_storep == NULL) {
5378 pr_err("out of mem. (MAP)\n");
5379 ret = -ENOMEM;
5380 goto free_vm;
5381 }
5382
5383 bitmap_zero(map_storep, map_size);
5384
5385 /* Map first 1KB for partition table */
5386 if (sdebug_num_parts)
5387 map_region(0, 2);
5388 }
5389
5390 pseudo_primary = root_device_register("pseudo_0");
5391 if (IS_ERR(pseudo_primary)) {
5392 pr_warn("root_device_register() error\n");
5393 ret = PTR_ERR(pseudo_primary);
5394 goto free_vm;
5395 }
5396 ret = bus_register(&pseudo_lld_bus);
5397 if (ret < 0) {
5398 pr_warn("bus_register error: %d\n", ret);
5399 goto dev_unreg;
5400 }
5401 ret = driver_register(&sdebug_driverfs_driver);
5402 if (ret < 0) {
5403 pr_warn("driver_register error: %d\n", ret);
5404 goto bus_unreg;
5405 }
5406
5407 host_to_add = sdebug_add_host;
5408 sdebug_add_host = 0;
5409
5410 for (k = 0; k < host_to_add; k++) {
5411 if (sdebug_add_adapter()) {
5412 pr_err("sdebug_add_adapter failed k=%d\n", k);
5413 break;
5414 }
5415 }
5416
5417 if (sdebug_verbose)
5418 pr_info("built %d host(s)\n", sdebug_add_host);
5419
5420 return 0;
5421
5422bus_unreg:
5423 bus_unregister(&pseudo_lld_bus);
5424dev_unreg:
5425 root_device_unregister(pseudo_primary);
5426free_vm:
5427 vfree(map_storep);
5428 vfree(dif_storep);
5429 vfree(fake_storep);
5430free_q_arr:
5431 kfree(sdebug_q_arr);
5432 return ret;
5433}
5434
5435static void __exit scsi_debug_exit(void)
5436{
5437 int k = sdebug_add_host;
5438
5439 stop_all_queued();
5440 for (; k; k--)
5441 sdebug_remove_adapter();
5442 free_all_queued();
5443 driver_unregister(&sdebug_driverfs_driver);
5444 bus_unregister(&pseudo_lld_bus);
5445 root_device_unregister(pseudo_primary);
5446
5447 vfree(map_storep);
5448 vfree(dif_storep);
5449 vfree(fake_storep);
5450 kfree(sdebug_q_arr);
5451}
5452
5453device_initcall(scsi_debug_init);
5454module_exit(scsi_debug_exit);
5455
5456static void sdebug_release_adapter(struct device *dev)
5457{
5458 struct sdebug_host_info *sdbg_host;
5459
5460 sdbg_host = to_sdebug_host(dev);
5461 kfree(sdbg_host);
5462}
5463
5464static int sdebug_add_adapter(void)
5465{
5466 int k, devs_per_host;
5467 int error = 0;
5468 struct sdebug_host_info *sdbg_host;
5469 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5470
5471 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5472 if (sdbg_host == NULL) {
5473 pr_err("out of memory at line %d\n", __LINE__);
5474 return -ENOMEM;
5475 }
5476
5477 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5478
5479 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5480 for (k = 0; k < devs_per_host; k++) {
5481 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5482 if (!sdbg_devinfo) {
5483 pr_err("out of memory at line %d\n", __LINE__);
5484 error = -ENOMEM;
5485 goto clean;
5486 }
5487 }
5488
5489 spin_lock(&sdebug_host_list_lock);
5490 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5491 spin_unlock(&sdebug_host_list_lock);
5492
5493 sdbg_host->dev.bus = &pseudo_lld_bus;
5494 sdbg_host->dev.parent = pseudo_primary;
5495 sdbg_host->dev.release = &sdebug_release_adapter;
5496 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5497
5498 error = device_register(&sdbg_host->dev);
5499
5500 if (error)
5501 goto clean;
5502
5503 ++sdebug_add_host;
5504 return error;
5505
5506clean:
5507 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5508 dev_list) {
5509 list_del(&sdbg_devinfo->dev_list);
5510 kfree(sdbg_devinfo);
5511 }
5512
5513 kfree(sdbg_host);
5514 return error;
5515}
5516
5517static void sdebug_remove_adapter(void)
5518{
5519 struct sdebug_host_info *sdbg_host = NULL;
5520
5521 spin_lock(&sdebug_host_list_lock);
5522 if (!list_empty(&sdebug_host_list)) {
5523 sdbg_host = list_entry(sdebug_host_list.prev,
5524 struct sdebug_host_info, host_list);
5525 list_del(&sdbg_host->host_list);
5526 }
5527 spin_unlock(&sdebug_host_list_lock);
5528
5529 if (!sdbg_host)
5530 return;
5531
5532 device_unregister(&sdbg_host->dev);
5533 --sdebug_add_host;
5534}
5535
5536static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5537{
5538 int num_in_q = 0;
5539 struct sdebug_dev_info *devip;
5540
5541 block_unblock_all_queues(true);
5542 devip = (struct sdebug_dev_info *)sdev->hostdata;
5543 if (NULL == devip) {
5544 block_unblock_all_queues(false);
5545 return -ENODEV;
5546 }
5547 num_in_q = atomic_read(&devip->num_in_q);
5548
5549 if (qdepth < 1)
5550 qdepth = 1;
5551 /* allow to exceed max host qc_arr elements for testing */
5552 if (qdepth > SDEBUG_CANQUEUE + 10)
5553 qdepth = SDEBUG_CANQUEUE + 10;
5554 scsi_change_queue_depth(sdev, qdepth);
5555
5556 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5557 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5558 __func__, qdepth, num_in_q);
5559 }
5560 block_unblock_all_queues(false);
5561 return sdev->queue_depth;
5562}
5563
5564static bool fake_timeout(struct scsi_cmnd *scp)
5565{
5566 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5567 if (sdebug_every_nth < -1)
5568 sdebug_every_nth = -1;
5569 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5570 return true; /* ignore command causing timeout */
5571 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5572 scsi_medium_access_command(scp))
5573 return true; /* time out reads and writes */
5574 }
5575 return false;
5576}
5577
5578static bool fake_host_busy(struct scsi_cmnd *scp)
5579{
5580 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5581 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5582}
5583
5584static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5585 struct scsi_cmnd *scp)
5586{
5587 u8 sdeb_i;
5588 struct scsi_device *sdp = scp->device;
5589 const struct opcode_info_t *oip;
5590 const struct opcode_info_t *r_oip;
5591 struct sdebug_dev_info *devip;
5592 u8 *cmd = scp->cmnd;
5593 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5594 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5595 int k, na;
5596 int errsts = 0;
5597 u32 flags;
5598 u16 sa;
5599 u8 opcode = cmd[0];
5600 bool has_wlun_rl;
5601
5602 scsi_set_resid(scp, 0);
5603 if (sdebug_statistics)
5604 atomic_inc(&sdebug_cmnd_count);
5605 if (unlikely(sdebug_verbose &&
5606 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5607 char b[120];
5608 int n, len, sb;
5609
5610 len = scp->cmd_len;
5611 sb = (int)sizeof(b);
5612 if (len > 32)
5613 strcpy(b, "too long, over 32 bytes");
5614 else {
5615 for (k = 0, n = 0; k < len && n < sb; ++k)
5616 n += scnprintf(b + n, sb - n, "%02x ",
5617 (u32)cmd[k]);
5618 }
5619 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5620 blk_mq_unique_tag(scp->request), b);
5621 }
5622 if (fake_host_busy(scp))
5623 return SCSI_MLQUEUE_HOST_BUSY;
5624 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5625 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5626 goto err_out;
5627
5628 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5629 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5630 devip = (struct sdebug_dev_info *)sdp->hostdata;
5631 if (unlikely(!devip)) {
5632 devip = find_build_dev_info(sdp);
5633 if (NULL == devip)
5634 goto err_out;
5635 }
5636 na = oip->num_attached;
5637 r_pfp = oip->pfp;
5638 if (na) { /* multiple commands with this opcode */
5639 r_oip = oip;
5640 if (FF_SA & r_oip->flags) {
5641 if (F_SA_LOW & oip->flags)
5642 sa = 0x1f & cmd[1];
5643 else
5644 sa = get_unaligned_be16(cmd + 8);
5645 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5646 if (opcode == oip->opcode && sa == oip->sa)
5647 break;
5648 }
5649 } else { /* since no service action only check opcode */
5650 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5651 if (opcode == oip->opcode)
5652 break;
5653 }
5654 }
5655 if (k > na) {
5656 if (F_SA_LOW & r_oip->flags)
5657 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5658 else if (F_SA_HIGH & r_oip->flags)
5659 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5660 else
5661 mk_sense_invalid_opcode(scp);
5662 goto check_cond;
5663 }
5664 } /* else (when na==0) we assume the oip is a match */
5665 flags = oip->flags;
5666 if (unlikely(F_INV_OP & flags)) {
5667 mk_sense_invalid_opcode(scp);
5668 goto check_cond;
5669 }
5670 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5671 if (sdebug_verbose)
5672 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5673 my_name, opcode, " supported for wlun");
5674 mk_sense_invalid_opcode(scp);
5675 goto check_cond;
5676 }
5677 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5678 u8 rem;
5679 int j;
5680
5681 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5682 rem = ~oip->len_mask[k] & cmd[k];
5683 if (rem) {
5684 for (j = 7; j >= 0; --j, rem <<= 1) {
5685 if (0x80 & rem)
5686 break;
5687 }
5688 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5689 goto check_cond;
5690 }
5691 }
5692 }
5693 if (unlikely(!(F_SKIP_UA & flags) &&
5694 find_first_bit(devip->uas_bm,
5695 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5696 errsts = make_ua(scp, devip);
5697 if (errsts)
5698 goto check_cond;
5699 }
5700 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5701 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5702 if (sdebug_verbose)
5703 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5704 "%s\n", my_name, "initializing command "
5705 "required");
5706 errsts = check_condition_result;
5707 goto fini;
5708 }
5709 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5710 goto fini;
5711 if (unlikely(sdebug_every_nth)) {
5712 if (fake_timeout(scp))
5713 return 0; /* ignore command: make trouble */
5714 }
5715 if (likely(oip->pfp))
5716 pfp = oip->pfp; /* calls a resp_* function */
5717 else
5718 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5719
5720fini:
5721 if (F_DELAY_OVERR & flags)
5722 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5723 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
5724 sdebug_ndelay > 10000)) {
5725 /*
5726 * Skip long delays if ndelay <= 10 microseconds. Otherwise
5727 * for Start Stop Unit (SSU) want at least 1 second delay and
5728 * if sdebug_jdelay>1 want a long delay of that many seconds.
5729 * For Synchronize Cache want 1/20 of SSU's delay.
5730 */
5731 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5732 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5733
5734 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5735 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5736 } else
5737 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5738 sdebug_ndelay);
5739check_cond:
5740 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5741err_out:
5742 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5743}
5744
5745static struct scsi_host_template sdebug_driver_template = {
5746 .show_info = scsi_debug_show_info,
5747 .write_info = scsi_debug_write_info,
5748 .proc_name = sdebug_proc_name,
5749 .name = "SCSI DEBUG",
5750 .info = scsi_debug_info,
5751 .slave_alloc = scsi_debug_slave_alloc,
5752 .slave_configure = scsi_debug_slave_configure,
5753 .slave_destroy = scsi_debug_slave_destroy,
5754 .ioctl = scsi_debug_ioctl,
5755 .queuecommand = scsi_debug_queuecommand,
5756 .change_queue_depth = sdebug_change_qdepth,
5757 .eh_abort_handler = scsi_debug_abort,
5758 .eh_device_reset_handler = scsi_debug_device_reset,
5759 .eh_target_reset_handler = scsi_debug_target_reset,
5760 .eh_bus_reset_handler = scsi_debug_bus_reset,
5761 .eh_host_reset_handler = scsi_debug_host_reset,
5762 .can_queue = SDEBUG_CANQUEUE,
5763 .this_id = 7,
5764 .sg_tablesize = SG_MAX_SEGMENTS,
5765 .cmd_per_lun = DEF_CMD_PER_LUN,
5766 .max_sectors = -1U,
5767 .max_segment_size = -1U,
5768 .module = THIS_MODULE,
5769 .track_queue_depth = 1,
5770};
5771
5772static int sdebug_driver_probe(struct device *dev)
5773{
5774 int error = 0;
5775 struct sdebug_host_info *sdbg_host;
5776 struct Scsi_Host *hpnt;
5777 int hprot;
5778
5779 sdbg_host = to_sdebug_host(dev);
5780
5781 sdebug_driver_template.can_queue = sdebug_max_queue;
5782 if (!sdebug_clustering)
5783 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
5784
5785 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5786 if (NULL == hpnt) {
5787 pr_err("scsi_host_alloc failed\n");
5788 error = -ENODEV;
5789 return error;
5790 }
5791 if (submit_queues > nr_cpu_ids) {
5792 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5793 my_name, submit_queues, nr_cpu_ids);
5794 submit_queues = nr_cpu_ids;
5795 }
5796 /* Decide whether to tell scsi subsystem that we want mq */
5797 /* Following should give the same answer for each host */
5798 hpnt->nr_hw_queues = submit_queues;
5799
5800 sdbg_host->shost = hpnt;
5801 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5802 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5803 hpnt->max_id = sdebug_num_tgts + 1;
5804 else
5805 hpnt->max_id = sdebug_num_tgts;
5806 /* = sdebug_max_luns; */
5807 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5808
5809 hprot = 0;
5810
5811 switch (sdebug_dif) {
5812
5813 case T10_PI_TYPE1_PROTECTION:
5814 hprot = SHOST_DIF_TYPE1_PROTECTION;
5815 if (sdebug_dix)
5816 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5817 break;
5818
5819 case T10_PI_TYPE2_PROTECTION:
5820 hprot = SHOST_DIF_TYPE2_PROTECTION;
5821 if (sdebug_dix)
5822 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5823 break;
5824
5825 case T10_PI_TYPE3_PROTECTION:
5826 hprot = SHOST_DIF_TYPE3_PROTECTION;
5827 if (sdebug_dix)
5828 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5829 break;
5830
5831 default:
5832 if (sdebug_dix)
5833 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5834 break;
5835 }
5836
5837 scsi_host_set_prot(hpnt, hprot);
5838
5839 if (have_dif_prot || sdebug_dix)
5840 pr_info("host protection%s%s%s%s%s%s%s\n",
5841 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5842 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5843 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5844 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5845 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5846 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5847 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5848
5849 if (sdebug_guard == 1)
5850 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5851 else
5852 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5853
5854 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5855 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5856 if (sdebug_every_nth) /* need stats counters for every_nth */
5857 sdebug_statistics = true;
5858 error = scsi_add_host(hpnt, &sdbg_host->dev);
5859 if (error) {
5860 pr_err("scsi_add_host failed\n");
5861 error = -ENODEV;
5862 scsi_host_put(hpnt);
5863 } else
5864 scsi_scan_host(hpnt);
5865
5866 return error;
5867}
5868
5869static int sdebug_driver_remove(struct device *dev)
5870{
5871 struct sdebug_host_info *sdbg_host;
5872 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5873
5874 sdbg_host = to_sdebug_host(dev);
5875
5876 if (!sdbg_host) {
5877 pr_err("Unable to locate host info\n");
5878 return -ENODEV;
5879 }
5880
5881 scsi_remove_host(sdbg_host->shost);
5882
5883 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5884 dev_list) {
5885 list_del(&sdbg_devinfo->dev_list);
5886 kfree(sdbg_devinfo);
5887 }
5888
5889 scsi_host_put(sdbg_host->shost);
5890 return 0;
5891}
5892
5893static int pseudo_lld_bus_match(struct device *dev,
5894 struct device_driver *dev_driver)
5895{
5896 return 1;
5897}
5898
5899static struct bus_type pseudo_lld_bus = {
5900 .name = "pseudo",
5901 .match = pseudo_lld_bus_match,
5902 .probe = sdebug_driver_probe,
5903 .remove = sdebug_driver_remove,
5904 .drv_groups = sdebug_drv_groups,
5905};